def repository_update(self, name=None, **kwargs):
new_name = kwargs.get('new_name')
repository = Repository.own(request).filter(
Repository.name == name).one()
if not repository:
return O.error("Cannot find repo")
enabled = kwargs.get("enabled")
if enabled and enabled in ['1', 'true', 'True']:
repository.enabled = True
elif not repository.editable(request):
return O.error(msg="Cannot edit this repo")
elif new_name:
repository.name = new_name
private = kwargs.get('private')
if private:
private = private not in ['0', 'false', 'False']
repository.private = private
if repository.type != 'cloudrunner':
if kwargs.get('user'):
repository.credentials.auth_user = kwargs.get('user')
if kwargs.get('pass'):
if kwargs['pass'] == '---empty---':
repository.credentials.auth_pass = ""
else:
repository.credentials.auth_pass = kwargs.get('pass')
if kwargs.get('args'):
if kwargs['args'] == '---empty---':
repository.credentials.auth_args = ""
else:
repository.credentials.auth_args = kwargs.get('args')
request.db.add(repository)
def activate(self, **kwargs):
if request.method != "POST":
return O.none()
if not kwargs:
kwargs = request.json
username = kwargs['user']
key = kwargs['code']
user = request.db.query(User).join(Org, ApiKey).filter(
User.username == username,
ApiKey.value == key, ApiKey.enabled == True).first() # noqa
if not user:
user = request.db.query(User).join(Org, ApiKey).filter(
User.username == username,
User.enabled == True).first() # noqa
if user:
return O.error(msg="Already enabled")
else:
return O.error(msg="User not found")
user.enabled = True
api_key = request.db.query(ApiKey).filter(ApiKey.value == key).one()
new_key = ApiKey(user=user)
request.db.delete(api_key)
request.db.add(user)
request.db.add(new_key)
def patch(self, username=None, *args, **kwargs):
name = username
user = User.visible(request).filter(User.username == name).first()
if not user:
return O.error(msg="User not found")
if not user.enabled:
# Allow only enabling
enable = kwargs.get("enable")
if not enable or enable not in ["1", "true", "True"]:
return O.error(msg="Cannot modify inactive user")
user.enabled = True
for k in set(kwargs.keys()).intersection(User.attrs):
setattr(user, k, kwargs[k])
groups = request.POST.getall('groups')
if groups:
to_remove = [g for g in user.groups if g.name not in groups]
for g in to_remove:
user.groups.remove(g)
grps = Group.visible(request).filter(Group.name.in_(groups)).all()
for g in grps:
user.groups.append(g)
else:
user.groups[:] = []
password = kwargs.get('password')
if password:
user.set_password(password)
phone = kwargs.get('phone')
if phone:
user.phone = phone
request.db.add(user)
def script_create(self, name=None, **kwargs):
name = name or kwargs['name']
if not Script.valid_name(name):
return O.error(msg="Invalid script name")
content = kwargs['content']
mime = kwargs.get('mime', 'text/plain')
meta = kwargs.get('meta')
folder_name = kwargs['folder']
repository, _, folder_path = folder_name.partition("/")
folder_path = "/" + folder_path
if not folder_path.endswith('/'):
folder_path += "/"
folder = Folder.editable(request, repository, folder_path).first()
if not folder or not folder.repository.editable(request):
return O.error(msg="Folder %s is not editable" % folder_name)
scr = Script(name=name,
owner_id=request.user.id,
folder=folder,
mime_type=mime)
request.db.add(scr)
request.db.commit()
request._model_id = scr.id
if isinstance(meta, dict):
meta = json.dumps(meta)
rev = Revision(content=content, script_id=scr.id,
meta=meta)
request.db.add(rev)
def activate(self, **kwargs):
if request.method != "POST":
return O.none()
if not kwargs:
kwargs = request.json
username = kwargs['user']
key = kwargs['code']
user = request.db.query(User).join(Org, ApiKey).filter(
User.username == username, ApiKey.value == key,
ApiKey.enabled == True).first() # noqa
if not user:
user = request.db.query(User).join(Org, ApiKey).filter(
User.username == username,
User.enabled == True).first() # noqa
if user:
return O.error(msg="Already enabled")
else:
return O.error(msg="User not found")
user.enabled = True
api_key = request.db.query(ApiKey).filter(ApiKey.value == key).one()
new_key = ApiKey(user=user)
request.db.delete(api_key)
request.db.add(user)
request.db.add(new_key)
def login(self, **kwargs):
if not kwargs:
kwargs = request.json
username = kwargs.get('username')
password = kwargs['password']
token = kwargs.get('token')
expire = int(kwargs.get('expire', DEFAULT_EXP))
if not username and token:
# Recover
t = request.db.query(Token).filter(
Token.value == token, Token.scope == 'RECOVER').first()
if not t:
return O.error(msg="The recovery key is invalid "
"or expired.")
username = t.user.username
t.user.set_password(password)
request.db.add(t.user)
request.db.delete(t)
request.db.commit()
user = request.db.query(User).join(Org).outerjoin(
Token, Permission).filter(
User.enabled == True, # noqa
User.username == username,
User.password == hash_token(password)).first()
if not user:
return O.error(msg='Cannot login')
try:
expire = int(expire)
if expire < 0 or expire > MAX_EXP:
return O.error(msg='Invalid expire timeout, '
'should be between 1 and %d minutes' % MAX_EXP)
except:
expire = DEFAULT_EXP
token = User.create_token(request, user.id,
minutes=expire,
scope='LOGIN')
permissions = [p.name for p in user.permissions]
md = hashlib.md5()
md.update(user.email)
email_hash = md.hexdigest()
cached_token = dict(uid=user.id, org=user.org.name, token=token.value,
tier=user.org.tier.serialize(skip=['id']),
permissions=permissions, email=user.email,
email_hash=email_hash)
cache = CacheRegistry()
cache.add_token(username, cached_token, expire)
return O.login(user=username,
email=user.email,
email_hash=email_hash,
token=token.value,
expire=token.expires_at,
org=user.org.name,
perms=permissions)
def start(self, name, *args, **kwargs):
kwargs = kwargs or request.json
LOG.info("Received rebuild job [%s] from: %s" %
(name, request.client_addr))
if not getattr(request, "user", None):
key = kwargs.pop('key', None)
if not key:
return O.error(msg="Missing auth key")
api_key = get_api_key(key)
if not api_key:
return abort(401)
request.user = cached_user(api_key.user)
depl = request.db.query(Deployment).filter(
Deployment.name == name).first()
if not depl:
return O.error(msg="Deployment '%s' not found" % depl)
if depl.status not in ['Pending', 'Stopped']:
return O.error(msg="Deployment must be Pending or Stopped "
"to be Started.")
request.db.commit()
task_ids = _execute(depl, env=kwargs)
return O.success(msg="Started", task_ids=task_ids)
def start(self, name, *args, **kwargs):
kwargs = kwargs or request.json
LOG.info("Received rebuild job [%s] from: %s" % (
name, request.client_addr))
if not getattr(request, "user", None):
key = kwargs.pop('key', None)
if not key:
return O.error(msg="Missing auth key")
api_key = get_api_key(key)
if not api_key:
return abort(401)
request.user = cached_user(api_key.user)
depl = request.db.query(Deployment).filter(
Deployment.name == name).first()
if not depl:
return O.error(msg="Deployment '%s' not found" % depl)
if depl.status not in ['Pending', 'Stopped']:
return O.error(msg="Deployment must be Pending or Stopped "
"to be Started.")
request.db.commit()
task_ids = _execute(depl, env=kwargs)
return O.success(msg="Started", task_ids=task_ids)
def delete(self, job_name, **kwargs):
try:
job = Job.own(request).filter(Job.name == job_name).first()
if job:
request.db.delete(job)
else:
return O.error(msg="Job %s not found" % job_name)
except Exception, ex:
return O.error(msg='%r' % ex)
def groups_delete(self, name=None, **kwargs):
if not name:
return O.error(msg="Name not provided")
group = NodeGroup.visible(request).filter(
NodeGroup.name == name).first()
if not group:
return O.error(msg="Group not found")
request.db.delete(group)
def approve(self, node=None, **kwargs):
node = node or kwargs['node']
n = Node.visible(request).filter(
Node.name == node, Node.approved == False).first() # noqa
if not n:
return O.error(msg="Node not found")
cert = CertController(conf.cr_config)
msg, crt_file = cert.sign_node(n.name, ca=request.user.org)
if not crt_file:
LOG.error(msg)
return O.error(msg="Cannot sign node")
def repository_delete(self, *args, **kwargs):
name = args[0]
repository = Repository.own(request).filter(
Repository.name == name).one()
if not repository.removable(request):
return O.error(msg="Cannot edit/delete this repo")
if repository.type == "cloudrunner" and any(
[f for f in repository.folders
if f.name != "/" or f.full_name != "/"]):
return O.error(msg="Cannot remove repo, "
"not empty")
request.db.delete(repository)
def update_data(self, *args, **kwargs):
kwargs = kwargs or request.json
if "cc" in kwargs:
cc_data = kwargs['cc']
CS = request.braintree.CustomerSearch
customers = [
c for c in request.braintree.Customer.search(
CS.company == request.user.org).items
]
if not customers:
return O.error("Customer not found")
customer = customers[0]
expire_m, expire_y = cc_data['expire_date'].split("/")
token = ""
if customer.credit_cards:
# Update
cc = customer.credit_cards[0]
token = cc.token
result = request.braintree.PaymentMethod.update(
token, {
"number": cc_data['number'],
"cardholder_name": cc_data['cardholder_name'],
"expiration_month": expire_m,
"expiration_year": expire_y,
"cvv": cc_data['cvv'],
})
else:
# Create
result = request.braintree.CreditCard.create({
"customer_id":
customer.id,
"number":
cc_data["number"],
"expiration_month":
expire_m,
"expiration_year":
expire_y,
"cardholder_name":
cc_data['cardholder_name'],
"cvv":
cc_data['cvv']
})
if not result.is_success:
errors = filter(None, result.errors.deep_errors)
if errors:
return O.error(msg=errors[0].message)
return O.success(msg="Account updated")
return O.error(msg="No data provided for update")
def add_share(self, profile, *args, **kwargs):
name = kwargs.get('name')
node_quota = int(kwargs.get('node_quota', 0))
if not name:
return O.error(msg="Name if required")
prof = CloudProfile.my(request).filter(
CloudProfile.name == profile).first()
if not prof:
return O.error(msg="Cloud Profile '%s' not found" % profile)
share = CloudShare(name=name, password=random_token(length=64),
node_quota=node_quota, profile=prof)
request.db.add(share)
def jobs(self, *args, **kwargs):
if not args:
jobs = []
query = Job.visible(request)
jobs = [
t.serialize(
skip=['id', 'key', 'owner_id', 'deployment_id', 'uid'],
rel=[('owner.username', 'owner'),
('params', 'params', _try_load),
('deployment', 'automation', lambda d: d.name)])
for t in query.all()
]
return O._anon(jobs=sorted(jobs, key=lambda t: t['name'].lower()),
quota=dict(allowed=request.user.tier.cron_jobs))
else:
job_name = args[0]
try:
job = Job.visible(request).filter(Job.name == job_name).one()
return O.job(**job.serialize(
skip=['id', 'key', 'owner_id', 'deployment_id', 'uid'],
rel=[('owner.username',
'owner'), ('params', 'params', _try_load),
('deployment', 'automation', lambda d: d.name)]))
except exc.NoResultFound, ex:
LOG.error(ex)
request.db.rollback()
return O.error(msg="Job %s not found" % job_name)
def rm_group(self, name, *args):
group = Group.visible(request).filter(Group.name == name).first()
if not group:
return O.error(msg="Group not found")
request.db.delete(group)
request.db.commit()
def add_profile(self, name, *args, **kwargs):
p_type = kwargs['type']
user = User.visible(request).filter(
User.id == request.user.id).first()
name = name or kwargs['name']
if p_type == "shared":
username = kwargs.pop('username')
password = kwargs.pop('password')
share = request.db.query(CloudShare).filter(
CloudShare.name == username,
CloudShare.password == password).first()
if not share:
return O.error(msg="The specified shared profile is not found")
prof = CloudProfile(name=name, username=username,
password=password,
owner=user,
type=share.profile.type,
shared=share.profile)
request.db.add(prof)
else:
username = kwargs.pop('username')
password = kwargs.pop('password')
arguments = kwargs.pop('arguments')
clear_nodes = (bool(kwargs.get('clear_nodes'))
and not kwargs.get('clear_nodes')
in ['0', 'false', 'False'])
prof = CloudProfile(name=name, username=username,
password=password, arguments=arguments,
owner=user,
clear_nodes=clear_nodes,
type=p_type)
request.db.add(prof)
def add_share(self, profile, *args, **kwargs):
name = kwargs.get('name')
node_quota = int(kwargs.get('node_quota', 0))
if not name:
return O.error(msg="Name if required")
prof = CloudProfile.my(request).filter(
CloudProfile.name == profile).first()
if not prof:
return O.error(msg="Cloud Profile '%s' not found" % profile)
share = CloudShare(name=name,
password=random_token(length=64),
node_quota=node_quota,
profile=prof)
request.db.add(share)
def folder_delete(self, *args, **kwargs):
full_path = "/".join(args).strip("/")
repository, _, folder_path = full_path.partition("/")
folder_path = "/" + folder_path
if not folder_path.endswith('/'):
folder_path += "/"
if folder_path == "/":
return O.error(msg="Cannot delete root folder")
folder = Folder.editable(request,
repository,
folder_path).first()
if not folder:
return O.error(msg="Folder '%s' not found" % full_path)
request.db.delete(folder)
def revisions(self, repository, *args, **kwargs):
path = "/".join(args)
path.rstrip("/")
if not path.startswith("/"):
path = "/" + path
path, _, script = path.rpartition('/')
path = path + '/'
scr = Script.visible(request,
repository,
path).filter(Script.name == script).first()
if not scr:
return O.error(msg="Script not found")
revisions = sorted([r.serialize(
skip=['id', 'script_id', 'draft', 'content', 'meta'],
rel=[("created_at", "created_at", lambda d: d)])
for r in scr.history
if not r.draft], key=lambda r: r["created_at"], reverse=True)
return O.history(
script=scr.name,
owner=scr.owner.username,
revisions=revisions
)
def rm_group(self, name, *args):
group = Group.visible(request).filter(Group.name == name).first()
if not group:
return O.error(msg="Group not found")
request.db.delete(group)
request.db.commit()
def delete(self, username, *args):
name = username
user = User.visible(request).filter(User.username == name).first()
if not user:
return O.error(msg="User not found")
request.db.delete(user)
def delete(self, *args, **kwargs):
name = "/".join(args)
depl = Deployment.my(request).filter(Deployment.name == name).first()
if not depl:
return O.error(msg="Cannot find deployment '%s'" % name)
_cleanup(depl)
request.db.delete(depl)
def deployments(self, name=None, **kwargs):
skip = ['id', 'owner_id']
def _encode(s):
try:
return json.loads(s)
except ValueError:
return {}
if name:
depl = Deployment.my(request).filter(
Deployment.name == name).first()
if depl:
return O.deployment(**depl.serialize(
skip=skip,
rel=[('content', 'content',
lambda p: _encode(p))]))
else:
return O.error(msg="Cannot find deployment '%s'" % name)
else:
depl = sorted([d.serialize(skip=skip)
for d in Deployment.my(request).all()],
key=lambda d: d['name'])
return O._anon(deployments=depl,
quota=dict(allowed=request.user.tier.deployments))
return O.none()
def preview(self, *args, **kwargs):
if not args:
return O.error(msg="Path not provided")
content = kwargs['content']
content = expand_script(content)
return O.preview(content=content)
def modify_group_roles(self, name, *args, **kwargs):
name = name or kwargs['name']
add_roles = request.POST.getall('add')
rm_roles = request.POST.getall('remove')
group = Group.visible(request).filter(Group.name == name).first()
if not group:
return O.error(msg="Group is not available")
for role in rm_roles:
as_user, _, servers = role.rpartition("@")
if not as_user or not servers:
continue
if as_user == "*":
as_user = "******"
roles = [
r for r in group.roles
if r.as_user == as_user and r.servers == servers
]
for r in roles:
request.db.delete(r)
request.db.commit()
errs = []
for role in add_roles:
as_user, _, servers = role.rpartition("@")
if not Role.is_valid(as_user):
errs.append(as_user)
if errs:
if len(errs) == 1:
return O.error(msg="The role '%s' is not valid" % errs[0])
else:
return O.error(msg="The following roles are not valid: %s" %
", ".join(errs))
for role in add_roles:
as_user, _, servers = role.rpartition("@")
if not as_user or not servers:
continue
if as_user == "*":
as_user = "******"
r = Role(as_user=as_user, servers=servers, group=group)
try:
request.db.add(r)
request.db.commit()
except IntegrityError:
request.db.rollback()
def stop(self, name, *args, **kwargs):
name = name or kwargs['name']
depl = Deployment.my(request).filter(Deployment.name == name).first()
if not depl:
return O.error(msg="Cannot find deployment '%s'" % name)
depl.status = "Stopped"
_cleanup(depl)
def output(self, uuid=None, tail=100, show=None,
template=None, content_type="text/html", **kwargs):
try:
tail = int(tail)
if tail == -1:
tail = None
except ValueError:
return O.error(msg="Wrong value for tail. Must be an integer >= 0")
start = 0
end = 50
uuids = []
pattern = kwargs.get('filter')
order_by = kwargs.get('order', 'desc')
q = Task.visible(request).join(Run, Task.runs).outerjoin(
RunNode, Run.nodes).options(
joinedload(Task.runs))
if uuid:
uuids.extend(re.split('[\s,;]', uuid))
q = q.filter(Run.uuid.in_(uuids))
nodes = kwargs.get("nodes")
if nodes:
if not isinstance(nodes, list):
nodes = re.split('[\s,;]', nodes)
q = q.filter(RunNode.name.in_(nodes))
if template:
override_template("library:%s" % template,
content_type=content_type)
# TODO: check for e-tag
min_score = int(kwargs.get('from', request.headers.get('Etag', 0)))
max_score = int(kwargs.get('to', 0)) or None
score = 1
try:
if order_by == 'asc':
q = q.order_by(Task.created_at.asc())
else:
q = q.order_by(Task.created_at.desc())
tasks = q.all()[start: end]
except Exception, ex:
LOG.exception(ex)
request.db.rollback()
return O.error(msg="Error loading logs")
def start(self, name, *args, **kwargs):
name = name or kwargs['name']
depl = Deployment.my(request).filter(Deployment.name == name).first()
if not depl:
return O.error(msg="Cannot find deployment '%s'" % name)
if depl.status not in ['Pending', 'Stopped']:
return O.error(msg="Deployment must be Pending or Stopped "
"to be Started.")
content = json.loads(depl.content)
_validate(content)
request.db.commit()
depl.status = "Starting"
task_ids = _execute(depl, **kwargs)
return O.success(status="ok", task_ids=task_ids)
def create(self, name=None, **kwargs):
if not kwargs:
kwargs = request.json
name = name or kwargs['name']
automation = kwargs['automation']
params = kwargs.get('params')
if params:
if not isinstance(params, dict):
params = json.loads(params)
else:
params = {}
private = (bool(kwargs.get('private'))
and not kwargs.get('private') in ['0', 'false', 'False'])
if not EXE_PATH:
return O.error(msg="Scheduler job executable not found on server")
per = kwargs['period']
period = Period(per)
if not period.is_valid():
return O.error(msg="Period %s is not valid" % period)
depl = Deployment.my(request).filter(
Deployment.name == automation).first()
if not depl:
return O.error(msg="Invalid Automation name")
user = request.db.query(User).filter(User.id == request.user.id).one()
job = Job(name=name,
owner=user,
enabled=True,
params=json.dumps(params),
deployment=depl,
private=private,
exec_period=period._)
request.db.add(job)
request.db.commit()
cron_name = job.uid
# Post-create
url = EXE_PATH % cron_name
if job.params:
url = "%s -e '%s'" % (url, job.params)
success, res = schedule_manager.add(request.user.username, cron_name,
period, url, job.name)
def modify_group_roles(self, name, *args, **kwargs):
name = name or kwargs['name']
add_roles = request.POST.getall('add')
rm_roles = request.POST.getall('remove')
group = Group.visible(request).filter(Group.name == name).first()
if not group:
return O.error(msg="Group is not available")
for role in rm_roles:
as_user, _, servers = role.rpartition("@")
if not as_user or not servers:
continue
if as_user == "*":
as_user = "******"
roles = [r for r in group.roles if r.as_user == as_user and
r.servers == servers]
for r in roles:
request.db.delete(r)
request.db.commit()
errs = []
for role in add_roles:
as_user, _, servers = role.rpartition("@")
if not Role.is_valid(as_user):
errs.append(as_user)
if errs:
if len(errs) == 1:
return O.error(msg="The role '%s' is not valid" % errs[0])
else:
return O.error(msg="The following roles are not valid: %s" %
", ".join(errs))
for role in add_roles:
as_user, _, servers = role.rpartition("@")
if not as_user or not servers:
continue
if as_user == "*":
as_user = "******"
r = Role(as_user=as_user, servers=servers, group=group)
try:
request.db.add(r)
request.db.commit()
except IntegrityError:
request.db.rollback()
def script(self, *args, **kwargs):
full_path = "/" + "/".join(args)
LOG.info("Received execute script request [%s] from: %s" % (
full_path, request.client_addr))
key = kwargs.pop('key', None)
if not getattr(request, "user", None):
if not key:
return O.error(msg="Missing auth key")
api_key = get_api_key(key)
if not api_key:
return abort(401)
user_id = api_key.user_id
request.user = cached_user(api_key.user)
else:
user_id = request.user.id
user = request.db.query(User).filter(User.id == user_id).one()
targets = kwargs.pop("targets")
if not targets:
return O.error(msg="Targets is a mandatory field")
targets = [t.strip() for t in SPLITTER.split(targets) if t.strip()]
env = kwargs.pop('env', {})
env.update(flatten_params(request.params))
dep_data = dict()
dep_data['steps'] = []
step = dict(target=targets,
content=dict(path=full_path))
dep_data['steps'].append(step)
depl = Deployment(name="Execute: %s" % full_path,
content=json.dumps(dep_data),
status='Pending',
owner=user)
task_ids = _execute(depl, env=env, dont_save=True, **kwargs)
if task_ids:
return O.success(status="ok", **task_ids)
else:
return O.error(msg="Cannot execute script")
def remove(self, name=None, **kwargs):
name = name or kwargs['name']
org = request.db.query(Org).filter(
Org.name == name, Org.enabled != True).first() # noqa
if not org:
return O.error(msg="Organization not found or is enabled")
if org:
request.db.delete(org)
def update_data(self, *args, **kwargs):
kwargs = kwargs or request.json
if "cc" in kwargs:
cc_data = kwargs['cc']
CS = request.braintree.CustomerSearch
customers = [c for c in request.braintree.Customer.search(
CS.company == request.user.org).items]
if not customers:
return O.error("Customer not found")
customer = customers[0]
expire_m, expire_y = cc_data['expire_date'].split("/")
token = ""
if customer.credit_cards:
# Update
cc = customer.credit_cards[0]
token = cc.token
result = request.braintree.PaymentMethod.update(token, {
"number": cc_data['number'],
"cardholder_name": cc_data['cardholder_name'],
"expiration_month": expire_m,
"expiration_year": expire_y,
"cvv": cc_data['cvv'],
})
else:
# Create
result = request.braintree.CreditCard.create({
"customer_id": customer.id,
"number": cc_data["number"],
"expiration_month": expire_m,
"expiration_year": expire_y,
"cardholder_name": cc_data['cardholder_name'],
"cvv": cc_data['cvv']
})
if not result.is_success:
errors = filter(None, result.errors.deep_errors)
if errors:
return O.error(msg=errors[0].message)
return O.success(msg="Account updated")
return O.error(msg="No data provided for update")
def remove(self, name=None, **kwargs):
name = name or kwargs['name']
org = request.db.query(Org).filter(Org.name == name,
Org.enabled != True).first() # noqa
if not org:
return O.error(msg="Organization not found or is enabled")
if org:
request.db.delete(org)
def script_delete(self, *args, **kwargs):
full_path = "/".join(args).strip("/")
folder_name, _, name = full_path.rpartition("/")
repository, _, folder_path = folder_name.partition("/")
folder_path = "/" + folder_path
if not folder_path.endswith('/'):
folder_path += "/"
try:
scr = Script.editable(
request,
repository,
folder_path).filter(Script.name == name).first()
except exc.NoResultFound:
return O.error(msg="Script '%s' not found" % name)
if not scr:
return O.error(msg="Script '%s' not found" % name)
request.db.delete(scr)
def script(self, *args, **kwargs):
full_path = "/" + "/".join(args)
LOG.info("Received execute script request [%s] from: %s" %
(full_path, request.client_addr))
key = kwargs.pop('key', None)
if not getattr(request, "user", None):
if not key:
return O.error(msg="Missing auth key")
api_key = get_api_key(key)
if not api_key:
return abort(401)
user_id = api_key.user_id
request.user = cached_user(api_key.user)
else:
user_id = request.user.id
user = request.db.query(User).filter(User.id == user_id).one()
targets = kwargs.pop("targets")
if not targets:
return O.error(msg="Targets is a mandatory field")
targets = [t.strip() for t in SPLITTER.split(targets) if t.strip()]
env = kwargs.pop('env', {})
env.update(flatten_params(request.params))
dep_data = dict()
dep_data['steps'] = []
step = dict(target=targets, content=dict(path=full_path))
dep_data['steps'].append(step)
depl = Deployment(name="Execute: %s" % full_path,
content=json.dumps(dep_data),
status='Pending',
owner=user)
task_ids = _execute(depl, env=env, dont_save=True, **kwargs)
if task_ids:
return O.success(status="ok", **task_ids)
else:
return O.error(msg="Cannot execute script")
def revoke(self, node):
n = Node.visible(request).filter(Node.name == node).first()
if not n:
return O.error(msg="Node not found")
cert = CertController(conf.cr_config)
if n.approved:
[m[1] for m in cert.revoke(n.name, ca=request.user.org)]
request.db.delete(n)
else:
[m[1] for m in cert.clear_req(n.name, ca=request.user.org)]
request.db.delete(n)
def add_role(self, username=None, **kwargs):
user = User.visible(request).filter(User.username == username).one()
as_user = str(kwargs['as_user'])
servers = kwargs['servers']
if as_user == '*':
as_user = "******"
elif not Role.is_valid(as_user):
return O.error(msg="Invalid user name: %s" % as_user)
role = Role(as_user=as_user, servers=servers)
user.roles.append(role)
request.db.commit()
def add_role(self, username=None, **kwargs):
user = User.visible(request).filter(User.username == username).one()
as_user = str(kwargs['as_user'])
servers = kwargs['servers']
if as_user == '*':
as_user = "******"
elif not Role.is_valid(as_user):
return O.error(msg="Invalid user name: %s" % as_user)
role = Role(as_user=as_user, servers=servers)
user.roles.append(role)
request.db.commit()
def move(self, *args, **kwargs):
src = kwargs['from']
dest = kwargs['to']
script = Script.find(request, src).first()
if not script:
return O.error(msg="Cannot find script %s" % src)
folder = Folder.find(request, dest).first()
if not folder:
dest, _, new_name = dest.rpartition("/")
folder = Folder.find(request, dest).first()
if not folder:
return O.error(msg="Invalid path %s" % dest)
script.name = new_name
if not folder.can_edit(request):
return O.error(msg="Cannot copy to %s" % dest)
script.folder = folder
request.db.add(script)
def apikeys_modify(self, value, *args, **kwargs):
key = request.db.query(ApiKey).join(User).filter(
User.id == request.user.id, ApiKey.value == value).one()
if not key:
return O.error(msg="Api Key not found")
if 'description' in kwargs:
description = kwargs['description']
key.description = description
if 'enabled' in kwargs:
enabled = kwargs.get('enabled') not in ['0', 'false', 'False']
key.enabled = enabled
request.db.add(key)
def update(self, **kw):
kwargs = kw or request.json
try:
assert kwargs['name']
assert kwargs['automation']
assert kwargs['params']
assert kwargs['period']
assert kwargs['private']
assert kwargs['enabled']
return self.patch(**kwargs)
except KeyError, kerr:
return O.error(msg="Value not present: %s" % kerr,
field=str(kerr).strip("'"))
def modify_profile(self, name, *args, **kwargs):
username = kwargs.pop('username')
password = kwargs.pop('password')
arguments = kwargs.pop('arguments')
name = name or kwargs['name']
prof = CloudProfile.my(request).filter(
CloudProfile.name == name).first()
if prof:
prof.username = username
prof.password = password
prof.arguments = arguments
request.db.add(prof)
else:
return O.error(msg="Cannot find profile %s" % name)
def restart(self, name, *args, **kwargs):
name = name or kwargs['name']
depl = Deployment.my(request).filter(Deployment.name == name).first()
if not depl:
return O.error(msg="Cannot find deployment '%s'" % name)
content = json.loads(depl.content)
_validate(content)
request.db.commit()
depl.status = "Starting"
task_ids = _execute(depl, **kwargs)
return O.success(status="ok", task_ids=task_ids)
def account(self, *args, **kwargs):
"""
.. http:get:: /billing/account
Returns basic account information
>header: Auth token
"""
CS = request.braintree.CustomerSearch
customers = [
c for c in request.braintree.Customer.search(
CS.company == request.user.org).items
]
if not customers:
# Try to create customer
user = User.visible(request).filter(
User.username == request.user.username).one()
result = request.braintree.Customer.create({
"first_name": user.first_name,
"last_name": user.last_name,
"company": user.org.name,
"email": user.email,
"phone": user.phone,
})
if not result.is_success:
return O.error("Cannot fetch data from billing system")
customers = [result.customer]
customer = customers[0]
card, subs = {}, {}
if customer.credit_cards:
cc = customer.credit_cards[0]
card['number'] = cc.masked_number
card['expire'] = cc.expiration_date
card['type'] = cc.card_type
if cc.subscriptions:
sub = cc.subscriptions[0]
subs['next_date'] = sub.next_billing_date
subs['next_amount'] = sub.next_billing_period_amount
TS = request.braintree.TransactionSearch
history = request.braintree.Transaction.search(
[TS.customer_company == request.user.org])
return O.billing(transactions=[serialize_t(h) for h in history.items],
plan=subs,
cards=card)
def modify_profile(self, name, *args, **kwargs):
username = kwargs.pop('username')
password = kwargs.pop('password')
arguments = kwargs.pop('arguments')
name = name or kwargs['name']
prof = CloudProfile.my(request).filter(
CloudProfile.name == name).first()
if prof:
prof.username = username
prof.password = password
prof.arguments = arguments
request.db.add(prof)
else:
return O.error(msg="Cannot find profile %s" % name)
def copy(self, *args, **kwargs):
src = kwargs['from']
dest = kwargs['to']
script = Script.find(request, src).first()
if not script:
return O.error(msg="Cannot find script %s" % src)
folder = Folder.find(request, dest).first()
new_name = script.name
if not folder:
dest, _, new_name = dest.rpartition("/")
folder = Folder.find(request, dest).first()
if not folder:
return O.error(msg="Invalid path %s" % dest)
if not folder.can_edit(request):
return O.error(msg="Cannot copy to %s" % dest)
rev = script.contents(request)
rev.id = None
script.id = None
request.db.expunge(script)
request.db.expunge(rev)
make_transient(script)
make_transient(rev)
script.history.append(rev)
script.name = new_name
rev.version = 1
rev.draft = False
rev.created_at = datetime.now()
script.folder = folder
request.db.add(script)
request.db.add(rev)
def script_update(self, name=None, **kwargs):
name = name or kwargs['name']
content = kwargs['content']
folder_name = kwargs['folder']
repository, _, folder_path = folder_name.partition("/")
mime = kwargs['mime']
meta = kwargs.get('meta') or {}
if not isinstance(meta, dict):
try:
meta = json.loads(meta)
except:
meta = {}
folder_path = "/" + folder_path
if not folder_path.endswith('/'):
folder_path += "/"
scr = Script.editable(request,
repository,
folder_path).filter(Script.name == name).first()
if not scr:
return O.error(msg="Script '%s' not found" % name)
if kwargs.get('new_name'):
if not Script.valid_name(kwargs['new_name']):
return O.error(msg="Invalid script name")
scr.name = kwargs['new_name']
scr.mime_type = mime
request.db.add(scr)
request.db.commit()
request._model_id = scr.id
rev = Revision(content=content, script_id=scr.id,
meta=json.dumps(meta))
request.db.add(rev)
def create(self, name, **kwargs):
if request.method != "POST":
return O.none()
name = name or kwargs['name']
try:
user = User.visible(request).filter(
User.id == request.user.id).first()
content = kwargs.pop('content')
if not isinstance(content, dict):
content = json.loads(content)
_validate(content)
except KeyError, kerr:
return O.error(msg="Missing content data: %s" % kerr)
def wrapper(*args, **kwargs):
# Call function
try:
ret = f(*args, **kwargs)
if ret and ret.get('error'):
return ret
_m = None
_id = None
if hasattr(request, '_model_id'):
_id = request._model_id
else:
if method == 'create':
for m in request.db.new:
if isinstance(m, model):
_m = m
break
elif method == 'delete':
for m in request.db.deleted:
if isinstance(m, model):
_id = m.id
break
elif method in ('update', 'modify'):
for m in request.db.dirty:
if isinstance(m, model):
_id = m.id
break
request.db.commit()
if method == 'create' and _m:
_id = _m.id
if _id:
ev_action = "%s:%s" % (model.__tablename__, method)
response.fire_up_event = ev_action
response.fire_up_id = _id
if not ret:
return O.success(status='ok')
return ret
except KeyError, kerr:
request.db.rollback()
if key_error and callable(key_error):
return key_error(kerr)
return O.error(msg="Field not present: %s" % kerr,
field=str(kerr))
def account(self, *args, **kwargs):
"""
.. http:get:: /billing/account
Returns basic account information
>header: Auth token
"""
CS = request.braintree.CustomerSearch
customers = [c for c in request.braintree.Customer.search(
CS.company == request.user.org).items]
if not customers:
# Try to create customer
user = User.visible(request).filter(
User.username == request.user.username).one()
result = request.braintree.Customer.create({
"first_name": user.first_name,
"last_name": user.last_name,
"company": user.org.name,
"email": user.email,
"phone": user.phone,
})
if not result.is_success:
return O.error("Cannot fetch data from billing system")
customers = [result.customer]
customer = customers[0]
card, subs = {}, {}
if customer.credit_cards:
cc = customer.credit_cards[0]
card['number'] = cc.masked_number
card['expire'] = cc.expiration_date
card['type'] = cc.card_type
if cc.subscriptions:
sub = cc.subscriptions[0]
subs['next_date'] = sub.next_billing_date
subs['next_amount'] = sub.next_billing_period_amount
TS = request.braintree.TransactionSearch
history = request.braintree.Transaction.search([
TS.customer_company == request.user.org])
return O.billing(transactions=[serialize_t(h) for h in history.items],
plan=subs, cards=card)
def folder_create(self, name=None, **kwargs):
name = name or kwargs['name']
parent_name = kwargs['folder'].lstrip('/')
repository, _, folder_path = parent_name.partition("/")
folder_path = "/" + folder_path
if not folder_path.endswith('/'):
folder_path += "/"
parent = Folder.editable(request, repository, folder_path).first()
if not parent:
return O.error(msg="Parent folder '%s' is not editable" %
folder_path)
folder = Folder(name=name, repository=parent.repository,
owner_id=request.user.id,
parent=parent,
full_name="%s%s/" % (parent.full_name, name))
request.db.add(folder)
def register(self, node=None, **kwargs):
return O.error(msg="Not implemented")
node = node or kwargs['node']
org = request.db.query(Org).filter(Org.name == request.user.org).one()
n = Node(name=node, org=org)
r = Reservation(node=n,
username=kwargs['username'],
password=kwargs['password'],
ssh_pubkey=kwargs['ssh_pubkey'],
disable_pass=kwargs.get('disable_pass')
in ['1', 'true', 'True'])
request.db.add(n)
request.db.add(r)
request.db.commit()
t = threading.Thread(
target=node_registration,
args=n.serialize(rel=['reservations', 'reservations']))
t.start()
return O.success(msg="Node registration started")
