from celery.exceptions import TaskRevokedError
from celery.execute import send_task
from celery.signals import celeryd_after_setup
from celery.task.control import revoke
from celery.utils.log import get_task_logger
from pymongo import MongoClient
import requests
from twisted.internet import reactor
from twisted.internet.error import ProcessDone, ProcessTerminated, ProcessExitedAlready
from twisted.internet.protocol import ProcessProtocol
from minion.backend import ownership
from minion.backend.utils import backend_config, scan_config, scannable
cfg = backend_config()
celery = Celery('tasks', broker=cfg['celery']['broker'], backend=cfg['celery']['backend'])
# If the config does not mention mongo then we do not set it up. That is ok because
# that will only happen in plugin-workers that do not need direct mongodb access.
if cfg.get('mongodb') is not None:
mongodb = MongoClient(host=cfg['mongodb']['host'], port=cfg['mongodb']['port'])
db = mongodb.minion
plans = db.plans
scans = db.scans
logger = get_task_logger(__name__)
def find_session(scan, session_id):
for session in scan['sessions']:
#!/usr/bin/env python
import calendar
import functools
import importlib
import json
import operator
from flask import abort, Flask, jsonify, request, session
from pymongo import MongoClient
import minion.backend.utils as backend_utils
import minion.backend.tasks as tasks
backend_config = backend_utils.backend_config()
mongo_client = MongoClient(host=backend_config['mongodb']['host'], port=backend_config['mongodb']['port'])
invites = mongo_client.minion.invites
groups = mongo_client.minion.groups
plans = mongo_client.minion.plans
scans = mongo_client.minion.scans
sites = mongo_client.minion.sites
users = mongo_client.minion.users
def api_guard(*decor_args):
""" Decorate a view function to be protected by requiring
a secret key in X-Minion-Backend-Key header for the decorated
backend API. If 'key' is False or not found in the config file,
the decorator will assume no protection is needed and will grant
access to all incoming request.
from celery.app.control import Control
from celery.exceptions import TaskRevokedError
from celery.execute import send_task
from celery.signals import celeryd_after_setup
from celery.task.control import revoke
from celery.utils.log import get_task_logger
from pymongo import MongoClient
import requests
from twisted.internet import reactor
from twisted.internet.error import ProcessDone, ProcessTerminated, ProcessExitedAlready
from twisted.internet.protocol import ProcessProtocol
from minion.backend import ownership
from minion.backend.utils import backend_config, scan_config, scannable
cfg = backend_config()
celery = Celery('tasks',
broker=cfg['celery']['broker'],
backend=cfg['celery']['backend'])
# If the config does not mention mongo then we do not set it up. That is ok because
# that will only happen in plugin-workers that do not need direct mongodb access.
if cfg.get('mongodb') is not None:
mongodb = MongoClient(host=cfg['mongodb']['host'],
port=cfg['mongodb']['port'])
db = mongodb.minion
plans = db.plans
scans = db.scans
logger = get_task_logger(__name__)
from flask import Flask
from pymongo import MongoClient
import minion.backend.utils as backend_utils
test_app = Flask(__name__)
@test_app.route('/')
def basic_app():
res = make_response('')
res.headers['X-Content-Type-Options'] = 'nosniff'
res.headers['X-Frame-Options'] = 'SAMEORIGIN'
res.headers['X-XSS-Protection'] = '1; mode=block'
res.headers['Content-Security-Policy'] = 'default-src *'
return res
BACKEND_KEY = backend_utils.backend_config()['api'].get('key')
BASE = 'http://localhost:8383'
APIS = {'users':
{'POST': '/users',
'GET': '/users'},
'user':
{'DELETE': '/users/{user_email}',
'GET': '/users/{user_email}',
'POST': '/users/{user_email}'},
'login':
{'PUT': '/login'},
'invites':
{'POST': '/invites',
'GET': '/invites'},
'invite':
{'POST': '/invites/{id}/control',
import functools
import importlib
import inspect
import json
import pkgutil
import operator
from flask import abort, Flask, jsonify, request, session
from pymongo import MongoClient
from minion.backend.app import app
import minion.backend.utils as backend_utils
import minion.backend.tasks as tasks
from minion.plugins.base import AbstractPlugin
backend_config = backend_utils.backend_config()
mongo_client = MongoClient(host=backend_config['mongodb']['host'], port=backend_config['mongodb']['port'])
invites = mongo_client.minion.invites
groups = mongo_client.minion.groups
plans = mongo_client.minion.plans
scans = mongo_client.minion.scans
sites = mongo_client.minion.sites
users = mongo_client.minion.users
scanschedules = mongo_client.minion.scanschedule
siteCredentials = mongo_client.minion.siteCredentials
def api_guard(*decor_args):
""" Decorate a view function to be protected by requiring
a secret key in X-Minion-Backend-Key header for the decorated
backend API. If 'key' is False or not found in the config file,
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
import os
import json
import requests
import unittest
from pymongo import MongoClient
import minion.backend.utils as backend_utils
BACKEND_KEY = backend_utils.backend_config()['api'].get('key')
class Resource(object):
""" Base class for each backend endpoint.
To subclass, the constructor must call super on
this parent class. Access self.session to get
a requests object.
"""
domain = "http://localhost:8383"
json_header = {"content-type": "application/json"}
backend_header = {"x-minion-backend-key": BACKEND_KEY}
def __init__(self):
self.session = self._create_session()
