def POST_index(self):
# Mark the active tab.
c.services_active = 'active'
# Get the internal id.
internalServiceId = request.params.get("internalServiceId")
print 'Internal service id ' + internalServiceId
# Check if there is another service already with this service id.
service_id = request.params.get("serviceID")
previous_service = Service.by_id(service_id)
if previous_service and str(
previous_service['_id']) != internalServiceId:
# TODO: somehow notify the error.
print "A service can't have the same service id as an existing service."
return h.redirect_to(controller='services')
# Look for a service with this id.
service = Service.by_internal_id(internalServiceId)
if not internalServiceId or not service:
# If we didn't get an internal service id or we couldn't find such service, we are creating a new one.
print 'Creating new service'
service = Service()
else:
print 'Service found, with internal id ' + str(service._id)
# Service
service.service_id = request.params.get("serviceID")
service.version = request.params.get("serviceVersion")
service.description = request.params.get("serviceDescription")
service.tags = request.params.get("serviceTags")
if service.tags:
service.tags = service.tags.split(',')
else:
service.tags = []
service.port = request.params.get("servicePort")
service.num_users = request.params.get("numClientsSupported", "")
try:
service.num_users = int(service.num_users)
except Exception as e:
service.num_users = 0
# Requirements
service.min_memory = request.params.get("reqMinMem")
service.ideal_memory = request.params.get("reqIdealMem")
# VM Image info.
service.vm_image = VMImage()
service.vm_image.disk_image = request.params.get(
"vmDiskImageFileValue")
service.vm_image.state_image = request.params.get(
"vmStateImageFileValue")
# Create or update the information.
service.save()
# Render the page.
return h.redirect_to(controller='services')
def POST_index(self):
# Mark the active tab.
c.services_active = 'active'
# Get the internal id.
internalServiceId = request.params.get("internalServiceId")
print 'Internal service id ' + internalServiceId
# Check if there is another service already with this service id.
service_id = request.params.get("serviceID")
previous_service = Service.by_id(service_id)
if previous_service and str(previous_service['_id']) != internalServiceId:
# TODO: somehow notify the error.
print "A service can't have the same service id as an existing service."
return h.redirect_to(controller='services')
# Look for a service with this id.
service = Service.by_internal_id(internalServiceId)
if not internalServiceId or not service:
# If we didn't get an internal service id or we couldn't find such service, we are creating a new one.
print 'Creating new service'
service = Service()
else:
print 'Service found, with internal id ' + str(service._id)
# Service
service.service_id = request.params.get("serviceID")
service.version = request.params.get("serviceVersion")
service.description = request.params.get("serviceDescription")
service.tags = request.params.get("serviceTags")
if service.tags:
service.tags = service.tags.split(',')
else:
service.tags = []
service.port = request.params.get("servicePort")
service.num_users = request.params.get("numClientsSupported", "")
try:
service.num_users = int(service.num_users)
except Exception as e:
service.num_users = 0
# Requirements
service.min_memory = request.params.get("reqMinMem")
service.ideal_memory = request.params.get("reqIdealMem")
# VM Image info.
service.vm_image = VMImage()
service.vm_image.disk_image = request.params.get("vmDiskImageFileValue")
service.vm_image.state_image = request.params.get("vmStateImageFileValue")
# Create or update the information.
service.save()
# Render the page.
return h.redirect_to(controller='services')
def GET_clear(self):
deployment = Deployment.get_instance()
deployment.clear()
deployment.remove()
# Go to the main page.
return h.redirect_to(controller='devices', action='list')
def ensure_authenticated():
# TODO: remove this, admin user should not be created in this integrated manner. Or should it?
create_admin_user()
user = session.get('user')
if not user:
return h.redirect_to(controller='auth', action='signin_form')
def authenticate():
if len(request.params) > 1:
user = User.by_username(request.params['username'])
if user:
# Compare a hash of the given password with the stored hash.
hashed_password = hashlib.sha256(request.params['password']).hexdigest()
stored_password = user.hashed_pwd
if stored_password == hashed_password:
session['user'] = request.params['username']
session.save()
return h.redirect_to(controller='home', action='index')
# Else for all ifs..
h.flash('Invalid credentials.')
return h.redirect_to(controller='auth', action='signin_form')
def POST_bootstrap(self):
# Get the duration.
# TODO: check when no duration is received, or an invalid duration is received.
duration = int(request.params.get('duration', 0))
# Remove all data from DB.
self.clear_deployment()
# Setup initial configurations for each device type.
BluetoothSKADevice.bootstrap()
ADBSKADevice.bootstrap()
# Create server keys.
server_keys = credentials.ServerCredentials.create_object(app_globals.cloudlet.credentials_type,
app_globals.cloudlet.data_folder)
server_keys.generate_and_save_to_file()
# Create RADIUS server certificate.
radius_server = radius.RadiusServer(app_globals.cloudlet.radius_users_file,
app_globals.cloudlet.radius_certs_folder,
app_globals.cloudlet.radius_eap_conf_file)
radius_server.generate_certificate()
# Set up a new deployment.
deployment = Deployment()
deployment.auth_start = datetime.datetime.now()
deployment.auth_duration = duration
deployment.save()
# Go to the main page.
return h.redirect_to(controller='devices', action='list')
def POST_bootstrap(self):
# Get the duration.
# TODO: check when no duration is received, or an invalid duration is received.
duration = int(request.params.get('duration', 0))
# Setup initial configurations for each device type.
BluetoothSKADevice.bootstrap()
ADBSKADevice.bootstrap()
deployment = Deployment.get_instance()
deployment.bootstrap(duration)
# Go to the main page.
return h.redirect_to(controller='devices', action='list')
def GET_reauthorize(self, id):
# Mark it as enabled.
paired_device = PairedDevice.by_id(id)
paired_device.auth_enabled = True
paired_device.save()
# Store the device credentials in the RADIUS server.
radius_server = radius.RadiusServer(app_globals.cloudlet.radius_users_file,
app_globals.cloudlet.radius_certs_folder,
app_globals.cloudlet.radius_eap_conf_file)
radius_server.add_user_credentials(paired_device.device_id, paired_device.password)
# Go to the main page.
return h.redirect_to(controller='devices', action='list')
def GET_unpair(self, id):
# Remove it from the list.
print 'Removing paired device from DB.'
stop_associated_instance(id)
PairedDevice.find_and_remove(id)
# Remove from RADIUS server.
print 'Removing paired device from RADIUS server.'
radius_server = radius.RadiusServer(app_globals.cloudlet.radius_users_file,
app_globals.cloudlet.radius_certs_folder,
app_globals.cloudlet.radius_eap_conf_file)
radius_server.remove_user_credentials([id])
# Go to the main page.
return h.redirect_to(controller='devices', action='list')
def GET_revoke(self, id):
# Mark it as disabled.
paired_device = PairedDevice.by_id(id)
paired_device.auth_enabled = False
paired_device.save()
stop_associated_instance(id)
# Remove from RADIUS server.
print 'Removing paired device from RADIUS server.'
radius_server = radius.RadiusServer(app_globals.cloudlet.radius_users_file,
app_globals.cloudlet.radius_certs_folder,
app_globals.cloudlet.radius_eap_conf_file)
radius_server.remove_user_credentials([id])
# Go to the main page.
return h.redirect_to(controller='devices', action='list')
def GET_reauthorize(self, id):
deployment = Deployment.get_instance()
deployment.reauthorize_device(id)
# Go to the main page.
return h.redirect_to(controller='devices', action='list')
def GET_signout(self):
auth.signout()
return h.redirect_to(controller='auth', action='signin_form')
def GET_clear(self):
self.clear_deployment()
# Go to the main page.
return h.redirect_to(controller='devices', action='list')
def GET_signout(self):
auth.signout()
return h.redirect_to(controller='auth', action='signin_form')
# Send RADIUS certificate to the device.
radius_server = radius.RadiusServer(app_globals.cloudlet.radius_users_file,
app_globals.cloudlet.radius_certs_folder,
app_globals.cloudlet.radius_eap_conf_file)
cert_file_name = radius.RADIUS_CERT_FILE_NAME
curr_device.send_file(radius_server.cert_file_path, cert_file_name)
# Send a command to create a Wi-Fi profile on the device. The message has to contain three key pairs:
# ssid, the RADIUS certificate filename, and the password to be used in the profile.
ssid = app_globals.cloudlet.ssid
curr_device.send_data({'command': 'wifi-profile', 'ssid': ssid, 'server_cert_name': cert_file_name,
'password': device_keys.auth_password})
# Remove the device private key and password files, for security cleanup.
device_keys.delete_key_files()
except Exception, e:
return ajaxutils.show_and_return_error_dict("Error pairing with device: " + str(e))
finally:
if curr_device is not None:
try:
print 'Closing connection.'
curr_device.disconnect()
except Exception, e:
return ajaxutils.show_and_return_error_dict("Error closing connection with device: " + str(e))
# Go to the pairing devices page to add it to the DB. Does not really return the ajax call in case of success.
return h.redirect_to(controller='devices', action='authorize', did=device_internal_id,
cid=curr_device.get_name(), auth_password=device_keys.auth_password,
enc_password=device_keys.encryption_password)