def logging(session_mgr, request, response, module_path, result, **kwargs):
manager = Manager()
session = session_mgr.get()
# get list of parent module chains not including the full path of this one
parent_modules = []
module_chain = module_path.split('.')
temp_parent_chain = module_chain[0]
for module_name in module_chain[1:]:
parent_modules.append(temp_parent_chain)
temp_parent_chain += '.' + module_name
# do not log if the API call is part of the logging API (search, etc)
if 'logging' in parent_modules:
return
# convert(request.headers)
log = {
'timestamp': Manager.get_current_time(),
'path': module_path,
'parent_modules': parent_modules,
'uid': session.uid,
'source_ip': request.remote_addr,
'method': request.method,
# don't yet know whether a module exists to get an action from
'action': None,
# permissions is represented as a set, so convert it to a list
# else the database can't encode it
'permissions': list(session_mgr.get_permissions()),
'request': {
'headers': dict(request.headers),
'data': {
'form': request.form,
'args': request.args,
'data': request.data,
},
'kwargs': json.dumps(kwargs, default=convert, ensure_ascii=False).encode("utf-8"),
'cookies': request.cookies,
},
'response': {
'status': response.status,
'headers': dict(response.headers),
'data': response.get_data()
}
}
if result['module'] is not None:
log['action'] = getattr(result['module'], 'action', None)
if result['error'] is not None:
# the actual exception, if present, can't and shouldn't be encoded into mongo
# create a copy of result[error] with exception field explicitly left out
log['failure'] = { key: result['error'][key] for key in result['error'] if key != 'exception' }
# set up db
db = manager.db("logging")
db.logs.insert_one(log)
class PermissionManager(object):
def __init__(self, session):
self.manager = Manager()
self.db = self.manager.db('appinit')
self.session = session
# self.settings = settings
def get_route_uids(self, route, permission):
route = PermissionsRoute(self.db, route)
return route.get_uids(permission)
def list_user_permissions(self):
user = PermissionsUser(self.db, self.session.uid)
return user.list_permissions()
def get_route(self, route=None):
permissions = self.list_user_permissions()
if route == None:
return permissions
else:
if route in permissions:
return permissions[route]
else:
return []
class PermissionsUser(object):
def __init__(self, db, uid):
self.uid = uid
self.db = db
self.manager = Manager()
def list_permissions(self):
permissions = {}
routes = self.manager.get_route()
routes.append({"name": "system"})
for route in routes:
if route['name'] != "system":
list_name = route['api']['name'].split("_")
camel_case = ''.join(
[list_name[x].title() for x in range(1, len(list_name))])
name = list_name[0] + camel_case
else:
name = route['name']
permissions[name] = {}
all_permissions = self.db.permissions.find({
"route": route['name']
}).distinct("permissions")
user_permissions = self.db.permissions.find_one({
"uid":
self.uid,
"route":
route['name']
})
if user_permissions != None:
all_true = False
if user_permissions['route'] == route['name']:
all_true = "admin" in user_permissions['permissions']
for p in user_permissions['permissions']:
key = 'is_' + p
if all_true:
permissions[name][key] = True
elif p in all_permissions:
permissions[name][key] = True
else:
permissions[name][key] = False
return permissions
from flask import Flask, redirect, make_response, send_file, request
if controller_path not in sys.path:
sys.path.append(base_path)
from views.saml import Auth
from appinit_auth.middleware import token
from appinit_auth.lib import SessionManager
from appinit.lib.config import Settings
from appinit.lib.db import Manager
from appinit_backend.lib.responses import HttpResponse, HttpResponseBadRequest, HttpResponseInternalServerError
manager = Manager()
settings = Settings(path=settings_path, verify=False)
session_mgr = SessionManager(manager)
auth = Auth(manager, settings, session_mgr)
app = Flask(__name__)
app.url_map.strict_slashes = False
@app.before_request
def token_before():
token.process_request(session_mgr, request=request)
def __init__(self, db, uid):
self.uid = uid
self.db = db
self.manager = Manager()
def __init__(self, session):
self.manager = Manager()
self.db = self.manager.db('appinit')
self.session = session