def handle(self):
salt = uuid4().hex
input = self.request.input
input.password = tech_account_password(uuid4().hex, salt)
input.salt = salt
with closing(self.odb.session()) as session:
cluster = session.query(Cluster).filter_by(id=input.cluster_id).first()
# Let's see if we already have an account of that name before committing
# any stuff into the database.
existing_one = session.query(TechnicalAccount).\
filter(Cluster.id==input.cluster_id).\
filter(TechnicalAccount.name==input.name).first()
if existing_one:
raise Exception('Technical account [{0}] already exists on this cluster'.format(input.name))
try:
tech_account = TechnicalAccount(None, input.name, input.is_active, input.password, salt, cluster=cluster)
session.add(tech_account)
session.commit()
except Exception, e:
msg = 'Could not create a technical account, e:[{e}]'.format(e=format_exc(e))
self.logger.error(msg)
session.rollback()
raise
else:
def execute(self, args, show_output=True):
engine = self._get_engine(args)
session = self._get_session(engine)
cluster = Cluster()
cluster.name = args.cluster_name
cluster.description = 'Created by {} on {} (UTC)'.format(self._get_user_host(), datetime.utcnow().isoformat())
for name in('odb_type', 'odb_host', 'odb_port', 'odb_user', 'odb_db_name',
'broker_host', 'broker_port', 'lb_host', 'lb_port', 'lb_agent_port'):
setattr(cluster, name, getattr(args, name))
session.add(cluster)
salt = uuid4().hex
password = tech_account_password(args.tech_account_password, salt)
tech_account = TechnicalAccount(None, args.tech_account_name, True, password, salt, cluster)
session.add(tech_account)
self.add_soap_services(session, cluster, tech_account)
self.add_json_services(session, cluster, tech_account)
self.add_ping_services(session, cluster)
try:
session.commit()
except IntegrityError, e:
msg = 'Cluster name [{}] already exists'.format(cluster.name)
if self.verbose:
msg += '. Caught an exception:[{}]'.format(format_exc(e))
self.logger.error(msg)
self.logger.error(msg)
session.rollback()
return self.SYS_ERROR.CLUSTER_NAME_ALREADY_EXISTS
def handle(self):
salt = uuid4().hex
input = self.request.input
input.password = tech_account_password(uuid4().hex, salt)
with closing(self.odb.session()) as session:
cluster = session.query(Cluster).filter_by(id=input.cluster_id).first()
# Let's see if we already have an account of that name before committing
# any stuff into the database.
existing_one = session.query(TechnicalAccount).\
filter(Cluster.id==input.cluster_id).\
filter(TechnicalAccount.name==input.name).first()
if existing_one:
raise Exception('Technical account [{0}] already exists on this cluster'.format(input.name))
try:
tech_account = TechnicalAccount(None, input.name, input.is_active, input.password, salt, cluster=cluster)
session.add(tech_account)
session.commit()
except Exception, e:
msg = 'Could not create a technical account, e:[{e}]'.format(e=format_exc(e))
self.logger.error(msg)
session.rollback()
raise
else:
def handle(self, *args, **kwargs):
with closing(self.server.odb.session()) as session:
payload = kwargs.get("payload")
request_params = ["cluster_id", "name", "is_active"]
params = _get_params(payload, request_params, "data.")
cluster_id = params["cluster_id"]
name = params["name"]
cluster = session.query(Cluster).filter_by(id=cluster_id).first()
salt = uuid4().hex
password = tech_account_password(uuid4().hex, salt)
# Let's see if we already have an account of that name before committing
# any stuff into the database.
existing_one = (
session.query(TechnicalAccount)
.filter(Cluster.id == cluster_id)
.filter(TechnicalAccount.name == name)
.first()
)
if existing_one:
raise Exception("Technical account [{0}] already exists on this cluster".format(name))
tech_account_elem = Element("tech_account")
try:
tech_account = TechnicalAccount(None, name, password, salt, params["is_active"], cluster=cluster)
session.add(tech_account)
session.commit()
tech_account_elem.id = tech_account.id
except Exception, e:
msg = "Could not create a technical account, e=[{e}]".format(e=format_exc(e))
self.logger.error(msg)
session.rollback()
raise
else:
def _auth(instance, password):
instance.password = tech_account_password(password, salt)
instance.salt = salt
def _auth(instance, password):
instance.password = tech_account_password(password, salt)
instance.salt = salt
def _auth(instance, password):
salt = uuid4().hex
instance.password = tech_account_password(password, salt)
instance.salt = salt
def execute(self, args):
try:
# Make sure the ODB tables exists.
# Note: Also make sure that's always at the very top of the method
# as otherwise the 'quickstart' command will fail on a pristine
# database, one that hasn't been used with Zato yet.
create_odb.CreateODB().execute(args)
args.cluster_name = "ZatoQuickstart"
args.server_name = "ZatoServer"
engine = self._get_engine(args)
print("\nPinging database..")
engine.execute(ping_queries[args.odb_type])
print("Ping OK\n")
session = self._get_session(engine)
next_id = self.get_next_id(
session, Cluster, Cluster.name, "ZatoQuickstartCluster-%", Cluster.id.desc(), "#"
)
cluster_name = "ZatoQuickstartCluster-#{next_id}".format(next_id=next_id)
ca_dir = os.path.abspath(os.path.join(self.target_dir, "./ca"))
lb_dir = os.path.abspath(os.path.join(self.target_dir, "./load-balancer"))
server_dir = os.path.abspath(os.path.join(self.target_dir, "./server"))
zato_admin_dir = os.path.abspath(os.path.join(self.target_dir, "./zato-admin"))
broker_dir = os.path.abspath(os.path.join(self.target_dir, "./broker"))
# Create the CA.
os.mkdir(ca_dir)
ca_create_ca.CreateCA(ca_dir).execute(args)
# Create the broker
cb = create_broker.CreateBroker(broker_dir)
cb.execute(args)
# Create crypto stuff for each component (but not for the broker)
lb_format_args = ca_create_lb_agent.CreateLBAgent(ca_dir).execute(args)
server_format_args = ca_create_server.CreateServer(ca_dir).execute(args)
zato_admin_format_args = ca_create_zato_admin.CreateZatoAdmin(ca_dir).execute(args)
# Create the LB agent
os.mkdir(lb_dir)
create_lb.CreateLoadBalancer(lb_dir).execute(args)
# .. copy the LB agent's crypto material over to its directory
shutil.copy2(lb_format_args["priv_key_name"], os.path.join(lb_dir, "config", "lba-priv-key.pem"))
shutil.copy2(lb_format_args["cert_name"], os.path.join(lb_dir, "config", "lba-cert.pem"))
shutil.copy2(
os.path.join(ca_dir, "ca-material/ca-cert.pem"), os.path.join(lb_dir, "config", "ca-chain.pem")
)
# Create the server
os.mkdir(server_dir)
cs = create_server.CreateServer(server_dir, cluster_name)
# Copy crypto stuff to the newly created directories. We're doing
# it here because CreateServer's execute expects the pub_key to be
# already at its place.
cs.prepare_directories()
shutil.copy2(server_format_args["priv_key_name"], os.path.join(server_dir, "config/repo/zs-priv-key.pem"))
shutil.copy2(server_format_args["pub_key_name"], os.path.join(server_dir, "config/repo/zs-pub-key.pem"))
shutil.copy2(server_format_args["cert_name"], os.path.join(server_dir, "config/repo/zs-cert.pem"))
shutil.copy2(
os.path.join(ca_dir, "ca-material/ca-cert.pem"), os.path.join(server_dir, "config/repo/ca-chain.pem")
)
cs.execute(args)
# Create the web admin now.
tech_account_name = "zato-{random}".format(random=uuid4().hex[:10])
tech_account_password_clear = uuid4().hex
os.mkdir(zato_admin_dir)
create_zato_admin.CreateZatoAdmin(zato_admin_dir, tech_account_name, tech_account_password_clear).execute(
args
)
# .. copy the web admin's material over to its directory
# Will be used later on.
priv_key_path = os.path.join(zato_admin_dir, "zato-admin-priv-key.pem")
shutil.copy2(zato_admin_format_args["priv_key_name"], priv_key_path)
shutil.copy2(zato_admin_format_args["cert_name"], os.path.join(zato_admin_dir, "zato-admin-cert.pem"))
shutil.copy2(os.path.join(ca_dir, "ca-material/ca-cert.pem"), os.path.join(zato_admin_dir, "ca-chain.pem"))
print("Setting up ODB objects..")
#
# Cluster
#
cluster = Cluster(
None,
cluster_name,
"An automatically generated quickstart cluster",
args.odb_type,
args.odb_host,
args.odb_port,
args.odb_user,
args.odb_dbname,
args.odb_schema,
args.broker_host,
args.broker_start_port,
cb.token,
"localhost",
20151,
11223,
)
#
# Server
#
server = Server(
None,
"ZatoQuickstartServer-(cluster-#{next_id})".format(next_id=next_id),
cluster,
cs.odb_token,
"ACCEPTED",
datetime.now(),
"zato-quickstart/" + current_host(),
)
session.add(server)
#
# SOAP Services
#
soap_services = {
# SQL connection pools
"zato:pool.sql.get-list": "zato.server.service.internal.sql.GetSQLConnectionPoolList",
"zato:pool.sql.create": "zato.server.service.internal.sql.CreateSQLConnectionPool",
"zato:pool.sql.edit": "zato.server.service.internal.sql.EditSQLConnectionPool",
"zato:pool.sql.delete": "zato.server.service.internal.sql.DeleteSQLConnectionPool",
"zato:pool.sql.change-password": "******",
"zato:pool.sql.ping": "zato.server.service.internal.sql.PingSQLConnectionPool",
# Scheduler
"zato:scheduler.job.get-list": "zato.server.service.internal.scheduler.GetList",
"zato:scheduler.job.create": "zato.server.service.internal.scheduler.Create",
"zato:scheduler.job.edit": "zato.server.service.internal.scheduler.Edit",
"zato:scheduler.job.execute": "zato.server.service.internal.scheduler.Execute",
"zato:scheduler.job.delete": "zato.server.service.internal.scheduler.Delete",
# Services
"zato:service.get-list": "zato.server.service.internal.service.GetList",
"zato:service.get-by-id": "zato.server.service.internal.service.GetByID",
"zato:service.create": "zato.server.service.internal.service.Create",
"zato:service.edit": "zato.server.service.internal.service.Edit",
"zato:service.delete": "zato.server.service.internal.service.Delete",
# SOAP channels
"zato:channel.soap.get-list": "zato.server.service.internal.channel.soap.GetList",
# Security
"zato:security.get-list": "zato.server.service.internal.security.GetList",
# Technical accounts
"zato:security.tech-account.get-list": "zato.server.service.internal.security.tech_account.GetList",
"zato:security.tech-account.get-by-id": "zato.server.service.internal.security.tech_account.GetByID",
"zato:security.tech-account.create": "zato.server.service.internal.security.tech_account.Create",
"zato:security.tech-account.edit": "zato.server.service.internal.security.tech_account.Edit",
"zato:security.tech-account.change-password": "******",
"zato:security.tech-account.delete": "zato.server.service.internal.security.tech_account.Delete",
# WS-Security
"zato:security.wss.get-list": "zato.server.service.internal.security.wss.GetList",
"zato:security.wss.create": "zato.server.service.internal.security.wss.Create",
"zato:security.wss.edit": "zato.server.service.internal.security.wss.Edit",
"zato:security.wss.change-password": "******",
"zato:security.wss.delete": "zato.server.service.internal.security.wss.Delete",
# HTTP Basic Auth
"zato:security.basic-auth.get-list": "zato.server.service.internal.security.basic_auth.GetList",
"zato:security.basic-auth.create": "zato.server.service.internal.security.basic_auth.Create",
"zato:security.basic-auth.edit": "zato.server.service.internal.security.basic_auth.Edit",
"zato:security.basic-auth.change-password": "******",
"zato:security.basic-auth.delete": "zato.server.service.internal.security.basic_auth.Delete",
# Definitions - AMQP
"zato:definition.amqp.get-list": "zato.server.service.internal.definition.amqp.GetList",
"zato:definition.amqp.get-by-id": "zato.server.service.internal.definition.amqp.GetByID",
"zato:definition.amqp.create": "zato.server.service.internal.definition.amqp.Create",
"zato:definition.amqp.change-password": "******",
"zato:definition.amqp.edit": "zato.server.service.internal.definition.amqp.Edit",
"zato:definition.amqp.delete": "zato.server.service.internal.definition.amqp.Delete",
# Definitions - JMS WebSphere MQ
"zato:definition.jms_wmq.get-list": "zato.server.service.internal.definition.jms_wmq.GetList",
"zato:definition.jms_wmq.get-by-id": "zato.server.service.internal.definition.jms_wmq.GetByID",
"zato:definition.jms_wmq.create": "zato.server.service.internal.definition.jms_wmq.Create",
"zato:definition.jms_wmq.edit": "zato.server.service.internal.definition.jms_wmq.Edit",
"zato:definition.jms_wmq.delete": "zato.server.service.internal.definition.jms_wmq.Delete",
# Channels - AMQP
"zato:channel.amqp.get-list": "zato.server.service.internal.channel.amqp.GetList",
"zato:channel.amqp.create": "zato.server.service.internal.channel.amqp.Create",
"zato:channel.amqp.edit": "zato.server.service.internal.channel.amqp.Edit",
"zato:channel.amqp.delete": "zato.server.service.internal.channel.amqp.Delete",
# Channels - JMS WebSphere MQ
"zato:channel.jms_wmq.get-list": "zato.server.service.internal.channel.jms_wmq.GetList",
"zato:channel.jms_wmq.create": "zato.server.service.internal.channel.jms_wmq.Create",
"zato:channel.jms_wmq.edit": "zato.server.service.internal.channel.jms_wmq.Edit",
"zato:channel.jms_wmq.delete": "zato.server.service.internal.channel.jms_wmq.Delete",
# Channels - ZeroMQ
"zato:channel.zmq.get-list": "zato.server.service.internal.channel.zmq.GetList",
"zato:channel.zmq.create": "zato.server.service.internal.channel.zmq.Create",
"zato:channel.zmq.edit": "zato.server.service.internal.channel.zmq.Edit",
"zato:channel.zmq.delete": "zato.server.service.internal.channel.zmq.Delete",
# Outgoing connections - AMQP
"zato:outgoing.amqp.get-list": "zato.server.service.internal.outgoing.amqp.GetList",
"zato:outgoing.amqp.create": "zato.server.service.internal.outgoing.amqp.Create",
"zato:outgoing.amqp.edit": "zato.server.service.internal.outgoing.amqp.Edit",
"zato:outgoing.amqp.delete": "zato.server.service.internal.outgoing.amqp.Delete",
# Outgoing connections - JMS WebSphere MQ
"zato:outgoing.jms_wmq.get-list": "zato.server.service.internal.outgoing.jms_wmq.GetList",
"zato:outgoing.jms_wmq.create": "zato.server.service.internal.outgoing.jms_wmq.Create",
"zato:outgoing.jms_wmq.edit": "zato.server.service.internal.outgoing.jms_wmq.Edit",
"zato:outgoing.jms_wmq.delete": "zato.server.service.internal.outgoing.jms_wmq.Delete",
# Outgoing connections - S3
"zato:outgoing.s3.get-list": "zato.server.service.internal.outgoing.s3.GetList",
"zato:outgoing.s3.create": "zato.server.service.internal.outgoing.s3.Create",
"zato:outgoing.s3.edit": "zato.server.service.internal.outgoing.s3.Edit",
"zato:outgoing.s3.delete": "zato.server.service.internal.outgoing.s3.Delete",
# Outgoing connections - FTP
"zato:outgoing.ftp.get-list": "zato.server.service.internal.outgoing.ftp.GetList",
"zato:outgoing.ftp.create": "zato.server.service.internal.outgoing.ftp.Create",
"zato:outgoing.ftp.edit": "zato.server.service.internal.outgoing.ftp.Edit",
"zato:outgoing.ftp.delete": "zato.server.service.internal.outgoing.ftp.Delete",
"zato:outgoing.ftp.change-password": "******",
# Outgoing connections - ZeroMQ
"zato:outgoing.zmq.get-list": "zato.server.service.internal.outgoing.zmq.GetList",
"zato:outgoing.zmq.create": "zato.server.service.internal.outgoing.zmq.Create",
"zato:outgoing.zmq.edit": "zato.server.service.internal.outgoing.zmq.Edit",
"zato:outgoing.zmq.delete": "zato.server.service.internal.outgoing.zmq.Delete",
# HTTP SOAP
"zato:http_soap.get-list": "zato.server.service.internal.http_soap.GetList",
"zato:http_soap.create": "zato.server.service.internal.http_soap.Create",
"zato:http_soap.edit": "zato.server.service.internal.http_soap.Edit",
"zato:http_soap.delete": "zato.server.service.internal.http_soap.Delete",
}
#
# TechnicalAccount
#
salt = uuid4().hex
password = tech_account_password(tech_account_password_clear, salt)
tech_account = TechnicalAccount(
None, tech_account_name, True, password, salt, security_def_type.tech_account, cluster
)
session.add(tech_account)
#
# HTTPSOAP + services
#
zato_soap_channels = []
for soap_action, service_name in soap_services.iteritems():
service = Service(None, service_name, True, service_name, True, cluster)
session.add(service)
zato_soap = HTTPSOAP(
None,
soap_action,
True,
True,
"channel",
"soap",
"/zato/soap",
None,
soap_action,
"1.1",
service=service,
cluster=cluster,
security_id=tech_account.id,
)
session.add(zato_soap)
zato_soap_channels.append(zato_soap)
#
# Security definition for all the other admin services uses a technical account.
#
# sec_def = SecurityDefinition(None, security_def_type.tech_account)
# session.add(sec_def)
#
# HTTPSOAPSecurity
#
# for soap_channel in zato_soap_channels:
# chan_url_sec = HTTPSOAPSecurity(soap_channel, sec_def)
# session.add(chan_url_sec)
# Ping services
# self.add_ping(session, cluster)
# Commit all the stuff.
session.commit()
print("ODB objects created")
print("")
print("Quickstart OK. You can now start the newly created Zato components.\n")
print(
"""To start the server, type 'zato start {server_dir}'.
To start the load-balancer's agent, type 'zato start {lb_dir}'.
To start the ZatoAdmin web console, type 'zato start {zato_admin_dir}'.
""".format(
server_dir=server_dir, lb_dir=lb_dir, zato_admin_dir=zato_admin_dir
)
)
except Exception, e:
print("\nAn exception has been caught, quitting now!\n")
traceback.print_exc()
print("")
