def post(self):
data = json.loads(self.request.body)
userName = data.get('name')
password = data.get('pass')
form_id = 'user_login'
if not userName:
raises.Unauthorized(message.req_username())
elif not password:
raises.Unauthorized(message.req_password())
params = {
"name": userName,
"pass": password,
"form_id": form_id,
}
headers = {'Content-Type': 'application/x-www-form-urlencoded'}
response = requests.post('https://identity.linuxfoundation.org',
data=params,
headers=headers)
response_text = response.content
if "unrecognized username or password" in response_text:
raises.Unauthorized(message.invalid_credentials())
# generate random token and store in memcache
token = base.get_token()
resp = {'status': 'success'}
mc = memcache.Client(['127.0.0.1:11211'], debug=0)
mc.set("token", token)
self.set_header("token", token)
self.finish_request(resp)
def wrapper(self, *args, **kwargs):
if CONF.api_authenticate and self.table in [
'pods', 'projects', 'testcases', 'scenarios'
]:
testapi_id = self.get_secure_cookie(constants.TESTAPI_ID)
if not testapi_id:
raises.Unauthorized(message.not_login())
user_info = yield dbapi.db_find_one('users', {'user': testapi_id})
if not user_info:
raises.Unauthorized(message.not_lfid())
if method.__name__ == "_create":
kwargs['owner'] = testapi_id
if self.table in ['projects']:
query = kwargs.get('query')
if type(query) is not dict:
query_data = query()
else:
if self.json_args is None:
query_data = query
else:
query_data = self.json_args
group = "opnfv-gerrit-" + query_data['name'] + "-submitters"
if group not in user_info['groups']:
raises.Unauthorized(message.no_permission())
ret = yield gen.coroutine(method)(self, *args, **kwargs)
raise gen.Return(ret)
def wrapper(self, *args, **kwargs):
if self.table in ['pods']:
testapi_id = self.get_secure_cookie(constants.TESTAPI_ID)
if not testapi_id:
raises.Unauthorized(message.not_login())
user_info = yield dbapi.db_find_one('users', {'user': testapi_id})
if not user_info:
raises.Unauthorized(message.not_lfid())
kwargs['owner'] = testapi_id
ret = yield gen.coroutine(method)(self, *args, **kwargs)
raise gen.Return(ret)
def get(self):
openid = self.get_secure_cookie('openid')
if openid:
try:
user = yield dbapi.db_find_one(self.table, {'openid': openid})
self.finish_request({
"openid":
user.get('openid'),
"email":
user.get('email'),
"fullname":
user.get('fullname'),
"role":
user.get('role', 'user'),
"type":
self.get_secure_cookie('signin_type'),
"companyName":
user.get('companyName'),
"companyWebsite":
user.get('companyWebsite'),
"primaryContactName":
user.get('primaryContactName'),
"primaryBusinessEmail":
user.get('primaryBusinessEmail'),
"primaryPostalAddress":
user.get('primaryPostalAddress'),
"primaryPhoneNumber":
user.get('primaryPhoneNumber')
})
except Exception:
pass
raises.Unauthorized('Unauthorized')
def _post(self):
query = {'openid': self.json_args['reviewer_openid']}
user = yield dbapi.db_find_one('users', query)
if not user:
raises.Forbidden(message.unauthorized())
role = self.get_secure_cookie(auth_const.ROLE)
if 'reviewer' not in role.split(','):
raises.Unauthorized(message.no_auth())
test = yield dbapi.db_find_one('tests',
{'id': self.json_args['test_id']})
if test['owner'] == self.json_args['reviewer_openid']:
self.finish_request({
'code': 403,
'msg': 'No permision to review own results'
})
return
query = {
'reviewer_openid': self.json_args['reviewer_openid'],
'test_id': self.json_args['test_id']
}
review = yield dbapi.db_find_one(self.table, query)
if review:
if review['outcome'] != self.json_args['outcome']:
yield dbapi.db_update(
self.table, query, {
'$set': {
'outcome': self.json_args['outcome'],
'creation_date': datetime.now()
}
})
self.finish_request()
else:
self.json_args['reviewer_name'] = user['fullname']
self.json_args['reviewer_email'] = user['email']
self._create(miss_fields=[], carriers=[])
def post(self):
input_token = self.request.headers._dict['Token']
mc = memcache.Client(['127.0.0.1:11211'], debug=0)
token = mc.get("token")
if not token or not input_token == token:
raises.Unauthorized(message.invalid_token())
mc.set("token", '')
resp = {'Message': 'You have been logged out successfully.'}
self.finish_request(resp)
def get(self):
if CONF.api_authenticate:
username = self.get_secure_cookie(constants.TESTAPI_ID)
if username:
self._get_one(query={'user': username})
else:
raises.Unauthorized('Unauthorized')
else:
self.finish_request(
User('anonymous', '*****@*****.**',
'anonymous lf', constants.TESTAPI_USERS).format())
def wrapper(self, *args, **kwargs):
if self.auth:
try:
token = self.request.headers['X-Auth-Token']
except KeyError:
raises.Unauthorized(message.unauthorized())
query = {'access_token': token}
check = yield self._eval_db_find_one(query, 'tokens')
if not check:
raises.Forbidden(message.invalid_token())
ret = yield gen.coroutine(method)(self, *args, **kwargs)
raise gen.Return(ret)
def put(self):
db_keys = []
openid = self.get_secure_cookie(auth_const.OPENID)
if openid:
query = {'openid': openid}
user = yield dbapi.db_find_one(self.table, query)
if not user:
raises.NotFound(message.not_found(self.table, query))
self._update(query=query, db_keys=db_keys)
else:
raises.Unauthorized(message.no_auth())
def get(self):
"""
@description: Retrieve result(s) for a test project
on a specific pod.
@notes: Retrieve result(s) for a test project on a specific pod.
Available filters for this request are :
- id : Test id
- period : x last days, incompatible with from/to
- from : starting time in 2016-01-01 or 2016-01-01 00:01:23
- to : ending time in 2016-01-01 or 2016-01-01 00:01:23
- signed : get logined user result
GET /results/project=functest&case=vPing&version=Arno-R1 \
&pod=pod_name&period=15&signed
@return 200: all test results consist with query,
empty list if no result is found
@rtype: L{Tests}
"""
def descend_limit():
descend = self.get_query_argument('descend', 'true')
return -1 if descend.lower() == 'true' else 1
def last_limit():
return self.get_int('last', self.get_query_argument('last', 0))
def page_limit():
return self.get_int('page', self.get_query_argument('page', 0))
limitations = {
'sort': {
'_id': descend_limit()
},
'last': last_limit(),
'page': page_limit(),
'per_page': CONF.api_results_per_page
}
curr_user = self.get_secure_cookie(auth_const.OPENID)
if curr_user is None:
raises.Unauthorized(message.no_auth())
review = self.request.query_arguments.pop('review', None)
query = yield self.set_query()
if review:
yield self._list(query=query,
res_op=self.check_review,
**limitations)
else:
yield self._list(query=query, **limitations)
logging.debug('list end')
def delete(self, result_id):
curr_user = self.get_secure_cookie(auth_const.OPENID)
curr_user_role = self.get_secure_cookie(auth_const.ROLE)
if curr_user is not None:
query = {'_id': objectid.ObjectId(result_id)}
test_data = yield dbapi.db_find_one(self.table, query)
if not test_data:
raises.NotFound(message.not_found(self.table, query))
if curr_user == test_data['owner'] or \
curr_user_role.find('administrator') != -1:
self._delete(query=query)
else:
raises.Forbidden(message.no_auth())
else:
raises.Unauthorized(message.no_auth())
def _del(self):
query = {'openid': self.json_args['reviewer_openid']}
user = yield dbapi.db_find_one('users', query)
if not user:
raises.Forbidden(message.unauthorized())
role = self.get_secure_cookie(auth_const.ROLE)
if 'reviewer' not in role.split(','):
raises.Unauthorized(message.no_auth())
test = yield dbapi.db_find_one(
'tests', {'id': self.json_args['test_id']})
if test['owner'] == self.json_args['reviewer_openid']:
self.finish_request({'code': 403,
'msg': 'No permision to review own results'})
return
query = {
'reviewer_openid': self.json_args['reviewer_openid'],
'test_id': self.json_args['test_id']
}
yield dbapi.db_delete(self.table, query)
self.finish_request()
def get(self):
openid = self.get_secure_cookie('openid')
if openid:
try:
user = yield dbapi.db_find_one(self.table, {'openid': openid})
self.finish_request({
"openid":
user.get('openid'),
"email":
user.get('email'),
"fullname":
user.get('fullname'),
"role":
user.get('role', 'user'),
"type":
self.get_secure_cookie('signin_type')
})
except Exception:
pass
raises.Unauthorized('Unauthorized')
def post(self):
"""
@description: create a test
@param body: test to be created
@type body: L{TestCreateRequest}
@in body: body
@rtype: L{CreateResponse}
@return 200: test is created.
@raise 404: pod/project/testcase not exist
@raise 400: body/pod_name/project_name/case_name not provided
"""
mc = memcache.Client(['127.0.0.1:11211'], debug=0)
token = mc.get("token")
openid = self.request.headers._dict['Openid']
if openid:
self.json_args['owner'] = openid
input_token = self.request.headers._dict['Token']
if not token or not input_token == token:
raises.Unauthorized(message.invalid_token())
self._post()
def post(self):
"""
@description: upload and create a test result
@param body: result to be created
@type body: L{ResultCreateRequest}
@in body: body
@rtype: L{CreateResponse}
@return 200: result is created.
@raise 404: pod/project/testcase not exist
@raise 400: body/pod_name/project_name/case_name not provided
"""
mc = memcache.Client(['127.0.0.1:11211'], debug=0)
token = mc.get("token")
input_token = self.request.headers._dict['Token']
if not token or not input_token == token:
raises.Unauthorized(message.invalid_token())
file_array = self.request.files.get('file', None)
if file_array is None:
msg = 'Please upload a file.'
self.finish_request({'code': 403, 'msg': msg})
return
fileinfo = file_array[0]
try:
tar_in = tarfile.open(fileobj=io.BytesIO(fileinfo['body']),
mode="r:gz")
except tarfile.ReadError:
msg = 'Please upload a valid gzip file.'
self.finish_request({'code': 403, 'msg': msg})
return
try:
# Deal with results that are in the 'root' of the tar
# file, instead of in results/
missing_results_dir = ''
tar_files = tar_in.getnames()
if 'results/results.json' not in tar_files:
missing_results_dir = '/results'
results = tar_in.extractfile('results.json').read()
else:
results = tar_in.extractfile('results/results.json').read()
except KeyError:
msg = 'Uploaded results must contain at least one passing test.'
self.finish_request({'code': 403, 'msg': msg})
return
# results = results.split('\n')
result_ids = []
version = ''
vnf_type = None
vnf_checksum = None
try:
self.json_args = json.loads(results).copy()
openid = self.get_secure_cookie(auth_const.OPENID)
if openid:
self.json_args['owner'] = openid
if self.is_onap:
self.json_args['is_onap'] = 'true'
vnf_type = self.json_args['vnf_type']
vnf_checksum = self.json_args['vnf_checksum']
# the result files used in the first release of OVP did not
# specify an OVP version
if (self.json_args['version'] == 'master'
or self.json_args['version'] == 'unknown'):
version = '2018.01'
else:
version = self.json_args['version']
build_tag = self.json_args['build_tag']
_id = yield self._inner_create()
result_ids.append(str(_id))
except ValueError:
msg = 'Uploaded results don''t appear to contain a '\
'valid results.json file!'
self.finish_request({'code': 403, 'msg': msg})
return
# Build a test id from the build_tag, where this field takes a couple
# of different formats between Dovetail NFVI testing and VNF testing.
# If a valid UUID isn't part of the build_tag, we will generate one
# here.
test_id_match = re.search('[0-9A-F]{8}-[0-9A-F]{4}-[0-9A-F]{4}-'
'[0-9A-F]{4}-[0-9A-F]{12}', build_tag)
if not test_id_match:
print('test_id doesn''t look to be a valid UUID, generating a '
'new one...')
test_id = str(uuid.uuid4())
else:
test_id = test_id_match.group(1)
log_path = '/home/testapi/logs/%s%s' % (test_id, missing_results_dir)
tar_in.extractall(log_path)
log_filename = "/home/testapi/logs/log_%s.tar.gz" % (test_id)
with open(log_filename, "wb") as tar_out:
tar_out.write(fileinfo['body'])
resp = {'id': test_id, 'results': result_ids, 'version': version}
if vnf_type:
resp['vnf_type'] = vnf_type
resp['vnf_checksum'] = vnf_checksum
self.finish_request(resp)
def get(self):
username = self.get_secure_cookie(constants.TESTAPI_ID)
if username:
self._get_one(query={'user': username})
else:
raises.Unauthorized('Unauthorized')
