def wrapped_f(*args): permission_granted = False tornado_handler = args[0] username = tornado_handler.get_current_user() user = Hierarchy.get_user(username) user_groups = Hierarchy.get_groups_of_user(username, user.current_customer) for group in user_groups: if self._permission in group.permissions: permission_granted = True break elif Permission.Admin in group.permissions: permission_granted = True break if permission_granted: f(*args) else: self._permission_denied(tornado_handler)
def wrapped_f(*args): permission_granted = False tornado_handler = args[0] username = tornado_handler.get_current_user() user = Hierarchy.get_user(username) user_groups = Hierarchy.get_groups_of_user( username, user.current_customer ) for group in user_groups: if self._permission in group.permissions: permission_granted = True break elif Permission.Admin in group.permissions: permission_granted = True break if permission_granted: f(*args) else: self._permission_denied(tornado_handler)
def post(self): self.set_header('Content-Type', 'application/json') username = self.arguments.get("username", None) password = self.arguments.get("password", None) uri = self.arguments.get("uri", None) result = {} if uri: if self.get_current_user(): self._response_authorized() else: self._response_unauthorized() elif username and password: username = username.encode('utf-8') password = password.encode('utf-8') authenticated = Hierarchy.authenticate_account(username, password) if authenticated: self.set_secure_cookie("user", username, secure=True) self._response_authorized() else: self._response_unauthorized() else: if not username: result['username'] = ['Username is required.'] if not password: result['password'] = ['Password is required.'] self.set_status(400) self.write(json.dumps(result))
def post(self): self.set_header('Content-Type', 'application/json') parameters = dict() username = self.get_current_user() password = self.get_argument('password', None) parameters['customer_context'] = self.get_argument('customer_context', None) parameters['password'] = self.get_argument('new_password', None) if parameters['password']: complexity_passed, complexity = check_password(parameters['password']) if not complexity_passed: result = {} result['pass'] = False result['message'] = 'Password must be 8 characters in length and contain lower and upper case characters: Strength = %s' % complexity, self.write(json.dumps(result, indent=4)) return if password: if not Hierarchy.authenticate_account(username, password): result = {} result['pass'] = False result['message'] = 'Incorrect username or password.' self.write(json.dumps(result, indent=4)) return else: result = {} result['pass'] = False result['message'] = 'Current password not provided.' self.write(json.dumps(result, indent=4)) return parameters['username'] = username parameters['fullname'] = self.get_argument('fullname', None) parameters['email'] = self.get_argument('email', None) parameters['current_customer_id'] = self.get_argument( 'current_customer_id', None) parameters['customer_ids'] = None parameters['default_customer_id'] = self.get_argument( 'default_customer_id', None ) parameters['group_names'] = self.get_arguments('group_name', None) parameters['group_ids'] = self.get_arguments('group_id', None) result = api.User.edit(**parameters) self.write(json.dumps(result, indent=4))
def post(self): username = self.arguments.get("name", None) password = self.arguments.get("password", None) username = username.encode('utf-8') password = password.encode('utf-8') if username and password: authenticated = Hierarchy.authenticate_account(username, password) if authenticated: self.set_secure_cookie("user", username) return else: self.set_status(403) self.write("Invalid username and/or password .") else: self.set_status(403) self.write("Invalid username and/or password .")
def get_base_url(customer_name): return Hierarchy.get_customer_property(customer_name, CoreProperty.PackageUrl)
def get_base_url(customer_name): return Hierarchy.get_customer_property( customer_name, CoreProperty.PackageUrl )
def initialize_db(): os.umask(0) if not os.path.exists('/opt/TopPatch/var/tmp'): os.mkdir('/opt/TopPatch/var/tmp') if not os.path.exists('/opt/TopPatch/var/log'): os.mkdir('/opt/TopPatch/var/log') if not os.path.exists('/opt/TopPatch/var/rethinkdb'): os.mkdir('/opt/TopPatch/var/rethinkdb') if not os.path.exists('/opt/TopPatch/var/scheduler'): os.mkdir('/opt/TopPatch/var/scheduler') if not os.path.exists('/opt/TopPatch/var/packages'): os.mkdir('/opt/TopPatch/var/packages') if not os.path.exists('/opt/TopPatch/logs'): os.mkdir('/opt/TopPatch/logs') if not os.path.exists('/opt/TopPatch/var/packages/tmp'): os.mkdir('/opt/TopPatch/var/packages/tmp', 0773) if not os.path.exists('/opt/TopPatch/tp/src/plugins/cve/data/xls'): os.makedirs('/opt/TopPatch/tp/src/plugins/cve/data/xls', 0773) if not os.path.exists('/opt/TopPatch/tp/src/plugins/cve/data/xml'): os.mkdir('/opt/TopPatch/tp/src/plugins/cve/data/xml', 0773) if not os.path.exists('/opt/TopPatch/tp/src/plugins/cve/data/html/ubuntu'): os.makedirs('/opt/TopPatch/tp/src/plugins/cve/data/html/ubuntu', 0773) if not os.path.exists('/usr/lib/libpcre.so.1'): os.symlink('/opt/TopPatch/lib/libpcre.so.1', '/usr/lib') if not os.path.exists('/etc/init.d/vFense'): subprocess.Popen( [ 'ln', '-s', '/opt/TopPatch/tp/src/daemon/vFense', '/etc/init.d/vFense' ], ) subprocess.Popen( [ 'update-rc.d', 'vFense', 'defaults' ], ) if not os.path.exists('/etc/init.d/nginx'): subprocess.Popen( [ 'ln', '-s', '/opt/TopPatch/tp/src/daemon/nginx', '/etc/init.d/nginx' ], ) subprocess.Popen( [ 'update-rc.d', 'nginx', 'defaults' ], ) try: tp_exists = pwd.getpwnam('toppatch') except Exception as e: subprocess.Popen( [ 'adduser', 'toppatch', ], ) os.chdir(RETHINK_PATH) rethink_init = subprocess.Popen(['./rethinkdb', 'create', '-d', RETHINK_INSTANCES_PATH], stdout=subprocess.PIPE) rethink_init.poll() rethink_init.wait() if rethink_init.returncode == 0: rethink_start = subprocess.Popen(['./rethinkdb', '--config-file', RETHINK_CONF, '--web-static-directory', RETHINK_WEB]) rethink_start.poll() completed = True sleep(2) while not db_connect(): print 'Sleeping until rethink starts' sleep(2) else: completed = False msg = 'Failed during Rethink initialization' return(completed, msg) if completed: conn = r.connect(port=9009) r.db_create('toppatch_server').run(conn) db = r.db('toppatch_server') conn.close() ci.initialize_indexes_and_create_tables() conn = db_connect() hierarchy_db.init() Hierarchy.create_customer( DefaultCustomer, { CoreProperty.NetThrottle: '0', CoreProperty.CpuThrottle: 'idle', CoreProperty.PackageUrl: url } ) admin_pass = args.admin_password Hierarchy.create_user( 'admin', 'TopPatch Admin Account', '*****@*****.**', admin_pass, groups=[DefaultGroup.Administrator] ) if args.cve_data: print "Updating CVE's..." load_up_all_xml_into_db() print "Done Updating CVE's..." print "Updating Microsoft Security Bulletin Ids..." parse_bulletin_and_updatedb() print "Done Updating Microsoft Security Bulletin Ids..." print "Updating Ubuntu Security Bulletin Ids...( This can take a couple of minutes )" begin_usn_home_page_processing(full_parse=True) print "Done Updating Ubuntu Security Bulletin Ids..." print 'Admin user and password = admin:%s' % (admin_pass) agent_pass = generate_pass() agent = Hierarchy.create_user( 'agent', 'TopPatch Agent Communication Account', '*****@*****.**', agent_pass, groups=[DefaultGroup.Administrator] ) print 'Agent user and password = agent:%s' % (agent_pass) monit.monit_initialization() conn.close() completed = True msg = 'Rethink Initialization and Table creation is now complete' pid = open(RETHINK_PID_FILE, 'r').read() if re.search(r'[0-9]+', pid): try: os.kill(int(pid), signal.SIGTERM) os.remove(RETHINK_PID_FILE) except Exception as e: if e.errno == 3: os.remove(RETHINK_PID_FILE) rql_msg = 'Rethink stopped successfully\n' else: rql_msg = 'Rethink could not be stopped\n' print rql_msg return completed, msg else: completed = False msg = 'Failed during Rethink startup process' return completed, msg
def initialize_db(): os.umask(0) if not os.path.exists('/opt/TopPatch/var/tmp'): os.mkdir('/opt/TopPatch/var/tmp') if not os.path.exists('/opt/TopPatch/var/log'): os.mkdir('/opt/TopPatch/var/log') if not os.path.exists('/opt/TopPatch/var/rethinkdb'): os.mkdir('/opt/TopPatch/var/rethinkdb') if not os.path.exists('/opt/TopPatch/var/scheduler'): os.mkdir('/opt/TopPatch/var/scheduler') if not os.path.exists('/opt/TopPatch/var/packages'): os.mkdir('/opt/TopPatch/var/packages') if not os.path.exists('/opt/TopPatch/logs'): os.mkdir('/opt/TopPatch/logs') if not os.path.exists('/opt/TopPatch/var/packages/tmp'): os.mkdir('/opt/TopPatch/var/packages/tmp', 0773) if not os.path.exists('/opt/TopPatch/tp/src/plugins/cve/data/xls'): os.makedirs('/opt/TopPatch/tp/src/plugins/cve/data/xls', 0773) if not os.path.exists('/opt/TopPatch/tp/src/plugins/cve/data/xml'): os.mkdir('/opt/TopPatch/tp/src/plugins/cve/data/xml', 0773) if not os.path.exists('/opt/TopPatch/tp/src/plugins/cve/data/html/ubuntu'): os.makedirs('/opt/TopPatch/tp/src/plugins/cve/data/html/ubuntu', 0773) if not os.path.exists('/usr/lib/libpcre.so.1'): os.symlink('/opt/TopPatch/lib/libpcre.so.1', '/usr/lib') if not os.path.exists('/etc/init.d/vFense'): subprocess.Popen([ 'ln', '-s', '/opt/TopPatch/tp/src/daemon/vFense', '/etc/init.d/vFense' ], ) subprocess.Popen(['update-rc.d', 'vFense', 'defaults'], ) if not os.path.exists('/etc/init.d/nginx'): subprocess.Popen([ 'ln', '-s', '/opt/TopPatch/tp/src/daemon/nginx', '/etc/init.d/nginx' ], ) subprocess.Popen(['update-rc.d', 'nginx', 'defaults'], ) try: tp_exists = pwd.getpwnam('toppatch') except Exception as e: subprocess.Popen([ 'adduser', 'toppatch', ], ) os.chdir(RETHINK_PATH) rethink_init = subprocess.Popen( ['./rethinkdb', 'create', '-d', RETHINK_INSTANCES_PATH], stdout=subprocess.PIPE) rethink_init.poll() rethink_init.wait() if rethink_init.returncode == 0: rethink_start = subprocess.Popen([ './rethinkdb', '--config-file', RETHINK_CONF, '--web-static-directory', RETHINK_WEB ]) rethink_start.poll() completed = True sleep(2) while not db_connect(): print 'Sleeping until rethink starts' sleep(2) else: completed = False msg = 'Failed during Rethink initialization' return (completed, msg) if completed: conn = r.connect(port=9009) r.db_create('toppatch_server').run(conn) db = r.db('toppatch_server') conn.close() ci.initialize_indexes_and_create_tables() conn = db_connect() hierarchy_db.init() Hierarchy.create_customer( DefaultCustomer, { CoreProperty.NetThrottle: '0', CoreProperty.CpuThrottle: 'idle', CoreProperty.PackageUrl: url }) admin_pass = args.admin_password Hierarchy.create_user('admin', 'TopPatch Admin Account', '*****@*****.**', admin_pass, groups=[DefaultGroup.Administrator]) if args.cve_data: print "Updating CVE's..." load_up_all_xml_into_db() print "Done Updating CVE's..." print "Updating Microsoft Security Bulletin Ids..." parse_bulletin_and_updatedb() print "Done Updating Microsoft Security Bulletin Ids..." print "Updating Ubuntu Security Bulletin Ids...( This can take a couple of minutes )" begin_usn_home_page_processing(full_parse=True) print "Done Updating Ubuntu Security Bulletin Ids..." print 'Admin user and password = admin:%s' % (admin_pass) agent_pass = generate_pass() agent = Hierarchy.create_user('agent', 'TopPatch Agent Communication Account', '*****@*****.**', agent_pass, groups=[DefaultGroup.Administrator]) print 'Agent user and password = agent:%s' % (agent_pass) monit.monit_initialization() conn.close() completed = True msg = 'Rethink Initialization and Table creation is now complete' pid = open(RETHINK_PID_FILE, 'r').read() if re.search(r'[0-9]+', pid): try: os.kill(int(pid), signal.SIGTERM) os.remove(RETHINK_PID_FILE) except Exception as e: if e.errno == 3: os.remove(RETHINK_PID_FILE) rql_msg = 'Rethink stopped successfully\n' else: rql_msg = 'Rethink could not be stopped\n' print rql_msg return completed, msg else: completed = False msg = 'Failed during Rethink startup process' return completed, msg