def PUT(self, request, tenantId): try: info = InfoManager.InfoManager().get_information(tenantId) self.set_info(info) info2 = self.info.parse(request.body) if info2 != None: t = InfoManager.InfoManager().updateWindowSize(tenantId, info2.windowsize) logger.debug("Window size updated for tenant: %s", tenantId) return HttpResponse(json.dumps({"windowsize": info2.windowsize}, indent=4)) else: return HttpResponseBadRequest(json.dumps({"badRequest": {"code": 400, "message": "windowsize could not be parsed"}}, indent=4)) except ObjectDoesNotExist as err: t = TenantInfo(tenantId=tenantId, windowsize=5) t.save() info = InfoManager.InfoManager().get_information(tenantId) self.set_info(info) info2 = self.info.parse(request.body) t = InfoManager.InfoManager().updateWindowSize(tenantId, info2.windowsize) return HttpResponse(json.dumps({"windowsize": info2.windowsize}, indent=4)) except ValidationError as ex: return HttpResponse(json.dumps({"badRequest": {"code": 400, "message": ex.messages[0]}}, indent=4), status=400) except ValueError as ex: return HttpResponse(json.dumps({"badRequest": {"code": 400, "message": ex.message}}, indent=4), status=400)
def PUT(self, request, tenantId, serverId, ruleId): try: rule = RuleManager.RuleManager().update_specific_rule(tenantId, serverId, ruleId, request.body) logger.debug("Rule updated: %s", ruleId) return HttpResponse(json.dumps(vars(rule), indent=4)) except ValueError as err: return HttpResponseBadRequest(json.dumps({"badRequest": {"code": 400, "message": str(err)}}, indent=4)) except ValidationError as err: return HttpResponseBadRequest(json.dumps({"badRequest": {"code": 400, "message": str(err)}}, indent=4)) except KeyError as err: return HttpResponseBadRequest(json.dumps({"badRequest": {"code": 400, "message": str(err)}}, indent=4)) except AttributeError as err: return HttpResponseBadRequest(json.dumps({"badRequest": {"code": 400, "message": str(err)}}, indent=4)) except TypeError as err: return HttpResponseBadRequest(json.dumps({"badRequest": {"code": 400, "message": str(err)}}, indent=4)) except ObjectDoesNotExist as err: return HttpResponse(json.dumps({"itemNotFound": {"code": 404, "message": str(err)}}, indent=4), status=404) except Exception as err: return HttpResponseServerError(json.dumps({"serverFault": {"code": 500, "message": str(err)}}, indent=4))
def DELETE(self, request, tenantId, ruleId): try: RuleManager.RuleManager().delete_rule(ruleId) logger.debug("Rule deleted: %s", ruleId) return HttpResponse() except Exception as err: return HttpResponseServerError(json.dumps({"serverFault": {"code": 500, "message": str(err)}}, indent=4))
def DELETE(self, request, tenantId, serverId, ruleId): try: RuleManager.RuleManager().delete_specific_rule(tenantId, serverId, ruleId) logger.debug("Rule deleted: %s", ruleId) return HttpResponse() except ObjectDoesNotExist as err: return HttpResponse(json.dumps({"itemNotFound": {"code": 404, "message": str(err)}}, indent=4), status=404) except Exception as err: return HttpResponseServerError(json.dumps({"serverFault": {"code": 500, "message": str(err)}}, indent=4))
def POST(self, request, tenantId): try: rule = RuleManager.RuleManager().create_general_rule(tenantId, request.body) logger.debug("Rule created: %s", rule.ruleId) return HttpResponse(json.dumps(vars(rule), indent=4)) except ValueError as err: return HttpResponseBadRequest(json.dumps({"badRequest": {"code": 400, "message": str(err)}}, indent=4)) except Exception as err: return HttpResponseServerError(json.dumps({"serverFault": {"code": 500, "message": str(err)}}, indent=4))
def DELETE(self, request, tenantId, serverId, subscriptionId): try: ruleManager = RuleManager.RuleManager() ruleManager.orionClient = orion_client.orion_client() ruleManager.unsubscribe_to_rule(serverId, subscriptionId) logger.debug("Subscription deleted %s for server: %s", subscriptionId, serverId) return HttpResponse() except ObjectDoesNotExist as err: return HttpResponse(json.dumps({"itemNotFound": {"code": 404, "message": str(err)}}, indent=4), status=404) except Exception as err: return HttpResponseServerError(json.dumps({"serverFault": {"code": 500, "message": str(err)}}, indent=4))
def POST(self, request, tenantId, serverId): try: ruleManager = RuleManager.RuleManager() ruleManager.orionClient = orion_client.orion_client() subscriptionId = ruleManager.subscribe_to_rule(tenantId, serverId, request.body) logger.debug("Subscrition created %s for server: %s", subscriptionId, serverId) return HttpResponse(json.dumps({"serverId": serverId, "subscriptionId": str(subscriptionId)}, indent=4)) except ObjectDoesNotExist as err: return HttpResponse(json.dumps({"itemNotFound": {"code": 404, "message": str(err)}}, indent=4), status=404) except Conflict as err: return HttpResponse(json.dumps({"conflict": {"code": 409, "message": err.message}}, indent=4), status=409) except ValidationError as err: return HttpResponseBadRequest(json.dumps({"badRequest": {"code": 400, "message": err.messages[0]}}, indent=4)) except Exception as err: return HttpResponseServerError(json.dumps({"serverFault": {"code": 500, "message": str(err)}}, indent=4))
def checkToken(self, admin_token, token, tenant_id, url, auth_api): """checks if a token is valid against a url using an admin token.""" logger.debug("Starting Authentication of token %s ", token) try: if not token: raise Unauthorized("Token is empty") auth_result = self.get_info_token(url, admin_token, token, auth_api) if auth_result: if tenant_id == auth_result.tenant["id"]: logger.debug('The token is valid') else: logger.error("TenantId %s ", tenant_id) logger.error("Token TenantId %s ", auth_result.tenant["id"]) raise Unauthorized("Token is not valid for specified tenant %s" % tenant_id) except Unauthorized as unauth: logger.error(unauth) raise unauth except InternalServerError as internalError: raise AuthorizationFailure("Token could not have enough permissions to access tenant: %s" % tenant_id) except Exception as ex: raise ex
def POST(self, request, tenantId, serverId): try: rule = RuleManager.RuleManager().create_specific_rule(tenantId, serverId, request.body) logger.debug("Rule created: %s", rule.ruleId) return HttpResponse(json.dumps({"serverId": serverId, "ruleId": rule.ruleId}, indent=4)) except ValueError as err: return HttpResponseBadRequest(json.dumps({"badRequest": {"code": 400, "message": str(err)}}, indent=4)) except ValidationError as err: return HttpResponseBadRequest(json.dumps({"badRequest": {"code": 400, "message": str(err)}}, indent=4)) except KeyError as err: return HttpResponseBadRequest(json.dumps({"badRequest": {"code": 400, "message": str(err)}}, indent=4)) except AttributeError as err: return HttpResponseBadRequest(json.dumps({"badRequest": {"code": 400, "message": str(err)}}, indent=4)) except TypeError as err: return HttpResponseBadRequest(json.dumps({"badRequest": {"code": 400, "message": str(err)}}, indent=4)) except Exception as err: return HttpResponseServerError(json.dumps({"serverFault": {"code": 500, "message": str(err)}}, indent=4))
def get_auth_token(self, username, password, tenant_id, **kwargs): """ Init the variables related to authorization, needed to execute tests :return: The auth token retrieved """ if self.auth_token is None: cred_kwargs = { 'auth_url': self.identity_url, 'username': username, 'password': password } # Currently, both v2 and v3 Identity API versions are supported if self.api_version == AUTH_API_V2: cred_kwargs['tenant_name'] = kwargs.get('tenant_name') elif self.api_version == AUTH_API_V3: cred_kwargs['user_domain_name'] = kwargs.get( 'user_domain_name') # Instantiate a Password object try: identity_package = 'keystoneclient.auth.identity.%s' % self.api_version.replace( '.0', '') identity_module = __import__(identity_package, fromlist=['Password']) password_class = getattr(identity_module, 'Password') logger.debug("Authentication with %s", password_class) credentials = password_class(**cred_kwargs) except (ImportError, AttributeError) as e: raise e # Get auth token logger.debug("Getting auth token for tenant %s...", tenant_id) try: auth_sess = self.session.Session( auth=credentials, timeout=DEFAULT_REQUEST_TIMEOUT) self.auth_token = auth_sess.get_token() logger.debug("Admin token generated: %s", self.auth_token) except Exception as e: logger.error("No auth token (%s)", e.message) raise (e) return self.auth_token
def get_auth_token(self, username, password, tenant_id, auth_api, url, **kwargs): """ Init the variables related to authorization, needed to execute tests :return: The auth token retrieved """ cred_kwargs = { 'auth_url': url, 'username': username, 'password': password } # Currently, both v2 and v3 Identity API versions are supported if auth_api == AUTH_API_V2: cred_kwargs['tenant_name'] = kwargs.get('tenant_name') elif auth_api == AUTH_API_V3: cred_kwargs['user_domain_name'] = kwargs.get('user_domain_name') # Instantiate a Password object try: identity_package = 'keystoneclient.auth.identity.%s' % auth_api.replace('.0', '') identity_module = __import__(identity_package, fromlist=['Password']) password_class = getattr(identity_module, 'Password') logger.debug("Authentication with %s", password_class) credentials = password_class(**cred_kwargs) except (ImportError, AttributeError) as e: raise e # Get auth token logger.debug("Getting auth token for tenant %s...", tenant_id) try: auth_sess = self.session.Session(auth=credentials, timeout=DEFAULT_REQUEST_TIMEOUT) auth_token = auth_sess.get_token() logger.debug("Admin token generated:" + auth_token) except (KeystoneClientException, KeystoneConnectionRefused) as e: logger.error("No auth token (%s)", e.message) raise(e) return auth_token
def get_auth_token(self, username, password, tenant_id, **kwargs): """ Init the variables related to authorization, needed to execute tests :return: The auth token retrieved """ if self.auth_token is None: cred_kwargs = {"auth_url": self.identity_url, "username": username, "password": password} # Currently, both v2 and v3 Identity API versions are supported if self.api_version == AUTH_API_V2: cred_kwargs["tenant_name"] = kwargs.get("tenant_name") elif self.api_version == AUTH_API_V3: cred_kwargs["user_domain_name"] = kwargs.get("user_domain_name") # Instantiate a Password object try: identity_package = "keystoneclient.auth.identity.%s" % self.api_version.replace(".0", "") identity_module = __import__(identity_package, fromlist=["Password"]) password_class = getattr(identity_module, "Password") logger.debug("Authentication with %s", password_class) credentials = password_class(**cred_kwargs) except (ImportError, AttributeError) as e: raise e # Get auth token logger.debug("Getting auth token for tenant %s...", tenant_id) try: auth_sess = self.session.Session(auth=credentials, timeout=DEFAULT_REQUEST_TIMEOUT) self.auth_token = auth_sess.get_token() logger.debug("Admin token generated: %s", self.auth_token) except Exception as e: logger.error("No auth token (%s)", e.message) raise (e) return self.auth_token
def checkToken(self, admin_token, token, tenant_id): """checks if a token is valid against a url using an admin token.""" token_db = None try: if not token: raise Unauthorized("Token is empty") logger.debug("Starting Authentication of token %s ", token) try: token_db = self.get_token_from_memory(token) if self.api_version == AUTH_API_V2: time_to_review = token_db['createdAt'] + timezone.timedelta( seconds=int(settings.SECURITY_LEVEL_SECONDS_V2[ settings.SECURITY_LEVEL])) elif self.api_version == AUTH_API_V3: time_to_review = token_db['createdAt'] + timezone.timedelta( seconds=int(settings.SECURITY_LEVEL_SECONDS_V3[ settings.SECURITY_LEVEL])) logger.debug( "Token {0} is present in memory, should be checked at {1}". format(token, time_to_review)) expires = dateparse.parse_datetime(token_db['expires']) if timezone.now() > expires or timezone.now( ) > time_to_review or tenant_id is not token_db["tenant"]: logger.debug( "Token %s should be checked against keystone.", token) else: return token except KeyError: logger.debug("Token %s is not present in DB", token) pass auth_result = self.get_info_token(admin_token, token) if auth_result: if tenant_id == auth_result.tenant["id"]: # STORE TOKEN IN MEMORY createdAt = timezone.now() token_db = self.user_tokens.setdefault( token, { 'id': auth_result.id, 'expires': auth_result.expires, 'username': auth_result.username, 'tenant': auth_result.tenant["id"], 'createdAt': createdAt }) self.user_tokens[token] = token_db return token else: logger.error("TenantId %s ", tenant_id) logger.error("Token TenantId %s ", auth_result.tenant["id"]) raise Unauthorized( "Token is not valid for specified tenant %s" % tenant_id) except AuthorizationFailure as ex: if re.search(self.auth_token, ex.message) or re.search( AUTH_TOKEN_ERROR_MESSAGE, ex.message): self.auth_token = None logger.debug( "Admin token has expired, setting global to None.") elif re.search(token, ex.message) and token_db: self.user_tokens.pop(token) raise ex except Unauthorized as unauth: logger.debug(unauth) raise unauth except InternalServerError as internalError: raise AuthorizationFailure( "Token could not have enough permissions to access tenant: %s" % tenant_id) except Exception as ex: raise ex
def checkToken(self, admin_token, token, tenant_id): """checks if a token is valid against a url using an admin token.""" token_db = None try: if not token: raise Unauthorized("Token is empty") logger.debug("Starting Authentication of token %s ", token) try: token_db = self.get_token_from_memory(token) if self.api_version == AUTH_API_V2: time_to_review = token_db["createdAt"] + timezone.timedelta( seconds=int(settings.SECURITY_LEVEL_SECONDS_V2[settings.SECURITY_LEVEL]) ) elif self.api_version == AUTH_API_V3: time_to_review = token_db["createdAt"] + timezone.timedelta( seconds=int(settings.SECURITY_LEVEL_SECONDS_V3[settings.SECURITY_LEVEL]) ) logger.debug("Token {0} is present in memory, should be checked at {1}".format(token, time_to_review)) expires = dateparse.parse_datetime(token_db["expires"]) if timezone.now() > expires or timezone.now() > time_to_review or tenant_id is not token_db["tenant"]: logger.debug("Token %s should be checked against keystone.", token) else: return token except KeyError: logger.debug("Token %s is not present in DB", token) pass auth_result = self.get_info_token(admin_token, token) if auth_result: if tenant_id == auth_result.tenant["id"]: # STORE TOKEN IN MEMORY createdAt = timezone.now() token_db = self.user_tokens.setdefault( token, { "id": auth_result.id, "expires": auth_result.expires, "username": auth_result.username, "tenant": auth_result.tenant["id"], "createdAt": createdAt, }, ) self.user_tokens[token] = token_db return token else: logger.error("TenantId %s ", tenant_id) logger.error("Token TenantId %s ", auth_result.tenant["id"]) raise Unauthorized("Token is not valid for specified tenant %s" % tenant_id) except AuthorizationFailure as ex: if re.search(self.auth_token, ex.message) or re.search(AUTH_TOKEN_ERROR_MESSAGE, ex.message): self.auth_token = None logger.debug("Admin token has expired, setting global to None.") elif re.search(token, ex.message) and token_db: self.user_tokens.pop(token) raise ex except Unauthorized as unauth: logger.debug(unauth) raise unauth except InternalServerError as internalError: raise AuthorizationFailure("Token could not have enough permissions to access tenant: %s" % tenant_id) except Exception as ex: raise ex