def post_event(api_key):
with current_app.app_context():
environment = Environment(current_app)
db = Database(logger=current_app.logger, env=environment)
event_log = EventLog(db, logger=current_app.logger)
try:
node = event_log.get_api_key_object(api_key)
event_log.update_quota(node)
posted_data = request.get_json(force=True)
if "event_type_id" in posted_data:
event_type_id = int(posted_data["event_type_id"])
if event_type_id in event_log.event_type_ids_as_set:
node_id = node.node_id
user_id = None
if "user_id" in posted_data and posted_data["user_id"] is not None:
user_id = int(posted_data["user_id"])
del posted_data["user_id"]
if user_id <= 0:
raise ValueError("user_id must be positive or omitted")
new_event = event_log.log_event(posted_data, event_type_id, user_id, node_id)
return Response(json.dumps({"success": True, "event_id": new_event.event_id}))
except APIKeyRateLimited:
abort(420)
except APIKeyInvalid:
abort(404)
except APIKeySuspended:
abort(403)
def setUp(self) -> None:
# my default development environment values
dev = Environment("localhost", "localhost", "pico", "password",
"picoevent", "picoevent_test_db", 1000, 3600,
"localhost", "localhost")
self._db = Database(env=dev)
self._event_log = EventLog(self._db)
self._event_type_ids = self._event_log.list_event_types()
def admin_create_api_key():
with current_app.app_context():
environment = Environment(current_app)
session_token = request.form["token"]
db = Database(logger=current_app.logger, env=environment)
analyst_user = db.validate_session(session_token)
if analyst_user and analyst_user.has_permission("create-api-key"):
new_api_key = binascii.hexlify(os.urandom(8)).decode('utf-8').upper()
result = db.create_api_key(new_api_key)
if result == -1:
flash("Could not create API key.", category="error")
return redirect(url_for("admin.home", session_token=session_token))
else:
abort(403)
def list_event_types(api_key):
with current_app.app_context():
environment = Environment(current_app)
db = Database(logger=current_app.logger, env=environment)
event_log = EventLog(db, logger=current_app.logger)
try:
node = event_log.get_api_key_object(api_key)
event_log.update_quota(node)
output = json.dumps({"success": True, "event_types": event_log.list_event_types()})
return output
except APIKeyRateLimited:
abort(420)
except APIKeyInvalid:
abort(404)
except APIKeySuspended:
abort(403)
def latest_events(limit, session_token):
with current_app.app_context():
environment = Environment(current_app)
db = Database(logger=current_app.logger, env=environment, read_only=True)
try:
user = db.validate_session(session_token)
# TODO: permissions
event_log = EventLog(db, logger=current_app.logger)
_latest_events = event_log.retrieve_events(limit=limit)
json_array = []
for each_event in _latest_events:
json_array.append(str(each_event))
return Response(json.dumps({"success": True,
"count": len(json_array),
"events": json_array}))
except DatabaseException:
abort(403)
def add_event_type(session_token):
with current_app.app_context():
environment = Environment(current_app)
db = Database(logger=current_app.logger, env=environment)
user_object = db.validate_session(session_token)
if user_object and user_object.has_permission("add-event-type"):
new_event_type = request.form["new_event_type"]
if EVENT_TYPE_REGEX.match(new_event_type):
new_event_type_id = db.create_event_type(new_event_type)
if new_event_type_id:
return Response(json.dumps({"new_event_type_id": new_event_type_id,
"success": True}))
else:
return Response(json.dumps({"success": False,
"error_message": "Could not add to database.",
"error_code": 1}))
else:
return Response(json.dumps({"success": False,
"error_message": "Invalid event type name.",
"error_code": 2}))
return Response(status=403)
def login():
with current_app.app_context():
environment = Environment(current_app)
input_data = request.get_json(True)
username = input_data["username"]
password = input_data["password"]
db = Database(logger=current_app.logger, env=environment)
try:
result = db.login(username, password)
session_token = result[0]
return json.dumps({
"success": True,
"session_token": session_token.decode('utf-8')
})
except DatabaseException:
flash("Invalid e-mail/password combination.", category="error")
return json.dumps({
"success": False,
"error_msg": "Invalid e-mail/password combination."
})
def home(session_token):
with current_app.app_context():
environment = Environment(current_app)
db = Database(logger=current_app.logger, env=environment)
event_log = EventLog(db, current_app.logger)
user = db.validate_session(session_token)
if user:
event_types = event_log.list_event_types()
color_schema_css = ""
color_schema = DefaultColorSchema()
for x in range(0, len(event_types)):
rgb = color_schema.rgb(x)
css = "#event_row_id_{0} {{ background-color: rgb({1},{2},{3}); }}".format(
x, rgb[0], rgb[1], rgb[2])
color_schema_css += css + "\n"
api_keys = event_log.list_api_keys()
return render_template("admin_control_panel.jinja2",
session_token=session_token,
event_types=event_types,
api_keys=api_keys,
color_schema_css=color_schema_css)
return redirect(url_for("admin_no_session"))
def add_event_type():
with current_app.app_context():
environment = Environment(current_app)
session_token = request.form['token']
new_event_name = request.form['new_event_name']
db = Database(logger=current_app.logger, env=environment)
user = db.validate_session(session_token)
if user and user.has_permission("add-event-type"):
event_log = EventLog(db, current_app.logger)
try:
new_event_id = event_log.add_event_type(new_event_name)
if new_event_id > 0:
return redirect(
url_for("admin.home", session_token=session_token))
except EventLogException:
current_app.logger.error(
"Event log exception on add_event_type: {0}".format(
new_event_name))
flash("Event log/database exception on add_event_type function.",
"error")
return redirect(url_for("admin.home", session_token=session_token))
flash("Not authorized.", category="error")