def generateResults(self, **kwargs): app_name = kwargs.get('client_app', APP_NAME) sessionKey = cherrypy.session.get('sessionKey') user = cherrypy.session['user']['name'] # if the current app doesn't exist... app = App.get(App.build_id(app_name, app_name, user)) try: hadoop = HadoopOps.get(HadoopOps.build_id(user, app_name, user)) except: hadoop = HadoopOps(app_name, user, user) if kwargs.get('set_ignore'): hadoop.has_ignored = True hadoop.passive_save() return self.render_json({'has_ignored': True, 'errors': []}) if hadoop.id and hadoop.has_ignored: return self.render_json({'has_ignored': True, 'errors': []}) if app.is_configured: return self.render_json({'is_configured': True, 'errors': []}) else: if self.is_app_admin(app, user): return self.render_json({'is_configured': False, 'is_admin': True, 'errors': []}) else: return self.render_json({'is_configured': False, 'is_admin': False, 'errors': []})
def generateResults(self, **kwargs): app_name = kwargs.get('client_app', APP_NAME) sessionKey = cherrypy.session.get('sessionKey') user = cherrypy.session['user']['name'] # if the current app doesn't exist... app = App.get(App.build_id(app_name, app_name, user)) if kwargs.get('set_ignore'): app.is_configured = True app.passive_save() return self.render_json({'has_ignored': True, 'errors': []}) if app.is_configured: return self.render_json({'is_configured': True, 'errors': []}) else: if self.is_app_admin(app, user): return self.render_json({ 'is_configured': False, 'is_admin': True, 'errors': [] }) else: return self.render_json({ 'is_configured': False, 'is_admin': False, 'errors': [] })
def is_configured(self, app=None, assume_true_on_error=False): if app: try: app = App.get(App.build_id(app, '', 'nobody'), self._input_config.session_key) return app.is_configured except splunk.RESTException: return assume_true_on_error else: return assume_true_on_error
def save(self, app, action, **params): ''' save the posted hadoop ops setup content ''' error_key = None form_content = {} user = cherrypy.session['user']['name'] host_app = cherrypy.request.path_info.split('/')[3] this_app = App.get(App.build_id(app, app, user)) ftr = 0 if (this_app.is_configured) else 1 redirect_params = dict(ftr=ftr) logger.error(params) # pass 1: load all user-supplied values as models for k, v in params.iteritems(): try: key = k.split('.')[1] except IndexError: continue if key and key in MACROS: if isinstance(v, list): definition = (' OR ').join(v) else: definition = v try: form_content[key] = Macro.get( Macro.build_id(key, app, user)) except: form_content[key] = Macro(app, user, key) form_content[key].definition = definition form_content[key].metadata.sharing = 'app' # pass 2: try to save(), and if we fail we return the user-supplied values for key in form_content.keys(): try: if not form_content[key].passive_save(): logger.error('Error saving setup values') return self.render_template('/%s:/templates/setup_show.html' \ % host_app, dict(name=key, app=app, form_content=form_content)) except splunk.AuthorizationFailed: logger.error('User %s is unauthorized to perform setup on %s' % (user, app)) raise cherrypy.HTTPRedirect( self._redirect(host_app, app, 'unauthorized', **redirect_params), 303) except Exception, ex: logger.debug(ex) logger.error('Failed to save eventtype %s' % key) raise cherrypy.HTTPRedirect( self._redirect(host_app, app, 'failure', **redirect_params), 303)
def generateResults(self, **kwargs): ''' be careful to account for tricky conditions where some users can't interact with our custom REST endpoint by falling back to bundle ''' app_name = kwargs.get('client_app', STATIC_APP) conf_name = 'unix' legacy_mode = False sessionKey = cherrypy.session.get('sessionKey') user = cherrypy.session['user']['name'] if os.path.exists(LEGACY_SETUP): shutil.move(LEGACY_SETUP, LEGACY_SETUP + '.bak') logger.info('disabled legacy setup.xml for %s' % app_name) # if the current app doesn't exist... app = App.get(App.build_id(app_name, app_name, user)) try: a = Unix.get(Unix.build_id(user, app_name, user)) except: a = Unix(app_name, user, user) if kwargs.get('set_ignore'): try: a.has_ignored = True a.save() except: # assumption: 99% of exceptions here will be 403 # we could version check, but this seems better to_set = {user: {'has_ignored': 1}} self.setConf(to_set, conf_name, namespace=app_name, sessionKey=sessionKey, owner=user) legacy_mode = True return self.render_json({'has_ignored': True, 'errors': ['legacy_mode=%s' % legacy_mode]}) if a.id and a.has_ignored: return self.render_json({'has_ignored': True, 'errors': []}) else: conf = self.getConf(conf_name, sessionKey=sessionKey, namespace=app_name, owner=user) if conf and conf[user] and util.normalizeBoolean(conf[user]['has_ignored']): return self.render_json({'has_ignored': True, 'errors': ['using legacy method']}) if app.is_configured: return self.render_json({'is_configured': True, 'errors': []}) else: if self.is_app_admin(app, user): return self.render_json({'is_configured': False, 'is_admin': True, 'errors': []}) return self.render_json({'is_configured': False, 'is_admin': False, 'errors': []})
def save(self, app, action, **params): ''' save the posted hadoop ops setup content ''' error_key = None form_content = {} user = cherrypy.session['user']['name'] host_app = cherrypy.request.path_info.split('/')[3] this_app = App.get(App.build_id(app, app, user)) ftr = 0 if (this_app.is_configured) else 1 redirect_params = dict(ftr=ftr) logger.error(params) # pass 1: load all user-supplied values as models for k, v in params.iteritems(): try: key = k.split('.')[1] except IndexError: continue if key and key in MACROS: if isinstance(v, list): definition = (' OR ').join(v) else: definition = v try: form_content[key] = Macro.get(Macro.build_id(key, app, user)) except: form_content[key] = Macro(app, user, key) form_content[key].definition = definition form_content[key].metadata.sharing = 'app' # pass 2: try to save(), and if we fail we return the user-supplied values for key in form_content.keys(): try: if not form_content[key].passive_save(): logger.error('Error saving setup values') return self.render_template('/%s:/templates/setup_show.html' \ % host_app, dict(name=key, app=app, form_content=form_content)) except splunk.AuthorizationFailed: logger.error('User %s is unauthorized to perform setup on %s' % (user, app)) raise cherrypy.HTTPRedirect(self._redirect(host_app, app, 'unauthorized', **redirect_params), 303) except Exception, ex: logger.debug(ex) logger.error('Failed to save eventtype %s' % key) raise cherrypy.HTTPRedirect(self._redirect(host_app, app, 'failure', **redirect_params), 303)
def is_app_admin(self, app_name, user): ''' used to determine app administrator membership necessary because splunkd auth does not advertise inherited roles ''' sub_roles = [] app = App.get(App.build_id(app_name, app_name, user)) admin_list = app.entity['eai:acl']['perms']['write'] if '*' in admin_list: return True for role in auth.getUser(name=user)['roles']: if role in admin_list: return True sub_roles.append(role) for role in sub_roles: for irole in auth.getRole(name=role)['imported_roles']: if irole in admin_list: return True return False
def save_categories(self, app, action, **params): user = cherrypy.session['user']['name'] host_app = cherrypy.request.path_info.split('/')[3] this_app = App.get(App.build_id(host_app, host_app, user)) for param in params: data = json.loads(param) csvData = [] csvOrder = [1, 2, 0] #logger.error('before: %s' % data) self.tree_to_csv(csvData, data, csvOrder, [0, 0, 0]) csvHeader = ["host", "unix_category", "unix_group"] csvData.insert(0, csvHeader) #logger.error('after: %s' % csvData) dropdownsCsv = os.path.join(util.get_apps_dir(), 'SA-nix', 'lookups', 'dropdowns.csv') with open(dropdownsCsv, 'wb') as csvfile: writer = csv.writer(csvfile) writer.writerows(csvData)
writeToCsv(sharegroupList, SHAREGROUP_OUTPUT) writeToCsv(includeList, INCLUDE_OUTPUT) writeToCsv(ssmargsList, SSMARGS_OUTPUT) writeToCsv(scheduleList, SCHEDULE_OUTPUT) writeToCsv(scheduleCalendar, SCHEDULE_CALENDAR_OUTPUT) def execute(): scriptData = getScriptData() args = scriptData.args.split(" ") scriptResult = None while True: scriptResult = wrapper_utils.getScriptOutput([scriptData.path] + args, scriptData.maxDuration, scriptData.debug, logger) if(scriptResult[2]): break logger.error('Couldn\'t execute script in time') data = scriptResult[0][0] # with open(INPUT_FILE) as f: # data = f.readlines() policies = AllPolicies(data) policies.writePolicies() if __name__ == '__main__': token = sys.stdin.readlines()[0] app = App.get(App.build_id('nbu_setup_app', 'nbu_setup_app', 'nobody'), sessionKey = token) if (app.is_configured): execute() else: logger.info('App not configured!')
m.disable() else: m.enable() m.share_global() self.update_distsearch(host_app, normBool(params.get('optimize_dist_search'))) logger.debug('Splunk Version = %s' % self._get_version()) if self._get_version() <= LooseVersion('4.2.2'): temp_app = bundle.getConf('app', namespace=host_app, owner='nobody') temp_app['install']['is_configured'] = 'true' else: this_app = App.get(App.build_id(host_app, host_app, user)) this_app.is_configured = True this_app.passive_save() logger.info('%s - App setup successful' % host_app) raise cherrypy.HTTPRedirect(self._redirect(host_app, app, 'success')) def get_distsearch(self, host_app): return bundle.getConf( 'distsearch', namespace=host_app, owner='nobody')['replicationBlacklist']['nontsyslogmappings'] def is_app_admin(self, app_name, user): ''' used to determine app administrator membership
class TAUnixSetup(controllers.BaseController): '''TA Unix Setup Controller''' @route('/:app/:action=setup') @expose_page(must_login=True, methods=['GET']) @host_app def setup(self, app, action, host_app=None, **kwargs): ''' show the setup page ''' user = cherrypy.session['user']['name'] if not self.is_app_admin(host_app, user): raise cherrypy.HTTPRedirect( self._redirect(host_app, app, 'unauthorized')) mon = MonitorInput.all() mon = mon.filter_by_app(app) scripted = ScriptedInput.all() scripted = scripted.filter_by_app(app) system = (not (sys.platform.startswith('win'))) return self.render_template( '/%s:/templates/setup_show.html' % host_app, dict(system=system, mon=mon, scripted=scripted, app=app)) @route('/:app/:action=success') @expose_page(must_login=True, methods=['GET']) @host_app def success(self, app, action, host_app=None, **kwargs): ''' render the success page ''' return self.render_template('/%s:/templates/setup_success.html' \ % host_app, dict(app=app)) @route('/:app/:action=failure') @expose_page(must_login=True, methods=['GET']) @host_app def failure(self, app, action, host_app=None, **kwargs): ''' render the failure page ''' return self.render_template('/%s:/templates/setup_failure.html' \ % host_app, dict(app=app)) @route('/:app/:action=unauthorized') @expose_page(must_login=True, methods=['GET']) @host_app def unauthorized(self, app, action, host_app=None, **kwargs): ''' render the unauthorized page ''' return self.render_template('/%s:/templates/setup_403.html' \ % host_app, dict(app=app)) @route('/:app/:action=save') @expose_page(must_login=True, methods=['POST']) @host_app def save(self, app, action, host_app=None, **params): ''' save the posted setup content ''' user = cherrypy.session['user']['name'] mon = MonitorInput.all() mon = mon.filter_by_app(app) scripted = ScriptedInput.all() scripted = scripted.filter_by_app(app) for m in mon: disabled = normBool(params.get(m.name + '.disabled')) if disabled: m.disable() else: m.enable() m.share_global() for s in scripted: disabled = normBool(params.get(s.name + '.disabled')) if disabled: s.disable() else: s.enable() s.share_global() interval = params.get(s.name + '.interval') if interval: s.interval = interval try: if not s.passive_save(): logger.error(m.errors) return self.render_template( '/%s:/templates/setup_show.html' \ % host_app, dict(app=app, errors=s, scripted=scripted, mon=mon) ) except splunk.AuthorizationFailed: raise cherrypy.HTTPRedirect( self._redirect(host_app, app, 'unauthorized')) except Exception, ex: logger.info(ex) raise cherrypy.HTTPRedirect( self._redirect(host_app, app, 'failure')) logger.debug('Splunk Version = %s' % self._get_version()) if self._get_version() <= LooseVersion('4.2.2'): import splunk.bundle as bundle temp_app = bundle.getConf('app', namespace=host_app, owner='nobody') temp_app['install']['is_configured'] = 'true' else: this_app = App.get(App.build_id(host_app, host_app, user)) this_app.is_configured = True this_app.passive_save() logger.info('%s - App setup successful' % host_app) raise cherrypy.HTTPRedirect(self._redirect(host_app, app, 'success'))
for m in mon: disabled = normBool(params.get(m.name + '.disabled')) if disabled: m.disable() else: m.enable() m.share_global() self.update_distsearch(host_app, normBool(params.get('optimize_dist_search'))) logger.debug('Splunk Version = %s' % self._get_version()) if self._get_version() <= LooseVersion('4.2.2'): temp_app = bundle.getConf('app', namespace=host_app, owner='nobody') temp_app['install']['is_configured'] = 'true' else: this_app = App.get(App.build_id(host_app, host_app, user)) this_app.is_configured = True this_app.passive_save() logger.info('%s - App setup successful' % host_app) raise cherrypy.HTTPRedirect(self._redirect(host_app, app, 'success')) def get_distsearch(self, host_app): return bundle.getConf('distsearch', namespace=host_app, owner='nobody')['replicationBlacklist']['nontsyslogmappings'] def is_app_admin(self, app_name, user): ''' used to determine app administrator membership
if (cachedDataItem == None): status = "new" statusSet = True elif (fieldName not in cachedDataItem) or str( job[x] != str(cachedDataItem[fieldName])): status = "updated" statusSet = True resultItem[fieldName] = job[x] resultItem["status"] = status print "'timestamp','id','status'" for key in result: item = result[key] line = "[" + strftime("%m/%d/%Y %H:%M:%S %p %Z", localtime()) + "]," line += str(key) + "," + resultItem["status"] print line if (scriptData.debug): logger.info(line) with open(CACHE_FILEPATH, 'w+') as outfile: json.dump(result, outfile) if __name__ == '__main__': token = sys.stdin.readlines()[0] app = App.get(App.build_id('nbu_setup_app', 'nbu_setup_app', 'nobody'), sessionKey=token) if (app.is_configured): execute() else: logger.info('App not configured!')
if not statusSet: if cachedDataItem == None: status = "new" statusSet = True elif (fieldName not in cachedDataItem) or str(job[x] != str(cachedDataItem[fieldName])): status = "updated" statusSet = True resultItem[fieldName] = job[x] resultItem["status"] = status print "'timestamp','id','status'" for key in result: item = result[key] line = "[" + strftime("%m/%d/%Y %H:%M:%S %p %Z", localtime()) + "]," line += str(key) + "," + resultItem["status"] print line if scriptData.debug: logger.info(line) with open(CACHE_FILEPATH, "w+") as outfile: json.dump(result, outfile) if __name__ == "__main__": token = sys.stdin.readlines()[0] app = App.get(App.build_id("nbu_setup_app", "nbu_setup_app", "nobody"), sessionKey=token) if app.is_configured: execute() else: logger.info("App not configured!")
def submitCluster(self, config, action, **kwargs): '''add configuration for a single HDFS cluster''' app = cherrypy.request.path_info.split('/')[3] user = cherrypy.session['user']['name'] errors = [] if kwargs.get('secure', 0): #TODO: verify service principal is provided if kwargs.get('kerberos_principal') == 'add': principal = Principal( app, user, **{ 'name': kwargs.get('principal_name'), 'keytab_path': kwargs.get('principal_keytab_location') }) if principal.passive_save(): kwargs['kerberos_principal'] = kwargs.get('principal_name') else: errors += principal.errors else: if kwargs.get('kerberos_principal'): kwargs['kerberos_principal'] = '' if kwargs.get('kerberos_service_principal'): kwargs['kerberos_service_principal'] = '' id = kwargs.pop('id', None) type = kwargs.pop('type', None) if type == 'remote': kwargs['uri'] = 'hdfs://%s' % kwargs.get( 'name') if 'name' in kwargs else None elif type == 'local': kwargs['uri'] = 'file://%s' % kwargs.pop('local_mount') else: raise cherrypy.HTTPError(400, 'Expected cluster type parameter') try: cluster = Cluster.get(id) cluster.update(kwargs) # Change the owner to nobody, so that REST call will be made to /servicesNS/nobody/HadoopConnect/... # instead of /servicesNS/admin/HadoopConnect/... or /servicesNS/<owner>/HadoopConnect/... if cluster.entity and cluster.entity.owner: cluster.entity.owner = 'nobody' edit = True except: cluster = Cluster(app, user, **kwargs) edit = False # save stuff iff there were no errors while saving the principal if len(errors) == 0: logger.info("Saving cluster with args: %s " % kwargs) if cluster.passive_save(): this_app = App.get(App.build_id(app, app, user)) this_app.is_configured = True this_app.passive_save() if app_util.is_xhr(): cherrypy.response.status = 200 return "" raise cherrypy.HTTPRedirect( self.make_url(['app', app, 'config_clusters']), 303) principals = Principal.all().filter_by_app(app) principal_name = kwargs.get('principal_name', '') principal_keytab_location = kwargs.get('principal_keytab_location', '') cluster.errors += errors if app_util.is_xhr(): cherrypy.response.status = 404 return self.render_template( '/%s:/templates/add_cluster.html' % app, dict(form_content='fomasdafe', app=app, cluster=cluster, edit=edit, principals=principals, principal_name=principal_name, principal_keytab_location=principal_keytab_location, selectedTab=type))