def update_db_version(self): # update version updater settings try: updater_settings_values = UpdaterModule.__DEFAULT_SETTINGS__ ssr = SystemSettingsReader(self.setup_database_manager) try: updater_settings_values = ssr.get_all_values_from_section( 'updater') updater_setting_instance = UpdateSettings( **updater_settings_values) except Exception: # create updater section if not exist system_setting_writer: SystemSettingsWriter = SystemSettingsWriter( self.setup_database_manager) updater_setting_instance = UpdateSettings( **updater_settings_values) system_setting_writer.write( _id='updater', data=updater_setting_instance.__dict__) # start running update files updater_setting_instance.run_updates( updater_settings_values.get('version'), ssr) except Exception as err: self.status = UpdateRoutine.UpateStatus.ERROR raise RuntimeError( f'Something went wrong during the generation of the updater module. \n Error: {err}' )
def has_updates(self) -> bool: """ check if updates are available Returns: True else raise error """ from cmdb.updater import UpdaterModule from cmdb.utils.system_reader import SystemSettingsReader, SectionError try: ssr = SystemSettingsReader(self.setup_database_manager) ssr.get_all_values_from_section('updater') upd_module = UpdaterModule(ssr) new_version = upd_module.get_last_version()['version'] current_version = upd_module.settings.version if new_version > current_version: LOGGER.error( f'Please run an update. There are new updates available.' f'Current Updater Version: {current_version} ' f'Newest Update Version: {new_version}' ) return False except SectionError as err: LOGGER.error(err.message) return False return True
def __init__(self, database_manager: DatabaseManagerMongo): """ Args: key_directory: key based directory """ self.ssr = SystemSettingsReader(database_manager) self.rsa_public = self.get_public_key() self.rsa_private = self.get_private_key()
def increase_updater_version(self, value: int): ssr = SystemSettingsReader(self.database_manager) system_setting_writer: SystemSettingsWriter = SystemSettingsWriter( self.database_manager) updater_settings_values = ssr.get_all_values_from_section('updater') updater_setting_instance = UpdateSettings(**updater_settings_values) updater_setting_instance.version = value system_setting_writer.write(_id='updater', data=updater_setting_instance.__dict__)
def __init__(self, key_directory=None): """ Args: key_directory: key based directory """ self.scr = SystemConfigReader() self.__dbm = DatabaseManagerMongo( **self.scr.get_all_values_from_section('Database')) self.ssr = SystemSettingsReader(self.__dbm) self.rsa_public = self.get_public_key() self.rsa_private = self.get_private_key()
def run_updates(self, version: int, ssr: SystemSettingsReader): from cmdb.updater import UpdaterModule ssr.get_all_values_from_section('updater') updater_instance = UpdaterModule(ssr) versions = updater_instance.__UPDATER_VERSIONS_POOL__ current_version = updater_instance.get_last_version()['version'] for num, file in enumerate(sorted(versions)): if current_version > version: process_bar('Process', len(versions), num + 1) updater_class = load_class( f'cmdb.updater.versions.updater_{current_version}.Update{current_version}' ) updater_instance = updater_class() updater_instance.start_update()
def __init__(self, database_manager: DatabaseManagerMongo = None): self.key_holder = KeyHolder() self.header = {'alg': 'RS512'} self.database_manager = database_manager or DatabaseManagerMongo( **SystemConfigReader().get_all_values_from_section('Database')) self.auth_module = AuthModule( SystemSettingsReader(self.database_manager))
def parse_authorization_header(header): """ Parses the HTTP Auth Header to a JWT Token Args: header: Authorization header of the HTTP Request Examples: request.headers['Authorization'] or something same Returns: Valid JWT token """ if not header: return None value = wsgi_to_bytes(header) try: auth_type, auth_info = value.split(None, 1) auth_type = auth_type.lower() except ValueError: # Fallback for old versions auth_type = b"bearer" auth_info = value if auth_type == b"basic": try: username, password = base64.b64decode(auth_info).split(b":", 1) with current_app.app_context(): username = to_unicode(username, "utf-8") password = to_unicode(password, "utf-8") user_manager: UserManager = UserManager( current_app.database_manager) auth_module = AuthModule( SystemSettingsReader(current_app.database_manager)) try: user_instance = auth_module.login(user_manager, username, password) except Exception as e: return None if user_instance: tg = TokenGenerator(current_app.database_manager) return tg.generate_token(payload={ 'user': { 'public_id': user_instance.get_public_id() } }) else: return None except Exception: return None if auth_type == b"bearer": try: tv = TokenValidator() decoded_token = tv.decode_token(auth_info) tv.validate_token(decoded_token) return auth_info except Exception: return None return None
class KeyHolder: def __init__(self, database_manager: DatabaseManagerMongo): """ Args: key_directory: key based directory """ self.ssr = SystemSettingsReader(database_manager) self.rsa_public = self.get_public_key() self.rsa_private = self.get_private_key() def get_public_key(self): return self.ssr.get_value('asymmetric_key', 'security')['public'] def get_private_key(self): return self.ssr.get_value('asymmetric_key', 'security')['private']
def __init__(self, database_manager: DatabaseManagerMongo = None): self.key_holder = KeyHolder(database_manager) self.header = {'alg': 'RS512'} self.database_manager = database_manager self.auth_module = AuthModule( SystemSettingsReader( self.database_manager).get_all_values_from_section( 'auth', default=AuthModule.__DEFAULT_SETTINGS__))
class KeyHolder: def __init__(self, key_directory=None): """ Args: key_directory: key based directory """ self.scr = SystemConfigReader() self.__dbm = DatabaseManagerMongo( **self.scr.get_all_values_from_section('Database')) self.ssr = SystemSettingsReader(self.__dbm) self.rsa_public = self.get_public_key() self.rsa_private = self.get_private_key() def get_public_key(self): return self.ssr.get_value('asymmetric_key', 'security')['public'] def get_private_key(self): return self.ssr.get_value('asymmetric_key', 'security')['private']
def __init__(self, database_manager): self.ssr = SystemSettingsReader(database_manager) self.ssw = SystemSettingsWriter(database_manager) self.salt = "cmdb"
class SecurityManager: DEFAULT_BLOCK_SIZE = 32 DEFAULT_ALG = 'HS512' DEFAULT_EXPIRES = int(10) def __init__(self, database_manager): self.ssr = SystemSettingsReader(database_manager) self.ssw = SystemSettingsWriter(database_manager) self.salt = "cmdb" def generate_hmac(self, data): import hashlib import hmac generated_hash = hmac.new(self.get_symmetric_aes_key(), bytes(data + self.salt, 'utf-8'), hashlib.sha256) generated_hash.hexdigest() return base64.b64encode(generated_hash.digest()).decode("utf-8") def encrypt_aes(self, raw): """ see https://stackoverflow.com/questions/12524994/encrypt-decrypt-using-pycrypto-aes-256 :param raw: unencrypted data :return: """ if type(raw) == list: import json from bson import json_util raw = json.dumps(raw, default=json_util.default) raw = SecurityManager._pad(raw).encode('UTF-8') iv = Random.new().read(AES.block_size) cipher = AES.new(self.get_symmetric_aes_key(), AES.MODE_CBC, iv) return base64.b64encode(iv + cipher.encrypt(raw)) def decrypt_aes(self, enc): enc = base64.b64decode(enc) iv = enc[:AES.block_size] cipher = AES.new(self.get_symmetric_aes_key(), AES.MODE_CBC, iv) return SecurityManager._unpad(cipher.decrypt( enc[AES.block_size:])).decode('utf-8') @staticmethod def _pad(s): return s + (SecurityManager.DEFAULT_BLOCK_SIZE - len(s) % SecurityManager.DEFAULT_BLOCK_SIZE) * \ chr(SecurityManager.DEFAULT_BLOCK_SIZE - len(s) % SecurityManager.DEFAULT_BLOCK_SIZE) @staticmethod def _unpad(s): return s[:-ord(s[len(s) - 1:])] def generate_symmetric_aes_key(self): return self.ssw.write( 'security', {'symmetric_aes_key': Random.get_random_bytes(32)}) def get_symmetric_aes_key(self): try: symmetric_key = self.ssr.get_value('symmetric_aes_key', 'security') except NoDocumentFound: self.generate_symmetric_aes_key() symmetric_key = self.ssr.get_value('symmetric_aes_key', 'security') return symmetric_key @staticmethod def encode_object_base_64(data: object): from bson.json_util import dumps return base64.b64encode(dumps(data).encode('utf-8')).decode("utf-8")
LOGGER = logging.getLogger(__name__) try: from cmdb.utils.error import CMDBError except ImportError: CMDBError = Exception settings_blueprint = RootBlueprint('settings_rest', __name__, url_prefix='/settings') with current_app.app_context(): from cmdb.interface.rest_api.settings_routes.system_routes import system_blueprint settings_blueprint.register_nested_blueprint(system_blueprint) system_settings_reader = SystemSettingsReader( database_manager=current_app.database_manager) @settings_blueprint.route('/<string:section>/', methods=['GET']) @settings_blueprint.route('/<string:section>', methods=['GET']) @login_required @insert_request_user @right_required('base.system.view') def get_settings_from_section(section: str, request_user: User): section_settings = system_settings_reader.get_all_values_from_section( section=section) if len(section_settings) < 1: return make_response([], 204) return make_response(section_settings)