def _parse_conf_from_rest(self): conf_mgr = conf.ConfManager(self.__session_key, "TA-SigSci_Blacklist_Alert", scheme=self.scheme, host=self.host, port=self.port) ta_conf_file = get_or_create_conf_file(conf_mgr, setup_const.myta_conf) credential_conf_file = get_or_create_conf_file( conf_mgr, setup_const.myta_credential_conf) # read global and proxy settings all_settings = ta_conf_file.get_all() if not all_settings: all_settings = {} self._setNoneValues(all_settings.get(setup_const.global_settings, {})) # read account credential settings for cred, cred_conf in self.cred_confs: try: cred_conf_file = get_or_create_conf_file(conf_mgr, cred_conf) creds_data = cred_conf_file.get_all() self._setNoneValues(creds_data) all_settings.update({cred: creds_data}) except conf.ConfManagerException as e: self.log_info('Conf {} not found.'.format(cred)) # read customized settings customized_conf_file = get_or_create_conf_file( conf_mgr, setup_const.myta_customized_conf) settings = customized_conf_file.get_all() all_settings[setup_const.myta_customized_settings] = settings self._setNoneValues( all_settings.get(setup_const.myta_customized_settings, {})) return filter_eai_property(all_settings)
def handleList(self, confInfo): logger.info("start list setup configure.") scheme, host, port = utils.extract_http_scheme_host_port( scc.getMgmtUri()) conf_mgr = conf.ConfManager(self.getSessionKey(), self.appName, scheme=scheme, host=host, port=port) ta_conf_file = get_or_create_conf_file(conf_mgr, setup_const.myta_conf) # read globala and proxy settings all_settings = ta_conf_file.get_all() if not all_settings: all_settings = {} self._setNoneValues(all_settings.get(setup_const.global_settings, {})) # customized conf customized_conf_file = get_or_create_conf_file( conf_mgr, setup_const.myta_customized_conf) settings = customized_conf_file.get_all() all_settings[setup_const.myta_customized_settings] = settings self._clearPasswords(all_settings, self.cred_fields) all_settings = filter_eai_property(all_settings) all_settings = json.dumps(all_settings) all_settings = utils.escape_json_control_chars(all_settings) confInfo[setup_const.myta_settings].append(setup_const.all_settings, all_settings) logger.info("list setup configure is done.")
def handleEdit(self, confInfo): logger.info("start edit setup configure.") scheme, host, port = utils.extract_http_scheme_host_port( scc.getMgmtUri()) conf_mgr = conf.ConfManager(self.getSessionKey(), self.appName, scheme=scheme, host=host, port=port) ta_conf_file = get_or_create_conf_file(conf_mgr, setup_const.myta_conf) customized_conf_file = get_or_create_conf_file( conf_mgr, setup_const.myta_customized_conf) all_origin_settings = ta_conf_file.get_all() all_settings = utils.escape_json_control_chars( self.callerArgs.data[setup_const.all_settings][0]) all_settings = json.loads(all_settings) # write global and proxy settings self._updateGlobalSettings(setup_const.global_settings, all_settings, all_origin_settings, ta_conf_file) self._updateGlobalSettings(setup_const.proxy_settings, all_settings, all_origin_settings, ta_conf_file) # write customized settings customized_conf_file = get_or_create_conf_file( conf_mgr, setup_const.myta_customized_conf) self._updateConfStanzas( all_settings.get(setup_const.myta_customized_settings, {}), customized_conf_file, self.encrypt_fields_customized) logger.info("edit setup configure is done")
def update_access_token(access_token, refresh_token, client_secret, session_key, stanza_name): """ Updates the latest access_token and refresh token in the ta_lansweeper_add_on_for_splunk_account.conf :param access_token: Access Token of the Lansweeper Account :param refresh_token: Refresh Token of the Lansweeper Account :param client_secret: Client Secret of the Lansweeper Account :param session_key: Splunk session key :param stanza_name: Stanza name of the account to be updated :return : True on successfully updating the account configurations """ cfm = conf_manager.ConfManager( session_key, APP_NAME, realm= '__REST_CREDENTIAL__#{}#configs/conf-ta_lansweeper_add_on_for_splunk_account' .format(APP_NAME)) conf = cfm.get_conf('ta_lansweeper_add_on_for_splunk_account') conf.update( stanza_name, { 'access_token': access_token, 'client_secret': client_secret, 'refresh_token': refresh_token }, ['access_token', 'client_secret', 'refresh_token']) return True
def test_conf_manager(): session_key = credentials.get_session_key( context.username, context.password, scheme=context.scheme, host=context.host, port=context.port, ) cfm = conf_manager.ConfManager( session_key, context.app, owner=context.owner, scheme=context.scheme, host=context.host, port=context.port, ) try: conf = cfm.get_conf("test") except conf_manager.ConfManagerException: conf = cfm.create_conf("test") assert not conf.stanza_exist("test_stanza") conf.update("test_stanza", {"k1": 1, "k2": 2}, ["k1"]) assert conf.get("test_stanza")["k1"] == 1 assert int(conf.get("test_stanza")["k2"]) == 2 assert conf.get("test_stanza")["eai:appName"] == "solnlib_demo" assert len(conf.get_all()) == 1 conf.delete("test_stanza") with pytest.raises(conf_manager.ConfStanzaNotExistException): conf.get("test_stanza") with pytest.raises(conf_manager.ConfStanzaNotExistException): conf.delete("test_stanza") conf.reload()
def get_log_level(session_key, logger): """ This function returns the log level for the addon from configuration file. :param session_key: session key for particular modular input. :return : log level configured in addon. """ try: settings_cfm = conf_manager.ConfManager( session_key, APP_NAME, realm="__REST_CREDENTIAL__#{}#configs/conf-{}_settings".format( APP_NAME, CONF_NAME)) logging_details = settings_cfm.get_conf(CONF_NAME + "_settings").get("logging") log_level = logging_details.get('loglevel') if ( logging_details.get('loglevel')) else 'INFO' return log_level except Exception: logger.error( "Failed to fetch the log details from the configuration taking INFO as default level." ) return 'INFO'
def get_account_details(session_key, account_name, logger): """ This function retrieves account details from addon configuration file. :param session_key: session key for particular modular input. :param account_name: account name configured in the addon. :param logger: provides logger of current input. :return : account details in form of a dictionary. """ try: cfm = conf_manager.ConfManager( session_key, APP_NAME, realm='__REST_CREDENTIAL__#{}#configs/conf-{}_account'.format( APP_NAME, CONF_NAME)) account_conf_file = cfm.get_conf(CONF_NAME + '_account') logger.info(f"Fetched configured account {account_name} details.") return { "username": account_conf_file.get(account_name).get('username'), "password": account_conf_file.get(account_name).get('password'), } except Exception as e: logger.error( "Failed to fetch account details from configuration. {}".format( traceback.format_exc())) sys.exit(1)
def get_account_details(session_key, account_name, logger): """ This function retrieves account details from addon configuration file. :param session_key: session key for particular modular input. :param account_name: account name configured in the addon. :param logger: provides logger of current input. :return : account details in form of a dictionary. """ try: cfm = conf_manager.ConfManager( session_key, APP_NAME, realm= '__REST_CREDENTIAL__#{}#configs/conf-ta_lansweeper_add_on_for_splunk_account' .format(APP_NAME)) account_conf_file = cfm.get_conf( 'ta_lansweeper_add_on_for_splunk_account') except Exception as exception: logger.error( "Failed to fetch account details from configuration, error={}". format(exception)) sys.exit(1) logger.info("Fetched configured account details") return { "client_id": account_conf_file.get(account_name).get('client_id'), "client_secret": account_conf_file.get(account_name).get('client_secret'), "access_token": account_conf_file.get(account_name).get('access_token'), "refresh_token": account_conf_file.get(account_name).get('refresh_token') }
def setup(cls, session_key): """ Set up sesison key and conf manager. NOTE: Must be done before performing any further actions """ cls.conf_manager = conf_manager.ConfManager(session_key, em_constants.APP_NAME, port=getDefault('port')) try: cls.conf = get_conf_stanza(cls.conf_manager, SLACK_CONF_FILE) except Exception: return EMSlack.error_rest_api_response(message=SLACK_REST_API_GENERAL_ERROR_MESSAGE)
def getProxyDetails(self): # Create confmanger object for the app with realm cfm = conf_manager.ConfManager(self.getSessionKey( ), "TA-lansweeper-add-on-for-splunk", realm="__REST_CREDENTIAL__#TA-lansweeper-add-on-for-splunk#configs/conf-ta_lansweeper_add_on_for_splunk_settings") # Get Conf object of apps settings conf = cfm.get_conf('ta_lansweeper_add_on_for_splunk_settings') # Get proxy stanza from the settings proxy_config = conf.get("proxy", True) if not proxy_config or not is_true(proxy_config.get('proxy_enabled')): logger.info('Proxy is not enabled') return None url = proxy_config.get('proxy_url') port = proxy_config.get('proxy_port') if url or port: if not url: raise ValueError('Proxy "url" must not be empty') if not self.is_valid_port(port): raise ValueError( 'Proxy "port" must be in range [1,65535]: %s' % port ) user = proxy_config.get('proxy_username') password = proxy_config.get('proxy_password') if not all((user, password)): logger.info('Proxy has no credentials found') user, password = None, None proxy_type = proxy_config.get('proxy_type') proxy_type = proxy_type.lower() if proxy_type else 'http' if proxy_type in _PROXY_TYPE_MAP: ptv = _PROXY_TYPE_MAP[proxy_type] elif proxy_type in _PROXY_TYPE_MAP.values(): ptv = proxy_type else: ptv = socks.PROXY_TYPE_HTTP logger.info('Proxy type not found, set to "HTTP"') rdns = is_true(proxy_config.get('proxy_rdns')) proxy_info = ProxyInfo( proxy_host=url, proxy_port=int(port), proxy_type=ptv, proxy_user=user, proxy_pass=password, proxy_rdns=rdns ) # logger.info(proxy_info) return proxy_info
def get_proxy_settings(session_key, logger): """ This function fetches proxy settings :param session_key: session key for particular modular input. :param logger: provides logger of current input. :return : proxy settings """ try: settings_cfm = conf_manager.ConfManager( session_key, APP_NAME, realm="__REST_CREDENTIAL__#{}#configs/conf-{}_settings".format( APP_NAME, CONF_NAME)) ta_settings_conf = settings_cfm.get_conf(CONF_NAME + "_settings").get_all() except Exception: logger.error( "Failed to fetch proxy details from configuration. {}".format( traceback.format_exc())) sys.exit(1) proxy_settings = {} proxy_stanza = {} for key, value in ta_settings_conf["proxy"].items(): proxy_stanza[key] = value if int(proxy_stanza.get("proxy_enabled", 0)) == 0: return proxy_settings proxy_port = proxy_stanza.get('proxy_port') proxy_url = proxy_stanza.get('proxy_url') proxy_username = proxy_stanza.get('proxy_username', '') proxy_password = proxy_stanza.get('proxy_password', '') if proxy_username and proxy_password: proxy_username = rq.compat.quote_plus(proxy_username) proxy_password = rq.compat.quote_plus(proxy_password) proxy_uri = "%s://%s:%s@%s:%s" % ( proxy_type, proxy_username, proxy_password, proxy_url, proxy_port) else: proxy_uri = "%s://%s:%s" % (proxy_type, proxy_url, proxy_port) proxy_settings = { "http": proxy_uri, "https": proxy_uri, "username": proxy_username, "proxy_password": proxy_password, "proxy": proxy_url, "proxy_port": proxy_port } logger.info("Fetched configured proxy details.") return proxy_settings
def do_additional_setup(self): # set log level log_level = self.inputs.get('job', {}).get('log_level', 'WARNING') logger.setLevel(log.parse_log_level(log_level)) # set up message service self.splunkd_messages_service = Service(port=getDefault('port'), token=session['authtoken'], app=APP_NAME, owner='nobody').messages # set up conf file manager self.inputs_conf = conf_manager.ConfManager( session['authtoken'], APP_NAME, port=getDefault('port')).get_conf('inputs')
def setup(cls, session_key): """ Set up sesison key and conf manager. NOTE: Must be done before performing any further actions """ EMVictorOps.SESSION_KEY = session_key cls.conf_manager = conf_manager.ConfManager(EMVictorOps.SESSION_KEY, em_constants.APP_NAME, port=getDefault('port')) try: cls.conf = get_conf_stanza(cls.conf_manager, VICTOROPS_CONF_FILE) except Exception: return EMVictorOps.error_rest_api_response( message=VICTOROPS_REST_API_GENERAL_ERROR_MESSAGE)
def get_conf_file( session_key, file, app=APP_NAME, realm="__REST_CREDENTIAL__#{app_name}#configs/conf-app_greynoise_settings". format(app_name=APP_NAME)): """ Returns the conf object of the file :param session_key: :param file: :param app: :param realm: :return: Conf File Object """ cfm = conf_manager.ConfManager(session_key, app, realm=realm) return cfm.get_conf(file)
def handleEdit(self, confInfo): logger.info("start edit setup configure.") scheme, host, port = utils.extract_http_scheme_host_port( scc.getMgmtUri()) conf_mgr = conf.ConfManager(self.getSessionKey(), self.appName, scheme=scheme, host=host, port=port) ta_conf_file = get_or_create_conf_file(conf_mgr, setup_const.myta_conf) customized_conf_file = get_or_create_conf_file( conf_mgr, setup_const.myta_customized_conf) all_origin_settings = ta_conf_file.get_all() all_settings = utils.escape_json_control_chars( self.callerArgs.data[setup_const.all_settings][0]) all_settings = json.loads(all_settings) # write global and proxy settings self._updateGlobalSettings(setup_const.global_settings, all_settings, all_origin_settings, ta_conf_file) # write customized settings customized_conf_file = get_or_create_conf_file( conf_mgr, setup_const.myta_customized_conf) self._updateConfStanzas( all_settings.get(setup_const.myta_customized_settings, {}), customized_conf_file, self.encrypt_fields_customized) # write account credential settings for cred, conf_file in self.cred_confs: cred_conf_file = get_or_create_conf_file(conf_mgr, conf_file) creds = all_settings.get(cred, {}) if creds == setup_const.ignore_backend_req: logger.info("Ignore backend rest request") continue if creds: self._updateConfStanzas(creds, cred_conf_file, self.encrypt_fields_credential) logger.info("edit setup configure is done")
def test_conf_manager(monkeypatch): credentials_store = {} all_stanzas = {} def mock_storage_passwords_list(self, count=None, **kwargs): return credentials_store.values() def mock_storage_passwords_create(self, password, username, realm=None): title = "{}:{}:".format(realm, username) if realm else ":{}:".format(username) password = client.StoragePassword( None, "storage/passwords/{}".format(title), state=record({ "content": { "clear_password": password, "encr_password": hashlib.md5(password.encode()).digest(), "password": "******", "realm": realm, "username": username, }, "title": title, }), ) credentials_store[title] = password return password def mock_storage_passwords_delete(self, username, realm=None): title = "{}:{}:".format(realm, username) if realm else ":{}:".format(username) if title in credentials_store: del credentials_store[title] else: raise KeyError("No such entity %s" % username) def mock_storage_password_delete(self): if self.name in credentials_store: del credentials_store[self.name] else: raise KeyError("No such entity %s" % self.name) def mock_configuration_get(self, name="", owner=None, app=None, sharing=None, **query): return common.make_response_record("") def mock_configuration_file_list(self, count=None, **kwargs): if not hasattr(mock_configuration_file_list, "normal_mode"): mock_configuration_file_list.normal_mode = True raise binding.HTTPError(common.make_response_record("", status=404)) else: if "name" in kwargs: if kwargs["name"] in all_stanzas: stanza_mgr = client.Stanza( self.service, "configs/conf-test/{0}/".format(kwargs["name"]), skip_refresh=True, ) stanza_mgr._state = common.record({ "title": kwargs["name"], "access": common.record({"app": "test"}), "content": all_stanzas[kwargs["name"]], }) return [stanza_mgr] else: raise binding.HTTPError( common.make_response_record("", status=404)) else: stanza_mgrs = [] for stanza_name, stanza in list(all_stanzas.items()): stanza_mgr = client.Stanza( self.service, "configs/conf-test/{0}/".format(stanza_name), skip_refresh=True, ) stanza_mgr._state = common.record({ "title": stanza_name, "access": common.record({"app": "test"}), "content": stanza, }) stanza_mgrs.append(stanza_mgr) return stanza_mgrs def mock_configuration_file_get(self, name="", owner=None, app=None, sharing=None, **query): return common.make_response_record("") def mock_configuration_file_create(self, name, **params): stanza_mgr = client.Stanza(self.service, "configs/conf-test/{0}/".format(name), skip_refresh=True) stanza_mgr._state = common.record({"title": name, "content": {}}) return stanza_mgr def mock_configuration_file_delete(self, name, **params): del all_stanzas[name] def mock_stanza_submit(self, stanza): all_stanzas[self.name] = stanza common.mock_splunkhome(monkeypatch) monkeypatch.setattr(client.StoragePasswords, "list", mock_storage_passwords_list) monkeypatch.setattr(client.StoragePasswords, "create", mock_storage_passwords_create) monkeypatch.setattr(client.StoragePasswords, "delete", mock_storage_passwords_delete) monkeypatch.setattr(client.StoragePassword, "delete", mock_storage_password_delete) monkeypatch.setattr(client.Configurations, "get", mock_configuration_get) monkeypatch.setattr(client.ConfigurationFile, "get", mock_configuration_file_get) monkeypatch.setattr(client.ConfigurationFile, "list", mock_configuration_file_list) monkeypatch.setattr(client.ConfigurationFile, "create", mock_configuration_file_create) monkeypatch.setattr(client.ConfigurationFile, "delete", mock_configuration_file_delete) monkeypatch.setattr(client.Stanza, "submit", mock_stanza_submit) cfm = conf_manager.ConfManager(common.SESSION_KEY, common.app) conf = cfm.get_conf("test") assert not conf.stanza_exist("test_stanza") conf.update("test_stanza", {"k1": 1, "k2": 2}, ["k1", "key_not_exist"]) assert conf.get("test_stanza") == { "k2": 2, "k1": 1, "eai:access": common.record({"app": "test"}), "eai:appName": "test", } assert conf.get_all() == { "test_stanza": { "k2": 2, "k1": 1, "eai:access": common.record({"app": "test"}), "eai:appName": "test", } } conf.delete("test_stanza") with pytest.raises(conf_manager.ConfStanzaNotExistException): conf.get("test_stanza") with pytest.raises(conf_manager.ConfStanzaNotExistException): conf.delete("test_stanza") conf.reload() cfm = conf_manager.ConfManager( common.SESSION_KEY, common.app, realm="__REST_CREDENTIAL__#{}#configs/conf-test".format(common.app), ) conf = cfm.get_conf("test") assert not conf.stanza_exist("test_stanza") conf.update("test_stanza", {"k1": 1, "k2": 2}, ["k1", "key_not_exist"]) assert conf.get("test_stanza") == { "k2": 2, "k1": 1, "eai:access": common.record({"app": "test"}), "eai:appName": "test", } assert conf.get_all() == { "test_stanza": { "k2": 2, "k1": 1, "eai:access": common.record({"app": "test"}), "eai:appName": "test", } } conf.delete("test_stanza") with pytest.raises(conf_manager.ConfStanzaNotExistException): conf.get("test_stanza") with pytest.raises(conf_manager.ConfStanzaNotExistException): conf.delete("test_stanza") conf.reload()