def api_introspection(uuid): utils.check_auth(flask.request) if not uuidutils.is_uuid_like(uuid): raise utils.Error(_('Invalid UUID value'), code=400) if flask.request.method == 'POST': new_ipmi_password = flask.request.args.get('new_ipmi_password', type=str, default=None) if new_ipmi_password: new_ipmi_username = flask.request.args.get('new_ipmi_username', type=str, default=None) new_ipmi_credentials = (new_ipmi_username, new_ipmi_password) else: new_ipmi_credentials = None introspect.introspect(uuid, new_ipmi_credentials=new_ipmi_credentials, token=flask.request.headers.get('X-Auth-Token')) return '', 202 else: node_info = node_cache.get_node(uuid) return flask.json.jsonify(finished=bool(node_info.finished_at), error=node_info.error or None)
def api_introspection(node_id): utils.check_auth(flask.request) if flask.request.method == 'POST': new_ipmi_password = flask.request.args.get('new_ipmi_password', type=str, default=None) if new_ipmi_password: new_ipmi_username = flask.request.args.get('new_ipmi_username', type=str, default=None) new_ipmi_credentials = (new_ipmi_username, new_ipmi_password) else: new_ipmi_credentials = None if new_ipmi_credentials and _get_version() >= (1, 9): return _('Setting IPMI credentials is deprecated and not allowed ' 'starting with API version 1.9'), 400 introspect.introspect(node_id, new_ipmi_credentials=new_ipmi_credentials, token=flask.request.headers.get('X-Auth-Token')) return '', 202 else: node_info = node_cache.get_node(node_id) return flask.json.jsonify(generate_introspection_status(node_info))
def api_introspection_abort(uuid): utils.check_auth(flask.request) if not uuidutils.is_uuid_like(uuid): raise utils.Error(_('Invalid UUID value'), code=400) introspect.abort(uuid, token=flask.request.headers.get('X-Auth-Token')) return '', 202
def api_rule(uuid): utils.check_auth(flask.request) if flask.request.method == 'GET': rule = rules.get(uuid) return flask.jsonify(rule_repr(rule, short=False)) else: rules.delete(uuid) return '', 204
def wrapper(*args, **kwargs): flask.request.context = context.RequestContext.from_environ( flask.request.environ, is_public_api=is_public_api) if verb_to_rule_map and rule: policy_rule = rule.format( verb_to_rule_map[flask.request.method.upper()]) else: policy_rule = rule utils.check_auth(flask.request, rule=policy_rule) return func(*args, **kwargs)
def api_introspection_data(uuid): utils.check_auth(flask.request) if CONF.processing.store_data == 'swift': res = swift.get_introspection_data(uuid) return res, 200, {'Content-Type': 'application/json'} else: return error_response(_('Inspector is not configured to store data. ' 'Set the [processing] store_data ' 'configuration option to change this.'), code=404)
def api_introspection(node_id): utils.check_auth(flask.request) if flask.request.method == 'POST': introspect.introspect(node_id, token=flask.request.headers.get('X-Auth-Token')) return '', 202 else: node_info = node_cache.get_node(node_id) return flask.json.jsonify(generate_introspection_status(node_info))
def api_introspection_statuses(): utils.check_auth(flask.request) nodes = node_cache.get_node_list( marker=api_tools.marker_field(), limit=api_tools.limit_field(default=CONF.api_max_limit)) data = { 'introspection': [generate_introspection_status(node) for node in nodes] } return flask.json.jsonify(data)
def api_introspection_statuses(): utils.check_auth(flask.request) nodes = node_cache.get_node_list( marker=api_tools.marker_field(), limit=api_tools.limit_field(default=CONF.api_max_limit) ) data = { 'introspection': [generate_introspection_status(node) for node in nodes] } return flask.json.jsonify(data)
def api_introspection_data(node_id): utils.check_auth(flask.request) if CONF.processing.store_data == 'swift': if not uuidutils.is_uuid_like(node_id): node = ir_utils.get_node(node_id, fields=['uuid']) node_id = node.uuid res = swift.get_introspection_data(node_id) return res, 200, {'Content-Type': 'application/json'} else: return error_response(_('Inspector is not configured to store data. ' 'Set the [processing] store_data ' 'configuration option to change this.'), code=404)
def api_introspection_reapply(node_id): utils.check_auth(flask.request) if flask.request.content_length: return error_response(_('User data processing is not ' 'supported yet'), code=400) if CONF.processing.store_data == 'swift': process.reapply(node_id) return '', 202 else: return error_response(_('Inspector is not configured to store' ' data. Set the [processing] ' 'store_data configuration option to ' 'change this.'), code=400)
def api_introspection_reapply(uuid): utils.check_auth(flask.request) if flask.request.content_length: return error_response(_('User data processing is not ' 'supported yet'), code=400) if CONF.processing.store_data == 'swift': process.reapply(uuid) return '', 202 else: return error_response(_('Inspector is not configured to store' ' data. Set the [processing] ' 'store_data configuration option to ' 'change this.'), code=400)
def api_rules(): utils.check_auth(flask.request) if flask.request.method == 'GET': res = [rule_repr(rule, short=True) for rule in rules.get_all()] return flask.jsonify(rules=res) elif flask.request.method == 'DELETE': rules.delete_all() return '', 204 else: body = flask.request.get_json(force=True) if body.get('uuid') and not uuidutils.is_uuid_like(body['uuid']): raise utils.Error(_('Invalid UUID value'), code=400) rule = rules.create(conditions_json=body.get('conditions', []), actions_json=body.get('actions', []), uuid=body.get('uuid'), description=body.get('description')) return flask.jsonify(rule_repr(rule, short=False))
def api_introspection(node_id): utils.check_auth(flask.request) if flask.request.method == 'POST': new_ipmi_password = flask.request.args.get('new_ipmi_password', type=str, default=None) if new_ipmi_password: new_ipmi_username = flask.request.args.get('new_ipmi_username', type=str, default=None) new_ipmi_credentials = (new_ipmi_username, new_ipmi_password) else: new_ipmi_credentials = None introspect.introspect(node_id, new_ipmi_credentials=new_ipmi_credentials, token=flask.request.headers.get('X-Auth-Token')) return '', 202 else: node_info = node_cache.get_node(node_id) return flask.json.jsonify(generate_introspection_status(node_info))
def test_disabled(self): self.cfg.config(auth_strategy='noauth') request = mock.Mock(headers={'X-Identity-Status': 'Invalid'}) utils.check_auth(request)
def test_basic(self): self.cfg.config(auth_strategy='http_basic') request = mock.Mock(headers={'X-Identity-Status': 'Invalid'}) utils.check_auth(request)
def test_ok(self): request = mock.Mock(headers={ 'X-Identity-Status': 'Confirmed', 'X-Roles': 'admin,member' }) utils.check_auth(request)
def test_disabled(self): CONF.set_override('auth_strategy', 'noauth') request = mock.Mock(headers={'X-Identity-Status': 'Invalid'}) utils.check_auth(request)
def api_introspection_abort(node_id): utils.check_auth(flask.request) introspect.abort(node_id, token=flask.request.headers.get('X-Auth-Token')) return '', 202
def test_public_api(self): request = mock.Mock(headers={'X-Identity-Status': 'Invalid'}) request.context = context.RequestContext(is_public_api=True) utils.check_auth(request, "public_api")
def test_ok(self): request = mock.Mock(headers={"X-Identity-Status": "Confirmed", "X-Roles": "admin,member"}) utils.check_auth(request)
def test_ok(self): request = mock.Mock(headers={'X-Identity-Status': 'Confirmed', 'X-Roles': 'admin,member'}) utils.check_auth(request)
def test_admin(self): request = mock.Mock(headers={'X-Identity-Status': 'Confirmed'}) request.context = context.RequestContext(roles=['admin']) utils.check_auth(request, rule="is_admin")
def test_disabled(self): CONF.set_override("auth_strategy", "noauth") request = mock.Mock(headers={"X-Identity-Status": "Invalid"}) utils.check_auth(request)