def secure_supertenant(username: str = "okapi_admin", password: str = "admin"):
tenant = "supertenant"
permissions = [
"okapi.all",
"okapi.proxy.pull.modules.post",
"perms.all",
"login.all",
"users.all"
]
module_list = ['permissions', 'users', 'login']
o = OkapiClient()
modules = [m["id"] for m in o.get_modules() if m["name"] in module_list]
res = o.enable_modules(modules, tenant)
# print(res)
userServices = UserService(tenant)
log.info("Create user record.")
user = userServices.create_user(
username, password, permissions=permissions)
authtoken = [m["id"]
for m in o.get_modules() if m["name"] == "authtoken"][0]
res = o.enable_module(authtoken, tenant)
# print(res)
login_supertenant(username, password)
print("Successfully secured Okapi.")
def enable_modules(modules, tenant: str,
loadSample: bool = False, loadReference: bool = False):
okapi = OkapiClient()
def get_tenant_modules():
return [m["id"] for m in okapi.get_tenant_modules(tenant)]
def add_module(name, module):
log.info("Enable %s for tenant %s", name, tenant)
okapi.enable_module(module.get_modId(), tenant,
loadSample=loadSample, loadReference=loadReference)
def add_requirements(name, mod):
log.debug("Add requirements for %s", name)
for require in mod.get_requires():
log.debug("find %s", require)
for module in modules:
name = module.get_modId()
if require in module.get_provides():
log.debug("Found in %s", name)
if not name in get_tenant_modules():
add_requirements(name, module)
add_module(name, module)
else:
log.debug("%s already enabled", name)
for module in modules:
name = module.get_modId()
if not name in get_tenant_modules():
add_requirements(name, module)
add_module(name, module)
else:
log.debug("%s already enabled", name)
def tenants(self):
self._get_parser("tenants")
tenants = OkapiClient().get_tenants()
for e in tenants:
k = e["id"].ljust(15)
n = e["name"].ljust(20)
d = e["description"]
print(f"{k}\t{n}\t{d}")
def tenantInterface(self):
parser = self._get_parser("tenantInterface")
parser.add_argument("tenant", help="tenant id")
parser.add_argument("interface", help="interface id")
args = self._get_args(parser)
interface = OkapiClient().get_tenant_interface(args.interface,
args.tenant)
print(interface[0]["id"])
def addModule(self):
parser = self._get_parser("addModule")
parser.add_argument("module", help="Module, e.g. mod-users")
parser.add_argument("-v", "--version", help="Version, e.g. 17.1.0")
args = self._get_args(parser)
print(f"Add module {args.module} {args.version}")
module = helper.create_okapiModule(args.module, version=args.version)
OkapiClient().add_module(module)
def __init__(self, tenant: str, okapi: OkapiClient = None):
"""
Args:
tenant (str): Tenant id
okapi (OkapiClient, optional): Instance of OkapiClient. Defaults to None.
"""
self._tenant = tenant
self._okapi = okapi or OkapiClient()
def addModuleDescriptor(self):
parser = self._get_parser("addModule")
parser.add_argument("file", help="Path to ModulDescriptor")
args = self._get_args(parser)
print(f"Add module {args.file}")
with open(args.file) as f:
descriptor = json.load(f)
OkapiClient().add_module(OkapiModule(descriptor))
def env(self):
self._get_parser("env")
env = OkapiClient().get_env()
if not env:
print("No entries in okapi enviroment!")
for e in env:
k = e["name"].ljust(20)
v = e["value"]
print(f"{k}\t{v}")
def removeModule(self):
parser = self._get_parser("removeModule")
parser.add_argument("modid",
nargs='?',
help="Modul id, e.g. mod-users-17.1.0")
args = self._get_args(parser)
print(f"Remove module {args.modid}")
for modid in args.modid:
OkapiClient().remove_module(modid)
def create_superuser(tenant: str, username: str = "admin", password: str = "folio"):
okapi = OkapiClient()
log.info("Disable authtoken for tenant.")
try:
mod_authtoken = okapi.get_tenant_interface("authtoken", tenant)[0]
disabled_mods = okapi.disable_module(mod_authtoken["id"], tenant)
except:
disabled_mods = None
userService = UserService(tenant)
log.info("Create user record.")
user = userService.create_user(
username, password,
permissions=["perms.all",
"users.collection.get"],
personal={"lastName": "Superuser"})
log.info("Create service points for user record.")
servicepoints = userService.get_servicePoints()
servicepointsIds = [sp["id"] for sp in servicepoints["servicepoints"]]
if servicepointsIds:
log.debug(servicepoints)
userService.set_servicePoints(username, servicepointsIds,
servicepointsIds[0])
log.info("Enable mod-authtoken.")
okapi.enable_modules([m["id"] for m in disabled_mods], tenant)
log.info("Login as superuser")
userService.login(username, password)
log.info("Generate list of permissions")
perms = Permissions(tenant).get_permissions(
query="cql.allRecords=1 not permissionName==okapi.* not permissionName==modperms.* not permissionName==SYS#*",
length="5000")
topLevelPermissions = []
for permission in perms["permissions"]:
mods_perms = 0
for s in permission["childOf"]:
if s.startswith("SYS#") or s.startswith("modperms"):
mods_perms += 1
if len(permission["childOf"]) == mods_perms:
topLevelPermissions.append(permission["permissionName"])
# topLevelPermissions.extend(
# ["codex.collection.get",
# "codex-mux.instances.collection.get"])
if StrictVersion(okapi.version()) >= StrictVersion("4.0"):
topLevelPermissions.extend(["okapi.proxy.modules.get"])
userService.set_permissions(username, topLevelPermissions)
log.info("Superuser %s created.", username)
return user
def undeployModule(self):
parser = self._get_parser("undeployModule")
parser.add_argument(
"modid",
nargs='?',
help="Modul id, e.g. mod-users-17.1.0. Can be repeated")
args = self._get_args(parser)
print(f"Undeploy module {args.modid}")
for modid in args.modid:
OkapiClient().undeploy_module(modid)
def enableModule(self):
parser = self._get_parser("enableModule")
parser.add_argument("tenant", help="tenant id")
parser.add_argument(
"modid",
nargs='?',
help="Modul id, e.g. mod-users-17.1.0. Can be repeated")
parser.add_argument("--loadSample", help="", action="store_true")
parser.add_argument("--loadReference", help="", action="store_true")
parser.add_argument("--async",
action="store_true",
help="Install in the background")
parser.add_argument("--deploy",
action="store_true",
help="Deploy modules")
parser.add_argument("--ignoreErrors",
action="store_true",
help="Ignore errors during the install operation")
parser.add_argument(
"--invoke",
action="store_false",
help="Not invoke for tenant init/permissions/purge")
parser.add_argument("--npmSnapshot",
action="store_false",
help="Not include NPM module snapshots")
parser.add_argument(
"--preRelease",
action="store_false",
help="Pre-releases should be considered for installation")
parser.add_argument("--simulate",
action="store_true",
help="Simulate the installation")
args = self._get_args(parser)
kwargs = {}
if getattr(args, "async"):
kwargs["async"] = getattr(args, "async")
if args.deploy:
kwargs["deploy"] = args.deploy
if args.ignoreErrors:
kwargs["ignoreErrors"] = args.ignoreErrors
if args.simulate:
kwargs["simulate"] = args.simulate
if not args.invoke:
kwargs["invoke"] = args.invoke
if not args.npmSnapshot:
kwargs["npmSnapshot"] = args.npmSnapshot
if not args.preRelease:
kwargs["preRelease"] = args.preRelease
print(f"Enable module {args.modid} for tenant {args.tenant}")
for modid in args.modid:
OkapiClient().enable_module(modid,
args.tenant,
loadSample=args.loadSample,
loadReference=args.loadReference,
**kwargs)
def set_env_db(db_host: str, db_port: str = "5432", username: str = "folio_admin",
password: str = "folio_admin", database: str = "okapi_modules"):
okapi = OkapiClient()
okapi.set_env("DB_HOST", db_host)
okapi.set_env("DB_PORT", db_port)
okapi.set_env("DB_USERNAME", username)
okapi.set_env("DB_PASSWORD", password)
okapi.set_env("DB_DATABASE", database)
okapi.set_env("DB_QUERYTIMEOUT", "60000")
okapi.set_env("DB_CHARSET", "UTF-8")
okapi.set_env("DB_MAXPOOLSIZE", "5")
def install_okapi(fname, node: str, tenant: str, loadSample: bool = False, loadReference: bool = False):
with open(fname) as f:
data = json.load(f)
if isinstance(data, dict):
mods = data
elif isinstance(data, list):
mods = {}
for m in data:
p = m["id"].split("-")
version = p.pop()
name = "-".join(p)
mods[name] = version
if not tenant in [e["id"] for e in OkapiClient().get_tenants()]:
OkapiClient().create_tenant(tenant)
modules = create_okapiModules(mods)
add_modules(modules)
deploy_modules(modules, node)
enable_modules(modules, tenant, loadSample=loadSample,
loadReference=loadReference)
def install_stripes(fname, tenant: str):
with open(fname) as f:
data = json.load(f)
if isinstance(data, dict):
mods = data
elif isinstance(data, list):
mods = {}
for m in data:
p = m["id"].split("-")
version = p.pop()
if "SNAPSHOT" in version:
version = "%s-%s" % (p.pop(), version)
name = "-".join(p)
mods[name] = version
if not tenant in [e["id"] for e in OkapiClient().get_tenants()]:
OkapiClient().create_tenant(tenant)
modules = okapi_helper.create_okapiModules(mods)
okapi_helper.add_modules(modules)
okapi_helper.enable_modules(modules, tenant)
def _get_node(self):
try:
nodes = OkapiClient().get_nodes()
except:
nodes = []
host = Config().okapicfg().get("Okapi", "host")
port = Config().okapicfg().get("Okapi", "port")
for node in nodes:
if "nodeName" in node:
if f"{host}:{port}" in node["url"]:
return node["nodeName"]
return host
def tenantModules(self):
parser = self._get_parser("tenantModules")
parser.add_argument("tenant", help="tenant id")
parser.add_argument("--full", help="Full MD should be returned")
args = self._get_args(parser)
kwargs = {}
if args.full:
kwargs["full"] = args.full
mods = OkapiClient().get_tenant_modules(args.tenant, **kwargs)
for e in mods:
k = e["id"]
print(f"{k}")
def nodes(self):
self._get_parser("nodes")
nodes = OkapiClient().get_nodes()
for e in nodes:
s = ""
s += e["nodeId"]
s += "\t"
s += e["url"].ljust(25)
if "nodeName" in e:
s += "\t"
s += e["nodeName"]
print(s)
def addTenant(self):
parser = self._get_parser("createTenant")
parser.add_argument("tenant", help="tenant id")
parser.add_argument("-a", "--name", default="", help="tenant name")
parser.add_argument("-d",
"--description",
default="",
help="tenant description long")
args = self._get_args(parser)
print(f"Create tenant: {args.tenant}")
print(f"Name: {args.name}")
print(f"Description: {args.description}")
OkapiClient().create_tenant(args.tenant, args.name, args.description)
def tenantInterfaces(self):
parser = self._get_parser("tenantInterfaces")
parser.add_argument("tenant", help="tenant id")
parser.add_argument("--full", help="Full MD should be returned")
args = self._get_args(parser)
kwargs = {}
if args.full:
kwargs["full"] = args.full
interfaces = OkapiClient().get_tenant_interfaces(args.tenant, **kwargs)
for e in sorted(interfaces, key=lambda e: e["id"]):
k = e["id"].ljust(35)
n = e["version"]
print(f"{k}\t{n}")
def print_okapi_all():
pp = pprint.PrettyPrinter(indent=2)
okapi = OkapiClient()
print("# Env")
pp.pprint(okapi.get_env())
print("# Nodes")
pp.pprint(okapi.get_nodes())
print("# Modules")
pp.pprint(okapi.get_modules())
print("# Deployed Modules")
pp.pprint(okapi.get_deployed_modules())
print("# Tenants")
pp.pprint(okapi.get_tenants())
def health(self):
parser = self._get_parser("health")
parser.add_argument("-s", "--serviceId", help="")
parser.add_argument("-i", "--instanceId", help="requires serviceId")
args = self._get_args(parser)
res = OkapiClient().health(args.serviceId, args.instanceId)
if isinstance(res, dict):
res = [res]
print("Service ID\t\t\t\t\tMessage\t\tInstall ID\t\t\t\tStatus")
for e in res:
print("%s\t%s\t\t%s\t%s" %
(e["srvcId"].ljust(40), e["healthMessage"], e["instId"],
e["healthStatus"]))
def deploy_modules(modules: list, node: str):
okapi = OkapiClient()
deployed_modules = [m["srvcId"] for m in okapi.get_deployed_modules()]
for module in modules:
name = module.get_modId()
if not name in deployed_modules:
log.info("Deploy %s", name)
okapi.deploy_module(name, node)
deployed_modules.append(name)
else:
log.info("Module %s already deployed", name)
# Check if all deployed
deployed_modules = [m["srvcId"] for m in okapi.get_deployed_modules()]
for module in modules:
name = module.get_modId()
if not name in deployed_modules:
log.error("%s is not deployed", name)
def modules(self):
parser = self._get_parser("modules")
parser.add_argument("--full",
action="store_true",
help="Full MD should be returned")
args = self._get_args(parser)
kwargs = {}
if args.full:
kwargs["full"] = args.full
mods = OkapiClient().get_modules(**kwargs)
for e in mods:
if args.full:
print(json.dumps(e, indent=2) + "\n")
else:
k = e["id"].ljust(40)
v = e["name"]
print(f"{k}\t{v}")
def disableModule(self):
parser = self._get_parser("disableModule")
parser.add_argument("tenant", help="tenant id")
parser.add_argument(
"modid",
nargs='?',
help="Modul id, e.g. mod-users-17.1.0. Can be repeated")
parser.add_argument("--async",
action="store_true",
help="Uninstall in the background")
parser.add_argument("--undeploy",
action="store_true",
help="Undeploy modules")
parser.add_argument(
"--ignoreErrors",
action="store_true",
help="Ignore errors during the uninstall operation")
parser.add_argument(
"--invoke",
action="store_false",
help="Not invoke for tenant init/permissions/purge")
parser.add_argument("--purge",
action="store_true",
help="Modules will also be purged.")
parser.add_argument("--simulate",
action="store_true",
help="Simulate the installation")
args = self._get_args(parser)
kwargs = {}
if getattr(args, "async"):
kwargs["async"] = getattr(args, "async")
if args.undeploy:
kwargs["deploy"] = args.undeploy
if args.ignoreErrors:
kwargs["ignoreErrors"] = args.ignoreErrors
if args.purge:
kwargs["purge"] = args.purge
if args.simulate:
kwargs["simulate"] = args.simulate
if not args.invoke:
kwargs["invoke"] = args.invoke
print(f"Disable module {args.modid} for tenant {args.tenant}")
for modid in args.modid:
OkapiClient().disable_module(modid, args.tenant, **kwargs)
def add_modules(modules: list):
added_modules = []
okapi = OkapiClient()
def add_requirements(name, mod):
log.debug("Add requirements for %s", name)
for require in mod.get_requires():
log.debug("find %s", require)
for module in modules:
name = module.get_modId()
if require in module.get_provides():
log.debug("Found in %s", name)
if not name in added_modules:
log.debug("Prepare %s", name)
add_requirements(name, module)
log.info("Add %s", name)
okapi.add_module(module)
added_modules.append(name)
else:
log.debug("%s already added", name)
for module in modules:
name = module.get_modId()
if not name in added_modules:
log.debug("Prepare %s", name)
add_requirements(name, module)
log.info("Add %s", name)
okapi.add_module(module)
added_modules.append(name)
else:
log.debug("%s already added", name)
success = True
added_modules = [m["id"] for m in okapi.get_modules()]
for module in modules:
name = module.get_modId()
if not name in added_modules:
log.error("Can not add modul %s", name)
success = False
return success
def deployed(self):
parser = self._get_parser("deployed")
parser.add_argument("-v",
"--verbose",
help="increase output verbosity",
action="store_true")
args = self._get_args(parser)
mods = OkapiClient().get_deployed_modules()
if args.verbose:
pp = pprint.PrettyPrinter(indent=2)
for mod in mods:
print()
pp.pprint(mod)
else:
print("Mod-id\t\t\t\tNode\t\tDocker-URL\t\t\tDocker-Image")
for e in mods:
m = e["srvcId"].ljust(30)
n = e["nodeId"]
u = e["url"]
if "dockerImage" in e["descriptor"]:
d = e["descriptor"]["dockerImage"]
else:
d = ""
print(f"{m}\t{n}\t{u}\t{d}")
def module(self):
parser = self._get_parser("module")
parser.add_argument("modid", help="Modul id, e.g. mod-users-17.1.0")
args = self._get_args(parser)
mod = OkapiClient().get_module(args.modid)
print(json.dumps(mod, indent=2))
def version(self):
self._get_parser("version")
print(OkapiClient().version())
def removeTenant(self):
parser = self._get_parser("removeTenant")
parser.add_argument("tenant", help="tenant id")
args = self._get_args(parser)
print(f"Remove tenant: {args.tenant}")
OkapiClient().remove_tenant(args.tenant)