def validate(self):
if not FlaskForm.validate(self):
return False
# Cannot allow this Organization name, because it would cause issues on backend
if self.organization_name.data == 'global':
self.organization_name.errors.append('Cannot allow this Organization name for secret reasons, shush.')
return False
# TODO: remove these uniqueness checks after introduction of unique constraint
# in ETCD storage class on backend
client = get_kqueen_client(token=session['user']['token'])
# Check if organization exists on backend
response = client.organization.list()
if response.status > 200:
self.organization_name.errors.append('Can not contact backend at this time.')
return False
organizations = response.data
organization_names = [org['name'] for org in organizations]
organization_namespaces = [o['namespace'] for o in organizations]
if self.organization_name.data in organization_names or slugify(self.organization_name.data) in organization_namespaces:
self.organization_name.errors.append('Organization {} already exists.'.format(self.organization_name.data))
return False
return True
def authenticate(username, password):
user = {}
client = get_kqueen_client(username=username, password=password)
token, error = client.base.login()
if token:
_user = client.user.whoami()
user = _user.data
user['token'] = token
return user, error
def login():
error = None
if request.method == 'POST':
user, _error = authenticate(request.form['username'],
request.form['password'])
if user:
session['user'] = user
client = get_kqueen_client(token=user['token'])
organization_id = user['organization']['id']
response = client.organization.policy(organization_id)
if response.status == -1:
flash(
'Backend is unavailable at this time, please try again later.',
'danger')
del session['user']
if 'policy' in session:
del session['policy']
return render_template('ui/login.html', error=error)
elif response.status > 200:
flash(
'Could not contact authentication backend, please try again later.',
'danger')
del session['user']
if 'policy' in session:
del session['policy']
return render_template('ui/login.html', error=error)
policy = response.data
if policy and isinstance(policy, dict):
session['policy'] = policy
else:
del session['user']
if 'policy' in session:
del session['policy']
return render_template('ui/login.html', error=error)
flash('You have been logged in', 'success')
next_url = request.form.get('next', '')
if next_url:
return redirect(next_url)
return redirect(url_for('ui.index'))
elif _error:
if _error['status'] == 401:
error = 'Invalid credentials.'
else:
error = 'Could not contact authentication backend, please try again later.'
return render_template('ui/login.html', error=error)
def test_token():
if session.get('user', None) and not app.testing:
client = get_kqueen_client(token=session['user']['token'])
organization_id = session['user']['organization']['id']
response = client.organization.policy(organization_id)
if response.status == 401:
flash('Session expired, please log in again.', 'warning')
del session['user']
if 'policy' in session:
del session['policy']
elif response.status == -1:
flash('Backend is unavailable at this time, please try again later.', 'danger')
del session['user']
if 'policy' in session:
del session['policy']
policy = response.data
if policy and isinstance(policy, dict):
session['policy'] = policy
def validate(self):
if not FlaskForm.validate(self):
return False
# TODO: remove these uniqueness checks after introduction of unique constraint
# in ETCD storage class on backend
client = get_kqueen_client(token=session['user']['token'])
# Check if e-mail and username exists on backend
response = client.user.list()
if response.status > 200:
self.email.errors.append('Can not contact backend at this time.')
return False
users = response.data
user_emails = [u['email'] for u in users if 'email' in u]
if self.email.data in user_emails:
self.email.errors.append('This e-mail is already registered.')
return False
return True
def sanitize_resource_metadata(session, clusters, provisioners):
from kqueen_ui import cache
safe_types = ['text', 'integer', 'select', 'parameters']
token = session.get('user', {}).get('token', None)
client = None
engines = cache.get('provisioner-engines')
deployed_clusters = 0
healthy_clusters = 0
healthy_provisioners = 0
if not engines:
error = False
if token:
client = get_kqueen_client(token=token)
else:
error = True
if client:
engines_res = client.provisioner.engines()
if engines_res.status > 200:
error = True
else:
engines = engines_res.data
cache.set('provisioner-engines', engines, timeout=5 * 60)
if error:
for cluster in clusters:
cluster['metadata'] = {}
for provisioner in provisioners:
provisioner['parameters'] = {}
engines = []
# sort clusters by date
if isinstance(clusters, list):
clusters.sort(key=lambda k: (k['created_at'], k['name']))
for cluster in clusters:
if 'state' in cluster:
if config.get('CLUSTER_PROVISIONING_STATE') != cluster['state']:
deployed_clusters = deployed_clusters + 1
if cluster['state'] in [
config.get('CLUSTER_UPDATING_STATE'),
config.get('CLUSTER_OK_STATE')
]:
healthy_clusters = healthy_clusters + 1
if 'created_at' in cluster:
cluster['created_at'] = format_datetime(cluster['created_at'])
cluster_engine = cluster.get('provisioner', {}).get('engine')
_engine_params = [
e['parameters'] for e in engines if e['name'] == cluster_engine
]
if not len(_engine_params) == 1:
del cluster['metadata']
continue
engine_params = _engine_params[0].get('cluster')
for param_name, param in engine_params.items():
if param['type'] not in safe_types:
try:
cluster['metadata'][param_name] = '*****************'
except KeyError:
pass
cluster['metadata'] = OrderedDict(
sorted(cluster['metadata'].items(), key=lambda t: t[0]))
# sort provisioners by date
if isinstance(provisioners, list):
provisioners.sort(key=lambda k: (k['created_at'], k['name']))
for provisioner in provisioners:
if 'state' in provisioner:
if config.get('PROVISIONER_ERROR_STATE') != provisioner['state']:
healthy_provisioners = healthy_provisioners + 1
if 'created_at' in provisioner:
provisioner['created_at'] = format_datetime(
provisioner['created_at'])
provisioner_engine = provisioner.get('engine')
_engine_params = [
e['parameters'] for e in engines if e['name'] == provisioner_engine
]
if not len(_engine_params) == 1:
del provisioner['parameters']
continue
engine_params = _engine_params[0].get('provisioner')
for param_name, param in engine_params.items():
if param['type'] not in safe_types:
try:
provisioner['parameters'][param_name] = '*****************'
except KeyError:
pass
provisioner['parameters'] = OrderedDict(
sorted(provisioner['parameters'].items(), key=lambda t: t[0]))
cluster_health = 0
if healthy_clusters and deployed_clusters:
cluster_health = int((healthy_clusters / deployed_clusters) * 100)
provisioner_health = 0
if healthy_provisioners and provisioners:
provisioner_health = int(
(healthy_provisioners / len(provisioners)) * 100)
overview = {
'cluster_count': len(clusters),
'cluster_max': len(clusters) if len(clusters) else 1,
'cluster_health': cluster_health,
'provisioner_count': len(provisioners),
'provisioner_max': len(provisioners) if len(provisioners) else 1,
'provisioner_health': provisioner_health,
}
return clusters, provisioners, overview
def _get_kqueen_client(self):
token = session.get('user', {}).get('token', None)
if token:
return get_kqueen_client(token=token)
return None
def metaparser(session, clusters=[], provisioners=[]):
token = session.get('user', {}).get('token', None)
client = None
engines = cache.get('provisioner-engines')
if not engines:
abort = False
if token:
client = get_kqueen_client(token=token)
else:
abort = True
if client:
engines_res = client.provisioner.engines()
if engines_res.status > 200:
abort = True
else:
engines = engines_res.data
cache.set('provisioner-engines', engines, timeout=5 * 60)
if abort:
for cluster in clusters:
cluster['metadata'] = {}
for provisioner in provisioners:
provisioner['parameters'] = {}
return clusters, provisioners
for cluster in clusters:
cluster_engine = cluster.get('provisioner', {}).get('engine')
_engine_params = [
e['parameters'] for e in engines if e['name'] == cluster_engine
]
if not len(_engine_params) == 1:
del cluster['metadata']
continue
engine_params = _engine_params[0].get('cluster')
for param_name, param in engine_params.items():
if param['type'] not in ['text', 'integer', 'select']:
try:
cluster['metadata'][param_name] = '*****************'
except KeyError:
pass
cluster['metadata'] = OrderedDict(
sorted(cluster['metadata'].items(), key=lambda t: t[0]))
for provisioner in provisioners:
provisioner_engine = provisioner.get('engine')
_engine_params = [
e['parameters'] for e in engines
if e['name'] == provisioner_engine
]
if not len(_engine_params) == 1:
del provisioner['parameters']
continue
engine_params = _engine_params[0].get('provisioner')
for param_name, param in engine_params.items():
if param['type'] not in ['text', 'integer', 'select']:
try:
provisioner['parameters'][
param_name] = '*****************'
except KeyError:
pass
provisioner['parameters'] = OrderedDict(
sorted(provisioner['parameters'].items(), key=lambda t: t[0]))
return clusters, provisioners
