def user():
"""
update user info
:return: respond model
"""
request_model = RequestModel(request)
user_info_form = request_model.data.get('user_info')
jwt = request_model.token
user_info_jwt = decode_jwt(jwt)['user_info']
respond_model = RespondModel()
save_user_info = False
if (user_info_form and user_info_form['name']
== user_info_jwt['name']) or 'admin' in user_info_jwt['roles']:
if not user_info_form.get('password') or user_info_form.get(
'password') == '':
user_info_form['password'] = get_password_from_db(user_info_form)
save_user_info = user_service.update(user_info_form)
else:
save_user_info = update_password(user_info_form)
respond_model.message = 'success'
if save_user_info:
respond_model.token = generate_jwt(user_info_form)
return respond_model
respond_model.message = 'error'
return respond_model
def set_node():
"""
set current node info
"""
request_model = RequestModel(request)
respond_model = RespondModel()
set_node_info(request_model.data)
return respond_model
def cluster_run_scan():
"""
heart beat check
"""
request_model = RequestModel(request)
data = request_model.data
respond_model = RespondModel()
respond_model.data = run_scan_from_master(data.get('plugin_name'), data.get('user_setting'), data.get('query'))
return respond_model
def delete_plugin():
"""
delete plugin
:return:
"""
request_model = RequestModel(request)
respond_model = RespondModel()
delete_plugin_if_exist(request_model.data.get('name'))
return respond_model
def test_canvas():
"""
test canvas setting
:return: respond_model
"""
request_model = RequestModel(request)
user = request_model.data.get('user_info')
respond_model = RespondModel()
respond_model.data = check_canvas_setting(user)
return respond_model
def get_plugin_version_info():
"""
get all plugin version from github
:return:
"""
respond_model = RespondModel()
request_model = RequestModel(request)
respond_model.data = get_plugin_version_from_github(
request_model.data.get('github'))
return respond_model
def sign_up():
"""
user sign up
:return:
"""
request_model = RequestModel(request)
respond_model = RespondModel()
respond_model.data = user_service.user_sign_up(request_model.data.get('user_info'))
respond_model.code = 20000
return respond_model.dump_json()
def fun_dec(*args, **kwargs):
request_model = RequestModel(request)
user_info = decode_jwt(request_model.token)['user_info']
if self.roles in user_info.get('roles'):
respond_model = api_function(*args, **kwargs)
return respond_model
else:
respond_model = RespondModel()
respond_model.message = 'authorization error'
return respond_model
def del_settings():
"""
del libraries settings by user
:return: respond_model
"""
request_model = RequestModel(request)
jwt = request_model.token
user_info_jwt = decode_jwt(jwt)['user_info']
respond_model = RespondModel()
del_libraries_settings(user_info_jwt['name'], request_model.data)
return respond_model
def detail():
"""
return all libraries settings detail
:return: respond_model
"""
request_model = RequestModel(request)
jwt = request_model.token
user_info_jwt = decode_jwt(jwt)['user_info']
respond_model = RespondModel()
respond_model.data = libraries_detail(user_info_jwt['name'], request_model.data.get('libraries'))
return respond_model
def save_setting():
"""
save setting
:return: respond model
"""
request_model = RequestModel(request)
respond_model = RespondModel()
jwt = request_model.token
user_info_jwt = decode_jwt(jwt)['user_info']
save_user_setting(user_info_jwt.get('name'), request_model.data)
return respond_model
def install_new_plugin():
"""
install new plugin
:return:
"""
request_model = RequestModel(request)
respond_model = RespondModel()
respond_model.data = install_plugin(request_model.data.get('github'))
# install plugin requirements
install_plugin_require()
return respond_model
def manual_scan():
"""
manual scan
:return: respond model with metaDate
"""
respond_model = RespondModel()
request_model = RequestModel(request)
jwt = request_model.token
user_info_jwt = decode_jwt(jwt)['user_info']
meta_data_list = run_manual_scan(request_model.data, user_info_jwt)
respond_model.data = meta_data_list
return respond_model
def install_by_version():
"""
install plugin by version
:return:
"""
request_model = RequestModel(request)
respond_model = RespondModel()
respond_model.data = install_plugin_version(
request_model.data.get('github'), request_model.data.get('version'))
# install plugin requirements
install_plugin_require()
return respond_model
def user_info():
"""
get user info
:return: respond model
"""
request_model = RequestModel(request)
jwt = request_model.token
user_info_jwt = decode_jwt(jwt)['user_info']
respond_model = RespondModel()
respond_model.message = 'success'
respond_model.data = user_info_jwt
return respond_model
def fun_dec(*args, **kwargs):
request_model = RequestModel(request)
user_info = user_service.get_user_by_token(
request_model.data.get('token'))
plugin_respond = PluginRespond()
if user_info is not None:
# user info correct
plugin_respond = api_function(*args, **kwargs)
return plugin_respond.dump_json(), 200
else:
plugin_respond.state = False
return plugin_respond.dump_json(), 401
def fun_dec(*args, **kwargs):
request_model = RequestModel(request)
if validate_master(request_model.data.get("token")):
respond_model = api_function(*args, **kwargs)
respond_model.code = 20000
respond_model.message = 'success'
return respond_model.dump_json(), 200
else:
respond_model = RespondModel()
respond_model.message = 'authorization error'
respond_model.code = 50012
return respond_model.dump_json(), 403
def user_info():
"""
get user info
:return: respond model
"""
request_model = RequestModel(request)
jwt = request_model.token
user_info_jwt = decode_jwt(jwt)['user_info']
respond_model = RespondModel()
respond_model.message = 'success'
if 'admin' in user_info_jwt.get('roles'):
user_info_jwt['roles'] = 'admin,' + get_all_plugin_name()
respond_model.data = user_info_jwt
return respond_model
def scan():
"""
scan
:return: respond model with metaDate
"""
plugin_respond = PluginRespond()
request_model = RequestModel(request)
meta_data_list = run_scan(request_model.data)
if meta_data_list and len(meta_data_list) > 0:
plugin_respond.state = True
plugin_respond.meta_data = meta_data_list
else:
plugin_respond.state = False
return plugin_respond
def plugin_authorization(plugin_name):
"""
check if user have authority to access the plugin that they want to access
:param plugin_name: the plugin name which user want to access
:return: Boolean
"""
request_model = RequestModel(request)
roles = decode_jwt(request_model.token)['user_info'].get('roles')
if 'admin' in roles:
roles = 'admin,' + get_all_plugin_name()
if plugin_name in roles:
return True
else:
return False
def save_setting(plugin_name):
"""
save user plugin setting
:param plugin_name: plugin name
:return: respond_model
"""
respond_model = RespondModel()
request_model = RequestModel(request)
jwt = request_model.token
user_info_jwt = decode_jwt(jwt)['user_info']
if not plugin_authorization(plugin_name):
respond_model.message = 'authorization error'
return respond_model
save_plugin_setting(plugin_name, request_model.data, user_info_jwt)
return respond_model
def login():
"""
user login
:return: respond model with jwt token in headers
"""
request_model = RequestModel(request)
user_info_db = user_service.login(request_model.data.get('user_info'))
respond_model = RespondModel()
if user_info_db is not None:
respond_model.token = generate_jwt(user_info_db)
respond_model.message = 'login success'
respond_model.code = 20000
else:
respond_model.message = 'username or password wrong!'
return respond_model.dump_json()
def save_token():
"""
save plugin token
:return:
"""
request_model = RequestModel(request)
jwt = request_model.token
user_info_jwt = decode_jwt(jwt)['user_info']
respond_model = RespondModel()
respond_model.message = 'success'
token = generate_token(user_info_jwt)
respond_model.data['token'] = token
user_info_jwt['token'] = token
respond_model.token = generate_jwt(user_info_jwt)
return respond_model
def get_setting():
"""
get setting
:return: respond model
"""
request_model = RequestModel(request)
respond_model = RespondModel()
jwt = request_model.token
user_info_jwt = decode_jwt(jwt)['user_info']
setting = get_setting_by_username(user_info_jwt.get('name'))
if setting:
respond_model.data = setting.get('setting')
else:
respond_model.data = {}
return respond_model
def fun_dec(*args, **kwargs):
request_model = RequestModel(request)
if request_model.token and verify_jwt(request_model.token):
respond_model = api_function(*args, **kwargs)
if not respond_model.token:
respond_model.token = renew_jwt(request_model.token)
if respond_model.message == 'authorization error':
respond_model.code = 50012
return respond_model.dump_json(), 403
respond_model.code = 20000
respond_model.message = 'success'
return respond_model.dump_json(), 200
else:
respond_model = RespondModel()
respond_model.message = 'authentication error, please login'
respond_model.code = 50012
return respond_model.dump_json(), 401
def plugin_setting(lang, plugin_name):
"""
get plugin setting form and user plugin setting
:param lang: language for i18n
:param plugin_name: plugin name
:return: respond_model
"""
respond_model = RespondModel()
request_model = RequestModel(request)
jwt = request_model.token
user_info_jwt = decode_jwt(jwt)['user_info']
if not plugin_authorization(plugin_name):
respond_model.message = 'authorization error'
return respond_model
data = {
'form': get_plugin_setting(plugin_name, lang),
'userSetting': get_user_plugin_setting(plugin_name, user_info_jwt)
}
respond_model.data = data
return respond_model