def create_account(accounts):
# TODO: Can we generate this from swagger?
if 'username' not in accounts:
return 'Username is required', 400
if 'password' not in accounts:
return 'Password is required', 400
if 'email' not in accounts:
return 'Email is required', 400
if 'name' not in accounts:
return 'Name is required', 400
username = accounts['username']
password = accounts['password']
# Hash / salt account password
hashed_password = bcrypt.hashpw(password.encode('ascii'), bcrypt.gensalt())
accounts['password'] = hashed_password
# Ensure that user doesn't already exist
existing_user = data_store.retrieve_user_by_namespace(username)
if existing_user is not None:
return 'User account already exists: %s' % existing_user['username'], 400
# User has been created, now create k8s resources
# kube.init_user(username)
# Create user account in data store
result = data_store.create_user(accounts)
accounts['id'] = result.inserted_id
return mongo.parse_json(accounts), 201
def update_vocabulary(vocab_name, vocabulary):
mongo_client = get_mongo_client()
with mongo_client:
db = mongo_client['workbench']
selector = {'name': ObjectId(vocab_name)}
db[VOCABULARIES_COLLECTION_NAME].replace_one(selector, vocabulary)
return parse_json(vocabulary), 200
return {'error': 'Failed to connect to MongoDB'}, 500
def get_vocabulary_by_name(vocab_name):
mongo_client = get_mongo_client()
with mongo_client:
db = mongo_client['workbench']
selector = {'name': ObjectId(vocab_name)}
target_service = db[VOCABULARIES_COLLECTION_NAME].find_one(selector)
return parse_json(target_service), 200
return {'error': 'Failed to connect to MongoDB'}, 500
def create_vocabulary(vocabulary):
mongo_client = get_mongo_client()
with mongo_client:
db = mongo_client['workbench']
record = db[VOCABULARIES_COLLECTION_NAME].insert_one(vocabulary)
vocabulary['_id'] = str(record.inserted_id)
return parse_json(vocabulary), 201
return {'error': 'Failed to connect to MongoDB'}, 500
def update_account(account_id, account):
mongo_client = get_mongo_client()
with mongo_client:
db = mongo_client['workbench']
db[USER_ACCOUNTS_COLLECTION_NAME].replace_one(
{'_id': ObjectId(account_id)}, account)
return parse_json(account), 200
return {'error': 'Failed to connect to MongoDB'}, 500
def create_account(account):
mongo_client = get_mongo_client()
with mongo_client:
db = mongo_client['workbench']
record = db[USER_ACCOUNTS_COLLECTION_NAME].insert_one(account)
account['_id'] = str(record.inserted_id)
return parse_json(account), 201
return {'error': 'Failed to connect to MongoDB'}, 500
def list_accounts():
mongo_client = get_mongo_client()
with mongo_client:
db = mongo_client['workbench']
cursor = db[USER_ACCOUNTS_COLLECTION_NAME].find()
docs = list(cursor)
return parse_json(docs), 200
return {'error': 'Failed to connect to MongoDB'}, 500
def get_service_by_id(service_id):
try:
token = jwt.get_token()
username = jwt.get_username_from_token(token)
# User spec not found, check system catalog
appspec = data_store.retrieve_user_appspec_by_key(username, service_id)
if appspec is not None:
return mongo.parse_json(appspec), 200
except Exception as e:
logger.debug('Skipping user catalog check: %s' % str(e))
# No token (or appspec not found), but we can still check system catalog
appspec = data_store.retrieve_system_appspec_by_key(service_id)
if appspec is not None:
return mongo.parse_json(appspec), 200
else:
return {'error': 'Spec key=%s not found' % service_id}, 404
def list_vocabularies():
# TODO: handle filter params
#if catalog is not None and catalog != '':
# docs = list(db[APP_SPECS_COLLECTION_NAME].find({ 'catalog': catalog }))
# logger.debug(docs)
# return docs, 200
mongo_client = get_mongo_client()
with mongo_client:
db = mongo_client['workbench']
cursor = db[VOCABULARIES_COLLECTION_NAME].find({})
docs = list(cursor)
return parse_json(docs), 200
return {'error': 'Failed to connect to MongoDB'}, 500
def list_services(catalog='all'):
logging.info("Get services with catalog - "+catalog)
try:
token = jwt.get_token()
claims = jwt.safe_decode(token)
username = jwt.get_username_from_token(token)
# Attempt user lookup, if possible
if catalog == 'user':
services = data_store.fetch_user_appspecs(username)
return mongo.parse_json(services), 200
else: # catalog == all or anything else
services = data_store.fetch_all_appspecs_for_user(username)
return mongo.parse_json(services), 200
except Exception as e:
logger.debug('Skipping user catalog check: %s' % str(e))
if catalog == 'all' or catalog == 'system':
services = data_store.fetch_system_appspecs()
return mongo.parse_json(services), 200
elif catalog == 'user':
return {'error': 'Must login to request user catalog'}, 401
def update_account(account_id, account):
token = jwt.get_token()
claims = jwt.safe_decode(token)
username = jwt.get_username_from_token(token)
if account_id != account['id']:
return 'error: account id mismatch', 400
# Admins only: check token for required role
if username != account_id:
jwt.validate_scopes(['workbench-accounts'], claims)
# Make sure user can't change password like this
existing_account = data_store.retrieve_user_by_namespace(account.id)
account.password = existing_account.password
return mongo.parse_json(data_store.update_user(account)), 200