def fromRawObject(obj): if obj.get("jsonrpc") != "2.0": raise JsonRpcInvalidRequestError("wrong protocol version", obj) method = obj.get("method") if method is None: raise JsonRpcInvalidRequestError("missing method header", obj) reqId = obj.get("id") # when sending notifications id is not provided params = obj.get('params', []) if not isinstance(params, (list, dict)): raise JsonRpcInvalidRequestError("wrong params type", obj) return JsonRpcRequest(method, protect_passwords(params), reqId)
def iscsiDiscoverSendTargets(self, con, options=None): con = protect_passwords(con) iscsiConn = API.ISCSIConnection(con['connection'], con['port'], con['user'], con['password']) return iscsiConn.discoverSendTargets()
def poolDisconnectStorageServer(self, domType, spUUID, conList, options=None): conList = protect_passwords(conList) pool = API.StoragePool(spUUID) return pool.disconnectStorageServer(domType, conList)
def vmUpdateDevice(self, vmId, params): params = protect_passwords(params) vm = API.VM(vmId) return vm.updateDevice(params)
def registerSecrets(self, secrets, clear=False): secrets = protect_passwords(secrets) api = API.Global() return api.registerSecrets(secrets, clear=clear)
def wrapper(*args, **kwargs): try: logLevel = logging.DEBUG suppress_logging = f.__name__ in ('getAllVmStats',) # TODO: This password protection code is fragile and ugly. Password # protection should be done in the wrapped methods, and logging # shold be done in the next layers, similar to storage logs. displayArgs = args if f.__name__ == 'vmDesktopLogin': if 'password' in kwargs: raise TypeError("Got an unexpected keyword argument: " "'password'") if len(args) > 3: displayArgs = args[:3] + ('****',) + args[4:] elif f.__name__ == 'getExternalVMs': if len(args) >= 3: displayArgs = args[:2] + ('****',) + args[3:] elif f.__name__ == 'getExternalVMNames': if len(args) == 3: displayArgs = args[:2] + ('****',) elif f.__name__ == 'convertExternalVm': if len(args) > 3: displayArgs = args[:2] + ('****',) + args[3:] elif f.__name__ == 'registerSecrets': secrets = protect_passwords(utils.picklecopy(args[0])) displayArgs = (secrets,) + args[1:] elif f.__name__ == 'vmUpdateDevice': if len(args) >= 2 and args[1].get( 'deviceType', '') == 'graphics': params = protect_passwords(utils.picklecopy(args[1])) displayArgs = (args[0],) + (params,) + args[2:] # Logging current call logStr = 'client [%s]::call %s with %s %s' % \ (getattr(f.__self__.cif.threadLocal, 'client', ''), f.__name__, displayArgs, kwargs) # if flowID exists if getattr(f.__self__.cif.threadLocal, 'flowID', None) is not None: logStr += " flowID [%s]" % f.__self__.cif.threadLocal.flowID # Ready to show the log into vdsm.log f.__self__.log.log(logLevel, logStr) if f.__self__.cif.ready: res = f(*args, **kwargs) else: res = errCode['recovery'] log_res = "(suppressed)" if suppress_logging else res f.__self__.cif.log.log(logLevel, 'return %s with %s', f.__name__, log_res) return res except libvirt.libvirtError as e: f.__self__.cif.log.error("libvirt error", exc_info=True) if e.get_error_code() == libvirt.VIR_ERR_NO_DOMAIN: return errCode['noVM'] else: return errCode['unexpected'] except VdsmException as e: f.__self__.cif.log.error("vdsm exception occured", exc_info=True) return e.response() except: f.__self__.cif.log.error("unexpected error", exc_info=True) return errCode['unexpected']
def __init__(self, method, params=(), reqId=None): self.method = method self.params = protect_passwords(params) self.id = reqId
def test_protect_dict(self): unprotected = dict_unprotedted() protected = dict_protected() self.assertEqual(protected, protect_passwords(unprotected))
def test_protect_nested_dicts(self): unprotected = nested_dicts_unprotected() protected = nested_dicts_protected() self.assertEqual(protected, protect_passwords(unprotected))
def test_protect_empty(self, params): self.assertEqual(params, protect_passwords(params))
def test_protect_lists_of_dicts(self): unprotected = lists_of_dicts_unprotected() protected = lists_of_dicts_protected() self.assertEqual(protected, protect_passwords(unprotected))