def systems_cmdb_json():
"""Used by DataTables to extract information from the ServiceNow CMDB CI
cache. The parameters and return format are as dictated by DataTables"""
# Check user permissions
# either they have systems.all.view (view all systems)
# OR they have at least one instance of the per-system permission 'edit.cmdb'
# (cos if they have that they need to be able to list the CMDB entries)
# or if they have systems.all.edit.cmdb
if not does_user_have_permission("systems.all.view") and not does_user_have_permission("systems.all.edit.cmdb"):
if not does_user_have_any_system_permission("edit.cmdb"):
abort(403)
# Extract information from DataTables
(draw, start, length, order_column, order_asc, search) = _systems_extract_datatables()
# Validate and convert the ordering column number to the name of the
# column as it is in the database
if order_column == 0:
order_column = 'u_number'
elif order_column == 1:
order_column = 'short_description'
else:
app.logger.warn('Invalid ordering column parameter in DataTables request')
abort(400)
# Get results of query
total_count = cortex.lib.cmdb.get_ci_count()
filtered_count = cortex.lib.cmdb.get_ci_count(search)
results = cortex.lib.cmdb.get_cis(start, length, search, order_column, order_asc)
system_data = []
for row in results:
system_data.append([row['u_number'], row['name'], row['sys_id']])
# Return JSON data in the format DataTables wants
return jsonify(draw=draw, recordsTotal=total_count, recordsFiltered=filtered_count, data=system_data)
def systems_cmdb_json():
"""Used by DataTables to extract information from the ServiceNow CMDB CI
cache. The parameters and return format are as dictated by DataTables"""
# Check user permissions
# either they have systems.all.view (view all systems)
# OR they have at least one instance of the per-system permission 'edit.cmdb'
# (cos if they have that they need to be able to list the CMDB entries)
# or if they have systems.all.edit.cmdb
if not does_user_have_permission("systems.all.view") and not does_user_have_permission("systems.all.edit.cmdb"):
if not does_user_have_any_system_permission("edit.cmdb"):
abort(403)
# Extract information from DataTables
(draw, start, length, order_column, order_asc, search) = _systems_extract_datatables()
# Validate and convert the ordering column number to the name of the
# column as it is in the database
if order_column == 0:
order_column = 'u_number'
elif order_column == 1:
order_column = 'short_description'
else:
app.logger.warn('Invalid ordering column parameter in DataTables request')
abort(400)
# Get results of query
total_count = cortex.lib.cmdb.get_ci_count()
filtered_count = cortex.lib.cmdb.get_ci_count(search)
results = cortex.lib.cmdb.get_cis(start, length, search, order_column, order_asc)
system_data = []
for row in results:
system_data.append([row['u_number'], row['name'], row['sys_id']])
# Return JSON data in the format DataTables wants
return jsonify(draw=draw, recordsTotal=total_count, recordsFiltered=filtered_count, data=system_data)
def snapshot_create():
# Get systems depending on permissions.
if does_user_have_workflow_permission('systems.all.snapshot'):
# User can snapshot all systems.
systems = get_systems(order='id', order_asc=False, virtual_only=True)
elif does_user_have_any_system_permission('snapshot'):
# Select all VMs where the user has permission to snapshot
query_where = (
"""WHERE (`cmdb_id` IS NOT NULL AND `cmdb_operational_status` = "In Service") AND `vmware_uuid` IS NOT NULL AND (`id` IN (SELECT `system_id` FROM `p_system_perms_view` WHERE (`type` = '0' AND `perm` = 'snapshot' AND `who` = %s) OR (`type` = '1' AND `perm` = 'snapshot' AND `who` IN (SELECT `group` FROM `ldap_group_cache` WHERE `username` = %s)))) ORDER BY `id` DESC""",
(session["username"], session["username"]),
)
systems = get_systems(where_clause=query_where)
else:
abort(403)
# Create the values dict.
values = {}
if request.method == 'POST':
values['snapshot_name'] = request.form.get(
'snapshot_name', 'Snapshot - {}'.format(session['username']))[:80]
values['snapshot_task'] = request.form.get('snapshot_task', '')
values['snapshot_expiry'] = request.form.get('snapshot_expiry', None)
values['snapshot_comments'] = request.form.get('snapshot_comments', '')
values['snapshot_username'] = session['username']
values['snapshot_memory'] = 'snapshot_memory' in request.form
values['snapshot_cold'] = 'snapshot_cold' in request.form
values['systems'] = list(set(request.form.getlist('systems[]')))
values['snapshot_systems'] = []
# Before starting the task check the permissions.
error = False
if not does_user_have_workflow_permission('systems.all.snapshot'):
for system in values['systems']:
try:
vm = next(i for i in systems if i['name'] == system)
except StopIteration:
flash(
'You do not have permission to snapshot one or more select VMs. Please try again.',
'alert-danger')
error = True
else:
values['snapshot_systems'].append(vm)
if not does_user_have_system_permission(
vm['id'], 'snapshot'):
flash(
'You do not have permission to snapshot {}, please remove this from the list of systems and try again.'
.format(vm['name']), 'alert-danger')
error = True
if error:
return workflow.render_template('create.html',
title='Create VMware Snapshot',
systems=systems,
values=values)
# Task Options
options = {}
options['wfconfig'] = workflow.config
options['values'] = values
# Everything should be good - start a task.
neocortex = cortex.lib.core.neocortex_connect()
task_id = neocortex.create_task(__name__,
session['username'],
options,
description='Create a VMware Snapshot')
# Redirect to the status page for the task
return redirect(url_for('task_status', task_id=task_id))
if 'systems' in request.args:
values['snapshot_systems'] = []
for system in request.args['systems'].strip(',').split(','):
try:
vm = next(i for i in systems if i['id'] == int(system))
except StopIteration:
pass # System not in Systems List (Likely not a VM then).
except ValueError:
pass # System was not an int.
else:
values['snapshot_systems'].append(vm)
return workflow.render_template('create.html',
title='Create VMware Snapshot',
systems=systems,
values=values)
def snapshot_create_permission_callback():
return does_user_have_workflow_permission(
'systems.all.snapshot') or does_user_have_any_system_permission(
'snapshot')
def systems_vmware_json():
"""Used by DataTables to extract infromation from the VMware cache. The
parameters and return format are dictated by DataTables"""
# Check user permissions
# either they have systems.all.view (view all systems)
# OR they have at least one instance of the per-system permission 'edit.vmware'
# (cos if they have that they need to be able to list the VMWare UUIDs)
# or if they have systems.all.edit.vmware
if not does_user_have_permission("systems.all.view") and not does_user_have_permission("systems.all.edit.vmware"):
if not does_user_have_any_system_permission("edit.vmware"):
abort(403)
# Extract information from DataTables
(draw, start, length, order_column, order_asc, search) = _systems_extract_datatables()
# Validate and extract ordering direction. 'asc' for ascending, 'desc' for
# descending.
if order_asc:
order_dir = "ASC"
else:
order_dir = "DESC"
# Validate and convert the ordering column number to the name of the
# column as it is in the database
if order_column == 0:
order_column = 'name'
elif order_column == 1:
order_column = 'uuid'
else:
app.logger.warn('Invalid ordering column parameter in DataTables request')
abort(400)
# Query the database
curd = g.db.cursor(mysql.cursors.DictCursor)
# Get total number of VMs in cache
curd.execute('SELECT COUNT(*) AS `count` FROM `vmware_cache_vm`;')
total_count = curd.fetchone()['count']
# Get total number of VMs that match query
if search is not None:
curd.execute('SELECT COUNT(*) AS `count` FROM `vmware_cache_vm` WHERE `name` LIKE %s', ("%" + search + "%",))
filtered_count = curd.fetchone()['count']
else:
# If unfiltered, return the total count
filtered_count = total_count
# Build query
query = 'SELECT `name`, `uuid` FROM `vmware_cache_vm` '
query_params = ()
if search is not None:
query = query + 'WHERE `name` LIKE %s '
query_params = ("%" + search + "%",)
# Add on ordering
query = query + "ORDER BY " + order_column + " " + order_dir + " "
# Add on query limits
query = query + "LIMIT " + str(start)
if length is not None:
query = query + "," + str(length)
else:
query = query + ",18446744073709551610"
# Perform the query
curd.execute(query, query_params)
# Turn the results in to an appropriately shaped arrau
row = curd.fetchone()
system_data = []
while row is not None:
system_data.append([row['name'], row['uuid']])
row = curd.fetchone()
# Return JSON data in the format DataTables wants
return jsonify(draw=draw, recordsTotal=total_count, recordsFiltered=filtered_count, data=system_data)
def adddisk_add():
selected_system = None
systems = None
if request.method == "GET" and "system" in request.args and request.args["system"].strip():
try:
selected_system = get_system_by_id(int(request.args["system"].strip()))
except ValueError:
pass # System was not an int.
else:
# Ensure the system is actually a VM
selected_system = selected_system if selected_system["vmware_uuid"] else None
# Check permissions on this system
if not does_user_have_system_permission(selected_system["id"], "adddisk") and not does_user_have_workflow_permission("systems.all.adddisk"):
abort(403)
# If a system was not selected, get all systems
if not selected_system:
# Get systems depending on permissions.
if does_user_have_workflow_permission("systems.all.adddisk"):
# User can add disks to all systems.
systems = get_systems(order='id', order_asc=False, virtual_only=True)
elif does_user_have_any_system_permission("adddisk"):
# Select all VMs where the user has permission to add disks
query_where = (
"""WHERE (`cmdb_id` IS NOT NULL AND `cmdb_operational_status` = "In Service") AND `vmware_uuid` IS NOT NULL AND (`id` IN (SELECT `system_id` FROM `system_perms_view` WHERE (`type` = '0' AND `perm` = 'adddisk' AND `who` = %s) OR (`type` = '1' AND `perm` = 'adddisk' AND `who` IN (SELECT `group` FROM `ldap_group_cache` WHERE `username` = %s)))) ORDER BY `id` DESC""",
(session["username"], session["username"]),
)
systems = get_systems(where_clause=query_where)
else:
abort(403)
if request.method == "POST":
# Get the values
values = {k: request.form.get(k) if k in request.form else abort(400) for k in ["adddisk_task", "adddisk_size", "adddisk_system_id"]}
values["adddisk_task"] = values["adddisk_task"] if values["adddisk_task"] else "unknown"
try:
values["adddisk_size"] = int(values["adddisk_size"])
except ValueError:
abort(400)
if not MIN_DISK_SIZE <= values["adddisk_size"] <= MAX_DISK_SIZE:
flash("Invalid disk size! Please choose a size between {} and {} GiB".format(MIN_DISK_SIZE, MAX_DISK_SIZE))
else:
# Check permissions before starting task
if not does_user_have_system_permission(values["adddisk_system_id"], "adddisk") and not does_user_have_workflow_permission("systems.all.adddisk"):
abort(403)
# Task Options
options = {}
options["wfconfig"] = workflow.config
options["values"] = values
# Everything should be good - start a task.
neocortex = cortex.lib.core.neocortex_connect()
task_id = neocortex.create_task(__name__, session["username"], options, description="Add VMware disk")
# Log the Task ID
cortex.lib.core.log(__name__, "workflow.adddisk.add", "Add disk task {} started by {} with ServiceNow task {}".format(task_id, session["username"], values["adddisk_task"]))
# Redirect to the status page for the task
return redirect(url_for("task_status", task_id=task_id))
return workflow.render_template("add.html", title="Add VMware Disk", selected_system=selected_system, systems=systems)
def adddisk_create_permission_callback():
return does_user_have_workflow_permission("systems.all.adddisk") or does_user_have_any_system_permission("adddisk")
def systems_vmware_json():
"""Used by DataTables to extract infromation from the VMware cache. The
parameters and return format are dictated by DataTables"""
# Check user permissions
# either they have systems.all.view (view all systems)
# OR they have at least one instance of the per-system permission 'edit.vmware'
# (cos if they have that they need to be able to list the VMWare UUIDs)
# or if they have systems.all.edit.vmware
if not does_user_have_permission("systems.all.view") and not does_user_have_permission("systems.all.edit.vmware"):
if not does_user_have_any_system_permission("edit.vmware"):
abort(403)
# Extract information from DataTables
(draw, start, length, order_column, order_asc, search) = _systems_extract_datatables()
# Validate and extract ordering direction. 'asc' for ascending, 'desc' for
# descending.
if order_asc:
order_dir = "ASC"
else:
order_dir = "DESC"
# Validate and convert the ordering column number to the name of the
# column as it is in the database
if order_column == 0:
order_column = 'name'
elif order_column == 1:
order_column = 'uuid'
else:
app.logger.warn('Invalid ordering column parameter in DataTables request')
abort(400)
# Query the database
curd = g.db.cursor(mysql.cursors.DictCursor)
# Get total number of VMs in cache
curd.execute('SELECT COUNT(*) AS `count` FROM `vmware_cache_vm`;')
total_count = curd.fetchone()['count']
# Get total number of VMs that match query
if search is not None:
curd.execute('SELECT COUNT(*) AS `count` FROM `vmware_cache_vm` WHERE `name` LIKE %s', ("%" + search + "%"))
filtered_count = curd.fetchone()['count']
else:
# If unfiltered, return the total count
filtered_count = total_count
# Build query
query = 'SELECT `name`, `uuid` FROM `vmware_cache_vm` '
query_params = ()
if search is not None:
query = query + 'WHERE `name` LIKE %s '
query_params = ("%" + search + "%")
# Add on ordering
query = query + "ORDER BY " + order_column + " " + order_dir + " "
# Add on query limits
query = query + "LIMIT " + str(start)
if length is not None:
query = query + "," + str(length)
else:
query = query + ",18446744073709551610"
# Perform the query
curd.execute(query, query_params)
# Turn the results in to an appropriately shaped arrau
row = curd.fetchone()
system_data = []
while row is not None:
system_data.append([row['name'], row['uuid']])
row = curd.fetchone()
# Return JSON data in the format DataTables wants
return jsonify(draw=draw, recordsTotal=total_count, recordsFiltered=filtered_count, data=system_data)
def snapshot_create():
# Don't go any further if workflows are currently locked
raise_if_workflows_locked()
# Get systems depending on permissions.
if does_user_have_workflow_permission('systems.all.snapshot'):
# User can snapshot all systems.
systems = get_systems(order='id', order_asc=False, virtual_only=True)
elif does_user_have_any_system_permission('snapshot'):
# User can only snapshot certain systems.
systems = get_systems(order='id',
order_asc=False,
virtual_only=True,
show_allocated_and_perms=True,
only_allocated_by=session['username'])
else:
abort(403)
# Create the values dict.
values = {}
if request.method == 'GET':
if 'systems' in request.args:
values['snapshot_systems'] = []
for system in request.args['systems'].strip(',').split(','):
try:
vm = next(i for i in systems if i['id'] == int(system))
except StopIteration:
pass # System not in Systems List (Likely not a VM then).
except ValueError:
pass # System was not an int.
else:
values['snapshot_systems'].append(vm)
return workflow.render_template('create.html',
systems=systems,
values=values)
elif request.method == 'POST':
values['snapshot_name'] = request.form.get('snapshot_name', '')
values['snapshot_task'] = request.form.get('snapshot_task', '')
values['snapshot_expiry'] = request.form.get('snapshot_expiry', None)
values['snapshot_comments'] = request.form.get('snapshot_comments', '')
values['snapshot_username'] = session['username']
values['snapshot_memory'] = 'snapshot_memory' in request.form
values['snapshot_cold'] = 'snapshot_cold' in request.form
values['systems'] = list(set(request.form.getlist('systems[]')))
values['snapshot_systems'] = []
# Before starting the task check the permissions.
error = False
if not does_user_have_workflow_permission('systems.all.snapshot'):
for system in values['systems']:
try:
vm = next(i for i in systems if i['name'] == system)
except StopIteration:
flash(
'You do not have permission to snapshot one or more select VMs. Please try again.',
'alert-danger')
error = True
else:
values['snapshot_systems'].append(vm)
if not does_user_have_system_permission(
vm['id'], 'snapshot'):
flash(
'You do not have permission to snapshot {}, please remove this from the list of systems and try again.'
.format(vm['name']), 'alert-danger')
error = True
if error:
return workflow.render_template('create.html',
systems=systems,
values=values)
# Task Options
options = {}
options['wfconfig'] = workflow.config
options['values'] = values
# Everything should be good - start a task.
neocortex = cortex.lib.core.neocortex_connect()
task_id = neocortex.create_task(__name__,
session['username'],
options,
description='Create a VMware Snapshot')
# Redirect to the status page for the task
return redirect(url_for('task_status', id=task_id))
