def login(context, request): email = urllib.unquote(request.matchdict['email']) user = User.get(request.db_session, email) # non-admin users cannot check if another user has permissions on a # given instance if authenticated_userid(request) != email and \ 'admin' not in effective_principals(request): return generate_empty_response(HTTPForbidden(), request, 403) try: # the domain could be an alias. We need the instance domain domain = Alias.get(request.db_session, request.params['domain'])\ .instance.domain except NoResultFound: domain = request.params['domain'] except KeyError: log.error('No domain in request for users.login') return generate_empty_response(HTTPForbidden(), request, 403) instance = Instance.get_by_domain(request.db_session, domain) if not user.can_access(instance): log.error('%s cannot login on %s', email, domain) return generate_empty_response(HTTPForbidden(), request, 403) return user.to_dict()
def empty_instance_groups(context, request): domain = request.matchdict['domain'] group = Group.get(request.db_session, domain) instance = Instance.get_by_domain(request.db_session, domain) instance.groups = [group] request.db_session.commit() raise HTTPNoContent()
def restore(context, request): # FIXME: re-enable when restore issues are sorted out raise NotImplementedError() domain = request.matchdict['domain'] instance = Instance.get_by_domain(request.db_session, domain) archive = request.params.get('archive') archive_name = request.params.get('archive_name') if archive and archive_name: raise ParamsError('archive and archive_name are mutually exclusive') elif archive_name and not archive: raise ParamsError('missing both archive and archive name') elif archive: # TODO handle archive upload raise NotImplementedError() if not archive_name.endswith("tar.gz"): archive_name = "{}.tar.gz".format(archive_name) archives = Environment.settings['paths.archives'] archive_path = os.path.join(archives, archive_name) if not os.path.exists(archive_path): raise ParamsError('{} is not a valid archive'.format(archive_name)) return request.submit_task('instance.restore', id=instance.id, archive_name=archive_name)
def update(context, request): domain = request.matchdict['domain'] # prefer 404 upon 400, so try first to get the instance params = dict(request.params) params.pop('action', '') instance = Instance.get_by_domain(request.db_session, domain) if request.method == 'DELETE': taskname = 'instance.delete' params['archive'] = True if request.params.get('archive') else '' elif 'action' not in request.params: raise ParamsError('No action provided') elif request.params['action'] in ('enable', 'disable', 'reload', 'kill', 'sentence', 'flush_cache', 'archive', 'migrate', 'switch_environment', 'rewrite', 'change_domain'): taskname = "instance.{}".format(request.params['action']) else: raise ParamsError('invalid action {}'.format(request.params['action'])) try: if request.params['action'] == 'change_domain': check_domain_not_used(request, params['domain']) except KeyError: pass return request.submit_task(taskname, id=instance.id, **params)
def update(context, request): params = dict() domain = request.matchdict['domain'] Alias.get(request.db_session, domain) try: if "destination" in request.params: params['instance_id'] = Instance.get_by_domain( request.db_session, request.params['destination']).id if "new_domain" in request.params: check_domain_not_used(request, request.params['new_domain']) params['new_domain'] = validate_hostname( request.params['new_domain']) except NoResultFound: raise ParamsError("No instance for domain {}"\ .format(request.params['destination'])) if not params: raise ParamsError("Missing update fields") params['domain'] = domain return request.submit_task('alias.update', **params)
def instance_group_info(context, request): domain = request.matchdict['domain'] group = request.matchdict['group'] instance = Instance.get_by_domain(request.db_session, domain) if not group.name in (g.name for g in instance.groups): raise NoResultFound() return group.to_dict()
def allowed_users_for_instance(context, request): domain = request.matchdict['domain'] instance = Instance.get_by_domain(request.db_session, domain) res = {} for user in User.all(request.db_session): if user.can_access(instance): res[user.email] = user.to_dict() return res
def create(context, request): try: domain = request.params['domain'] now = datetime.datetime.now().strftime('%Y%m%d-%H.%M.%S') default_name = "{}-{}".format(domain, now) name = request.params.get('name', default_name) name.replace(":", ".") except KeyError as e: raise ParamsError(e) instance = Instance.get_by_domain(request.db_session, domain) return request.submit_task('instance.archive', id=instance.id, name=name)
def remove_group_from_instance(context, request): domain = request.matchdict['domain'] group_name = request.matchdict['group'] instance = Instance.get_by_domain(request.db_session, domain) try: group = Group.get(request.db_session, group_name) except NoResultFound: raise HTTPNoContent() if group.name == domain: raise HTTPConflict(headers={'X-Request-Error': \ "group {} cannot be removed".format(group_name)}) instance.groups = [g for g in instance.groups if g.name != group.name] request.db_session.commit() raise HTTPNoContent()
def create(context, request): try: domain = request.params['domain'] instance = Instance.get_by_domain(request.db_session, request.params['destination']) check_domain_not_used(request, domain) except KeyError as e: raise ParamsError(e) except NoResultFound: raise ParamsError('No instance for domain {}'\ .format(request.params['destination'])) else: params = dict(domain=domain, instance_id=instance.id) return request.submit_task('alias.create', **params)
def add_group_to_instance(context, request): domain = request.matchdict['domain'] group_name = request.matchdict['group'] instance = Instance.get_by_domain(request.db_session, domain) try: group = Group.get(request.db_session, group_name) except NoResultFound: raise HTTPPreconditionFailed( headers={'X-Request-Error': 'No such group {}'\ .format(group_name)} ) if group_name in (g.name for g in instance.groups): raise HTTPNoContent() instance.groups.append(group) request.db_session.commit() raise HTTPNoContent()
def set_instance_groups(context, request): domain = request.matchdict['domain'] request_groups = set(request.params.getall('groups')) if domain not in request_groups: request_groups.add(domain) instance = Instance.get_by_domain(request.db_session, domain) groups = Group.search( request.db_session, filters=(Group.name.in_(request_groups), ) ) if len(groups) != len(request_groups): raise HTTPPreconditionFailed( headers={'X-Request-Error': 'Invalid groups {}'\ .format(','.join(request_groups))}) instance.groups = groups request.db_session.commit() raise HTTPNoContent()
def create(context, request): try: source = validate_hostname(request.params['source']) instance = Instance.get_by_domain(request.db_session, request.params['destination']) http_code = request.params.get('http_code', 301) target_path = request.params.get('target_path', '') check_domain_not_used(request, source) except KeyError as e: raise ParamsError(e) except NoResultFound: raise ParamsError('No instance for domain {}'\ .format(request.params['destination'])) else: params = dict(source=source, instance_id=instance.id, http_code=http_code, target_path=target_path) return request.submit_task('redirect.create', **params)
def deploy(context, request): try: params = dict( domain=request.params['domain'], owner_email=request.params['owner_email'], environment_name=request.params['environment_name'], technical_contact_email=request.params.get( 'technical_contact_email', request.params['owner_email']), theme_name=request.params.get('theme_name'), default_language=request.params.get('default_language', u'it'), database_password=request.params.get('database_password'), enabled=True if request.params.get('enabled') else False, verbose=True if request.params.get('verbose') else False, ) check_domain_not_used(request, params['domain']) params['domain'] = validate_hostname(params['domain']) # try to get the instance, as it MUST not exists Instance.get_by_domain(request.db_session, params['domain']) except KeyError as e: log.exception("Error validating params") raise ParamsError(e) except NoResultFound: # no instance found, validate relations. try: field = 'owner_email' cls = 'user' User.log.debug("Validating owner %s", params[field]) owner = User.get(request.db_session, params[field]) if not owner: raise NoResultFound() if params['technical_contact_email'] != params['owner_email']: field = 'technical_contact_email' User.log.debug("Validating contact %s", params[field]) ctc = User.get(request.db_session, params[field]) if not ctc: raise NoResultFound() field = 'environment_name' cls = 'environment' Environment.log.debug("validating environment %s", params[field]) env = Environment.get(request.db_session, params[field]) if not env: raise NoResultFound() field = 'theme_name' cls = 'theme' if params[field]: Theme.log.debug("Validating theme %s", params[field]) theme = Theme.get(request.db_session, params[field]) if not theme: raise NoResultFound() except NoResultFound: raise ParamsError('{} "{}" for {} not found'\ .format(cls.title(), params[field], field)) else: log.info("Submitting task") # relations exists, submit tasks return request.submit_task('instance.deploy', **params) else: # found instance, conflict error = 'instance for domain {} already exists'\ .format(params['domain']) raise HTTPConflict(headers={'X-Request-Error': error})
def list_instance_groups(context, request): domain = request.matchdict['domain'] instance = Instance.get_by_domain(request.db_session, domain) return {g.name: g.to_dict() for g in instance.groups}
def info(context, request): domain = request.matchdict['domain'] instance = Instance.get_by_domain(request.db_session, domain) return instance.to_dict(paths=True)