def launch(self): """ Worker method for closing an endpoint and releasing the editing lock. """ # Make sure the endpoint exists if not DBAuthEndpoints.objects.filter(uuid=self.endpoint).count(): return invalid(self.api.log.error('Could not check in endpoint <%s>, not found in database' % self.endpoint)) # Get the endpoint details row endpoint_row = DBAuthEndpoints.objects.filter(uuid=self.endpoint).values()[0] # Check if the endpoint is already checked out if endpoint_row['locked'] == False: return invalid(self.api.log.error('Could not check in endpoint <%s>, already checked in' % self.endpoint)) # Unlock the endpoint self.api.log.info('Checked in endpoint <%s> by user <%s>' % (self.endpoint, self.api.user)) try: DBAuthEndpoints.objects.filter(uuid=self.endpoint).update( locked = False, locked_by = None ) return valid('Successfully checked in endpoint') # Failed to check out the formula except Exception as e: return invalid(self.api.log.error('Failed to check in endpoint with error: %s' % str(e)))
def launch(self): # Construct a list of authorized formulas auth_formulas = self.api.acl.authorized_objects('formula', 'formula/get') # Make sure the formula exists and is accessible if not self.formula in auth_formulas.ids: return invalid(self.api.log.error('Requested formula <%s> not found or access denied' % self.formula)) # Get the formula details row formula_details = auth_formulas.extract(self.formula) # Check if the formula is already checked out if formula_details['locked'] == False: return invalid(self.api.log.error('Could not check in formula <%s>, already checked in' % self.formula)) # Lock the formula for editing self.api.log.info('Check in formula <%s> by user <%s>' % (self.formula, self.api.user)) try: DBFormulaDetails.objects.filter(uuid=self.formula).update( locked = False, locked_by = None ) return valid('Successfully checked in formula') # Failed to check out the formula except Exception as e: return invalid(self.api.log.error('Failed to check in formula with error: %s' % e))
def launch(self): self.api.log.info('Running formula editor contents validation') # Required templates required_templates = [] # Make sure all the required templates are set for required_template in required_templates: if not required_template in self.api.data['formula_templates']: return invalid(self.api.log.error('Missing required template \'%s\' in request data' % required_template)) # Decode the base64 versions of the formula manifest and templates try: self.api.log.info('Decoding formula <%s> manifest' % self.formula) manifest = base64.decodestring(self.api.data['manifest']) templates = {} if 'templates' in self.api.data: for t_name, t_content in self.api.data['templates'].iteritems(): self.api.log.info('Validating formula <%s> template <%s>' % (self.formula, t_name)) if not t_content == 'delete': templates[t_name] = base64.decodestring(self.api.data['templates'][t_name]) else: templates[t_name] = t_content # Objects not base64 encoded except Exception as e: return invalid(self.api.log.error('An error occured when Base64 decoding formula objects during validation: %s' % e)) # Validate the formula JSON json_err = JSONTemplate(json.load(open(settings.FORMULA_TEMPLATE, 'r'))).validate(json.loads(manifest)) if json_err: return invalid(self.api.log.error(json_err)) return valid('Successfully validated formula editor contents')
def launch(self): """ Worker method that handles the creation of the group. """ # Make sure the group doesn't exist if DBGroupDetails.objects.filter(name=self.api.data['name']).count(): return invalid(self.api.log.error('Group name <%s> already exists' % self.api.data['name'])) # Generate a unique ID for the group group_uuid = uuid4() # Create the group try: DBGroupDetails( uuid = str(group_uuid), name = self.api.data['name'], desc = self.api.data['desc'], protected = self.api.get_data('protected') ).save() # Failed to create group except Exception as e: return invalid(self.api.log.exception('Failed to create group: %s' % str(e))) # Update the cached group data self.api.cache.save_object('group', self.group) # Return the response return valid('Successfully created group', { 'name': self.api.data['name'], 'desc': self.api.data['desc'], 'uuid': str(group_uuid), 'protected': self.api.get_data('protected') })
def launch(self): """ Worker method used to construct the ACL endpoint definitions object. """ # Construct the ACL object try: # If retrieving a single ACL definition if self.acl: # Get the ACL definition acl_definition = DBAuthACLKeys.objects.filter(uuid=self.acl).values() # If the ACL definition doesn't exist if not acl_definition: return invalid('Could not locate ACL <%s> in the database' % self.acl) # Return the ACL definition return valid(json.dumps(acl_definition[0])) # If retrieving all ACL definitions else: return valid(json.dumps(list(DBAuthACLKeys.objects.all().values()))) # Error during ACL construction except Exception as e: return invalid(self.api.log.exception('Failed to retrieve ACL definition(s): %s' % str(e)))
def launch(self): """ Worker method used for deleting an endpoint. """ # Make sure the endpoint exists if not DBAuthEndpoints.objects.filter(uuid=self.endpoint).count(): return invalid(self.api.log.error('Could not delete endpoint <%s>, not found in database' % self.endpoint)) # Get the endpoint details endpoint_row = DBAuthEndpoints.objects.filter(uuid=self.endpoint).values()[0] # Make sure the endpoint isn't protected if endpoint_row['protected']: return invalid('Cannot delete a protected endpoint') # Delete the endpoint try: DBAuthEndpoints.objects.filter(uuid=self.endpoint).delete() except Exception as e: return invalid(self.api.log.exeption('Failed to delete endpoint: %s' % str(e))) # Construct and return the web data web_data = { 'uuid': self.endpoint } return valid('Successfully deleted endpoint', web_data)
def launch(self): """ Worker method that handles the deletion of the group. """ # Construct a list of authorized groups auth_groups = self.api.acl.authorized_objects('group', path='group', method=HTTP_GET) # If the group does not exist or access denied if not self.group in auth_groups.ids: return invalid('Failed to delete group <%s>, not found in database or access denied' % self.group) # If the group is protected if auth_groups.extract(self.group)['protected']: return invalid('Failed to delete group <%s>, group is protected') # If the group has any members if DBGroupMembers.objects.filter(group=self.group).count(): return invalid('Failed to delete group <%s>, must remove all group members first' % self.group) # Delete the group DBGroupDetails.objects.filter(uuid=self.group).delete() # Return the response return valid('Successfully deleted group', { 'uuid': self.group })
def _get_api_key(self, id): """ Retrieve the API key for a user or host account. """ # Check if a user or host api_user = DBUserDetails.objects.filter(username=id).count() api_host = DBHostDetails.objects.filter(uuid=id).count() # If not an existing host or user if not api_user and not api_host: return invalid('Authentication failed, account <> not found in the database' % id) # If for some reason both a user and host if api_user and api_host: return invalid('Authentication failed, account <> is both user and host' % id) # Get the API key if api_user: # Make sure the user is enabled user_obj = DBUserDetails.objects.get(username=id) if not user_obj.is_active: return invalid('Authentication failed, account <%s> is disabled' % id) # Return the API key row api_key_row = DBUserAPIKeys.objects.filter(user=id).values('api_key') if api_host: api_key_row = DBHostAPIKeys.objects.filter(host=id).values('api_key') db_api_key = api_key_row[0]['api_key'] # User or host has no API key if not db_api_key: return invalid('Authentication failed, no API key found for account <%s>' % id) return valid(db_api_key)
def launch(self): """ Worker method used for deleting a utility. """ # Make sure the utility exists if not DBGatewayUtilities.objects.filter(uuid=self.utility).count(): return invalid(self.api.log.error('Could not delete utility [%s], not found in database' % self.utility)) # Get the utility details utility_row = DBGatewayUtilities.objects.filter(uuid=self.utility).values()[0] # Make sure the utility isn't protected if utility_row['protected']: return invalid('Cannot delete a protected utility') # Delete the utility try: DBGatewayUtilities.objects.filter(uuid=self.utility).delete() except Exception as e: return invalid(self.api.log.exeption('Failed to delete utility: %s' % str(e))) # Construct and return the web data web_data = { 'uuid': self.utility } return valid('Successfully deleted utility', web_data)
def launch(self): """ Worker method for closing a utility and releasing the editing lock. """ # Make sure the utility exists if not DBGatewayUtilities.objects.filter(uuid=self.utility).count(): return invalid(self.api.log.error('Could not check in utility [%s], not found in database' % self.utility)) # Get the utility details row util_row = DBGatewayUtilities.objects.filter(uuid=self.utility).values()[0] # Check if the utility is already checked out if util_row['locked'] == False: return invalid(self.api.log.error('Could not check in utility [%s], already checked in' % self.utility)) # Unlock the utility self.api.log.info('Checked in utility [%s] by user [%s]' % (self.utility, self.api.user)) try: DBGatewayUtilities.objects.filter(uuid=self.utility).update( locked = False, locked_by = None ) return valid('Successfully checked in utility') # Failed to check out the utility except Exception as e: return invalid(self.api.log.error('Failed to check in utility with error: %s' % str(e)))
def handler(self): """ Main method for constructing and returning the endpoint map. @return valid|invalid """ map_rsp = self._build_map() if not map_rsp['valid']: return map_rsp # Request path missing if not self.endpoint: return invalid(LOG.error('Missing request endpoint')) # Invalid request path if not self.endpoint in self.map: return invalid(LOG.error('Unsupported request endpoint: <%s>' % self.endpoint)) # Verify the request method if self.method != self.map[self.endpoint]['method']: return invalid(LOG.error('Unsupported request method <%s> for endpoint <%s>' % (self.method, self.endpoint))) # Get the API module, class handler, and name self.handler_obj = { 'api_mod': self.map[self.endpoint]['module'], 'api_class': self.map[self.endpoint]['class'], 'api_name': self.map[self.endpoint]['name'], 'api_utils': self.map[self.endpoint]['utils'], 'api_map': self.map[self.endpoint]['json'] } LOG.info('Parsed handler object for API endpoint <%s>: %s' % (self.endpoint, self.handler_obj)) # Return the handler module path return valid(self.handler_obj)
def handler(self): """ Main method for constructing and returning the utility map. @return valid|invalid """ map_rsp = self._build_map() if not map_rsp['valid']: return map_rsp # Request path missing if not self.path: return invalid(JSONError(error='Missing request path', status=400).response()) # Invalid request path if not self.path in self.map: return invalid(JSONError(error='Unsupported request path: [%s]' % self.path, status=400).response()) # Verify the request method if self.method != self.map[self.path]['method']: return invalid(JSONError(error='Unsupported request method [%s] for path [%s]' % (self.method, self.path), status=400).response()) # Get the API module, class handler, and name self.handler_obj = { 'api_mod': self.map[self.path]['module'], 'api_class': self.map[self.path]['class'], 'api_path': self.map[self.path]['path'], 'api_utils': self.map[self.path]['utils'], 'api_map': self.map[self.path]['json'] } LOG.info('Parsed handler object for API utility [%s]: %s' % (self.path, self.handler_obj)) # Return the handler module path return valid(self.handler_obj)
def launch(self): """ Worker method used to handle enabling a user account. """ # Construct a list of authorized users auth_users = self.api.acl.authorized_objects('user', 'user/get') # If the user does not exist or access is denied if not self.user in auth_users.ids: return invalid('Cannot enable user <%s>, not found or access denied' % self.user) self.api.log.info('Enabling user account <%s>' % self.user) # Cannot enable/disable default administrator if self.user == U_ADMIN: return invalid('Cannot enable/disable the default administrator account') # Get the user object and disable the account user_obj = DBUserDetails.objects.get(username=self.user) user_obj.is_active = True user_obj.save() # Return the response return valid('Successfully enabled user account', { 'username': self.user })
def launch(self): # Make sure the host exists if not DBHostDetails.objects.filter(uuid=self.host).count(): return invalid('Cannot update system information, could not locate host <%s> in database' % self.host) # Get the host parent object self.host_obj = DBHostDetails.objects.get(uuid=self.host) # Make sure the host system information row exists self._set_defaults() # Get the current system information sys_info = DBHostSystemInfo.objects.filter(host=self.host).values()[0] # Set the updated database parameters db_params = {} for key in ['network', 'firewall', 'partition', 'memory', 'disk', 'os', 'cpu']: db_params[key] = sys_info[key] if not (key in self.api.data['sys']) else json.dumps(self.api.data['sys'][key]) # Update the host system information try: # Update the host system information table DBHostSystemInfo.objects.filter(host=self.host).update(**db_params) # Update the host services table self._set_services() # Critical error when updating system information except Exception as e: return invalid('Failed to update host <%s> system information in the database: %s' % (self.host, str(e))) # Host system information updated return valid('Successfully updated host <%s> system information' % self.host)
def launch(self): # Make sure the host exists if not DBHostDetails.objects.filter(uuid=self.host).count(): return invalid('Failed to update host <%s> status, could not locate host in database' % self.host) # Get the current host details host_details = DBHostDetails.objects.filter(uuid=self.host).values()[0] # Update the agent status try: DBHostDetails.objects.filter(uuid=self.host).update(agent_status=self.status, last_checkin=time.strftime('%Y-%m-%d %H:%M:%S')) # Update the host cache self.api.cache.save_object('host', self.host) # Critical error when updating host agent status except Exception as e: return invalid('Failed to update host <%s> agent status in the database: %s' % (self.host, str(e))) # Broadcast the status to web portal clients if the agent status changed if host_details['agent_status'] != self.status: self.api.socket.broadcast('agent.status', { 'uuid': self.host, 'status': self.status }) # Agent status successfully updated return valid('Successfully updated host <%s> agent status to <%s>' % (self.host, self.status))
def launch(self): """ Worker method for deleting an ACL object definition. """ # If the ACL object doesn't exist if not DBAuthACLObjects.objects.filter(type=self.type).count(): return invalid('Cannot delete ACL object <%s>, not found in database' % self.type) self.api.log.info('BLARGLE') # Get the ACL object definition acl_object = DBAuthACLObjects.objects.filter(type=self.type).values(detailed=True)[0] # If the ACL object has any assigned object if acl_object['objects']: return invalid('Cannot delete ACL object <%s> definition, contains <%s> child objects' % (self.type, str(len(acl_object['objects'])))) # Delete the ACL object definition try: DBAuthACLObjects.objects.filter(type=self.type).delete() # Critical error when deleting ACL object except Exception as e: return invalid(self.api.log.exception('Failed to delete ACL object <%s> definition: %s' % (self.type, str(e)))) # Return the response return valid('Successfully deleted ACL object definition', { 'type': self.type })
def launch(self): """ Worker method used to saving formula run status to the database. """ self.api.log.info('Updating formula <%s> run status for host <%s>' % (self.formula, self.host)) # Check if the formula ID for the specific host is already in the database if DBHostFormulas.objects.filter(host=self.host).filter(formula=self.formula).count(): # Filter parameters filter = { 'host': self.host, 'formula': self.formula, 'current': True } # Updating status for a previous formula run try: DBHostFormulas.objects.filter(**filter).update( formula = self.formula, exit_status = self.api.data['exit_status'], exit_code = self.api.data['exit_code'], exit_msg = self.api.data['exit_msg'], log = self.api.data['log']) return valid('Successfully updated formula <%s> entry for host <%s>' % (self.formula, self.host)) # Critical error when updating host formula entry except Exception as e: return invalid(self.api.log.exception('Failed to update formula <%s> entry for host <%s>: %s' % (self.formula, self.host, str(e)))) # Setting status for a new formula run else: # Get the parent host details host_details = DBHostDetails.objects.get(uuid=self.host) # Create the new formula status entry try: DBHostFormulas( id = None, host = host_details, formula = self.formula, exit_status = self.api.data['exit_status'], exit_code = self.api.data['exit_code'], exit_msg = self.api.data['exit_msg'], log = self.api.data['log'] ).save() # Formula run status update success return valid('Successfully updated formula <%s> run status for host <%s>' % (self.formula, self.host)) # Critical error when creating host formula entry except Exception as e: return invalid(self.api.log.exception('Failed to create formula <%s> entry for host <%s>: %s' % (self.formula, self.host, str(e))))
def launch(self): """ Worker method for saving changes to an endpoint. """ # Make sure the endpoint exists if not DBAuthEndpoints.objects.filter(uuid=self.endpoint).count(): return invalid(self.api.log.error('Could not save endpoint <%s>, not found in database' % self.endpoint)) # Validate the endpoint attributes #ep_status = self.api.util.AuthEndpointsValidate.launch() #if not ep_status['valid']: # return ep_status # Get the endpoint details endpoint_row = DBAuthEndpoints.objects.filter(uuid=self.endpoint).values()[0] # Default values path = endpoint_row['path'] if not ('path' in self.api.data) else self.api.data['path'] action = endpoint_row['action'] if not ('action' in self.api.data) else self.api.data['action'] method = endpoint_row['method'] if not ('method' in self.api.data) else self.api.data['method'] enabled = endpoint_row['enabled'] if not ('enabled' in self.api.data) else self.api.data['enabled'] mod = endpoint_row['mod'] if not ('mod' in self.api.data) else self.api.data['mod'] cls = endpoint_row['cls'] if not ('cls' in self.api.data) else self.api.data['cls'] utils = endpoint_row['utils'] if not ('utils' in self.api.data) else self.api.data['utils'] rmap = endpoint_row['rmap'] if not ('rmap' in self.api.data) else self.api.data['rmap'] protected = endpoint_row['protected'] if not ('protected' in self.api.data) else self.api.data['protected'] object = endpoint_row['object'] if not ('object' in self.api.data) else self.api.data['object'] object_key = endpoint_row['object_key'] if not ('object_key' in self.api.data) else self.api.data['object_key'] name = '%s/%s' % (path, action) # Attempt to update the endpoint try: DBAuthEndpoints.objects.filter(uuid=self.endpoint).update( name = name, path = path, action = action, method = method, enabled = enabled, mod = mod, cls = cls, utils = json.dumps(utils), protected = protected, object = object, object_key = object_key, rmap = rmap ) return valid('Successfully updated endpoint.') except Exception as e: return invalid(self.api.log.exception('Failed to update endpoint: %s' % str(e)))
def launch(self): """ Worker method for saving changes to a utility. """ # Make sure the utility exists if not DBGatewayUtilities.objects.filter(uuid=self.utility).count(): return invalid(self.api.log.error('Could not save utility [%s], not found in database' % self.utility)) # Validate the utility attributes #util_status = self.api.util.GatewayUtilitiesValidate.launch() #if not util_status['valid']: # return util_status # Get the utility details util_row = DBGatewayUtilities.objects.filter(uuid=self.utility).values()[0] # Update parameters params = { 'path': self.api.data.get('path', util_row['path']), 'method': self.api.data.get('method', util_row['method']), 'mod': self.api.data.get('mod', util_row['mod']), 'cls': self.api.data.get('cls', util_row['cls']), 'utils': self.api.data.get('utils', util_row['utils']), 'rmap': self.api.data.get('rmap', util_row['rmap']), 'enabled': self.api.data.get('enabled', util_row['enabled']), 'protected': self.api.data.get('protected', util_row['protected']), 'object': self.api.data.get('object', util_row['object']), 'object_key': self.api.data.get('object_key', util_row['object_key']) } # Make sure utilities value is a string if isinstance(params['utils'], list): params['utils'] = json.dumps(params['utils']) # Make sure the request map value is a string' if isinstance(params['rmap'], dict): params['rmap'] = json.dumps(params['rmap']) # Attempt to update the utility try: DBGatewayUtilities.objects.filter(uuid=self.utility).update(**params) # Critical error when updating utility except Exception as e: return invalid(self.api.log.exception('Failed to update utility: %s' % str(e))) # Successfully updated utility return valid('Successfully updated utility.')
def launch(self): # Construct a list of authorized formulas auth_formulas = self.api.acl.authorized_objects('formula', 'formula/get') # Make sure the formula exists and is accessible if not self.formula in auth_formulas.ids: return invalid(self.api.log.error('Requested formula <%s> not found or access denied' % self.formula)) # Get the formula details formula_details = auth_formulas.extract(self.formula) # Get the formula templates formula_templates = {} for template_row in DBFormulaTemplates.objects.filter(formula=self.formula).values(): formula_templates[template_row['template_name']] = template_row['template_file'] # Encode the manifest formula_details['manifest'] = base64.encodestring(json.dumps(formula_details['manifest'])) # Set the templates formula_details['templates'] = formula_templates # Return the response return valid(json.dumps(formula_details))
def launch(self): """ Worker method that does the work of retrieving user details. :rtype: valid|invalid """ # Construct a list of authorized user objects auth_users = self.api.acl.authorized_objects('user') # If retrieving a specific user if self.user: # If the user does not exist or access is denied if not self.user in auth_users.ids: return invalid('User <%s> does not exist or access denied' % self.user) # Return the user details return valid(self._get_user(self.user)) # If retrieving all users else: # Construct a detailed users object users_obj = [] for user in auth_users.details: users_obj.append(self._get_user(user['username'])) # Return the constructed users object return valid(users_obj)
def launch(self): """ Worker method for searching the cluster index. WARNING This is a really weak class right now. I'm not sanitizing the SQL search string yet. """ # Define the search string and query search_string = MySQLdb.escape_string(self.api.data['string']) search_query = 'SELECT * FROM cluster_index WHERE string LIKE \'%%%s%%\'' % search_string # Log the search query self.api.log.info('Constructed cluster search query: <%s>' % search_query) # Run the search try: # Open a manual connection and run the query cursor = connection.cursor() cursor.execute(search_query) # Fetch the results search_results = self._get_rows(cursor) except Exception as e: return invalid(self.api.log.exception('Failed to run cluster search: %s' % str(e))) # Return the results return valid(json.dumps(search_results))
def launch(self): """ Worker method to handle resetting a user's password. """ # Construct a list of authorized users auth_users = self.api.acl.authorized_objects('user', 'user/get') # If the user does not exist or access is denied if not self.user in auth_users.ids: return invalid('Cannot reset password for user <%s>, not found or access denied' % self.user) self.api.log.info('Resetting password for user <%s>' % self.user) # Generate a new random password new_pw = gen_password() # Get the user object and set the new password try: user_obj = DBUserDetails.objects.get(username=self.user) user_obj.set_password(new_pw) user_obj.save() self.api.log.info('Successfully reset password for user <%s>' % self.user) # Critical error when resetting user password except Exception as e: return invalid('Failed to reset password for user <%s>: %s' % (self.user, str(e))) # Send the email try: # Email properties email_sub = 'CloudScape Password Reset: %s' % self.user email_txt = 'Your password has been reset. You may login with your new password "%s".' % new_pw email_from = '*****@*****.**' email_to = [user_obj.email] # Send the email send_mail(email_sub, email_txt, from_email=email_from, recipient_list=email_to, fail_silently=False) self.api.log.info('Sent email confirmation for password reset to user <%s>' % self.user) # Return the response return valid('Successfully reset user password') # Critical error when sending password reset notification except Exception as e: return invalid(self.api.log.error('Failed to send password reset confirmation: %s' % str(e)))
def launch(self): """ Worker method for creating a new ACL object definition. """ # Make sure the type definition is not already used if DBGatewayACLObjects.objects.filter(type=self.attr['type']).count(): return invalid('Failed to create ACL object type [%s], already defined' % self.attr['type']) # Check the ACL and object module/class definitions for key,status in { 'acl': mod_has_class(self.attr['acl_mod'], self.attr['acl_cls'], no_launch=True), 'obj': mod_has_class(self.attr['obj_mod'], self.attr['obj_cls'], no_launch=True) }.iteritems(): if not status['valid']: return status # Set a unique ID for the ACL object self.attr['uuid'] = str(uuid4()) # If a default ACL UUID is supplied if ('def_acl' in self.api.data): if not DBGatewayACLKeys.objects.filter(uuid=self.attr['def_acl']).count(): return invalid('Failed to create ACL object type [%s], default ACL [%s] not found' % (self.attr['type'], self.attr['def_acl'])) # Get the default ACL object self.attr['def_acl'] = DBGatewayACLKeys.objects.get(uuid=self.api.data['def_acl']) # Make sure the ACL has object type authentication enabled if not self.attr['def_acl'].type_object: return invalid('Failed to create ACL object type [%s], default ACL [%s] must have object authentication enabled' % (self.attr['type'], self.attr['def_acl']['uuid'])) # Create the ACL object definition try: DBGatewayACLObjects(**self.attr).save() # Critical error when saving ACL object definition except Exception as e: return invalid(self.api.log.exception('Failed to create ACL object type [%s]: %s' % (self.attr['type'], str(e)))) # Return the response return valid('Successfully created ACL object definition', { 'type': self.attr['type'], 'uuid': self.attr['uuid'], 'name': self.attr['name'] })
def launch(self): """ Worker method that handles the addition of members to the group. """ # Construct a list of authorized groups / users auth_groups = self.api.acl.authorized_objects('group', path='group', method=HTTP_GET) auth_users = self.api.acl.authorized_objects('user', path='user', method=HTTP_GET) # If the group does not exist or access denied if not self.group in auth_groups.ids: return invalid('Failed to add user <%s> to group <%s>, group not found or access denied' % (self.user, self.group)) # If the user does not exist or access denied if not self.user in auth_users.ids: return invalid('Failed to add user <%s> to group <%s>, user not found or access denied' % (self.user, self.group)) # Get the group object group = DBGroupDetails.objects.get(uuid=self.group) # Check if the user is already a member of the group if self.user in group.members_list(): return invalid('User <%s> is already a member of group <%s>' % (self.user, self.group)) # Get the user object user = DBUser.objects.get(uuid=self.user) # Add the user to the group try: group.members_set(user) # Failed to add user to group except Exception as e: return invalid(self.api.log.exception('Failed to add user to group: %s' % str(e))) # Update the cached group data self.api.cache.save_object('group', self.group) # Return the response return valid('Successfully added group member', { 'group': { 'name': group.name, 'uuid': self.group, 'member': user.uuid } })
def _update_profile(self): """ Update the group profile """ if 'profile' in self.api.data: try: p = self.api.data['profile'] # Changing group protected state if 'protected' in p: if not (self.group_obj.protected == p['protected']): # Cannot disable protected for default administrator group if (self.group == G_ADMIN) and (p['protected'] != True): return invalid('Cannot disable the protected flag for the default administrator group') # Update the protected flag self.group_obj.protected = p['protected'] self.group_obj.save() # Changing the group description if 'desc' in p: if not (self.group_obj.desc == p['desc']): self.group_obj.desc = p['desc'] self.group_obj.save() # Changing the group name if 'name' in p: if not (self.group_obj.name == p['name']): self.api.log.info('Renaming group <%s> to <%s>' % (self.group_obj.name, p['name'])) # Toggle the name change flag and rename the group self.name_change = True self.name_old = self.group_obj.name self.group_obj.name = p['name'] self.group_obj.save() # Set the new group name to be returned self.name_return = p['name'] except Exception as e: return invalid(self.api.log.exception('Failed to update group profile: %s' % str(e))) else: self.name_return = self.group_obj.name return valid()
def launch(self): """ Worker method to retrieve a listing of API endpoints. """ try: # If grabbing a specific endpoint if 'uuid' in self.api.data: # If the endpoint doesn't exist if not DBAuthEndpoints.objects.filter(uuid=self.api.data['uuid']).count(): return invalid('Endpoint <%s> does not exist' % self.api.data['uuid']) return valid(json.dumps(DBAuthEndpoints.objects.filter(uuid=self.api.data['uuid']).values()[0])) # Return all endpoints else: return valid(json.dumps(list(DBAuthEndpoints.objects.all().values()))) except Exception as e: return invalid(self.api.log.exception('Failed to retrieve endpoints listing: %s' % str(e)))
def _update_global_permissions(self): """ Update the group global permissions. """ if ('permissions' in self.api.data) and ('global' in self.api.data['permissions']): try: self.group_obj.global_permissions_set(self.api.data['permissions']['global']) except Exception as e: return invalid(self.api.log.exception('Failed to update global permissions: %s' % str(e))) return valid()
def _update_object_permissions(self): """ Update the group object permissions. """ if ('permissions' in self.api.data) and ('object' in self.api.data['permissions']): try: self.group_obj.object_permissions_set(self.api.data['permissions']['object']) except Exception as e: return invalid(self.api.log.exception('Failed to update object permissions: %s' % str(e))) return valid()
def launch(self): """ Worker method to retrieve a listing of API utilities. """ try: # If grabbing a specific utility if 'uuid' in self.api.data: # If the utility doesn't exist if not DBGatewayUtilities.objects.filter(uuid=self.api.data['uuid']).count(): return invalid('Utility [%s] does not exist' % self.api.data['uuid']) return valid(json.dumps(DBGatewayUtilities.objects.filter(uuid=self.api.data['uuid']).values()[0])) # Return all utilities else: return valid(json.dumps(list(DBGatewayUtilities.objects.all().values()))) except Exception as e: return invalid(self.api.log.exception('Failed to retrieve utilities listing: %s' % str(e)))