def post(self, id=None): if 'state' in request.json and request.json['state'] == 'create': team = Team( None, request.json['name'], ) auditlog( current_user, 'create', team, request_details=request.json) db.session.add(team) db.session.commit() return { 'team': marshal(team, team_fields), } else: # Not used right now, put() is called instead. team = Team.query.get(id) name = clean(request.json['name']) if name != '': team.name = name # team = self._updatePermissions(team) db.session.add(team) db.session.commit() return self.get(id)
def post(self): query = request.get_json() instanceId = query.get('id') if instanceId: instanceId = int(instanceId) instance = self.backend.get(instanceId) auditlog( current_user, '{} instance'.format(query.get('state', 'unknown')), instance, request_details=request.get_json()) if 'start' in query.get('state', ''): provider = query['state'].replace('start-', '') instance.start(provider) elif query.get('state') == 'stop': instance.stop() elif query.get('state') == 'sync': instance.sync() elif query.get('state') == 'create': instance = self.backend.create(query) else: return self.get() return { 'instance': marshal(instance, instance_fields), }
def post(self, id=None): if 'state' in request.json and request.json['state'] == 'create': user = User( None, request.json['name'], ) auditlog( current_user, 'create', user, request_details=request.json) db.session.add(user) db.session.commit() else: user = User.query.get(id) if 'user' in request.json and 'role' in request.json['user']: role = request.json['user']['role'] if role == ROLE_ADMIN: user.role = ROLE_ADMIN elif role == ROLE_DEV: user.role = ROLE_DEV auditlog( current_user, 'update', user, request_details=request.json) db.session.add(user) db.session.commit() return { 'user': marshal(user, user_fields), }
def post(self): """Send an SSL cert/key""" query = request.get_json() DC = clean(query.get('domain_controller')) name = clean(query.get('name')) cert = clean(query.get('cert')) key = clean(query.get('key')) check = SSL.query.filter_by( domaincontroller_id=DC, name=name ).count() if check > 0: abort(400) new_cert = SSL() new_cert.name = name DC = DomainController.query.get(DC) new_cert.domain_controller = DC auditlog( current_user, 'create', new_cert, request_details=request.get_json()) db.session.add(new_cert) db.session.commit() req.post( DC.url + '/ssl', headers=json_headers, data=json.dumps( {'name': name, 'cert': cert, 'key': key}), verify=False )
def post(self, id=None): if 'state' in request.json and request.json['state'] == 'create': action = 'create' project = Project(None, request.json['name']) else: action = 'update' project = Project.query.get(id) if 'name' in request.json\ and request.json['name'] != '': project.name = clean(request.json['name']) if 'git_address' in request.json\ and request.json['git_address'] != '': project.git_address = clean(request.json['git_address'].replace( ' ', '')) elif 'base_path' in request.json: project.base_path = request.json['base_path'] auditlog(current_user, action, project, request_details=request.get_json()) db.session.add(project) db.session.commit() return marshal(project, project_fields)
def put(self, slug): users = request.json['users'] for user in users: if 'state' in user: if user['state'] == 'DELETE': auditlog( current_user, 'delete user {}'.format( user['username']), slug, 'htpasswd', request_details=request.get_json()) req.delete(self._get_url(slug) + '/{}'.format(user['username'])) if user['state'] == 'CREATE': auditlog( current_user, 'add user {}'.format(user['username']), slug, 'htpasswd', request_details=request.get_json()) data = json.dumps({ 'username': user['username'], 'password': user['password'] }) req.post(self._get_url(slug), headers=self._get_headers(), data=data) return self.get(slug)
def post(self, id=None): if 'state' in request.json and request.json['state'] == 'create': domain_controller = DomainController( None, request.json['name'], request.json['address'], request.json['port'], request.json['accept_self_signed']) auditlog(current_user, 'create domaincontroller', domain_controller, request_details=request.get_json()) db.session.add(domain_controller) db.session.commit() return self.get(domain_controller.id) else: domain_controller = DomainController.query.get(id) name = clean(request.json['name'].rstrip()) address = clean(request.json['address'].rstrip()) port = clean(request.json['port'].rstrip()) auditlog(current_user, 'update domaincontroller', domain_controller, request_details=request.get_json()) if name != '': domain_controller.name = name if address != '': domain_controller.address = address if port != '': domain_controller.port = port db.session.add(domain_controller) db.session.commit() return self.get(id)
def delete(self, instanceId): instance = VagrantInstance.query.get(instanceId) auditlog(current_user, 'delete instance', instance, request_details=request.get_json()) instance.delete()
def post(self, id=None): if 'state' in request.json and request.json['state'] == 'create': action = 'create' project = Project(None, request.json['name']) else: action = 'update' project = Project.query.get(id) if 'name' in request.json\ and request.json['name'] != '': project.name = clean(request.json['name']) if 'git_address' in request.json\ and request.json['git_address'] != '': project.git_address = clean( request.json['git_address'].replace(' ', '') ) elif 'base_path' in request.json: project.base_path = request.json['base_path'] auditlog( current_user, action, project, request_details=request.get_json()) db.session.add(project) db.session.commit() return marshal(project, project_fields)
def put(self, slug): users = request.json['users'] for user in users: if 'state' in user: if user['state'] == 'DELETE': auditlog(current_user, 'delete user {}'.format(user['username']), slug, 'htpasswd', request_details=request.get_json()) req.delete( self._get_url(slug) + '/{}'.format(user['username'])) if user['state'] == 'CREATE': auditlog(current_user, 'add user {}'.format(user['username']), slug, 'htpasswd', request_details=request.get_json()) data = json.dumps({ 'username': user['username'], 'password': user['password'] }) req.post(self._get_url(slug), headers=self._get_headers(), data=data) return self.get(slug)
def post(self): query = request.get_json() instanceId = query.get('id') if instanceId: instanceId = int(instanceId) instance = self.backend.get(instanceId) auditlog(current_user, '{} instance'.format(query.get('state', 'unknown')), instance, request_details=request.get_json()) if 'start' in query.get('state', ''): provider = query['state'].replace('start-', '') instance.start(provider) elif query.get('state') == 'stop': instance.stop() elif query.get('state') == 'sync': instance.sync() elif query.get('state') == 'create': instance = self.backend.create(query) else: return self.get() return { 'instance': marshal(instance, instance_fields), }
def delete(self, id): team = Team.query.get(id) auditlog( current_user, 'delete', team) db.session.delete(team) db.session.commit()
def delete(self, slug): auditlog( current_user, 'deleted', slug, 'htpasswd', ) r = req.delete(self._get_url(slug)) return r.content
def delete(self, slug): url = self._get_url() + '/{}'.format(slug) auditlog( current_user, 'delete', slug, 'htpasswd') r = req.delete(url=url, headers=self._get_headers()) return r.content
def delete(self, instanceId): instance = VagrantInstance.query.get(instanceId) auditlog( current_user, 'delete instance', instance, request_details=request.get_json()) instance.delete()
def delete(self, id): domain_controller = DomainController.query.get(id) auditlog( current_user, 'delete domaincontroller', domain_controller) db.session.delete(domain_controller) db.session.commit()
def delete(self, userId, id): """delete API Key""" key = APIKey.query.get(id) if key.user == current_user or current_user.is_admin(): auditlog(current_user, 'delete api key', key) db.session.delete(key) db.session.commit() else: abort(403)
def delete(self, userId, id): """delete API Key""" key = APIKey.query.get(id) if key.user == current_user or current_user.is_admin(): auditlog(current_user, 'delete api key', key) db.session.delete(key) db.session.commit() else: abort(403)
def delete(self, slug): auditlog( current_user, 'deleted', slug, 'htpasswd', ) r = req.delete(self._get_url(slug)) return r.content
def put(self, id): team = Team.query.get(id) team = self._updatePermissions(team) auditlog( current_user, 'update', team, request_details=request.json) db.session.add(team) db.session.commit()
def delete(self, id): project = Project.query.get(id) teams = Team.query.all() for team in teams: for permission in\ team.get_permissions_grids('project', project.id): db.session.delete(permission) auditlog(current_user, 'delete', project) db.session.delete(project) db.session.commit()
def delete(self, id): user = User.query.get(id) auditlog( current_user, 'delete', user) try: db.session.delete(user) db.session.commit() except: app.logger.debug(get_debug_queries())
def delete(self, id): domain = Domain.query.get(id) auditlog(current_user, 'delete domain', domain, request_details=request.get_json()) url = self._get_url(domain) + '/{}'.format(id) verify = self._get_verify(domain) db.session.delete(domain) db.session.commit() req.delete(url=url, headers=self._get_headers(), verify=verify) return self.get()
def delete(self, id): project = Project.query.get(id) teams = Team.query.all() for team in teams: for permission in\ team.get_permissions_grids('project', project.id): db.session.delete(permission) auditlog( current_user, 'delete', project) db.session.delete(project) db.session.commit()
def put(self, slug=None): domain = request.json['domain'] ip = request.json['ip'].strip() data = json.dumps({'site': domain, 'ip': ip}) auditlog(current_user, 'update', slug, 'htpasswd', request_details=request.get_json()) r = req.put(self._get_url() + '/{}'.format(slug), headers=self._get_headers(), data=data) return r.content
def post(self, slug=None): name = request.json['name'] data = json.dumps({'name': name}) # Should mean we are adding a new user auditlog(current_user, 'create', name, 'htpasswd', request_details=request.get_json()) r = req.post(self._get_url(), headers=self._get_headers(), data=data) content = r.content return content
def put(self, slug=None): domain = request.json['domain'] ip = request.json['ip'].strip() data = json.dumps({'site': domain, 'ip': ip}) auditlog( current_user, 'update', slug, 'htpasswd', request_details=request.get_json() ) r = req.put(self._get_url() + '/{}'.format(slug), headers=self._get_headers(), data=data) return r.content
def post(self, slug=None): name = request.json['name'] data = json.dumps({'name': name}) # Should mean we are adding a new user auditlog( current_user, 'create', name, 'htpasswd', request_details=request.get_json()) r = req.post(self._get_url(), headers=self._get_headers(), data=data) content = r.content return content
def delete(self, id): domain = Domain.query.get(id) auditlog( current_user, 'delete domain', domain, request_details=request.get_json()) url = self._get_url(domain) + '/{}'.format(id) verify = self._get_verify(domain) db.session.delete(domain) db.session.commit() req.delete( url=url, headers=self._get_headers(), verify=verify ) return self.get()
def delete(self, id): """delete SSL cert/key""" key = SSL.query.get(id) auditlog( current_user, 'delete', key) db.session.delete(key) db.session.commit() try: req.delete( key.domain_controller.url + '/ssl/' + key.name, headers=json_headers, data=json.dumps( {'name': key.name} ), ) except: pass
def post(self, id=None): if 'state' in request.json and request.json['state'] == 'create': host = Host(None, clean(request.json['name']), request.json['params'].replace("<br>", "\r\n"), clean(request.json['provider'])) auditlog(current_user, 'create host', host, request_details=request.get_json()) db.session.add(host) db.session.commit() return { 'host': marshal(host, host_fields), } else: host = Host.query.get(id) auditlog(current_user, 'update host', host, request_details=request.get_json()) name = clean(request.json['name'].rstrip()) params = request.json['params'] while (params.find('<br><br>') != -1): params = params.replace("<br><br>", "<br>") params = params.replace("<br>", "\r\n") params = params.replace('<div>', '\r\n') params = params.replace(' ', '') params = params.replace('</div>', '\r\n') provider = clean(request.json['provider'].rstrip()) if name != '': host.name = name if provider != '': host.provider = provider host.params = params db.session.add(host) db.session.commit() return self.get(id)
def post(self): query = request.args comment = query.get('comment') # @TODO : We should not bind the user to current_user, in case the # key was added by an admin to a user. user = current_user api_key = APIKey() # @TODO : We should make sure the name was not already provided, maybe # we are just changing the comment on this key. api_key.name = unicode(uuid4()) api_key.user = user api_key.comment = comment or "Random API Key" auditlog(user, 'create api key', api_key, request_details=request.get_json()) db.session.add(api_key) db.session.commit() return api_key
def post(self, id=None): if 'state' in request.json and request.json['state'] == 'create': domain_controller = DomainController( None, request.json['name'], request.json['address'], request.json['port'], request.json['accept_self_signed'] ) auditlog( current_user, 'create domaincontroller', domain_controller, request_details=request.get_json()) db.session.add(domain_controller) db.session.commit() return self.get(domain_controller.id) else: domain_controller = DomainController.query.get(id) name = clean(request.json['name'].rstrip()) address = clean(request.json['address'].rstrip()) port = clean(request.json['port'].rstrip()) auditlog( current_user, 'update domaincontroller', domain_controller, request_details=request.get_json()) if name != '': domain_controller.name = name if address != '': domain_controller.address = address if port != '': domain_controller.port = port db.session.add(domain_controller) db.session.commit() return self.get(id)
def post(self): query = request.args comment = query.get('comment') # @TODO : We should not bind the user to current_user, in case the # key was added by an admin to a user. user = current_user api_key = APIKey() # @TODO : We should make sure the name was not already provided, maybe # we are just changing the comment on this key. api_key.name = unicode(uuid4()) api_key.user = user api_key.comment = comment or "Random API Key" auditlog( user, 'create api key', api_key, request_details=request.get_json()) db.session.add(api_key) db.session.commit() return api_key
def delete(self, slug): url = self._get_url() + '/{}'.format(slug) auditlog(current_user, 'delete', slug, 'htpasswd') r = req.delete(url=url, headers=self._get_headers()) return r.content
def _editDomain(self, id=None): query = request.get_json() if id is None: domain = Domain() action = 'create' else: domain = Domain.query.get(id) action = 'update' for upstream in domain.upstreams: db.session.delete(upstream) for alias in domain.aliases: db.session.delete(alias) db.session.commit() uri = query['uri'] htpasswd = query.get('htpasswd') ssl_key = query.get('ssl_key') aliases = query.get('aliases', []) domain_controller = query.get('domain_controller') domain.upstreams = [] for upstreamInfo in query.get('upstreams', []): upstream = Upstream() upstream.ip = upstreamInfo['ip'] upstream.port = upstreamInfo['port'] upstream.websocket = upstreamInfo['websocket'] or False upstream.location = upstreamInfo['location'] or '/' upstream.port_ssl = upstreamInfo['port_ssl'] or None upstream.state = upstreamInfo['state'] domain.upstreams.append(upstream) domain.aliases = [] for aliasInfo in aliases: alias = Alias() alias.uri = aliasInfo['uri'] domain.aliases.append(alias) domain.domain_controller = None if domain_controller: domain_controller = DomainController.query.get( domain_controller['id'] ) domain.domain_controller = domain_controller domain.uri = uri domain.htpasswd = htpasswd domain.ssl_key = ssl_key if id is None: if current_user.has_permission( CreateDomainPermission, getattr(domain.domain_controller, 'id') ) is False: return abort(403) else: if current_user.has_permission( EditDomainPermission, getattr(domain.domain_controller, 'id') ) is False: return abort(403) auditlog( current_user, '{} domain'.format(action), domain, request_details=request.get_json()) db.session.add(domain) db.session.commit() return domain
def delete(self, id): domain_controller = DomainController.query.get(id) auditlog(current_user, 'delete domaincontroller', domain_controller) db.session.delete(domain_controller) db.session.commit()
def _editDomain(self, id=None): query = request.get_json() if id is None: domain = Domain() action = 'create' else: domain = Domain.query.get(id) action = 'update' for upstream in domain.upstreams: db.session.delete(upstream) for alias in domain.aliases: db.session.delete(alias) db.session.commit() uri = query['uri'] htpasswd = query.get('htpasswd') ssl_key = query.get('ssl_key') aliases = query.get('aliases', []) domain_controller = query.get('domain_controller') domain.upstreams = [] for upstreamInfo in query.get('upstreams', []): upstream = Upstream() upstream.ip = upstreamInfo['ip'] upstream.port = upstreamInfo['port'] upstream.websocket = upstreamInfo['websocket'] or False upstream.location = upstreamInfo['location'] or '/' upstream.port_ssl = upstreamInfo['port_ssl'] or None upstream.state = upstreamInfo['state'] domain.upstreams.append(upstream) domain.aliases = [] for aliasInfo in aliases: alias = Alias() alias.uri = aliasInfo['uri'] domain.aliases.append(alias) domain.domain_controller = None if domain_controller: domain_controller = DomainController.query.get( domain_controller['id']) domain.domain_controller = domain_controller domain.uri = uri domain.htpasswd = htpasswd domain.ssl_key = ssl_key if id is None: if current_user.has_permission( CreateDomainPermission, getattr(domain.domain_controller, 'id')) is False: return abort(403) else: if current_user.has_permission( EditDomainPermission, getattr(domain.domain_controller, 'id')) is False: return abort(403) auditlog(current_user, '{} domain'.format(action), domain, request_details=request.get_json()) db.session.add(domain) db.session.commit() return domain
def delete(self, id): host = Host.query.get(id) auditlog(current_user, 'delete host', host) db.session.delete(host) db.session.commit()