def post_user():
# First we look for the user sid
# so we bail out if it's a false one
user = app.get_user_auth()
if not user:
redirect("/user/login")
return
# Take the user that send the post and not the
# form value for secutiry reason of course :)
username = user.get('username')
email = app.request.forms.get('email')
password = app.request.forms.get('password')
password2 = app.request.forms.get('password2')
password_hash = None
if password:
password_hash = hashlib.sha512(password).hexdigest()
if password != password2:
abort(400, 'Wrong password')
print "Get a user %s update with email %s and hash %s" % (username, email, password_hash)
app.update_user(username, password_hash, email)
return
def get_commands(time_stamps, hosts, services, return_codes, outputs):
"""Composing a command list based on the information received in
POST request"""
commands = []
current_time_stamp = int(time.time())
def _compose_command(t, h, s, r, o):
"""Simple function to create a command from the inputs"""
cmd = ""
if not s or s == "":
cmd = '[%s] PROCESS_HOST_CHECK_RESULT;%s;%s;%s' % (
t if t is not None else current_time_stamp, h, r, o)
else:
cmd = '[%s] PROCESS_SERVICE_CHECK_RESULT;%s;%s;%s;%s' % (
t if t is not None else current_time_stamp, h, s, r, o)
logger.debug("[Ws_arbiter] CMD: %s" % (cmd))
commands.append(cmd)
# Trivial case: empty commmand list
if (return_codes is None or len(return_codes) == 0):
return commands
# Sanity check: if we get N return codes, we must have N hosts.
# The other values could be None
if (len(return_codes) != len(hosts)):
logger.error(
"[Ws_arbiter] number of return codes (%d) does not match number of hosts (%d)"
% (len(return_codes), len(hosts)))
abort(400, "number of return codes does not match number of hosts")
map(_compose_command, time_stamps, hosts, services, return_codes, outputs)
logger.debug("[Ws_arbiter] commands = %s" % (str(commands)))
return commands
def get_commands(time_stamps, hosts, services, return_codes, outputs):
"""Composing a command list based on the information received in
POST request"""
commands = []
current_time_stamp = int(time.time())
def _compose_command(t, h, s, r, o):
"""Simple function to create a command from the inputs"""
cmd = ""
if not s or s == "":
cmd = '[%s] PROCESS_HOST_CHECK_RESULT;%s;%s;%s' % (t if t is not None else current_time_stamp, h, r, o)
else:
cmd = '[%s] PROCESS_SERVICE_CHECK_RESULT;%s;%s;%s;%s' % (t if t is not None else current_time_stamp, h, s, r, o)
logger.debug("[Ws_arbiter] CMD: %s" % (cmd))
commands.append(cmd)
# Trivial case: empty commmand list
if (return_codes is None or len(return_codes) == 0):
return commands
# Sanity check: if we get N return codes, we must have N hosts.
# The other values could be None
if (len(return_codes) != len(hosts)):
logger.error("[Ws_arbiter] number of return codes (%d) does not match number of hosts (%d)" % (len(return_codes), len(hosts)))
abort(400, "number of return codes does not match number of hosts")
map(_compose_command, time_stamps, hosts, services, return_codes, outputs)
logger.debug("[Ws_arbiter] commands = %s" % (str(commands)))
return commands
def post_user():
# First we look for the user sid
# so we bail out if it's a false one
user = app.get_user_auth()
if not user:
redirect("/user/login")
return
# Take the user that send the post and not the
# form value for security reason of course :)
username = user.get('username')
email = app.request.forms.get('email')
password = app.request.forms.get('password')
password2 = app.request.forms.get('password2')
password_hash = None
if password:
password_hash = hashlib.sha512(password).hexdigest()
if password != password2:
abort(400, 'Wrong password')
print "Get a user %s update with email %s and hash %s" % (username, email,
password_hash)
app.update_user(username, password_hash, email)
return
def download_pack(pid):
pack = app.datamgr.get_pack_by_id(pid)
if not pack:
abort(400, "Unknown pack!")
path = pack.get("filepath")
filename = pack.get("filename")
return static_file(path, root="/", download=filename)
def download_pack(pid):
pack = app.datamgr.get_pack_by_id(pid)
if not pack:
abort(400, 'Unknown pack!')
path = pack.get('filepath')
filename = pack.get('filename')
return static_file(path, root='/', download=filename)
def search_get(q):
app.response.content_type = 'application/json'
# First look if the api_key is good or not
api_key = app.request.GET.get('api_key')
if not api_key or not app.get_user_by_key(api_key):
abort(401, 'You need a valid API KEY to query. Please register')
search = q
return do_search(search)
def search_get(q):
app.response.content_type = 'application/json'
# First look if the api_key is good or not
api_key = app.request.GET.get('api_key')
if not api_key or not app.get_user_by_key(api_key):
abort(401, 'You need a valid API KEY to query. Please register')
search = q
return do_search(search)
def search_post():
app.response.content_type = 'application/json'
# First look if the api_key is good or not
api_key = app.request.forms.get('api_key')
if not api_key or not app.get_user_by_key(api_key):
abort(401, 'You need a valid API KEY to query. Please register')
# Ok the guy is valid :)
search = app.request.forms.get('search')
return do_search(search)
def search_post():
app.response.content_type = 'application/json'
# First look if the api_key is good or not
api_key = app.request.forms.get('api_key')
if not api_key or not app.get_user_by_key(api_key):
abort(401, 'You need a valid API KEY to query. Please register')
# Ok the guy is valid :)
search = app.request.forms.get('search')
return do_search(search)
def save_object(cls, name):
print "Save object for", cls, name
# First we check if the elements is being renamed
old_name = name
key = keys[cls]
new_name = app.request.forms.get(key, None)
# For service, we must force the old_name and the new_one :(
if key == '':
new_name = name
print "NEw and old", new_name, old_name
# For service we must avoid the key check :(
if not new_name:
print 'Missing the property %s' % key
abort(400, 'Missing the property %s' % key)
print "After?"
t = getattr(app.db, cls)
d = t.find_one({'_id' : old_name})
# Maybe we renamed the element? If so, we
# must delete the old entry before saving teh new one
if new_name != old_name:
t.remove({'_id' : old_name})
print 'In db', d
bd_entry = {'_id' : new_name}
if d:
print 'We got an entry in db', d
db_entry = d
bd_entry['_id'] = new_name
print 'Dump form', app.request.forms.__dict__
for k in app.request.forms:
#print "K", k
v = str(app.request.forms.get(k))
# the value can be '' or something else.
# -> '' means not set
# -> else set the value :)
if v == '' and k in bd_entry:
del bd_entry[k]
if v != '':
bd_entry[k] = v
print 'We will save our object in db'
print bd_entry
t.save(bd_entry)
def save_object(cls, name):
print "Save object for", cls, name
# First we check if the elements is being renamed
old_name = name
key = keys[cls]
new_name = app.request.forms.get(key, None)
# For service, we must force the old_name and the new_one :(
if key == '':
new_name = name
print "NEw and old", new_name, old_name
# For service we must avoid the key check :(
if not new_name:
print 'Missing the property %s' % key
abort(400, 'Missing the property %s' % key)
print "After?"
t = getattr(app.db, cls)
d = t.find_one({'_id': old_name})
# Maybe we renamed the element? If so, we
# must delete the old entry before saving teh new one
if new_name != old_name:
t.remove({'_id': old_name})
print 'In db', d
bd_entry = {'_id': new_name}
if d:
print 'We got an entry in db', d
db_entry = d
bd_entry['_id'] = new_name
print 'Dump form', app.request.forms.__dict__
for k in app.request.forms:
#print "K", k
v = str(app.request.forms.get(k))
# the value can be '' or something else.
# -> '' means not set
# -> else set the value :)
if v == '' and k in bd_entry:
del bd_entry[k]
if v != '':
bd_entry[k] = v
print 'We will save our object in db'
print bd_entry
t.save(bd_entry)
def do_register():
username = app.request.forms.get('username')
email = app.request.forms.get('email')
password = app.request.forms.get('password')
password_hash = hashlib.sha512(password).hexdigest()
cli_mode = app.request.forms.get('cli_mode', '0')
print "Get a new user %s with email %s and hash %s" % (username, email, password_hash)
if not app.is_name_available(username):
if cli_mode == '1':
abort(400, 'Sorry, this username is not available')
redirect('/register?error=Sorry, this username is not available')
app.register_user(username, password_hash, email)
if cli_mode == '1':
abort(200, 'Registering success, please look at your email and click in the link in it to validate your account')
redirect('/register?success=Registering success, please look at your email and click in the link in it to validate your account')
def search_tags():
app.response.content_type = 'application/json'
# First look if the api_key is good or not
api_key = app.request.forms.get('api_key')
if not api_key or not app.get_user_by_key(api_key):
abort(401, 'You need a valid API KEY to query. Please register')
nb = app.request.forms.get('nb')
if nb:
nb = int(nb)
if not nb or nb > 50:
print "Sorry, your tag ask is too big"
return json.dumps([])
print "Lookup for %s tags" % nb
# TODO : less PERFORMANCE KILLER QUERY!
packs = app.datamgr.get_packs()
all_tags = {}
for p in packs:
if p.get('state') not in ['ok', 'pending']:
continue
tags = p.get('path', '').split('/')
tags = [c for c in tags if c != '']
tags.append(p.get('pack_name'))
for t in tags:
if not t in all_tags:
all_tags[t] = (t, 0)
new_size = all_tags[t][1] + 1
all_tags[t] = (t, new_size)
flat_tags = all_tags.values()
flat_tags.sort(tag_sort)
print "FLAT TAGS", flat_tags, len(flat_tags)
# Take the last nb ones
res = flat_tags[:nb]
return json.dumps(res)
def search_categories():
app.response.content_type = 'application/json'
# First look if the api_key is good or not
api_key = app.request.forms.get('api_key')
if not api_key or not app.get_user_by_key(api_key):
abort(401, 'You need a valid API KEY to query. Please register')
root = app.request.forms.get('root')
if not root:
print "Lookup categories but missing root!"
return json.dumps([])
print "Lookup for categories from root", root, "in pack"
# TODO : less PERFORMANCE KILLER QUERY!
packs = app.datamgr.get_packs()
tree = {'name' : '/', 'nb' : 0, 'sons' : {}}
for p in packs:
if p.get('state') not in ['ok', 'pending']:
continue
cats = p.get('path', '').split('/')
cats = [c for c in cats if c != '']
pos = tree
name = ''
for cat in cats:
name += '/'+cat
print "Doing cat", cat
# If not already declared, add my node
if cat not in pos['sons']:
pos['sons'][cat] = {'name' : name, 'nb' : 0, 'sons' : {}}
pos['sons'][cat]['nb'] += 1
# Now go deeper in the tree :)
print "Were I came from", pos
pos = pos['sons'][cat]
print "My new pos", pos
print "Tree", tree
return json.dumps(tree)
def search_tags():
app.response.content_type = 'application/json'
# First look if the api_key is good or not
api_key = app.request.forms.get('api_key')
if not api_key or not app.get_user_by_key(api_key):
abort(401, 'You need a valid API KEY to query. Please register')
nb = app.request.forms.get('nb')
if nb:
nb = int(nb)
if not nb or nb > 50:
print "Sorry, your tag ask is too big"
return json.dumps([])
print "Lookup for %s tags" % nb
# TODO: less PERFORMANCE KILLER QUERY!
packs = app.datamgr.get_packs()
all_tags = {}
for p in packs:
if p.get('state') not in ['ok', 'pending']:
continue
tags = p.get('path', '').split('/')
tags = [c for c in tags if c != '']
tags.append(p.get('pack_name'))
for t in tags:
if not t in all_tags:
all_tags[t] = (t, 0)
new_size = all_tags[t][1] + 1
all_tags[t] = (t, new_size)
flat_tags = all_tags.values()
flat_tags.sort(tag_sort)
print "FLAT TAGS", flat_tags, len(flat_tags)
# Take the last nb ones
res = flat_tags[:nb]
return json.dumps(res)
def search_categories():
app.response.content_type = 'application/json'
# First look if the api_key is good or not
api_key = app.request.forms.get('api_key')
if not api_key or not app.get_user_by_key(api_key):
abort(401, 'You need a valid API KEY to query. Please register')
root = app.request.forms.get('root')
if not root:
print "Lookup categories but missing root!"
return json.dumps([])
print "Lookup for categories from root", root, "in pack"
# TODO: less PERFORMANCE KILLER QUERY!
packs = app.datamgr.get_packs()
tree = {'name': '/', 'nb': 0, 'sons': {}}
for p in packs:
if p.get('state') not in ['ok', 'pending']:
continue
cats = p.get('path', '').split('/')
cats = [c for c in cats if c != '']
pos = tree
name = ''
for cat in cats:
name += '/' + cat
print "Doing cat", cat
# If not already declared, add my node
if cat not in pos['sons']:
pos['sons'][cat] = {'name': name, 'nb': 0, 'sons': {}}
pos['sons'][cat]['nb'] += 1
# Now go deeper in the tree :)
print "Were I came from", pos
pos = pos['sons'][cat]
print "My new pos", pos
print "Tree", tree
return json.dumps(tree)
def save_new_object(cls):
print "Save new object for", cls
t = getattr(app.db, cls)
# Try to get the name of this new object
key = keys[cls]
name = app.request.forms.get(key, None)
# For service such a check must be avoid because there is no real key
if key != '':
if name is None or name == '':
abort(400, "Missing property %s" % key)
d = t.find_one({'_id': name})
# Save a new object means that there should not be old one
# with the same name of course. Or it should be an edit, not a "new"
if d is not None:
abort(400, "Already an object with the same name '%s'" % name)
# Ok, we can save it!
save_object(cls, name)
def get_page():
# We get all value we want
time_stamp = request.forms.get('time_stamp', int(time.time()))
host_name = request.forms.get('host_name', None)
service_description = request.forms.get('service_description', None)
return_code = request.forms.get('return_code', -1)
output = request.forms.get('output', None)
# We check for auth if it's not anonymously allowed
if app.username != 'anonymous':
basic = parse_auth(request.environ.get('HTTP_AUTHORIZATION', ''))
# Maybe the user not even ask for user/pass. If so, bail out
if not basic:
abort(401, 'Authentication required')
# Maybe he do not give the good credential?
if basic[0] != app.username or basic[1] != app.password:
abort(403, 'Authentication denied')
# Ok, here it's an anonymouscall, or a registred one, but mayeb teh query is false
if time_stamp == 0 or not host_name or not output or return_code == -1:
abort(400, "Incorrect syntax")
# Maybe we got an host, maybe a service :)
if not service_description:
cmd = '[%s] PROCESS_HOST_CHECK_RESULT;%s;%s;%s' % (time_stamp, host_name, return_code, output)
else:
cmd = '[%s] PROCESS_SERVICE_CHECK_RESULT;%s;%s;%s;%s' % (time_stamp, host_name, service_description, return_code, output)
# Now create the external command and put it in our main queue()
# so the arbiter will read it :)
ext = ExternalCommand(cmd)
app.from_q.put(ext)
def get_page():
# We get all value we want
time_stamp = request.forms.get('time_stamp', int(time.time()))
host_name = request.forms.get('host_name', None)
service_description = request.forms.get('service_description', None)
return_code = request.forms.get('return_code', -1)
output = request.forms.get('output', None)
# We check for auth if it's not anonymously allowed
if app.username != 'anonymous':
basic = parse_auth(request.environ.get('HTTP_AUTHORIZATION', ''))
# Maybe the user not even ask for user/pass. If so, bail out
if not basic:
abort(401, 'Authentication required')
# Maybe he do not give the good credential?
if basic[0] != app.username or basic[1] != app.password:
abort(403, 'Authentication denied')
# Ok, here it's an anonymouscall, or a registred one, but mayeb teh query is false
if time_stamp == 0 or not host_name or not output or return_code == -1:
abort(400, "Incorrect syntax")
# Maybe we got an host, maybe a service :)
if not service_description:
cmd = '[%s] PROCESS_HOST_CHECK_RESULT;%s;%s;%s' % (time_stamp, host_name, return_code, output)
else:
cmd = '[%s] PROCESS_SERVICE_CHECK_RESULT;%s;%s;%s;%s' % (time_stamp, host_name, service_description, return_code, output)
# Now create the external command and put it in our main queue()
# so the arbiter will read it :)
ext = ExternalCommand(cmd)
app.from_q.put(ext)
def push_stats():
print "F**K",app.request.forms.__dict__
key = app.request.forms.get('key')
data = app.request.files.get('data')
print "KEY", key
print "DATA", data.file
if not key:
print "NOT KEY"
if not data.file:
print "NO FILE"
is_cli = True
# Maybe it's with a cookie based auth
user = app.get_user_auth()
if not user:
# Check if the user is validated
user = app.get_user_by_key(key)
else:
is_cli = False
# Get the user key :)
key = user['api_key']
if not user:
print "Sorry, you give a wrong APIKEY or your account i"
if is_cli:
abort(400, 'Sorry, you give a wrong APIKEY or your account is not validated')
else:
app.response.content_type = 'application/json'
return json.dumps("Sorry, you give a wrong APIKEY or your account is not validated")
if key and data.file:
print "READING A stats FILE"
# LIMIT AT 5MB
raw = data.file.read(5000000)
over = data.file.read(1)
filename = data.filename
if over:
if is_cli:
abort(400, 'Sorry your file is too big!')
else:
app.response.content_type = 'application/json'
return json.dumps({'state' : 'error', 'text': 'Sorry your file is too big!'})
uname = user.get('username')
stats = json.loads(raw)
print "WE READ A STATS DATA for user", user, "STATS:", stats
app.save_user_stats(user, stats)
if is_cli:
return "Hello %s! You uploaded %s (%d bytes)." % (uname, filename, len(raw))
else:
app.response.content_type = 'application/json'
return json.dumps({'state' : 'ok', 'text' : "Hello %s! You uploaded %s (%d bytes)." % (key, filename, len(raw))})
print "You missed a field."
if is_cli:
abort(400, 'You missed a field.')
else:
app.response.content_type = 'application/json'
return json.dumps({'state' : 'error', 'text': 'Sorry you missed a filed'})
def get_api_key():
login = app.request.forms.get('login', '')
password = app.request.forms.get('password', '')
is_auth = app.check_auth(login, password)
is_activated = app.is_actitaved(login)
if not is_activated:
abort(400, 'Sorry your account is not wet validated, please look at your emails!')
if is_auth:
key = app.get_api_key(login)
if key:
abort(200, 'Your API key is %s' % key)
else:
abort(400, 'Sorry, there is a problem with your api key.')
else:
abort(401, 'Sorry, you need valid credentials to access to your API key')
def get_api_key():
app.response.content_type = 'application/json'
login = app.request.forms.get('login', '')
password = app.request.forms.get('password', '')
is_auth = app.check_auth(login, password)
is_activated = app.is_actitaved(login)
if not is_activated:
abort(400, 'Sorry your account is not wet validated, please look at your emails!')
if is_auth:
key = app.get_api_key(login)
if key:
r = {'api_key' : key}
return json.dumps(r)
else:
abort(400, 'Sorry, there is a problem with your api key.')
else:
abort(401, 'Sorry, you need valid credentials to access to your API key')
def get_api_key():
app.response.content_type = 'application/json'
login = app.request.forms.get('login', '')
password = app.request.forms.get('password', '')
is_auth = app.check_auth(login, password)
is_activated = app.is_actitaved(login)
if not is_activated:
abort(
400,
'Sorry your account is not wet validated, please look at your emails!'
)
if is_auth:
key = app.get_api_key(login)
if key:
r = {'api_key': key}
return json.dumps(r)
else:
abort(400, 'Sorry, there is a problem with your api key.')
else:
abort(401,
'Sorry, you need valid credentials to access to your API key')
logger.debug("[Ws_arbiter] return_code_list: %s" % (return_code_list))
output_list = request.forms.getall(key='output')
logger.debug("[Ws_arbiter] output_list: %s" % (output_list))
commands_list = get_commands(time_stamp_list, host_name_list,
service_description_list,
return_code_list, output_list)
except Exception, e:
logger.error("[Ws_arbiter] failed to get the lists: %s" % str(e))
commands_list = []
# We check for auth if it's not anonymously allowed
if app.username != 'anonymous':
basic = parse_auth(request.environ.get('HTTP_AUTHORIZATION', ''))
# Maybe the user not even ask for user/pass. If so, bail out
if not basic:
abort(401, 'Authentication required')
# Maybe he do not give the good credential?
if basic[0] != app.username or basic[1] != app.password:
abort(403, 'Authentication denied')
# Adding commands to the main queue()
logger.debug("[Ws_arbiter] commands = %s" % str(sorted(commands_list)))
for c in sorted(commands_list):
ext = ExternalCommand(c)
app.from_q.put(ext)
# OK here it's ok, it will return a 200 code
# This module will open an HTTP service, where a user can send a command, like a check
# return.
def push_new_pack():
print "F**K", app.request.forms.__dict__
key = app.request.forms.get('key')
data = app.request.files.get('data')
print "KEY", key
print "DATA", data.file
if not key:
print "NOT KEY"
if not data.file:
print "NO FILE"
is_cli = True
# Maybe it's with a cookie based auth
user = app.get_user_auth()
if not user:
# Check if the user is validated
user = app.get_user_by_key(key)
else:
is_cli = False
# Get the user key :)
key = user['api_key']
if not user:
print "Sorry, you give a wrong APIKEY or your account i"
if is_cli:
abort(
400,
'Sorry, you give a wrong APIKEY or your account is not validated'
)
else:
app.response.content_type = 'application/json'
return json.dumps(
"Sorry, you give a wrong APIKEY or your account is not validated"
)
if key and data.file:
print "READING A FILE"
# LIMIT AT 5MB
raw = data.file.read(5000000)
over = data.file.read(1)
filename = data.filename
if over:
if is_cli:
abort(400, 'Sorry your file is too big!')
else:
app.response.content_type = 'application/json'
return json.dumps({
'state': 'error',
'text': 'Sorry your file is too big!'
})
uname = user.get('username')
app.save_new_pack(uname, filename, raw)
if is_cli:
return "Hello %s! You uploaded %s (%d bytes)." % (uname, filename,
len(raw))
else:
app.response.content_type = 'application/json'
return json.dumps({
'state':
'ok',
'text':
"Hello %s! You uploaded %s (%d bytes)." %
(key, filename, len(raw))
})
print "You missed a field."
if is_cli:
abort(400, 'You missed a field.')
else:
app.response.content_type = 'application/json'
return json.dumps({
'state': 'error',
'text': 'Sorry you missed a filed'
})
logger.debug("[Ws_arbiter] service_description_list: %s" % (service_description_list))
return_code_list = request.forms.getall(key='return_code')
logger.debug("[Ws_arbiter] return_code_list: %s" % (return_code_list))
output_list = request.forms.getall(key='output')
logger.debug("[Ws_arbiter] output_list: %s" % (output_list))
commands_list = get_commands(time_stamp_list, host_name_list, service_description_list, return_code_list, output_list)
except Exception, e:
logger.error("[Ws_arbiter] failed to get the lists: %s" % str(e))
commands_list = []
# We check for auth if it's not anonymously allowed
if app.username != 'anonymous':
basic = parse_auth(request.environ.get('HTTP_AUTHORIZATION', ''))
# Maybe the user not even ask for user/pass. If so, bail out
if not basic:
abort(401, 'Authentication required')
# Maybe he do not give the good credential?
if basic[0] != app.username or basic[1] != app.password:
abort(403, 'Authentication denied')
# Adding commands to the main queue()
logger.debug("[Ws_arbiter] commands = %s" % str(sorted(commands_list)))
for c in sorted(commands_list):
ext = ExternalCommand(c)
app.from_q.put(ext)
# OK here it's ok, it will return a 200 code
# This module will open an HTTP service, where a user can send a command, like a check
# return.