コード例 #1
0
        def wrapped_f(*args):

            permission_granted = False

            tornado_handler = args[0]

            username = tornado_handler.get_current_user()

            user = Hierarchy.get_user(username)

            user_groups = Hierarchy.get_groups_of_user(username,
                                                       user.current_customer)

            for group in user_groups:

                if self._permission in group.permissions:

                    permission_granted = True
                    break

                elif Permission.Admin in group.permissions:

                    permission_granted = True
                    break

            if permission_granted:

                f(*args)

            else:

                self._permission_denied(tornado_handler)
コード例 #2
0
ファイル: decorators.py プロジェクト: MiguelMoll/vFense
        def wrapped_f(*args):

            permission_granted = False

            tornado_handler = args[0]

            username = tornado_handler.get_current_user()

            user = Hierarchy.get_user(username)

            user_groups = Hierarchy.get_groups_of_user(
                username,
                user.current_customer
            )

            for group in user_groups:

                if self._permission in group.permissions:

                    permission_granted = True
                    break

                elif Permission.Admin in group.permissions:

                    permission_granted = True
                    break

            if permission_granted:

                f(*args)

            else:

                self._permission_denied(tornado_handler)
コード例 #3
0
    def post(self):
        self.set_header('Content-Type', 'application/json')
        username = self.arguments.get("username", None)
        password = self.arguments.get("password", None)
        uri = self.arguments.get("uri", None)
        result = {}

        if uri:
            if self.get_current_user():
                self._response_authorized()
            else:
                self._response_unauthorized()

        elif username and password:
            username = username.encode('utf-8')
            password = password.encode('utf-8')
            authenticated = Hierarchy.authenticate_account(username, password)

            if authenticated:
                self.set_secure_cookie("user", username, secure=True)
                self._response_authorized()
            else:
                self._response_unauthorized()

        else:
            if not username:
                result['username'] = ['Username is required.']
            if not password:
                result['password'] = ['Password is required.']
            self.set_status(400)
            self.write(json.dumps(result))
コード例 #4
0
ファイル: handlers.py プロジェクト: MiguelMoll/vFense
    def post(self):
        self.set_header('Content-Type', 'application/json')
        username = self.arguments.get("username", None)
        password = self.arguments.get("password", None)
        uri = self.arguments.get("uri", None)
        result = {}

        if uri:
            if self.get_current_user():
                self._response_authorized()
            else:
                self._response_unauthorized()

        elif username and password:
            username = username.encode('utf-8')
            password = password.encode('utf-8')
            authenticated = Hierarchy.authenticate_account(username, password)

            if authenticated:
                self.set_secure_cookie("user", username, secure=True)
                self._response_authorized()
            else:
                self._response_unauthorized()

        else:
            if not username:
                result['username'] = ['Username is required.']
            if not password:
                result['password'] = ['Password is required.']
            self.set_status(400)
            self.write(json.dumps(result))
コード例 #5
0
ファイル: users_api.py プロジェクト: shadowliangliang/vFense
    def post(self):

        self.set_header('Content-Type', 'application/json')
        parameters = dict()

        username = self.get_current_user()
        password = self.get_argument('password', None)

        parameters['customer_context'] = self.get_argument('customer_context', None)

        parameters['password'] = self.get_argument('new_password', None)
        if parameters['password']:
            complexity_passed, complexity = check_password(parameters['password'])
            if not complexity_passed:
                result = {}
                result['pass'] = False
                result['message'] = 'Password must be 8 characters in length and contain lower and upper case characters: Strength = %s' % complexity,
                self.write(json.dumps(result, indent=4))
                return
            if password:

                if not Hierarchy.authenticate_account(username, password):

                    result = {}
                    result['pass'] = False
                    result['message'] = 'Incorrect username or password.'

                    self.write(json.dumps(result, indent=4))
                    return
            else:

                result = {}
                result['pass'] = False
                result['message'] = 'Current password not provided.'

                self.write(json.dumps(result, indent=4))
                return

        parameters['username'] = username

        parameters['fullname'] = self.get_argument('fullname', None)
        parameters['email'] = self.get_argument('email', None)

        parameters['current_customer_id'] = self.get_argument(
            'current_customer_id', None)

        parameters['customer_ids'] = None

        parameters['default_customer_id'] = self.get_argument(
            'default_customer_id', None
        )

        parameters['group_names'] = self.get_arguments('group_name', None)
        parameters['group_ids'] = self.get_arguments('group_id', None)

        result = api.User.edit(**parameters)

        self.write(json.dumps(result, indent=4))
コード例 #6
0
    def post(self):

        username = self.arguments.get("name", None)
        password = self.arguments.get("password", None)
        username = username.encode('utf-8')
        password = password.encode('utf-8')

        if username and password:

            authenticated = Hierarchy.authenticate_account(username, password)

            if authenticated:
                self.set_secure_cookie("user", username)
                return
            else:
                self.set_status(403)
                self.write("Invalid username and/or password .")
        else:

            self.set_status(403)
            self.write("Invalid username and/or password .")
コード例 #7
0
ファイル: handlers.py プロジェクト: MiguelMoll/vFense
    def post(self):

        username = self.arguments.get("name", None)
        password = self.arguments.get("password", None)
        username = username.encode('utf-8')
        password = password.encode('utf-8')

        if username and password:

            authenticated = Hierarchy.authenticate_account(username, password)

            if authenticated:
                self.set_secure_cookie("user", username)
                return
            else:
                self.set_status(403)
                self.write("Invalid username and/or password .")
        else:

            self.set_status(403)
            self.write("Invalid username and/or password .")
コード例 #8
0
def get_base_url(customer_name):

    return Hierarchy.get_customer_property(customer_name,
                                           CoreProperty.PackageUrl)
コード例 #9
0
ファイル: rv_db_calls.py プロジェクト: MiguelMoll/vFense
def get_base_url(customer_name):

    return Hierarchy.get_customer_property(
        customer_name,
        CoreProperty.PackageUrl
    )
コード例 #10
0
def initialize_db():
    os.umask(0)
    if not os.path.exists('/opt/TopPatch/var/tmp'):
        os.mkdir('/opt/TopPatch/var/tmp')
    if not os.path.exists('/opt/TopPatch/var/log'):
        os.mkdir('/opt/TopPatch/var/log')
    if not os.path.exists('/opt/TopPatch/var/rethinkdb'):
        os.mkdir('/opt/TopPatch/var/rethinkdb')
    if not os.path.exists('/opt/TopPatch/var/scheduler'):
        os.mkdir('/opt/TopPatch/var/scheduler')
    if not os.path.exists('/opt/TopPatch/var/packages'):
        os.mkdir('/opt/TopPatch/var/packages')
    if not os.path.exists('/opt/TopPatch/logs'):
        os.mkdir('/opt/TopPatch/logs')
    if not os.path.exists('/opt/TopPatch/var/packages/tmp'):
        os.mkdir('/opt/TopPatch/var/packages/tmp', 0773)
    if not os.path.exists('/opt/TopPatch/tp/src/plugins/cve/data/xls'):
        os.makedirs('/opt/TopPatch/tp/src/plugins/cve/data/xls', 0773)
    if not os.path.exists('/opt/TopPatch/tp/src/plugins/cve/data/xml'):
        os.mkdir('/opt/TopPatch/tp/src/plugins/cve/data/xml', 0773)
    if not os.path.exists('/opt/TopPatch/tp/src/plugins/cve/data/html/ubuntu'):
        os.makedirs('/opt/TopPatch/tp/src/plugins/cve/data/html/ubuntu', 0773)
    if not os.path.exists('/usr/lib/libpcre.so.1'):
        os.symlink('/opt/TopPatch/lib/libpcre.so.1', '/usr/lib') 
    if not os.path.exists('/etc/init.d/vFense'):
        subprocess.Popen(
            [
                'ln', '-s',
                '/opt/TopPatch/tp/src/daemon/vFense',
                '/etc/init.d/vFense'
            ],
        )
        subprocess.Popen(
            [
                'update-rc.d', 'vFense',
                'defaults'
            ],
        )
    if not os.path.exists('/etc/init.d/nginx'):
        subprocess.Popen(
            [
                'ln', '-s',
                '/opt/TopPatch/tp/src/daemon/nginx',
                '/etc/init.d/nginx'
            ],
        )
        subprocess.Popen(
            [
                'update-rc.d', 'nginx',
                'defaults'
            ],
        )
    try:
        tp_exists = pwd.getpwnam('toppatch')

    except Exception as e:
        subprocess.Popen(
            [
                'adduser', 'toppatch',
            ],
        )

    os.chdir(RETHINK_PATH)
    rethink_init = subprocess.Popen(['./rethinkdb', 'create',
                                     '-d', RETHINK_INSTANCES_PATH],
                                    stdout=subprocess.PIPE)
    rethink_init.poll()
    rethink_init.wait()
    if rethink_init.returncode == 0:
        rethink_start = subprocess.Popen(['./rethinkdb', '--config-file',
                                          RETHINK_CONF,
                                          '--web-static-directory',
                                          RETHINK_WEB])
        rethink_start.poll()
        completed = True
        sleep(2)
        while not db_connect():
            print 'Sleeping until rethink starts'
            sleep(2)
    else:
        completed = False
        msg = 'Failed during Rethink initialization'
        return(completed, msg)
    if completed:
        conn = r.connect(port=9009)
        r.db_create('toppatch_server').run(conn)
        db = r.db('toppatch_server')
        conn.close()
        ci.initialize_indexes_and_create_tables()
        conn = db_connect()

        hierarchy_db.init()
        Hierarchy.create_customer(
            DefaultCustomer,
            {
                CoreProperty.NetThrottle: '0',
                CoreProperty.CpuThrottle: 'idle',
                CoreProperty.PackageUrl: url
            }
        )
        admin_pass = args.admin_password
        Hierarchy.create_user(
            'admin',
            'TopPatch Admin Account',
            '*****@*****.**',
            admin_pass,
            groups=[DefaultGroup.Administrator]
        )

        if args.cve_data:
            print "Updating CVE's..."
            load_up_all_xml_into_db()
            print "Done Updating CVE's..."
            print "Updating Microsoft Security Bulletin Ids..."
            parse_bulletin_and_updatedb()
            print "Done Updating Microsoft Security Bulletin Ids..."
            print "Updating Ubuntu Security Bulletin Ids...( This can take a couple of minutes )"
            begin_usn_home_page_processing(full_parse=True)
            print "Done Updating Ubuntu Security Bulletin Ids..."

        print 'Admin user and password = admin:%s' % (admin_pass)
        agent_pass = generate_pass()
        agent = Hierarchy.create_user(
            'agent',
            'TopPatch Agent Communication Account',
            '*****@*****.**',
            agent_pass,
            groups=[DefaultGroup.Administrator]
        )
        print 'Agent user and password = agent:%s' % (agent_pass)

        monit.monit_initialization()

        conn.close()
        completed = True

        msg = 'Rethink Initialization and Table creation is now complete'
        pid = open(RETHINK_PID_FILE, 'r').read()
        if re.search(r'[0-9]+', pid):
            try:
                os.kill(int(pid), signal.SIGTERM)
                os.remove(RETHINK_PID_FILE)
            except Exception as e:
                if e.errno == 3:
                    os.remove(RETHINK_PID_FILE)
            rql_msg = 'Rethink stopped successfully\n'
        else:
            rql_msg = 'Rethink could not be stopped\n'
        print rql_msg

        return completed, msg
    else:
        completed = False
        msg = 'Failed during Rethink startup process'
        return completed, msg
コード例 #11
0
def initialize_db():
    os.umask(0)
    if not os.path.exists('/opt/TopPatch/var/tmp'):
        os.mkdir('/opt/TopPatch/var/tmp')
    if not os.path.exists('/opt/TopPatch/var/log'):
        os.mkdir('/opt/TopPatch/var/log')
    if not os.path.exists('/opt/TopPatch/var/rethinkdb'):
        os.mkdir('/opt/TopPatch/var/rethinkdb')
    if not os.path.exists('/opt/TopPatch/var/scheduler'):
        os.mkdir('/opt/TopPatch/var/scheduler')
    if not os.path.exists('/opt/TopPatch/var/packages'):
        os.mkdir('/opt/TopPatch/var/packages')
    if not os.path.exists('/opt/TopPatch/logs'):
        os.mkdir('/opt/TopPatch/logs')
    if not os.path.exists('/opt/TopPatch/var/packages/tmp'):
        os.mkdir('/opt/TopPatch/var/packages/tmp', 0773)
    if not os.path.exists('/opt/TopPatch/tp/src/plugins/cve/data/xls'):
        os.makedirs('/opt/TopPatch/tp/src/plugins/cve/data/xls', 0773)
    if not os.path.exists('/opt/TopPatch/tp/src/plugins/cve/data/xml'):
        os.mkdir('/opt/TopPatch/tp/src/plugins/cve/data/xml', 0773)
    if not os.path.exists('/opt/TopPatch/tp/src/plugins/cve/data/html/ubuntu'):
        os.makedirs('/opt/TopPatch/tp/src/plugins/cve/data/html/ubuntu', 0773)
    if not os.path.exists('/usr/lib/libpcre.so.1'):
        os.symlink('/opt/TopPatch/lib/libpcre.so.1', '/usr/lib')
    if not os.path.exists('/etc/init.d/vFense'):
        subprocess.Popen([
            'ln', '-s', '/opt/TopPatch/tp/src/daemon/vFense',
            '/etc/init.d/vFense'
        ], )
        subprocess.Popen(['update-rc.d', 'vFense', 'defaults'], )
    if not os.path.exists('/etc/init.d/nginx'):
        subprocess.Popen([
            'ln', '-s', '/opt/TopPatch/tp/src/daemon/nginx',
            '/etc/init.d/nginx'
        ], )
        subprocess.Popen(['update-rc.d', 'nginx', 'defaults'], )
    try:
        tp_exists = pwd.getpwnam('toppatch')

    except Exception as e:
        subprocess.Popen([
            'adduser',
            'toppatch',
        ], )

    os.chdir(RETHINK_PATH)
    rethink_init = subprocess.Popen(
        ['./rethinkdb', 'create', '-d', RETHINK_INSTANCES_PATH],
        stdout=subprocess.PIPE)
    rethink_init.poll()
    rethink_init.wait()
    if rethink_init.returncode == 0:
        rethink_start = subprocess.Popen([
            './rethinkdb', '--config-file', RETHINK_CONF,
            '--web-static-directory', RETHINK_WEB
        ])
        rethink_start.poll()
        completed = True
        sleep(2)
        while not db_connect():
            print 'Sleeping until rethink starts'
            sleep(2)
    else:
        completed = False
        msg = 'Failed during Rethink initialization'
        return (completed, msg)
    if completed:
        conn = r.connect(port=9009)
        r.db_create('toppatch_server').run(conn)
        db = r.db('toppatch_server')
        conn.close()
        ci.initialize_indexes_and_create_tables()
        conn = db_connect()

        hierarchy_db.init()
        Hierarchy.create_customer(
            DefaultCustomer, {
                CoreProperty.NetThrottle: '0',
                CoreProperty.CpuThrottle: 'idle',
                CoreProperty.PackageUrl: url
            })
        admin_pass = args.admin_password
        Hierarchy.create_user('admin',
                              'TopPatch Admin Account',
                              '*****@*****.**',
                              admin_pass,
                              groups=[DefaultGroup.Administrator])

        if args.cve_data:
            print "Updating CVE's..."
            load_up_all_xml_into_db()
            print "Done Updating CVE's..."
            print "Updating Microsoft Security Bulletin Ids..."
            parse_bulletin_and_updatedb()
            print "Done Updating Microsoft Security Bulletin Ids..."
            print "Updating Ubuntu Security Bulletin Ids...( This can take a couple of minutes )"
            begin_usn_home_page_processing(full_parse=True)
            print "Done Updating Ubuntu Security Bulletin Ids..."

        print 'Admin user and password = admin:%s' % (admin_pass)
        agent_pass = generate_pass()
        agent = Hierarchy.create_user('agent',
                                      'TopPatch Agent Communication Account',
                                      '*****@*****.**',
                                      agent_pass,
                                      groups=[DefaultGroup.Administrator])
        print 'Agent user and password = agent:%s' % (agent_pass)

        monit.monit_initialization()

        conn.close()
        completed = True

        msg = 'Rethink Initialization and Table creation is now complete'
        pid = open(RETHINK_PID_FILE, 'r').read()
        if re.search(r'[0-9]+', pid):
            try:
                os.kill(int(pid), signal.SIGTERM)
                os.remove(RETHINK_PID_FILE)
            except Exception as e:
                if e.errno == 3:
                    os.remove(RETHINK_PID_FILE)
            rql_msg = 'Rethink stopped successfully\n'
        else:
            rql_msg = 'Rethink could not be stopped\n'
        print rql_msg

        return completed, msg
    else:
        completed = False
        msg = 'Failed during Rethink startup process'
        return completed, msg