def json(self):
"""Return json representation.
:return: json string {"id":.., "name":.., "desc":.., "service":.., "catalog":.., "uri":..,"enabled":..}
"""
if self.creation is not None:
creation = str2uni(self.creation.strftime('%d-%m-%y %H:%M:%S'))
else:
creation = None
if self.modified is not None:
modified = str2uni(self.modified.strftime('%d-%m-%y %H:%M:%S'))
else:
modified = None
msg = {
'id': self.id,
'name': self.name,
'desc': self.desc,
'service': self.service,
'date': {
'creation': creation,
'modified': modified
},
'catalog': self.catalog_id,
'uri': self.uri,
'enabled': self.enabled
}
return json.dumps(msg)
def dict(self):
"""Return dict representation.
:return: dict {'id':.., 'name':.., 'desc':.., 'service':.., catalog':.., 'uri':.., 'enabled':..}
"""
if self.creation is not None:
creation = str2uni(self.creation.strftime('%d-%m-%y %H:%M:%S'))
else:
creation = None
if self.modified is not None:
modified = str2uni(self.modified.strftime('%d-%m-%y %H:%M:%S'))
else:
modified = None
msg = {
'id': self.id,
'name': self.name,
'desc': self.desc,
'service': self.service,
'date': {
'creation': creation,
'modified': modified
},
'catalog': self.catalog_id,
'uri': self.uri,
'enabled': self.enabled
}
return msg
def __convert_timestamp(self, timestamp):
"""
"""
if isinstance(timestamp, float):
timestamp = datetime.fromtimestamp(timestamp)
return str2uni(timestamp.strftime('%d-%m-%Y %H:%M:%S.%f'))
return ''
def validate_login_params(self, name, domain, password, login_ip):
"""Validate main login params.
:param name: user name
:param domain: user authentication domain
:param password: user password
:param login_ip: user login_ip
:raise ApiManagerError:
"""
if domain is None:
domain = u'local'
# set user in thread local variable
operation.user = (u'%s@%s' % (name, domain), login_ip, None)
# Validate input data and login user
try:
if name.strip() == u'':
msg = u'Username is not provided or syntax is wrong'
self.logger.error(msg)
raise ApiManagerError(msg, code=400)
if password.strip() == u'':
msg = u'Password is not provided or syntax is wrong'
self.logger.error(msg)
raise ApiManagerError(msg, code=400)
if domain.strip() == u'':
msg = u'Domain is not provided or syntax is wrong'
self.logger.error(msg)
raise ApiManagerError(msg, code=400)
try:
login_ip = gethostbyname(login_ip)
IPv4Address(str2uni(login_ip))
except Exception as ex:
msg = u'Ip address is not provided or syntax is wrong'
self.logger.error(msg, exc_info=1)
raise ApiManagerError(msg, code=400)
self.logger.debug(u'User %s@%s:%s validated' %
(name, domain, login_ip))
except ApiManagerError as ex:
raise ApiManagerError(ex.value, code=ex.code)
def update_data(pipe):
# get data from redis
val = pipe.get(_prefix + task_id)
if val is not None:
result = json.loads(val)
if result.get(u'status') != u'FAILURE':
result.update(data)
else:
result.update({u'stop_time':stop_time})
else:
result = {
u'name':name,
u'type':inner_type,
u'task_id':task_id,
u'worker':hostname,
u'args':args,
u'kwargs':kwargs,
u'status':status,
u'result':retval,
u'traceback':traceback,
u'start_time':start_time,
u'stop_time':stop_time,
u'children':childs,
u'jobs':jobs,
u'trace':[]}
# update task trace
if msg is not None:
_timestamp = str2uni(datetime.today().strftime(u'%d-%m-%y %H:%M:%S-%f'))
result[u'trace'].append((_timestamp, msg))
# serialize data
val = json.dumps(result)
# save data in redis
pipe.setex(_prefix + task_id, _expire, val)
def convert_timestamp(self, timestamp):
"""
"""
timestamp = datetime.fromtimestamp(timestamp)
return str2uni(timestamp.strftime(u'%d-%m-%Y %H:%M:%S.%f'))
def simple_http_login(self, name, domain, password, login_ip):
"""Simple http authentication login
:param name: user name
:param domain: user authentication domain
:param password: user password
:param login_ip: user login_ip
:return: True
:raises ApiManagerError: raise :class:`ApiManagerError`
"""
user_name = '%s@%s' % (name, domain)
# validate input params
try:
self.validate_login_params(name, domain, password, login_ip)
except ApiManagerError as ex:
raise
# check user
try:
dbuser, dbuser_attribs = self.check_login_user(
name, domain, password, login_ip)
except ApiManagerError as ex:
raise
# check user has authentication filter
auth_filters = dbuser_attribs.get('auth-filters',
('', None))[0].split(',')
if 'simplehttp' not in auth_filters:
msg = 'Simple http authentication is not allowed for user %s' % user_name
self.logger.error(msg)
raise ApiManagerError(msg, code=401)
# check user ip is in allowed cidr
auth_cidrs = dbuser_attribs.get('auth-cidrs', '')[0].split(',')
allowed = False
for auth_cidr in auth_cidrs:
allowed_cidr = IPv4Network(str2uni(auth_cidr))
user_ip = IPv4Network('%s/32' % login_ip)
if user_ip.overlaps(allowed_cidr) is True:
allowed = True
break
if allowed is False:
msg = 'User %s ip %s can not perform simple http authentication' % (
user_name, login_ip)
self.logger.error(msg)
raise ApiManagerError(msg, code=401)
# login user
try:
user, attrib = self.base_login(self.get_login_email(dbuser),
domain, password, login_ip, dbuser,
dbuser_attribs)
except ApiManagerError as ex:
raise
res = {
'uid': id_gen(20),
'type': 'simplehttp',
'user': user.get_dict(),
'timestamp': datetime.now().strftime('%y-%m-%d-%H-%M')
}
return res
def __str__(self):
creation = str2uni(self.creation.strftime("%d-%m-%y %H:%M:%S"))
res = "<Event id=%s, type=%s, creation=%s, data='%s', source='%s',\
dest='%s'>" % (self.id, self.type, creation, self.data,
self.source, self.dest)
return res
def simple_http_login(self, name, domain, password, login_ip):
"""Simple http authentication login
:param name: user name
:param domain: user authentication domain
:param password: user password
:param login_ip: user login_ip
:return: True
:raise ApiManagerError:
"""
opts = {
u'name':name,
u'domain':domain,
u'password':u'xxxxxxx',
u'login_ip':login_ip
}
user_name = u'%s@%s' % (name, domain)
# validate input params
try:
self.validate_login_params(name, domain, password, login_ip)
except ApiManagerError as ex:
#User(self).send_event(u'simplehttp.login.insert', params=opts,
# exception=ex)
raise
# check user
try:
dbuser, dbuser_attribs = self.check_login_user(name, domain,
password, login_ip)
except ApiManagerError as ex:
#User(self).send_event(u'simplehttp.login.insert', params=opts,
# exception=ex)
raise
# check user has authentication filter
auth_filters = dbuser_attribs.get(u'auth-filters', (u'', None))[0].split(u',')
if u'simplehttp' not in auth_filters:
msg = u'Simple http authentication is not allowed for user %s' % \
user_name
#User(self).send_event(u'simplehttp.login.insert', params=opts,
# exception=msg)
self.logger.error(msg)
raise ApiManagerError(msg, code=401)
# check user ip is in allowed cidr
auth_cidrs = dbuser_attribs.get(u'auth-cidrs', u'')[0].split(u',')
allowed = False
for auth_cidr in auth_cidrs:
allowed_cidr = IPv4Network(str2uni(auth_cidr))
user_ip = IPv4Network(u'%s/32' % login_ip)
if user_ip.overlaps(allowed_cidr) is True:
allowed = True
break
if allowed is False:
msg = u'User %s ip %s can not perform simple http authentication' % \
(user_name, login_ip)
#User(self).send_event(u'simplehttp.login.insert', params=opts,
# exception=msg)
self.logger.error(msg)
raise ApiManagerError(msg, code=401)
# login user
try:
user, attrib = self.base_login(name, domain, password, login_ip,
dbuser, dbuser_attribs)
except ApiManagerError as ex:
#User(self).send_event(u'simplehttp.login.insert', params=opts,
# exception=ex)
raise
res = {u'uid':id_gen(20),
u'type':u'simplehttp',
u'user':user.get_dict(),
u'timestamp':datetime.now().strftime(u'%y-%m-%d-%H-%M')}
#User(self).send_event(u'simplehttp.login.insert', params=opts)
return res
def __str__(self):
creation = str2uni(self.creation.strftime('%d-%m-%y %H:%M:%S'))
res = '<Event id=%s, type=%s, creation=%s, data=%s, source=%s, dest=%s>' % \
(self.id, self.type, creation, self.data, self.source, self.dest)
return res
def cdate(self, date):
"""
"""
temp = datetime.fromtimestamp(date)
return str2uni(temp.strftime(u'%d-%m-%y %H:%M:%S'))
def get_events(self, oid=None, etype=None, data=None,
source=None, dest=None, datefrom=None, dateto=None,
page=0, size=10, objid=None, objdef=None, objtype=None):
"""Get events.
:param oid str: event oid [optional]
:param etype str: list of event type [optional]
:param data str: event data [optional]
:param source str: event source [optional]
:param dest str: event destinatiaion [optional]
:param datefrom: event data from. Ex. '2015-3-9-15-23-56' [optional]
:param dateto: event data to. Ex. '2015-3-9-15-23-56' [optional]
:param page: event list page to show [default=0]
:param size: number of event to show in list per page [default=0]
:param objid str: entity id [optional]
:param objtype str: entity type [optional]
:param objdef str: entity definition [optional]
:return: List of events (id, type, objid, creation, data, source, dest)
:rtype: list of tuple
:raises ApiManagerError: raise :class:`ApiManagerError`
"""
# verify permissions
if etype is not None:
objs = self.can(u'view', u'event', definition=etype)
else:
objs = self.can(u'view', u'event')
# add ApiViewResponse objects definition statically
#objs[ApiViewResponse.objdef] = [u'*']
try:
count, events = self.event_manager.gets(oid=oid, etype=etype,
data=data, source=source,
dest=dest, datefrom=datefrom,
dateto=dateto, page=page,
size=size, objid=objid,
objdef=objdef,
objtype=objtype)
except QueryError as ex:
self.logger.error(ex, exc_info=1)
raise ApiManagerError(ex)
try:
res = {u'events':[],
u'count':size,
u'page':page,
u'total':count}
for i in events:
objdef = i.objdef.lower()
if objdef not in objs:
continue
# check authorization
objset = set(objs[objdef])
creation = str2uni(i.creation.strftime(u'%d-%m-%Y %H:%M:%S.%f'))
data = None
try:
data = json.loads(i.data)
except Exception as ex:
self.logger.warn(u'Can not parse event %s data' % i.id, exc_info=1)
obj = {u'id':i.id,
u'event_id':i.event_id,
u'type':i.type,
u'objid':i.objid,
u'objdef':i.objdef,
u'objtype':i.objtype,
u'date':creation,
u'data':data,
u'source':json.loads(i.source),
u'dest':json.loads(i.dest)}
# create needs
needs = self.get_needs(i.objid.split(u'//'))
# check if needs overlaps perms
if self.has_needs(needs, objset) is True:
res[u'events'].append(obj)
self.logger.debug(u'Get events: %s' % truncate(res))
return res
except QueryError as ex:
self.logger.error(ex)
raise ApiManagerError(ex)
def update_data():
# get data from redis
# key = '%s%s' % (_prefix, task_id)
# get data from redis
result = TaskResult.get_from_redis_with_retry(task_id)
# try:
# val = _redis.get(key)
# except:
# logger.warn('', exc_info=1)
# val = None
if result is not None:
# result = json.loads(val)
if result.get('status') != 'FAILURE':
result.update(data)
else:
result.update({'stop_time': stop_time})
# check job already present in task jobs list
val_jobs = result.get('jobs', [])
if val_jobs is None:
result['jobs'] = []
val_jobs = []
if jobs is not None:
for job in jobs:
if job not in val_jobs:
result['jobs'].append(job)
else:
result = {
'name': name,
'type': inner_type,
'task_id': task_id,
'worker': hostname,
'args': args,
'kwargs': kwargs,
'status': status,
'result': retval,
'traceback': traceback,
'start_time': time(),
# 'start_time': start_time,
'stop_time': stop_time,
'children': childs,
'jobs': jobs,
'counter': 0,
'trace': []
}
# update task trace
if msg is not None:
# msg1 = '(%s) %s' % (task_id, msg)
msg1 = msg
if failure is True:
msg1 = 'ERROR %s' % msg1
else:
msg1 = 'DEBUG %s' % msg1
_timestamp = str2uni(
datetime.today().strftime('%d-%m-%y %H:%M:%S-%f'))
result['trace'].append((_timestamp, msg1))
# save data
val = TaskResult.set_to_redis_with_retry(task_id, result)
return val