def restore(filename, destination="s3", **kwargs):
log = kwargs.get("logger", app_logger)
conf = kwargs.get("conf", None)
storage_backend = storage_backends[destination](conf, log)
if not filename:
log.error("No file to restore, use -f to specify one.")
return
keys = [name for name in storage_backend.ls() if name.startswith(filename)]
if not keys:
log.error("No file matched.")
return
key_name = sorted(keys, reverse=True)[0]
log.info("Restoring " + key_name)
encrypted_out = storage_backend.download(key_name)
if encrypted_out:
password = kwargs.get("password")
if not password:
password = getpass()
out = tempfile.TemporaryFile()
decrypt(encrypted_out, out, password)
out.seek(0)
tar = tarfile.open(fileobj=out)
tar.extractall()
tar.close()
return True
def restore(filename, destination=None, **kwargs):
conf = kwargs.get("conf", None)
storage_backend = _get_store_backend(conf, destination)
if not filename:
log.error("No file to restore, use -f to specify one.")
return
keys = _match_filename(filename, destination if destination else DEFAULT_DESTINATION)
if not keys:
log.error("No file matched.")
return
key_name = sorted(keys, reverse=True)[0]
log.info("Restoring " + key_name)
# Asking password before actually download to avoid waiting
if key_name and key_name.endswith(".enc"):
password = kwargs.get("password")
if not password:
password = getpass()
log.info("Downloading...")
download_kwargs = {}
if kwargs.get("job_check"):
download_kwargs["job_check"] = True
log.info("Job Check: " + repr(download_kwargs))
out = storage_backend.download(key_name, **download_kwargs)
if kwargs.get("job_check"):
log.info("Job Check Request")
# If it's a job_check call, we return Glacier job data
return out
if out and key_name.endswith(".enc"):
log.info("Decrypting...")
decrypted_out = tempfile.TemporaryFile()
decrypt(out, decrypted_out, password)
out = decrypted_out
if out:
log.info("Uncompressing...")
out.seek(0)
tar = tarfile.open(fileobj=out)
tar.extractall()
tar.close()
return True
def restore(filename, destination="cloudfiles", **kwargs):
conf = kwargs.get("conf", None)
storage_backend = storage_backends[destination](conf)
if not filename:
log.error("No file to restore, use -f to specify one.")
return
# Just some black magic to see if a string starting with our backup name is on cloudfiles.
# required, because sometimes we don't know if its encrypted or not.
filename_found_in_swift = False
for object in storage_backend.ls():
objectname = object['name']
if objectname.startswith(filename):
filename_found_in_swift = objectname
if filename_found_in_swift == False:
log.instance.logger.error("Not found on cloudfiles. No file starting with " + str(filename) + " was found.")
else:
log.instance.logger.info("Restoring " + filename_found_in_swift)
if filename_found_in_swift and filename_found_in_swift.endswith(".enc"):
password = kwargs.get("password")
if not password:
password = getpass()
elif password == "None":
password = None
log.instance.logger.info("Downloading... " + filename_found_in_swift)
out = storage_backend.download(filename_found_in_swift)
if out and filename_found_in_swift.endswith(".enc"):
log.instance.logger.info("Decrypting... " + filename_found_in_swift)
decrypted_out = tempfile.TemporaryFile()
print decrypt(out, decrypted_out, password)
out = decrypted_out
log.instance.logger.debug("Decrypt filehandler= " + str(out))
if out:
log.instance.logger.info("Uncompressing... " + filename_found_in_swift)
out.seek(0)
tar = tarfile.open(fileobj=out)
tar.extractall()
tar.close()
def main():
out_zip_path = os.path.join(current_dir, "unzipped.zip")
if len(sys.argv) != 2:
print("Expected pak file")
sys.exit(0)
file_to_unpack = sys.argv[1]
with open(file_to_unpack, "rb") as fh:
with open(out_zip_path, "wb") as out_fh:
decrypt(fh, out_fh, secret_key)
zip_file = zipfile.ZipFile(out_zip_path, "r")
zip_file.extractall(current_dir)
zip_file.close()
os.unlink(out_zip_path)
def download(file_id):
try:
file = File.get(id=file_id)
except File.DoesNotExist:
abort(404)
# fetch the encrypted file contents from S3 and store in a memory
bucket = get_bucket(app.config['AWSID'], app.config['AWSKEY'], app.config['AWSBUCKET'])
key_obj = bucket.get_key(os.path.join(file.parent,file.filename))
# read the contents of the key into an in-memory file
enc_buffer = StringIO()
key_obj.get_contents_to_file(enc_buffer)
enc_buffer.seek(0)
if not file.encrypted:
send_email(subject= 'File downloaded',
body = 'Unencrypted file {0} downloaded'.format(key_obj.name))
return send_file(
enc_buffer,
file.get_mimetype(),
as_attachment=True,
attachment_filename=file.filename,
)
# new logic:
if request.method == 'POST' and request.form.get('password'):
# decrypt contents and store in dec_buffer
dec_buffer = StringIO()
decrypt(enc_buffer, dec_buffer, request.form['password'])
dec_buffer.seek(0)
# efficiently send the decrypted file as an attachment
send_email(subject= 'File downloaded',
body = 'Encrypted file {0} downloaded'.format(key_obj.name))
return send_file(
dec_buffer,
file.get_mimetype(),
as_attachment=True,
attachment_filename=file.filename,
)
else:
flash("You must provide a password")
return redirect(url_for('index'))
def restore(filename, **kwargs):
log = kwargs.get("logger", app_logger)
conf = kwargs.get("conf", None)
bucket = get_bucket(conf)
if not bucket:
return
if not filename:
log.error("No file to restore, use -f to specify one.")
return
keys = [
key.name for key in bucket.get_all_keys()
if key.name.startswith(filename)
]
if not keys:
log.error("No file matched.")
return
key_name = sorted(keys, reverse=True)[0]
log.info("Restoring " + key_name)
k = Key(bucket)
k.key = (key_name)
encrypted_out = StringIO()
k.get_contents_to_file(encrypted_out)
encrypted_out.seek(0)
password = kwargs.get("password")
if not password:
password = getpass()
out = StringIO()
decrypt(encrypted_out, out, password)
out.seek(0)
tar = tarfile.open(fileobj=out)
tar.extractall()
tar.close()
return True
def restore(filename, destination="cloudfiles", **kwargs):
conf = kwargs.get("conf", None)
storage_backend = storage_backends[destination](conf)
if not filename:
log.error("No file to restore, use -f to specify one.")
return
keys = [name for name in storage_backend.ls() if name.startswith(filename)]
if not keys:
log.error("No file matched.")
return
key_name = sorted(keys, reverse=True)[0]
log.info("Restoring " + key_name)
# Asking password before actually download to avoid waiting
if key_name and key_name.endswith(".enc"):
password = kwargs.get("password")
if not password:
password = getpass()
elif password == "None":
password = None
log.info("Downloading...")
out = storage_backend.download(key_name)
if out and key_name.endswith(".enc"):
log.info("Decrypting...")
decrypted_out = tempfile.TemporaryFile()
decrypt(out, decrypted_out, password)
out = decrypted_out
log.info( "Decrypt Filehandler " + str(out))
if out:
log.info("Uncompressing...")
out.seek(0)
tar = tarfile.open(fileobj=out)
tar.extractall()
tar.close()
def download(file_id):
try:
file = File.get(id=file_id)
except File.DoesNotExist:
abort(404)
# fetch the encrypted file contents from S3 and store in a memory
bucket = get_bucket(app.config['AWSID'], app.config['AWSKEY'], app.config['AWSBUCKET'])
key_obj = bucket.get_key(os.path.join(file.parent,file.filename))
# read the contents of the key into an in-memory file
enc_buffer = StringIO()
key_obj.get_contents_to_file(enc_buffer)
enc_buffer.seek(0)
if not file.encrypted:
return send_file(
enc_buffer,
file.get_mimetype(),
as_attachment=True,
attachment_filename=file.filename,
)
# new logic:
if request.method == 'POST' and request.form.get('password'):
# decrypt contents and store in dec_buffer
dec_buffer = StringIO()
decrypt(enc_buffer, dec_buffer, request.form['password'])
dec_buffer.seek(0)
# efficiently send the decrypted file as an attachment
return send_file(
dec_buffer,
file.get_mimetype(),
as_attachment=True,
attachment_filename=file.filename,
)
else:
flash("You must provide a password")
return redirect(url_for('index'))
def restore(filename, **kwargs):
log = kwargs.get("logger", app_logger)
conf = kwargs.get("conf", None)
bucket= get_bucket(conf)
if not bucket:
return
if not filename:
log.error("No file to restore, use -f to specify one.")
return
keys = [key.name for key in bucket.get_all_keys() if key.name.startswith(filename)]
if not keys:
log.error("No file matched.")
return
key_name = sorted(keys, reverse=True)[0]
log.info("Restoring " + key_name)
k = Key(bucket)
k.key = (key_name)
encrypted_out = StringIO()
k.get_contents_to_file(encrypted_out)
encrypted_out.seek(0)
password = kwargs.get("password")
if not password:
password = getpass()
out = StringIO()
decrypt(encrypted_out, out, password)
out.seek(0)
tar = tarfile.open(fileobj=out)
tar.extractall()
tar.close()
return True
def restore(filename,
destination=None,
profile="default",
config=CONFIG_FILE,
**kwargs):
"""Restore backup in the current working directory.
:type filename: str
:param filename: File/directory to backup.
:type destination: str
:param destination: s3|glacier|swift
:type profile: str
:param profile: Profile name (default by default).
:type conf: dict
:keyword conf: Override/set AWS configuration.
:rtype: bool
:return: True if successful.
"""
storage_backend, destination, conf = _get_store_backend(
config, destination, profile)
if not filename:
log.error("No file to restore, use -f to specify one.")
return
backup = Backups.match_filename(filename,
destination,
profile=profile,
config=config)
if not backup:
log.error("No file matched.")
return
key_name = backup.stored_filename
log.info("Restoring " + key_name)
# Asking password before actually download to avoid waiting
if key_name and backup.is_encrypted():
password = kwargs.get("password")
if not password:
password = getpass()
log.info("Downloading...")
download_kwargs = {}
if kwargs.get("job_check"):
download_kwargs["job_check"] = True
log.info("Job Check: " + repr(download_kwargs))
out = storage_backend.download(key_name, **download_kwargs)
if kwargs.get("job_check"):
log.info("Job Check Request")
# If it's a job_check call, we return Glacier job data
return out
if out and backup.is_encrypted():
log.info("Decrypting...")
decrypted_out = tempfile.TemporaryFile()
decrypt(out, decrypted_out, password)
out = decrypted_out
if out and (key_name.endswith(".tgz") or key_name.endswith(".tgz.enc")):
log.info("Uncompressing...")
out.seek(0)
if not backup.metadata.get("KeyValue"):
tar = tarfile.open(fileobj=out)
tar.extractall()
tar.close()
else:
with closing(GzipFile(fileobj=out, mode="r")) as f:
with open(backup.stored_filename, "w") as out:
out.write(f.read())
return True
elif out:
log.info("Backup is not compressed")
with open(backup.filename, "w") as restored:
out.seek(0)
restored.write(out.read())
return True
def restore(filename, destination=None, profile="default", config=CONFIG_FILE, **kwargs):
"""Restore backup in the current working directory.
:type filename: str
:param filename: File/directory to backup.
:type destination: str
:param destination: s3|glacier|swift
:type profile: str
:param profile: Profile name (default by default).
:type conf: dict
:keyword conf: Override/set AWS configuration.
:rtype: bool
:return: True if successful.
"""
storage_backend, destination, conf = _get_store_backend(config, destination, profile)
if not filename:
log.error("No file to restore, use -f to specify one.")
return
backup = Backups.match_filename(filename, destination, profile=profile, config=config)
if not backup:
log.error("No file matched.")
return
session_id = str(uuid.uuid4())
events.before_restore(session_id)
key_name = backup.stored_filename
log.info("Restoring " + key_name)
# Asking password before actually download to avoid waiting
if key_name and backup.is_encrypted():
password = kwargs.get("password")
if not password:
password = getpass()
log.info("Downloading...")
download_kwargs = {}
if kwargs.get("job_check"):
download_kwargs["job_check"] = True
log.info("Job Check: " + repr(download_kwargs))
out = storage_backend.download(key_name, **download_kwargs)
if kwargs.get("job_check"):
log.info("Job Check Request")
# If it's a job_check call, we return Glacier job data
return out
if out and backup.is_encrypted():
log.info("Decrypting...")
decrypted_out = tempfile.TemporaryFile()
decrypt(out, decrypted_out, password)
out = decrypted_out
if out and (key_name.endswith(".tgz") or key_name.endswith(".tgz.enc")):
log.info("Uncompressing...")
out.seek(0)
if not backup.metadata.get("KeyValue"):
tar = tarfile.open(fileobj=out)
tar.extractall()
tar.close()
else:
with closing(GzipFile(fileobj=out, mode="r")) as f:
with open(backup.stored_filename, "w") as out:
out.write(f.read())
elif out:
log.info("Backup is not compressed")
with open(backup.filename, "w") as restored:
out.seek(0)
restored.write(out.read())
events.on_restore(session_id, backup)
return backup
def restore(filename, destination=DEFAULT_DESTINATION, profile="default", **kwargs):
"""Restore backup in the current working directory.
:type filename: str
:param filename: File/directory to backup.
:type destination: str
:param destination: s3|glacier
:type profile: str
:param profile: Profile name (default by default).
:type conf: dict
:keyword conf: Override/set AWS configuration.
:rtype: bool
:return: True if successful.
"""
conf = kwargs.get("conf", None)
storage_backend = _get_store_backend(conf, destination, profile)
if not filename:
log.error("No file to restore, use -f to specify one.")
return
backup = dump_truck_get_backup(filename, destination, profile)
if not backup:
log.error("No file matched.")
return
key_name = backup.get("stored_filename")
log.info("Restoring " + key_name)
# Asking password before actually download to avoid waiting
if key_name and key_name.endswith(".enc"):
password = kwargs.get("password")
if not password:
password = getpass()
log.info("Downloading...")
download_kwargs = {}
if kwargs.get("job_check"):
download_kwargs["job_check"] = True
log.info("Job Check: " + repr(download_kwargs))
out = storage_backend.download(key_name, **download_kwargs)
if kwargs.get("job_check"):
log.info("Job Check Request")
# If it's a job_check call, we return Glacier job data
return out
if out and key_name.endswith(".enc"):
log.info("Decrypting...")
decrypted_out = tempfile.TemporaryFile()
decrypt(out, decrypted_out, password)
out = decrypted_out
if out:
log.info("Uncompressing...")
out.seek(0)
tar = tarfile.open(fileobj=out)
tar.extractall()
tar.close()
return True
