def decorated(*args, **kwargs):
api_key = None
if 'apikey' in request.form:
api_key = request.form.get('apikey')
elif 'X-Api-Key' in request.headers.keys():
api_key = request.headers.get('X-Api-Key')
# validate
if not api_key:
data = {'error': messages.NO_API_KEY}
return generate_api_response(data, 401)
user = User.get_by_api_key(api_key=api_key)
organization = Organization.get_by_api_key(api_key=api_key)
if not user and not organization:
data = {'error': messages.INVALID_API_KEY}
return generate_api_response(data, 401)
requested_org = kwargs.get('organization','')
# check that user is active
if user:
session['user'] = user
# allow admins to see all orgs
if user.is_admin():
session['organization'] = Organization.get_by_name(requested_org)
else:
session['organization'] = Organization.get_by_uuid(user.organization)
if not user.active:
data = {'error': messages.ACCOUNT_INACTIVE}
return generate_api_response(data, 403)
if organization:
session['organization'] = organization
# check that user is authorized for the desired organization
if requested_org and requested_org != session.get('organization').name.lower():
data = {'error': messages.ACCESS_DENIED}
return generate_api_response(data, 403)
return f(*args, **kwargs)
def decorated(*args, **kwargs):
api_key = request.headers.get('api-key')
# validate
if not api_key:
data = {'error': messages.NO_API_KEY}
return generate_api_response(data, 401)
if api_key not in current_app.config.get('INTERNAL_API_KEYS'):
data = {'error': messages.INVALID_API_KEY}
return generate_api_response(data, 401)
session['internal_api_key'] = api_key
return f(*args, **kwargs)
def decorated(*args, **kwargs):
api_key = request.headers.get('api-key')
# validate
if not api_key:
data = {'error': messages.NO_API_KEY}
return generate_api_response(data, 401)
if api_key not in current_app.config.get('INTERNAL_API_KEYS'):
data = {'error': messages.INVALID_API_KEY}
return generate_api_response(data, 401)
session['internal_api_key'] = api_key
return f(*args, **kwargs)
def decorated(*args, **kwargs):
api_key = request.headers.get('api-key')
# validate
if not api_key:
data = {'error': messages.NO_API_KEY}
return generate_api_response(data, 401)
user = db.get_user({'api_key': api_key})
if not user:
data = {'error': messages.INVALID_API_KEY}
return generate_api_response(data, 401)
session['user'] = user
return f(*args, **kwargs)
def decorated(*args, **kwargs):
api_key = request.headers.get('api-key')
# validate
if not api_key:
data = {'error': messages.NO_API_KEY}
return generate_api_response(data, 401)
user = db.get_user({'api_key': api_key})
if not user:
data = {'error': messages.INVALID_API_KEY}
return generate_api_response(data, 401)
session['user'] = user
return f(*args, **kwargs)
def nodes(organization=None, account=None, provider=None, region=None):
node_id = request.args.get("id", None)
if node_id:
node_id = [node_id]
nodes = None
account = request.args.get("account", session.get("default_account"))
provider_info = session.get("provider_info")
if provider_info.get("provider"):
provider_id = provider_info.get("provider_id")
provider_key = provider_info.get("provider_key")
nodes = cloud.get_nodes(provider, region, provider_id, provider_key, node_ids=node_id)
node_list = []
for node in nodes:
node_data = NodeData.get_by_node_id(node.id)
if not node_data:
node_data = NodeData()
data = {
"id": node.id,
"uuid": node.uuid,
"name": node.name,
"image": node.image,
"size": node.size,
"extra": node.extra,
"roles": node_data.roles,
}
node_list.append(data)
data = {"account": account, "provider": provider, "region": region, "nodes": node_list}
return generate_api_response(data)
def view_task(task_id=None):
data = {}
if task_id:
task = get_task(task_id)
data['status'] = task.get('status')
res = task.get('result')
if res:
res = pickle.loads(res)
data['result'] = res
return generate_api_response(data)
def actions():
name = request.args.get('name')
if name:
key = 'actions:{0}:*'.format(name)
else:
key = 'actions:*'
keys = redis.keys(key)
actions = []
[actions.append(json.loads(redis.get(x))) for x in keys]
return generate_api_response(actions)
def view_task(task_id=None):
data = {}
if task_id:
task = get_task(task_id)
data['status'] = task.get('status')
res = task.get('result')
if res:
res = pickle.loads(res)
data['result'] = res
return generate_api_response(data)
def decorated(*args, **kwargs):
# load provider info
org = Organization.get_by_name(kwargs.get("organization"))
org_name = None
if org:
org_name = org.name
info = get_provider_info(kwargs.get("provider"), org_name, kwargs.get("account"))
session["provider_info"] = info
# check for info ; if missing return error
if not info.get("provider_id") or not info.get("provider_key"):
data = {"error": "Invalid or missing provider account information"}
return generate_api_response(data, 400)
return f(*args, **kwargs)
def notify():
# github payload (https://help.github.com/articles/post-receive-hooks)
post = request.form.get('payload')
if post:
payload = json.loads(post)
repo = payload.get('repository', {}).get('name')
#commit = payload.get('after')
#username = payload.get('head_commit', {}).get('committer', {}).get('username')
repo_cfg = app.config.get('configs', {}).get(repo)
if repo_cfg:
# run handler in subprocess (for async)
p = Process(target=tasks.action_handler, args=(repo_cfg,))
p.start()
# log action
redis.set('actions:{0}:{1}'.format(repo, time.time()), post)
return generate_api_response({'status': 'thanks!'})
def change_password():
if request.method == 'POST':
form = request.form
username = session.get('user').get('username')
password = form.get('password')
if form.get('password') != form.get('password_confirm'):
flash(messages.PASSWORDS_NOT_MATCH, 'error')
return redirect(url_for('accounts.change_password'))
db.update_user(username, {'password': password})
# update servers
queue = get_queue()
t = queue.enqueue(utils.reset_password, args=(username, password),
result_ttl=30)
# reset session
session['user'] = None
data = {
'task_id': t.id,
'task_uri': url_for('admin.view_task', task_id=t.id)
}
return generate_api_response(data)
ctx = {}
return render_template('accounts/change_password.html', **ctx)
def change_password():
if request.method == 'POST':
form = request.form
username = session.get('user').get('username')
password = form.get('password')
if form.get('password') != form.get('password_confirm'):
flash(messages.PASSWORDS_NOT_MATCH, 'error')
return redirect(url_for('accounts.change_password'))
db.update_user(username, {'password': password})
# update servers
queue = get_queue()
t = queue.enqueue(utils.reset_password,
args=(username, password),
result_ttl=30)
# reset session
session['user'] = None
data = {
'task_id': t.id,
'task_uri': url_for('admin.view_task', task_id=t.id)
}
return generate_api_response(data)
ctx = {}
return render_template('accounts/change_password.html', **ctx)
def index():
data = {
'version': getattr(config, 'APP_VERSION'),
}
return generate_api_response(data)
def index():
data = {"version": current_app.config.get("APP_VERSION"), "endpoints": [docs.nodes()]}
return generate_api_response(data)
