def run_executable_update(did, app_did, target_did, target_app_did, executable_body, params): r, msg = can_access_vault(target_did, VAULT_ACCESS_WR) if r != SUCCESS: return None, msg executable_body_filter = executable_body.get('filter', {}) err_message = populate_with_params_values(did, app_did, executable_body_filter, params) if err_message: return None, err_message executable_body_update = executable_body.get('update').get('$set') err_message = populate_with_params_values(did, app_did, executable_body_update, params) if err_message: return None, err_message options = populate_options_update_one(executable_body) err_message = populate_with_params_values(did, app_did, options, params) if err_message: return None, err_message col = get_collection(target_did, target_app_did, executable_body.get('collection')) data, err_message = query_update_one(col, executable_body, options) if err_message: return None, err_message db_size = get_mongo_database_size(target_did, target_app_did) update_vault_db_use_storage_byte(did, db_size) return data, None
def run_executable_insert(did, app_did, target_did, target_app_did, executable_body, params): r, msg = can_access_vault(target_did, VAULT_ACCESS_WR) if not r: return None, msg executable_body_document = executable_body.get('document', {}) populate_params_insert_update(did, app_did, executable_body_document, params) created = "created" in executable_body_document.keys() options = populate_options_insert_one(executable_body) col = get_collection(target_did, target_app_did, executable_body.get('collection')) data, err_message = query_insert_one(col, executable_body, options, created=created) if err_message: return None, err_message db_size = get_mongo_database_size(target_did, target_app_did) update_vault_db_use_storage_byte(did, db_size) return data, None
def run_executable_find(did, app_did, target_did, target_app_did, executable_body, params): r, msg = can_access_vault(target_did, VAULT_ACCESS_R) if r != SUCCESS: return None, msg executable_body_filter = executable_body.get('filter', {}) err_message = populate_with_params_values(did, app_did, executable_body_filter, params) if err_message: return None, err_message options = populate_options_find_many(executable_body) err_message = populate_with_params_values(did, app_did, options, params) if err_message: return None, err_message col = get_collection(target_did, target_app_did, executable_body.get('collection')) if not col: return None, f'Can not find the collection {executable_body.get("collection")}' data, err_message = query_find_many(col, executable_body, options) if err_message: return None, err_message return data, None
def did_post_json_param_pre_proc(response, *args, access_vault=None, access_backup=None): did, app_id = did_auth() if did is None: return did, None, response.response_err(UNAUTHORIZED, "auth failed") content = request.get_json(force=True, silent=True) if content is None: return did, None, response.response_err( BAD_REQUEST, "parameter is not application/json") if access_vault: r, msg = can_access_vault(did, access_vault) if r != SUCCESS: return did, app_id, None, response.response_err(r, msg) if access_backup: r, msg = can_access_backup(did) if r != SUCCESS: return did, None, response.response_err(r, msg) for arg in args: data = content.get(arg, None) if data is None: return did, None, response.response_err( BAD_REQUEST, "parameter " + arg + " is null") return did, content, None
def did_get_param_pre_proc(response, *args, access_vault=None, access_backup=None): did, app_id = did_auth() if did is None: return did, None, response.response_err(UNAUTHORIZED, "auth failed") if access_vault: r, msg = can_access_vault(did, access_vault) if r != SUCCESS: return did, app_id, None, response.response_err(r, msg) if access_backup: r, msg = can_access_backup(did) if r != SUCCESS: return did, None, response.response_err(r, msg) content = dict() for arg in args: data = request.args.get(arg, None) if data is None: return did, app_id, None, response.response_err( BAD_REQUEST, "parameter " + arg + " is null") else: content[arg] = data return did, content, None
def run_executable_file_upload(did, app_did, target_did, target_app_did, executable_body, params): r, msg = can_access_vault(target_did, VAULT_ACCESS_WR) if r != SUCCESS: return None, msg executable_body_path = executable_body.get("path", "") if executable_body_path.startswith(f"{SCRIPTING_EXECUTABLE_PARAMS}."): v = executable_body_path.replace(f"{SCRIPTING_EXECUTABLE_PARAMS}.", "") try: v = params[v] except Exception as e: return None, f"Exception: {str(e)}" executable_body_path = v if not executable_body_path: return None, f"Path cannot be empty" full_path_name, err = query_upload_get_filepath(target_did, target_app_did, executable_body_path) if err: return None, f"Exception: Could not upload file. Status={err['status_code']} Error='{err['description']}'" content = { "document": { "file_name": executable_body_path, "fileapi_type": "upload" } } col = get_collection(target_did, target_app_did, SCRIPTING_SCRIPT_TEMP_TX_COLLECTION) if not col: return None, f"collection {SCRIPTING_SCRIPT_TEMP_TX_COLLECTION} does not exist" data, err_message = query_insert_one(col, content, {}) if err_message: return None, f"Could not insert data into the database: Err: {err_message}" db_size = get_mongo_database_size(target_did, target_app_did) update_vault_db_use_storage_byte(target_did, db_size) row_id = data.get("inserted_id", None) if not row_id: return None, f"Could not retrieve the transaction ID. Please try again" data = { "transaction_id": jwt.encode( { "row_id": row_id, "target_did": target_did, "target_app_did": target_app_did }, hive_setting.DID_STOREPASS, algorithm='HS256') } return data, None
def run_script_fileapi_setup(self, transaction_id, fileapi_type): # Request script content first try: transaction_detail = jwt.decode(transaction_id, hive_setting.DID_STOREPASS, algorithms=['HS256']) row_id, target_did, target_app_did = transaction_detail.get('row_id', None), transaction_detail.get('target_did', None), \ transaction_detail.get('target_app_did', None) except Exception as e: err = [ INTERNAL_SERVER_ERROR, f"Error while executing file {fileapi_type} via scripting: Could not unpack details " f"from transaction_id jwt token. Exception: {str(e)}" ] return None, None, None, None, err r, m = can_access_vault(target_did, VAULT_ACCESS_R) if r != SUCCESS: err = [ r, f"Error while executing file {fileapi_type} via scripting: vault can not be accessed" ] return None, None, None, None, err # Find the temporary tx in the database try: col = get_collection(target_did, target_app_did, SCRIPTING_SCRIPT_TEMP_TX_COLLECTION) content_filter = {"_id": ObjectId(row_id)} script_temp_tx = col.find_one(content_filter) except Exception as e: err = [ NOT_FOUND, f"Error while executing file {fileapi_type} via scripting: Exception: {str(e)}" ] return None, None, None, None, err if not script_temp_tx: err = [ NOT_FOUND, f"Error while executing file {fileapi_type} via scripting: " f"Exception: Could not find the transaction ID '{transaction_id}' in the database" ] return None, None, None, None, err file_name = script_temp_tx.get('file_name', None) if not file_name: err = [ NOT_FOUND, f"Error while executing file {fileapi_type} via scripting: Could not find a file_name " f"'{file_name}' to be used to upload" ] return None, None, None, None, err return row_id, target_did, target_app_did, file_name, None
def pre_proc(response, access_vault=None): did, app_id = did_auth() if (did is None) or (app_id is None): return did, app_id, response.response_err(UNAUTHORIZED, "auth failed") if access_vault: r, msg = can_access_vault(did, access_vault) if r != SUCCESS: return did, app_id, response.response_err(r, msg) return did, app_id, None
def list_files(self): did, app_id = did_auth() if (did is None) or (app_id is None): return self.response.response_err(UNAUTHORIZED, "auth failed") r, msg = can_access_vault(did, VAULT_ACCESS_R) if r != SUCCESS: return self.response.response_err(r, msg) docs, resp_err = v2_wrapper(self.ipfs_files.list_folder_with_path)(did, app_id, request.args.get('path')) if resp_err: return resp_err file_info_list = list(map(lambda d: HiveFile.get_info_by_metadata(d), docs)) return self.response.response_ok({"file_info_list": file_info_list})
def run_executable_file_download(did, app_did, target_did, target_app_did, executable_body, params): r, msg = can_access_vault(target_did, VAULT_ACCESS_R) if not r: return None, msg executable_body_path = executable_body.get("path", "") if executable_body_path.startswith(f"{SCRIPTING_EXECUTABLE_PARAMS}."): v = executable_body_path.replace(f"{SCRIPTING_EXECUTABLE_PARAMS}.", "") if not (params and params.get(v, None)): return None, "Exception: Parameter is not set" executable_body_path = params[v] if not executable_body_path: return None, f"Path cannot be empty" content = { "document": { "file_name": executable_body_path, "fileapi_type": "download" } } col = get_collection(target_did, target_app_did, SCRIPTING_SCRIPT_TEMP_TX_COLLECTION) if not col: return None, f"collection {SCRIPTING_SCRIPT_TEMP_TX_COLLECTION} does not exist" data, err_message = query_insert_one(col, content, {}) if err_message: return None, f"Could not insert data into the database: Err: {err_message}" db_size = get_mongo_database_size(target_did, target_app_did) update_vault_db_use_storage_byte(target_did, db_size) row_id = data.get("inserted_id", None) if not row_id: return None, f"Could not retrieve the transaction ID. Please try again" data = { "transaction_id": jwt.encode( { "row_id": row_id, "target_did": target_did, "target_app_did": target_app_did }, hive_setting.DID_STOREPASS, algorithm='HS256') } return data, None
def download_file(self): resp = Response() did, app_id = did_auth() if (did is None) or (app_id is None): resp.status_code = UNAUTHORIZED return resp r, msg = can_access_vault(did, VAULT_ACCESS_R) if r != SUCCESS: resp.status_code = r return resp data, resp_err = v2_wrapper(self.ipfs_files.download_file_with_path)(did, app_id, request.args.get('path')) if resp_err: return resp_err return data
def run_executable_file_hash(did, app_did, target_did, target_app_did, executable_body, params): r, msg = can_access_vault(target_did, VAULT_ACCESS_R) if not r: return None, msg executable_body_path = executable_body.get("path", "") name = "" if executable_body_path.startswith(f"{SCRIPTING_EXECUTABLE_PARAMS}."): v = executable_body_path.replace(f"{SCRIPTING_EXECUTABLE_PARAMS}.", "") if not (params and params.get(v, None)): return None, "Exception: Parameter is not set" name = params[v] data, err = query_hash(target_did, target_app_did, name) if err: return None, f"Exception: Could not get hash of file. Status={err['status_code']} Error='{err['description']}'" return data, None
def download_file(self): resp = Response() did, app_id = did_auth() if (did is None) or (app_id is None): resp.status_code = UNAUTHORIZED return resp r, msg = can_access_vault(did, VAULT_ACCESS_R) if not r: resp.status_code = FORBIDDEN return resp file_name = request.args.get('path') data, status_code = query_download(did, app_id, file_name) if status_code != SUCCESS: resp.status_code = status_code return resp return data
def run_executable_find(did, app_did, target_did, target_app_did, executable_body, params): r, msg = can_access_vault(target_did, VAULT_ACCESS_R) if not r: return None, msg executable_body_filter = executable_body.get('filter', {}) populate_params_find_count_delete(did, app_did, executable_body_filter, params) options = populate_options_find_many(executable_body) col = get_collection(target_did, target_app_did, executable_body.get('collection')) data, err_message = query_find_many(col, executable_body, options) if err_message: return None, err_message return data, None
def run_executable_delete(did, app_did, target_did, target_app_did, executable_body, params): r, msg = can_access_vault(target_did, VAULT_ACCESS_R) if not r: return None, msg executable_body_filter = executable_body.get('filter', {}) populate_params_find_count_delete(did, app_did, executable_body_filter, params) col = get_collection(target_did, target_app_did, executable_body.get('collection')) data, err_message = query_delete_one(col, executable_body) if err_message: return None, err_message db_size = get_mongo_database_size(target_did, target_app_did) update_vault_db_use_storage_byte(did, db_size) return data, None
def list_files(self): did, app_id = did_auth() if (did is None) or (app_id is None): return self.response.response_err(UNAUTHORIZED, "auth failed") r, msg = can_access_vault(did, VAULT_ACCESS_R) if not r: return self.response.response_err(BAD_REQUEST, msg) path = get_save_files_path(did, app_id) name = request.args.get('path') if name is None: full_path_name = path else: name = filter_path_root(name) full_path_name = (path / name).resolve() if not (full_path_name.exists() and full_path_name.is_dir()): return self.response.response_err(NOT_FOUND, "folder not exists") try: files = os.listdir(full_path_name.as_posix()) except Exception as e: return self.response.response_ok({"files": []}) file_info_list = list() for file in files: full_file = full_path_name / file stat_info = full_file.stat() file_info = { "type": "file" if full_file.is_file() else "folder", "name": file, "size": stat_info.st_size, "last_modify": stat_info.st_mtime, } file_info_list.append(file_info) return self.response.response_ok({"file_info_list": file_info_list})
def run_executable_file_hash(did, app_did, target_did, target_app_did, executable_body, params): r, msg = can_access_vault(target_did, VAULT_ACCESS_R) if r != SUCCESS: return None, msg executable_body_path = executable_body.get("path", "") name = "" if executable_body_path.startswith(f"{SCRIPTING_EXECUTABLE_PARAMS}."): v = executable_body_path.replace(f"{SCRIPTING_EXECUTABLE_PARAMS}.", "") try: v = params[v] except Exception as e: return None, f"Exception: {str(e)}" name = v metadata, resp_err = v2_wrapper(IpfsFiles().get_file_metadata)( target_did, target_app_did, name) if resp_err: return None, f'Exception: Could not get the hash of the file. Status={resp_err[1]} Error={resp_err[0]}' data = {"SHA256": metadata[COL_IPFS_FILES_SHA256]} return data, None
def __run_script(self, script_name, caller_did, caller_app_did, target_did, target_app_did, params): r, msg = can_access_vault(target_did, VAULT_ACCESS_R) if r != SUCCESS: logging.debug( f"Error while executing script named '{script_name}': vault can not be accessed" ) return self.response.response_err(r, msg) # Find the script in the database col = get_collection(target_did, target_app_did, SCRIPTING_SCRIPT_COLLECTION) content_filter = {"name": script_name} err_message = f"could not find script '{script_name}' in the database. Please register the script " \ f"first with set_script' API endpoint" try: script = col.find_one(content_filter) except Exception as e: err_message = f"{err_message}. Exception: {str(e)}" logging.debug( f"Error while executing script named '{script_name}': {err_message}" ) return self.response.response_err(INTERNAL_SERVER_ERROR, err_message) if not script: logging.debug( f"Error while executing script named '{script_name}': {err_message}" ) return self.response.response_err(NOT_FOUND, err_message) # Validate anonymity options allow_anonymous_user = script.get('allowAnonymousUser', False) allow_anonymous_app = script.get('allowAnonymousApp', False) if (allow_anonymous_user is True) and (allow_anonymous_app is False): err_message = "Error while validating anonymity options: Cannot set allowAnonymousUser to be True but " \ "allowAnonymousApp to be False as we cannot request an auth to prove an app identity without " \ "proving the user identity" logging.debug(err_message) return self.response.response_err(BAD_REQUEST, err_message) if allow_anonymous_user is True: caller_did = None else: if not caller_did: logging.debug( f"Error while executing script named '{script_name}': Auth failed. caller_did " f"not set") return self.response.response_err( UNAUTHORIZED, "Auth failed. caller_did not set") if allow_anonymous_app is True: caller_app_did = None else: if not caller_app_did: logging.debug( f"Error while executing script named '{script_name}': Auth failed. " f"caller_app_did not set") return self.response.response_err( UNAUTHORIZED, "Auth failed. caller_app_did not set") logging.debug( f"Executing a script named '{script_name}' with params: " f"Caller DID: '{caller_did}', Caller App DID: '{caller_app_did}', " f"Target DID: '{target_did}', Target App DID: '{target_app_did}', " f"Anonymous User Access: {allow_anonymous_user}, Anonymous App Access: {allow_anonymous_app}" ) condition = script.get('condition', None) if condition: # Currently, there's only one kind of condition("count" db query) r, msg = can_access_vault(target_did, VAULT_ACCESS_R) if r != SUCCESS: logging.debug( f"Error while executing script named '{script_name}': vault can not be accessed" ) return self.response.response_err(r, msg) passed = self.__condition_execution(caller_did, caller_app_did, target_did, target_app_did, condition, params) if not passed: err_message = f"the conditions were not met to execute this script" logging.debug( f"Error while executing script named '{script_name}': {err_message}" ) return self.response.response_err(FORBIDDEN, err_message) executable = script.get("executable") unmassage_keys_with_dollar_signs(executable) output = {} data = self.__executable_execution(caller_did, caller_app_did, target_did, target_app_did, executable, params, output=output, output_key=executable.get( 'name', "output0")) return data