예제 #1
0
    def _clean_expired_subscriptions(self, collection):
        expired_time = time_utils.get_current_timestamp() - self.clean_up_time
        LOGGER.debug('Deleting subscriptions older than expired_time=%s',
                     expired_time)

        collection.delete_expired_items(expired_time=self.clean_up_time,
                                        expiration_attribute_name=EXPIRED_TIME)
        collection.delete_items_by_query({VERSION: {NOT_EQUAL: 2}})
예제 #2
0
    def _clean_expired_searches(self, collection):
        stuck_search_delete_time = self.clean_up_time * self.STUCK_SEARCH_MULTIPLIER
        timestamp_before = time_utils.get_current_timestamp() - stuck_search_delete_time
        LOGGER.debug('Deleting searches older than last_update_time=%s', timestamp_before)

        collection.delete_expired_items(expired_time=stuck_search_delete_time,
                                        expiration_attribute_name=LAST_UPDATE_TIME)
        collection.delete_items_by_query({VERSION: {NOT_EQUAL: 2}})
예제 #3
0
 def delete_invalid_entries(self, collection, collection_handler, timestamp_attribute_name):
     try:
         current_timestamp = get_current_timestamp()
         query = {timestamp_attribute_name: {constants.GREATER_THAN_OPERATOR: current_timestamp}}
         resp = collection_handler.delete_items_by_query(query)
         LOGGER.info(
             "Successfully deleted invalid entries for collection=%s with response=%s" % (collection, str(resp)))
     except:
         LOGGER.exception("Exception deleting invalid entries for collection=%s" % collection)
예제 #4
0
    def _clean_user_namespaced_items(self):
        users = get_all_mobile_users(self.session_key)

        timestamp_before = time_utils.get_current_timestamp() - self.clean_up_time
        LOGGER.debug('Deleting credentials older than last_update_time=%s, users=%s', timestamp_before, len(users))
        for owner in users:
            credentials = KVStoreCollectionAccessObject(collection=SUBSCRIPTION_CREDENTIALS_COLLECTION_NAME,
                                                        owner=owner,
                                                        session_key=self.session_key)
            credentials.delete_expired_items(expired_time=timestamp_before, expiration_attribute_name=LAST_UPDATE_TIME)
예제 #5
0
    def sync(self):
        """
        Gets all registered users. Gets all tokens per user, sorted by expiry date. Deletes all tokens except the one
        with the most recent expiration date and any that are being used as subscription credentials.
        """

        all_registered_users = get_all_mobile_users(self.session_key)
        try:
            for user in all_registered_users:
                tokens = get_all_secure_gateway_tokens(self.session_key, user)
                current_time = get_current_timestamp()

                index_to_delete = min(3, len(tokens))
                for i in range(0, index_to_delete - 1):
                    if token[i]['content']['claims']['exp'] < current_time:
                        index_to_delete = i
                        break

                tokens_to_delete = tokens[index_to_delete:]

                kvstore_subscription_credentials = KvStore(
                    constants.SUBSCRIPTION_CREDENTIALS_COLLECTION_NAME,
                    self.session_key,
                    owner=user)
                response, credentials = kvstore_subscription_credentials.get_all_items(
                )
                credentials = json.loads(credentials)
                jwt_credential = [
                    c for c in credentials if 'session_type' in c
                    and c['session_type'] == constants.JWT_TOKEN_TYPE[0]
                ]
                if jwt_credential:
                    subscription_token_info = calculate_token_info(
                        jwt_credential['session_key'])
                else:
                    subscription_token_info = None

                for token in tokens_to_delete:
                    # if that token does not exist in subscription credentials
                    if not subscription_token_info or token[
                            'name'] != subscription_token_info['id']:
                        delete_token_by_id(self.session_key, user,
                                           token['name'])
        except:
            LOGGER.exception("Exception performing DeleteTokensSync")
예제 #6
0
async def update(session_token, async_kvstore_client, async_splunk_client):
    """
    Update the devices to role mapping collection in KV Store
    """
    timestamp = get_current_timestamp()
    splunk_auth_header = SplunkAuthHeader(session_token)

    # for each user, fetch user to roles mapping
    response_code, user_to_role_dict = await async_splunk_client.async_get_users_roles_mapping(
        splunk_auth_header)

    LOGGER.debug("Fetched user role mapping with response code=%s, %s" %
                 (str(response_code), str(user_to_role_dict)))

    # For each user fetch devices registered to that user
    registered_devices_jsn = await get_registered_devices(
        splunk_auth_header, list(user_to_role_dict.keys()),
        async_kvstore_client)

    # Construct kvstore payload
    batch_payload = create_payloads(registered_devices_jsn, user_to_role_dict,
                                    timestamp)
    batch_post_to_kvstore(session_token, batch_payload)
    await clean_up_old_entries(timestamp, async_kvstore_client, session_token)
예제 #7
0
 def __init__(self, value, ttl=3600):
     self.value = value
     self.ttl = ttl
     self.timestamp = get_current_timestamp()
예제 #8
0
 def is_valid(self):
     return (get_current_timestamp() - self.timestamp) < self.ttl