def __init__(self, config=None):
super(Audit, self).__init__(config)
self.name = "containeraudit"
write_conf = self.config.get('PI_AUDIT_CONTAINER_WRITE')
read_conf = self.config.get('PI_AUDIT_CONTAINER_READ')
# Initialize all modules
self.write_modules = [get_module_class(audit_module, "Audit", "log")(config) for audit_module in write_conf]
self.read_module = get_module_class(read_conf, "Audit", "log")(config)
if not self.read_module.is_readable:
log.warning(u"The specified PI_AUDIT_CONTAINER_READ {0!s} is not readable.".format(self.read_module))
def test_21_get_module_class(self):
r = get_module_class("privacyidea.lib.auditmodules.sqlaudit", "Audit", "log")
from privacyidea.lib.auditmodules.sqlaudit import Audit
self.assertEqual(r, Audit)
# Fails to return the class, if the method does not exist
self.assertRaises(NameError, get_module_class, "privacyidea.lib.auditmodules.sqlaudit", "Audit",
"this_method_does_not_exist")
# Fails if the class does not exist
with self.assertRaises(ImportError):
get_module_class("privacyidea.lib.auditmodules.sqlaudit", "DoesNotExist")
# Fails if the package does not exist
with self.assertRaises(ImportError):
get_module_class("privacyidea.lib.auditmodules.doesnotexist", "Aduit")
def test_21_get_module_class(self):
r = get_module_class("privacyidea.lib.auditmodules.sqlaudit", "Audit", "log")
from privacyidea.lib.auditmodules.sqlaudit import Audit
self.assertEqual(r, Audit)
# Fails to return the class, if the method does not exist
self.assertRaises(NameError, get_module_class, "privacyidea.lib.auditmodules.sqlaudit", "Audit",
"this_method_does_not_exist")
# Fails if the class does not exist
with self.assertRaises(ImportError):
get_module_class("privacyidea.lib.auditmodules.sqlaudit", "DoesNotExist")
# Fails if the package does not exist
with self.assertRaises(ImportError):
get_module_class("privacyidea.lib.auditmodules.doesnotexist", "Aduit")
def register_app(self, app):
"""
Create an instance of a ``BaseQueue`` subclass according to the app config's
``PI_JOB_QUEUE_CLASS`` option and store it in the ``job_queue`` config.
Register all collected jobs with this application.
This instance is shared between threads!
This function should only be called once per process.
:param app: privacyIDEA app
"""
with app.app_context():
store = get_app_local_store()
if "job_queue" in store:
raise RuntimeError("App already has a job queue: {!r}".format(
store["job_queue"]))
try:
package_name, class_name = app.config[JOB_QUEUE_CLASS].rsplit(
".", 1)
queue_class = get_module_class(package_name, class_name)
except (ImportError, ValueError) as exx:
log.warning(u"Could not import job queue class {!r}: {!r}".format(
app.config[JOB_QUEUE_CLASS], exx))
return
# Extract configuration from app config: All options starting with PI_JOB_QUEUE_
options = {}
for k, v in app.config.items():
if k.startswith(JOB_QUEUE_OPTION_PREFIX) and k != JOB_QUEUE_CLASS:
options[k[len(JOB_QUEUE_OPTION_PREFIX):].lower()] = v
job_queue = queue_class(options)
log.info(u"Created a new job queue: {!r}".format(job_queue))
store["job_queue"] = job_queue
for name, (func, args, kwargs) in self._jobs.items():
job_queue.register_job(name, func, *args, **kwargs)
def create_hsm_object(config):
"""
This creates an HSM object from the given config dictionary.
The config dictionary are the values that appear in pi.cfg.
It is needed PI_HSM_MODULE and all other values
PI_HSM_MODULE_* depending on the module implementation.
:param config: A configuration dictionary
:return: A HSM object
"""
# We need this to resolve the circular dependency between utils and crypto.
from privacyidea.lib.utils import get_module_class
hsm_module_name = config.get("PI_HSM_MODULE",
"privacyidea.lib.security.default.DefaultSecurityModule")
package_name, class_name = hsm_module_name.rsplit(".", 1)
hsm_class = get_module_class(package_name, class_name, "setup_module")
log.info("initializing HSM class: {0!s}".format(hsm_class))
hsm_parameters = {}
if class_name == "DefaultSecurityModule":
hsm_parameters = {"file": config.get("PI_ENCFILE")}
else:
# get all parameters by splitting every config entry starting with PI_HSM_MODULE_
# and pass this as a config object to hsm_class.
hsm_parameters = {}
for key in config.keys():
if key.startswith("PI_HSM_MODULE_"):
param = key[len("PI_HSM_MODULE_"):].lower()
hsm_parameters[param] = config.get(key)
logging_params = dict(hsm_parameters)
if "password" in logging_params:
logging_params["password"] = "******"
log.info("calling HSM module with parameters {0}".format(logging_params))
return hsm_class(hsm_parameters)
def register_app(self, app):
"""
Create an instance of a ``BaseQueue`` subclass according to the app config's
``PI_JOB_QUEUE_CLASS`` option and store it in the ``job_queue`` config.
Register all collected jobs with this application.
This instance is shared between threads!
This function should only be called once per process.
:param app: privacyIDEA app
"""
with app.app_context():
store = get_app_local_store()
if "job_queue" in store:
raise RuntimeError("App already has a job queue: {!r}".format(store["job_queue"]))
try:
package_name, class_name = app.config[JOB_QUEUE_CLASS].rsplit(".", 1)
queue_class = get_module_class(package_name, class_name)
except (ImportError, ValueError) as exx:
log.warning(u"Could not import job queue class {!r}: {!r}".format(app.config[JOB_QUEUE_CLASS], exx))
return
# Extract configuration from app config: All options starting with PI_JOB_QUEUE_
options = {}
for k, v in app.config.items():
if k.startswith(JOB_QUEUE_OPTION_PREFIX) and k != JOB_QUEUE_CLASS:
options[k[len(JOB_QUEUE_OPTION_PREFIX):].lower()] = v
job_queue = queue_class(options)
log.info(u"Created a new job queue: {!r}".format(job_queue))
store["job_queue"] = job_queue
for name, (func, args, kwargs) in self._jobs.items():
job_queue.register_job(name, func, *args, **kwargs)
def get_sms_provider_class(packageName, className):
"""
helper method to load the SMSProvider class from a given
package in literal:
example:
get_sms_provider_class("HTTPSMSProvider", "SMSProvider")()
check:
checks, if the submit_message method exists
if not an error is thrown
"""
return get_module_class(packageName, className, "submit_message")
def get_sms_provider_class(packageName, className):
"""
helper method to load the SMSProvider class from a given
package in literal:
example:
get_sms_provider_class("HTTPSMSProvider", "SMSProvider")()
check:
checks, if the submit_message method exists
if not an error is thrown
"""
return get_module_class(packageName, className, "submit_message")
def getAudit(config):
"""
This wrapper function creates a new audit object based on the config
from the config file. The config file entry could look like this:
PI_AUDIT_MODULE = privacyidea.lib.auditmodules.sqlaudit
Each audit module (at the moment only SQL) has its own additional config
entries.
:param config: The config entries from the file config
:return: Audit Object
"""
audit_module = config.get("PI_AUDIT_MODULE")
audit = get_module_class(audit_module, "Audit", "log")(config)
return audit
def _get_monitoring():
"""
This wrapper function creates a new monitoring object based on the config
from the config file. The config file entry could look like this:
PI_MONITORING_MODULE = privacyidea.lib.monitoringmodule.sqlstats
Each monitoring module can have its own config values.
:return: Monitoring Object
"""
store = get_request_local_store()
# check if the monitoring object is not yet in this request_store
if 'monitoring_object' not in store:
config = get_app_config()
monitoring_module = config.get(
"PI_MONITORING_MODULE",
"privacyidea.lib.monitoringmodules.sqlstats")
monitoring = get_module_class(monitoring_module, "Monitoring")(config)
store['monitoring_object'] = monitoring
return store.get('monitoring_object')
