Esempio n. 1
0
def api_introspection(uuid):
    utils.check_auth(flask.request)

    if not uuidutils.is_uuid_like(uuid):
        raise utils.Error(_('Invalid UUID value'), code=400)

    if flask.request.method == 'POST':
        new_ipmi_password = flask.request.args.get('new_ipmi_password',
                                                   type=str,
                                                   default=None)
        if new_ipmi_password:
            new_ipmi_username = flask.request.args.get('new_ipmi_username',
                                                       type=str,
                                                       default=None)
            new_ipmi_credentials = (new_ipmi_username, new_ipmi_password)
        else:
            new_ipmi_credentials = None

        introspect.introspect(uuid,
                              new_ipmi_credentials=new_ipmi_credentials,
                              token=flask.request.headers.get('X-Auth-Token'))
        return '', 202
    else:
        node_info = node_cache.get_node(uuid)
        return flask.json.jsonify(finished=bool(node_info.finished_at),
                                  error=node_info.error or None)
Esempio n. 2
0
def api_introspection(uuid):
    utils.check_auth(flask.request)

    if not uuidutils.is_uuid_like(uuid):
        raise utils.Error(_('Invalid UUID value'), code=400)

    if flask.request.method == 'POST':
        new_ipmi_password = flask.request.args.get('new_ipmi_password',
                                                   type=str,
                                                   default=None)
        if new_ipmi_password:
            new_ipmi_username = flask.request.args.get('new_ipmi_username',
                                                       type=str,
                                                       default=None)
            new_ipmi_credentials = (new_ipmi_username, new_ipmi_password)
        else:
            new_ipmi_credentials = None

        introspect.introspect(uuid,
                              new_ipmi_credentials=new_ipmi_credentials,
                              token=flask.request.headers.get('X-Auth-Token'))
        return '', 202
    else:
        node_info = node_cache.get_node(uuid)
        return flask.json.jsonify(finished=bool(node_info.finished_at),
                                  error=node_info.error or None)
Esempio n. 3
0
def api_introspection(node_id):
    utils.check_auth(flask.request)

    if flask.request.method == 'POST':
        new_ipmi_password = flask.request.args.get('new_ipmi_password',
                                                   type=str,
                                                   default=None)
        if new_ipmi_password:
            new_ipmi_username = flask.request.args.get('new_ipmi_username',
                                                       type=str,
                                                       default=None)
            new_ipmi_credentials = (new_ipmi_username, new_ipmi_password)
        else:
            new_ipmi_credentials = None

        if new_ipmi_credentials and _get_version() >= (1, 9):
            return _('Setting IPMI credentials is deprecated and not allowed '
                     'starting with API version 1.9'), 400

        introspect.introspect(node_id,
                              new_ipmi_credentials=new_ipmi_credentials,
                              token=flask.request.headers.get('X-Auth-Token'))
        return '', 202
    else:
        node_info = node_cache.get_node(node_id)
        return flask.json.jsonify(generate_introspection_status(node_info))
Esempio n. 4
0
def api_introspection(node_id):
    utils.check_auth(flask.request)

    if flask.request.method == 'POST':
        new_ipmi_password = flask.request.args.get('new_ipmi_password',
                                                   type=str,
                                                   default=None)
        if new_ipmi_password:
            new_ipmi_username = flask.request.args.get('new_ipmi_username',
                                                       type=str,
                                                       default=None)
            new_ipmi_credentials = (new_ipmi_username, new_ipmi_password)
        else:
            new_ipmi_credentials = None

        if new_ipmi_credentials and _get_version() >= (1, 9):
            return _('Setting IPMI credentials is deprecated and not allowed '
                     'starting with API version 1.9'), 400

        introspect.introspect(node_id,
                              new_ipmi_credentials=new_ipmi_credentials,
                              token=flask.request.headers.get('X-Auth-Token'))
        return '', 202
    else:
        node_info = node_cache.get_node(node_id)
        return flask.json.jsonify(generate_introspection_status(node_info))
Esempio n. 5
0
def api_introspection_abort(uuid):
    utils.check_auth(flask.request)

    if not uuidutils.is_uuid_like(uuid):
        raise utils.Error(_('Invalid UUID value'), code=400)

    introspect.abort(uuid, token=flask.request.headers.get('X-Auth-Token'))
    return '', 202
Esempio n. 6
0
def api_introspection_abort(uuid):
    utils.check_auth(flask.request)

    if not uuidutils.is_uuid_like(uuid):
        raise utils.Error(_('Invalid UUID value'), code=400)

    introspect.abort(uuid, token=flask.request.headers.get('X-Auth-Token'))
    return '', 202
Esempio n. 7
0
def api_rule(uuid):
    utils.check_auth(flask.request)

    if flask.request.method == 'GET':
        rule = rules.get(uuid)
        return flask.jsonify(rule_repr(rule, short=False))
    else:
        rules.delete(uuid)
        return '', 204
Esempio n. 8
0
def api_rule(uuid):
    utils.check_auth(flask.request)

    if flask.request.method == 'GET':
        rule = rules.get(uuid)
        return flask.jsonify(rule_repr(rule, short=False))
    else:
        rules.delete(uuid)
        return '', 204
Esempio n. 9
0
 def wrapper(*args, **kwargs):
     flask.request.context = context.RequestContext.from_environ(
         flask.request.environ, is_public_api=is_public_api)
     if verb_to_rule_map and rule:
         policy_rule = rule.format(
             verb_to_rule_map[flask.request.method.upper()])
     else:
         policy_rule = rule
     utils.check_auth(flask.request, rule=policy_rule)
     return func(*args, **kwargs)
Esempio n. 10
0
def api_introspection_data(uuid):
    utils.check_auth(flask.request)
    if CONF.processing.store_data == 'swift':
        res = swift.get_introspection_data(uuid)
        return res, 200, {'Content-Type': 'application/json'}
    else:
        return error_response(_('Inspector is not configured to store data. '
                                'Set the [processing] store_data '
                                'configuration option to change this.'),
                              code=404)
Esempio n. 11
0
def api_introspection_data(uuid):
    utils.check_auth(flask.request)
    if CONF.processing.store_data == 'swift':
        res = swift.get_introspection_data(uuid)
        return res, 200, {'Content-Type': 'application/json'}
    else:
        return error_response(_('Inspector is not configured to store data. '
                                'Set the [processing] store_data '
                                'configuration option to change this.'),
                              code=404)
Esempio n. 12
0
def api_introspection(node_id):
    utils.check_auth(flask.request)

    if flask.request.method == 'POST':
        introspect.introspect(node_id,
                              token=flask.request.headers.get('X-Auth-Token'))
        return '', 202
    else:
        node_info = node_cache.get_node(node_id)
        return flask.json.jsonify(generate_introspection_status(node_info))
Esempio n. 13
0
def api_introspection_statuses():
    utils.check_auth(flask.request)

    nodes = node_cache.get_node_list(
        marker=api_tools.marker_field(),
        limit=api_tools.limit_field(default=CONF.api_max_limit))
    data = {
        'introspection':
        [generate_introspection_status(node) for node in nodes]
    }
    return flask.json.jsonify(data)
Esempio n. 14
0
def api_introspection_statuses():
    utils.check_auth(flask.request)

    nodes = node_cache.get_node_list(
        marker=api_tools.marker_field(),
        limit=api_tools.limit_field(default=CONF.api_max_limit)
    )
    data = {
        'introspection': [generate_introspection_status(node)
                          for node in nodes]
    }
    return flask.json.jsonify(data)
Esempio n. 15
0
def api_introspection_data(node_id):
    utils.check_auth(flask.request)

    if CONF.processing.store_data == 'swift':
        if not uuidutils.is_uuid_like(node_id):
            node = ir_utils.get_node(node_id, fields=['uuid'])
            node_id = node.uuid
        res = swift.get_introspection_data(node_id)
        return res, 200, {'Content-Type': 'application/json'}
    else:
        return error_response(_('Inspector is not configured to store data. '
                                'Set the [processing] store_data '
                                'configuration option to change this.'),
                              code=404)
Esempio n. 16
0
def api_introspection_data(node_id):
    utils.check_auth(flask.request)

    if CONF.processing.store_data == 'swift':
        if not uuidutils.is_uuid_like(node_id):
            node = ir_utils.get_node(node_id, fields=['uuid'])
            node_id = node.uuid
        res = swift.get_introspection_data(node_id)
        return res, 200, {'Content-Type': 'application/json'}
    else:
        return error_response(_('Inspector is not configured to store data. '
                                'Set the [processing] store_data '
                                'configuration option to change this.'),
                              code=404)
Esempio n. 17
0
def api_introspection_reapply(node_id):
    utils.check_auth(flask.request)

    if flask.request.content_length:
        return error_response(_('User data processing is not '
                                'supported yet'), code=400)

    if CONF.processing.store_data == 'swift':
        process.reapply(node_id)
        return '', 202
    else:
        return error_response(_('Inspector is not configured to store'
                                ' data. Set the [processing] '
                                'store_data configuration option to '
                                'change this.'), code=400)
Esempio n. 18
0
def api_introspection_reapply(uuid):
    utils.check_auth(flask.request)

    if flask.request.content_length:
        return error_response(_('User data processing is not '
                                'supported yet'), code=400)

    if CONF.processing.store_data == 'swift':
        process.reapply(uuid)
        return '', 202
    else:
        return error_response(_('Inspector is not configured to store'
                                ' data. Set the [processing] '
                                'store_data configuration option to '
                                'change this.'), code=400)
Esempio n. 19
0
def api_rules():
    utils.check_auth(flask.request)

    if flask.request.method == 'GET':
        res = [rule_repr(rule, short=True) for rule in rules.get_all()]
        return flask.jsonify(rules=res)
    elif flask.request.method == 'DELETE':
        rules.delete_all()
        return '', 204
    else:
        body = flask.request.get_json(force=True)
        if body.get('uuid') and not uuidutils.is_uuid_like(body['uuid']):
            raise utils.Error(_('Invalid UUID value'), code=400)

        rule = rules.create(conditions_json=body.get('conditions', []),
                            actions_json=body.get('actions', []),
                            uuid=body.get('uuid'),
                            description=body.get('description'))
        return flask.jsonify(rule_repr(rule, short=False))
Esempio n. 20
0
def api_rules():
    utils.check_auth(flask.request)

    if flask.request.method == 'GET':
        res = [rule_repr(rule, short=True) for rule in rules.get_all()]
        return flask.jsonify(rules=res)
    elif flask.request.method == 'DELETE':
        rules.delete_all()
        return '', 204
    else:
        body = flask.request.get_json(force=True)
        if body.get('uuid') and not uuidutils.is_uuid_like(body['uuid']):
            raise utils.Error(_('Invalid UUID value'), code=400)

        rule = rules.create(conditions_json=body.get('conditions', []),
                            actions_json=body.get('actions', []),
                            uuid=body.get('uuid'),
                            description=body.get('description'))
        return flask.jsonify(rule_repr(rule, short=False))
Esempio n. 21
0
def api_introspection(node_id):
    utils.check_auth(flask.request)

    if flask.request.method == 'POST':
        new_ipmi_password = flask.request.args.get('new_ipmi_password',
                                                   type=str,
                                                   default=None)
        if new_ipmi_password:
            new_ipmi_username = flask.request.args.get('new_ipmi_username',
                                                       type=str,
                                                       default=None)
            new_ipmi_credentials = (new_ipmi_username, new_ipmi_password)
        else:
            new_ipmi_credentials = None

        introspect.introspect(node_id,
                              new_ipmi_credentials=new_ipmi_credentials,
                              token=flask.request.headers.get('X-Auth-Token'))
        return '', 202
    else:
        node_info = node_cache.get_node(node_id)
        return flask.json.jsonify(generate_introspection_status(node_info))
Esempio n. 22
0
 def test_disabled(self):
     self.cfg.config(auth_strategy='noauth')
     request = mock.Mock(headers={'X-Identity-Status': 'Invalid'})
     utils.check_auth(request)
Esempio n. 23
0
 def test_disabled(self):
     self.cfg.config(auth_strategy='noauth')
     request = mock.Mock(headers={'X-Identity-Status': 'Invalid'})
     utils.check_auth(request)
Esempio n. 24
0
 def test_basic(self):
     self.cfg.config(auth_strategy='http_basic')
     request = mock.Mock(headers={'X-Identity-Status': 'Invalid'})
     utils.check_auth(request)
Esempio n. 25
0
 def test_ok(self):
     request = mock.Mock(headers={
         'X-Identity-Status': 'Confirmed',
         'X-Roles': 'admin,member'
     })
     utils.check_auth(request)
Esempio n. 26
0
 def test_disabled(self):
     CONF.set_override('auth_strategy', 'noauth')
     request = mock.Mock(headers={'X-Identity-Status': 'Invalid'})
     utils.check_auth(request)
Esempio n. 27
0
def api_introspection_abort(node_id):
    utils.check_auth(flask.request)
    introspect.abort(node_id, token=flask.request.headers.get('X-Auth-Token'))
    return '', 202
Esempio n. 28
0
 def test_public_api(self):
     request = mock.Mock(headers={'X-Identity-Status': 'Invalid'})
     request.context = context.RequestContext(is_public_api=True)
     utils.check_auth(request, "public_api")
Esempio n. 29
0
 def test_ok(self):
     request = mock.Mock(headers={"X-Identity-Status": "Confirmed", "X-Roles": "admin,member"})
     utils.check_auth(request)
Esempio n. 30
0
 def test_ok(self):
     request = mock.Mock(headers={'X-Identity-Status': 'Confirmed',
                                  'X-Roles': 'admin,member'})
     utils.check_auth(request)
Esempio n. 31
0
 def test_disabled(self):
     CONF.set_override('auth_strategy', 'noauth')
     request = mock.Mock(headers={'X-Identity-Status': 'Invalid'})
     utils.check_auth(request)
Esempio n. 32
0
 def test_admin(self):
     request = mock.Mock(headers={'X-Identity-Status': 'Confirmed'})
     request.context = context.RequestContext(roles=['admin'])
     utils.check_auth(request, rule="is_admin")
Esempio n. 33
0
def api_introspection_abort(node_id):
    utils.check_auth(flask.request)
    introspect.abort(node_id, token=flask.request.headers.get('X-Auth-Token'))
    return '', 202
Esempio n. 34
0
 def test_admin(self):
     request = mock.Mock(headers={'X-Identity-Status': 'Confirmed'})
     request.context = context.RequestContext(roles=['admin'])
     utils.check_auth(request, rule="is_admin")
Esempio n. 35
0
 def test_public_api(self):
     request = mock.Mock(headers={'X-Identity-Status': 'Invalid'})
     request.context = context.RequestContext(is_public_api=True)
     utils.check_auth(request, "public_api")
Esempio n. 36
0
 def test_disabled(self):
     CONF.set_override("auth_strategy", "noauth")
     request = mock.Mock(headers={"X-Identity-Status": "Invalid"})
     utils.check_auth(request)