def createGCPCredentials():
data = dict(request.form)
# Check required fields
if 'account' in request.files:
account = request.files['account'].read().decode("utf-8")
else:
return Response.make_error_resp("Account is required", code=400)
if 'platform' in data:
platform = data['platform']
else:
return Response.make_error_resp("Platform is required", code=400)
if 'name' in data:
name = data['name']
else:
return Response.make_error_resp("Name is required", code=400)
if 'password' in data:
password = data["password"]
else:
return Response.make_error_resp(msg="Password is required", code=400)
if 'uid' in data:
uid = data['uid']
else:
return Response.make_error_resp("User id is Required")
try:
user = Users.get(Users.uid == uid)
except Users.DoesNotExist:
return Response.make_error_resp(msg="No User Found")
except Exception as e:
return Response.make_error_resp(msg="Error reading database", code=500)
if pbkdf2_sha256.verify(password, user.password):
account = encryption.encryptString(password=password, salt=user.keySalt, resKey=user.resKey, string=account)
try:
newCreds = GCPCreds.create(name=name, platform=platform, account=account,uid=uid,id=str(uuid.uuid4()))
except Exception as e:
print(e)
return Response.make_error_resp(msg="Error Creating Credentials", code=400)
# Check the creds are there
try:
creds = GCPCreds.get(GCPCreds.id == newCreds.id)
except GCPCreds.DoesNotExist:
return Response.make_error_resp(msg="Error Finding Creds", code=400)
# Return the name and id of the creds
res = {
'name': creds.name,
'id': creds.id
}
return Response.make_json_response(res)
else:
return Response.make_error_resp(msg="Password is not correct", code=400)
def getSshKey(uid):
data = request.json
try:
user = Users.get(Users.uid == uid)
except Users.DoesNotExist:
return Response.make_error_resp(msg="No User Found")
except:
return Response.make_error_resp(msg="Error reading database", code=500)
if 'password' in data:
password = data["password"]
else:
return Response.make_error_resp(msg="Password is required", code=400)
# Verify password
if not pbkdf2_sha256.verify(password, user.password):
return Response.make_error_resp(msg="Password is not correct", code=400)
# Encrypt the user ssh key
privateKey = encryption.decryptString(password=password, salt=user.keySalt, resKey=user.resKey, string=user.privateKey)
publicKey = encryption.decryptString(password=password, salt=user.keySalt, resKey=user.resKey, string=user.publicKey)
res = {
"publicKey": publicKey,
"privateKey": privateKey
}
return Response.make_json_response(res)
def removeCreds(type, id):
if type == "AWS":
cred = AWSCreds.get(AWSCreds.id == id)
spaces = SpaceAWS.select().where(SpaceAWS.cid == cred.id)
if len(spaces) != 0:
return Response.make_error_resp(msg="Please Delete Spaces using these credentials before deleting "
"credentials", code=400)
else:
cred.delete_instance()
return Response.make_success_resp("Credentials have been removed")
if type == "Openstack":
cred = OSCreds.get(OSCreds.id == id)
spaces = SpaceOS.select().where(SpaceOS.cid == cred.id)
if len(spaces) != 0:
return Response.make_error_resp(msg="Please Delete Spaces using these credentials before deleting "
"credentials", code=400)
else:
cred.delete_instance()
return Response.make_success_resp("Credentials have been removed")
if type == "GCP":
cred = GCPCreds.get(GCPCreds.id == id)
platforms = Platforms.select().where(Platforms.cid == cred.id)
if len(platforms) != 0:
return Response.make_error_resp(msg="Please Delete Platforms using these credentials before deleting "
"credentials", code=400)
else:
cred.delete_instance()
return Response.make_success_resp("Credentials have been removed")
else:
return Response.make_error_resp("Invalid Type", code=400)
def removeUser(uid):
data = request.json
try:
user = Users.get(Users.uid == uid)
except Users.DoesNotExist:
return Response.make_error_resp(msg="No User Found")
except:
return Response.make_error_resp(msg="Error reading database", code=500)
platforms = Platforms.select().where(Platforms.uid == user.uid)
awsSpaces = SpaceAWS.select().where(SpaceAWS.uid == user.uid)
if len(platforms) != 0 or len(awsSpaces) !=0:
return Response.make_error_resp(msg="Please remove all spaces and platforms before deleting account")
if 'password' in data:
password = data["password"]
else:
return Response.make_error_resp(msg="Password is required", code=400)
# Verify password
if pbkdf2_sha256.verify(password, user.password):
AWSCreds.delete().where(AWSCreds.uid == user.uid)
OSCreds.delete().where(OSCreds.uid == user.uid)
GCPCreds.delete().where(GCPCreds.uid == user.uid)
user.delete_instance()
return Response.make_success_resp("User has been removed")
def dataProcessingFile():
path = "app/downloads/dataProcessing.py"
try:
return send_file(path,
attachment_filename="dataProcessing.py",
as_attachment=True)
except Exception as e:
print(e)
return Response.make_error_resp("Error Getting File", code=400)
def removeAWSSpace(id):
try:
space = SpaceAWS.get(SpaceAWS.id == id)
except SpaceAWS.DoesNotExist:
return Response.make_error_resp(msg="Space Not Found", code=400)
platforms = Platforms.select().where(Platforms.sid == space.id)
if len(platforms) != 0:
return Response.make_error_resp(
msg=
"Please remove all platforms in this space before removing space")
data = request.json
if 'uid' in data:
uid = data['uid']
else:
return Response.make_error_resp(msg="User ID is required", code=400)
try:
user = Users.get(Users.uid == uid)
except Users.DoesNotExist:
return Response.make_error_resp(msg="No User Found")
if 'password' in data:
password = data['password']
else:
return Response.make_error_resp(msg="Password is required", code=400)
if not pbkdf2_sha256.verify(password, user.password):
return Response.make_error_resp(msg="Password is Incorrect", code=400)
creds = AWSCreds.get(AWSCreds.id == space.cid)
secretKey = encryption.decryptString(password=password,
salt=user.keySalt,
resKey=user.resKey,
string=creds.secretKey)
accessKey = encryption.decryptString(password=password,
salt=user.keySalt,
resKey=user.resKey,
string=creds.accessKey)
tf.generateAWSSpaceVars(secretKey, accessKey, "", "", "", space.dir)
path = space.dir
resultCode = tf.destroy(space.dir)
if resultCode != 0:
return Response.make_error_resp(msg="Error deleting platform")
space.delete_instance()
if path != "":
shutil.rmtree(path)
return Response.make_success_resp(msg="Space Has been removed")
def getAllCreds(uid):
try:
user = Users.get(Users.uid == uid)
except Users.DoesNotExist:
return Response.make_error_resp(msg="No User Found")
except:
return Response.make_error_resp(msg="Error reading database", code=500)
response = []
awsQuery = AWSCreds.select(AWSCreds.name, AWSCreds.id).where(AWSCreds.uid == user.uid)
for creds in awsQuery:
cred = {
"name": creds.name,
"id" : creds.id,
"type": "AWS"
}
response.append(cred)
osQuery = OSCreds.select(OSCreds.name, OSCreds.id).where(OSCreds.uid == user.uid)
for creds in osQuery:
cred = {
"name": creds.name,
"id" : creds.id,
"type": "Openstack"
}
response.append(cred)
gcpQuery = GCPCreds.select(GCPCreds.name, GCPCreds.id).where(GCPCreds.uid == user.uid)
for creds in gcpQuery:
cred = {
"name": creds.name,
"id" : creds.id,
"type": "GCP"
}
response.append(cred)
res = {
"creds": response
}
return Response.make_json_response(res)
def updateUser():
data = request.json
# Verify data
if 'uid' in data:
uid = data["uid"]
else:
return Response.make_error_resp(msg="UID is required", code=400)
try:
user = Users.get(Users.uid == uid)
except Users.DoesNotExist:
return Response.make_error_resp(msg="No User Found")
except:
return Response.make_error_resp(msg="Error reading database", code=500)
if 'password' in data:
password = data["password"]
else:
return Response.make_error_resp(msg="Password is required", code=400)
# Verify password
if pbkdf2_sha256.verify(password, user.password):
if data["newPassword"] is not None:
pass
if data["newUserName"] is not None:
user.userName = data["newUserName"]
user.save()
# Return data
res = {
'success': True,
'username': user.userName,
'email': user.email,
'uid': user.uid,
}
return Response.make_json_response(res)
else:
return Response.make_error_resp(msg="Password Incorrect", code=400)
def login():
data = request.json
# Verify data
if 'email' in data:
email = data["email"]
else:
return Response.make_error_resp(msg="Email is required", code=400)
if 'password' in data:
password = data["password"]
else:
return Response.make_error_resp(msg="Password is required", code=400)
try:
user = Users.get(Users.email == email)
except Users.DoesNotExist:
return Response.make_error_resp(msg="No User Found")
except:
return Response.make_error_resp(msg="Error reading database", code=500)
# Verify password
if pbkdf2_sha256.verify(password, user.password):
# Generate User tokens
access_token = create_access_token(identity=user.userName)
refresh_token = create_refresh_token(identity=user.userName)
# Return data
res = {
'success': True,
'username': user.userName,
'email': user.email,
'uid': user.uid,
'access_token': access_token,
'refresh_token': refresh_token
}
return Response.make_json_response(res)
else:
return Response.make_error_resp(msg="Password Incorrect", code=400)
def getSpaces(uid):
try:
user = Users.get(Users.uid == uid)
except Users.DoesNotExist:
return Response.make_error_resp(msg="No User Found")
except:
return Response.make_error_resp(msg="Error reading database", code=500)
response = []
awsQuery = SpaceAWS.select(SpaceAWS.name,
SpaceAWS.id).where(SpaceAWS.uid == user.uid)
for space in awsQuery:
awsSpace = {"name": space.name, "id": space.id, "type": "AWS"}
response.append(awsSpace)
osQuery = SpaceOS.select(SpaceOS.name,
SpaceOS.id).where(SpaceOS.uid == user.uid)
for space in osQuery:
osSpace = {"name": space.name, "id": space.id, "type": "Openstack"}
response.append(osSpace)
res = {"spaces": response}
return Response.make_json_response(res)
def getPlatforms(uid):
try:
user = Users.get(Users.uid == uid)
except Users.DoesNotExist:
return Response.make_error_resp(msg="No User Found")
except:
return Response.make_error_resp(msg="Error reading database", code=500)
response = []
platformQuery = Platforms.select(
Platforms.name, Platforms.id, Platforms.cloudService,
Platforms.ipAddress).where(Platforms.uid == user.uid)
for platform in platformQuery:
plat = {
"name": platform.name,
"id": platform.id,
"ip": platform.ipAddress,
"cloudService": platform.cloudService
}
response.append(plat)
res = {"platforms": response}
return Response.make_json_response(res)
def removeOSSpace(id):
try:
space = SpaceOS.get(SpaceOS.id == id)
except SpaceOS.DoesNotExist:
return Response.make_error_resp(msg="Space Not Found", code=400)
platforms = Platforms.select().where(Platforms.sid == space.id)
if len(platforms) != 0:
return Response.make_error_resp(
msg=
"Please remove all platforms in this space before removing space")
data = request.json
if 'uid' in data:
uid = data['uid']
else:
return Response.make_error_resp(msg="User ID is required", code=400)
try:
user = Users.get(Users.uid == uid)
except Users.DoesNotExist:
return Response.make_error_resp(msg="No User Found")
if 'password' in data:
password = data['password']
else:
return Response.make_error_resp(msg="Password is required", code=400)
if pbkdf2_sha256.verify(password, user.password):
space.delete_instance()
return Response.make_success_resp("Space Removed")
else:
return Response.make_error_resp(msg="Password is Incorrect", code=400)
def page_not_found(error):
return Response.make_error_resp(msg=str(error.description), code=404)
def createAWSCredentials():
data = request.json
# Check required fields
if 'name' in data:
name = data['name']
else:
return Response.make_error_resp("Name is required ", code=400)
if 'password' in data:
password = data["password"]
else:
return Response.make_error_resp(msg="Password is required", code=400)
if 'uid' in data:
uid = data['uid']
else:
return Response.make_error_resp("User id is Required")
if 'accessKey' in data:
accessKey = data['accessKey']
else:
return Response.make_error_resp("Access Key is Required")
if 'secretKey' in data:
secretKey = data['secretKey']
else:
return Response.make_error_resp("Secret Key is Required")
# Get the user
try:
user = Users.get(Users.uid == uid)
except Users.DoesNotExist:
return Response.make_error_resp(msg="User does not exist", code=404)
# Verify user password
if pbkdf2_sha256.verify(password, user.password):
# Encrypt the user data
accessKey = encryption.encryptString(password=password, salt=user.keySalt, resKey=user.resKey, string=accessKey)
secretKey = encryption.encryptString(password=password, salt=user.keySalt, resKey=user.resKey, string=secretKey)
# Create the credentials object
try:
newCreds = AWSCreds.create(name=name, accessKey=accessKey, secretKey=secretKey, uid=uid,
id=str(uuid.uuid4()))
except Exception as e:
print(e)
return Response.make_error_resp("Error Creating Creds")
# Check the creds are there
try:
creds = AWSCreds.get(AWSCreds.id == newCreds.id)
except AWSCreds.DoesNotExist:
return Response.make_error_resp(msg="Error Finding Creds", code=400)
# Return the name and id of the creds
res = {
'name': creds.name,
'id': creds.id
}
return Response.make_json_response(res)
else:
return Response.make_error_resp(msg="Password is not correct", code=400)
def page_bad_request(error):
# temp fix for csrf message
if(error.description == "CSRF token missing or incorrect."):
error.description = "You have lost connection. Please refresh the page."
return Response.make_error_resp(msg=str(error.description), code=400)
def page_not_found(error):
return Response.make_error_resp(msg=str(error.description), code=404)
def createPlatform():
data = dict(request.form)
if 'script' in request.files:
script = request.files['script']
else:
script = None
externalVolume = None
if 'platformName' in data:
platformName = data["platformName"] + tf.genComponentID()
else:
return Response.make_error_resp(msg="Platform Requires Name", code=400)
if 'cloudService' in data:
cloudService = data['cloudService']
else:
return Response.make_error_resp(msg="Cloud Service Choice is required",
code=400)
if 'uid' in data:
uid = data['uid']
else:
return Response.make_error_resp(msg="User ID is required", code=400)
try:
user = Users.get(Users.uid == uid)
except Users.DoesNotExist:
return Response.make_error_resp(msg="No User Found")
if 'password' in data:
password = data['password']
else:
return Response.make_error_resp(msg="Password is required", code=400)
if not pbkdf2_sha256.verify(password, user.password):
return Response.make_error_resp(msg="Password is Incorrect", code=400)
if 'sid' in data:
sid = data['sid']
else:
sid = ""
if "rabbitUser" in data:
rabbitUser = data['rabbitUser']
else:
rabbitUser = ""
if "rabbitPass" in data:
rabbitPass = data['rabbitPass']
else:
rabbitPass = ""
if "rabbitTLS" in data:
# Get string version of rabbitTLS flag as ansible is looking for a string
rabbitTLS = data['rabbitTLS']
else:
rabbitTLS = "false"
if "database" in data:
validDbs = ["influxdb", "mongodb", "mysqldb", "timescaledb"]
database = data['database']
if database not in validDbs:
return Response.make_error_resp(msg="Invalid database", code=400)
else:
return Response.make_error_resp(msg="Database is required", code=400)
if "dbFields" in data:
if database == "mysqldb" or database == "timescaledb":
try:
dbFields = json.loads(data["dbFields"])
except Exception as e:
print(e)
return Response.make_error_resp(msg="Invalid DB fields",
code=400)
else:
dbFields = None
else:
dbFields = None
if "dbsize" in data:
dbsize = int(data["dbsize"])
if dbsize % 10 != 0 or dbsize > 100:
return Response.make_error_resp(msg="Database Size is invalid")
else:
return Response.make_error_resp(msg="Database Size is required",
code=400)
if 'packages' in data:
packages = data['packages'].replace(" ", "").split(",")
else:
packages = []
if 'monitoring' in data:
monitoring = data["monitoring"]
if monitoring == "true":
monitoringFreq = data["monitoringFreq"]
else:
monitoringFreq = "30"
else:
monitoring = "false"
monitoringFreq = "30"
if len(packages) != 0:
issue = checkPackages(packages)
if issue != "":
return Response.make_error_resp(msg=issue + " Package not valid",
code=400)
packages = packages + [
"pika==1.1.0", "influxdb", "pymongo", "mysql-connector", "psycopg2"
]
safePlatformName = platformName.replace('/', '_')
safePlatformName = safePlatformName.replace(' ', '_')
cid = ""
space = ""
# ------------Terraform Setup------------#
validPlatforms = ["aws", "openstack", "gcp"]
if cloudService not in validPlatforms:
return Response.make_error_resp(msg="invalid cloudService", code=400)
# Define Terraform Variables
tfPath = ""
platformPath = ""
if cloudService == "aws":
tfPath = "terraformScripts/createPlatform/aws"
externalVolume = "/dev/nvme1n1"
try:
space = SpaceAWS.get((SpaceAWS.id == sid) & (SpaceAWS.uid == uid))
except SpaceAWS.DoesNotExist:
return Response.make_error_resp(msg="Error Finding Space",
code=400)
platformPath = os.path.join(space.dir, "platforms", safePlatformName)
elif cloudService == "openstack":
tfPath = "terraformScripts/createPlatform/openstack"
externalVolume = "/dev/vdb"
if 'flavorName' in data:
flavorName = data['flavorName']
else:
return Response.make_error_resp(
msg="Flavor Name Required for Openstack")
if 'imageName' in data:
imageName = data['imageName']
else:
return Response.make_error_resp(
msg="Image Name Required for Openstack")
try:
space = SpaceOS.get((SpaceOS.id == sid) & (SpaceOS.uid == uid))
except SpaceOS.DoesNotExist:
return Response.make_error_resp(msg="Error Finding Space",
code=400)
platformPath = os.path.join("openstack", "platforms", safePlatformName)
elif cloudService == "gcp":
tfPath = "terraformScripts/createPlatform/gcp"
externalVolume = "/dev/sdb"
if 'zone' in data:
zone = data['zone']
else:
return Response.make_error_resp(msg="Zone Required for GCP")
if 'cid' in data:
cid = data['cid']
else:
return Response.make_error_resp(msg="Credentials Required for GCP")
try:
creds = GCPCreds.get((GCPCreds.id == cid) & (GCPCreds.uid == uid))
except SpaceOS.DoesNotExist:
return Response.make_error_resp(msg="Error Finding Credentials",
code=400)
platformPath = os.path.join("gcp", "platforms", safePlatformName)
try:
shutil.copytree(tfPath, platformPath)
except FileExistsError as e:
return Response.make_error_resp(msg="Platform Name already used",
code=400)
if cloudService == "aws":
print(dbsize)
varPath = awsGenVars(user, password, space, dbsize, safePlatformName,
platformPath)
if varPath == "Error Finding Creds":
return Response.make_error_resp(msg="Error Finding Creds",
code=400)
elif cloudService == "openstack":
print(dbsize)
varPath = osGenVars(user, password, space, flavorName, imageName,
dbsize, safePlatformName, platformPath)
if varPath == "Error Finding Creds":
return Response.make_error_resp(msg="Error Finding Creds",
code=400)
elif cloudService == "gcp":
print(dbsize)
varPath, accountPath, keyPath = gcpGenVars(user, password, creds, zone,
dbsize, safePlatformName,
platformPath)
#------------Ansible Setup------------#
createAnsibleFiles = "ansiblePlaybooks/createPlatform"
ansiblePath = os.path.join(platformPath, "ansible", "createPlatform")
shutil.copytree(createAnsibleFiles, ansiblePath)
if script:
script.save(
os.path.join(ansiblePath, "roles", "dmacklin.mytInstall",
"templates", "dataProcessing.py"))
if dbFields:
ab.createSQLInit(ansiblePath, dbFields, database)
ab.updateAnsiblePlaybookVars(cloudService, externalVolume, database,
rabbitTLS, monitoring, monitoringFreq,
ansiblePath)
ab.generateMyTConfig(rabbitUser, rabbitPass, rabbitTLS, database,
ansiblePath)
ab.generateRequirementsFile(packages, ansiblePath, "dmacklin.mytInstall")
# ------------Terraform Create------------#
initResultCode = tf.init(platformPath)
output, createResultCode = tf.create(platformPath)
print(createResultCode)
if createResultCode != 0:
# Add destroy function here
print("Removing Inf")
tf.destroy(platformPath)
shutil.rmtree(platformPath)
return Response.make_error_resp(msg="Error Creating Infrastructure",
code=400)
# Remove the vars file
os.remove(varPath)
if cloudService == "gcp":
os.remove(accountPath)
os.remove(keyPath)
isUp = serverCheck(output["instance_ip_address"]["value"])
if not isUp:
return Response.make_error_resp(msg="Error Contacting Server")
# ------------Ansible Create------------#
privateKey = encryption.decryptString(password=password,
salt=user.keySalt,
resKey=user.resKey,
string=user.privateKey)
aboutput, aberror = ab.runPlaybook(output["instance_ip_address"]["value"],
privateKey, ansiblePath,
"installService")
print(aboutput)
print(aberror)
# ------------Save Platform------------#
newPlatform = Platforms.create(
dir=platformPath,
name=safePlatformName,
uid=user.uid,
sid=sid,
cid=cid,
cloudService=cloudService,
ipAddress=output["instance_ip_address"]["value"],
packageList=data['packages'],
database=database,
dbsize=dbsize,
id=str(uuid.uuid4()))
try:
platform = Platforms.get(Platforms.id == newPlatform.id)
except Platforms.DoesNotExist:
return Response.make_error_resp(msg="Platform Not Found", code=400)
# ------------Return Data------------#
if rabbitTLS == "true":
filename = "cert_rabbitmq.zip"
dumpPath = os.path.join(ansiblePath, filename)
try:
return send_file(dumpPath,
attachment_filename=filename,
as_attachment=True,
mimetype="application/zip")
except Exception as e:
print(e)
return Response.make_error_resp("Error Getting Certs", code=400)
else:
res = {"id": platform.id, "name": platform.name}
return Response.make_data_resp(res)
def updateDataProcessing(id):
try:
platform = Platforms.get(Platforms.id == id)
except Platforms.DoesNotExist:
return Response.make_error_resp(msg="Platform Not Found", code=400)
data = dict(request.form)
if 'script' in request.files:
script = request.files['script']
else:
return Response.make_error_resp(msg="Script not in request", code=400)
if 'uid' in data:
uid = data['uid']
else:
return Response.make_error_resp(msg="User ID is required", code=400)
try:
user = Users.get(Users.uid == uid)
except Users.DoesNotExist:
return Response.make_error_resp(msg="No User Found")
if 'password' in data:
password = data['password']
else:
return Response.make_error_resp(msg="Password is required", code=400)
if 'packages' in data:
packages = data['packages'].replace(" ", "").split(",")
else:
packages = []
if len(packages) != 0:
issue = checkPackages(packages)
if issue != "":
return Response.make_error_resp(msg=issue + " Package not valid",
code=400)
exsistingPackages = platform.packageList.split(",")
packages = exsistingPackages + packages + [
"pika==1.1.0", "influxdb", "pymongo"
]
if not pbkdf2_sha256.verify(password, user.password):
return Response.make_error_resp(msg="Password is Incorrect", code=400)
privateKey = encryption.decryptString(password=password,
salt=user.keySalt,
resKey=user.resKey,
string=user.privateKey)
updateAnsibleFiles = "ansiblePlaybooks/updateProcessing"
ansiblePath = os.path.join(platform.dir, "ansible", "updatePlatform")
if os.path.exists(ansiblePath):
shutil.rmtree(ansiblePath)
shutil.copytree(updateAnsibleFiles, ansiblePath)
script.save(
os.path.join(ansiblePath, "roles", "dmacklin.updateProcessing",
"templates", "dataProcessing.py"))
ab.generateRequirementsFile(packages, ansiblePath,
"dmacklin.updateProcessing")
output, error = ab.runPlaybook(platform.ipAddress, privateKey, ansiblePath,
"updateProcessing")
print(output)
print(error)
return Response.make_success_resp(msg="Script updated")
def removePlatform(id):
try:
platform = Platforms.get(Platforms.id == id)
except Platforms.DoesNotExist:
return Response.make_error_resp(msg="Platform Not Found", code=400)
data = request.json
if 'uid' in data:
uid = data['uid']
else:
return Response.make_error_resp(msg="User ID is required", code=400)
try:
user = Users.get(Users.uid == uid)
except Users.DoesNotExist:
return Response.make_error_resp(msg="No User Found")
if 'password' in data:
password = data['password']
else:
return Response.make_error_resp(msg="Password is required", code=400)
if not pbkdf2_sha256.verify(password, user.password):
return Response.make_error_resp(msg="Password is Incorrect", code=400)
path = ""
if platform.cloudService == "aws":
space = SpaceAWS.get((SpaceAWS.id == platform.sid)
& (SpaceAWS.uid == uid))
creds = AWSCreds.get(AWSCreds.id == space.cid)
secretKey = encryption.decryptString(password=password,
salt=user.keySalt,
resKey=user.resKey,
string=creds.secretKey)
accessKey = encryption.decryptString(password=password,
salt=user.keySalt,
resKey=user.resKey,
string=creds.accessKey)
tf.generateAWSPlatformVars("", "", "", secretKey, accessKey, 0, "",
platform.dir)
elif platform.cloudService == "openstack":
space = SpaceOS.get((SpaceOS.id == platform.sid)
& (SpaceOS.uid == uid))
creds = OSCreds.get(OSCreds.id == space.cid)
osUsername = encryption.decryptString(password=password,
salt=user.keySalt,
resKey=user.resKey,
string=creds.username)
osPassword = encryption.decryptString(password=password,
salt=user.keySalt,
resKey=user.resKey,
string=creds.password)
authUrl = encryption.decryptString(password=password,
salt=user.keySalt,
resKey=user.resKey,
string=creds.authUrl)
tf.generateOSPlatformVars(osUsername, osPassword, space.tenantName,
authUrl, space.availabilityZone, "", "", "",
space.ipPool, space.securityGroup,
space.intNetwork, "", "", platform.dir)
elif platform.cloudService == "gcp":
creds = GCPCreds.get(GCPCreds.id == platform.cid)
gcpGenVars(user, password, creds, "", "", platform.name, platform.dir)
path = platform.dir
resultCode = tf.destroy(platform.dir)
if resultCode != 0:
return Response.make_error_resp(msg="Error deleting platform")
platform.delete_instance()
if path != "":
shutil.rmtree(path)
return Response.make_success_resp(msg="Platform Has been removed")
def createAWSSpace():
data = request.json
# Verify required fields
if 'uid' in data:
uid = data['uid']
else:
return Response.make_error_resp(msg="User id is required", code=400)
if 'cid' in data:
cid = data['cid']
else:
return Response.make_error_resp(msg="Credential id is required",
code=400)
if 'password' in data:
password = data['password']
else:
return Response.make_error_resp(msg="Password is required", code=400)
#if 'cloudService' in data:
# validPlatforms = ["aws", "openstack"]
# cloudService = data['cloudService']
# if cloudService not in validPlatforms:
# return Response.make_error_resp(msg="invalid cloudService", code=400)
#else:
# return Response.make_error_resp(msg="Cloud Service Choice is required", code=400)
if 'spaceName' in data:
spaceName = data['spaceName'] + tf.genComponentID()
else:
return Response.make_error_resp(msg="Name of space required", code=400)
if 'availability_zone' in data:
availability_zone = data["availability_zone"]
else:
return Response.make_error_resp(msg="Availability Zone is required",
code=400)
# Get rid of unsafe characters in the name
safeSpaceName = spaceName.replace('/', '_')
safeSpaceName = safeSpaceName.replace(' ', '_')
# Create a safe path
spacePath = os.path.join("spaces", safeSpaceName)
# Get the users data
try:
user = Users.get(Users.uid == uid)
except Users.DoesNotExist:
return Response.make_error_resp(msg="User does not exist", code=404)
# Create a new directory for the space
try:
os.makedirs(spacePath)
except FileExistsError as e:
print(e)
return Response.make_error_resp(msg="Space Name already used",
code=400)
except Exception as e:
print(e)
return Response.make_error_resp(msg="Error Creating Space Directory",
code=400)
# Verify the users password
if pbkdf2_sha256.verify(password, user.password):
tfPath = "terraformScripts/createSpace/aws"
requiredFiles = ["deploy.tf", "provider.tf"]
# Get the files from the source code directory
for file in requiredFiles:
copyfile(tfPath + "/" + file, spacePath + "/" + file)
# Get the aws creds object
try:
creds = AWSCreds.get((AWSCreds.id == cid) & (AWSCreds.uid == uid))
except AWSCreds.DoesNotExist:
return Response.make_error_resp(msg="Error Finding Creds",
code=404)
# Decrypt the user data
secretKey = encryption.decryptString(password=password,
salt=user.keySalt,
resKey=user.resKey,
string=creds.secretKey)
accessKey = encryption.decryptString(password=password,
salt=user.keySalt,
resKey=user.resKey,
string=creds.accessKey)
publicKey = encryption.decryptString(password=password,
salt=user.keySalt,
resKey=user.resKey,
string=user.publicKey)
# Generate the variables file
varPath = tf.generateAWSSpaceVars(secretKey, accessKey, publicKey,
availability_zone, safeSpaceName,
spacePath)
# Init the terraform directory
initResultCode = tf.init(spacePath)
print(initResultCode)
# Run the terrafom script
output, createResultCode = tf.create(spacePath)
# Check the result code for errors
if createResultCode != 0:
# Add destroy function here
print("Removing Inf")
tf.destroy(spacePath)
shutil.rmtree(spacePath)
return Response.make_error_resp(
msg="Error Creating Infrastructure", code=400)
# Remove the vars file
os.remove(varPath)
# Get data from the terraform outputs
keyPairId = output["key_pair"]["value"]
securityGroupId = output["security_group"]["value"]
subnetId = output["subnet"]["value"]
# Create the space object
newSpace = SpaceAWS.create(dir=spacePath,
keyPairId=keyPairId,
securityGroupId=securityGroupId,
name=safeSpaceName,
subnetId=subnetId,
uid=uid,
availabilityZone=availability_zone,
cid=cid,
id=str(uuid.uuid4()))
# Get the new space object
try:
newSpace = SpaceAWS.get(SpaceAWS.id == newSpace.id)
except AWSCreds.DoesNotExist as e:
return Response.make_error_resp(msg="Error Finding Creds",
code=404)
# Return the space data
res = {"id": newSpace.id, "name": newSpace.name}
return Response.make_json_response(res)
else:
return Response.make_error_resp(msg="Password is incorrect")
def server_error_page(error):
return Response.make_error_resp(msg=str(error), code=500)
def semantic_error(error):
return Response.make_error_resp(msg=str(error.description), code=422)
def page_bad_request(error):
# temp fix for csrf message
if (error.description == "CSRF token missing or incorrect."):
error.description = "You have lost connection. Please refresh the page."
return Response.make_error_resp(msg=str(error.description), code=400)
def page_forbidden(error):
return Response.make_error_resp(msg=str(error.description), code=403)
def semantic_error(error):
return Response.make_error_resp(msg=str(error.description), code=422)
def createOSCredentials():
data = request.json
# Check required fields
if 'name' in data:
name = data['name']
else:
return Response.make_error_resp("Name is required ", code=400)
if 'password' in data:
password = data["password"]
else:
return Response.make_error_resp(msg="Password is required", code=400)
if 'uid' in data:
uid = data['uid']
else:
return Response.make_error_resp("User id is Required")
if 'osUsername' in data:
osUsername = data["osUsername"]
else:
return Response.make_error_resp("Openstack Username is Required")
if 'osPassword' in data:
osPassword = data["osPassword"]
else:
return Response.make_error_resp("Openstack Password is Required")
if 'authUrl' in data:
authUrl = data["authUrl"]
else:
return Response.make_error_resp("authUrl is Required")
# Get the user
try:
user = Users.get(Users.uid == uid)
except Users.DoesNotExist:
return Response.make_error_resp(msg="User does not exist", code=404)
# Verify user password
if pbkdf2_sha256.verify(password, user.password):
# Encrypt Data
osUsername = encryption.encryptString(password=password, salt=user.keySalt, resKey=user.resKey, string=osUsername)
osPassword = encryption.encryptString(password=password, salt=user.keySalt, resKey=user.resKey, string=osPassword)
authUrl = encryption.encryptString(password=password, salt=user.keySalt, resKey=user.resKey, string=authUrl)
# Create the credentials object
try:
newCreds = OSCreds.create(name=name, username=osUsername, password=osPassword, authUrl=authUrl, uid=uid,
id=str(uuid.uuid4()))
except Exception as e:
print(e)
return Response.make_error_resp("Error Creating Creds")
# Check the creds are there
try:
creds = OSCreds.get(OSCreds.id == newCreds.id)
except OSCreds.DoesNotExist:
return Response.make_error_resp(msg="Error Finding Creds", code=400)
# Return the name and id of the creds
res = {
'name': creds.name,
'id': creds.id
}
return Response.make_json_response(res)
else:
return Response.make_error_resp(msg="Password is not correct", code=400)
def page_forbidden(error):
return Response.make_error_resp(msg=str(error.description), code=403)
def databaseDump(id):
data = request.json
try:
platform = Platforms.get(Platforms.id == id)
except Platforms.DoesNotExist:
return Response.make_error_resp(msg="Platform Not Found", code=400)
if 'uid' in data:
uid = data['uid']
else:
return Response.make_error_resp(msg="User ID is required", code=400)
try:
user = Users.get(Users.uid == uid)
except Users.DoesNotExist:
return Response.make_error_resp(msg="No User Found")
if 'password' in data:
password = data['password']
else:
return Response.make_error_resp(msg="Password is required", code=400)
if not pbkdf2_sha256.verify(password, user.password):
return Response.make_error_resp(msg="Password is Incorrect", code=400)
database = platform.database
privateKey = encryption.decryptString(password=password,
salt=user.keySalt,
resKey=user.resKey,
string=user.privateKey)
dumpAnsibleFiles = "ansiblePlaybooks/dataBaseDump"
ansiblePath = os.path.join(platform.dir, "ansible", "dataBaseDump")
if os.path.exists(ansiblePath):
shutil.rmtree(ansiblePath)
shutil.copytree(dumpAnsibleFiles, ansiblePath)
ab.updateDBDumpVars(database, ansiblePath)
output, error = ab.runPlaybook(platform.ipAddress, privateKey, ansiblePath,
"dbDump")
print(output)
print(error)
filename = ""
dumpPath = ""
if database == "influxdb":
filename = "influxdump.zip"
dumpPath = os.path.join(ansiblePath, filename)
elif database == "mongodb":
filename = "mongodump.zip"
dumpPath = os.path.join(ansiblePath, filename)
try:
return send_file(dumpPath,
attachment_filename=filename,
as_attachment=True,
mimetype="application/zip")
except Exception as e:
print(e)
return Response.make_error_resp("Error Getting Dump", code=400)
def createOSSpace():
data = request.json
if 'uid' in data:
uid = data['uid']
else:
return Response.make_error_resp(msg="User ID is required", code=400)
try:
user = Users.get(Users.uid == uid)
except Users.DoesNotExist:
return Response.make_error_resp(msg="No User Found")
if 'password' in data:
password = data['password']
else:
return Response.make_error_resp(msg="Password is required", code=400)
if "cid" in data:
cid = data["cid"]
else:
return Response.make_error_resp(msg="Creds id is required", code=400)
if "tenantName" in data:
tenantName = data["tenantName"]
else:
return Response.make_error_resp(msg="Tenant Name is required",
code=400)
if "availabilityZone" in data:
availabilityZone = data["availabilityZone"]
else:
return Response.make_error_resp(msg="Availability Zone is required",
code=400)
if "ipPool" in data:
ipPool = data["ipPool"]
else:
return Response.make_error_resp(msg="Ip Pool is required", code=400)
if "securityGroup" in data:
securityGroup = data["securityGroup"]
else:
return Response.make_error_resp(msg="Security Group is required",
code=400)
if "intNetwork" in data:
intNetwork = data["intNetwork"]
else:
return Response.make_error_resp(msg="intNetwork is required", code=400)
if "name" in data:
name = data["name"]
else:
return Response.make_error_resp(msg="Name is required", code=400)
if pbkdf2_sha256.verify(password, user.password):
# Get the aws creds object
try:
creds = OSCreds.get((OSCreds.id == cid) & (OSCreds.uid == uid))
except OSCreds.DoesNotExist:
return Response.make_error_resp(msg="Error Finding Creds",
code=404)
newSpace = SpaceOS.create(name=name,
tenantName=tenantName,
availabilityZone=availabilityZone,
ipPool=ipPool,
securityGroup=securityGroup,
intNetwork=intNetwork,
uid=uid,
cid=cid,
id=str(uuid.uuid4()))
# Get the new space object
try:
newSpace = SpaceOS.get(SpaceOS.id == newSpace.id)
except AWSCreds.DoesNotExist as e:
return Response.make_error_resp(msg="Error Finding new Space",
code=404)
# Return the space data
res = {"id": newSpace.id, "name": newSpace.name}
return Response.make_json_response(res)
else:
return Response.make_error_resp(msg="Password is incorrect")
def createUser():
data = request.json
# Verify data
if 'userName' in data:
userName = data["userName"]
else:
return Response.make_error_resp(msg="Username is required", code=400)
if 'email' in data:
email = data["email"]
else:
return Response.make_error_resp(msg="Email is required", code=400)
if 'password' in data:
# Generate two random salts for the password and the key
passSalt = os.urandom(16)
keySalt = os.urandom(16)
# Hash the password and generate the encryption key
password = pbkdf2_sha256.hash(data["password"], salt=passSalt)
resKey = encryption.generateResKey(data["password"], keySalt)
else:
return Response.make_error_resp(msg="Password is required", code=400)
# Generate the user ssh key
privateKey, publicKey = encryption.generateSSHKey()
# Encrypt the user ssh key
privateKey = encryption.encryptString(password=data['password'], salt=keySalt, resKey=resKey, string=privateKey)
publicKey = encryption.encryptString(password=data['password'], salt=keySalt, resKey=resKey, string=publicKey)
# Create the user
try:
Users.create(userName=userName, email=email, password=password, passSalt=passSalt,
resKey=resKey, keySalt=keySalt, privateKey=privateKey, publicKey=publicKey, uid=str(uuid.uuid4()))
except IntegrityError as e:
print(e)
return Response.make_error_resp(msg="Email or Username already in use", code=400)
except OperationalError as e:
print(e)
return Response.make_error_resp(msg="Error creating user")
try:
user = Users.get(Users.email == email)
except Users.DoesNotExist:
return Response.make_error_resp("Error Finding user")
# Generate User tokens
access_token = create_access_token(identity=user.userName)
refresh_token = create_refresh_token(identity=user.userName)
res = {
'success': True,
'username': user.userName,
'email': user.email,
'uid': user.uid,
'access_token': access_token,
'refresh_token': refresh_token
}
return Response.make_json_response(res)
def server_error_page(error):
return Response.make_error_resp(msg=str(error), code=500)
