def on_delete(self, req, resp, orgid): """ Remove an Organization specified by the orgid :param req: :param resp: :param appid: :return: """ mapper = self.meta.get('mapper') o = mapper.organization.Organization.get_by_uid(orgid, user_flag=True) if o is None: raise falcon.HTTPInvalidParam('Organization not found', orgid) if o.status != 'DISABLED': raise falcon.HTTPConflict(falcon.HTTP_409, 'Organization must be disabled before deletion is possible') if len(o.users) > 0 or len(o.admins) > 0: raise falcon.HTTPConflict( falcon.HTTP_409, 'Users must be deleted or updated before application deletion is possible' ) mapper.organization.Organization.delete_from_object(o) resp.body = {"deleted": True} return True
def on_delete(self, req, resp, groupid): """ Remove a Group specified by the groupid :param req: :param resp: :param groupid: :return: """ mapper = self.meta.get('mapper') o = mapper.group.Group.get_by_uid(groupid, user_flag=True) if o is None: raise falcon.HTTPInvalidParam('Group not found', groupid) if o.status != 'DISABLED': raise falcon.HTTPConflict(falcon.HTTP_409, 'Group must be disabled before deletion is possible') if len(o.users) > 0: raise falcon.HTTPConflict( falcon.HTTP_409, 'Users must be deleted or updated before group deletion is possible' ) mapper.group.Group.delete_from_object(o) resp.body = {"deleted": True} return True
def try_it(*args, **kwargs): try: return fun(*args, **kwargs) except falcon.HTTPError: raise except exceptions.DoesNotExistException: raise falcon.HTTPNotFound except exceptions.MultipleMetricsException as ex: raise falcon.HTTPConflict("MultipleMetrics", ex.message) except exceptions.AlreadyExistsException as ex: raise falcon.HTTPConflict(ex.__class__.__name__, ex.message) except exceptions.InvalidUpdateException as ex: raise HTTPUnprocessableEntityError(ex.__class__.__name__, ex.message) except exceptions.RepositoryException as ex: LOG.exception(ex) msg = " ".join(map(str, ex.message.args)) raise falcon.HTTPInternalServerError('The repository was unable ' 'to process your request', msg) except Exception as ex: LOG.exception(ex) raise falcon.HTTPInternalServerError('Service unavailable', ex.message)
def handle_exceptions(exception): if isinstance(exception, orm.ObjectNotFound): raise falcon.HTTPNotFound() elif isinstance(exception, orm.TransactionIntegrityError): raise falcon.HTTPConflict() elif isinstance(exception, orm.CacheIndexError): raise falcon.HTTPConflict() elif isinstance(exception, KeyError): raise falcon.HTTPBadRequest() else: raise exception
def createHostCert(session, token_id, host_id, pub): token = session.query(Token).get(token_id) if token is None: raise falcon.HTTPNotFound(description='No Token found with that ID') if token.host_id != host_id: raise falcon.HTTPConflict( description='The token is not valid for this instance ID') fingerprint = sshpubkeys.SSHKey(pub).hash_md5() if token.used: if token.fingerprint_used != fingerprint: raise falcon.HTTPConflict( description='Token already signed a different public key') # The token was already used for same host and pub key. Return record. host = session.query(HostCert).get([host_id, fingerprint]) if host is None: raise falcon.HTTPInternalServerError( description='Token already used, but Host record not found.') if host.token_id == token_id: return host raise falcon.HTTPConflict( description='The presented token was previously used') auth = getAuthority(session, token.auth_id) if auth is None: raise falcon.HTTPNotFound( description='No Authority found with that ID') certRecord = session.query(HostCert).get([host_id, fingerprint]) if certRecord is not None: raise falcon.HTTPConflict('This public key is already signed.') cert = generateCert(get_secret(auth.host_key), pub, user=False, days_valid=365, identity=token.hostname) if cert == '': raise falcon.HTTPInternalServerError( "Failed to generate the certificate") host = HostCert(host_id=host_id, fingerprint=fingerprint, auth_id=token.auth_id, token_id=token_id, pubkey=pub, cert=cert, hostname=token.hostname) session.add(host) # Update the token token.used = True token.date_used = datetime.utcnow() token.fingerprint_used = host.fingerprint session.add(token) session.commit() return host
def on_post(self, req, resp, conn): req._parse_form_urlencoded() # Merge POST-ed stuff to get_param certificates = req.get_param_as_list("certificates") or () username = req.get_param("name", required=True) gn = req.get_param("gn", required=True) sn = req.get_param("sn") common_name = " ".join([gn, sn]) dn = "cn=%s,cn=Users,%s" % (common_name, config.LDAP_BASEDN) upn = "%s@%s" % (username, config.REALM.lower()) pwd = req.get_param("password") # Make sure we're not getting hacked RESERVED_GROUPS = set(["root", "audio", "video", "wheel", "sudo", \ "admin", "daemon", "bin", "lp", "pulse", "lightdm", "dnsmasq", \ "nobody", "nogroup", "shadow", "kvm", "tape", "floppy", "cdrom", \ "nslcd", "proxy", "man", "news", "tty", "adm", "disk"]) if username in RESERVED_GROUPS: # TODO: Use better HTTP status code click.echo("Username %s is reserved" % subject_username) raise falcon.HTTPConflict("Error", "Username is reserved") ldif_user = modlist.addModlist({ "displayName": common_name.encode("utf-8"), "samaccountname": username.encode("utf-8"), "givenName": gn.encode("utf-8"), "sn": sn.encode("utf-8"), "c": req.get_param("c", default="").encode("utf-8"), #"birthdate": req.get_param("birthday", default="").encode("utf-8"), #"gender": req.get_param("gender", default="").encode("utf-8"), "otherMailbox": req.get_param("mail").encode("utf-8"), "mail": ("%s@%s" % (username, config.MAIL_DOMAIN)).encode("utf-8"), "unicodePwd": ("\"%s\"" % pwd).encode("utf-16-le") if pwd else b"", "userAccountControl": b"544", "userPrincipalName": upn.encode("utf-8"), "objectclass": [b"top", b"person", b"organizationalPerson", b"user"], "userCertificate": [b64decode(j) for j in certificates] if req.get_param_as_bool("import_certificates") else [], #"altSecurityIdentities": TODO }) try: conn.add_s(dn, ldif_user) except ldap.ALREADY_EXISTS: raise falcon.HTTPConflict( "Error", "User with such full name already exists")
def on_post(self, req, resp, dataset_info, **kwargs): """Create a new dataset on the service This method will create a new empty dataset, and returns a 201 CREATED with Location header filled with the URI of new dataset. :param HTTPUserDatasetDTO dataset_info: HTTP Client dataset information :query int dataset_type: The dataset type (optional) :returns: Location header with new path to dataset object """ dao = data_access.DatasetDAO() # Get dataset type dts_type = req.get_param_as_int("dataset_type") dataset_type = dao.get_dataset_types()[dts_type]["class"] id_dts, err = dao.insert_empty_dataset( dataset_type, name=dataset_info.name, description=dataset_info.description) if id_dts is None and err[0] == 409: raise falcon.HTTPConflict(title="The dataset name is already used", description=err[1]) elif id_dts is None and err[0] == 500: raise falcon.HTTPInternalServerError(description=err[1]) else: # Dataset created, evrything is done resp.status = falcon.HTTP_201 resp.body = json.dumps({"dataset": {"id": id_dts}}) resp.location = "/datasets/" + str(id_dts)
def on_post(self, req, resp): try: params = {} req.get_param_as_list('ids', transform=int, store=params) req.get_param_as_list('statuses', transform=Status.parse, store=params) req.get_param('tracker', store=params) if len(params) > 1: raise falcon.HTTPBadRequest("wrong params count", 'Only one of params are supported: ids, statuses or tracker, ' + 'but {0} was provided'.format(', '.join(params.keys()))) if 'ids' in params: ids = params['ids'] elif 'statuses' in params: ids = self.engine_runner.trackers_manager.get_status_topics_ids(params['statuses']) elif 'tracker' in params: topics = self.engine_runner.trackers_manager.get_tracker_topics(params['tracker']) ids = [topic.id for topic in topics] else: ids = None if ids is not None and len(ids) == 0: raise falcon.HTTPConflict("Can't get any ids", "This request doesn't produce any topics for execute") self.engine_runner.execute(ids) except Exception as e: log.error("An error has occurred", exception=str(e)) raise
def on_put(self, req, resp): # Consume token now = time() timestamp = req.get_param_as_int("t", required=True) username = req.get_param("u", required=True) user = User.objects.get(username) csum = hashlib.sha256() csum.update(config.TOKEN_SECRET) csum.update(username.encode("ascii")) csum.update(str(timestamp).encode("ascii")) margin = 300 # Tolerate 5 minute clock skew as Kerberos does if csum.hexdigest() != req.get_param("c", required=True): raise falcon.HTTPForbidden("Forbidden", "Invalid token supplied, did you copy-paste link correctly?") if now < timestamp - margin: raise falcon.HTTPForbidden("Forbidden", "Token not valid yet, are you sure server clock is correct?") if now > timestamp + margin + config.TOKEN_LIFETIME: raise falcon.HTTPForbidden("Forbidden", "Token expired") # At this point consider token to be legitimate body = req.stream.read(req.content_length) header, _, der_bytes = pem.unarmor(body) csr = CertificationRequest.load(der_bytes) common_name = csr["certification_request_info"]["subject"].native["common_name"] assert common_name == username or common_name.startswith(username + "@"), "Invalid common name %s" % common_name try: _, resp.body = self.authority._sign(csr, body, profile="default", overwrite=config.TOKEN_OVERWRITE_PERMITTED) resp.set_header("Content-Type", "application/x-pem-file") logger.info("Autosigned %s as proven by token ownership", common_name) except FileExistsError: logger.info("Won't autosign duplicate %s", common_name) raise falcon.HTTPConflict( "Certificate with such common name (CN) already exists", "Will not overwrite existing certificate signing request, explicitly delete existing one and try again")
def on_put(self, req, resp): json_input = self.validate_json_input(req) model_name = json_input["model_name"] service_name = json_input["service_name"] # Load model model = load_model(model_name) if model is False: raise falcon.HTTPNotFound( description="model {} is not an available model in the API". format(model_name)) # Check if the service exists success = self.services.create_service(json_input, model) if not success: raise falcon.HTTPConflict({ "code": 409, "name": "Bad request" }, "The service '{}' already exists".format(service_name)) resp.body = json.dumps( { "title": { "code": 201, "name": "Success" }, "description": "service '{}' sucessfully created".format(service_name) }, ensure_ascii=False) resp.status = falcon.HTTP_201
def test_http_conflict_with_title_and_desc_and_challenges(self): try: raise falcon.HTTPConflict(title='Test', description='Testdescription') except falcon.HTTPConflict as e: self.assertEqual('Test', e.title, 'Title should be "Test"') self.assertEqual('Testdescription', e.description, 'Description should be "Testdescription"')
def on_delete(self, req, resp, userid, apikeyid): """ DELETE an ApiKey from a User and delete it - delete :param req: :param resp: :param userid: :return: """ mapper = self.meta.get('mapper') u = mapper.user.User.get_by_uid(userid) o = mapper.apikey.ApiKey.get_by_key(apikeyid) if not u: raise Exception('User %s not found' % userid) if not o: raise Exception('ApiKey %s not found' % apikeyid) if o.user.uid != u.uid: raise Exception("ApiKey %s not found" % apikeyid) if o.status != 'DISABLED': raise falcon.HTTPConflict( falcon.HTTP_409, 'ApiKey must be disabled before deletion is possible') mapper.apikey.ApiKey.delete_from_object(o) resp.body = {"deleted": True} return True
def conflict(response, body='409 Conflict'): response.status = falcon.HTTP_409 response.content_type = CONTENT_TYPE_JSON if isinstance(body, bytes): body = body.decode() if body is not None: response.body = falcon.HTTPConflict(description=body).to_json()
def on_post(self, req, resp, dataset_id, dataset_dto, entities): """Get the embedding given an entity or a list of entities (URI) {"entities": ["Q1492", "Q2807", "Q1"]} :param integer dataset_id: Unique ID of dataset :param integer dataset_dto: Dataset DTO (from hook) :param list entities: List of entities to get embeddings (from hook) :returns: A list of list with entities and its embeddings :rtype: list """ istrained = dataset_dto.is_trained() if istrained is None or not istrained: raise falcon.HTTPConflict( title="Dataset has not a valid state", description="Dataset {} has a {} state".format( dataset_id, dataset_dto.status)) try: result = async_tasks.find_embeddings_on_model(dataset_id, entities) except OSError as err: filerr = err.filename raise falcon.HTTPNotFound( title="The file on database couldn't be located", description=("A file ({}) has been found on database, but it " "does not exist on filesystem").format(filerr)) textbody = {"embeddings": result} resp.body = json.dumps(textbody) resp.status = falcon.HTTP_200
def process_response(self, req, resp, resource, req_succeeded): if not resource: return session = req.context['session'] if not req_succeeded: session.abort() return try: # commit any changes to backing data stores session.close() except Exception as e: if isinstance(e, DuplicateEntityException): entity_cls = e.entity_cls with self._session() as session: query = entity_cls.exists_query(**req.media) entity = session.find_one(query) uri = self.link_converter.convert_to_link(entity) resp.set_header('Location', uri) raise falcon.HTTPConflict() else: logging.error(e) raise
def on_patch(self, req, resp, target_name, command_name): new_name = req.get_param("new_name", required=True) if not get_command(target_name, new_name).update_name(new_name): raise falcon.HTTPConflict(description="Command '" + new_name + "' already exists for Target'" + target_name + "'")
def on_put(self, req: Request, res: Response, item_id): with self.make_session() as session: try: self.put_item(item_id, req.context["doc"], session) put_json_to_context(res, {"created": item_id}) except IntegrityError as e: raise falcon.HTTPConflict("Conflict", str(e))
def on_post(self, req, res): vendor_name = req.context['data']['vendor_name'] vendor_item_id = req.context['data']['vendor_item_id'] quantity = req.context['data']['quantity'] results = VENDOR_ITEMS.query_2(vendor_name__eq=vendor_name, vendor_item_id__eq=vendor_item_id) results = [dict(r.items()) for r in results] if not results: title = 'Conflict' description = "No item exists for vendor_name: '{0}' and vendor_item_id: '{1}'".format( vendor_name, vendor_item_id) raise falcon.HTTPConflict(title, description) vendor_item = results.pop() item_doc = { 'user_id': req.context['auth_user']['id'], 'name': vendor_item['item_name'], 'url': vendor_item['item_url'], 'image_url': vendor_item['item_image_url'], 'quantity': quantity, 'vendor_name': vendor_item['vendor_name'], 'vendor_item_id': vendor_item['vendor_item_id'] } req.context['result'] = self.add_item(item_doc) res.status = falcon.HTTP_OK
def test_http_conflict_no_title_and_desc_and_challenges(self): try: raise falcon.HTTPConflict() except falcon.HTTPConflict as e: self.assertEqual(status.HTTP_409, e.title, 'The title should be ' + status.HTTP_409 + ', but it is: ' + e.title) self.assertEqual(None, e.description, 'The description should be None')
def on_delete(self, req: Request, res: Response, item_id): with self.make_session() as session: try: ok = self.delete_item(item_id, session) if not ok: raise falcon.HTTPNotFound() except IntegrityError as e: raise falcon.HTTPConflict("Conflict", str(e))
def createHost(session, id, name, pat_bastions, srv_url): host = Host(id=id, name=name, pat_bastions=pat_bastions, srv_url=srv_url) session.add(host) try: session.commit() except IntegrityError: raise falcon.HTTPConflict( "Failed to create SSH host record for {}.".format(name)) return host
def __execute(self, queryset): try: return self._connection.execute(queryset) except sqlalchemy.exc.IntegrityError as error: error_message = str(error._message()) error_message = error_message.split('1062')[1][3:][:-3] raise falcon.HTTPConflict(title="Duplicate Entry", description=error_message)
def _create_revision_documents(self, bucket_name, documents, validations): try: created_documents = db_api.documents_create( bucket_name, documents, validations=validations) except (deckhand_errors.DocumentExists, deckhand_errors.SingletonDocumentConflict) as e: raise falcon.HTTPConflict(description=e.format_message()) except Exception as e: raise falcon.HTTPInternalServerError(description=six.text_type(e)) return created_documents
def __create__(self, **kwargs): """Internal method takes optional parameters and creates a new Resource in Fedora, stores resulting triples in Fuseki and indexes the Resource into Elastic Search keyword args: binary -- Binary object for the Fedora Object, metadata will be stored as metadata to Binary. doc_type -- Elastic search document type, defaults to None id -- Existing identifier defaults to None index -- Elastic search index, defaults to None mimetype -- Mimetype for binary stream, defaults to application/octet-stream rdf -- RDF graph of new object, defaults to None rdf_type -- RDF Type, defaults to text/turtle """ if self.uuid: description = """Cannot call Resource.__create__, Fedora object {} already exists""".format(self.uuid) raise falcon.HTTPConflict("Fedora object already exists", description) binary = kwargs.get('binary', None) doc_type = kwargs.get('doc_type', None) ident = kwargs.get('id', None) index = kwargs.get('index', None) mimetype = kwargs.get('mimetype', 'application/octet-stream') rdf = kwargs.get('rdf', None) rdf_type = kwargs.get('rdf_type', 'text/turtle') resource_url = None if ident: fedora_post_url = "/".join([self.rest_url, ident]) else: fedora_post_url = self.rest_url # First check and add binary datastream if binary: resource_url = self.__new_binary__(fedora_post_url, binary, mimetype, rdf) # Next handle any attached RDF if rdf and not binary: resource_url = self.__new_by_rdf__(fedora_post_url, rdf, rdf_type) # Finally, create a stub Fedora object if not resource_uri if not resource_url: stub_result = requests.post(fedora_post_url) resource_url = stub_result.text self.subject = rdflib.URIRef(resource_url) self.graph = default_graph() self.graph = self.graph.parse(resource_url) self.uuid = str( self.graph.value(subject=self.subject, predicate=FEDORA.uuid)) if index: self.searcher.__index__(self.subject, self.graph, doc_type, index) self.searcher.triplestore.__load__(self.graph) return resource_url
def on_post(self, req, res): user_doc = { 'email': req.context['data']['email'], 'password': hash_password(req.context['data']['password']) } try: new_user = self.add_user(user_doc) except IntegrityError: title = 'Conflict' description = 'Email in use' raise falcon.HTTPConflict(title, description) req.context['result'] = {'token': generate_token(new_user)} res.status = falcon.HTTP_CREATED
def on_post(self, request, response): query = dict() try: raw_json = request.stream.read() except Exception as e: raise falcon.HTTPError(falcon.HTTP_400, 'Error', e.message) try: data = json.loads(raw_json, encoding='utf-8') except ValueError: raise falcon.HTTPError(falcon.HTTP_400, 'Malformed JSON') if "id" not in data: raise falcon.HTTPConflict('Task creation', "ID is not specified.") if "type" not in data: raise falcon.HTTPConflict('Task creation', "Type is not specified.") transaction = self.client.push_task({"task": "vertex", "data": data}) response.body = json.dumps({"transaction": transaction}) response.status = falcon.HTTP_202
def on_get(self, req, resp, sanitized_params, revision_id): include_encrypted = policy.conditional_authorize( 'deckhand:list_encrypted_documents', req.context, do_raise=False) filters = {'metadata.storagePolicy': ['cleartext'], 'deleted': False} if include_encrypted: filters['metadata.storagePolicy'].append('encrypted') documents = self._retrieve_documents_for_rendering( revision_id, **filters) substitution_sources = self._retrieve_substitution_sources() try: # NOTE(fmontei): `validate` is False because documents have already # been pre-validated during ingestion. Documents are post-validated # below, regardless. document_layering = layering.DocumentLayering(documents, substitution_sources, validate=False) rendered_documents = document_layering.render() except (errors.InvalidDocumentLayer, errors.InvalidDocumentParent, errors.IndeterminateDocumentParent, errors.MissingDocumentKey, errors.UnsupportedActionMethod) as e: raise falcon.HTTPBadRequest(description=e.format_message()) except (errors.LayeringPolicyNotFound, errors.SubstitutionSourceNotFound) as e: raise falcon.HTTPConflict(description=e.format_message()) except errors.errors.UnknownSubstitutionError as e: raise falcon.HTTPInternalServerError( description=e.format_message()) # Filters to be applied post-rendering, because many documents are # involved in rendering. User filters can only be applied once all # documents have been rendered. Note that `layering` module only # returns concrete documents, so no filtering for that is needed here. order_by = sanitized_params.pop('order', None) sort_by = sanitized_params.pop('sort', None) user_filters = sanitized_params.copy() rendered_documents = [ d for d in rendered_documents if utils.deepfilter(d, **user_filters) ] if sort_by: rendered_documents = utils.multisort(rendered_documents, sort_by, order_by) resp.status = falcon.HTTP_200 resp.body = self.view_builder.list(rendered_documents) self._post_validate(rendered_documents)
def delete(self, req, resp, obj): """ Delete an existing record. :param req: Falcon request :type req: falcon.request.Request :param resp: Falcon response :type resp: falcon.response.Response :param obj: the object to delete """ deleted = obj.delete() if deleted == 0: raise falcon.HTTPConflict( 'Conflict', 'Resource found but conditions violated')
def UpdateUser(**request_handler_args): req = request_handler_args['req'] authUser(req, request_handler_args['resp'], ['createUser']) doc = req.context['doc'] try: user = User.objects.get( {"_id": ObjectId(request_handler_args['uri_fields']['id'])}) except InvalidId as e: raise falcon.HTTPBadRequest('Bad Request', str(e)) except User.DoesNotExist: raise falcon.HTTPNotFound() else: try: user.username = doc['username'] user.permissions = doc['permissions'] except KeyError as e: raise falcon.HTTPMissingParam(str(e)) try: user.password = doc['password'] except KeyError: user.auth_b64 = User.GetAuthBase64(doc['username'], user.password) pass else: user.auth_b64 = User.GetAuthBase64(doc['username'], doc['password']) try: user.save() except User.ValidationError as e: raise falcon.HTTPBadRequest("Validation Error", e.message) except User.DuplicateKeyError as e: existing_user = User.objects.get({"username": user.username}) raise falcon.HTTPConflict( "Conflict", { "message": "User with username '%s' already exists." % user.username, "user": existing_user.to_dict() }) else: user.uri = req.uri request_handler_args['resp'].location = user.uri request_handler_args['req'].context['result'] = user.to_dict() req.context['logger'].info({ 'action': 'updateUser', 'message': "'%s' user with id of %s was updated successfully." % (user.username, user._id) })
def dataset_untrained_status(req, resp, resource, params): """Raises an error if dataset is not on an untrained state Must be executed after check_dataset_exsistence. This will not inform about dataset existence, instead will return an undefined error. If query param ignore_status is true, it will not raise any error """ status, dataset_dto = _get_dataset_status(params['dataset_id']) ignore_status = req.get_param_as_bool("ignore_status") # Dataset is trained if 0b0010 bit is on if status & 0b0010 != 0 and not ignore_status: raise falcon.HTTPConflict( title="The dataset is not in a correct state", description=( "The dataset {id} has an status {status}, which " "is not valid to insert triples. Required is 0 ").format( **dataset_dto.to_dict()))