Exemple #1
0
def get_userapp_by_id(stack_id):
    token = jwt.get_token()
    claims = jwt.safe_decode(token)
    namespace = claims['username']

    userapp = data_store.retrieve_userapp_by_id(namespace, userapp_id=stack_id)

    return userapp, 200
Exemple #2
0
def refresh_token():
    existing_token = jwt.get_token()
    token_json = jwt.safe_decode(existing_token)
    fresh_token = jwt.encode(token_json['username'])
    return {
        'token': fresh_token
    }, 501, {
        'Set-Cookie': 'token=%s' % fresh_token
    }
Exemple #3
0
def list_userapps():
    token = jwt.get_token()
    claims = jwt.safe_decode(token)

    username = jwt.get_username_from_token(token)

    userapps = data_store.fetch_userapps(username)

    return userapps, 200
Exemple #4
0
def delete_account(account_id):
    token = jwt.get_token()
    claims = jwt.safe_decode(token)
    username = jwt.get_username_from_token(token)

    # Admins only: check token for required role
    if username != account_id:
        jwt.validate_scopes(['workbench-accounts'], claims)

    return data_store.delete_user(account_id)
Exemple #5
0
def update_userapp(stack_id, stack):
    token = jwt.get_token()
    claims = jwt.safe_decode(token)
    username = jwt.get_username_from_token(token)

    if stack['id'] != stack_id:
        return 'Bad Request: ID mismatch', 400
    if stack['creator'] != username:
        return 'Only the owner may modify a userapp', 403

    updated = data_store.update_userapp(stack)

    return stack, 200
Exemple #6
0
def create_userapp(stack):
    token = jwt.get_token()
    claims = jwt.safe_decode(token)
    username = jwt.get_username_from_token(token)

    stack['creator'] = username
    #stack['_id'] = generate_unique_id(username)

    spec_map = to_spec_map(data_store.fetch_all_appspecs_for_user(username))

    #try:
    kube.create_userapp(username=username, userapp=stack, spec_map=spec_map)
    stack = data_store.create_userapp(stack)

    return stack, 201
Exemple #7
0
def rename_userapp(stack_id, name):
    token = jwt.get_token()
    claims = jwt.safe_decode(token)
    username = jwt.get_username_from_token(token)
    userapp = data_store.retrieve_userapp_by_id(stack_id)

    # Verify that this user is the owner
    if userapp['creator'] != username:
        return 'Only the owner may rename a userapp', 403

    # Change the name
    userapp['name'] = name
    update_userapp(stack_id, userapp)

    return userapp, 200
Exemple #8
0
def update_account(account_id, account):
    token = jwt.get_token()
    claims = jwt.safe_decode(token)
    username = jwt.get_username_from_token(token)

    if account_id != account['id']:
        return 'error: account id mismatch', 400

    # Admins only: check token for required role
    if username != account_id:
        jwt.validate_scopes(['workbench-accounts'], claims)

    # Make sure user can't change password like this
    existing_account = data_store.retrieve_user_by_namespace(account.id)
    account.password = existing_account.password
    return mongo.parse_json(data_store.update_user(account)), 200
Exemple #9
0
def delete_userapp(stack_id):
    token = jwt.get_token()
    claims = jwt.safe_decode(token)
    username = jwt.get_username_from_token(token)

    # Verify that this user is the owner
    userapp = data_store.retrieve_userapp_by_id(stack_id)
    if userapp['creator'] != username:
        return 'Only the owner may delete a userapp', 403

    try:
        deleted = data_store.delete_userapp(stack_id)
        kube.destroy_userapp(username, userapp)
    except Exception as e:
        logger.error('Failed to delete userapp: ' % str(e))

    return '', 200
Exemple #10
0
def change_password(password):
    account_info = connexion.request.json
    logger.info(account_info)

    # Use token auth claims to fetch account
    token = jwt.get_token()
    claims = jwt.safe_decode(token)
    username = claims['username']
    account = data_store.retrieve_user_by_namespace(username)

    # Hash / salt new password
    hashed_password = bcrypt.hashpw(password, bcrypt.gensalt())

    # Only modify password field
    account.password = hashed_password
    result = data_store.update_user(account)

    return account, 200
Exemple #11
0
def get_stack_configs(services=None):
    token = jwt.get_token()
    claims = jwt.safe_decode(token)
    username = jwt.get_username_from_token(token)

    configs = []
    all_appspecs = data_store.fetch_all_appspecs_for_user(username)
    all_appspec_keys = list(map(get_key_from_appspec, all_appspecs))

    if services is None:
        return map(get_config_from_appspec, all_appspecs), 200
    else:
        for s in services:
            index = all_appspec_keys.index(s)
            if index is None:
                return 'Failed to find service: %s' % s, 400

            appspec = all_appspecs[index]

            configs.append(appspec.config)

    return configs, 200
Exemple #12
0
def list_services(catalog='all'):
    logging.info("Get services with catalog - "+catalog)

    try:
        token = jwt.get_token()
        claims = jwt.safe_decode(token)
        username = jwt.get_username_from_token(token)

        # Attempt user lookup, if possible
        if catalog == 'user':
            services = data_store.fetch_user_appspecs(username)
            return mongo.parse_json(services), 200
        else:  # catalog == all or anything else
            services = data_store.fetch_all_appspecs_for_user(username)
            return mongo.parse_json(services), 200
    except Exception as e:
        logger.debug('Skipping user catalog check: %s' % str(e))

    if catalog == 'all' or catalog == 'system':
        services = data_store.fetch_system_appspecs()
        return mongo.parse_json(services), 200
    elif catalog == 'user':
        return {'error': 'Must login to request user catalog'}, 401