def __validate(self, oid): """Validate and use the given id for this ObjectId. Raises TypeError if id is not an instance of (:class:`basestring` (:class:`str` or :class:`bytes` in python 3), ObjectId) and InvalidId if it is not a valid ObjectId. :Parameters: - `oid`: a valid ObjectId """ if isinstance(oid, ObjectId): self.__id = oid.__id elif isinstance(oid, string_types): if len(oid) == 12: if isinstance(oid, binary_type): self.__id = oid else: raise InvalidId("%s is not a valid ObjectId" % oid) elif len(oid) == 24: try: self.__id = bytes_from_hex(oid) except (TypeError, ValueError): raise InvalidId("%s is not a valid ObjectId" % oid) else: raise InvalidId("%s is not a valid ObjectId" % oid) else: raise TypeError( "id must be an instance of (%s, %s, ObjectId), " "not %s" % (binary_type.__name__, text_type.__name__, type(oid)))
def haproxy_clone(request, object_id): """ HAProxy view used to clone an HAProxySettings object :param request: Django request object :param object_id: MongoDB object_id of an HAProxySettings """ """ (try to) Retrieve object from id in MongoDB """ try: haproxy_model = HAProxySettings.objects.get(pk=object_id) if not haproxy_model: raise InvalidId() except InvalidId: return HttpResponseForbidden("Injection detected") except HAProxySettings.DoesNotExist: return HttpResponseRedirect('/services/haproxy/') # members = balancer.members # members_list = list() # for member in members: # member.pk=None # member.save() # members_list.append(member) haproxy_model.pk = None haproxy_model.name = 'Copy of ' + str(haproxy_model.name) # balancer.members = members_list haproxy_model.save() logger.info(haproxy_model.__dict__) return HttpResponseRedirect("/services/haproxy/")
def authenticate(self, credentials, **kwargs): urls = self.application.get_sso_urls() redis_session = kwargs['redis_session'] kerberos_repo = KerberosRepository.objects.with_id(ObjectId(self.backend_id)) if not kerberos_repo: raise InvalidId("") # Set headers kerberos_TGT = kerberos_repo.get_backend().create_tgt(self.backend_id, credentials['kerberos_username'], credentials['kerberos_password'], self.application.app_krb_service) if kerberos_TGT: logger.debug("SSOForwardKRB5::authenticate: TGT successfully created with credentials for user '{}'".format(credentials['kerberos_username'])) self.sso_client.session.headers.update({'Authorization':'Negotiate %s'%str(kerberos_TGT)}) url, response = self.sso_client.get(urls, self.application.sso_forward_follow_redirect) logger.info("SSOForwardKRB5::authenticate: URL '{}' successfully gotten with Kerberos TGT".format(url)) #### POSSIBILITY OF VERIFY CREDENTIALS => IF RESPONSE.STATUS_CODE == 401 if not self.application.sso_forward_only_login: redis_session.setKrb5Infos(credentials['kerberos_username'], self.application.app_krb_service, self.backend_id) logger.debug("SSOForwardKRB5::authenticate: Kerberos infos for user '{}' successfully written in Redis session".format(credentials['kerberos_username'])) return response
def ntp_view(request, object_id=None): """ """ # Retrieving cluster configuration cluster = Cluster.objects.get() ntp_status = {} # Object_id is defined => we are configuring a Node if object_id is not None: try: node = Node.objects.with_id(ObjectId(object_id)) if not node: raise InvalidId() except InvalidId: return HttpResponseForbidden("Injection detected.") system_settings = node.system_settings status = node.api_request("/api/services/ntp/status/") if isinstance(status, bool) and not status: # API Request returned False ntp_status[node.name] = ("ERROR", "Error on node {}.".format(node.name)) # We are configuring Cluster else: system_settings = cluster.system_settings cluster_api_status = cluster.api_request("/api/services/ntp/status/") for node in cluster.members: # If node is down, result = False node_res = (cluster_api_status.get(node.name, {}) or {}).get('result', False) if isinstance(node_res, bool) and not node_res: ntp_status[node.name] = ("ERROR", "Cannot contact node") else: ntp_status[node.name] = node_res # Instantiate form form = NTPSettingsForm(request.POST or None, instance=system_settings.ntp_settings) # form validation if request.method == 'POST' and form.is_valid(): ntp_conf = form.save(commit=False) system_settings.ntp_settings = ntp_conf # We are configuring Node if object_id: # Node will use Cluster settings if ntp_conf.cluster_based_conf: node.system_settings.ntp_settings = None node.save() else: cluster.save() return render_to_response('ntp.html', {'form': form, 'ntp_status': ntp_status, 'cluster': cluster, 'object_id': object_id}, context_instance=RequestContext(request))
def __validate(self, oid): """Validate and use the given id for this ObjectId. Raises TypeError if id is not an instance of (str, ObjectId) and InvalidId if it is not a valid ObjectId. :Parameters: - `oid`: a valid ObjectId """ if isinstance(oid, ObjectId): self.__id = oid.__id elif isinstance(oid, basestring): if len(oid) == 12: self.__id = oid elif len(oid) == 24: try: self.__id = oid.decode("hex") except TypeError: raise InvalidId("%s is not a valid ObjectId" % oid) else: raise InvalidId("%s is not a valid ObjectId" % oid) else: raise TypeError("id must be an instance of (str, ObjectId), " "not %s" % type(oid))
def store(_id, model_image_file): model = models.find_one(_id) if not model: return InvalidId() filename = model_filename(_id) model_image_file.save(filename) try: torch.load(filename) except: os.remove(filename) raise BadModelFormat if model['attack_mode'] == 'black' or \ path.exists(dataset_filename(_id)): models.set_ready(_id)
def logrotate_edit(request, object_id=None): logrotate_model = None if object_id: try: logrotate_model = LogRotateSettings.objects.get() if not logrotate_model: raise InvalidId() except InvalidId: return HttpResponseForbidden("Injection detected") form = LogRotateForm(request.POST or None, instance=logrotate_model, error_class=DivErrorList) if request.method == "POST" and form.is_valid(): logrotate_model = form.save(commit=False) logrotate_model.save() return HttpResponseRedirect('/services/logrotate/') return render(request, 'services/logrotate_edit.html', {'form': form})
def haproxy_edit(request, object_id=None): haproxy_model = None if object_id: try: haproxy_model = HAProxySettings.objects.get(pk=object_id) if not haproxy_model: raise InvalidId() except InvalidId: return HttpResponseForbidden("Injection detected") form = HAProxyForm(request.POST or None, instance=haproxy_model, error_class=DivErrorList) if request.method == "POST" and form.is_valid(): haproxy_model = form.save(commit=False) haproxy_model.save() return HttpResponseRedirect('/services/haproxy/') return render(request, 'services/haproxy_edit.html', {'form': form})
def convert_value_for_db(self, db_type, value): if db_type is None or value is None: return value db_type, db_subtype = self._split_db_type(db_type) if db_subtype is not None: if isinstance(value, (set, list, tuple)): # Sets are converted to lists here because MongoDB has no sets. return [ self.convert_value_for_db(db_subtype, subvalue) for subvalue in value ] elif isinstance(value, dict): return dict( (key, self.convert_value_for_db(db_subtype, subvalue)) for key, subvalue in value.iteritems()) if isinstance(value, (set, list, tuple)): # most likely a list of ObjectIds when doing a .delete() query return [self.convert_value_for_db(db_type, val) for val in value] if db_type == 'objectid': try: return ObjectId(value) except InvalidId: # Provide a better message for invalid IDs assert isinstance(value, unicode) if len(value) > 13: value = value[:10] + '...' msg = "AutoField (default primary key) values must be strings " \ "representing an ObjectId on MongoDB (got %r instead)" % value if self.query.model._meta.db_table == 'django_site': # Also provide some useful tips for (very common) issues # with settings.SITE_ID. msg += ". Please make sure your SITE_ID contains a valid ObjectId string." raise InvalidId(msg) # Pass values of any type not covered above as they are. # PyMongo will complain if they can't be encoded. return value
def _raise_invalid_id(oid): raise InvalidId("%r is not a valid ObjectId, it must be a 12-byte input" " of type %r or a 24-character hex string" % (oid, binary_type.__name__))
def _raise_invalid_id(oid): raise InvalidId( "%r is not a valid ObjectId, it must be a 12-byte input" " or a 24-character hex string" % oid)
def ssh_view(request, object_id = None): """ """ ssh_status = {} node_list = [] api_url = "/api/services/ssh" popup = "" # Retrieving cluster configuration cluster = Cluster.objects.get() # Object_id is defined => we are configuring a Node if object_id is not None: """ Verify if objectId id valid and exists in DB """ try: node = Node.objects.with_id(ObjectId(object_id)) if not node: raise InvalidId() except InvalidId: return HttpResponseForbidden('Injection detected') system_settings = node.system_settings node_or_cluster = node node_list.append(node) # Cluster configuration else: system_settings = cluster.system_settings node_or_cluster = cluster node_list = cluster.members # Instantiate form form = SSHSettingsForm(request.POST or None, instance=system_settings.ssh_settings) # form validation if request.method == 'POST' and form.is_valid(): ssh_conf = form.save(commit=False) node_or_cluster.system_settings.ssh_settings = ssh_conf old_enabled = False if not system_settings.ssh_settings else system_settings.ssh_settings.enabled # Save settings node_or_cluster.save() # If the admin wants to start the service if not old_enabled and ssh_conf.enabled: action_service = "start" # If he wants to stop it elif not ssh_conf.enabled: action_service = "stop" # Otherwise, restart it else: action_service = "restart" api_result = node_or_cluster.api_request("{}/{}/".format(api_url, action_service)) if isinstance(node_or_cluster, Cluster): for node in node_list: node_result = api_result.get(node.name, {}) if not node_result: popup = ("ERROR", "Error on node {}.".format(node.name)) else: popup = node_result.get('result') else: if not api_result: popup = ("ERROR", "Error on node {}.".format(node_or_cluster.name)) else: popup = api_result.get('result') # Sleep while service is stopping/starting before get its status sleep(2) # Service status part if object_id: status = node.api_request("{}/status/".format(api_url)) ssh_status[node.name] = ('ERROR', "Error on node {}.".format(node.name)) if not status else status.get('result') if node.system_settings.ssh_settings and status and status.get('result'): node.system_settings.ssh_settings.enabled = True if status.get('result', ['DOWN'])[0] == 'UP' else False node.save(bootstrap=True) else: cluster_res = cluster.api_request("{}/status/".format(api_url)) for node in cluster.members: # Keep database data up-to-date node_info = cluster_res.get(node.name) if node_info: node_ssh_state = node_info.get('result', ['ERROR', "Error on node {}.".format(node.name)]) try: ssh_status[node.name] = node_ssh_state if node.system_settings.ssh_settings: node.system_settings.ssh_settings.enabled = True if node_ssh_state[0] == 'UP' else False node.save(bootstrap=True) except AttributeError as e: logger.error("SSH::view: Error while trying to parse for node {} status : {}".format(node.name, e)) else: ssh_status[node.name] = ('ERROR', "Error on node {}.".format(node.name)) return render_to_response('ssh.html', {'form': form, 'ssh_status': ssh_status, 'popup': popup, 'cluster': cluster, 'object_id': object_id}, context_instance=RequestContext(request))
def smtp_view(request, object_id=None): """ :param request: :return: """ # Retrieving cluster configuration cluster = Cluster.objects.get() # Object_id is defined => we are configuring a Node if object_id is not None: try: node = Node.objects.with_id(ObjectId(object_id)) if not node: raise InvalidId() except InvalidId: return HttpResponseForbidden("Injection detected.") system_settings = node.system_settings # We are configuring Cluster else: system_settings = cluster.system_settings # Instantiate form form = SMTPSettingsForm(request.POST or None, instance=system_settings.smtp_settings) def perform_api_res(res, node_name): if isinstance(res, bool) and not res: return "ERROR", "Error on node {}.".format(node_name) return res.get('result') # form validation popup = "" if request.method == 'POST' and form.is_valid(): smtp_conf = form.save(commit=False) system_settings.smtp_settings = smtp_conf # We are configuring Node if object_id: # Node will use Cluster settings if smtp_conf.cluster_based_conf: node.system_settings.smtp_settings = None node.save() node_api_res = node.api_request("/api/services/smtp/restart/") popup = perform_api_res(node_api_res, node.name) else: cluster.save() cluster_api_res = cluster.api_request("/api/services/smtp/restart/") for node in cluster.members: popup = perform_api_res(cluster_api_res.get(node.name), node.name) if popup[0] == "ERROR": break smtp_status = {} if object_id: node_api_res = node.api_request("/api/services/smtp/status/") smtp_status[node.name] = perform_api_res(node_api_res, node.name) else: cluster.save() cluster_api_res = cluster.api_request("/api/services/smtp/status/") for node in cluster.members: smtp_status[node.name] = perform_api_res(cluster_api_res.get(node.name), node.name) return render_to_response('smtp.html', {'form': form, 'cluster': cluster, 'smtp_status': smtp_status, 'object_id': object_id, 'popup': popup}, context_instance=RequestContext(request))
def dns_view(request, object_id=None): """ """ # Retrieving cluster configuration cluster = Cluster.objects.get() # Object_id is defined => we are configuring a Node if object_id: try: node = Node.objects.with_id(ObjectId(object_id)) if not node: raise InvalidId() except InvalidId: return HttpResponseForbidden("Injection detected") system_settings = node.system_settings # We are configuring Cluster else: system_settings = cluster.system_settings # Instantiate form form = DNSSettingsForm(request.POST or None, instance=system_settings.dns_settings, error_class=DivErrorList) popup = "" api_url_dns = "/api/services/dns" # form validation if request.method == 'POST' and form.is_valid(): dns_conf = form.save(commit=False) system_settings.dns_settings = dns_conf # We are configuring Node if object_id: # Node will use Cluster settings if dns_conf.cluster_based_conf: node.system_settings.dns_settings = None node.save() # restart_res = node.api_request("{}/restart/".format(api_url_dns)) if not isinstance(restart_res, bool): try: popup = restart_res['result'] except: popup = ['ERROR', "Cannot retrieve service results"] elif not restart_res: popup = ["ERROR", "Cannot contact node".format(node.name)] else: popup = ["UP", "Configuration applied"] else: cluster.save() restart_cluster_res = cluster.api_request("/api/services/dns/restart/") for node in cluster.members: restart_res = restart_cluster_res.get(node.name) if not isinstance(restart_res, bool): try: popup = restart_res.get('result') except: popup = ['ERROR', "Cannot retrieve service results"] break elif not restart_res: popup = ["ERROR", "Cannot contact node ".format(node.name)] break else: popup = ["UP", "Configuration applied"] return render_to_response('dns.html', {'form': form, 'cluster': cluster, 'popup': popup, 'object_id': object_id}, context_instance=RequestContext(request))
def agent_zabbix_view(request, object_id=None): """ """ # API url of zabbix-agent status api_url_zabbix = "/api/services/zabbix" # Retrieving cluster configuration cluster = Cluster.objects.get() zabbix_status = {} nodes = [] popup = "" # Object_id is defined => we are configuring a Node if object_id: try: node_or_cluster = Node.objects.with_id(ObjectId(object_id)) if not node_or_cluster: raise InvalidId() except InvalidId: return HttpResponseForbidden("Injection detected") system_settings = node_or_cluster.system_settings nodes.append(node_or_cluster) # Instantiate form form = ZabbixAgentForm(request.POST or None, instance=system_settings.zabbix_settings, node=node_or_cluster, error_class=DivErrorList) # form validation if request.method == 'POST' and form.is_valid(): zabbix_conf = form.save(commit=False) zabbix_conf.save() old_enabled = None if system_settings.zabbix_settings: old_enabled = system_settings.zabbix_settings.enabled system_settings.zabbix_settings = zabbix_conf # We are configuring Node node_or_cluster.save() action_service = "" # If the admin wants to disable the service if not zabbix_conf.enabled: action_service = "stop" elif not old_enabled: # If the field enabled was True and is false: stop service action_service = "start" else: action_service = "restart" if action_service: result = node_or_cluster.api_request("{}/{}/".format(api_url_zabbix, action_service)) if not isinstance(result, bool): popup = result['result'] elif not result: popup = ["ERROR", "Node {} is dead.".format(node_or_cluster.name)] # Sleep while service is stopping/starting before get its status sleep(2) else: form = ZabbixAgentForm(None) node_or_cluster = cluster nodes = node_or_cluster.members # Get status of cluster or node if object_id status = node_or_cluster.api_request("{}/status/".format(api_url_zabbix)) # Keep database data up-to-date for node in nodes: if isinstance(status, bool) and not status: zabbix_status[node.name] = ("DEAD", "Cannot contact node ") continue node_info = status.get(node.name) or status if node_info: try: # If the object Zabbix of SystemSettings is not None if node.system_settings.zabbix_settings: # Retrieve api/status result and set-it into Mongo state = node_info.get('result', ["ERROR", "Cannot get api_request results"]) # And send the status to the HTML template zabbix_status[node.name] = state if node.system_settings.zabbix_settings.enabled and state[0] == "DOWN": zabbix_status[node.name] = ["DOWN", "Please check zabbix log file"] else: state = ("NOT CONFIGURED", "Please SAVE to configure node ") zabbix_status[node.name] = state except Exception as e: logger.error("Zabbix::view: Error while trying to parse zabbix status : {}".format(e)) return render_to_response('zabbix_agent.html', {'form': form, 'zabbix_status': zabbix_status, 'cluster': cluster, 'object_id': object_id, 'popup': popup}, context_instance=RequestContext(request))