def do(data, resource):
partition = 'logic-function'
body = {}
params = data['params']
function_name = params.get('function_name')
description = params.get('description', None)
zip_file = params.get('zip_file', None)
runtime = params.get('runtime')
handler = params.get('handler')
runnable = params.get('runnable', True)
sdk_config = params.get('sdk_config', {})
zip_file_id = uuid()
requirements_zip_file_id = uuid()
item = dict()
item['function_name'] = function_name
item['description'] = description
item['handler'] = handler
item['runtime'] = runtime
item['runnable'] = runnable
item['zip_file_id'] = zip_file_id
item['requirements_zip_file_id'] = requirements_zip_file_id
item['sdk_config'] = sdk_config
item_ids, _ = resource.db_get_item_id_and_orders(partition,
'function_name',
function_name)
if len(item_ids) == 0:
zip_file_b64 = zip_file.encode('utf-8')
zip_file_bin = base64.b64decode(zip_file_b64)
requirements_zip_file_bin = generate_requirements_zipfile(zip_file_bin)
resource.file_upload_bin(zip_file_id, zip_file_bin)
resource.file_upload_bin(requirements_zip_file_id,
requirements_zip_file_bin)
resource.db_put_item(partition, item)
body['function_name'] = function_name
return Response(body)
else:
body['error'] = error.EXISTING_FUNCTION
return Response(body)
def do(data, resource):
partition = 'logic-function'
body = {}
params = data['params']
function_name = params.get('function_name')
items, _ = resource.db_query(partition, [{
'option': None,
'field': 'function_name',
'value': function_name,
'condition': 'eq'
}])
if len(items) == 0:
body['error'] = error.NO_SUCH_FUNCTION
return Response(body)
else:
body['item'] = items[0]
return Response(body)
def do(data, resource):
body = {}
params = data['params']
partition_to_apply = params.get('partition_to_apply')
mode = params.get('mode')
code = params.get('code')
if mode not in POLICY_MODES:
body['error'] = error.NO_SUCH_POLICY_MODE
return Response(body)
item_id = '{}-policy-{}-{}'.format(SERVICE, partition_to_apply, mode)
item = {
'partition_to_apply': partition_to_apply,
'mode': mode,
'code': code,
}
resource.db_put_item('{}-policy'.format(SERVICE), item, item_id)
return Response(body)
def do(data, resource):
body = {}
params = data['params']
group_name = params['group_name']
permission = params.get('permission')
if group_name == 'admin':
body['error'] = error.ADMIN_GROUP_CANNOT_BE_MODIFIED
return Response(body)
item = resource.db_get_item('user-group-{}'.format(group_name))
item_permissions = item.get('permissions', [])
item_permissions.remove(permission)
item_permissions = list(set(item_permissions))
item['permissions'] = item_permissions
success = resource.db_put_item('user_group', item,
'user-group-{}'.format(group_name))
body['success'] = success
return Response(body)
def do(data, resource):
body = {}
params = data['params']
start_key = params.get('start_key', None)
limit = params.get('limit', 100)
partition = 'user'
items, end_key = resource.db_get_items_in_partition(partition, start_key=start_key, limit=limit, reverse=True)
body['items'] = items
body['end_key'] = end_key
return Response(body)
def do(data, resource):
body = {}
params = data['params']
user = data['user']
file_id_to_delete = params.get('file_id')
while file_id_to_delete:
file_item = resource.db_get_item(file_id_to_delete)
if file_item and match_policy_after_get_policy_code(
resource, 'delete', 'files', user, file_item):
resource.file_delete_bin(file_id_to_delete)
success = resource.db_delete_item(file_id_to_delete)
body['success'] = success
file_id_to_delete = file_item.get('parent_file_id', None)
else:
body['error'] = error.PERMISSION_DENIED
return Response(body)
return Response(body)
def do(data, resource):
body = {}
params = data['params']
user_id = params.get('user_id', None)
field = params.get('field')
value = params.get('value', None)
user = resource.db_get_item(user_id)
# For security
if field in [
'id', 'email', 'password_hash', 'salt', 'groups', 'login_method'
]:
body['error'] = error.FORBIDDEN_MODIFICATION
return Response(body)
else:
user[field] = value
resource.db_update_item(user_id, user)
body['user_id'] = user_id
return Response(body)
def do(data, resource):
body = {}
params = data['params']
session_id = params.get('session_id', None)
try:
item = resource.db_get_item(Hash.sha3_512(session_id))
except BaseException as ex:
print(ex)
body['error'] = error.PERMISSION_DENIED
return Response(body)
print('session_item:', item)
if item:
user_id = item.get('user_id', None)
else:
user_id = None
if user_id:
user = resource.db_get_item(user_id)
body['item'] = user
else:
body['item'] = None
return Response(body)
def do(data, resource):
body = {}
params = data['params']
partition_to_apply = 'files'
mode = params.get('mode')
policy_code = get_policy_code(resource, partition_to_apply, mode)
if policy_code:
body['code'] = policy_code
else:
body['error'] = error.NO_SUCH_POLICY_MODE
return Response(body)
def do(data, resource):
body = {}
params = data['params']
user_id = params['user_id']
group_name = params.get('group_name')
user = resource.db_get_item(user_id)
groups = user.get('groups', [])
groups.append(group_name)
groups = list(set(groups))
user['groups'] = groups
success = resource.db_update_item(user_id, user)
body['success'] = success
return Response(body)
def do(data, resource):
body = {}
params = data['params']
user = data['user']
item_id = params.get('item_id', None)
item = resource.db_get_item(item_id)
if item is None:
body['error'] = error.NO_SUCH_ITEM
return Response(body)
if database_can_not_access_to_item(item):
body['error'] = error.PERMISSION_DENIED
return Response(body)
if match_policy_after_get_policy_code(resource, 'delete',
item['partition'], user, item):
success = resource.db_delete_item(item_id)
body['success'] = success
else:
body['message'] = error.PERMISSION_DENIED
return Response(body)
def do(data, resource):
body = {}
params = data['params']
login_method = params.get(
'login_method') # email_login, guest_login, facebook_login
if login_method not in LOGIN_METHODS:
body['error'] = error.NO_SUCH_LOGIN_METHOD
return Response(body)
item = resource.db_get_item('auth-login-method-{}'.format(login_method))
default_policy_code = get_default_policy_code(login_method)
if not item:
item = {
'enabled': True,
'default_group_name': 'user',
'register_policy_code': default_policy_code,
}
resource.db_put_item('meta-info', item, login_method)
if item.get('register_policy_code', None) is None:
item['register_policy_code'] = default_policy_code
body['item'] = item
return Response(body)
def do(data, resource):
body = {}
params = data['params']
user = data['user']
item_id = params.get('item_id', None)
field_name = params.get('field_name', None)
field_value = params.get('field_value', None)
item = resource.db_get_item(item_id)
if database_can_not_access_to_item(item):
body['error'] = error.PERMISSION_DENIED
return Response(body)
if match_policy_after_get_policy_code(resource, 'update',
item['partition'], user, item):
item[field_name] = field_value
if field_value is None:
item.pop(field_name)
success = resource.db_update_item(item_id, item)
body['success'] = success
else:
body['error'] = error.PERMISSION_DENIED
return Response(body)
def do(data, resource):
partition = 'logic-function'
body = {}
params = data['params']
function_name = params.get('function_name')
file_path = params.get('file_path')
items, _ = resource.db_query(partition, [{
'option': None,
'field': 'function_name',
'value': function_name,
'condition': 'eq'
}])
if not file_path:
body['error'] = error.NO_SUCH_FILE
return Response(body)
if items:
item = items[0]
zip_file_id = item['zip_file_id']
zip_file_bin = resource.file_download_bin(zip_file_id)
zip_temp_dir = tempfile.mktemp()
extracted_dir = tempfile.mkdtemp()
with open(zip_temp_dir, 'wb') as zip_temp:
zip_temp.write(zip_file_bin)
with ZipFile(zip_temp_dir) as zip_file:
zip_file.extractall(extracted_dir)
with open(os.path.join(extracted_dir, file_path), 'r') as fp:
content = fp.read()
body['item'] = {'type': 'text', 'content': content}
return Response(body)
body['error'] = 'function_name: {} did not exist'.format(function_name)
return Response(body)
def do(data, resource):
partition = 'logic-function-test'
body = {}
params = data['params']
test_name = params.get('test_name')
function_name = params.get('function_name')
test_input = params.get('test_input')
if isinstance(test_input, dict):
test_input = json.dumps(test_input)
item = dict()
item['test_name'] = test_name
item['function_name'] = function_name
item['test_input'] = test_input
item_ids, _ = resource.db_get_item_id_and_orders(partition, 'test_name', test_name)
if len(item_ids) == 0:
resource.db_put_item(partition, item)
body['test_name'] = test_name
return Response(body)
else:
body['error'] = error.EXISTING_FUNCTION
return Response(body)
def do(data, resource):
body = {}
params = data['params']
user = data['user']
item_id = params.get('item_id', None)
item = resource.db_get_item(item_id)
if match_policy_after_get_policy_code(resource, 'read', item['partition'],
user, item):
body['item'] = item
else:
body['error'] = error.PERMISSION_DENIED
return Response(body)
def do(data, resource):
partition = 'logic-function-test'
body = {}
params = data['params']
test_name = params.get('test_name')
items, _ = resource.db_query(partition, [{
'option': None,
'field': 'test_name',
'value': test_name,
'condition': 'eq'
}])
for item in items:
success = resource.db_delete_item(item['id'])
body['success'] = success
return Response(body)
def do(data, resource): # This is for admins
body = {}
params = data['params']
partition = 'files'
start_key = params.get('start_key', None)
limit = params.get('limit', 100)
reverse = params.get('reverse', False)
items, end_key = resource.db_get_items_in_partition(partition,
start_key=start_key,
limit=limit,
reverse=reverse)
body['items'] = list(
filter(lambda x: x.get('next_file_id', None) is None, items))
body['end_key'] = end_key
return Response(body)
def do(data, resource):
partition = 'logic-function-test'
body = {}
params = data['params']
start_key = None
limit = 1000
items = []
while True:
_items, end_key = resource.db_get_items_in_partition(partition, start_key=start_key, limit=limit)
items.extend(_items)
start_key = end_key
if not start_key:
break
body['items'] = items
body['end_key'] = end_key
return Response(body)
def do(data, resource):
body = {}
params = data['params']
default_groups = {
'user': {
'name': 'user',
'description': 'Default user group',
'permissions': Permission.default_user_permissions,
},
}
admin_groups = {
'admin': {
'name': 'admin',
'description': 'Admin has full control of the system',
'permissions': Permission.all(),
}
}
group_items, _ = resource.db_get_items_in_partition('user_group',
limit=10000)
has_default_groups = True
for group_name in default_groups:
if group_name not in [
group_item['name'] for group_item in group_items
]:
has_default_groups = False
resource.db_put_item('user_group', default_groups[group_name],
'user-group-{}'.format(group_name))
for group_name in admin_groups:
resource.db_put_item('user_group', admin_groups[group_name],
'user-group-{}'.format(group_name))
if not has_default_groups:
group_items, _ = resource.db_get_items_in_partition('user_group',
limit=10000)
body['groups'] = group_items
return Response(body)
def do(data, resource):
partition = 'logic-function'
body = {}
params = data['params']
function_name = params.get('function_name')
file_path = params.get('file_path')
file_content = params.get('file_content')
file_type = params.get('file_type', 'text')
print(params)
if file_type not in SUPPORT_TYPES:
body['error'] = error.UNSUPPORTED_FILE_TYPE
return Response(body)
items, _ = resource.db_query(partition, [{
'option': None,
'field': 'function_name',
'value': function_name,
'condition': 'eq'
}])
if len(items) == 0:
body['message'] = 'function_name: {} did not exist'.format(
function_name)
return Response(body)
else:
item = items[0]
zip_file_id = item['zip_file_id']
zip_file_bin = resource.file_download_bin(zip_file_id)
zip_temp_dir = tempfile.mktemp()
extracted_dir = tempfile.mkdtemp()
with open(zip_temp_dir, 'wb') as zip_temp:
zip_temp.write(zip_file_bin)
with ZipFile(zip_temp_dir) as zip_file:
zip_file.extractall(extracted_dir)
with open(os.path.join(extracted_dir, file_path), 'w+') as fp:
fp.write(file_content)
with ZipFile(zip_temp_dir, 'a') as zip_file:
file_name = os.path.join(extracted_dir, file_path)
zip_file.write(file_name, file_path)
zip_file_id = uuid()
with open(zip_temp_dir, 'rb') as zip_file:
zip_file_bin = zip_file.read()
resource.file_upload_bin(zip_file_id, zip_file_bin)
if 'zip_file_id' in item:
resource.file_delete_bin(
item['zip_file_id']) # Remove previous zip file
item['zip_file_id'] = zip_file_id # Set new file's id
success = resource.db_update_item(item['id'], item)
body['success'] = success
if 'requirements.txt' in file_path:
requirements_zipfile_id = uuid()
requirements_zipfile_bin = generate_requirements_zipfile(
zip_file_bin)
resource.file_upload_bin(requirements_zipfile_id,
requirements_zipfile_bin)
if 'requirements_zipfile_id' in item:
resource.file_delete_bin(item['requirements_zipfile_id'])
item['requirements_zipfile_id'] = requirements_zipfile_id
return Response(body)
def do(data, resource):
partition = 'logic-function'
body = {}
params = data['params']
user = data.get('user', None)
function_name = params.get('function_name')
payload = params.get('payload')
items, _ = resource.db_query(partition, [{
'option': None,
'field': 'function_name',
'value': function_name,
'condition': 'eq'
}])
if len(items) == 0:
body['error'] = error.NO_SUCH_FUNCTION
return Response(body)
else:
item = items[0]
zip_file_id = item['zip_file_id']
requirements_zip_file_id = item.get('requirements_zip_file_id', None)
function_handler = item['handler']
sdk_config = item.get('sdk_config', {})
function_package = '.'.join(function_handler.split('.')[:-1])
function_method = function_handler.split('.')[-1]
zip_file_bin = resource.file_download_bin(zip_file_id)
requirements_zip_file_bin = resource.file_download_bin(
requirements_zip_file_id)
zip_temp_dir = tempfile.mktemp()
requirements_zip_temp_dir = tempfile.mktemp()
extracted_dir = tempfile.mkdtemp()
with open(zip_temp_dir, 'wb') as zip_temp:
zip_temp.write(zip_file_bin)
with open(requirements_zip_temp_dir, 'wb') as zip_temp:
zip_temp.write(requirements_zip_file_bin)
# Extract function files and copy configs
with ZipFile(zip_temp_dir) as zip_file:
zip_file.extractall(extracted_dir)
copy_configfile(extracted_dir, sdk_config)
# Extract requirements folders and files
with ZipFile(requirements_zip_temp_dir) as zip_temp:
zip_temp.extractall(extracted_dir)
try:
# Comment removing cache because of a performance issue
# invalidate_caches()
sys.path.insert(0, extracted_dir)
module = import_module(function_package)
std_str = io.StringIO()
with redirect_stdout(std_str):
handler = getattr(module, function_method)
body['response'] = handler(payload, user)
body['stdout'] = std_str.getvalue()
except Exception as ex:
body['error'] = error.FUNCTION_ERROR
body['error']['message'] = body['error']['message'].format(ex)
os.remove(zip_temp_dir)
return Response(body)
def do(data, resource):
body = {}
params = data['params']
permissions = sorted(Permission.all())
body['permissions'] = permissions
return Response(body)
def do(data, resource):
body = {}
params = data['params']
partitions = resource.db_get_partitions()
body['items'] = partitions
return Response(body)
def do(data, resource):
body = {}
partition = 'session'
count = resource.db_get_count(partition)
body['item'] = {'count': count}
return Response(body)