def __init__(self, execution_service: ExecutionService, config):
self._execution_service = execution_service
if config is None:
self.notify_on_start = False
self.notify_on_finish = False
return
self.notify_on_start = read_bool_from_config('notify_on_start',
config,
default=True)
self.notify_on_finish = read_bool_from_config('notify_on_finish',
config,
default=True)
destinations_config = read_list(config, 'destinations', [])
if not destinations_config:
LOGGER.warning(
'Execution callback destinations are missing! Please specify any'
)
self.notify_on_start = False
self.notify_on_finish = False
return
destinations = _init_destinations(destinations_config)
self._communication_service = CommunicationsService(destinations)
self.notification_fields = read_list(
config,
'notification_fields',
default=_DEFAULT_NOTIFICATION_FIELDS)
def __init__(self, params_dict):
self.from_address = params_dict.get('from')
self.to_addresses = params_dict.get('to')
self.server = params_dict.get('server')
self.auth_enabled = read_bool_from_config('auth_enabled', params_dict)
self.login = params_dict.get('login')
self.tls = read_bool_from_config('tls', params_dict)
self.password = self.read_password(params_dict)
self.to_addresses = split_addresses(self.to_addresses)
if not self.from_address:
raise Exception(
'"from" is compulsory parameter for email destination')
if not self.to_addresses:
raise Exception(
'"to" is compulsory parameter for email destination')
if not self.server:
raise Exception(
'"server" is compulsory parameter for email destination')
if self.auth_enabled is None:
self.auth_enabled = self.password or self.login
if self.auth_enabled and (not self.login):
self.login = self.from_address
if (self.tls is None) and ('gmail' in self.server):
self.tls = True
def _reload_config(self):
if self._included_config is None:
config = self._original_config
else:
config = merge_dicts(self._original_config,
self._included_config,
ignored_keys=['parameters'])
self.script_command = config.get('script_path')
self.description = replace_auth_vars(config.get('description'),
self._username, self._audit_name)
self.working_directory = config.get('working_directory')
required_terminal = read_bool_from_config(
'requires_terminal', config, default=self._pty_enabled_default)
self.requires_terminal = required_terminal
ansi_enabled = read_bool_from_config(
'bash_formatting', config, default=self._ansi_enabled_default)
self.ansi_enabled = ansi_enabled
self.output_files = config.get('output_files', [])
if config.get('scheduling'):
self.schedulable = read_bool_from_config('enabled',
config.get('scheduling'),
default=False)
if not self.script_command:
raise Exception('No script_path is specified for ' + self.name)
def __init__(self, params_dict):
self.from_address = params_dict.get('from')
self.to_addresses = params_dict.get('to')
self.server = params_dict.get('server')
self.auth_enabled = read_bool_from_config('auth_enabled', params_dict)
self.login = params_dict.get('login')
self.tls = read_bool_from_config('tls', params_dict)
self.password = self.read_password(params_dict)
self.to_addresses = split_addresses(self.to_addresses)
if not self.from_address:
raise Exception('"from" is compulsory parameter for email destination')
if not self.to_addresses:
raise Exception('"to" is compulsory parameter for email destination')
if not self.server:
raise Exception('"server" is compulsory parameter for email destination')
if self.auth_enabled is None:
self.auth_enabled = self.password or self.login
if self.auth_enabled and (not self.login):
self.login = self.from_address
if (self.tls is None) and ('gmail' in self.server):
self.tls = True
def _resolve_default(default, username, audit_name, working_dir):
if not default:
return default
script = False
if isinstance(default, dict) and 'script' in default:
string_value = default['script']
script = True
elif isinstance(default, str):
string_value = default
else:
return default
resolved_string_value = resolve_env_vars(string_value, full_match=True)
if resolved_string_value == string_value:
resolved_string_value = replace_auth_vars(string_value, username,
audit_name)
if script:
has_variables = string_value != resolved_string_value
shell = read_bool_from_config('shell',
default,
default=not has_variables)
output = process_utils.invoke(resolved_string_value,
working_dir,
shell=shell)
return output.strip()
return resolved_string_value
def read_short(file_path, json_object):
config = ShortConfig()
config.name = _read_name(file_path, json_object)
config.allowed_users = json_object.get('allowed_users')
config.admin_users = json_object.get('admin_users')
config.group = read_str_from_config(json_object,
'group',
blank_to_none=True)
hidden = read_bool_from_config('hidden', json_object, default=False)
if hidden:
return None
if config.allowed_users is None:
config.allowed_users = ANY_USER
elif (config.allowed_users == '*') or ('*' in config.allowed_users):
config.allowed_users = ANY_USER
if config.admin_users is None:
config.admin_users = ANY_USER
elif (config.admin_users == '*') or ('*' in config.admin_users):
config.admin_users = ANY_USER
return config
def _reload_config(self):
if self._included_config is None:
config = self._original_config
else:
config = merge_dicts(self._original_config, self._included_config, ignored_keys=['parameters'])
self.script_command = config.get('script_path')
self.description = config.get('description')
self.working_directory = config.get('working_directory')
required_terminal = read_bool_from_config('requires_terminal', config, default=self._pty_enabled_default)
self.requires_terminal = required_terminal
ansi_enabled = read_bool_from_config('bash_formatting', config, default=self._ansi_enabled_default)
self.ansi_enabled = ansi_enabled
self.output_files = config.get('output_files', [])
def _reload_config(self):
if self._included_config is None:
config = self._original_config
else:
config = merge_dicts(self._original_config, self._included_config, ignored_keys=['parameters'])
self.script_command = config.get('script_path')
self.description = config.get('description')
self.working_directory = config.get('working_directory')
required_terminal = read_bool_from_config('requires_terminal', config, default=self._pty_enabled_default)
self.requires_terminal = required_terminal
ansi_enabled = read_bool_from_config('bash_formatting', config, default=self._ansi_enabled_default)
self.ansi_enabled = ansi_enabled
self.output_files = config.get('output_files', [])
def _reload(self):
config = self._original_config
self.param = config.get('param')
self.repeat_param = read_bool_from_config('repeat_param',
config,
default=True)
self.env_var = config.get('env_var')
self.no_value = read_bool_from_config('no_value',
config,
default=False)
self.description = replace_auth_vars(config.get('description'),
self._username, self._audit_name)
self.required = read_bool_from_config('required',
config,
default=False)
self.min = config.get('min')
self.max = config.get('max')
self.max_length = config.get('max_length')
self.secure = read_bool_from_config('secure', config, default=False)
self.separator = config.get('separator', ',')
self.multiple_arguments = read_bool_from_config('multiple_arguments',
config,
default=False)
self.same_arg_param = read_bool_from_config('same_arg_param',
config,
default=False)
self.default = _resolve_default(config.get('default'), self._username,
self._audit_name, self._working_dir)
self.file_dir = _resolve_file_dir(config, 'file_dir')
self._list_files_dir = _resolve_list_files_dir(self.file_dir,
self._working_dir)
self.file_extensions = _resolve_file_extensions(
config, 'file_extensions')
self.file_type = _resolve_parameter_file_type(config, 'file_type',
self.file_extensions)
self.file_recursive = read_bool_from_config('file_recursive',
config,
default=False)
self.excluded_files_matcher = _resolve_excluded_files(
config, 'excluded_files', self._list_files_dir)
self.type = self._read_type(config)
self.constant = read_bool_from_config('constant',
config,
default=False)
self._validate_config()
values_provider = self._create_values_provider(config.get('values'),
self.type,
self.constant)
self._values_provider = values_provider
self._reload_values()
def __migrate_repeat_param_and_same_arg_param(context):
for (conf_file, json_object,
content) in _load_runner_files(context.conf_folder):
parameters = json_object.get('parameters')
if not parameters:
continue
has_changes = False
for parameter in parameters:
repeat_param = model_helper.read_bool_from_config(
'repeat_param', parameter)
same_arg_param = model_helper.read_bool_from_config(
'same_arg_param', parameter)
multiple_arguments = model_helper.read_bool_from_config(
'multiple_arguments', parameter)
if repeat_param is None and same_arg_param is None and multiple_arguments is None:
continue
has_changes = True
if repeat_param is not None:
del parameter['repeat_param']
if same_arg_param is not None:
del parameter['same_arg_param']
if multiple_arguments is not None:
del parameter['multiple_arguments']
if repeat_param is not None:
parameter['same_arg_param'] = not repeat_param
if same_arg_param:
parameter['multiselect_argument_type'] = 'repeat_param_value'
elif multiple_arguments:
parameter['multiselect_argument_type'] = 'argument_per_value'
if has_changes:
_write_json(conf_file, json_object, content)
def _reload(self):
config = self._original_config
self.param = config.get('param')
self.no_value = read_bool_from_config('no_value', config, default=False)
self.description = config.get('description')
self.required = read_bool_from_config('required', config, default=False)
self.min = config.get('min')
self.max = config.get('max')
self.secure = read_bool_from_config('secure', config, default=False)
self.separator = config.get('separator', ',')
self.multiple_arguments = read_bool_from_config('multiple_arguments', config, default=False)
self.default = _resolve_default(config.get('default'), self._username, self._audit_name, self._working_dir)
self.file_dir = _resolve_file_dir(config, 'file_dir')
self._list_files_dir = _resolve_list_files_dir(self.file_dir, self._working_dir)
self.file_extensions = _resolve_file_extensions(config, 'file_extensions')
self.file_type = _resolve_parameter_file_type(config, 'file_type', self.file_extensions)
self.file_recursive = read_bool_from_config('file_recursive', config, default=False)
self.type = self._read_type(config)
self.constant = read_bool_from_config('constant', config, default=False)
self._validate_config()
values_provider = self._create_values_provider(
config.get('values'),
self.type,
self.constant)
self._values_provider = values_provider
self._reload_values()
def __migrate_bash_formatting_to_output_format(context):
for (conf_file, json_object, content) in _load_runner_files(context.conf_folder):
if 'bash_formatting' not in json_object:
continue
if model_helper.read_bool_from_config('bash_formatting', json_object, default=True) is False:
output_format = 'text'
else:
output_format = 'terminal'
del json_object['bash_formatting']
json_object['output_format'] = output_format
_write_json(conf_file, json_object, content)
def __init__(self,
execution_service: ExecutionService,
config):
self._execution_service = execution_service
if config is None:
self.notify_on_start = False
self.notify_on_finish = False
return
self.notify_on_start = read_bool_from_config('notify_on_start', config, default=True)
self.notify_on_finish = read_bool_from_config('notify_on_finish', config, default=True)
destinations_config = read_list(config, 'destinations', [])
if not destinations_config:
LOGGER.warning('Execution callback destinations are missing! Please specify any')
self.notify_on_start = False
self.notify_on_finish = False
return
destinations = _init_destinations(destinations_config)
self._communication_service = CommunicationsService(destinations)
self.notification_fields = read_list(config, 'notification_fields', default=_DEFAULT_NOTIFICATION_FIELDS)
def read_short(file_path, json_object):
config = ShortConfig()
config.name = _read_name(file_path, json_object)
config.allowed_users = json_object.get('allowed_users')
hidden = read_bool_from_config('hidden', json_object, default=False)
if hidden:
return None
if config.allowed_users is None:
config.allowed_users = ANY_USER
elif (config.allowed_users == '*') or ('*' in config.allowed_users):
config.allowed_users = ANY_USER
return config
def read_short(file_path, json_object):
config = ShortConfig()
config.name = _read_name(file_path, json_object)
config.allowed_users = json_object.get('allowed_users')
hidden = read_bool_from_config('hidden', json_object, default=False)
if hidden:
return None
if config.allowed_users is None:
config.allowed_users = ANY_USER
elif (config.allowed_users == '*') or ('*' in config.allowed_users):
config.allowed_users = ANY_USER
return config
def _create_values_provider(self, values_config, type, constant):
if constant:
return NoneValuesProvider()
if self._is_plain_server_file():
return FilesProvider(self._list_files_dir, self.file_type,
self.file_extensions,
self.excluded_files_matcher)
if (type != 'list') and (type != PARAM_TYPE_MULTISELECT) and (
type != PARAM_TYPE_EDITABLE_LIST):
return NoneValuesProvider()
if is_empty(values_config):
return EmptyValuesProvider()
if isinstance(values_config, list):
return ConstValuesProvider(values_config)
elif 'script' in values_config:
original_script = values_config['script']
has_variables = ('${' in original_script)
script = replace_auth_vars(original_script, self._username,
self._audit_name)
shell = read_bool_from_config('shell',
values_config,
default=not has_variables)
if '${' not in script:
return ScriptValuesProvider(script, shell)
return DependantScriptValuesProvider(script,
self._parameters_supplier,
shell)
else:
message = 'Unsupported "values" format for ' + self.name
raise Exception(message)
def __init__(self, oauth_authorize_url, oauth_token_url, oauth_scope,
params_dict):
super().__init__()
self.oauth_token_url = oauth_token_url
self.oauth_scope = oauth_scope
self.client_id = model_helper.read_obligatory(params_dict, 'client_id',
' for OAuth')
secret_value = model_helper.read_obligatory(params_dict, 'secret',
' for OAuth')
self.secret = model_helper.resolve_env_vars(secret_value,
full_match=True)
self._client_visible_config['client_id'] = self.client_id
self._client_visible_config['oauth_url'] = oauth_authorize_url
self._client_visible_config['oauth_scope'] = oauth_scope
self.group_support = read_bool_from_config('group_support',
params_dict,
default=True)
self.auth_info_ttl = params_dict.get('auth_info_ttl')
self.session_expire = read_int_from_config(
'session_expire_minutes', params_dict, default=0) * 60
self.dump_file = params_dict.get('state_dump_file')
if self.dump_file:
self._validate_dump_file(self.dump_file)
self._users = {} # type: Dict[str, _UserState]
self._user_locks = defaultdict(lambda: threading.Lock())
self.timer = None
if self.dump_file:
self._restore_state()
self._schedule_dump_task()
def test_missing_value_with_default(self):
value = read_bool_from_config('my_bool', {'text': '123'}, default=True)
self.assertEqual(True, value)
def test_missing_value_with_default(self):
value = read_bool_from_config('my_bool', {'text': '123'}, default=True)
self.assertEqual(True, value)
def test_missing_value_without_default(self):
value = read_bool_from_config('my_bool', {'text': '123'})
self.assertIsNone(value)
def test_str_true(self):
value = read_bool_from_config('my_bool', {'my_bool': 'true'})
self.assertEqual(True, value)
def test_bool_false(self):
value = read_bool_from_config('my_bool', {'my_bool': False})
self.assertEqual(False, value)
def test_str_false_ignore_case(self):
value = read_bool_from_config('my_bool', {'my_bool': 'False'})
self.assertEqual(False, value)
def test_str_true_ignore_case(self):
value = read_bool_from_config('my_bool', {'my_bool': 'TRUE'})
self.assertEqual(True, value)
def read_repeatable_flag(incoming_schedule_config):
repeatable = model_helper.read_bool_from_config('repeatable', incoming_schedule_config)
if repeatable is None:
raise InvalidScheduleException('Missing "repeatable" field')
return repeatable
def test_missing_value_without_default(self):
value = read_bool_from_config('my_bool', {'text': '123'})
self.assertIsNone(value)
def from_json(conf_path, temp_folder):
if os.path.exists(conf_path):
file_content = file_utils.read_file(conf_path)
else:
file_content = "{}"
config = ServerConfig()
json_object = json.loads(file_content)
address = "0.0.0.0"
port = 5000
ssl = json_object.get("ssl")
if ssl is not None:
key_path = model_helper.read_obligatory(ssl, 'key_path', ' for ssl')
cert_path = model_helper.read_obligatory(ssl, 'cert_path', ' for ssl')
config.ssl = True
config.ssl_key_path = key_path
config.ssl_cert_path = cert_path
port = 5443
if json_object.get("address"):
address = json_object.get("address")
config.address = address
if json_object.get("port"):
port = json_object.get("port")
config.port = port
if json_object.get('title'):
config.title = json_object.get('title')
config.enable_script_titles = read_bool_from_config('enable_script_titles',
json_object,
default=True)
access_config = json_object.get('access')
if access_config:
allowed_users = access_config.get('allowed_users')
user_groups = model_helper.read_dict(access_config, 'groups')
user_header_name = access_config.get('user_header_name')
else:
allowed_users = None
user_groups = {}
user_header_name = None
auth_config = json_object.get('auth')
if auth_config:
config.authenticator = create_authenticator(auth_config, temp_folder)
auth_type = config.authenticator.auth_type
if auth_type == 'google_oauth' and allowed_users is None:
raise Exception('access.allowed_users field is mandatory for ' +
auth_type)
def_trusted_ips = []
def_admins = []
else:
def_trusted_ips = ['127.0.0.1', '::1']
def_admins = def_trusted_ips
if access_config:
trusted_ips = strip(
read_list(access_config, 'trusted_ips', default=def_trusted_ips))
admin_users = _parse_admin_users(access_config,
default_admins=def_admins)
full_history_users = _parse_history_users(access_config)
code_editor_users = _parse_code_editor_users(access_config,
admin_users)
else:
trusted_ips = def_trusted_ips
admin_users = def_admins
full_history_users = []
code_editor_users = def_admins
security = model_helper.read_dict(json_object, 'security')
config.allowed_users = _prepare_allowed_users(allowed_users, admin_users,
user_groups)
config.alerts_config = json_object.get('alerts')
config.callbacks_config = json_object.get('callbacks')
config.logging_config = parse_logging_config(json_object)
config.user_groups = user_groups
config.admin_users = admin_users
config.full_history_users = full_history_users
config.code_editor_users = code_editor_users
config.user_header_name = user_header_name
config.ip_validator = TrustedIpValidator(trusted_ips)
config.max_request_size_mb = read_int_from_config('max_request_size',
json_object,
default=10)
config.secret_storage_file = json_object.get(
'secret_storage_file', os.path.join(temp_folder, 'secret.dat'))
config.xsrf_protection = _parse_xsrf_protection(security)
return config
def test_bool_false(self):
value = read_bool_from_config('my_bool', {'my_bool': False})
self.assertEqual(False, value)
def test_str_false_ignore_case(self):
value = read_bool_from_config('my_bool', {'my_bool': 'False'})
self.assertEqual(False, value)
def test_str_true_ignore_case(self):
value = read_bool_from_config('my_bool', {'my_bool': 'TRUE'})
self.assertEqual(True, value)
def test_str_true(self):
value = read_bool_from_config('my_bool', {'my_bool': 'true'})
self.assertEqual(True, value)
