def _wsgi_app(self, environ: WSGIEnvironment,
start_response: StartResponse) -> WSGIResponse:
urls = self.url_map.bind_to_environ(environ)
endpoint: Optional[Endpoint] = None
try:
result: Tuple[str, Mapping[str,
Any]] = urls.match(return_rule=False)
endpoint_ident, matched_path_args = result # pylint: disable=unpacking-non-sequence
wsgi_app = self.endpoints[endpoint_ident]
if isinstance(wsgi_app, Authenticate):
endpoint = wsgi_app.endpoint
# Remove _path again (see Submount above), so the validators don't go crazy.
path_args = {
key: value
for key, value in matched_path_args.items() if key != "_path"
}
# This is an implicit dependency, as we only know the args at runtime, but the
# function at setup-time.
environ[ARGS_KEY] = path_args
req = Request(environ)
resp = Response()
with AppContext(self, stack=app_stack()), RequestContext(
req=req,
resp=resp,
funnel=OutputFunnel(resp),
config_obj=config.make_config_object(
config.get_default_config()),
endpoint=endpoint,
user=LoggedInNobody(),
display_options=DisplayOptions(),
stack=request_stack(),
url_filter=PrependURLFilter(),
), cmk.utils.store.cleanup_locks(), sites.cleanup_connections():
config.initialize()
load_dynamic_permissions()
return wsgi_app(environ, start_response)
except ProblemException as exc:
return exc(environ, start_response)
except HTTPException as exc:
# We don't want to log explicit HTTPExceptions as these are intentional.
assert isinstance(exc.code, int)
return problem(
status=exc.code,
title=http.client.responses[exc.code],
detail=str(exc),
)(environ, start_response)
except MKException as exc:
if self.debug:
raise
return problem(
status=EXCEPTION_STATUS.get(type(exc), 500),
title="An exception occurred.",
detail=str(exc),
)(environ, start_response)
except Exception as exc:
crash = APICrashReport.from_exception()
crash_reporting.CrashReportStore().save(crash)
logger.exception("Unhandled exception (Crash-ID: %s)",
crash.ident_to_text())
if self.debug:
raise
request = Request(environ)
site = config.omd_site()
query_string = urllib.parse.urlencode([
("crash_id", (crash.ident_to_text())),
("site", site),
])
crash_url = f"{request.host_url}{site}/check_mk/crash.py?{query_string}"
crash_details = {
"crash_id": (crash.ident_to_text()),
"crash_report": {
"href": crash_url,
"method": "get",
"rel": "cmk/crash-report",
"type": "text/html",
},
}
if user.may("general.see_crash_reports"):
crash_details["stack_trace"] = traceback.format_exc().split(
"\n")
return problem(
status=500,
title=http.client.responses[500],
detail=str(exc),
ext=crash_details,
)(environ, start_response)
def __init__(self):
super().__init__()
# Make sure that all dynamic permissions are available (e.g. those for custom
# views)
load_dynamic_permissions()
def test_registered_permissions():
load_dynamic_permissions()
expected_permissions = [
"action.acknowledge",
"action.addcomment",
"action.clearmodattr",
"action.customnotification",
"action.downtimes",
"action.enablechecks",
"action.fakechecks",
"action.notifications",
"action.remove_all_downtimes",
"action.reschedule",
"action.star",
"action.delete_crash_report",
"background_jobs.delete_foreign_jobs",
"background_jobs.delete_jobs",
"background_jobs.manage_jobs",
"background_jobs.see_foreign_jobs",
"background_jobs.stop_foreign_jobs",
"background_jobs.stop_jobs",
"bi.see_all",
"dashboard.main",
"dashboard.simple_problems",
"dashboard.checkmk",
"dashboard.checkmk_host",
"general.acknowledge_werks",
"general.act",
"general.agent_pairing",
"general.change_password",
"general.manage_2fa",
"general.configure_sidebar",
"general.csv_export",
"general.delete_foreign_pagetype_topic",
"general.edit_pagetype_topic",
"general.edit_foreign_pagetype_topic",
"general.force_pagetype_topic",
"general.publish_pagetype_topic",
"general.publish_to_foreign_groups_pagetype_topic",
"general.publish_to_groups_pagetype_topic",
"general.see_user_pagetype_topic",
"general.delete_foreign_bookmark_list",
"general.delete_foreign_custom_snapin",
"general.delete_foreign_dashboards",
"general.delete_foreign_views",
"general.disable_notifications",
"general.edit_bookmark_list",
"general.edit_custom_snapin",
"general.edit_dashboards",
"general.edit_foreign_bookmark_list",
"general.edit_foreign_dashboards",
"general.edit_foreign_views",
"general.edit_foreign_custom_snapin",
"general.edit_notifications",
"general.edit_profile",
"general.edit_user_attributes",
"general.edit_views",
"general.force_bookmark_list",
"general.force_custom_snapin",
"general.force_dashboards",
"general.force_views",
"general.ignore_hard_limit",
"general.ignore_soft_limit",
"general.logout",
"general.message",
"general.painter_options",
"general.parent_child_topology",
"general.publish_bookmark_list",
"general.publish_to_foreign_groups_bookmark_list",
"general.publish_to_groups_bookmark_list",
"general.publish_custom_snapin",
"general.publish_to_foreign_groups_custom_snapin",
"general.publish_to_groups_custom_snapin",
"general.publish_dashboards",
"general.publish_dashboards_to_foreign_groups",
"general.publish_dashboards_to_groups",
"general.publish_views",
"general.publish_views_to_foreign_groups",
"general.publish_views_to_groups",
"general.see_all",
"general.see_availability",
"general.see_crash_reports",
"general.see_failed_notifications",
"general.see_failed_notifications_24h",
"general.see_sidebar",
"general.see_stales_in_tactical_overview",
"general.see_user_bookmark_list",
"general.see_user_custom_snapin",
"general.see_user_dashboards",
"general.see_user_views",
"general.server_side_requests",
"general.use",
"general.view_option_columns",
"general.view_option_refresh",
"icons_and_actions.action_menu",
"icons_and_actions.aggregation_checks",
"icons_and_actions.aggregations",
"icons_and_actions.check_manpage",
"icons_and_actions.check_period",
"icons_and_actions.crashed_check",
"icons_and_actions.custom_action",
"icons_and_actions.download_agent_output",
"icons_and_actions.download_snmp_walk",
"icons_and_actions.icon_image",
"icons_and_actions.inventory",
"icons_and_actions.logwatch",
"icons_and_actions.mkeventd",
"icons_and_actions.notes",
"icons_and_actions.perfgraph",
"icons_and_actions.prediction",
"icons_and_actions.reschedule",
"icons_and_actions.rule_editor",
"icons_and_actions.stars",
"icons_and_actions.status_acknowledged",
"icons_and_actions.status_active_checks",
"icons_and_actions.status_comments",
"icons_and_actions.status_downtimes",
"icons_and_actions.status_flapping",
"icons_and_actions.status_notification_period",
"icons_and_actions.status_notifications_enabled",
"icons_and_actions.status_passive_checks",
"icons_and_actions.status_service_period",
"icons_and_actions.status_stale",
"icons_and_actions.wato",
"icons_and_actions.parent_child_topology",
"mkeventd.actions",
"mkeventd.activate",
"mkeventd.archive_events_of_hosts",
"mkeventd.changestate",
"mkeventd.config",
"mkeventd.delete",
"mkeventd.edit",
"mkeventd.see_in_tactical_overview",
"mkeventd.seeall",
"mkeventd.seeunrelated",
"mkeventd.switchmode",
"mkeventd.update",
"mkeventd.update_comment",
"mkeventd.update_contact",
"nagvis.*_*_*",
"nagvis.Map_delete",
"nagvis.Map_delete_*",
"nagvis.Map_edit",
"nagvis.Map_edit_*",
"nagvis.Map_view",
"nagvis.Map_view_*",
"nagvis.Rotation_view_*",
"notification_plugin.asciimail",
"notification_plugin.cisco_webex_teams",
"notification_plugin.jira_issues",
"notification_plugin.mail",
"notification_plugin.mkeventd",
"notification_plugin.opsgenie_issues",
"notification_plugin.pagerduty",
"notification_plugin.pushover",
"notification_plugin.servicenow",
"notification_plugin.signl4",
"notification_plugin.ilert",
"notification_plugin.slack",
"notification_plugin.sms",
"notification_plugin.sms_api",
"notification_plugin.spectrum",
"notification_plugin.victorops",
"sidesnap.admin_mini",
"sidesnap.biaggr_groups",
"sidesnap.biaggr_groups_tree",
"sidesnap.bookmarks",
"sidesnap.dashboards",
"sidesnap.hostgroups",
"sidesnap.master_control",
"sidesnap.mkeventd_performance",
"sidesnap.nagvis_maps",
"sidesnap.performance",
"sidesnap.search",
"sidesnap.servicegroups",
"sidesnap.sitestatus",
"sidesnap.speedometer",
"sidesnap.tactical_overview",
"sidesnap.tag_tree",
"sidesnap.time",
"sidesnap.views",
"sidesnap.wato_foldertree",
"view.aggr_all",
"view.aggr_all_api",
"view.aggr_group",
"view.aggr_host",
"view.aggr_hostgroup_boxed",
"view.aggr_hostnameaggrs",
"view.aggr_hostproblems",
"view.aggr_problems",
"view.aggr_service",
"view.aggr_single",
"view.aggr_single_api",
"view.aggr_singlehost",
"view.aggr_singlehosts",
"view.aggr_summary",
"view.alerthandlers",
"view.alertstats",
"view.allhosts",
"view.allservices",
"view.bi_map_hover_host",
"view.bi_map_hover_service",
"view.api_downtimes",
"view.comments",
"view.comments_of_host",
"view.comments_of_service",
"view.contactnotifications",
"view.crash_reports",
"view.downtime_history",
"view.downtimes",
"view.downtimes_of_host",
"view.downtimes_of_service",
"view.docker_containers",
"view.docker_nodes",
"view.vpshere_vms",
"view.vsphere_servers",
"view.ec_event",
"view.ec_event_mobile",
"view.ec_events",
"view.ec_events_mobile",
"view.ec_events_of_host",
"view.ec_events_of_monhost",
"view.ec_history_of_event",
"view.ec_history_of_host",
"view.ec_history_recent",
"view.ec_historyentry",
"view.events",
"view.events_dash",
"view.failed_notifications",
"view.host",
"view.host_crit",
"view.host_dt_hist",
"view.host_export",
"view.host_ok",
"view.host_pending",
"view.host_unknown",
"view.host_warn",
"view.hostevents",
"view.hostgroup",
"view.hostgroup_up",
"view.hostgroup_down",
"view.hostgroup_unreach",
"view.hostgroup_pend",
"view.hostgroups",
"view.hostgroupservices",
"view.hostgroupservices_ok",
"view.hostgroupservices_warn",
"view.hostgroupservices_crit",
"view.hostgroupservices_unknwn",
"view.hostgroupservices_pend",
"view.hostnotifications",
"view.hostpnp",
"view.hostproblems",
"view.hostproblems_dash",
"view.hosts",
"view.hoststatus",
"view.hostsvcevents",
"view.hostsvcnotifications",
"view.inv_host",
"view.inv_host_history",
"view.inv_hosts_cpu",
"view.inv_hosts_ports",
"view.invbackplane_of_host",
"view.invbackplane_search",
"view.invchassis_of_host",
"view.invchassis_search",
"view.invcmksites_of_host",
"view.invcmksites_search",
"view.invcmkversions_of_host",
"view.invcmkversions_search",
"view.invcontainer_of_host",
"view.invcontainer_search",
"view.invdockercontainers_of_host",
"view.invdockercontainers_search",
"view.invdockerimages_of_host",
"view.invdockerimages_search",
"view.invfan_of_host",
"view.invfan_search",
"view.invibmmqchannels_of_host",
"view.invibmmqchannels_search",
"view.invibmmqmanagers_of_host",
"view.invibmmqmanagers_search",
"view.invibmmqqueues_of_host",
"view.invibmmqqueues_search",
"view.invinterface_of_host",
"view.invinterface_search",
"view.invkernelconfig_of_host",
"view.invkernelconfig_search",
"view.invmodule_of_host",
"view.invmodule_search",
"view.invoradataguardstats_of_host",
"view.invoradataguardstats_search",
"view.invorainstance_of_host",
"view.invorainstance_search",
"view.invorarecoveryarea_of_host",
"view.invorarecoveryarea_search",
"view.invorasga_of_host",
"view.invorasga_search",
"view.invorapga_of_host",
"view.invorapga_search",
"view.invoratablespace_of_host",
"view.invoratablespace_search",
"view.invorasystemparameter_of_host",
"view.invorasystemparameter_search",
"view.invother_of_host",
"view.invother_search",
"view.invpsu_of_host",
"view.invpsu_search",
"view.invsensor_of_host",
"view.invsensor_search",
"view.invstack_of_host",
"view.invstack_search",
"view.invswpac_of_host",
"view.invswpac_search",
"view.invtunnels_of_host",
"view.invtunnels_search",
"view.invunknown_of_host",
"view.invunknown_search",
"view.logfile",
"view.mobile_contactnotifications",
"view.mobile_events",
"view.mobile_host",
"view.mobile_hostproblems",
"view.mobile_hostproblems_unack",
"view.mobile_hoststatus",
"view.mobile_hostsvcevents",
"view.mobile_hostsvcnotifications",
"view.mobile_notifications",
"view.mobile_searchhost",
"view.mobile_searchsvc",
"view.mobile_service",
"view.mobile_svcevents",
"view.mobile_svcnotifications",
"view.mobile_svcproblems",
"view.mobile_svcproblems_unack",
"view.nagstamon_hosts",
"view.nagstamon_svc",
"view.notifications",
"view.pending_discovery",
"view.pendingsvc",
"view.perf_matrix",
"view.perf_matrix_search",
"view.problemsofhost",
"view.recentsvc",
"view.searchhost",
"view.searchpnp",
"view.searchsvc",
"view.service",
"view.service_check_durations",
"view.servicedesc",
"view.servicedescpnp",
"view.servicegroup",
"view.sitehosts",
"view.sitesvcs",
"view.sitesvcs_crit",
"view.sitesvcs_ok",
"view.sitesvcs_pend",
"view.sitesvcs_unknwn",
"view.sitesvcs_warn",
"view.stale_hosts",
"view.svc_dt_hist",
"view.svcevents",
"view.svcgroups",
"view.svcnotifications",
"view.svcproblems",
"view.svcproblems_dash",
"view.topology_hover_host",
"view.topology_filters",
"view.uncheckedsvc",
"view.unmonitored_services",
"wato.activate",
"wato.activateforeign",
"wato.add_or_modify_executables",
"wato.all_folders",
"wato.analyze_config",
"wato.api_allowed",
"wato.auditlog",
"wato.automation",
"wato.backups",
"wato.bi_admin",
"wato.bi_rules",
"wato.check_plugins",
"wato.clear_auditlog",
"wato.clone_hosts",
"wato.custom_attributes",
"wato.diag_host",
"wato.diagnostics",
"wato.download_agent_output",
"wato.download_agents",
"wato.edit",
"wato.edit_all_passwords",
"wato.edit_all_predefined_conditions",
"wato.edit_folders",
"wato.edit_hosts",
"wato.global",
"wato.groups",
"wato.hosts",
"wato.hosttags",
"wato.icons",
"wato.manage_folders",
"wato.manage_hosts",
"wato.move_hosts",
"wato.notifications",
"wato.parentscan",
"wato.passwords",
"wato.pattern_editor",
"wato.random_hosts",
"wato.rename_hosts",
"wato.rulesets",
"wato.see_all_folders",
"wato.seeall",
"wato.service_discovery_to_ignored",
"wato.service_discovery_to_monitored",
"wato.service_discovery_to_removed",
"wato.service_discovery_to_undecided",
"wato.services",
"wato.set_read_only",
"wato.sites",
"wato.snapshots",
"wato.timeperiods",
"wato.update_dns_cache",
"wato.use",
"wato.users",
"wato.show_last_user_activity",
"view.cmk_servers",
"view.cmk_sites",
"view.cmk_sites_of_host",
"view.host_graphs",
"view.service_graphs",
]
if not cmk_version.is_raw_edition():
expected_permissions += [
"agent_registration.edit",
"dashboard.linux_hosts_overview",
"dashboard.linux_single_overview",
"dashboard.windows_hosts_overview",
"dashboard.windows_single_overview",
"dashboard.problems",
"dashboard.site",
"dashboard.ntop_alerts",
"dashboard.ntop_flows",
"dashboard.ntop_top_talkers",
"general.edit_reports",
"icons_and_actions.agent_deployment",
"icons_and_actions.status_shadow",
"report.bi_availability",
"report.default",
"report.host",
"report.instant",
"report.instant_availability",
"report.instant_graph_collection",
"report.instant_view",
"report.service_availability",
"report.host_performance_graphs",
"sidesnap.cmc_stats",
"sidesnap.reports",
"view.allhosts_deploy",
"view.ntop_interfaces",
"wato.agent_deploy_custom_files",
"wato.agent_deployment",
"wato.agents",
"wato.alert_handlers",
"wato.bake_agents",
"wato.dcd_connections",
"wato.download_all_agents",
"wato.license_usage",
"wato.influxdb_connections",
"wato.submit_license_usage",
"wato.manage_mkps",
"wato.mkps",
"wato.sign_agents",
"general.delete_foreign_custom_graph",
"general.delete_foreign_forecast_graph",
"general.delete_foreign_graph_collection",
"general.delete_foreign_graph_tuning",
"general.delete_foreign_reports",
"general.delete_foreign_sla_configuration",
"general.delete_foreign_stored_report",
"general.delete_stored_report",
"general.edit_custom_graph",
"general.edit_forecast_graph",
"general.edit_foreign_forecast_graph",
"general.edit_foreign_custom_graph",
"general.edit_foreign_graph_collection",
"general.edit_foreign_graph_tuning",
"general.edit_foreign_reports",
"general.edit_foreign_sla_configuration",
"general.edit_graph_collection",
"general.edit_graph_tuning",
"general.edit_sla_configuration",
"general.force_custom_graph",
"general.publish_forecast_graph",
"general.force_graph_collection",
"general.force_graph_tuning",
"general.publish_graph_collection",
"general.publish_to_foreign_groups_graph_collection",
"general.publish_to_groups_graph_collection",
"general.publish_graph_tuning",
"general.publish_to_foreign_groups_graph_tuning",
"general.publish_to_groups_graph_tuning",
"general.publish_reports",
"general.publish_reports_to_foreign_groups",
"general.publish_reports_to_groups",
"general.publish_sla_configuration",
"general.publish_to_foreign_groups_sla_configuration",
"general.publish_to_groups_sla_configuration",
"general.publish_stored_report",
"general.publish_to_foreign_groups_forecast_graph",
"general.publish_to_groups_forecast_graph",
"general.see_user_custom_graph",
"general.see_user_forecast_graph",
"general.see_user_graph_collection",
"general.see_user_graph_tuning",
"general.see_user_reports",
"general.see_user_sla_configuration",
"general.see_user_stored_report",
"general.reporting",
"general.schedule_reports",
"general.schedule_reports_all",
"general.force_forecast_graph",
"general.force_reports",
"general.force_sla_configuration",
"general.instant_reports",
"general.publish_custom_graph",
"general.publish_to_foreign_groups_custom_graph",
"general.publish_to_groups_custom_graph",
"icons_and_actions.deployment_status",
"icons_and_actions.ntop_host",
]
if cmk_version.is_managed_edition():
expected_permissions += [
"wato.customer_management",
"view.customers",
"view.customer_hosts",
"view.customer_hosts_up",
"view.customer_hosts_down",
"view.customer_hosts_pend",
"view.customer_hosts_unreach",
"sidesnap.customers",
]
assert sorted(expected_permissions) == sorted(permission_registry.keys())
for perm in permission_registry.values():
assert isinstance(perm.description, (str, LazyString))
assert isinstance(perm.title, (str, LazyString))
assert isinstance(perm.defaults, list)