def json(self): """Return json representation. :return: json string {"id":.., "name":.., "desc":.., "service":.., "catalog":.., "uri":..,"enabled":..} """ if self.creation is not None: creation = str2uni(self.creation.strftime('%d-%m-%y %H:%M:%S')) else: creation = None if self.modified is not None: modified = str2uni(self.modified.strftime('%d-%m-%y %H:%M:%S')) else: modified = None msg = { 'id': self.id, 'name': self.name, 'desc': self.desc, 'service': self.service, 'date': { 'creation': creation, 'modified': modified }, 'catalog': self.catalog_id, 'uri': self.uri, 'enabled': self.enabled } return json.dumps(msg)
def dict(self): """Return dict representation. :return: dict {'id':.., 'name':.., 'desc':.., 'service':.., catalog':.., 'uri':.., 'enabled':..} """ if self.creation is not None: creation = str2uni(self.creation.strftime('%d-%m-%y %H:%M:%S')) else: creation = None if self.modified is not None: modified = str2uni(self.modified.strftime('%d-%m-%y %H:%M:%S')) else: modified = None msg = { 'id': self.id, 'name': self.name, 'desc': self.desc, 'service': self.service, 'date': { 'creation': creation, 'modified': modified }, 'catalog': self.catalog_id, 'uri': self.uri, 'enabled': self.enabled } return msg
def __convert_timestamp(self, timestamp): """ """ if isinstance(timestamp, float): timestamp = datetime.fromtimestamp(timestamp) return str2uni(timestamp.strftime('%d-%m-%Y %H:%M:%S.%f')) return ''
def validate_login_params(self, name, domain, password, login_ip): """Validate main login params. :param name: user name :param domain: user authentication domain :param password: user password :param login_ip: user login_ip :raise ApiManagerError: """ if domain is None: domain = u'local' # set user in thread local variable operation.user = (u'%s@%s' % (name, domain), login_ip, None) # Validate input data and login user try: if name.strip() == u'': msg = u'Username is not provided or syntax is wrong' self.logger.error(msg) raise ApiManagerError(msg, code=400) if password.strip() == u'': msg = u'Password is not provided or syntax is wrong' self.logger.error(msg) raise ApiManagerError(msg, code=400) if domain.strip() == u'': msg = u'Domain is not provided or syntax is wrong' self.logger.error(msg) raise ApiManagerError(msg, code=400) try: login_ip = gethostbyname(login_ip) IPv4Address(str2uni(login_ip)) except Exception as ex: msg = u'Ip address is not provided or syntax is wrong' self.logger.error(msg, exc_info=1) raise ApiManagerError(msg, code=400) self.logger.debug(u'User %s@%s:%s validated' % (name, domain, login_ip)) except ApiManagerError as ex: raise ApiManagerError(ex.value, code=ex.code)
def update_data(pipe): # get data from redis val = pipe.get(_prefix + task_id) if val is not None: result = json.loads(val) if result.get(u'status') != u'FAILURE': result.update(data) else: result.update({u'stop_time':stop_time}) else: result = { u'name':name, u'type':inner_type, u'task_id':task_id, u'worker':hostname, u'args':args, u'kwargs':kwargs, u'status':status, u'result':retval, u'traceback':traceback, u'start_time':start_time, u'stop_time':stop_time, u'children':childs, u'jobs':jobs, u'trace':[]} # update task trace if msg is not None: _timestamp = str2uni(datetime.today().strftime(u'%d-%m-%y %H:%M:%S-%f')) result[u'trace'].append((_timestamp, msg)) # serialize data val = json.dumps(result) # save data in redis pipe.setex(_prefix + task_id, _expire, val)
def convert_timestamp(self, timestamp): """ """ timestamp = datetime.fromtimestamp(timestamp) return str2uni(timestamp.strftime(u'%d-%m-%Y %H:%M:%S.%f'))
def simple_http_login(self, name, domain, password, login_ip): """Simple http authentication login :param name: user name :param domain: user authentication domain :param password: user password :param login_ip: user login_ip :return: True :raises ApiManagerError: raise :class:`ApiManagerError` """ user_name = '%s@%s' % (name, domain) # validate input params try: self.validate_login_params(name, domain, password, login_ip) except ApiManagerError as ex: raise # check user try: dbuser, dbuser_attribs = self.check_login_user( name, domain, password, login_ip) except ApiManagerError as ex: raise # check user has authentication filter auth_filters = dbuser_attribs.get('auth-filters', ('', None))[0].split(',') if 'simplehttp' not in auth_filters: msg = 'Simple http authentication is not allowed for user %s' % user_name self.logger.error(msg) raise ApiManagerError(msg, code=401) # check user ip is in allowed cidr auth_cidrs = dbuser_attribs.get('auth-cidrs', '')[0].split(',') allowed = False for auth_cidr in auth_cidrs: allowed_cidr = IPv4Network(str2uni(auth_cidr)) user_ip = IPv4Network('%s/32' % login_ip) if user_ip.overlaps(allowed_cidr) is True: allowed = True break if allowed is False: msg = 'User %s ip %s can not perform simple http authentication' % ( user_name, login_ip) self.logger.error(msg) raise ApiManagerError(msg, code=401) # login user try: user, attrib = self.base_login(self.get_login_email(dbuser), domain, password, login_ip, dbuser, dbuser_attribs) except ApiManagerError as ex: raise res = { 'uid': id_gen(20), 'type': 'simplehttp', 'user': user.get_dict(), 'timestamp': datetime.now().strftime('%y-%m-%d-%H-%M') } return res
def __str__(self): creation = str2uni(self.creation.strftime("%d-%m-%y %H:%M:%S")) res = "<Event id=%s, type=%s, creation=%s, data='%s', source='%s',\ dest='%s'>" % (self.id, self.type, creation, self.data, self.source, self.dest) return res
def simple_http_login(self, name, domain, password, login_ip): """Simple http authentication login :param name: user name :param domain: user authentication domain :param password: user password :param login_ip: user login_ip :return: True :raise ApiManagerError: """ opts = { u'name':name, u'domain':domain, u'password':u'xxxxxxx', u'login_ip':login_ip } user_name = u'%s@%s' % (name, domain) # validate input params try: self.validate_login_params(name, domain, password, login_ip) except ApiManagerError as ex: #User(self).send_event(u'simplehttp.login.insert', params=opts, # exception=ex) raise # check user try: dbuser, dbuser_attribs = self.check_login_user(name, domain, password, login_ip) except ApiManagerError as ex: #User(self).send_event(u'simplehttp.login.insert', params=opts, # exception=ex) raise # check user has authentication filter auth_filters = dbuser_attribs.get(u'auth-filters', (u'', None))[0].split(u',') if u'simplehttp' not in auth_filters: msg = u'Simple http authentication is not allowed for user %s' % \ user_name #User(self).send_event(u'simplehttp.login.insert', params=opts, # exception=msg) self.logger.error(msg) raise ApiManagerError(msg, code=401) # check user ip is in allowed cidr auth_cidrs = dbuser_attribs.get(u'auth-cidrs', u'')[0].split(u',') allowed = False for auth_cidr in auth_cidrs: allowed_cidr = IPv4Network(str2uni(auth_cidr)) user_ip = IPv4Network(u'%s/32' % login_ip) if user_ip.overlaps(allowed_cidr) is True: allowed = True break if allowed is False: msg = u'User %s ip %s can not perform simple http authentication' % \ (user_name, login_ip) #User(self).send_event(u'simplehttp.login.insert', params=opts, # exception=msg) self.logger.error(msg) raise ApiManagerError(msg, code=401) # login user try: user, attrib = self.base_login(name, domain, password, login_ip, dbuser, dbuser_attribs) except ApiManagerError as ex: #User(self).send_event(u'simplehttp.login.insert', params=opts, # exception=ex) raise res = {u'uid':id_gen(20), u'type':u'simplehttp', u'user':user.get_dict(), u'timestamp':datetime.now().strftime(u'%y-%m-%d-%H-%M')} #User(self).send_event(u'simplehttp.login.insert', params=opts) return res
def __str__(self): creation = str2uni(self.creation.strftime('%d-%m-%y %H:%M:%S')) res = '<Event id=%s, type=%s, creation=%s, data=%s, source=%s, dest=%s>' % \ (self.id, self.type, creation, self.data, self.source, self.dest) return res
def cdate(self, date): """ """ temp = datetime.fromtimestamp(date) return str2uni(temp.strftime(u'%d-%m-%y %H:%M:%S'))
def get_events(self, oid=None, etype=None, data=None, source=None, dest=None, datefrom=None, dateto=None, page=0, size=10, objid=None, objdef=None, objtype=None): """Get events. :param oid str: event oid [optional] :param etype str: list of event type [optional] :param data str: event data [optional] :param source str: event source [optional] :param dest str: event destinatiaion [optional] :param datefrom: event data from. Ex. '2015-3-9-15-23-56' [optional] :param dateto: event data to. Ex. '2015-3-9-15-23-56' [optional] :param page: event list page to show [default=0] :param size: number of event to show in list per page [default=0] :param objid str: entity id [optional] :param objtype str: entity type [optional] :param objdef str: entity definition [optional] :return: List of events (id, type, objid, creation, data, source, dest) :rtype: list of tuple :raises ApiManagerError: raise :class:`ApiManagerError` """ # verify permissions if etype is not None: objs = self.can(u'view', u'event', definition=etype) else: objs = self.can(u'view', u'event') # add ApiViewResponse objects definition statically #objs[ApiViewResponse.objdef] = [u'*'] try: count, events = self.event_manager.gets(oid=oid, etype=etype, data=data, source=source, dest=dest, datefrom=datefrom, dateto=dateto, page=page, size=size, objid=objid, objdef=objdef, objtype=objtype) except QueryError as ex: self.logger.error(ex, exc_info=1) raise ApiManagerError(ex) try: res = {u'events':[], u'count':size, u'page':page, u'total':count} for i in events: objdef = i.objdef.lower() if objdef not in objs: continue # check authorization objset = set(objs[objdef]) creation = str2uni(i.creation.strftime(u'%d-%m-%Y %H:%M:%S.%f')) data = None try: data = json.loads(i.data) except Exception as ex: self.logger.warn(u'Can not parse event %s data' % i.id, exc_info=1) obj = {u'id':i.id, u'event_id':i.event_id, u'type':i.type, u'objid':i.objid, u'objdef':i.objdef, u'objtype':i.objtype, u'date':creation, u'data':data, u'source':json.loads(i.source), u'dest':json.loads(i.dest)} # create needs needs = self.get_needs(i.objid.split(u'//')) # check if needs overlaps perms if self.has_needs(needs, objset) is True: res[u'events'].append(obj) self.logger.debug(u'Get events: %s' % truncate(res)) return res except QueryError as ex: self.logger.error(ex) raise ApiManagerError(ex)
def update_data(): # get data from redis # key = '%s%s' % (_prefix, task_id) # get data from redis result = TaskResult.get_from_redis_with_retry(task_id) # try: # val = _redis.get(key) # except: # logger.warn('', exc_info=1) # val = None if result is not None: # result = json.loads(val) if result.get('status') != 'FAILURE': result.update(data) else: result.update({'stop_time': stop_time}) # check job already present in task jobs list val_jobs = result.get('jobs', []) if val_jobs is None: result['jobs'] = [] val_jobs = [] if jobs is not None: for job in jobs: if job not in val_jobs: result['jobs'].append(job) else: result = { 'name': name, 'type': inner_type, 'task_id': task_id, 'worker': hostname, 'args': args, 'kwargs': kwargs, 'status': status, 'result': retval, 'traceback': traceback, 'start_time': time(), # 'start_time': start_time, 'stop_time': stop_time, 'children': childs, 'jobs': jobs, 'counter': 0, 'trace': [] } # update task trace if msg is not None: # msg1 = '(%s) %s' % (task_id, msg) msg1 = msg if failure is True: msg1 = 'ERROR %s' % msg1 else: msg1 = 'DEBUG %s' % msg1 _timestamp = str2uni( datetime.today().strftime('%d-%m-%y %H:%M:%S-%f')) result['trace'].append((_timestamp, msg1)) # save data val = TaskResult.set_to_redis_with_retry(task_id, result) return val