edit_tag_group, is_builtin, load_tag_config, load_tag_group, OperationRemoveTagGroup, RepairError, save_tag_group, tag_group_exists, TagCleanupMode, update_tag_config, ) from cmk import fields PERMISSIONS = permissions.AllPerm([ permissions.Perm("wato.hosttags"), permissions.Optional(permissions.Perm("wato.all_folders")), ]) RW_PERMISSIONS = permissions.AllPerm([ permissions.Perm("wato.edit"), permissions.Perm("wato.hosttags"), permissions.Optional(permissions.Perm("wato.all_folders")), ]) class HostTagGroupName(fields.String): """A field representing the host tag group""" default_error_messages = { "should_exist": "Host tag group missing: {name!r}",
permissions, request_schemas, response_schemas, ) from cmk.gui.plugins.openapi.restful_objects.parameters import NAME_FIELD from cmk.gui.plugins.openapi.utils import problem from cmk.gui.watolib.passwords import ( load_password, load_password_to_modify, load_passwords, Password, remove_password, save_password, ) PERMISSIONS = permissions.Perm("wato.edit_all_passwords") @Endpoint( constructors.collection_href("password"), "cmk/create", method="post", request_schema=request_schemas.InputPassword, etag="output", response_schema=response_schemas.PasswordObject, permissions_required=PERMISSIONS, ) def create_password(params): """Create a password""" body = params["body"] ident = body["ident"]
RuleObject, RuleSearchOptions, ) from cmk.gui.plugins.openapi.restful_objects import constructors, Endpoint, permissions from cmk.gui.plugins.openapi.restful_objects.constructors import serve_json from cmk.gui.plugins.openapi.restful_objects.datastructures import denilled from cmk.gui.plugins.openapi.restful_objects.type_defs import DomainObject from cmk.gui.plugins.openapi.utils import problem, ProblemException from cmk.gui.utils import gen_id from cmk.gui.utils.escaping import strip_tags from cmk.gui.watolib.changes import add_change from cmk.gui.watolib.hosts_and_folders import CREFolder from cmk.gui.watolib.rulesets import AllRulesets, FolderRulesets, Rule, RuleConditions, Ruleset PERMISSIONS = permissions.AllPerm([ permissions.Perm("wato.rulesets"), permissions.Optional(permissions.Perm("wato.all_folders")), ]) RW_PERMISSIONS = permissions.AllPerm([ permissions.Perm("wato.edit"), *PERMISSIONS.perms, ]) # NOTE: This is a dataclass and no namedtuple because it needs to be mutable. See `move_rule_to` @dataclasses.dataclass class RuleEntry: rule: Rule ruleset: Ruleset all_rulesets: AllRulesets
def _serialized_signed_cert(csr: CertificateSigningRequest) -> str: return _get_root_ca().sign_csr(csr).public_bytes(Encoding.PEM).decode() @Endpoint( "/root_cert", "cmk/show", method="get", tag_group="Checkmk Internal", additional_status_codes=[403], status_descriptions={ 403: _403_STATUS_DESCRIPTION, }, permissions_required=permissions.Perm("general.agent_pairing"), response_schema=response_schemas.X509PEM, ) def root_cert(param: Mapping[str, Any]) -> Response: """X.509 PEM-encoded root certificate""" if not _user_is_authorized(): raise ProblemException( status=403, title=_403_STATUS_DESCRIPTION, ) return constructors.serve_json( { "cert": _serialized_root_cert(), } )
BAKE_AGENT_PARAM = { BAKE_AGENT_PARAM_NAME: fields.Boolean( load_default=False, required=False, example=False, description= ("Tries to bake the agents for the just created hosts. This process is started in the " "background after configuring the host. Please note that the backing may take some " "time and might block subsequent API calls. " "This only works when using the Enterprise Editions."), ) } PERMISSIONS = permissions.AllPerm([ permissions.Perm("wato.manage_hosts"), permissions.Optional(permissions.Perm("wato.all_folders")), ]) @Endpoint( constructors.collection_href("host_config"), "cmk/create", method="post", etag="output", request_schema=request_schemas.CreateHost, response_schema=response_schemas.HostConfigSchema, query_params=[BAKE_AGENT_PARAM], permissions_required=PERMISSIONS, ) def create_host(params):
permissions, request_schemas, response_schemas, ) from cmk.gui.plugins.openapi.restful_objects.parameters import NAME_FIELD from cmk.gui.watolib.groups import add_group, edit_group @Endpoint( constructors.collection_href("host_group_config"), "cmk/create", method="post", etag="output", request_schema=request_schemas.InputHostGroup, response_schema=response_schemas.HostGroup, permissions_required=permissions.Perm("wato.groups"), ) def create(params): """Create a host group""" body = params["body"] name = body["name"] group_details = {"alias": body.get("alias")} if version.is_managed_edition(): group_details = update_customer_info(group_details, body["customer"]) add_group(name, "host", group_details) group = fetch_group(name, "host") return serve_group(group, serialize_group("host_group_config")) @Endpoint( constructors.domain_type_action_href("host_group_config", "bulk-create"),
@Endpoint( constructors.object_action_href( "host_config", "{host_name}", action_name="link_uuid", ), "cmk/link_uuid", method="put", tag_group="Checkmk Internal", additional_status_codes=[401], status_descriptions={ 401: "You do not have the permissions to edit this host.", }, path_params=[HOST_NAME], request_schema=request_schemas.LinkHostUUID, permissions_required=permissions.Perm("wato.all_folders"), output_empty=True, ) def link_with_uuid(params) -> Response: """Link a host to a UUID""" with may_fail(MKAuthException): host = _check_host_editing_permissions(host_name := params["host_name"]) _link_with_uuid( host_name, host, params["body"]["uuid"], ) return Response(status=204)
tag_group="Setup", path_params=[{ "host_name": gui_fields.HostField( description="The host of the service which shall be updated.", example="example.com", ), }], status_descriptions={ 404: "Host could not be found", }, request_schema=UpdateDiscoveryPhase, permissions_required=permissions.AnyPerm([ permissions.Optional( permissions.AnyPerm([ permissions.Perm("wato.service_discovery_to_monitored"), permissions.Perm("wato.service_discovery_to_ignored"), permissions.Perm("wato.service_discovery_to_undecided"), permissions.Perm("wato.service_discovery_to_removed"), ])), ]), ) def update_service_phase(params) -> Response: """Update the phase of a service""" body = params["body"] host = Host.load_host(params["host_name"]) target_phase = body["target_phase"] check_type = body["check_type"] service_item = body["service_item"] _update_single_service_phase( SERVICE_DISCOVERY_PHASES[target_phase],
request_schemas, ) from cmk.gui.plugins.openapi.utils import ProblemException from cmk import fields SERVICE_DESCRIPTION = { "service_description": fields.String( description="The service description.", example="Memory", ) } RW_PERMISSIONS = permissions.AllPerm([ permissions.Perm("action.acknowledge"), permissions.Ignore( permissions.AnyPerm([ permissions.Perm("general.see_all"), permissions.Perm("bi.see_all"), permissions.Perm("mkeventd.seeall"), ])), ]) @Endpoint( constructors.collection_href("acknowledge", "host"), "cmk/create", method="post", tag_group="Monitoring", skip_locking=True,
edit_tag_group, is_builtin, load_tag_config, load_tag_group, OperationRemoveTagGroup, RepairError, save_tag_group, tag_group_exists, TagCleanupMode, update_tag_config, ) from cmk import fields PERMISSIONS = permissions.AllPerm([ permissions.Perm("wato.hosttags"), permissions.Optional(permissions.Perm("wato.all_folders")), ]) class HostTagGroupName(fields.String): """A field representing the host tag group""" default_error_messages = { "should_exist": "Host tag group missing: {name!r}", } def _validate(self, value): super()._validate(value) if not tag_group_exists(value, builtin_included=True):
request_schemas, response_schemas, ) from cmk.gui.plugins.openapi.restful_objects.parameters import NAME_FIELD from cmk.gui.plugins.openapi.utils import problem from cmk.gui.watolib.passwords import ( load_password, load_password_to_modify, load_passwords, Password, remove_password, save_password, ) PERMISSIONS = permissions.AllPerm([ permissions.Perm("wato.passwords"), permissions.Optional(permissions.Perm("wato.edit_all_passwords")), ]) RW_PERMISSIONS = permissions.AllPerm([ permissions.Perm("wato.edit"), permissions.Perm("wato.passwords"), permissions.Optional(permissions.Perm("wato.edit_all_passwords")), ]) @Endpoint( constructors.collection_href("password"), "cmk/create", method="post", request_schema=request_schemas.InputPassword,
permissions, request_schemas, response_schemas, ) from cmk.gui.plugins.openapi.restful_objects.parameters import NAME_FIELD from cmk.gui.plugins.openapi.utils import ProblemException from cmk.gui.watolib.timeperiods import ( load_timeperiod, load_timeperiods, save_timeperiod, save_timeperiods, ) TIME_RANGE = Tuple[str, str] PERMISSIONS = permissions.Perm("wato.timeperiods") RW_PERMISSIONS = permissions.AllPerm([ permissions.Perm("wato.edit"), PERMISSIONS, ]) @Endpoint( constructors.collection_href("time_period"), "cmk/create", method="post", etag="output", request_schema=request_schemas.InputTimePeriod, response_schema=response_schemas.DomainObject, permissions_required=RW_PERMISSIONS,
navigation_bar_icons: Literal["show", "hide"] mega_menu_icons: Literal["topic", "entry"] show_mode: Literal["default", "default_show_less", "default_show_more", "enforce_show_more"] class InternalInterfaceAttributes(TypedDict, total=False): ui_theme: Optional[Literal["modern-dark", "facelift"]] ui_sidebar_position: Optional[Literal["left"]] nav_hide_icons_title: Optional[Literal["hide"]] icons_per_item: Optional[Literal["entry"]] show_mode: Optional[Literal["default_show_less", "default_show_more", "enforce_show_more"]] PERMISSIONS = permissions.Perm("wato.users") RW_PERMISSIONS = permissions.AllPerm([ permissions.Perm("wato.edit"), PERMISSIONS, ]) @Endpoint( constructors.object_href("user_config", "{username}"), "cmk/show", method="get", path_params=[USERNAME], etag="output", response_schema=response_schemas.UserObject, permissions_required=PERMISSIONS,
serialize_group_list, serve_group, update_customer_info, update_groups, updated_group_details, ) from cmk.gui.plugins.openapi.restful_objects import ( constructors, Endpoint, permissions, request_schemas, response_schemas, ) from cmk.gui.plugins.openapi.restful_objects.parameters import NAME_FIELD PERMISSIONS = permissions.Perm("wato.groups") RW_PERMISSIONS = permissions.AllPerm([ permissions.Perm("wato.edit"), PERMISSIONS, ]) @Endpoint( constructors.collection_href("service_group_config"), "cmk/create", method="post", etag="output", request_schema=request_schemas.InputServiceGroup, response_schema=response_schemas.DomainObject, permissions_required=RW_PERMISSIONS,
RuleObject, RuleSearchOptions, ) from cmk.gui.plugins.openapi.restful_objects import constructors, Endpoint, permissions from cmk.gui.plugins.openapi.restful_objects.constructors import serve_json from cmk.gui.plugins.openapi.restful_objects.type_defs import DomainObject from cmk.gui.plugins.openapi.utils import problem from cmk.gui.utils import gen_id from cmk.gui.utils.escaping import strip_tags from cmk.gui.watolib import add_change, make_diff_text from cmk.gui.watolib.rulesets import RuleConditions # TODO: move a rule within a ruleset PERMISSIONS = permissions.AllPerm([ permissions.Perm("wato.rulesets"), permissions.Optional(permissions.Perm("wato.all_folders")), ]) @Endpoint( constructors.collection_href("rule"), "cmk/create", method="post", etag="output", request_schema=InputRuleObject, response_schema=RuleObject, permissions_required=PERMISSIONS, ) def create_rule(param): """Create rule"""
endpoint, Endpoint, permissions, request_schemas, response_schemas, ) from cmk.gui.plugins.openapi.restful_objects.parameters import NAME_FIELD from cmk.gui.watolib.groups import ( add_group, check_modify_group_permissions, delete_group, edit_group, load_contact_group_information, ) PERMISSIONS = permissions.Perm("wato.users") RW_PERMISSIONS = permissions.AllPerm([ permissions.Perm("wato.edit"), PERMISSIONS, ]) @Endpoint( constructors.collection_href("contact_group_config"), "cmk/create", method="post", etag="output", request_schema=request_schemas.InputContactGroup, response_schema=response_schemas.DomainObject, permissions_required=RW_PERMISSIONS,
from cmk import fields ACTIVATION_ID = { "activation_id": fields.String( description="The activation-id.", example="d3b07384d113e0ec49eaa6238ad5ff00", required=True, ), } # NOTE: These are not needed for the activation of changes, but are asked for different queries RO_PERMISSIONS = permissions.Ignore( permissions.AnyPerm([ permissions.Perm("general.see_all"), permissions.Perm("bi.see_all"), permissions.Perm("mkeventd.seeall"), ]), ) PERMISSIONS = permissions.AllPerm([ permissions.Perm("wato.activate"), RO_PERMISSIONS, # to make perm system happy ]) @Endpoint( constructors.domain_type_action_href("activation_run", "activate-changes"), "cmk/activate", method="post", status_descriptions={
# | |_| \_\\__,_|_|\___||___/ | # | | # +----------------------------------------------------------------------+ class BIRuleEndpointSchema(BIRuleSchema): pack_id = ReqString( dump_default="", example="pack1", description="The identifier of the BI pack.", ) RO_PERMISSIONS = permissions.AllPerm( [ permissions.Perm("wato.bi_rules"), permissions.Ignore( permissions.AnyPerm( [ permissions.Perm("bi.see_all"), permissions.Perm("general.see_all"), permissions.Perm("mkeventd.seeall"), ] ) ), ] ) RW_BI_RULES_PERMISSION = permissions.AllPerm( [ permissions.Perm("wato.edit"),
} HOST_NAME_SHOW = { "host_name": gui_fields.HostField( description= "The host name. No exception is raised when the specified host name does not exist", should_exist=None, # we do not care example="example.com", required=False, ) } PERMISSIONS = permissions.Ignore( permissions.AnyPerm([ permissions.Perm("general.see_all"), permissions.Perm("bi.see_all"), permissions.Perm("mkeventd.seeall"), ])) RW_PERMISSIONS = permissions.AllPerm([ permissions.Perm("action.downtimes"), PERMISSIONS, ]) class DowntimeParameter(BaseSchema): query = gui_fields.query_field(Downtimes, required=False) @Endpoint(
RulesetSearchOptions, ) from cmk.gui.plugins.openapi.restful_objects import constructors, Endpoint, permissions from cmk.gui.plugins.openapi.restful_objects.constructors import serve_json from cmk.gui.plugins.openapi.restful_objects.type_defs import DomainObject from cmk.gui.plugins.openapi.utils import problem, ProblemException from cmk.gui.utils.escaping import strip_tags from cmk.gui.watolib.rulesets import ( AllRulesets, FolderRulesets, Ruleset, SearchedRulesets, SingleRulesetRecursively, ) PERMISSIONS = permissions.Perm("wato.rulesets") @Endpoint( constructors.collection_href(domain_type="ruleset"), ".../collection", method="get", query_params=[RulesetSearchOptions], response_schema=RulesetCollection, permissions_required=PERMISSIONS, ) def list_rulesets(param): """Search rule sets""" user.need_permission("wato.rulesets") all_sets = FolderRulesets( param["folder"]) if param.get("folder") else AllRulesets()
from cmk import fields PATH_FOLDER_FIELD = { "folder": gui_fields.FolderField( description= ("The path of the folder being requested. Please be aware that slashes can't " "be used in the URL. Also, escaping the slashes via %2f will not work. Please " "replace the path delimiters with the tilde character `~`."), example="~my~fine~folder", required=True, ) } RW_PERMISSIONS = permissions.AllPerm([ permissions.Perm("wato.edit"), permissions.Perm("wato.manage_folders"), # If a folder to be deleted still contains hosts, the mange_hosts permission is required. permissions.Optional(permissions.Perm("wato.manage_hosts")), permissions.Optional(permissions.Perm("wato.all_folders")), ]) UPDATE_PERMISSIONS = permissions.AllPerm([ permissions.Perm("wato.edit"), permissions.Perm("wato.edit_folders"), permissions.Optional(permissions.Perm("wato.all_folders")), ]) @Endpoint( constructors.collection_href("folder_config"),
""" sites = fields.List( gui_fields.SiteField(), description="Restrict the query to this particular site.", load_default=[], ) query = gui_fields.query_field(Hosts, required=False) columns = gui_fields.column_field(Hosts, mandatory=[Hosts.name], example=["name"]) PERMISSIONS = permissions.Ignore( permissions.AnyPerm( [ permissions.Perm("general.see_all"), permissions.Perm("bi.see_all"), permissions.Perm("mkeventd.seeall"), ] ) ) @Endpoint( constructors.collection_href("host"), ".../collection", method="get", tag_group="Monitoring", blacklist_in=["swagger-ui"], query_params=[HostParameters], response_schema=response_schemas.DomainObjectCollection,
PATH_FOLDER_FIELD = { "folder": gui_fields.FolderField( description=( "The path of the folder being requested. Please be aware that slashes can't " "be used in the URL. Also, escaping the slashes via %2f will not work. Please " "replace the path delimiters with the tilde character `~`." ), example="~my~fine~folder", required=True, ) } CREATE_DELETE_PERMISSIONS = permissions.AllPerm( [ permissions.Perm("wato.manage_folders"), permissions.Optional(permissions.Perm("wato.all_folders")), ] ) UPDATE_PERMISSIONS = permissions.AllPerm( [ permissions.Perm("wato.edit_folders"), permissions.Optional(permissions.Perm("wato.all_folders")), ], ) @Endpoint( constructors.collection_href("folder_config"), "cmk/create",