def test_wf_hol(capsys):
''' ppp
'''
intialize()
# test = WorkFlowEngine(conn, user=USER, passwd=PASSWD)
procinst = WFTEST.process_instance_start_processDefinitionId(
'holiday', variables={'prova': 'pluto'})
procinst_id = procinst['id']
filt = {'processInstanceId': procinst_id}
task_list = WFTEST.tasks_list(filt)
with capsys.disabled():
for task in task_list:
task_id = task['id']
pvars = WFTEST.task_variables_get(task_id)
print pvars
pvars = WFTEST.process_instance_variables_list_ex(procinst_id)
print pvars
com = WFTEST.task_complete(task_id, {'settvar': True})
print com
amount = 1000.0 * 0.987654321
parameters = {"amount": amount, "invoiceCategory": "pippo--" + str(amount)}
bkid = id_gen()
procid = WFTEST.process_instance_start_processDefinitionId(
'invoice', variables=parameters, businessKey=bkid)
assert not (procid is None)
with capsys.disabled():
print procid
instl = WFTEST.process_instances_list(process_definition_get='invoice',
businessKey=bkid)
assert instl
with capsys.disabled():
print instl
def __init__(self, connection, api_manager, event_handlers=[]):
self.logger = logging.getLogger(self.__class__.__module__ + '.' +
self.__class__.__name__)
self.connection = connection
self.api_manager = api_manager
self.db_manager = self.api_manager.db_manager
self._continue = None
self.id = id_gen()
self.manager = EventDbManager()
self.event_handlers = []
for event_handler in event_handlers:
handler = import_class(event_handler)
self.event_handlers.append(handler(self.api_manager))
self.redis_uri = self.api_manager.redis_event_uri
self.redis_exchange = self.api_manager.redis_event_exchange
self.exchange = Exchange(self.redis_exchange,
type='direct',
delivery_mode=1,
durable=False)
self.queue_name = '%s.queue' % self.redis_exchange
self.routing_key = '%s.key' % self.redis_exchange
self.queue = Queue(self.queue_name,
self.exchange,
routing_key=self.routing_key,
delivery_mode=1,
durable=False)
self.event_producer = EventProducerRedis(self.redis_uri,
self.redis_exchange + '.sub',
framework='simple')
self.conn = Connection(self.redis_uri)
def add_endpoint(self, name, desc, service, uri, active=True):
"""Add endpoint.
:param name: endpoint name
:param desc: endpoint desc
:param service: endpoint service
:param uri: endpoint uri
:param active: endpoint status
:return: endpoint id
:rtype: bool
:raises ApiManagerError: raise :class:`ApiManagerError`
:raises ApiAuthorizationError: raise :class:`ApiAuthorizationError`
"""
# check authorization
self.controller.check_authorization(CatalogEndpoint.objtype,
CatalogEndpoint.objdef, self.objid,
u'insert')
try:
# create catalog endpoint reference
objid = u'%s//%s' % (self.objid, id_gen())
res = self.manager.add_endpoint(objid, name, service, desc,
self.oid, uri, active)
# create object and permission
CatalogEndpoint(self.controller).register_object(
objid.split(u'//'), desc=desc)
self.logger.debug(u'Add catalog endpoint: %s' % truncate(res))
return res.id
except (QueryError, TransactionError, ModelError) as ex:
self.logger.error(ex, exc_info=1)
raise ApiManagerError(ex, code=ex.code)
def test_append_user_role(self):
user = self.manager.get_user(name='user1')[0]
if self.manager.add_role(id_gen(), 'role3', 'role3_desc'):
role = self.manager.get_role(name='role3')[0]
#self.manager.append_role_permission(role, 3, 6)
res = self.manager.append_user_role(user, role)
self.assertEqual(res, True)
def add_catalog(self, name=None, desc=None, zone=None):
"""Add catalog
:param name: name
:param desc: description
:param zone: zone
:return:
"""
# check authorization
self.check_authorization(Catalog.objtype, Catalog.objdef, None,
'insert')
try:
# create catalog reference
objid = id_gen()
res = self.manager.add(objid, name, desc, zone)
# create object and permission
Catalog(self, oid=res.id).register_object([objid], desc=desc)
return res.uuid
except (QueryError, TransactionError) as ex:
self.logger.error(ex, exc_info=1)
raise ApiManagerError(ex, code=ex.code)
def store_endpoint(self, endpoint, message):
"""Store node in db.
:param node json: node to store
:raise CatalogConsumerError:
"""
session = None
try:
# get db session
operation.session = self.db_manager.get_session()
name = endpoint[u'name']
service = endpoint[u'service']
desc = endpoint[u'desc']
catalog = endpoint[u'catalog']
uri = endpoint[u'uri']
catalog_obj = self.manager.get_entity(ModelCatalog, catalog)
try:
objid = u'%s//%s' % (catalog_obj.objid, id_gen())
res = self.manager.add_endpoint(objid,
name,
service,
desc,
catalog_obj.id,
uri,
active=True)
controller = CatalogController(None)
obj = CatalogEndpoint(controller,
Catalog(controller),
oid=res.id,
objid=res.objid,
name=res.name,
desc=res.desc,
active=res.active,
model=res)
# create object and permission
obj.register_object(objid.split(u'//'), desc=endpoint[u'desc'])
except (TransactionError) as ex:
if ex.code == 409:
self.manager.update_endpoint(oid=catalog_obj.id,
name=name,
desc=desc,
service=service,
catalog=catalog_obj.id,
uri=uri)
self.logger.debug(u'Store endpoint : %s' % endpoint)
except (TransactionError, Exception) as ex:
self.logger.error(u'Error storing node : %s' % ex, exc_info=1)
#raise CatalogConsumerError(ex)
finally:
if session is not None:
self.db_manager.release_session(operation.session)
message.ack()
def query_inner(*args, **kwargs): #1
start = time()
stmp_id = id_gen()
session = operation.session
sessionid = id(session)
# set distributed transaction id to 0 for single transaction
try:
operation.id
except:
operation.id = str(uuid4())
try:
# get runtime info
cp = current_process()
ct = current_thread()
# format request params
params = []
for item in args:
params.append(str(item))
for k, v in kwargs.iteritems():
params.append(u"'%s':'%s'" % (k, v))
# call internal function
res = fn(*args, **kwargs)
elapsed = round(time() - start, 4)
logger.debug(u'%s.%s - %s - query - %s - %s - OK - %s' %
(operation.id, stmp_id, sessionid, fn.__name__,
params, elapsed))
return res
except ModelError as ex:
elapsed = round(time() - start, 4)
logger.error(u'%s.%s - %s - query - %s - %s - KO - %s' %
(operation.id, stmp_id, sessionid, fn.__name__,
params, elapsed))
logger.error(ex.desc, exc_info=1)
logger.error(ex.desc)
raise QueryError(ex.desc, code=ex.code)
except DBAPIError as ex:
elapsed = round(time() - start, 4)
logger.error(u'%s.%s - %s - query - %s - %s - KO - %s' %
(operation.id, stmp_id, sessionid, fn.__name__,
params, elapsed))
logger.error(ex.orig, exc_info=1)
logger.error(ex.orig)
raise QueryError(ex.orig, code=400)
except Exception as ex:
elapsed = round(time() - start, 4)
logger.error(u'%s.%s - %s - query - %s - %s - KO - %s' %
(operation.id, stmp_id, sessionid, fn.__name__,
params, elapsed))
logger.error(ex, exc_info=1)
logger.error(ex)
raise QueryError(ex, code=400)
def __init__(self, connection, api_manager):
self.logger = getLogger(self.__class__.__module__+ \
u'.'+self.__class__.__name__)
self.connection = connection
self.api_manager = api_manager
self.db_manager = self.api_manager.db_manager
self._continue = None
self.id = id_gen()
self.manager = CatalogDbManager()
def test_add_group(self):
name = 'group1'
description = ''
user_type = 'group'
roles = [self.manager.get_role(name='role2')[0]]
members = [self.manager.get_user(name='user2')[0]]
active = True
password = '******'
res = self.manager.add_group(id_gen(), name, description, members,
roles)
def test_append_group_member(self):
group = self.manager.get_group(name='group1')[0]
if self.manager.add_user(id_gen(),
'user3', [],
active=True,
password='',
description=''):
user = self.manager.get_user(name='user3')[0]
res = self.manager.append_group_member(group, user)
self.assertEqual(res, True)
def test_add_user(self):
objid = id_gen()
name = 'user1'
user_type = 'user'
roles = [self.manager.get_role(name='role2')[0]]
active = True
password = '******'
res = self.manager.add_user(objid,
name,
roles,
active=active,
password=password)
def init_resource(logger, db_uri):
try:
from gibbonbeehive.module.resource.model import ResourceDbManager
# create api manager
params = {'api_name':'beehive',
'api_id':'process',
'database_uri':db_uri,
'api_module':['gibbonbeehive.module.resource.mod.ResourceModule'],
'api_plugin':[],
'api_subsystem':'resource'}
manager = ApiManager(params)
manager.configure()
manager.register_modules()
# remove and create scchema
ResourceDbManager.remove_table(db_uri)
ResourceDbManager.create_table(db_uri)
# create module
#from gibbonbeehive.module.resource.mod import ResourceModule
#from gibbonbeehive.module.resource.plugins.cloudstack import CloudstackPlugin
#resource_module = ResourceModule(manager)
#CloudstackPlugin(resource_module).register()
resource_module = manager.modules['ResourceModule']
controller = resource_module.get_controller()
# create session
operation.session = resource_module.get_session()
operation.perms = perms
operation.user = authuser
# init module
resource_module.init_object()
controller = resource_module.get_controller()
for item in containers:
container_class = import_class(item['class'])
container = container_class(controller, objid=id_gen(),
name=item['name'], desc=item['desc'],
active=True,
connection=json.dumps(item['conn']))
controller.add_container(container)
except:
msg = traceback.format_exc()
logger.error(msg)
finally:
# release session
resource_module.release_session(operation.session)
operation.session = None
def query_wrap(*args, **kwargs): #1
start = time()
stmp_id = id_gen()
session = operation.session
sessionid = id(session)
# set distributed transaction id to 0 for single transaction
try:
operation.id
except:
operation.id = str(uuid4())
try:
# format request params
params = []
for item in args:
params.append(str(item))
for k, v in kwargs.items():
params.append(u"'%s':'%s'" % (k, v))
# call internal function
res = fn(*args, **kwargs)
elapsed = round(time() - start, 4)
logger.debug2(OK_Q_MSG % (operation.id, stmp_id, sessionid, fn.__name__, truncate(params), elapsed))
return res
except ModelError as ex:
elapsed = round(time() - start, 4)
logger.error(KO_Q_MSG % (operation.id, stmp_id, sessionid, fn.__name__, truncate(params), elapsed))
logger.error(ex.desc)
raise QueryError(ex.desc, code=ex.code)
except ArgumentError as ex:
elapsed = round(time() - start, 4)
logger.error(KO_Q_MSG % (operation.id, stmp_id, sessionid, fn.__name__, truncate(params), elapsed))
logger.error(str(ex))
raise QueryError(str(ex), code=400)
except DBAPIError as ex:
elapsed = round(time() - start, 4)
logger.error(KO_Q_MSG % (operation.id, stmp_id, sessionid, fn.__name__, truncate(params), elapsed))
logger.error(str(ex))
raise QueryError(str(ex), code=400)
except TypeError as ex:
elapsed = round(time() - start, 4)
logger.error(KO_Q_MSG % (operation.id, stmp_id, sessionid, fn.__name__, truncate(params), elapsed))
logger.error(ex)
raise QueryError(ex, code=400)
except Exception as ex:
elapsed = round(time() - start, 4)
logger.error(KO_Q_MSG % (operation.id, stmp_id, sessionid, fn.__name__, truncate(params), elapsed))
logger.error(str(ex))
raise QueryError(str(ex), code=400)
def decorated_view(*args, **kwargs):
start = time.time()
stmp_id = id_gen()
try:
logger.debug('Query %s - START' % stmp_id)
res = fn(session, *args, **kwargs)
elapsed = round(time.time() - start, 4)
logger.debug('Query %s - STOP - %s' % (stmp_id, elapsed))
return res
except DBAPIError as ex:
elapsed = round(time.time() - start, 4)
logger.error('Query %s - ERROR - %s : %s' %
(stmp_id, ex, elapsed))
raise QueryError(ex)
def store_endpoint(self, endpoint, message):
"""Store node in db.
:param endpoint: endpoint
:param message: message
:raise CatalogConsumerError:
"""
session = None
try:
# get db session
operation.session = self.db_manager.get_session()
name = endpoint['name']
service = endpoint['service']
desc = endpoint['desc']
catalog = endpoint['catalog']
uri = endpoint['uri']
catalog_obj = self.manager.get_entity(ModelCatalog, catalog)
if self.manager.exist_entity(ModelEndpoint, name) is True:
endpoint = self.manager.get_entity(ModelEndpoint, name)
self.manager.update_endpoint(oid=endpoint.id,
name=name,
desc=desc,
service=service,
catalog_id=catalog_obj.id,
uri=uri)
self.logger.debug('Update endpoint : %s' % endpoint)
else:
objid = '%s//%s' % (catalog_obj.objid, id_gen())
res = self.manager.add_endpoint(objid,
name,
service,
desc,
catalog_obj.id,
uri,
active=True)
controller = CatalogController(None)
# create object and permission
CatalogEndpoint(controller, oid=res.id).register_object(
objid.split('//'), desc=endpoint['desc'])
self.logger.debug('Create endpoint : %s' % endpoint)
except (TransactionError, Exception) as ex:
self.logger.error('Error storing endpoint: %s' % ex, exc_info=True)
finally:
if session is not None:
self.db_manager.release_session(operation.session)
message.ack()
def __init__(self, connection, redis_exchange):
self.logger = logging.getLogger(self.__class__.__module__+ \
u'.'+self.__class__.__name__)
self.connection = connection
# redis
self.redis_exchange = redis_exchange
# kombu channel
self.exchange = Exchange(self.redis_exchange + u'.sub',
type=u'topic',
delivery_mode=1)
self.queue_name = u'%s.queue.%s' % (self.redis_exchange, id_gen())
self.routing_key = u'%s.sub.key' % self.redis_exchange
self.queue = Queue(self.queue_name,
self.exchange,
routing_key=self.routing_key)
def __init__(self, event_type, data, source, dest):
# event unique id
self.id = id_gen()
# event type like user, role, resource, property
self.type = event_type
# fire time of event
self.creation = time.time()
# event operation data
self.data = data
# remote address that require event fire
self.source = source
# local address that fire event using runtime execution process
# destination contains also object used in the operation
self.dest = dest
def __init__(self,
name,
desc,
service,
catalog,
uri,
creation=None,
modified=None,
enabled=True,
oid=None):
if oid is not None:
self.id = oid
else:
self.id = id_gen()
self.name = name
self.desc = desc
self.service = service
self.catalog_id = catalog
self.uri = uri
self.enabled = enabled
self.creation = creation
self.modified = modified
def decorated_view(*args, **kwargs):
start = time.time()
stmp_id = id_gen()
try:
logger.debug('Transaction %s - START' % stmp_id)
res = fn(session, *args, **kwargs)
session.commit()
elapsed = round(time.time() - start, 4)
logger.debug('Transaction %s - STOP - %s' % (stmp_id, elapsed))
return res
except IntegrityError as ex:
elapsed = round(time.time() - start, 4)
logger.error('Transaction %s - ERROR: %s - %s' %
(stmp_id, ex, elapsed))
session.rollback()
raise TransactionError(ex)
except DBAPIError as ex:
elapsed = round(time.time() - start, 4)
logger.error('Transaction %s - ERROR: %s - %s' %
(stmp_id, ex, elapsed))
session.rollback()
raise TransactionError(ex)
def __init__(self, connection, api_manager):
self.logger = logging.getLogger(self.__class__.__module__+ \
'.'+self.__class__.__name__)
self.connection = connection
self.api_manager = api_manager
self.db_manager = self.api_manager.db_manager
self._continue = None
self.id = id_gen()
self.manager = EventDbManager()
self.redis_uri = self.api_manager.redis_event_uri
self.redis_exchange = self.api_manager.redis_event_exchange
self.exchange = Exchange(self.redis_exchange,
type=u'direct',
delivery_mode=1,
durable=False)
self.queue_name = u'%s.queue' % self.redis_exchange
self.routing_key = u'%s.key' % self.redis_exchange
self.queue = Queue(self.queue_name,
self.exchange,
routing_key=self.routing_key,
delivery_mode=1,
durable=False)
# subscriber
#self.exchange_sub = Exchange(self.redis_exchange+u'.sub', type=u'topic',
# delivery_mode=1)
#self.queue_name_sub = u'%s.queue.sub' % self.redis_exchange
#self.routing_key_sub = u'%s.sub.key' % self.redis_exchange
#self.queue_sub = Queue(self.queue_name_sub, self.exchange_sub,
# routing_key=self.routing_key_sub)
self.event_producer = EventProducerRedis(self.redis_uri,
self.redis_exchange + u'.sub',
framework=u'simple')
self.conn = Connection(self.redis_uri)
def inner(*args, **kwargs): #1
logger = logging.getLogger(__name__)
# get runtime info
cp = current_process()
ct = current_thread()
# generate unique task id
task_id = id_gen()
# log start
#classname = get_method_class(func)
info = u'%s:%s - %s - START - %s:%s' % (
cp.ident, ct.ident, task_id,
func.__module__+u'.'+get_member_class(args), func.func_name)
logger.info(info)
# get start time
start = time()
# execute inner function
ret = func(*args, **kwargs) #2
# calculate elasped time
elapsed = round(time() - start, 5)
# log execution info in watch logger
info = u'%s:%s - %s - STOP - %s:%s - %s' % (
cp.ident, ct.ident, task_id,
func.__module__+u'.'+get_member_class(args),
func.func_name, elapsed)
#print func.func_name, args, kwargs
#ApiObjectCommand()
logger.info(info)
return ret
def add_catalog(self, name, desc, zone):
""" """
# check authorization
objs = self.can('insert', Catalog.objtype, definition=Catalog.objdef)
if len(objs) > 0 and objs[Catalog.objdef.lower()][0].split(
'//')[-1] != '*':
raise ApiManagerError('You need more privileges to add catalog',
code=2000)
try:
# create catalog reference
objid = id_gen()
catalog = Catalog(self,
oid=None,
objid=objid,
name=name,
desc=desc,
active=True,
model=None)
res = self.manager.add(objid, name, desc, zone)
catalog.oid = res.id
# create object and permission
catalog.register_object([objid], desc=desc)
# create container admin role
#catalog.add_admin_role(objid, desc)
#Catalog(self).send_event(u'insert', {u'objid':objid, u'name':name})
return catalog.oid
except (QueryError, TransactionError) as ex:
#Catalog(self).send_event(u'insert', {u'objid':objid, u'name':name},
# exception=ex)
self.logger.error(ex, exc_info=1)
raise ApiManagerError(ex, code=ex.code)
def test_wf_startproc(capsys):
intialize()
res = WFTEST.process_definition_xml_get('invoice')
import random
amount = 1000.0 * random.random()
# parameters= {
# "variables": {
# "amount": {
# "value": amount,
# "type": "double"
# },
# "invoiceCategory": {
# "value": "pippo--" + str(amount),
# "type": "string"
# }
# }
# }
parameters = {"amount": amount, "invoiceCategory": "pippo--" + str(amount)}
bky = id_gen()
res = WFTEST.process_instance_start_processDefinitionId(
'invoice', businessKey=bky, variables=parameters)
assert res
with capsys.disabled():
print(res)
def test_add_role(self):
objid = id_gen()
name = 'role1'
description = 'role1'
res = self.manager.add_role(objid, name, description)
def simple_http_login(self, name, domain, password, login_ip):
"""Simple http authentication login
:param name: user name
:param domain: user authentication domain
:param password: user password
:param login_ip: user login_ip
:return: True
:raise ApiManagerError:
"""
opts = {
u'name':name,
u'domain':domain,
u'password':u'xxxxxxx',
u'login_ip':login_ip
}
user_name = u'%s@%s' % (name, domain)
# validate input params
try:
self.validate_login_params(name, domain, password, login_ip)
except ApiManagerError as ex:
#User(self).send_event(u'simplehttp.login.insert', params=opts,
# exception=ex)
raise
# check user
try:
dbuser, dbuser_attribs = self.check_login_user(name, domain,
password, login_ip)
except ApiManagerError as ex:
#User(self).send_event(u'simplehttp.login.insert', params=opts,
# exception=ex)
raise
# check user has authentication filter
auth_filters = dbuser_attribs.get(u'auth-filters', (u'', None))[0].split(u',')
if u'simplehttp' not in auth_filters:
msg = u'Simple http authentication is not allowed for user %s' % \
user_name
#User(self).send_event(u'simplehttp.login.insert', params=opts,
# exception=msg)
self.logger.error(msg)
raise ApiManagerError(msg, code=401)
# check user ip is in allowed cidr
auth_cidrs = dbuser_attribs.get(u'auth-cidrs', u'')[0].split(u',')
allowed = False
for auth_cidr in auth_cidrs:
allowed_cidr = IPv4Network(str2uni(auth_cidr))
user_ip = IPv4Network(u'%s/32' % login_ip)
if user_ip.overlaps(allowed_cidr) is True:
allowed = True
break
if allowed is False:
msg = u'User %s ip %s can not perform simple http authentication' % \
(user_name, login_ip)
#User(self).send_event(u'simplehttp.login.insert', params=opts,
# exception=msg)
self.logger.error(msg)
raise ApiManagerError(msg, code=401)
# login user
try:
user, attrib = self.base_login(name, domain, password, login_ip,
dbuser, dbuser_attribs)
except ApiManagerError as ex:
#User(self).send_event(u'simplehttp.login.insert', params=opts,
# exception=ex)
raise
res = {u'uid':id_gen(20),
u'type':u'simplehttp',
u'user':user.get_dict(),
u'timestamp':datetime.now().strftime(u'%y-%m-%d-%H-%M')}
#User(self).send_event(u'simplehttp.login.insert', params=opts)
return res
def disable(self):
self.expiry_date = datetime.today()
self.name += '%s-DELETED' % id_gen()
self.active = False
def core_transaction(fn, rollback_throwable, *args, **kwargs):
start = time()
stmp_id = id_gen()
session = operation.session
sessionid = id(session)
# lock = RLock()
# lock.acquire()
commit = False
if operation.transaction is None:
operation.transaction = id_gen()
commit = True
logger.debug2('Create transaction %s' % operation.transaction)
else:
logger.debug2('Use transaction %s' % operation.transaction)
# set distributed transaction id to 0 for single transaction
try:
operation.id
except:
operation.id = str(uuid4())
try:
# format request params
params = []
for item in args:
params.append(str(item))
for k, v in kwargs.items():
params.append(u"'%s':'%s'" % (k, v))
# call internal function
res = fn(*args, **kwargs)
if commit is True:
session.commit()
logger.log(-10, 'Commit transaction %s' % operation.transaction)
operation.transaction = None
elapsed = round(time() - start, 4)
logger.debug2(OK_MSG % (operation.id, stmp_id, sessionid, fn.__name__, truncate(params), elapsed))
return res
except ModelError as ex:
elapsed = round(time() - start, 4)
logger.error(KO_MSG % (operation.id, stmp_id, sessionid, fn.__name__, truncate(params), elapsed))
err = str(ex)
if ex.code not in [409]:
logger.error(err)
rollback_if_throwable(session, commit, rollback_throwable)
raise TransactionError(err, code=ex.code)
except ArgumentError as ex:
elapsed = round(time() - start, 4)
logger.error(KO_MSG % (operation.id, stmp_id, sessionid, fn.__name__, truncate(params), elapsed))
rollback_if_throwable(session, commit, rollback_throwable)
raise TransactionError(str(ex), code=400)
except IntegrityError as ex:
elapsed = round(time() - start, 4)
logger.error(KO_MSG % (operation.id, stmp_id, sessionid, fn.__name__, truncate(params), elapsed))
rollback_if_throwable(session, commit, rollback_throwable)
raise TransactionError(str(ex), code=409)
except DBAPIError as ex:
elapsed = round(time() - start, 4)
logger.error(KO_MSG % (operation.id, stmp_id, sessionid, fn.__name__, truncate(params), elapsed))
rollback_if_throwable(session, commit, rollback_throwable)
raise TransactionError(str(ex), code=400)
except TransactionError as ex:
elapsed = round(time() - start, 4)
logger.error(KO_MSG % (operation.id, stmp_id, sessionid, fn.__name__, truncate(params), elapsed))
rollback_if_throwable(session, commit, rollback_throwable)
raise
except Exception as ex:
elapsed = round(time() - start, 4)
logger.error(KO_MSG % (operation.id, stmp_id, sessionid, fn.__name__, truncate(params), elapsed))
rollback_if_throwable(session, commit, rollback_throwable)
raise TransactionError(str(ex), code=400)
finally:
if not rollback_throwable:
if commit is True and operation.transaction is not None:
session.commit()
logger.log(-10, 'Commit transaction on exception %s' % operation.transaction)
operation.transaction = None
def test_append_group_role(self):
group = self.manager.get_group('group1')[0]
if self.manager.add_role(id_gen(), 'role4', 'role4_desc'):
role = self.manager.get_role(name='role4')[0]
res = self.manager.append_group_role(group, role)
self.assertEqual(res, True)
def test_add_role_bis(self):
objid = id_gen()
name = 'role1'
description = 'role1'
with self.assertRaises(TransactionError):
self.manager.add_role(objid, name, description)
def simple_http_login(self, name, domain, password, login_ip):
"""Simple http authentication login
:param name: user name
:param domain: user authentication domain
:param password: user password
:param login_ip: user login_ip
:return: True
:raises ApiManagerError: raise :class:`ApiManagerError`
"""
user_name = '%s@%s' % (name, domain)
# validate input params
try:
self.validate_login_params(name, domain, password, login_ip)
except ApiManagerError as ex:
raise
# check user
try:
dbuser, dbuser_attribs = self.check_login_user(
name, domain, password, login_ip)
except ApiManagerError as ex:
raise
# check user has authentication filter
auth_filters = dbuser_attribs.get('auth-filters',
('', None))[0].split(',')
if 'simplehttp' not in auth_filters:
msg = 'Simple http authentication is not allowed for user %s' % user_name
self.logger.error(msg)
raise ApiManagerError(msg, code=401)
# check user ip is in allowed cidr
auth_cidrs = dbuser_attribs.get('auth-cidrs', '')[0].split(',')
allowed = False
for auth_cidr in auth_cidrs:
allowed_cidr = IPv4Network(str2uni(auth_cidr))
user_ip = IPv4Network('%s/32' % login_ip)
if user_ip.overlaps(allowed_cidr) is True:
allowed = True
break
if allowed is False:
msg = 'User %s ip %s can not perform simple http authentication' % (
user_name, login_ip)
self.logger.error(msg)
raise ApiManagerError(msg, code=401)
# login user
try:
user, attrib = self.base_login(self.get_login_email(dbuser),
domain, password, login_ip, dbuser,
dbuser_attribs)
except ApiManagerError as ex:
raise
res = {
'uid': id_gen(20),
'type': 'simplehttp',
'user': user.get_dict(),
'timestamp': datetime.now().strftime('%y-%m-%d-%H-%M')
}
return res
