async def create_global(
request: Request,
new_global: GlobalVariable,
global_col: AsyncIOMotorCollection = Depends(get_mongo_c)):
"""
Creates a new Global Variable in WALKOFF and returns it.
"""
walkoff_db = get_mongo_d(request)
curr_user_id = await get_jwt_identity(request)
permissions = new_global.permissions
access_level = permissions.access_level
if access_level == AccessLevel.CREATOR_ONLY:
new_global.permissions = await creator_only_permissions(curr_user_id)
elif access_level == AccessLevel.EVERYONE:
new_global.permissions = await default_permissions(
curr_user_id, walkoff_db, "global_variables")
elif access_level == AccessLevel.ROLE_BASED:
await append_super_and_internal(new_global.permissions)
new_global.permissions.creator = curr_user_id
try:
key = config.get_from_file(config.ENCRYPTION_KEY_PATH) #, 'rb')
# for testing
try:
key = key.encode('utf-8')
key = base64.b64encode(key)
except:
key = key
new_global.value = fernet_encrypt(key, new_global.value)
return await mongo_helpers.create_item(global_col, GlobalVariable,
new_global)
except Exception as e:
logger.info(e)
raise UniquenessException("global_variable", "create", new_global.name)
async def update_workflow(
*,
walkoff_db: AsyncIOMotorDatabase = Depends(get_mongo_d),
workflow_name_id: Union[UUID, str],
request: Request,
updated_workflow: WorkflowModel):
"""
Updates a specific Workflow object (fetched by id or name) and returns it.
"""
workflow_col = walkoff_db.workflows
curr_user_id = await get_jwt_identity(request)
old_workflow = await mongo_helpers.get_item(workflow_col, WorkflowModel,
workflow_name_id)
to_update = await auth_check(old_workflow,
curr_user_id,
"update",
walkoff_db=walkoff_db)
if to_update:
await set_permissions(updated_workflow, curr_user_id, walkoff_db)
try:
return await mongo_helpers.update_item(workflow_col, WorkflowModel,
old_workflow.id_,
updated_workflow)
except:
raise UniquenessException("workflow", "update",
updated_workflow.name)
else:
raise UnauthorizedException("update data for", "Workflow",
old_workflow.name)
async def copy_workflow(
*,
walkoff_db: AsyncIOMotorDatabase = Depends(get_mongo_d),
source: str,
name_body: CopyWorkflowModel,
request: Request):
"""
Copied a Workflow in WALKOFF and returns it.
"""
workflow_col = walkoff_db.workflows
curr_user_id = await get_jwt_identity(request)
try:
existing_workflow = await mongo_helpers.get_item(
workflow_col, WorkflowModel, UUID(source))
except:
raise DoesNotExistException("copy", "Workflow", source)
new_workflow = await copy_workflow_helper(curr_user_id=curr_user_id,
old_workflow=existing_workflow,
new_name=name_body.name,
walkoff_db=walkoff_db)
await set_permissions(new_workflow, curr_user_id, walkoff_db)
try:
return await mongo_helpers.create_item(workflow_col, WorkflowModel,
new_workflow)
except:
raise UniquenessException("workflow", "create", new_workflow.name)
async def update_global(
request: Request,
updated_global: GlobalVariable,
global_var: UUID,
global_col: AsyncIOMotorCollection = Depends(get_mongo_c)):
"""
Updates a specific Global Variable (fetched by id) and returns it.
"""
walkoff_db = get_mongo_d(request)
curr_user_id = await get_jwt_identity(request)
old_global = await mongo_helpers.get_item(global_col, GlobalVariable,
global_var)
if not old_global:
raise DoesNotExistException("update", "Global Variable", global_var)
global_id = old_global.id_
new_permissions = updated_global.permissions
access_level = new_permissions.access_level
to_update = await auth_check(old_global, curr_user_id, "update",
walkoff_db)
if to_update:
if access_level == AccessLevel.CREATOR_ONLY:
updated_global.permissions = creator_only_permissions(curr_user_id)
elif access_level == AccessLevel.EVERYONE:
updated_global.permissions = default_permissions(
curr_user_id, walkoff_db, "global_variables")
elif access_level == AccessLevel.ROLE_BASED:
await append_super_and_internal(updated_global.permissions)
updated_global.permissions.creator = curr_user_id
try:
key = config.get_from_file(config.ENCRYPTION_KEY_PATH) #, 'rb')
# for testing
try:
key = key.encode('utf-8')
key = base64.b64encode(key)
except:
key = key
updated_global.value = fernet_encrypt(key, updated_global.value)
return await mongo_helpers.update_item(global_col, GlobalVariable,
global_id, updated_global)
except:
raise UniquenessException("global_variable", "update",
updated_global.name)
else:
raise UnauthorizedException("update data for", "Global Variable",
old_global.name)
async def create_workflow(
*,
walkoff_db: AsyncIOMotorDatabase = Depends(get_mongo_d),
request: Request,
new_workflow: WorkflowModel):
"""
Creates a new Workflow in WALKOFF and returns it.
"""
workflow_col = walkoff_db.workflows
curr_user_id = await get_jwt_identity(request)
await set_permissions(new_workflow, curr_user_id, walkoff_db)
try:
return await mongo_helpers.create_item(workflow_col, WorkflowModel,
new_workflow)
except:
raise UniquenessException("workflow", "create", new_workflow.name)
async def update_role(*,
role_col: AsyncIOMotorCollection = Depends(get_mongo_c),
role_id: Union[int, str],
new_role: RoleModel):
"""
Updates a role and returns it.
"""
role: RoleModel = await mongo_helpers.get_item(role_col,
RoleModel,
role_id,
raise_exc=False)
if not role:
raise DoesNotExistException("update", "Role", role_id)
role_string = f"{role.name} ({role.id_})"
if role.id_ in DefaultRoleUUIDS:
raise UnauthorizedException("update", "role", role_string)
if new_role.name:
existing_user = await mongo_helpers.get_item(role_col,
RoleModel,
new_role.name,
raise_exc=False)
if existing_user:
raise UniquenessException(
"change role for", "Role", f"{role_string} -> "
f"{new_role.name} ({role.id_})")
else:
role.name = new_role.name
if new_role.description:
role.description = new_role.description
if new_role.resources:
role.resources = new_role.resources
return await mongo_helpers.update_item(role_col, RoleModel, role_id, role)
async def upload_workflow(
*,
walkoff_db: AsyncIOMotorDatabase = Depends(get_mongo_d),
request: Request,
file: UploadFile = File(...)):
"""
Imports a new Workflow in WALKOFF and returns it.
"""
workflow_col = walkoff_db.workflows
curr_user_id = await get_jwt_identity(request)
new_workflow = WorkflowModel(
**json.loads((await file.read()).decode('utf-8')))
try:
# Add projections here to get rid of execution_id
workflow_exists_already = await mongo_helpers.get_item(
workflow_col, WorkflowModel, new_workflow.id_)
except DoesNotExistException:
workflow_exists_already = None
if workflow_exists_already:
old_workflow = await mongo_helpers.get_item(workflow_col,
WorkflowModel,
new_workflow.id_)
new_workflow = await upload_workflow_helper(curr_user_id=curr_user_id,
old_workflow=old_workflow,
new_workflow=new_workflow,
walkoff_db=walkoff_db)
await set_permissions(new_workflow, curr_user_id, walkoff_db)
try:
return await mongo_helpers.create_item(workflow_col, WorkflowModel,
new_workflow)
except:
raise UniquenessException("workflow", "create", new_workflow.name)
async def update_user(*,
walkoff_db: AsyncIOMotorDatabase = Depends(get_mongo_d),
user_id: Union[UUID, str],
new_user: EditUser,
request: Request):
"""
Updates the User for the specified username and returns it.
"""
user_col = walkoff_db.users
role_col = walkoff_db.roles
if user_id == DefaultUserUUID.INTERNAL_USER or user_id == "internal_user":
raise UnauthorizedException("update", "User", "internal_user")
user: UserModel = await mongo_helpers.get_item(user_col,
UserModel,
user_id,
raise_exc=False)
if not user:
raise DoesNotExistException("update", "User", user_id)
current_user: UserModel = await mongo_helpers.get_item(
user_col, UserModel, await get_jwt_identity(request))
user_string = f"{user.username} ({user.id_})"
if await user.verify_password(new_user.old_password):
if user.id_ == DefaultUserUUID.SUPER_ADMIN.value \
or DefaultRoleUUID.SUPER_ADMIN.value in user.roles:
if DRoles.SUPER_ADMIN.value not in current_user.roles:
raise UnauthorizedException("edit values for", "User",
"super_admin")
else:
if new_user.roles:
role_ids = [
role.id_ for role in await mongo_helpers.get_all_items(
role_col, RoleModel)
]
if set(new_user.roles) <= set(role_ids):
user.roles = new_user.roles
else:
invalid_roles = set(role_ids) - set(new_user.roles)
raise InvalidInputException(
"edit roles for",
"User",
user_string,
errors=
f"The following roles do not exist: {invalid_roles}")
user.active = new_user.active
if new_user.new_username:
existing_user = await mongo_helpers.get_item(user_col,
UserModel,
new_user.new_username,
raise_exc=False)
if existing_user:
raise UniquenessException(
"change username for", "User", f"{user_string} -> "
f"{new_user.new_username} ({user_id})")
else:
user.username = new_user.new_username
if new_user.new_password:
await user.hash_and_set_password(new_user.new_password)
return await mongo_helpers.update_item(user_col, UserModel, user_id,
user)
else:
raise UnauthorizedException("update the data", "User",
f"{new_user.username}")