def init(conf):
global superrole
global superuser
token_conf = conf.get('token')
if not token_conf:
token_conf = {'exp': 3600}
logger.debug('token conf : %s ' % token_conf)
global tokmgr
tokmgr = token.TokenManager(token_conf)
global oplogger
oplogger = EventManager(conf)
db = get_database(conf)
try:
superrole = db.role_get_by_name(super_context, 'superrole')
except HTTPError:
role = {
"name": 'superrole',
"description": "this role has super power, take it carefully ! "
}
superrole = db.role_create(super_context, role)
superuser = db.get_super_user(super_context, superrole.id)
password = uuidutils.generate_uuid(False)
if not superuser:
user = {
'name': 'root',
'password': password,
'role_id': superrole.id
}
superuser = db.create_user(super_context, user)
logger.error('root password is : {0}, you should change it at the first time'.format(password))
def do_create_default_roles(conf):
super_context = {'is_superuser': True}
db = db_api.get_database(conf)
roles = {'admin', 'operator', 'user'}
for role in roles:
role_info = {'name': role}
db.role_create(super_context, role_info)
def check_token(auth_header, user):
if not user:
logger.error('user should not be none')
raise HTTPError(401, 'user should not be none')
if isinstance(user, list):
user = user[0]
if isinstance(user, string_types) :
db = get_database(None)
try:
user = db.get_user_by_name(super_context, user)
except NotFound:
logger.error('user {0} is not found'.format(user))
raise HTTPError(401, 'user {0} is not found'.format(user))
username = user.name
if not auth_header:
logger.error('no token')
raise HTTPError(401, 'token for user {0} is not found'.format(username))
scheme, tok = auth_header.split(' ', 1)
if scheme == 'Bearer':
valid = tokmgr.check_token(tok, user)
if not valid:
logger.error('invalid token for user : {0}'.format(username))
raise HTTPError(401, 'invalid token')
def __init__(self, conf):
mysqlconf = conf.get('database')
try:
self.db = db_api.get_database(mysqlconf)
except Exception as e:
logger.error(e)
return
server_dict = conf.get('servercontroller')
logger.info(str(server_dict))
self.server_port = server_dict['server_port']
self.client_port = server_dict['client_port']
self.worker_size = int(server_dict['worker_size'])
self.timer_interval = server_dict['timer_interval']
if self.server_port == None or self.timer_interval == None or self.worker_size == None or self.client_port == None:
logger.error('conf is lost')
logger.error(str(conf))
return
self.workstate_dict = {}
self.message = Message('tcp', self.server_port, self.client_port)
self.message.start_server()
self.alivelock = threading.Lock()
self.workstatelock = threading.Lock()
self.workeralivedict = {}
self.workerpool_list = []
self.message_resolver = MessageResolver(self.db, self)
self.create_workerpool()
self.worker_balancer = WorkerBalancer(self.workerpool_list)
self.create_listen()
self.create_keepalive_sender()
def login(request, **kwargs):
global tokmgr
if request.method == 'POST':
auth_header = request.headers.get('authorization')
db = get_database(None)
username = kwargs.get('user')
if username:
try:
user_info = db.get_user_by_name(super_context, username)
except NotFound:
logger.error('user {0} is not found'.format(username))
raise HTTPError(401, 'user {0} is not found'.format(username))
else:
logger.error('no username')
raise HTTPError(400, 'please input the username')
logger.info('user {0} is trying to log in'.format(username))
if auth_header:
try:
check_token(auth_header, user_info)
except HTTPError:
raise
else:
password = kwargs.get('password')
valid = auth_basic.verify_user(user_info, username, password)
if valid:
payload = tokmgr.build_payload(username)
tok = token.genarate_token(payload, user_info.key)
role = user_info.role
rolename = ''
if role:
rolename = role.name
msg = 'user {0} is logged in from {1}'.format(username, request.headers.get('Remote-Addr'))
logger.info(msg)
oplogger.log_event(super_context, msg)
return {'token': tok,
'role':rolename,
'user_id': user_info.id
}
raise HTTPError(401, 'user {0} password is not right'.format(username))
elif cherrypy.request.method == 'OPTIONS':
cherrypy.response.headers['Access-Control-Allow-Methods'] = 'POST, PUT, DELETE'
cherrypy.response.headers['Access-Control-Allow-Headers'] = 'content-type'
cherrypy.response.headers['Access-Control-Allow-Origin'] = '*'
return
else:
raise cherrypy.HTTPRedirect('/')
def worker_update(db, context):
worker = {'id': 'a9c66cbd-ba89-4e2f-9275-2908865339c2', 'name': 'abc'}
w = db.update_worker(context, worker)
if __name__ == '__main__':
conf = {
'driver': 'mysql',
'user': '******',
'password': '******',
'host': '10.202.127.11',
'database': 'test',
}
db = db_api.get_database(conf)
#t2(db)
#t3(db)
#t1(db)
#t5(db)
#t6(db)
#t7(db)
#user_create_test(db)
#role_create_test(db)
context = {'is_superuser': True}
#updata_user(db, context)
#state_create_test(db, context)
#state_get_test(db, context)
#worker_create(db, context)
#worker_update(db, context)
task_list(db, context)
def __init__(self, conf):
self.db = db_api.get_database(conf)
self.policy = PolicyManager(conf)
self.conf = conf
self.oplogger = EventManager(conf)
self.admin_role = self.policy.get_admin_role()
def __init__(self, conf):
self.conf = conf
self.db = db_api.get_database(conf)