def setUp(self): super().setUp() self.socket = None application = tornado.web.Application( [(r'/scripts/([^/]*)', ScriptConfigSocket)], login_url='/login.html', cookie_secret='12345') application.auth = TornadoAuth(None) application.authorizer = Authorizer(ANY_USER, [], [], EmptyGroupProvider()) application.identification = IpBasedIdentification( TrustedIpValidator(['127.0.0.1']), None) application.config_service = ConfigService(application.authorizer, test_utils.temp_folder) server = httpserver.HTTPServer(application) socket, self.port = testing.bind_unused_port() server.add_socket(socket) test_utils.setup() for dir in ['x', 'y', 'z']: for file in range(1, 4): filename = dir + str(file) + '.txt' test_utils.create_file( os.path.join('test1_files', dir, filename)) test1_files_path = os.path.join(test_utils.temp_folder, 'test1_files') test_utils.write_script_config( { 'name': 'Test script 1', 'script_path': 'ls', 'parameters': [ test_utils.create_script_param_config('text 1', required=True), test_utils.create_script_param_config( 'list 1', type='list', allowed_values=['A', 'B', 'C']), test_utils.create_script_param_config( 'file 1', type='server_file', file_dir=test1_files_path), test_utils.create_script_param_config( 'list 2', type='list', values_script='ls ' + test1_files_path + '/${file 1}') ] }, 'test_script_1')
def mock_request_handler(ip=None, x_forwarded_for=None, x_real_ip=None, saved_token=None, user_header_name=None, user_header_name_value=None): handler_mock = mock_object() handler_mock.application = mock_object() handler_mock.application.auth = TornadoAuth(None) handler_mock.application.identification = IpBasedIdentification( ['127.0.0.1'], user_header_name) handler_mock.request = mock_object() handler_mock.request.headers = {} handler_mock.request.remote_ip = ip if x_forwarded_for: handler_mock.request.headers['X-Forwarded-For'] = x_forwarded_for if x_real_ip: handler_mock.request.headers['X-Real-IP'] = x_real_ip if user_header_name and user_header_name_value: handler_mock.request.headers[user_header_name] = user_header_name_value cookies = {COOKIE_KEY: saved_token} def get_secure_cookie(name): values = cookies[name] if values is not None: return values.encode('utf8') return None def set_secure_cookie(key, value, expires_days=30): cookies[key] = value def clear_cookie(key): if cookies[key] is not None: cookies[key] = None handler_mock.get_cookie = lambda key: cookies[key] handler_mock.get_secure_cookie = get_secure_cookie handler_mock.set_secure_cookie = set_secure_cookie handler_mock.clear_cookie = clear_cookie return handler_mock
def init(server_config: ServerConfig, authenticator, authorizer, execution_service: ExecutionService, execution_logging_service: ExecutionLoggingService, config_service: ConfigService, alerts_service: AlertsService, file_upload_feature: FileUploadFeature, file_download_feature: FileDownloadFeature, secret, server_version): ssl_context = None if server_config.is_ssl(): ssl_context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH) ssl_context.load_cert_chain(server_config.get_ssl_cert_path(), server_config.get_ssl_key_path()) auth = TornadoAuth(authenticator) if auth.is_enabled(): identification = AuthBasedIdentification(auth) else: identification = IpBasedIdentification(server_config.trusted_ips, server_config.user_header_name) downloads_folder = file_download_feature.get_result_files_folder() handlers = [ (r'/conf', GetServerConf), (r'/scripts', GetScripts), (r'/scripts/([^/]*)', ScriptConfigSocket), (r'/scripts/([^/]*)/([^/]*)/list-files', ScriptParameterListFiles), (r'/executions/start', ScriptExecute), (r'/executions/stop/(.*)', ScriptStop), (r'/executions/kill/(.*)', ScriptKill), (r'/executions/io/(.*)', ScriptStreamSocket), (r'/executions/active', GetActiveExecutionIds), (r'/executions/config/(.*)', GetExecutingScriptConfig), (r'/executions/cleanup/(.*)', CleanupExecutingScript), (r'/executions/status/(.*)', GetExecutionStatus), (r'/admin/execution_log/short', GetShortHistoryEntriesHandler), (r'/admin/execution_log/long/(.*)', GetLongHistoryEntryHandler), (r'/auth/info', AuthInfoHandler), (r'/result_files/(.*)', DownloadResultFile, { 'path': downloads_folder }), (r"/", ProxiedRedirectHandler, { "url": "/index.html" }) ] if auth.is_enabled(): handlers.append((r'/login', LoginHandler)) handlers.append((r'/auth/config', AuthConfigHandler)) handlers.append((r'/logout', LogoutHandler)) handlers.append((r"/(.*)", AuthorizedStaticFileHandler, {"path": "web"})) settings = { "cookie_secret": secret, "login_url": "/login.html", 'websocket_ping_interval': 30, 'websocket_ping_timeout': 300 } application = tornado.web.Application(handlers, **settings) application.auth = auth application.server_config = server_config application.server_version = server_version application.authorizer = authorizer application.downloads_folder = downloads_folder application.file_download_feature = file_download_feature application.file_upload_feature = file_upload_feature application.execution_service = execution_service application.execution_logging_service = execution_logging_service application.config_service = config_service application.alerts_service = alerts_service application.identification = identification application.max_request_size_mb = server_config.max_request_size_mb io_loop = tornado.ioloop.IOLoop.current() http_server = httpserver.HTTPServer(application, ssl_options=ssl_context, max_buffer_size=10 * BYTES_IN_MB) http_server.listen(server_config.port, address=server_config.address) intercept_stop_when_running_scripts(io_loop, execution_service) http_protocol = 'https' if server_config.ssl else 'http' print('Server is running on: %s://%s:%s' % (http_protocol, server_config.address, server_config.port)) io_loop.start()
def main(): tool_utils.validate_web_imports_exist(os.getcwd()) logging_conf_file = os.path.join(CONFIG_FOLDER, 'logging.json') with open(logging_conf_file, "rt") as f: log_config = json.load(f) file_utils.prepare_folder(os.path.join("logs", "processes")) logging.config.dictConfig(log_config) file_utils.prepare_folder(CONFIG_FOLDER) file_utils.prepare_folder(SCRIPT_CONFIGS_FOLDER) server_config = server_conf.from_json(SERVER_CONF_PATH) ssl_context = None if server_config.is_ssl(): ssl_context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH) ssl_context.load_cert_chain(server_config.get_ssl_cert_path(), server_config.get_ssl_key_path()) file_utils.prepare_folder(TEMP_FOLDER) settings = { "cookie_secret": get_tornado_secret(), "login_url": "/login.html" } auth = TornadoAuth(server_config.authenticator, server_config.authorizer) user_file_storage = UserFileStorage(get_tornado_secret()) file_download_feature = FileDownloadFeature(user_file_storage, TEMP_FOLDER) file_upload_feature = FileUploadFeature(user_file_storage, TEMP_FOLDER) result_files_folder = file_download_feature.get_result_files_folder() handlers = [(r"/conf/title", GetServerTitle), (r"/scripts/list", GetScripts), (r"/scripts/info", GetScriptInfo), (r"/scripts/execute", ScriptExecute), (r"/scripts/execute/stop", ScriptStop), (r"/scripts/execute/io/(.*)", ScriptStreamSocket), (r'/' + os.path.basename(result_files_folder) + '/(.*)', DownloadResultFile, { 'path': result_files_folder }), (r"/", ProxiedRedirectHandler, { "url": "/index.html" })] if auth.is_enabled(): handlers.append((r'/login', LoginHandler)) handlers.append((r'/auth/config', AuthConfigHandler)) handlers.append((r'/logout', LogoutHandler)) handlers.append((r"/username", GetUsernameHandler)) handlers.append((r"/(.*)", AuthorizedStaticFileHandler, {"path": "web"})) application = tornado.web.Application(handlers, **settings) application.auth = auth application.alerts_config = server_config.get_alerts_config() application.server_title = server_config.title application.file_download_feature = file_download_feature application.file_upload_feature = file_upload_feature http_server = httpserver.HTTPServer(application, ssl_options=ssl_context) http_server.listen(server_config.port, address=server_config.address) http_protocol = 'https' if server_config.ssl else 'http' print('Server is running on: %s://%s:%s' % (http_protocol, server_config.address, server_config.port)) tornado.ioloop.IOLoop.current().start()
def init(server_config: ServerConfig, authenticator, authorizer, execution_service: ExecutionService, schedule_service: ScheduleService, execution_logging_service: ExecutionLoggingService, config_service: ConfigService, alerts_service: AlertsService, file_upload_feature: FileUploadFeature, file_download_feature: FileDownloadFeature, secret, server_version, conf_folder, *, start_server=True): ssl_context = None if server_config.is_ssl(): ssl_context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH) ssl_context.load_cert_chain(server_config.get_ssl_cert_path(), server_config.get_ssl_key_path()) auth = TornadoAuth(authenticator) if auth.is_enabled(): identification = AuthBasedIdentification(auth) else: identification = IpBasedIdentification(server_config.ip_validator, server_config.user_header_name) downloads_folder = file_download_feature.get_result_files_folder() handlers = [(r'/conf', GetServerConf), (r'/scripts', GetScripts), (r'/scripts/([^/]*)', ScriptConfigSocket), (r'/scripts/([^/]*)/([^/]*)/list-files', ScriptParameterListFiles), (r'/executions/start', ScriptExecute), (r'/executions/stop/(.*)', ScriptStop), (r'/executions/kill/(.*)', ScriptKill), (r'/executions/io/(.*)', ScriptStreamSocket), (r'/executions/active', GetActiveExecutionIds), (r'/executions/config/(.*)', GetExecutingScriptConfig), (r'/executions/cleanup/(.*)', CleanupExecutingScript), (r'/executions/status/(.*)', GetExecutionStatus), (r'/history/execution_log/short', GetShortHistoryEntriesHandler), (r'/history/execution_log/long/(.*)', GetLongHistoryEntryHandler), (r'/schedule', AddSchedule), (r'/auth/info', AuthInfoHandler), (r'/result_files/(.*)', DownloadResultFile, {'path': downloads_folder}), (r'/admin/scripts', AdminUpdateScriptEndpoint), (r'/admin/scripts/(.*)', AdminGetScriptEndpoint), (r"/", ProxiedRedirectHandler, {"url": "/index.html"})] if auth.is_enabled(): handlers.append((r'/login', LoginHandler)) handlers.append((r'/auth/config', AuthConfigHandler)) handlers.append((r'/logout', LogoutHandler)) handlers.append((r'/theme/(.*)', ThemeStaticFileHandler, {'path': os.path.join(conf_folder, 'theme')})) handlers.append((r"/(.*)", AuthorizedStaticFileHandler, {"path": "web"})) settings = { "cookie_secret": secret, "login_url": "/login.html", 'websocket_ping_interval': 30, 'websocket_ping_timeout': 300, 'compress_response': True, 'xsrf_cookies': server_config.xsrf_protection != XSRF_PROTECTION_DISABLED, } application = tornado.web.Application(handlers, **settings) autoapply_xheaders(application) application.auth = auth application.server_config = server_config application.server_version = server_version application.authorizer = authorizer application.downloads_folder = downloads_folder application.file_download_feature = file_download_feature application.file_upload_feature = file_upload_feature application.execution_service = execution_service application.schedule_service = schedule_service application.execution_logging_service = execution_logging_service application.config_service = config_service application.alerts_service = alerts_service application.identification = identification application.max_request_size_mb = server_config.max_request_size_mb if os_utils.is_win() and env_utils.is_min_version('3.8'): asyncio.set_event_loop_policy(asyncio.WindowsSelectorEventLoopPolicy()) io_loop = tornado.ioloop.IOLoop.current() global _http_server _http_server = httpserver.HTTPServer( application, ssl_options=ssl_context, max_buffer_size=10 * BYTES_IN_MB) _http_server.listen(server_config.port, address=server_config.address) intercept_stop_when_running_scripts(io_loop, execution_service) http_protocol = 'https' if server_config.ssl else 'http' print('Server is running on: %s://%s:%s' % (http_protocol, server_config.address, server_config.port)) if start_server: io_loop.start()
def init(server_config: ServerConfig, authenticator, authorizer, execution_service: ExecutionService, execution_logging_service: ExecutionLoggingService, config_service: ConfigService, alerts_service: AlertsService, file_upload_feature: FileUploadFeature, file_download_feature: FileDownloadFeature, secret): ssl_context = None if server_config.is_ssl(): ssl_context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH) ssl_context.load_cert_chain(server_config.get_ssl_cert_path(), server_config.get_ssl_key_path()) auth = TornadoAuth(authenticator) if auth.is_enabled(): identification = AuthBasedIdentification(auth) else: identification = IpBasedIdentification(server_config.trusted_ips) downloads_folder = file_download_feature.get_result_files_folder() handlers = [(r'/conf/title', GetServerTitle), (r'/scripts', GetScripts), (r'/scripts/([^/]*)', ScriptConfigSocket), (r'/scripts/([^/]*)/([^/]*)/list-files', ScriptParameterListFiles), (r'/executions/start', ScriptExecute), (r'/executions/stop/(.*)', ScriptStop), (r'/executions/io/(.*)', ScriptStreamSocket), (r'/executions/active', GetActiveExecutionIds), (r'/executions/config/(.*)', GetExecutingScriptConfig), (r'/executions/cleanup/(.*)', CleanupExecutingScript), (r'/executions/status/(.*)', GetExecutionStatus), (r'/admin/execution_log/short', GetShortHistoryEntriesHandler), (r'/admin/execution_log/long/(.*)', GetLongHistoryEntryHandler), (r'/auth/info', AuthInfoHandler), (r'/result_files/(.*)', DownloadResultFile, {'path': downloads_folder}), (r"/", ProxiedRedirectHandler, {"url": "/index.html"})] if auth.is_enabled(): handlers.append((r'/login', LoginHandler)) handlers.append((r'/auth/config', AuthConfigHandler)) handlers.append((r'/logout', LogoutHandler)) handlers.append((r"/(.*)", AuthorizedStaticFileHandler, {"path": "web"})) settings = { "cookie_secret": secret, "login_url": "/login.html", 'websocket_ping_interval': 30, 'websocket_ping_timeout': 300 } application = tornado.web.Application(handlers, **settings) application.auth = auth application.server_title = server_config.title application.authorizer = authorizer application.downloads_folder = downloads_folder application.file_download_feature = file_download_feature application.file_upload_feature = file_upload_feature application.execution_service = execution_service application.execution_logging_service = execution_logging_service application.config_service = config_service application.alerts_service = alerts_service application.identification = identification application.max_request_size_mb = server_config.max_request_size_mb io_loop = tornado.ioloop.IOLoop.current() http_server = httpserver.HTTPServer(application, ssl_options=ssl_context, max_buffer_size=10 * BYTES_IN_MB) http_server.listen(server_config.port, address=server_config.address) intercept_stop_when_running_scripts(io_loop, execution_service) http_protocol = 'https' if server_config.ssl else 'http' print('Server is running on: %s://%s:%s' % (http_protocol, server_config.address, server_config.port)) io_loop.start()