def __init__(self, *args, **kwargs):
cherrypy.tools.authenticate = AuthManagerTool()
cherrypy.tools.session_expire_at_browser_close = SessionExpireAtBrowserCloseTool(
)
cherrypy.tools.dashboard_exception_handler = HandlerWrapperTool(
dashboard_exception_handler, priority=31)
cherrypy.config.update({'error_page.default': json_error_page})
super(ControllerTestCase, self).__init__(*args, **kwargs)
def __init__(self, *args, **kwargs):
cherrypy.tools.authenticate = AuthManagerTool()
cherrypy.tools.dashboard_exception_handler = HandlerWrapperTool(
dashboard_exception_handler, priority=31)
cherrypy.config.update({
'error_page.default': json_error_page,
'tools.json_in.on': True,
'tools.json_in.force': False
})
super(ControllerTestCase, self).__init__(*args, **kwargs)
def setUpClass(cls):
super().setUpClass()
cherrypy.tools.authenticate = AuthManagerTool()
cherrypy.tools.dashboard_exception_handler = HandlerWrapperTool(dashboard_exception_handler,
priority=31)
cherrypy.config.update({
'error_page.default': json_error_page,
'tools.json_in.on': True,
'tools.json_in.force': False
})
PLUGIN_MANAGER.hook.configure_cherrypy(config=cherrypy.config)
if cls._request_logging:
cherrypy.tools.request_logging = RequestLoggingTool()
cherrypy.config.update({'tools.request_logging.on': True})
def _json_stream_output(next_handler, *args, **kwargs):
""" Output JSON in stream mode. """
cherrypy.response.headers['Content-Type'] = "application/json"
_outputs = next_handler(*args, **kwargs)
if inspect.isgenerator(_outputs):
def _stream_outputs():
for _content in _outputs:
yield json.dumps(_content)
return _stream_outputs()
else:
return json.dumps(_outputs)
cherrypy.tools.json_stream_output = HandlerWrapperTool(_json_stream_output)
## Error Handling ##
def error_response(status, message, traceback, version):
""" Global http error handler, reply with status code and message json. """
cherrypy.response.status = status
cherrypy.response.headers['Content-Type'] = "application/json"
return json.dumps(dict(message=message))
# Helpers #
def unescape_html(content):
if unescape is not None:
return unescape(content)
else:
def _configure(self):
"""
Configure CherryPy and initialize self.url_prefix
:returns our URI
"""
server_addr = self.get_localized_module_option( # type: ignore
'server_addr', get_default_addr())
ssl = self.get_localized_module_option('ssl', True) # type: ignore
if not ssl:
server_port = self.get_localized_module_option(
'server_port', 8080) # type: ignore
else:
server_port = self.get_localized_module_option(
'ssl_server_port', 8443) # type: ignore
if server_addr is None:
raise ServerConfigException(
'no server_addr configured; '
'try "ceph config set mgr mgr/{}/{}/server_addr <ip>"'.format(
self.module_name, self.get_mgr_id())) # type: ignore
self.log.info(
'server: ssl=%s host=%s port=%d',
'yes' if ssl else 'no', # type: ignore
server_addr,
server_port)
# Initialize custom handlers.
cherrypy.tools.authenticate = AuthManagerTool()
cherrypy.tools.plugin_hooks_filter_request = cherrypy.Tool(
'before_handler',
lambda: PLUGIN_MANAGER.hook.filter_request_before_handler(
request=cherrypy.request),
priority=1)
cherrypy.tools.request_logging = RequestLoggingTool()
cherrypy.tools.dashboard_exception_handler = HandlerWrapperTool(
dashboard_exception_handler, priority=31)
cherrypy.log.access_log.propagate = False
cherrypy.log.error_log.propagate = False
# Apply the 'global' CherryPy configuration.
config = {
'engine.autoreload.on':
False,
'server.socket_host':
server_addr,
'server.socket_port':
int(server_port),
'error_page.default':
json_error_page,
'tools.request_logging.on':
True,
'tools.gzip.on':
True,
'tools.gzip.mime_types': [
# text/html and text/plain are the default types to compress
'text/html',
'text/plain',
# We also want JSON and JavaScript to be compressed
'application/json',
'application/javascript',
],
'tools.json_in.on':
True,
'tools.json_in.force':
False,
'tools.plugin_hooks_filter_request.on':
True,
}
if ssl:
# SSL initialization
cert = self.get_store("crt") # type: ignore
if cert is not None:
self.cert_tmp = tempfile.NamedTemporaryFile()
self.cert_tmp.write(cert.encode('utf-8'))
self.cert_tmp.flush() # cert_tmp must not be gc'ed
cert_fname = self.cert_tmp.name
else:
cert_fname = self.get_localized_module_option(
'crt_file') # type: ignore
pkey = self.get_store("key") # type: ignore
if pkey is not None:
self.pkey_tmp = tempfile.NamedTemporaryFile()
self.pkey_tmp.write(pkey.encode('utf-8'))
self.pkey_tmp.flush() # pkey_tmp must not be gc'ed
pkey_fname = self.pkey_tmp.name
else:
pkey_fname = self.get_localized_module_option(
'key_file') # type: ignore
verify_tls_files(cert_fname, pkey_fname)
config['server.ssl_module'] = 'builtin'
config['server.ssl_certificate'] = cert_fname
config['server.ssl_private_key'] = pkey_fname
self.update_cherrypy_config(config)
self._url_prefix = prepare_url_prefix(
self.get_module_option( # type: ignore
'url_prefix', default=''))
uri = "{0}://{1}:{2}{3}/".format(
'https' if ssl else 'http',
socket.getfqdn() if server_addr in ['::', '0.0.0.0'] else
server_addr, server_port, self.url_prefix)
return uri
def _configure(self):
"""
Configure CherryPy and initialize self.url_prefix
:returns our URI
"""
server_addr = self.get_localized_config('server_addr', '::')
server_port = self.get_localized_config('server_port', '8080')
if server_addr is None:
raise ServerConfigException(
'no server_addr configured; '
'try "ceph config set mgr mgr/{}/{}/server_addr <ip>"'.format(
self.module_name, self.get_mgr_id()))
self.log.info('server_addr: %s server_port: %s', server_addr,
server_port)
# Initialize custom handlers.
cherrypy.tools.authenticate = cherrypy.Tool('before_handler',
Auth.check_auth)
cherrypy.tools.session_expire_at_browser_close = SessionExpireAtBrowserCloseTool(
)
cherrypy.tools.request_logging = RequestLoggingTool()
cherrypy.tools.dashboard_exception_handler = HandlerWrapperTool(
dashboard_exception_handler, priority=31)
# SSL initialization
cert = self.get_store("crt")
if cert is not None:
self.cert_tmp = tempfile.NamedTemporaryFile()
self.cert_tmp.write(cert.encode('utf-8'))
self.cert_tmp.flush() # cert_tmp must not be gc'ed
cert_fname = self.cert_tmp.name
else:
cert_fname = self.get_localized_config('crt_file')
pkey = self.get_store("key")
if pkey is not None:
self.pkey_tmp = tempfile.NamedTemporaryFile()
self.pkey_tmp.write(pkey.encode('utf-8'))
self.pkey_tmp.flush() # pkey_tmp must not be gc'ed
pkey_fname = self.pkey_tmp.name
else:
pkey_fname = self.get_localized_config('key_file')
if not cert_fname or not pkey_fname:
raise ServerConfigException('no certificate configured')
if not os.path.isfile(cert_fname):
raise ServerConfigException('certificate %s does not exist' %
cert_fname)
if not os.path.isfile(pkey_fname):
raise ServerConfigException('private key %s does not exist' %
pkey_fname)
# Apply the 'global' CherryPy configuration.
config = {
'engine.autoreload.on': False,
'server.socket_host': server_addr,
'server.socket_port': int(server_port),
'server.ssl_module': 'builtin',
'server.ssl_certificate': cert_fname,
'server.ssl_private_key': pkey_fname,
'error_page.default': json_error_page,
'tools.request_logging.on': True
}
cherrypy.config.update(config)
self._url_prefix = prepare_url_prefix(
self.get_config('url_prefix', default=''))
uri = "https://{0}:{1}{2}/".format(
socket.getfqdn() if server_addr == "::" else server_addr,
server_port, self.url_prefix)
return uri
def _configure(self):
"""
Configure CherryPy and initialize self.url_prefix
:returns our URI
"""
server_addr = self.get_localized_module_option('server_addr',
get_default_addr())
ssl = self.get_localized_module_option('ssl', True)
if not ssl:
server_port = self.get_localized_module_option('server_port', 8080)
else:
server_port = self.get_localized_module_option(
'ssl_server_port', 8443)
if server_addr is None:
raise ServerConfigException(
'no server_addr configured; '
'try "ceph config set mgr mgr/{}/{}/server_addr <ip>"'.format(
self.module_name, self.get_mgr_id()))
self.log.info('server: ssl=%s host=%s port=%d', 'yes' if ssl else 'no',
server_addr, server_port)
# Initialize custom handlers.
cherrypy.tools.authenticate = AuthManagerTool()
cherrypy.tools.plugin_hooks = cherrypy.Tool(
'before_handler',
lambda: PLUGIN_MANAGER.hook.filter_request_before_handler(
request=cherrypy.request),
priority=10)
cherrypy.tools.request_logging = RequestLoggingTool()
cherrypy.tools.dashboard_exception_handler = HandlerWrapperTool(
dashboard_exception_handler, priority=31)
# Apply the 'global' CherryPy configuration.
config = {
'engine.autoreload.on':
False,
'server.socket_host':
server_addr,
'server.socket_port':
int(server_port),
'error_page.default':
json_error_page,
'tools.request_logging.on':
True,
'tools.gzip.on':
True,
'tools.gzip.mime_types': [
# text/html and text/plain are the default types to compress
'text/html',
'text/plain',
# We also want JSON and JavaScript to be compressed
'application/json',
'application/javascript',
],
'tools.json_in.on':
True,
'tools.json_in.force':
False,
'tools.plugin_hooks.on':
True,
}
if ssl:
# SSL initialization
cert = self.get_store("crt")
if cert is not None:
self.cert_tmp = tempfile.NamedTemporaryFile()
self.cert_tmp.write(cert.encode('utf-8'))
self.cert_tmp.flush() # cert_tmp must not be gc'ed
cert_fname = self.cert_tmp.name
else:
cert_fname = self.get_localized_module_option('crt_file')
pkey = self.get_store("key")
if pkey is not None:
self.pkey_tmp = tempfile.NamedTemporaryFile()
self.pkey_tmp.write(pkey.encode('utf-8'))
self.pkey_tmp.flush() # pkey_tmp must not be gc'ed
pkey_fname = self.pkey_tmp.name
else:
pkey_fname = self.get_localized_module_option('key_file')
if not cert_fname or not pkey_fname:
raise ServerConfigException('no certificate configured')
if not os.path.isfile(cert_fname):
raise ServerConfigException('certificate %s does not exist' %
cert_fname)
if not os.path.isfile(pkey_fname):
raise ServerConfigException('private key %s does not exist' %
pkey_fname)
# Do some validations to the private key and certificate:
# - Check the type and format
# - Check the certificate expiration date
# - Check the consistency of the private key
# - Check that the private key and certificate match up
try:
with open(cert_fname) as f:
x509 = crypto.load_certificate(crypto.FILETYPE_PEM,
f.read())
if x509.has_expired():
self.log.warning(
'Certificate {} has been expired'.format(
cert_fname))
except (ValueError, crypto.Error) as e:
raise ServerConfigException(
'Invalid certificate {}: {}'.format(cert_fname, str(e)))
try:
with open(pkey_fname) as f:
pkey = crypto.load_privatekey(crypto.FILETYPE_PEM,
f.read())
pkey.check()
except (ValueError, crypto.Error) as e:
raise ServerConfigException(
'Invalid private key {}: {}'.format(pkey_fname, str(e)))
try:
context = SSL.Context(SSL.TLSv1_METHOD)
context.use_certificate_file(cert_fname, crypto.FILETYPE_PEM)
context.use_privatekey_file(pkey_fname, crypto.FILETYPE_PEM)
context.check_privatekey()
except crypto.Error as e:
self.log.warning(
'Private key {} and certificate {} do not match up: {}'.
format(pkey_fname, cert_fname, str(e)))
config['server.ssl_module'] = 'builtin'
config['server.ssl_certificate'] = cert_fname
config['server.ssl_private_key'] = pkey_fname
cherrypy.config.update(config)
self._url_prefix = prepare_url_prefix(
self.get_module_option('url_prefix', default=''))
uri = "{0}://{1}:{2}{3}/".format(
'https' if ssl else 'http',
socket.getfqdn() if server_addr == "::" else server_addr,
server_port, self.url_prefix)
return uri
def _configure(self):
"""
Configure CherryPy and initialize self.url_prefix
:returns our URI
"""
server_addr = self.get_localized_module_option('server_addr', '::')
ssl = strtobool(self.get_localized_module_option('ssl', 'True'))
def_server_port = 8443
if not ssl:
def_server_port = 8080
server_port = self.get_localized_module_option('server_port',
def_server_port)
if server_addr is None:
raise ServerConfigException(
'no server_addr configured; '
'try "ceph config set mgr mgr/{}/{}/server_addr <ip>"'.format(
self.module_name, self.get_mgr_id()))
self.log.info('server_addr: %s server_port: %s', server_addr,
server_port)
# Initialize custom handlers.
cherrypy.tools.authenticate = AuthManagerTool()
cherrypy.tools.request_logging = RequestLoggingTool()
cherrypy.tools.dashboard_exception_handler = HandlerWrapperTool(
dashboard_exception_handler, priority=31)
# Apply the 'global' CherryPy configuration.
config = {
'engine.autoreload.on':
False,
'server.socket_host':
server_addr,
'server.socket_port':
int(server_port),
'error_page.default':
json_error_page,
'tools.request_logging.on':
True,
'tools.gzip.on':
True,
'tools.gzip.mime_types': [
# text/html and text/plain are the default types to compress
'text/html',
'text/plain',
# We also want JSON and JavaScript to be compressed
'application/json',
'application/javascript',
],
'tools.json_in.on':
True,
'tools.json_in.force':
False
}
if ssl:
# SSL initialization
cert = self.get_store("crt")
if cert is not None:
self.cert_tmp = tempfile.NamedTemporaryFile()
self.cert_tmp.write(cert.encode('utf-8'))
self.cert_tmp.flush() # cert_tmp must not be gc'ed
cert_fname = self.cert_tmp.name
else:
cert_fname = self.get_localized_module_option('crt_file')
pkey = self.get_store("key")
if pkey is not None:
self.pkey_tmp = tempfile.NamedTemporaryFile()
self.pkey_tmp.write(pkey.encode('utf-8'))
self.pkey_tmp.flush() # pkey_tmp must not be gc'ed
pkey_fname = self.pkey_tmp.name
else:
pkey_fname = self.get_localized_module_option('key_file')
if not cert_fname or not pkey_fname:
raise ServerConfigException('no certificate configured')
if not os.path.isfile(cert_fname):
raise ServerConfigException('certificate %s does not exist' %
cert_fname)
if not os.path.isfile(pkey_fname):
raise ServerConfigException('private key %s does not exist' %
pkey_fname)
config['server.ssl_module'] = 'builtin'
config['server.ssl_certificate'] = cert_fname
config['server.ssl_private_key'] = pkey_fname
cherrypy.config.update(config)
self._url_prefix = prepare_url_prefix(
self.get_module_option('url_prefix', default=''))
uri = "{0}://{1}:{2}{3}/".format(
'https' if ssl else 'http',
socket.getfqdn() if server_addr == "::" else server_addr,
server_port, self.url_prefix)
return uri
def __init__(self):
HandlerWrapperTool.__init__(self, self.publish, name="jinja")
self.template = None
def callable(self, template='index.html'):
self.template = template
HandlerWrapperTool.callable(self)
def callable(self, filename=None, *args, **kwargs):
HandlerWrapperTool.callable(self)
def __init__(self):
HandlerWrapperTool.__init__(self, self.publish, name="jinja")
self.template = None
def __init__(self):
HandlerWrapperTool.__init__(self, self.jinja)
def callable(self, format='xslt', template_dir='views/site', template='index.xsl', extend_xml={}):
cherrypy.request.format = format
HandlerWrapperTool.callable(self)
def _setup(self, *args, **kwargs):
if cherrypy.request.config.get('tools.staticdir.on', False) or \
cherrypy.request.config.get('tools.staticfile.on', False):
return
HandlerWrapperTool._setup(self, *args, **kwargs)
def __init__(self):
self.extend = {}
HandlerWrapperTool.__init__(self, self.publish)
def callable(self, template = 'index.html'):
self.template = template
HandlerWrapperTool.callable(self)
