def _on_get_secret_payload(self, secret, external_project_id, **kwargs):
"""GET actual payload containing the secret."""
# With ACL support, the user token project does not have to be same as
# project associated with secret. The lookup project_id needs to be
# derived from the secret's data considering authorization is already
# done.
external_project_id = secret.project.external_id
project = res.get_or_create_project(external_project_id)
# default to application/octet-stream if there is no Accept header
if (type(pecan.request.accept) is accept.NoHeaderType
or not pecan.request.accept.header_value):
accept_header = 'application/octet-stream'
else:
accept_header = pecan.request.accept.header_value
pecan.override_template('', accept_header)
# check if payload exists before proceeding
if not secret.encrypted_data and not secret.secret_store_metadata:
_secret_payload_not_found()
twsk = kwargs.get('trans_wrapped_session_key', None)
transport_key = None
if twsk:
transport_key = self._get_transport_key(
kwargs.get('transport_key_id', None))
return plugin.get_secret(accept_header, secret, project, twsk,
transport_key)
def get(self, id):
LOG.info("Fetch resource.", resource={'type': self.type, 'id': id})
download = strutils.bool_from_string(
pecan.request.GET.get('download', False))
func_db = db_api.get_function(id)
ctx = context.get_ctx()
if not download:
pecan.override_template('json')
return resources.Function.from_dict(func_db.to_dict()).to_dict()
else:
source = func_db.code['source']
if source == 'package':
f = self.storage_provider.retrieve(ctx.projectid, id)
elif source == 'swift':
container = func_db.code['swift']['container']
obj = func_db.code['swift']['object']
f = swift_util.download_object(container, obj)
else:
msg = 'Download image function is not allowed.'
pecan.abort(status_code=405,
detail=msg,
headers={'Server-Error-Message': msg})
pecan.response.app_iter = (f if isinstance(f, collections.Iterable)
else FileIter(f))
pecan.response.headers['Content-Type'] = 'application/zip'
pecan.response.headers['Content-Disposition'] = (
'attachment; filename="%s"' % os.path.basename(func_db.name))
def _on_get_secret_payload(self, secret, external_project_id, **kwargs):
"""GET actual payload containing the secret."""
# With ACL support, the user token project does not have to be same as
# project associated with secret. The lookup project_id needs to be
# derived from the secret's data considering authorization is already
# done.
external_project_id = secret.project.external_id
project = res.get_or_create_project(external_project_id)
# default to application/octet-stream if there is no Accept header
accept_header = getattr(pecan.request.accept, 'header_value',
'application/octet-stream')
pecan.override_template('', accept_header)
twsk = kwargs.get('trans_wrapped_session_key', None)
transport_key = None
if twsk:
transport_key = self._get_transport_key(
kwargs.get('transport_key_id', None))
return plugin.get_secret(accept_header,
secret,
project,
twsk,
transport_key)
def _on_get_secret_payload(self, secret, external_project_id, **kwargs):
"""GET actual payload containing the secret."""
# With ACL support, the user token project does not have to be same as
# project associated with secret. The lookup project_id needs to be
# derived from the secret's data considering authorization is already
# done.
external_project_id = secret.project.external_id
project = res.get_or_create_project(external_project_id)
# default to application/octet-stream if there is no Accept header
accept_header = getattr(pecan.request.accept, 'header_value',
'application/octet-stream')
pecan.override_template('', accept_header)
# check if payload exists before proceeding
if not secret.encrypted_data and not secret.secret_store_metadata:
_secret_payload_not_found()
twsk = kwargs.get('trans_wrapped_session_key', None)
transport_key = None
if twsk:
transport_key = self._get_transport_key(
kwargs.get('transport_key_id', None))
return plugin.get_secret(accept_header,
secret,
project,
twsk,
transport_key)
def index(self, keystone_id):
LOG.debug("== Getting transport key for %s" % keystone_id)
transport_key = self.repo.get(entity_id=self.transport_key_id)
if not transport_key:
_transport_key_not_found()
pecan.override_template('json', 'application/json')
return transport_key
def on_get(self, external_project_id):
LOG.debug("== Getting transport key for %s", external_project_id)
transport_key = self.repo.get(entity_id=self.transport_key_id)
if not transport_key:
_transport_key_not_found()
pecan.override_template('json', 'application/json')
return transport_key
def index(self):
# print pecan.request.content_type
if is_json_request_accept(pecan.request):
pecan.override_template('json', 'application/json')
return {'uri':'/index'}
else:
pecan.override_template('', pecan.request.accept.header_value)
return "/index"
def on_get(self, external_project_id):
LOG.debug("== Getting transport key for %s", external_project_id)
transport_key = self.repo.get(entity_id=self.transport_key_id)
if not transport_key:
_transport_key_not_found()
pecan.override_template('json', 'application/json')
return transport_key
def index(self, keystone_id):
LOG.debug("== Getting transport key for %s" % keystone_id)
transport_key = self.repo.get(entity_id=self.transport_key_id)
if not transport_key:
_transport_key_not_found()
pecan.override_template('json', 'application/json')
return transport_key
def i(self, short):
try:
image_id = short_url.decode_url(short)
except ValueError:
raise exception.ImageNotFound(reference=short)
image = db_api.get_image_by_id(image_id=image_id)
saved_path = path_join(conf.app.static_root,
image.relative_path.encode('UTF-8'))
with file(saved_path) as fh:
content = fh.read()
override_template(None, content_type='image/png')
return content
def _on_get_secret_metadata(self, secret, **kwargs):
"""GET Metadata-only for a secret."""
pecan.override_template('json', 'application/json')
secret_fields = putil.mime_types.augment_fields_with_content_types(
secret)
transport_key_id = self._get_transport_key_id_if_needed(
kwargs.get('transport_key_needed'), secret)
if transport_key_id:
secret_fields['transport_key_id'] = transport_key_id
return hrefs.convert_to_hrefs(secret_fields)
def _on_get_secret_metadata(self, secret, **kwargs):
"""GET Metadata-only for a secret."""
pecan.override_template('json', 'application/json')
secret_fields = putil.mime_types.augment_fields_with_content_types(
secret)
transport_key_id = self._get_transport_key_id_if_needed(
kwargs.get('transport_key_needed'), secret)
if transport_key_id:
secret_fields['transport_key_id'] = transport_key_id
return hrefs.convert_to_hrefs(secret_fields)
def _on_get_secret_payload(self, secret, external_project_id, **kwargs):
"""GET actual payload containing the secret."""
project = res.get_or_create_project(external_project_id,
self.repos.project_repo)
pecan.override_template('', pecan.request.accept.header_value)
twsk = kwargs.get('trans_wrapped_session_key', None)
transport_key = None
if twsk:
transport_key = self._get_transport_key(
kwargs.get('transport_key_id', None))
return plugin.get_secret(pecan.request.accept.header_value, secret,
project, self.repos, twsk, transport_key)
def get(self, id):
"""Get function information or download function package.
This method can support HTTP request using either
'Accept:application/json' or no 'Accept' header.
"""
ctx = context.get_ctx()
acl.enforce('function:get', ctx)
download = strutils.bool_from_string(
pecan.request.GET.get('download', False)
)
func_db = db_api.get_function(id)
if not download:
LOG.info("Getting function %s.", id)
pecan.override_template('json')
return resources.Function.from_db_obj(func_db).to_dict()
LOG.info("Downloading function %s", id)
source = func_db.code['source']
if source == constants.PACKAGE_FUNCTION:
f = self.storage_provider.retrieve(func_db.project_id, id,
func_db.code['md5sum'])
elif source == constants.SWIFT_FUNCTION:
container = func_db.code['swift']['container']
obj = func_db.code['swift']['object']
f = swift_util.download_object(container, obj)
else:
msg = 'Download image function is not allowed.'
pecan.abort(
status_code=405,
detail=msg,
headers={'Server-Error-Message': msg}
)
pecan.response.app_iter = (f if isinstance(f, collections.Iterable)
else FileIter(f))
pecan.response.headers['Content-Type'] = 'application/zip'
pecan.response.headers['Content-Disposition'] = (
'attachment; filename="%s"' % id
)
def index(self, keystone_id, **kwargs):
secret = self.repos.secret_repo.get(entity_id=self.secret_id,
keystone_id=keystone_id,
suppress_exception=True)
if not secret:
_secret_not_found()
if controllers.is_json_request_accept(pecan.request):
# Metadata-only response, no secret retrieval is necessary.
pecan.override_template('json', 'application/json')
secret_fields = putil.mime_types.augment_fields_with_content_types(
secret)
transport_key_needed = kwargs.get('transport_key_needed',
'false').lower() == 'true'
if transport_key_needed:
transport_key_id = plugin.get_transport_key_id_for_retrieval(
secret)
if transport_key_id is not None:
secret_fields['transport_key_id'] = transport_key_id
return hrefs.convert_to_hrefs(secret_fields)
else:
project = res.get_or_create_project(keystone_id,
self.repos.project_repo)
pecan.override_template('', pecan.request.accept.header_value)
transport_key = None
twsk = kwargs.get('trans_wrapped_session_key', None)
if twsk is not None:
transport_key_id = kwargs.get('transport_key_id', None)
if transport_key_id is None:
_request_has_twsk_but_no_transport_key_id()
transport_key_model = self.repos.transport_key_repo.get(
entity_id=transport_key_id,
suppress_exception=True)
transport_key = transport_key_model.transport_key
return plugin.get_secret(pecan.request.accept.header_value,
secret,
project,
self.repos,
twsk,
transport_key)
def t(self, short):
try:
image_id = short_url.decode_url(short)
except ValueError:
raise exception.ImageNotFound(reference=short)
image = db_api.get_image_by_id(image_id=image_id)
relative_path = image.relative_path.encode('UTF-8')
thumbnail_path = util.generate_thumbnail_path(relative_path)
saved_path = path_join(conf.app.static_root, thumbnail_path)
if not exists(saved_path):
logger.debug('generating thumbnail on accessing: %s' % \
saved_path)
util.save_thumbnail(saved_path)
with file(saved_path) as fh:
content = fh.read()
override_template(None, content_type='image/jpeg')
return content
def get(self, id):
LOG.info("Fetch function [id=%s]", id)
download = strutils.bool_from_string(
pecan.request.GET.get('download', False))
func_db = db_api.get_function(id)
ctx = context.get_ctx()
if not download:
pecan.override_template('json')
return resources.Function.from_dict(func_db.to_dict()).to_dict()
else:
f = self.storage_provider.retrieve(
ctx.projectid,
id,
)
pecan.response.app_iter = FileIter(f)
pecan.response.headers['Content-Type'] = 'application/zip'
pecan.response.headers['Content-Disposition'] = (
'attachment; filename="%s"' % os.path.basename(f.name))
def index(self, keystone_id):
secret = self.repo.get(entity_id=self.secret_id,
keystone_id=keystone_id,
suppress_exception=True)
if not secret:
_secret_not_found()
if controllers.is_json_request_accept(pecan.request):
# Metadata-only response, no decryption necessary.
pecan.override_template('json', 'application/json')
secret_fields = mime_types.augment_fields_with_content_types(
secret)
return hrefs.convert_to_hrefs(keystone_id, secret_fields)
else:
tenant = res.get_or_create_tenant(keystone_id, self.tenant_repo)
pecan.override_template('', pecan.request.accept.header_value)
return self.crypto_manager.decrypt(
pecan.request.accept.header_value,
secret,
tenant
)
def index(self, keystone_id):
secret = self.repo.get(entity_id=self.secret_id,
keystone_id=keystone_id,
suppress_exception=True)
if not secret:
_secret_not_found()
if controllers.is_json_request_accept(pecan.request):
# Metadata-only response, no decryption necessary.
pecan.override_template('json', 'application/json')
secret_fields = mime_types.augment_fields_with_content_types(
secret)
return hrefs.convert_to_hrefs(keystone_id, secret_fields)
else:
tenant = res.get_or_create_tenant(keystone_id, self.tenant_repo)
pecan.override_template('', pecan.request.accept.header_value)
return self.crypto_manager.decrypt(
pecan.request.accept.header_value,
secret,
tenant
)
def index_POST(self, **data):
ret = "Error"
try:
username = data['username']
password = data['password']
except KeyError:
return 'Error: format not support'
session = sql.BaseSQL().session_write()
"check username exits"
if (session.query(tables.User).filter(tables.User.username == username).scalar() == None):
session.add(tables.User(username=username,password=password))
ret = 'register success!'
else:
ret = 'username exits!'
if is_json_request_accept(pecan.request):
pecan.override_template('json', 'application/json')
return {'result':ret}
else:
pecan.override_template('', pecan.request.accept.header_value)
return ret
def get(self, function_id, version):
"""Get function version or download function version package.
This method can support HTTP request using either
'Accept:application/json' or no 'Accept' header.
"""
ctx = context.get_ctx()
acl.enforce('function_version:get', ctx)
download = strutils.bool_from_string(
pecan.request.GET.get('download', False)
)
version = int(version)
version_db = db_api.get_function_version(function_id, version)
if not download:
LOG.info("Getting version %s for function %s.", version,
function_id)
pecan.override_template('json')
return resources.FunctionVersion.from_db_obj(version_db).to_dict()
LOG.info("Downloading version %s for function %s.", version,
function_id)
f = self.storage_provider.retrieve(version_db.project_id, function_id,
None, version=version)
if isinstance(f, collections.Iterable):
pecan.response.app_iter = f
else:
pecan.response.app_iter = FileIter(f)
pecan.response.headers['Content-Type'] = 'application/zip'
pecan.response.headers['Content-Disposition'] = (
'attachment; filename="%s_%s"' % (function_id, version)
)
def _on_get_secret_payload(self, secret, external_project_id, **kwargs):
"""GET actual payload containing the secret."""
# With ACL support, the user token project does not have to be same as
# project associated with secret. The lookup project_id needs to be
# derived from the secret's data considering authorization is already
# done.
external_project_id = secret.project_assocs[0].projects.external_id
project = res.get_or_create_project(external_project_id)
pecan.override_template('', pecan.request.accept.header_value)
twsk = kwargs.get('trans_wrapped_session_key', None)
transport_key = None
if twsk:
transport_key = self._get_transport_key(
kwargs.get('transport_key_id', None))
return plugin.get_secret(pecan.request.accept.header_value,
secret,
project,
twsk,
transport_key)
def index(self):
override_template(None, content_type='text/plain')
return 'Override'
def index(self):
override_template(None, content_type="text/plain")
return "Override"
def level(self, level):
override_template('levels/%s.json' % level)
return {}
def wrapped(*args, **kwargs):
f(*args, **kwargs)
pecan.response.status = 204
pecan.override_template(None)
def wrapped(*args, **kwargs):
f(*args, **kwargs)
pecan.response.status = 204
pecan.override_template(None)
def wrapped(*args, **kwargs):
LOG.info('%s(): caller(): %s', log_utils.get_fname(1),
log_utils.get_fname(2))
f(*args, **kwargs)
pecan.response.status = 204
pecan.override_template(None)