def apps_get(api_token):
logTraffic(API_URL, endpoint='/developer/<api_token>/apps')
current_user = access_manager.check_api(api_token, ACC_SEC, CNT_SEC)
if current_user is not None:
logAccess(API_URL, 'api', '/developer/<api_token>/apps')
print(current_user.group)
if current_user.group == "developer" or current_user.group == "user":
if fk.request.method == 'GET':
apps = ApplicationModel.objects(developer=current_user)
apps_json = {'total_apps': len(apps), 'apps': []}
for application in apps:
apps_json['apps'].append(application.extended())
return api_response(200, 'Developer\'s applications',
apps_json)
else:
return api_response(
405, 'Method not allowed',
'This endpoint supports only a GET method.')
elif current_user.group == "admin": # An admin is a meta developer.
apps = ApplicationModel.objects()
apps_json = {'total_apps': len(apps), 'apps': []}
for application in apps:
apps_json['apps'].append(application.extended())
return api_response(200, 'Developer\'s applications', apps_json)
else:
return api_response(401, 'Unauthorized access to the API',
'This is not a developer account.')
else:
return api_response(401, 'Unauthorized access to the API',
'This API token is not authorized.')
def env_view(env_id):
logTraffic(CLOUD_URL, endpoint='/private/env/view/<env_id>')
hash_session = basicAuthSession(fk.request)
if fk.request.method == 'GET':
caccess_resp = access_manager.check_cloud(hash_session, ACC_SEC, CNT_SEC)
current_user = access_resp[1]
if current_user is not None:
try:
logAccess(CLOUD_URL, 'cloud', '/private/env/view/<env_id>')
env = EnvironmentModel.objects.with_id(env_id)
# Make sure user own or used this environment.
owned = False
for project in ProjectModel.objects(owner=current_user):
if str(env.id) in project.history:
owned = True
break
if not owned:
env = None
except:
env = None
print(str(traceback.print_exc()))
if env is None:
return fk.Response('Unable to find this environment.', status.HTTP_404_NOT_FOUND)
else:
return fk.Response(env.to_json(), mimetype='application/json')
else:
return fk.Response('Unauthorized action on this environment.', status.HTTP_401_UNAUTHORIZED)
else:
return fk.Response('Endpoint does not support this HTTP method.', status.HTTP_405_METHOD_NOT_ALLOWED)
def app_access(api_token, app_id):
logTraffic(API_URL, endpoint='/developer/<api_token>/app/access/<app_id>')
current_user = access_manager.check_api(api_token, ACC_SEC, CNT_SEC)
if current_user is not None:
if current_user.group == "developer" or current_user.group == "user" or current_user.group == "admin":
logAccess(API_URL, 'api',
'/developer/<api_token>/app/access/<app_id>')
if fk.request.method == 'GET':
app = ApplicationModel.objects.with_id(app_id)
if app != None:
if app.developer == current_user or current_user.group == "user" or current_user.group == "admin":
app_access = AccessModel.application_access(app)
name = app.name if app.name != '' and app.name != None else 'unknown'
# print name
return api_response(
200, 'Application %s access history' % name,
app_access)
else:
return api_response(
405, 'Application access request denied',
'You are not the developer of this application.')
else:
return api_response(404,
'Request suggested an empty response',
'Unable to find this application.')
else:
return api_response(
405, 'Method not allowed',
'This endpoint supports only a GET method.')
else:
return api_response(401, 'Unauthorized access to the API',
'This is not a developer account.')
else:
return api_response(401, 'Unauthorized access to the API',
'This API token is not authorized.')
def env_remove(env_id):
logTraffic(CLOUD_URL, endpoint='/private/env/remove/<env_id>')
hash_session = basicAuthSession(fk.request)
if fk.request.method in ['GET', 'DELETE']:
access_resp = access_manager.check_cloud(hash_session, ACC_SEC, CNT_SEC)
current_user = access_resp[1]
if current_user is None:
return fk.Response('Unauthorized action on this environment.', status.HTTP_401_UNAUTHORIZED)
else:
try:
logAccess(CLOUD_URL, 'cloud', '/private/env/remove/<env_id>')
env = EnvironmentModel.objects.with_id(env_id)
except:
print(str(traceback.print_exc()))
if env is None:
return fk.Response('Unable to find this environment.', status.HTTP_404_NOT_FOUND)
else:
# result = storage_manager.delete_env_files(env)
# if result:
# implement project history en removal: project.history.append(str(env.id))
count = 0
for project in ProjectModel.objects(owner=current_user):
try:
project.history.remove(str(env_id))
project.save()
count = count + 1
except:
pass
if count > 0:
env.delete()
return cloud_response(200, 'Deletion succeeded', 'The environment %s was succesfully deleted.'%env_id)
else:
return fk.Response('Endpoint does not support this HTTP method.', status.HTTP_405_METHOD_NOT_ALLOWED)
def env_edit(hash_session, env_id):
logTraffic(CLOUD_URL, endpoint='/private/<hash_session>/env/edit/<env_id>')
if fk.request.method == 'POST':
access_resp = access_manager.check_cloud(hash_session)
current_user = access_resp[1]
if current_user is None:
return fk.Response('Unauthorized action on this environment.', status.HTTP_401_UNAUTHORIZED)
else:
try:
env = EnvironmentModel.objects.with_id(env_id)
except:
print(str(traceback.print_exc()))
if env is None:
return fk.Response('Unable to find this environment.', status.HTTP_404_NOT_FOUND)
else:
if fk.request.data:
data = json.loads(fk.request.data)
try:
group = data.get("group", env.group)
system = data.get("system", env.system)
env.group = group
env.system = system
env.save()
return fk.Response('Environment edited', status.HTTP_200_OK)
except:
print(str(traceback.print_exc()))
return fk.Response(str(traceback.print_exc()), status.HTTP_500_INTERNAL_SERVER_ERROR)
else:
return fk.Response('No content provided for the update.', status.HTTP_204_NO_CONTENT)
else:
return fk.Response('Endpoint does not support this HTTP method.', status.HTTP_405_METHOD_NOT_ALLOWED)
def project_comment(hash_session, project_id):
logTraffic(CLOUD_URL,
endpoint='/private/<hash_session>/project/comment/<project_id>')
if fk.request.method == 'POST':
access_resp = access_manager.check_cloud(hash_session)
current_user = access_resp[1]
if current_user is not None:
logAccess(CLOUD_URL, 'cloud',
'/private/<hash_session>/project/comment/<project_id>')
project = ProjectModel.objects.with_id(project_id)
if project == None or (project != None
and project.access != 'public'):
return fk.redirect('{0}:{1}/error/?code=401'.format(
VIEW_HOST, VIEW_PORT))
else:
if fk.request.data:
data = json.loads(fk.request.data)
comment = data.get("comment", {})
if len(comment) != 0:
project.comments.append(comment)
project.save()
return fk.Response('Projject comment posted',
status.HTTP_200_OK)
else:
return fk.redirect('{0}:{1}/error/?code=400'.format(
VIEW_HOST, VIEW_PORT))
else:
return fk.redirect('{0}:{1}/error/?code=415'.format(
VIEW_HOST, VIEW_PORT))
else:
return fk.redirect('{0}:{1}/error/?code=401'.format(
VIEW_HOST, VIEW_PORT))
else:
return fk.redirect('{0}:{1}/error/?code=405'.format(
VIEW_HOST, VIEW_PORT))
def file_download(file_id):
logTraffic(CLOUD_URL, endpoint='/private/record/file/download/<file_id>')
hash_session = basicAuthSession(fk.request)
if fk.request.method == 'GET':
access_resp = access_manager.check_cloud(hash_session, ACC_SEC, CNT_SEC)
user_model = access_resp[1]
if user_model is None:
return fk.redirect('{0}:{1}/error/?code=204'.format(VIEW_HOST, VIEW_PORT))
else:
try:
logAccess(CLOUD_URL, 'cloud', '/private/record/file/download/<file_id>')
record_file = FileModel.objects.with_id(file_id)
except:
print(str(traceback.print_exc()))
if record_file is None:
return fk.redirect('{0}:{1}/error/?code=204'.format(VIEW_HOST, VIEW_PORT))
else:
if record_file.record.project.owner == current_user:
_file = storage_manager.storage_get_file('file', record_file.storage)
return fk.send_file(
_file,
mimetype=_file.mimetype,
as_attachment=True,
attachment_filename=_file.name,
)
else:
return fk.redirect('{0}:{1}/error/?code=401'.format(VIEW_HOST, VIEW_PORT))
else:
return fk.redirect('{0}:{1}/error/?code=405'.format(VIEW_HOST, VIEW_PORT))
def public_pull_record(record_id):
logTraffic(CLOUD_URL, endpoint='/public/record/pull/<record_id>')
if fk.request.method == 'GET':
try:
record = RecordModel.objects.with_id(record_id)
except:
print(str(traceback.print_exc()))
if record is None:
return fk.redirect('{0}:{1}/error/?code=204'.format(
VIEW_HOST, VIEW_PORT))
else:
if record.project.access == 'public':
prepared = storage_manager.prepare_record(record)
if prepared[0] == None:
print("Unable to retrieve a record to download.")
return fk.redirect('{0}:{1}/error/?code=204'.format(
VIEW_HOST, VIEW_PORT))
else:
return fk.send_file(prepared[0],
as_attachment=True,
attachment_filename=prepared[1],
mimetype='application/zip')
else:
return fk.redirect('{0}:{1}/error/?code=401'.format(
VIEW_HOST, VIEW_PORT))
else:
return fk.redirect('{0}:{1}/error/?code=405'.format(
VIEW_HOST, VIEW_PORT))
def file_remove(hash_session, file_id):
logTraffic(CLOUD_URL,
endpoint='/private/<hash_session>/record/file/remove/<file_id>')
if fk.request.method == 'DELETE':
access_resp = access_manager.check_cloud(hash_session)
user_model = access_resp[1]
if user_model is not None:
try:
logAccess(
CLOUD_URL, 'cloud',
'/private/<hash_session>/record/file/remove/<file_id>')
record_file = FileModel.objects.with_id(file_id)
except:
print(str(traceback.print_exc()))
if record_file is None:
return fk.redirect('{0}:{1}/error/?code=204'.format(
VIEW_HOST, VIEW_PORT))
else:
if record_file.record.project.owner == current_user:
storage_manager.delete_record_file(record_file, logStat)
return fk.Response('Record file removed',
status.HTTP_200_OK)
else:
return fk.redirect('{0}:{1}/error/?code=401'.format(
VIEW_HOST, VIEW_PORT))
else:
return fk.redirect('{0}:{1}/error/?code=401'.format(
VIEW_HOST, VIEW_PORT))
def diff_remove(diff_id):
logTraffic(CLOUD_URL, endpoint='/private/diff/remove/<diff_id>')
hash_session = basicAuthSession(fk.request)
if fk.request.method in ['GET', 'DELETE']:
access_resp = access_manager.check_cloud(hash_session, ACC_SEC, CNT_SEC)
current_user = access_resp[1]
if current_user is not None:
try:
logAccess(CLOUD_URL, 'cloud', '/private/diff/remove/<diff_id>')
diff = DiffModel.objects.with_id(diff_id)
except:
print(str(traceback.print_exc()))
return fk.Response(str(traceback.print_exc()), status.HTTP_500_INTERNAL_SERVER_ERROR)
if diff is None:
return fk.Response('Unable to find this diff.', status.HTTP_404_NOT_FOUND)
else:
if diff.sender == current_user or diff.targeted == current_user or current_user.group == "admin":
diff.delete()
logStat(deleted=True, diff=diff)
return cloud_response(200, 'Deletion succeeded', 'The diff %s was succesfully deleted.'%diff_id)
else:
return fk.Response('Unauthorized action on this diff.', status.HTTP_401_UNAUTHORIZED)
else:
return fk.Response('Unauthorized action on this diff.', status.HTTP_401_UNAUTHORIZED)
else:
return fk.Response('Endpoint does not support this HTTP method.', status.HTTP_405_METHOD_NOT_ALLOWED)
def download_diff(hash_session, diff_id):
logTraffic(CLOUD_URL, endpoint='/private/<hash_session>/diff/download/<diff_id>')
if fk.request.method == 'GET':
access_resp = access_manager.check_cloud(hash_session, ACC_SEC, CNT_SEC)
current_user = access_resp[1]
if current_user is None:
return fk.redirect('{0}:{1}/error/?code=401'.format(VIEW_HOST, VIEW_PORT))
else:
logAccess(CLOUD_URL, 'cloud', '/private/<hash_session>/diff/download/<diff_id>')
try:
diff = DiffModel.objects.with_id(diff_id)
except:
diff = None
print(str(traceback.print_exc()))
return fk.Response(str(traceback.print_exc()), status.HTTP_500_INTERNAL_SERVER_ERROR)
if diff is None:
return fk.redirect('{0}:{1}/error/?code=204'.format(VIEW_HOST, VIEW_PORT))
else:
prepared = storage_manager.prepare_diff(diff)
if prepared[0] == None:
print("Unable to retrieve a diff to download.")
return fk.redirect('{0}:{1}/error/?code=204'.format(VIEW_HOST, VIEW_PORT))
else:
return fk.send_file(prepared[0], as_attachment=True, attachment_filename=prepared[1], mimetype='application/zip')
else:
return fk.redirect('{0}:{1}/error/?code=405'.format(VIEW_HOST, VIEW_PORT))
def env_next(project_id):
logTraffic(CLOUD_URL, endpoint='/private/env/next/<project_id>')
hash_session = basicAuthSession(fk.request)
if fk.request.method == 'POST':
access_resp = access_manager.check_cloud(hash_session, ACC_SEC, CNT_SEC)
current_user = access_resp[1]
if current_user is None:
return fk.redirect('{0}:{1}/error/?code=401'.format(VIEW_HOST, VIEW_PORT))
else:
logAccess(CLOUD_URL, 'cloud', '/private/env/next/<project_id>')
try:
project = ProjectModel.objects.with_id(project_id)
except:
print(str(traceback.print_exc()))
if project is None:
return fk.Response('Unable to find the referenced project.', status.HTTP_404_NOT_FOUND)
else:
if fk.request.data:
data = json.loads(fk.request.data)
try:
env = EnvironmentModel(created_at=str(datetime.datetime.utcnow()))
application_name = data.get("app", None)
if application_name and application_name != '':
application = ApplicationModel.objects(name=application_name).first()
if application:
application.records = application.records + 1
application.save()
if str(current_user.id) not in application.users:
application.users.append(str(current_user.id))
application.save()
env.application = application
group = data.get("group", "unknown")
system = data.get("system", "undefined")
env.group = group
env.system = system
env.save()
version = VersionModel(created_at=str(datetime.datetime.utcnow()))
system = data.get("version", "unknown")
version.system = system
version.save()
env.version = version
env.save()
bundle = BundleModel(created_at=str(datetime.datetime.utcnow()))
bundle.scope = 'local'
bundle.save()
env.bundle = bundle
env.save()
project.history.append(str(env.id))
project.save()
project_content = json.loads(project.summary_json())
project_content["env"] = {"bundle-id":str(bundle.id)}
return cloud_response(201, 'Environment successfully created.', project_content)
except:
print(str(traceback.print_exc()))
return fk.Response(str(traceback.print_exc()), status.HTTP_500_INTERNAL_SERVER_ERROR)
else:
return fk.Response('No content provided for the creation.', status.HTTP_204_NO_CONTENT)
else:
return fk.redirect('{0}:{1}/error/?code=405'.format(VIEW_HOST, VIEW_PORT))
def download_env(hash_session, env_id):
logTraffic(CLOUD_URL, endpoint='/private/<hash_session>/env/download/<env_id>')
if fk.request.method == 'GET':
access_resp = access_manager.check_cloud(hash_session, ACC_SEC, CNT_SEC)
current_user = access_resp[1]
if current_user is None:
return fk.redirect('{0}:{1}/error/?code=401'.format(VIEW_HOST, VIEW_PORT))
else:
logAccess(CLOUD_URL, 'cloud', '/private/<hash_session>/env/download/<env_id>')
try:
env = EnvironmentModel.objects.with_id(env_id)
project = None
for pro in ProjectModel.objects(owner=current_user):
if str(env.id) in pro.history:
project = pro
break
except:
env = None
project = None
print(str(traceback.print_exc()))
return fk.Response(str(traceback.print_exc()), status.HTTP_500_INTERNAL_SERVER_ERROR)
if env is None or project is None:
return fk.redirect('{0}:{1}/error/?code=204'.format(VIEW_HOST, VIEW_PORT))
else:
prepared = storage_manager.prepare_env(project, env)
if prepared[0] == None:
print("Unable to retrieve a env to download.")
return fk.redirect('{0}:{1}/error/?code=204'.format(VIEW_HOST, VIEW_PORT))
else:
return fk.send_file(prepared[0], as_attachment=True, attachment_filename=prepared[1], mimetype='application/zip')
else:
return fk.redirect('{0}:{1}/error/?code=405'.format(VIEW_HOST, VIEW_PORT))
def apps_get(api_token):
logTraffic(API_URL, endpoint='/developer/<api_token>/apps')
current_user = access_manager.check_api(api_token, ACC_SEC, CNT_SEC)
if current_user is not None:
logAccess(API_URL,'api', '/developer/<api_token>/apps')
print(current_user.group)
if current_user.group == "developer" or current_user.group == "user":
if fk.request.method == 'GET':
apps = ApplicationModel.objects(developer=current_user)
apps_json = {'total_apps':len(apps), 'apps':[]}
for application in apps:
apps_json['apps'].append(application.extended())
return api_response(200, 'Developer\'s applications', apps_json)
else:
return api_response(405, 'Method not allowed', 'This endpoint supports only a GET method.')
elif current_user.group == "admin": # An admin is a meta developer.
apps = ApplicationModel.objects()
apps_json = {'total_apps':len(apps), 'apps':[]}
for application in apps:
apps_json['apps'].append(application.extended())
return api_response(200, 'Developer\'s applications', apps_json)
else:
return api_response(401, 'Unauthorized access to the API', 'This is not a developer account.')
else:
return api_response(401, 'Unauthorized access to the API', 'This API token is not authorized.')
def project_comments(hash_session, project_id):
logTraffic(
CLOUD_URL,
endpoint='/private/<hash_session>/project/comments/<project_id>')
if fk.request.method == 'GET':
access_resp = access_manager.check_cloud(hash_session)
current_user = access_resp[1]
if current_user is None:
return fk.redirect('{0}:{1}/error/?code=401'.format(
VIEW_HOST, VIEW_PORT))
else:
logAccess(CLOUD_URL, 'cloud',
'/private/<hash_session>/project/comments/<project_id>')
project = ProjectModel.objects.with_id(project_id)
if project == None or (project != None
and project.access != 'public'):
return fk.redirect('{0}:{1}/error/?code=401'.format(
VIEW_HOST, VIEW_PORT))
else:
return fk.Response(json.dumps(project.comments,
sort_keys=True,
indent=4,
separators=(',', ': ')),
mimetype='application/json')
else:
return fk.redirect('{0}:{1}/error/?code=405'.format(
VIEW_HOST, VIEW_PORT))
def project_comment(project_id):
logTraffic(CLOUD_URL, endpoint='/private/project/comment/<project_id>')
hash_session = basicAuthSession(fk.request)
if fk.request.method == 'POST':
access_resp = access_manager.check_cloud(hash_session, ACC_SEC, CNT_SEC)
current_user = access_resp[1]
if current_user is not None:
logAccess(CLOUD_URL, 'cloud', '/private/project/comment/<project_id>')
project = ProjectModel.objects.with_id(project_id)
if project == None or (project != None and project.access != 'public' and current_user.group != "admin"):
return fk.redirect('{0}:{1}/error/?code=401'.format(VIEW_HOST, VIEW_PORT))
else:
if fk.request.data:
data = json.loads(fk.request.data)
comment = data.get("comment", {})
if len(comment) != 0:
project.comments.append(comment)
project.save()
return fk.Response('Projject comment posted', status.HTTP_200_OK)
else:
return fk.redirect('{0}:{1}/error/?code=400'.format(VIEW_HOST, VIEW_PORT))
else:
return fk.redirect('{0}:{1}/error/?code=415'.format(VIEW_HOST, VIEW_PORT))
else:
return fk.redirect('{0}:{1}/error/?code=401'.format(VIEW_HOST, VIEW_PORT))
else:
return fk.redirect('{0}:{1}/error/?code=405'.format(VIEW_HOST, VIEW_PORT))
def diff_view(hash_session, diff_id):
logTraffic(CLOUD_URL,
endpoint='/private/<hash_session>/diff/view/<diff_id>')
if fk.request.method == 'GET':
access_resp = access_manager.check_cloud(hash_session)
current_user = access_resp[1]
if current_user is not None:
try:
logAccess(CLOUD_URL, 'cloud',
'/private/<hash_session>/diff/view/<diff_id>')
diff = DiffModel.objects.with_id(diff_id)
except:
print(str(traceback.print_exc()))
return fk.Response(str(traceback.print_exc()),
status.HTTP_500_INTERNAL_SERVER_ERROR)
if diff is None:
return fk.Response('Unable to find this diff.',
status.HTTP_404_NOT_FOUND)
else:
return fk.Response(diff.to_json(), mimetype='application/json')
else:
return fk.Response('Unauthorized action on this diff.',
status.HTTP_401_UNAUTHORIZED)
else:
return fk.Response('Endpoint does not support this HTTP method.',
status.HTTP_405_METHOD_NOT_ALLOWED)
def record_comment(record_id):
logTraffic(CLOUD_URL, endpoint='/private/record/comment/<record_id>')
hash_session = basicAuthSession(fk.request)
if fk.request.method == 'POST':
access_resp = access_manager.check_cloud(hash_session, ACC_SEC, CNT_SEC)
current_user = access_resp[1]
if current_user is not None:
try:
logAccess(CLOUD_URL, 'cloud', '/private/record/comment/<record_id>')
record = RecordModel.objects.with_id(record_id)
except:
print(str(traceback.print_exc()))
if record is None:
return fk.redirect('{0}:{1}/error/?code=204'.format(VIEW_HOST, VIEW_PORT))
else:
# if record.project.owner == current_user or current_user.group == "admin":
if fk.request.data:
data = json.loads(fk.request.data)
comment = data.get("comment", {})
if len(comment) != 0:
record.comments.append(comment)
record.save()
return fk.Response('Projject comment posted', status.HTTP_200_OK)
else:
return fk.redirect('{0}:{1}/error/?code=400'.format(VIEW_HOST, VIEW_PORT))
else:
return fk.redirect('{0}:{1}/error/?code=415'.format(VIEW_HOST, VIEW_PORT))
# else:
# return fk.redirect('{0}:{1}/error/?code=401'.format(VIEW_HOST, VIEW_PORT))
else:
return fk.redirect('{0}:{1}/error/?code=401'.format(VIEW_HOST, VIEW_PORT))
else:
return fk.redirect('{0}:{1}/error/?code=405'.format(VIEW_HOST, VIEW_PORT))
def app_search(api_token, app_name):
logTraffic(API_URL,
endpoint='/developer/<api_token>/app/search/<app_name>')
current_user = access_manager.check_api(api_token, ACC_SEC, CNT_SEC)
if current_user is not None:
if current_user.group == "developer" or current_user.group == "user" or current_user.group == "admin":
logAccess(API_URL, 'api',
'/developer/<api_token>/app/search/<app_name>')
if fk.request.method == 'GET':
apps = ApplicationModel.objects(name__icontains=app_name)
apps_dict = {'total_apps': 0, 'apps': []}
for application in apps:
if application.developer == current_user:
apps_dict['apps'].append(application.info())
else:
# Only visible apps from other researchers can be searched for.
if application.visibile:
apps_dict['apps'].append(application.info())
apps_dict['total_apps'] = len(apps_dict['apps'])
return api_response(
200,
'Search results for application with name: %s' % app_name,
apps_dict)
else:
return api_response(
405, 'Method not allowed',
'This endpoint supports only a GET method.')
else:
return api_response(401, 'Unauthorized access to the API',
'This is not a developer account.')
else:
return api_response(401, 'Unauthorized access to the API',
'This API token is not authorized.')
def diff_remove(hash_session, diff_id):
logTraffic(CLOUD_URL,
endpoint='/private/<hash_session>/diff/remove/<diff_id>')
if fk.request.method in ['GET', 'DELETE']:
access_resp = access_manager.check_cloud(hash_session)
current_user = access_resp[1]
if current_user is not None:
try:
logAccess(CLOUD_URL, 'cloud',
'/private/<hash_session>/diff/remove/<diff_id>')
diff = DiffModel.objects.with_id(diff_id)
except:
print(str(traceback.print_exc()))
return fk.Response(str(traceback.print_exc()),
status.HTTP_500_INTERNAL_SERVER_ERROR)
if diff is None:
return fk.Response('Unable to find this diff.',
status.HTTP_404_NOT_FOUND)
else:
if diff.sender == current_user or diff.targeted == current_user:
diff.delete()
logStat(deleted=True, diff=diff)
return cloud_response(
200, 'Deletion succeeded',
'The diff %s was succesfully deleted.' % diff_id)
else:
return fk.Response('Unauthorized action on this diff.',
status.HTTP_401_UNAUTHORIZED)
else:
return fk.Response('Unauthorized action on this diff.',
status.HTTP_401_UNAUTHORIZED)
else:
return fk.Response('Endpoint does not support this HTTP method.',
status.HTTP_405_METHOD_NOT_ALLOWED)
def record_comments(hash_session, record_id):
logTraffic(CLOUD_URL,
endpoint='/private/<hash_session>/record/comments/<record_id>')
if fk.request.method == 'GET':
access_resp = access_manager.check_cloud(hash_session)
current_user = access_resp[1]
if current_user is not None:
try:
logAccess(
CLOUD_URL, 'cloud',
'/private/<hash_session>/record/comments/<record_id>')
record = RecordModel.objects.with_id(record_id)
except:
print(str(traceback.print_exc()))
if record is None or (record != None
and record.access != 'public'):
return fk.redirect('{0}:{1}/error/?code=401'.format(
VIEW_HOST, VIEW_PORT))
else:
return fk.Response(json.dumps(record.comments,
sort_keys=True,
indent=4,
separators=(',', ': ')),
mimetype='application/json')
else:
return fk.redirect('{0}:{1}/error/?code=401'.format(
VIEW_HOST, VIEW_PORT))
else:
return fk.redirect('{0}:{1}/error/?code=405'.format(
VIEW_HOST, VIEW_PORT))
def public_project_view(project_id):
logTraffic(CLOUD_URL, endpoint='/public/project/view/<project_id>')
if fk.request.method == 'GET':
p = ProjectModel.objects.with_id(project_id)
if p == None or (p != None and p.access != 'public'):
return fk.redirect('{0}:{1}/error/?code=401'.format(
VIEW_HOST, VIEW_PORT))
else:
project = {"project": json.loads(p.to_json())}
records = RecordModel.objects(project=p)
project["activity"] = {
"number":
len(records),
"records": [{
"id": str(record.id),
"created": str(record.created_at),
"updated": str(record.updated_at),
"status": str(record.status)
} for record in records]
}
return fk.Response(json.dumps(project,
sort_keys=True,
indent=4,
separators=(',', ': ')),
mimetype='application/json')
else:
return fk.redirect('{0}:{1}/error/?code=405'.format(
VIEW_HOST, VIEW_PORT))
def project_records(hash_session, project_name):
logTraffic(
CLOUD_URL,
endpoint='/private/<hash_session>/project/record/<project_name>')
if fk.request.method == 'GET':
access_resp = access_manager.check_cloud(hash_session)
current_user = access_resp[1]
if current_user is None:
return fk.redirect('{0}:{1}/error/?code=401'.format(
VIEW_HOST, VIEW_PORT))
else:
logAccess(CLOUD_URL, 'cloud',
'/private/<hash_session>/project/record/<project_name>')
project = ProjectModel.objects(name=project_name).first()
if project == None or (project != None
and project.owner != current_user
and project.access != 'public'):
return fk.redirect('{0}:{1}/error/?code=401'.format(
VIEW_HOST, VIEW_PORT))
else:
return fk.Response(project.activity_json(),
mimetype='application/json')
else:
return fk.redirect('{0}:{1}/error/?code=405'.format(
VIEW_HOST, VIEW_PORT))
def record_view(hash_session, record_id):
logTraffic(CLOUD_URL,
endpoint='/private/<hash_session>/record/view/<record_id>')
if fk.request.method == 'GET':
caccess_resp = access_manager.check_cloud(hash_session)
current_user = access_resp[1]
if current_user is not None:
try:
logAccess(CLOUD_URL, 'cloud',
'/private/<hash_session>/record/view/<record_id>')
record = RecordModel.objects.with_id(record_id)
except:
print(str(traceback.print_exc()))
if record is None:
return fk.Response('Unable to find this record.',
status.HTTP_404_NOT_FOUND)
else:
if record.project.owner == current_user:
return fk.Response(record.to_json(),
mimetype='application/json')
else:
return fk.Response('Unauthorized action on this record.',
status.HTTP_401_UNAUTHORIZED)
else:
return fk.Response('Unauthorized action on this record.',
status.HTTP_401_UNAUTHORIZED)
else:
return fk.Response('Endpoint does not support this HTTP method.',
status.HTTP_405_METHOD_NOT_ALLOWED)
def diff_comment(diff_id):
logTraffic(CLOUD_URL, endpoint='/private/diff/comment/<diff_id>')
hash_session = basicAuthSession(fk.request)
if fk.request.method == 'POST':
caccess_resp = access_manager.check_cloud(hash_session, ACC_SEC, CNT_SEC)
current_user = access_resp[1]
if current_user is not None:
try:
logAccess(CLOUD_URL, 'cloud', '/private/diff/comment/<diff_id>')
diff = DiffModel.objects.with_id(diff_id)
except:
print(str(traceback.print_exc()))
return fk.Response(str(traceback.print_exc()), status.HTTP_500_INTERNAL_SERVER_ERROR)
if diff is None:
return fk.redirect('{0}:{1}/error/?code=204'.format(VIEW_HOST, VIEW_PORT))
else:
if fk.request.data:
data = json.loads(fk.request.data)
comment = data.get("comment", {})
if len(comment) != 0:
diff.comments.append(comment)
diff.save()
return fk.Response('Diff comment posted', status.HTTP_200_OK)
else:
return fk.redirect('{0}:{1}/error/?code=400'.format(VIEW_HOST, VIEW_PORT))
else:
return fk.redirect('{0}:{1}/error/?code=415'.format(VIEW_HOST, VIEW_PORT))
else:
return fk.redirect('{0}:{1}/error/?code=401'.format(VIEW_HOST, VIEW_PORT))
else:
return fk.redirect('{0}:{1}/error/?code=405'.format(VIEW_HOST, VIEW_PORT))
def pull_record(hash_session, record_id):
logTraffic(CLOUD_URL, endpoint='/private/<hash_session>/record/pull/<record_id>')
if fk.request.method == 'GET':
access_resp = access_manager.check_cloud(hash_session, ACC_SEC, CNT_SEC)
current_user = access_resp[1]
if current_user is None:
return fk.redirect('{0}:{1}/error/?code=401'.format(VIEW_HOST, VIEW_PORT))
else:
logAccess(CLOUD_URL, 'cloud', '/private/<hash_session>/record/pull/<record_id>')
try:
record = RecordModel.objects.with_id(record_id)
except:
record = None
print(str(traceback.print_exc()))
return fk.Response(str(traceback.print_exc()), status.HTTP_500_INTERNAL_SERVER_ERROR)
if record is None:
return fk.redirect('{0}:{1}/error/?code=204'.format(VIEW_HOST, VIEW_PORT))
else:
prepared = storage_manager.prepare_record(record)
if prepared[0] == None:
print("Unable to retrieve a record to download.")
return fk.redirect('{0}:{1}/error/?code=204'.format(VIEW_HOST, VIEW_PORT))
else:
return fk.send_file(prepared[0], as_attachment=True, attachment_filename=prepared[1], mimetype='application/zip')
else:
return fk.redirect('{0}:{1}/error/?code=405'.format(VIEW_HOST, VIEW_PORT))
def file_add(record_id):
logTraffic(CLOUD_URL, endpoint='/private/record/file/upload/<record_id>')
hash_session = basicAuthSession(fk.request)
access_resp = access_manager.check_cloud(hash_session, ACC_SEC, CNT_SEC)
user_model = access_resp[1]
if user_model is None:
return fk.redirect('{0}:{1}/error/?code=401'.format(VIEW_HOST, VIEW_PORT))
else:
if fk.request.method == 'POST':
infos = {}
try:
logAccess(CLOUD_URL, 'cloud', '/private/record/file/upload/<record_id>')
record = RecordModel.objects.with_id(record_id)
except:
print(str(traceback.print_exc()))
if record is None:
return fk.redirect('{0}:{1}/error/?code=204'.format(VIEW_HOST, VIEW_PORT))
else:
if fk.request.data:
file_model = FileModel.objects.get_or_create(created_at=datetime.datetime.utcnow())
infos = json.loads(fk.request.data)
relative_path = infos.get("relative_path", "./")
group = infos.get("group", "undefined")
description = infos.get("description", "")
file_model.group = group
file_model.description = description
if fk.request.files:
if fk.request.files['file']:
file_obj = fk.request.files['file']
if current_user.quota+file_obj.tell() > 5000000000:
return fk.redirect('{0}:{1}/error/?code=403'.format(VIEW_HOST, VIEW_PORT))
else:
relative_path = "%s%s"%(relative_path, file_obj.filename)
location = str(user_model.id)+"-"+str(record.id)+"_%s"%file_obj.filename
try:
uploaded = storage_manager.storage_upload_file(file_model, file_obj)
if uploaded[0]:
file_model.relative_path = relative_path
file_model.location = location
today = datetime.date.today()
(stat, created) = StatModel.objects.get_or_create(created_at=str(datetime.datetime.utcnow()), interval="%s_%s_%s_0_0_0-%s_%s_%s_23_59_59"%(today.year, today.month, today.day, today.year, today.month, today.day), category="storage", periode="daily")
if not created:
stat.traffic += file_obj.tell()
stat.save()
file_model.save()
return fk.make_response("File uploaded with success.", status.HTTP_200_OK)
else:
return fk.redirect('{0}:{1}/error/?code=500'.format(VIEW_HOST, VIEW_PORT))
else:
file_model.delete()
return fk.redirect('{0}:{1}/error/?code=500'.format(VIEW_HOST, VIEW_PORT))
except Exception as e:
traceback.print_exc()
return fk.redirect('{0}:{1}/error/?code=400'.format(VIEW_HOST, VIEW_PORT))
else:
return fk.redirect('{0}:{1}/error/?code=400'.format(VIEW_HOST, VIEW_PORT))
else:
return fk.redirect('{0}:{1}/error/?code=405'.format(VIEW_HOST, VIEW_PORT))
def project_remove(hash_session, project_id):
logTraffic(CLOUD_URL,
endpoint='/private/<hash_session>/project/remove/<project_id>')
if fk.request.method in ['GET', 'DELETE']:
access_resp = access_manager.check_cloud(hash_session)
current_user = access_resp[1]
if current_user is not None:
logAccess(CLOUD_URL, 'cloud',
'/private/<hash_session>/project/remove/<project_id>')
project = ProjectModel.objects.with_id(project_id)
if project == None or (project != None
and project.owner != current_user):
return fk.Response('Unauthorized action on this project.',
status.HTTP_401_UNAUTHORIZED)
else:
storage_manager.delete_project_files(project, logStat)
project.delete()
logStat(deleted=True, project=project)
return cloud_response(
200, 'Deletion succeeded',
'The project %s was succesfully deleted.' % project_id)
else:
return fk.Response('Unauthorized action on this project.',
status.HTTP_401_UNAUTHORIZED)
else:
return fk.Response('Endpoint does not support this HTTP method.',
status.HTTP_405_METHOD_NOT_ALLOWED)
def project_edit(project_id):
logTraffic(CLOUD_URL, endpoint='/private/project/edit/<project_id>')
hash_session = basicAuthSession(fk.request)
if fk.request.method == 'POST':
access_resp = access_manager.check_cloud(hash_session, ACC_SEC, CNT_SEC)
current_user = access_resp[1]
if current_user is not None:
logAccess(fk, access_resp[1], CLOUD_URL, 'cloud', '/private/project/edit/<project_id>')
project = ProjectModel.objects.with_id(project_id)
if project == None or (project != None and project.owner != current_user and current_user.group != "admin"):
return fk.Response('Unauthorized action on this project.', status.HTTP_401_UNAUTHORIZED)
else:
if fk.request.data:
data = json.loads(fk.request.data)
try:
description = data.get("description", project.description)
goals = data.get("goals", project.goals)
group = data.get("group", project.group)
access = data.get("access", 'unchanged')
tags = data.get("tags", ','.join(project.tags))
environment = data.get("environment", {})
project.description = description
project.goals = goals
project.group = group
if access != "unchanged":
project.access = access
project.tags = tags.split(',')
if len(environment) != 0:
environment_model = EnvironmentModel.objects.with_id(environment['id'])
if environment_model is not None:
system = environment.get('system', environment_model.system)
version = environment.get('version', environment_model.version)
specifics = environment.get('specifics', environment_model.specifics)
group = environment.get('group', environment_model.group)
remote_bundle = environment.get('bundle', '')
environment_model.system = system
environment_model.version = version
environment_model.specifics = specifics
environment_model.group = group
if remote_bundle != '' and environment_model.bundle['scope'] != 'local':
environment_model.bundle['location'] = remote_bundle
environment_model.save()
project.save()
if access != "unchanged":
for record in RecordModel.objects(project=project):
record.access = access
record.save()
return fk.Response('Project updated', status.HTTP_200_OK)
except:
print(str(traceback.print_exc()))
return fk.Response('Failure to process. Contact admin if it persists.', status.HTTP_500_INTERNAL_SERVER_ERROR)
else:
return fk.Response('No content provided for the update.', status.HTTP_204_NO_CONTENT)
else:
return fk.Response('Unauthorized action on this project.', status.HTTP_401_UNAUTHORIZED)
else:
return fk.Response('Endpoint does not support this HTTP method.', status.HTTP_405_METHOD_NOT_ALLOWED)
def diff_create(hash_session):
logTraffic(CLOUD_URL, endpoint='/private/<hash_session>/diff/create')
if fk.request.method == 'POST':
access_resp = access_manager.check_cloud(hash_session)
current_user = access_resp[1]
if current_user is None:
return fk.Response('Unauthorized action on this endpoint.',
status.HTTP_401_UNAUTHORIZED)
else:
logAccess(CLOUD_URL, 'cloud',
'/private/<hash_session>/diff/create')
if fk.request.data:
data = json.loads(fk.request.data)
record_from_id = data.get("record_from", "")
record_to_id = data.get("record_to", "")
method = data.get("method", "undefined")
proposition = data.get("proposition", "undefined")
status = data.get("status", "undefined")
comments = data.get("comments", [])
if record_from_id == "" or record_to_id == "":
return cloud_response(
400, 'Diff not created.',
"Both record from and to be provided.")
else:
try:
record_from = RecordModel.objects.with_id(
record_from_id)
record_to = RecordModel.objects.with_id(record_to_id)
if record_to and record_from:
diff = DiffModel(created_at=str(
datetime.datetime.utcnow()),
sender=current_user,
targeted=current_user,
record_from=record_from,
record_to=record_to)
diff.method = method
diff.proposition = proposition
diff.status = status
diff.comments = comments
diff.save()
return cloud_response(
201, 'Diff successfully created.',
"The diff was created.")
else:
return fk.Response(
'Both record from and to have to exist.',
status.HTTP_404_NOT_FOUND)
except:
return fk.Response(
str(traceback.print_exc()),
status.HTTP_500_INTERNAL_SERVER_ERROR)
else:
return fk.Response('No content provided for the creation.',
status.HTTP_204_NO_CONTENT)
else:
return fk.redirect('{0}:{1}/error/?code=405'.format(
VIEW_HOST, VIEW_PORT))
def app_logo(api_token, app_id):
logTraffic(API_URL, endpoint='/developer/<api_token>/app/logo/<app_id>')
current_user = access_manager.check_api(api_token, ACC_SEC, CNT_SEC)
if current_user is not None:
logAccess(API_URL,'api', '/developer/<api_token>/app/logo/<app_id>')
if current_user.group == "developer" or current_user.group == "user" or current_user.group == "admin":
if fk.request.method == 'GET':
app = ApplicationModel.objects.with_id(app_id)
if app != None:
name = app.name if app.name != '' and app.name != None else 'unknown'
logo = app.logo
if logo.location == 'local' and ('http://' not in logo.storage and 'https://' not in logo.storage):
logo_buffer = storage_manager.storage_get_file('logo', logo.storage)
if logo_buffer == None:
return api_response(404, 'No logo found', 'We could not fetch the logo at [%s].'%logo.storage)
else:
return fk.send_file(logo_buffer, attachment_filename=logo.name, mimetype=logo.mimetype)
elif logo.location == 'remote':
logo_buffer = storage_manager.web_get_file(logo.storage)
if logo_buffer != None:
return fk.send_file(logo_buffer, attachment_filename=logo.name, mimetype=logo.mimetype)
else:
logo_buffer = storage_manager.storage_get_file('logo', 'default-logo.png')
if logo_buffer == None:
return api_response(404, 'No logo found', 'We could not fetch the logo at %s.'%logo.storage)
else:
return fk.send_file(logo_buffer, attachment_filename=logo.name, mimetype=logo.mimetype)
else:
# solve the file situation and return the appropriate one.
if 'http://' in logo.storage or 'https://' in logo.storage:
logo.location = 'remote'
logo.save()
logo_buffer = storage_manager.web_get_file(logo.storage)
if logo_buffer != None:
return fk.send_file(logo_buffer, attachment_filename=logo.name, mimetype=logo.mimetype)
else:
logo_buffer = storage_manager.storage_get_file('logo', 'default-logo.png')
if logo_buffer == None:
return api_response(404, 'No logo found', 'We could not fetch the logo at %s.'%logo.storage)
else:
return fk.send_file(logo_buffer, attachment_filename=logo.name, mimetype=logo.mimetype)
else:
logo.location = 'local'
logo.save()
logo_buffer = storage_manager.storage_get_file('logo', logo.storage)
if logo_buffer == None:
return api_response(404, 'No logo found', 'We could not fetch the logo at %s.'%logo.storage)
else:
return fk.send_file(logo_buffer, attachment_filename=logo.name, mimetype=logo.mimetype)
else:
return api_response(404, 'Request suggested an empty response', 'Unable to find this application.')
else:
return api_response(405, 'Method not allowed', 'This endpoint supports only a GET method.')
else:
return api_response(401, 'Unauthorized access to the API', 'This is not a developer account.')
else:
return api_response(401, 'Unauthorized access to the API', 'This API token is not authorized.')
def record_create(hash_session, project_id):
logTraffic(CLOUD_URL,
endpoint='/private/<hash_session>/record/create/<project_id>')
if fk.request.method == 'POST':
access_resp = access_manager.check_cloud(hash_session)
current_user = access_resp[1]
if current_user is None:
return fk.Response('Unauthorized action on this endpoint.',
status.HTTP_401_UNAUTHORIZED)
else:
logAccess(CLOUD_URL, 'cloud',
'/private/<hash_session>/record/create/<project_id>')
try:
project = ProjectModel.objects.with_id(project_id)
except:
print(str(traceback.print_exc()))
if project is None:
return fk.Response('Unable to find the referenced project.',
status.HTTP_404_NOT_FOUND)
else:
if project.owner == current_user:
if fk.request.data:
data = json.loads(fk.request.data)
try:
record = RecordModel(created_at=str(
datetime.datetime.utcnow()),
project=project)
tags = data.get("tags", "")
rationels = data.get("rationels", "")
status = data.get("status", "unknown")
content = data.get("content", "no content")
access = data.get("access", "public")
record.tags = [tags]
record.rationels = [rationels]
record.status = status
record.access = access
record.extend = {"uploaded": content}
record.save()
return cloud_response(
201, 'Record successfully created.',
"The record was created.")
except:
print(str(traceback.print_exc()))
return fk.Response(
str(traceback.print_exc()),
status.HTTP_500_INTERNAL_SERVER_ERROR)
else:
return fk.Response(
'No content provided for the creation.',
status.HTTP_204_NO_CONTENT)
else:
return fk.Response('Unauthorized action on this record.',
status.HTTP_401_UNAUTHORIZED)
else:
return fk.Response('Endpoint does not support this HTTP method.',
status.HTTP_405_METHOD_NOT_ALLOWED)
def record_create(project_id):
logTraffic(CLOUD_URL, endpoint='/private/record/create/<project_id>')
hash_session = basicAuthSession(fk.request)
if fk.request.method == 'POST':
access_resp = access_manager.check_cloud(hash_session, ACC_SEC, CNT_SEC)
current_user = access_resp[1]
if current_user is None:
return fk.Response('Unauthorized action on this endpoint.', status.HTTP_401_UNAUTHORIZED)
else:
logAccess(fk, access_resp[1], CLOUD_URL, 'cloud', '/private/record/create/<project_id>')
if current_user.quota >= current_user.max_quota*1024*1024*1024:
return fk.Response('You have exceeded your allowed maximum quota.', status.HTTP_401_UNAUTHORIZED)
try:
project = ProjectModel.objects.with_id(project_id)
except:
print(str(traceback.print_exc()))
if project is None:
return fk.Response('Unable to find the referenced project.', status.HTTP_404_NOT_FOUND)
else:
if project.owner == current_user or current_user.group == "admin":
if fk.request.data:
data = json.loads(fk.request.data)
try:
record = RecordModel(created_at=str(datetime.datetime.utcnow()), project=project)
tags = data.get("tags", "")
rationels = data.get("rationels", "")
status = data.get("status", "unknown")
content = data.get("content", "no content")
access = data.get("access", project.access)
record.tags = [tags]
record.rationels = [rationels]
record.status = status
record.access = access
record.extend = {"uploaded":content}
record.save()
if len(project.history) > 0:
head = project.history[-1]
env = EnvironmentModel.objects.with_id(head)
if env:
record.environment = env
record.save()
# project_content = {"project":json.loads(project.summary_json())}
# records = []
# for r in RecordModel.objects(project=project):
# records.append(r)
# project_content["activity"] = {"number":len(records), "records":[{"id":str(record.id), "created":str(record.created_at), "updated":str(record.updated_at), "status":str(record.status)} for record in records]}
return cloud_response(201, 'Record successfully created.', json.loads(project.summary_json()))
except:
print(str(traceback.print_exc()))
return fk.Response('Failure to process. Contact admin if it persists.', status.HTTP_500_INTERNAL_SERVER_ERROR)
else:
return fk.Response('No content provided for the creation.', status.HTTP_204_NO_CONTENT)
else:
return fk.Response('Unauthorized action on this record.', status.HTTP_401_UNAUTHORIZED)
else:
return fk.Response('Endpoint does not support this HTTP method.', status.HTTP_405_METHOD_NOT_ALLOWED)
def public_project_comments(hash_session, project_id):
logTraffic(CLOUD_URL, endpoint='/public/project/comments/<project_id>')
if fk.request.method == 'GET':
project = ProjectModel.objects.with_id(project_id)
if project == None or (project != None and project.access != 'public'):
return fk.redirect('{0}:{1}/error/?code=401'.format(VIEW_HOST, VIEW_PORT))
else:
return fk.Response(json.dumps(project.comments, sort_keys=True, indent=4, separators=(',', ': ')), mimetype='application/json')
else:
return fk.redirect('{0}:{1}/error/?code=405'.format(VIEW_HOST, VIEW_PORT))
def public_project_records(hash_session, project_id):
logTraffic(CLOUD_URL, endpoint='/public/project/record/<project_id>')
if fk.request.method == 'GET':
p = ProjectModel.objects.with_id(project_id)
if p == None or (p != None and p.access != 'public'):
return fk.redirect('{0}:{1}/error/?code=401'.format(VIEW_HOST, VIEW_PORT))
else:
return fk.Response(p.activity_json(True), mimetype='application/json')
else:
return fk.redirect('{0}:{1}/error/?code=405'.format(VIEW_HOST, VIEW_PORT))
def env_create(record_id):
logTraffic(CLOUD_URL, endpoint='/private/env/create/<record_id>')
hash_session = basicAuthSession(fk.request)
if fk.request.method == 'POST':
access_resp = access_manager.check_cloud(hash_session, ACC_SEC, CNT_SEC)
current_user = access_resp[1]
if current_user is None:
return fk.redirect('{0}:{1}/error/?code=401'.format(VIEW_HOST, VIEW_PORT))
else:
logAccess(fk, access_resp[1], CLOUD_URL, 'cloud', '/private/env/create/<record_id>')
try:
record = RecordModel.objects.with_id(record_id)
except:
print(str(traceback.print_exc()))
if record is None:
return fk.Response('Unable to find the referenced record.', status.HTTP_404_NOT_FOUND)
else:
if fk.request.data:
data = json.loads(fk.request.data)
try:
env = EnvironmentModel(created_at=str(datetime.datetime.utcnow()))
application_name = data.get("app", None)
if application_name and application_name != '':
application = ApplicationModel.objects(name=application_name).first()
if application:
# Maybe not put record increment here.
application.records = application.records + 1
application.save()
if str(current_user.id) not in application.users:
application.users.append(str(current_user.id))
application.save()
env.application = application
group = data.get("group", "unknown")
system = data.get("system", "undefined")
env.group = group
env.system = system
env.save()
project = record.project
if record.environment:
project.history.remove(str(record.environment.id))
record.environment = env
record.save()
project.history.append(str(env.id))
project.save()
return cloud_response(201, 'Environment successfully created.', project.history)
except:
print(str(traceback.print_exc()))
return fk.Response('Failure to process. Contact admin if it persists.', status.HTTP_500_INTERNAL_SERVER_ERROR)
else:
return fk.Response('No content provided for the creation.', status.HTTP_204_NO_CONTENT)
else:
return fk.redirect('{0}:{1}/error/?code=405'.format(VIEW_HOST, VIEW_PORT))
def app_connectivity(app_token):
logTraffic(API_URL, endpoint='/<app_token>/app/connectivity')
current_app = access_manager.check_app(app_token)
if current_app is not None:
logAccess(API_URL,'api', '/<app_token>/app/connectivity', current_app)
if fk.request.method == 'GET':
name = current_app.name if current_app.name != '' and current_app.name != None else 'unknown'
return api_response(200, 'Application %s is accessible'%name, current_app.info())
else:
return api_response(405, 'Method not allowed', 'This endpoint supports only a GET method.')
else:
return api_response(401, 'Unauthorized access to the API', 'This is not an app token.')
def public_record_comments(record_id):
logTraffic(CLOUD_URL, endpoint='/public/record/comments/<record_id>')
if fk.request.method == 'GET':
try:
record = RecordModel.objects.with_id(record_id)
except:
print(str(traceback.print_exc()))
if record is None or (record != None and record.access != 'public'):
return fk.redirect('{0}:{1}/error/?code=401'.format(VIEW_HOST, VIEW_PORT))
else:
return fk.Response(json.dumps(record.comments, sort_keys=True, indent=4, separators=(',', ': ')), mimetype='application/json')
else:
return fk.redirect('{0}:{1}/error/?code=405'.format(VIEW_HOST, VIEW_PORT))
def public_project_view(project_id):
logTraffic(CLOUD_URL, endpoint='/public/project/view/<project_id>')
if fk.request.method == 'GET':
p = ProjectModel.objects.with_id(project_id)
if p == None or (p != None and p.access != 'public'):
return fk.redirect('{0}:{1}/error/?code=401'.format(VIEW_HOST, VIEW_PORT))
else:
project = {"project":json.loads(p.to_json())}
records = RecordModel.objects(project=p)
project["activity"] = {"number":len(records), "records":[{"id":str(record.id), "created":str(record.created_at), "updated":str(record.updated_at), "status":str(record.status)} for record in records]}
return fk.Response(json.dumps(project, sort_keys=True, indent=4, separators=(',', ': ')), mimetype='application/json')
else:
return fk.redirect('{0}:{1}/error/?code=405'.format(VIEW_HOST, VIEW_PORT))
def public_project_records(hash_session, project_id):
logTraffic(CLOUD_URL, endpoint='/public/project/record/<project_id>')
if fk.request.method == 'GET':
p = ProjectModel.objects.with_id(project_id)
if p == None or (p != None and p.access != 'public'):
return fk.redirect('{0}:{1}/error/?code=401'.format(
VIEW_HOST, VIEW_PORT))
else:
return fk.Response(p.activity_json(True),
mimetype='application/json')
else:
return fk.redirect('{0}:{1}/error/?code=405'.format(
VIEW_HOST, VIEW_PORT))
def diff_create():
logTraffic(CLOUD_URL, endpoint='/private/diff/create')
hash_session = basicAuthSession(fk.request)
if fk.request.method == 'POST':
access_resp = access_manager.check_cloud(hash_session, ACC_SEC, CNT_SEC)
current_user = access_resp[1]
if current_user is None:
return fk.Response('Unauthorized action on this endpoint.', status.HTTP_401_UNAUTHORIZED)
else:
logAccess(CLOUD_URL, 'cloud', '/private/diff/create')
if fk.request.data:
data = json.loads(fk.request.data)
record_from_id = data.get("record_from", "")
record_to_id = data.get("record_to", "")
method = data.get("method", "undefined")
proposition = data.get("proposition", "undefined")
status = data.get("status", "undefined")
comments = data.get("comments", [])
if record_from_id == "" or record_to_id == "":
return cloud_response(400, 'Diff not created.', "Both record from and to be provided.")
else:
try:
record_from = RecordModel.objects.with_id(record_from_id)
record_to = RecordModel.objects.with_id(record_to_id)
if current_user.group != "admin":
if record_from.project.owner == current_user:
sender_user = current_user
receiver_user = record_to.project.owner
else:
sender_user = record_to.project.owner
receiver_user = record_from.project.owner
else:
sender_user = record_from.project.owner
receiver_user = record_to.project.owner
if record_to and record_from:
diff = DiffModel(created_at=str(datetime.datetime.utcnow()), sender=sender_user, targeted=receiver_user, record_from=record_from, record_to=record_to)
diff.method = method
diff.proposition = proposition
diff.status = status
diff.comments = comments
diff.save()
return cloud_response(201, 'Diff successfully created.', "The diff was created.")
else:
return fk.Response('Both record from and to have to exist.', status.HTTP_404_NOT_FOUND)
except:
return fk.Response(str(traceback.print_exc()), status.HTTP_500_INTERNAL_SERVER_ERROR)
else:
return fk.Response('No content provided for the creation.', status.HTTP_204_NO_CONTENT)
else:
return fk.redirect('{0}:{1}/error/?code=405'.format(VIEW_HOST, VIEW_PORT))
def env_create(hash_session, record_id):
logTraffic(CLOUD_URL, endpoint='/private/<hash_session>/env/create/<record_id>')
if fk.request.method == 'POST':
access_resp = access_manager.check_cloud(hash_session)
current_user = access_resp[1]
if current_user is None:
return fk.redirect('{0}:{1}/error/?code=401'.format(VIEW_HOST, VIEW_PORT))
else:
logAccess(CLOUD_URL, 'cloud', '/private/<hash_session>/env/create/<record_id>')
try:
record = RecordModel.objects.with_id(record_id)
except:
print(str(traceback.print_exc()))
if record is None:
return fk.Response('Unable to find the referenced record.', status.HTTP_404_NOT_FOUND)
else:
if fk.request.data:
data = json.loads(fk.request.data)
try:
env = EnvironmentModel(created_at=str(datetime.datetime.utcnow()))
application_name = data.get("app", None)
if application_name and application_name != '':
application = ApplicationModel.objects(name=application_name).first()
if application:
application.records = application.records + 1
application.save()
if str(current_user.id) not in application.users:
application.users.append(str(current_user.id))
application.save()
env.application = application
group = data.get("group", "unknown")
system = data.get("system", "undefined")
env.group = group
env.system = system
env.save()
project = record.project
if record.environment:
project.history.remove(str(record.environment.id))
record.environment = env
record.save()
project.history.append(str(env.id))
project.save()
return cloud_response(201, 'Environment successfully created.', project.history)
except:
print(str(traceback.print_exc()))
return fk.Response(str(traceback.print_exc()), status.HTTP_500_INTERNAL_SERVER_ERROR)
else:
return fk.Response('No content provided for the creation.', status.HTTP_204_NO_CONTENT)
else:
return fk.redirect('{0}:{1}/error/?code=405'.format(VIEW_HOST, VIEW_PORT))
def project_create(hash_session):
logTraffic(CLOUD_URL, endpoint='/private/<hash_session>/project/create')
if fk.request.method == 'POST':
access_resp = access_manager.check_cloud(hash_session)
current_user = access_resp[1]
if current_user is not None:
logAccess(CLOUD_URL, 'cloud',
'/private/<hash_session>/project/create')
if fk.request.data:
data = json.loads(fk.request.data)
try:
name = data.get("name", "")
description = data.get("description", "")
goals = data.get("goals", "")
access = data.get("access", 'public')
group = data.get("group", "undefined")
tags = data.get("tags", "")
environment = data.get("environment", {})
query_project = ProjectModel.objects(owner=current_user,
name=name).first()
if query_project is None:
project = ProjectModel(created_at=str(
datetime.datetime.utcnow()),
owner=current_user,
name=name)
project.description = description
project.access = access
project.goals = goals
project.group = group
project.tags = [tags]
project.save()
return cloud_response(201,
'Project successfully created.',
"The project was created.")
else:
return fk.Response(
'A project with this name already exists.',
status.HTTP_403_FORBIDDEN)
except:
print(str(traceback.print_exc()))
return fk.Response(str(traceback.print_exc()),
status.HTTP_500_INTERNAL_SERVER_ERROR)
else:
return fk.Response('No content provided for the creation.',
status.HTTP_204_NO_CONTENT)
else:
return fk.Response('Unauthorized action on this project.',
status.HTTP_401_UNAUTHORIZED)
else:
return fk.Response('Endpoint does not support this HTTP method.',
status.HTTP_405_METHOD_NOT_ALLOWED)
def public_env_view(env_id):
logTraffic(CLOUD_URL, endpoint='/public/env/view/<env_id>')
if fk.request.method == 'GET':
try:
env = EnvironmentModel.objects.with_id(env_id)
except:
env = None
print(str(traceback.print_exc()))
if env is None:
return fk.Response('Unable to find this environment.', status.HTTP_404_NOT_FOUND)
else:
return fk.Response(env.to_json(), mimetype='application/json')
else:
return fk.Response('Endpoint does not support this HTTP method.', status.HTTP_405_METHOD_NOT_ALLOWED)
def public_diff_view(diff_id):
logTraffic(CLOUD_URL, endpoint='/public/diff/view/<diff_id>')
if fk.request.method == 'GET':
try:
logAccess(CLOUD_URL, 'cloud', '/public/diff/view/<diff_id>')
diff = DiffModel.objects.with_id(diff_id)
except:
print(str(traceback.print_exc()))
if diff is None:
return fk.Response('Unable to find this diff.', status.HTTP_404_NOT_FOUND)
else:
return fk.Response(diff.to_json(), mimetype='application/json')
else:
return fk.Response('Endpoint does not support this HTTP method.', status.HTTP_405_METHOD_NOT_ALLOWED)
def app_connectivity(app_token):
logTraffic(API_URL, endpoint='/<app_token>/app/connectivity')
current_app = access_manager.check_app(app_token)
if current_app is not None:
logAccess(API_URL, 'api', '/<app_token>/app/connectivity', current_app)
if fk.request.method == 'GET':
name = current_app.name if current_app.name != '' and current_app.name != None else 'unknown'
return api_response(200, 'Application %s is accessible' % name,
current_app.info())
else:
return api_response(405, 'Method not allowed',
'This endpoint supports only a GET method.')
else:
return api_response(401, 'Unauthorized access to the API',
'This is not an app token.')
def diff_edit(hash_session, diff_id):
logTraffic(CLOUD_URL,
endpoint='/private/<hash_session>/diff/edit/<diff_id>')
if fk.request.method == 'POST':
access_resp = access_manager.check_cloud(hash_session)
current_user = access_resp[1]
if current_user is None:
return fk.Response('Unauthorized action on this diff.',
status.HTTP_401_UNAUTHORIZED)
else:
try:
logAccess(CLOUD_URL, 'cloud',
'/private/<hash_session>/diff/edit/<diff_id>')
diff = DiffModel.objects.with_id(diff_id)
except:
print(str(traceback.print_exc()))
if diff is None:
return fk.Response('Unable to find this diff.',
status.HTTP_404_NOT_FOUND)
else:
if fk.request.data:
data = json.loads(fk.request.data)
try:
d_method = data.get("method", diff.method)
proposition = data.get("proposition", diff.proposition)
d_status = data.get("status", diff.status)
if proposition != diff.proposition or d_method != diff.method:
if diff.status == "agreed" or diff.status == "denied":
diff.status = "altered"
if d_method != "":
diff.method = d_method
if proposition != "":
diff.proposition = proposition
if d_status != "":
diff.status = d_status
diff.save()
return fk.Response('Diff edited', status.HTTP_200_OK)
except:
print(str(traceback.print_exc()))
return fk.Response(
str(traceback.print_exc()),
status.HTTP_500_INTERNAL_SERVER_ERROR)
else:
return fk.Response('No content provided for the update.',
status.HTTP_204_NO_CONTENT)
else:
return fk.Response('Endpoint does not support this HTTP method.',
status.HTTP_405_METHOD_NOT_ALLOWED)
def public_record_view(record_id):
logTraffic(CLOUD_URL, endpoint='/public/record/view/<record_id>')
if fk.request.method == 'GET':
try:
record = RecordModel.objects.with_id(record_id)
except:
print(str(traceback.print_exc()))
if record is None:
return fk.redirect('{0}:{1}/error/?code=204'.format(VIEW_HOST, VIEW_PORT))
else:
if record.access == 'public':
return fk.Response(record.to_json(), mimetype='application/json')
else:
return fk.redirect('{0}:{1}/error/?code=401'.format(VIEW_HOST, VIEW_PORT))
else:
return fk.redirect('{0}:{1}/error/?code=405'.format(VIEW_HOST, VIEW_PORT))
def public_project_comments(hash_session, project_id):
logTraffic(CLOUD_URL, endpoint='/public/project/comments/<project_id>')
if fk.request.method == 'GET':
project = ProjectModel.objects.with_id(project_id)
if project == None or (project != None and project.access != 'public'):
return fk.redirect('{0}:{1}/error/?code=401'.format(
VIEW_HOST, VIEW_PORT))
else:
return fk.Response(json.dumps(project.comments,
sort_keys=True,
indent=4,
separators=(',', ': ')),
mimetype='application/json')
else:
return fk.redirect('{0}:{1}/error/?code=405'.format(
VIEW_HOST, VIEW_PORT))
def project_records(project_name):
logTraffic(CLOUD_URL, endpoint='/private/project/record/<project_name>')
hash_session = basicAuthSession(fk.request)
if fk.request.method == 'GET':
access_resp = access_manager.check_cloud(hash_session, ACC_SEC, CNT_SEC)
current_user = access_resp[1]
if current_user is None:
return fk.redirect('{0}:{1}/error/?code=401'.format(VIEW_HOST, VIEW_PORT))
else:
logAccess(CLOUD_URL, 'cloud', '/private/project/record/<project_name>')
project = ProjectModel.objects(name=project_name).first()
if project == None or (project != None and project.owner != current_user and project.access != 'public' and current_user.group != "admin"):
return fk.redirect('{0}:{1}/error/?code=401'.format(VIEW_HOST, VIEW_PORT))
else:
return fk.Response(project.activity_json(), mimetype='application/json')
else:
return fk.redirect('{0}:{1}/error/?code=405'.format(VIEW_HOST, VIEW_PORT))
def project_comments(project_id):
logTraffic(CLOUD_URL, endpoint='/private/project/comments/<project_id>')
hash_session = basicAuthSession(fk.request)
if fk.request.method == 'GET':
access_resp = access_manager.check_cloud(hash_session, ACC_SEC, CNT_SEC)
current_user = access_resp[1]
if current_user is None:
return fk.redirect('{0}:{1}/error/?code=401'.format(VIEW_HOST, VIEW_PORT))
else:
logAccess(CLOUD_URL, 'cloud', '/private/project/comments/<project_id>')
project = ProjectModel.objects.with_id(project_id)
if project == None or (project != None and project.access != 'public' and current_user.group != "admin"):
return fk.redirect('{0}:{1}/error/?code=401'.format(VIEW_HOST, VIEW_PORT))
else:
return fk.Response(json.dumps(project.comments, sort_keys=True, indent=4, separators=(',', ': ')), mimetype='application/json')
else:
return fk.redirect('{0}:{1}/error/?code=405'.format(VIEW_HOST, VIEW_PORT))
def diff_edit(diff_id):
logTraffic(CLOUD_URL, endpoint='/private/diff/edit/<diff_id>')
hash_session = basicAuthSession(fk.request)
if fk.request.method == 'POST':
access_resp = access_manager.check_cloud(hash_session, ACC_SEC, CNT_SEC)
current_user = access_resp[1]
if current_user is None:
return fk.Response('Unauthorized action on this diff.', status.HTTP_401_UNAUTHORIZED)
else:
try:
logAccess(CLOUD_URL, 'cloud', '/private/diff/edit/<diff_id>')
diff = DiffModel.objects.with_id(diff_id)
except:
print(str(traceback.print_exc()))
if diff is None:
return fk.Response('Unable to find this diff.', status.HTTP_404_NOT_FOUND)
else:
if diff.sender == current_user or diff.targeted == current_user or current_user.group == "admin":
if fk.request.data:
data = json.loads(fk.request.data)
try:
d_method = data.get("method", diff.method)
proposition = data.get("proposition", diff.proposition)
d_status = data.get("status", diff.status)
if proposition != diff.proposition or d_method != diff.method:
if diff.status == "agreed" or diff.status == "denied":
diff.status = "altered"
if d_method != "":
diff.method = d_method
if proposition != "":
diff.proposition = proposition
if d_status != "":
diff.status = d_status
diff.save()
return fk.Response('Diff edited', status.HTTP_200_OK)
except:
print(str(traceback.print_exc()))
return fk.Response(str(traceback.print_exc()), status.HTTP_500_INTERNAL_SERVER_ERROR)
else:
return fk.Response('No content provided for the update.', status.HTTP_204_NO_CONTENT)
else:
return fk.Response('Unauthorized action on this diff.', status.HTTP_401_UNAUTHORIZED)
else:
return fk.Response('Endpoint does not support this HTTP method.', status.HTTP_405_METHOD_NOT_ALLOWED)
def project_remove(project_id):
logTraffic(CLOUD_URL, endpoint='/private/project/remove/<project_id>')
hash_session = basicAuthSession(fk.request)
if fk.request.method in ['GET', 'DELETE']:
access_resp = access_manager.check_cloud(hash_session, ACC_SEC, CNT_SEC)
current_user = access_resp[1]
if current_user is not None:
logAccess(CLOUD_URL, 'cloud', '/private/project/remove/<project_id>')
project = ProjectModel.objects.with_id(project_id)
if project == None or (project != None and project.owner != current_user and current_user.group != "admin"):
return fk.Response('Unauthorized action on this project.', status.HTTP_401_UNAUTHORIZED)
else:
storage_manager.delete_project_files(project, logStat)
project.delete()
logStat(deleted=True, project=project)
return cloud_response(200, 'Deletion succeeded', 'The project %s was succesfully deleted.'%project_id)
else:
return fk.Response('Unauthorized action on this project.', status.HTTP_401_UNAUTHORIZED)
else:
return fk.Response('Endpoint does not support this HTTP method.', status.HTTP_405_METHOD_NOT_ALLOWED)
def record_comments(record_id):
logTraffic(CLOUD_URL, endpoint='/private/record/comments/<record_id>')
hash_session = basicAuthSession(fk.request)
if fk.request.method == 'GET':
access_resp = access_manager.check_cloud(hash_session, ACC_SEC, CNT_SEC)
current_user = access_resp[1]
if current_user is not None:
try:
logAccess(CLOUD_URL, 'cloud', '/private/record/comments/<record_id>')
record = RecordModel.objects.with_id(record_id)
except:
print(str(traceback.print_exc()))
if record is None or (record != None and record.access != 'public'):
return fk.redirect('{0}:{1}/error/?code=401'.format(VIEW_HOST, VIEW_PORT))
else:
return fk.Response(json.dumps(record.comments, sort_keys=True, indent=4, separators=(',', ': ')), mimetype='application/json')
else:
return fk.redirect('{0}:{1}/error/?code=401'.format(VIEW_HOST, VIEW_PORT))
else:
return fk.redirect('{0}:{1}/error/?code=405'.format(VIEW_HOST, VIEW_PORT))
