def _parse_conf_from_rest(self):
conf_mgr = conf.ConfManager(self.__session_key,
"TA-SigSci_Blacklist_Alert",
scheme=self.scheme,
host=self.host,
port=self.port)
ta_conf_file = get_or_create_conf_file(conf_mgr, setup_const.myta_conf)
credential_conf_file = get_or_create_conf_file(
conf_mgr, setup_const.myta_credential_conf)
# read global and proxy settings
all_settings = ta_conf_file.get_all()
if not all_settings:
all_settings = {}
self._setNoneValues(all_settings.get(setup_const.global_settings, {}))
# read account credential settings
for cred, cred_conf in self.cred_confs:
try:
cred_conf_file = get_or_create_conf_file(conf_mgr, cred_conf)
creds_data = cred_conf_file.get_all()
self._setNoneValues(creds_data)
all_settings.update({cred: creds_data})
except conf.ConfManagerException as e:
self.log_info('Conf {} not found.'.format(cred))
# read customized settings
customized_conf_file = get_or_create_conf_file(
conf_mgr, setup_const.myta_customized_conf)
settings = customized_conf_file.get_all()
all_settings[setup_const.myta_customized_settings] = settings
self._setNoneValues(
all_settings.get(setup_const.myta_customized_settings, {}))
return filter_eai_property(all_settings)
def handleList(self, confInfo):
logger.info("start list setup configure.")
scheme, host, port = utils.extract_http_scheme_host_port(
scc.getMgmtUri())
conf_mgr = conf.ConfManager(self.getSessionKey(),
self.appName,
scheme=scheme,
host=host,
port=port)
ta_conf_file = get_or_create_conf_file(conf_mgr, setup_const.myta_conf)
# read globala and proxy settings
all_settings = ta_conf_file.get_all()
if not all_settings:
all_settings = {}
self._setNoneValues(all_settings.get(setup_const.global_settings, {}))
# customized conf
customized_conf_file = get_or_create_conf_file(
conf_mgr, setup_const.myta_customized_conf)
settings = customized_conf_file.get_all()
all_settings[setup_const.myta_customized_settings] = settings
self._clearPasswords(all_settings, self.cred_fields)
all_settings = filter_eai_property(all_settings)
all_settings = json.dumps(all_settings)
all_settings = utils.escape_json_control_chars(all_settings)
confInfo[setup_const.myta_settings].append(setup_const.all_settings,
all_settings)
logger.info("list setup configure is done.")
def handleEdit(self, confInfo):
logger.info("start edit setup configure.")
scheme, host, port = utils.extract_http_scheme_host_port(
scc.getMgmtUri())
conf_mgr = conf.ConfManager(self.getSessionKey(),
self.appName,
scheme=scheme,
host=host,
port=port)
ta_conf_file = get_or_create_conf_file(conf_mgr, setup_const.myta_conf)
customized_conf_file = get_or_create_conf_file(
conf_mgr, setup_const.myta_customized_conf)
all_origin_settings = ta_conf_file.get_all()
all_settings = utils.escape_json_control_chars(
self.callerArgs.data[setup_const.all_settings][0])
all_settings = json.loads(all_settings)
# write global and proxy settings
self._updateGlobalSettings(setup_const.global_settings, all_settings,
all_origin_settings, ta_conf_file)
self._updateGlobalSettings(setup_const.proxy_settings, all_settings,
all_origin_settings, ta_conf_file)
# write customized settings
customized_conf_file = get_or_create_conf_file(
conf_mgr, setup_const.myta_customized_conf)
self._updateConfStanzas(
all_settings.get(setup_const.myta_customized_settings, {}),
customized_conf_file, self.encrypt_fields_customized)
logger.info("edit setup configure is done")
def update_access_token(access_token, refresh_token, client_secret,
session_key, stanza_name):
"""
Updates the latest access_token and refresh token in the ta_lansweeper_add_on_for_splunk_account.conf
:param access_token: Access Token of the Lansweeper Account
:param refresh_token: Refresh Token of the Lansweeper Account
:param client_secret: Client Secret of the Lansweeper Account
:param session_key: Splunk session key
:param stanza_name: Stanza name of the account to be updated
:return : True on successfully updating the account configurations
"""
cfm = conf_manager.ConfManager(
session_key,
APP_NAME,
realm=
'__REST_CREDENTIAL__#{}#configs/conf-ta_lansweeper_add_on_for_splunk_account'
.format(APP_NAME))
conf = cfm.get_conf('ta_lansweeper_add_on_for_splunk_account')
conf.update(
stanza_name, {
'access_token': access_token,
'client_secret': client_secret,
'refresh_token': refresh_token
}, ['access_token', 'client_secret', 'refresh_token'])
return True
def test_conf_manager():
session_key = credentials.get_session_key(
context.username,
context.password,
scheme=context.scheme,
host=context.host,
port=context.port,
)
cfm = conf_manager.ConfManager(
session_key,
context.app,
owner=context.owner,
scheme=context.scheme,
host=context.host,
port=context.port,
)
try:
conf = cfm.get_conf("test")
except conf_manager.ConfManagerException:
conf = cfm.create_conf("test")
assert not conf.stanza_exist("test_stanza")
conf.update("test_stanza", {"k1": 1, "k2": 2}, ["k1"])
assert conf.get("test_stanza")["k1"] == 1
assert int(conf.get("test_stanza")["k2"]) == 2
assert conf.get("test_stanza")["eai:appName"] == "solnlib_demo"
assert len(conf.get_all()) == 1
conf.delete("test_stanza")
with pytest.raises(conf_manager.ConfStanzaNotExistException):
conf.get("test_stanza")
with pytest.raises(conf_manager.ConfStanzaNotExistException):
conf.delete("test_stanza")
conf.reload()
def get_log_level(session_key, logger):
"""
This function returns the log level for the addon from configuration file.
:param session_key: session key for particular modular input.
:return : log level configured in addon.
"""
try:
settings_cfm = conf_manager.ConfManager(
session_key,
APP_NAME,
realm="__REST_CREDENTIAL__#{}#configs/conf-{}_settings".format(
APP_NAME, CONF_NAME))
logging_details = settings_cfm.get_conf(CONF_NAME +
"_settings").get("logging")
log_level = logging_details.get('loglevel') if (
logging_details.get('loglevel')) else 'INFO'
return log_level
except Exception:
logger.error(
"Failed to fetch the log details from the configuration taking INFO as default level."
)
return 'INFO'
def get_account_details(session_key, account_name, logger):
"""
This function retrieves account details from addon configuration file.
:param session_key: session key for particular modular input.
:param account_name: account name configured in the addon.
:param logger: provides logger of current input.
:return : account details in form of a dictionary.
"""
try:
cfm = conf_manager.ConfManager(
session_key,
APP_NAME,
realm='__REST_CREDENTIAL__#{}#configs/conf-{}_account'.format(
APP_NAME, CONF_NAME))
account_conf_file = cfm.get_conf(CONF_NAME + '_account')
logger.info(f"Fetched configured account {account_name} details.")
return {
"username": account_conf_file.get(account_name).get('username'),
"password": account_conf_file.get(account_name).get('password'),
}
except Exception as e:
logger.error(
"Failed to fetch account details from configuration. {}".format(
traceback.format_exc()))
sys.exit(1)
def get_account_details(session_key, account_name, logger):
"""
This function retrieves account details from addon configuration file.
:param session_key: session key for particular modular input.
:param account_name: account name configured in the addon.
:param logger: provides logger of current input.
:return : account details in form of a dictionary.
"""
try:
cfm = conf_manager.ConfManager(
session_key,
APP_NAME,
realm=
'__REST_CREDENTIAL__#{}#configs/conf-ta_lansweeper_add_on_for_splunk_account'
.format(APP_NAME))
account_conf_file = cfm.get_conf(
'ta_lansweeper_add_on_for_splunk_account')
except Exception as exception:
logger.error(
"Failed to fetch account details from configuration, error={}".
format(exception))
sys.exit(1)
logger.info("Fetched configured account details")
return {
"client_id": account_conf_file.get(account_name).get('client_id'),
"client_secret":
account_conf_file.get(account_name).get('client_secret'),
"access_token":
account_conf_file.get(account_name).get('access_token'),
"refresh_token":
account_conf_file.get(account_name).get('refresh_token')
}
def setup(cls, session_key):
"""
Set up sesison key and conf manager.
NOTE: Must be done before performing any further actions
"""
cls.conf_manager = conf_manager.ConfManager(session_key, em_constants.APP_NAME, port=getDefault('port'))
try:
cls.conf = get_conf_stanza(cls.conf_manager, SLACK_CONF_FILE)
except Exception:
return EMSlack.error_rest_api_response(message=SLACK_REST_API_GENERAL_ERROR_MESSAGE)
def getProxyDetails(self):
# Create confmanger object for the app with realm
cfm = conf_manager.ConfManager(self.getSessionKey(
), "TA-lansweeper-add-on-for-splunk", realm="__REST_CREDENTIAL__#TA-lansweeper-add-on-for-splunk#configs/conf-ta_lansweeper_add_on_for_splunk_settings")
# Get Conf object of apps settings
conf = cfm.get_conf('ta_lansweeper_add_on_for_splunk_settings')
# Get proxy stanza from the settings
proxy_config = conf.get("proxy", True)
if not proxy_config or not is_true(proxy_config.get('proxy_enabled')):
logger.info('Proxy is not enabled')
return None
url = proxy_config.get('proxy_url')
port = proxy_config.get('proxy_port')
if url or port:
if not url:
raise ValueError('Proxy "url" must not be empty')
if not self.is_valid_port(port):
raise ValueError(
'Proxy "port" must be in range [1,65535]: %s' % port
)
user = proxy_config.get('proxy_username')
password = proxy_config.get('proxy_password')
if not all((user, password)):
logger.info('Proxy has no credentials found')
user, password = None, None
proxy_type = proxy_config.get('proxy_type')
proxy_type = proxy_type.lower() if proxy_type else 'http'
if proxy_type in _PROXY_TYPE_MAP:
ptv = _PROXY_TYPE_MAP[proxy_type]
elif proxy_type in _PROXY_TYPE_MAP.values():
ptv = proxy_type
else:
ptv = socks.PROXY_TYPE_HTTP
logger.info('Proxy type not found, set to "HTTP"')
rdns = is_true(proxy_config.get('proxy_rdns'))
proxy_info = ProxyInfo(
proxy_host=url,
proxy_port=int(port),
proxy_type=ptv,
proxy_user=user,
proxy_pass=password,
proxy_rdns=rdns
)
# logger.info(proxy_info)
return proxy_info
def get_proxy_settings(session_key, logger):
"""
This function fetches proxy settings
:param session_key: session key for particular modular input.
:param logger: provides logger of current input.
:return : proxy settings
"""
try:
settings_cfm = conf_manager.ConfManager(
session_key,
APP_NAME,
realm="__REST_CREDENTIAL__#{}#configs/conf-{}_settings".format(
APP_NAME, CONF_NAME))
ta_settings_conf = settings_cfm.get_conf(CONF_NAME +
"_settings").get_all()
except Exception:
logger.error(
"Failed to fetch proxy details from configuration. {}".format(
traceback.format_exc()))
sys.exit(1)
proxy_settings = {}
proxy_stanza = {}
for key, value in ta_settings_conf["proxy"].items():
proxy_stanza[key] = value
if int(proxy_stanza.get("proxy_enabled", 0)) == 0:
return proxy_settings
proxy_port = proxy_stanza.get('proxy_port')
proxy_url = proxy_stanza.get('proxy_url')
proxy_username = proxy_stanza.get('proxy_username', '')
proxy_password = proxy_stanza.get('proxy_password', '')
if proxy_username and proxy_password:
proxy_username = rq.compat.quote_plus(proxy_username)
proxy_password = rq.compat.quote_plus(proxy_password)
proxy_uri = "%s://%s:%s@%s:%s" % (
proxy_type, proxy_username, proxy_password, proxy_url, proxy_port)
else:
proxy_uri = "%s://%s:%s" % (proxy_type, proxy_url, proxy_port)
proxy_settings = {
"http": proxy_uri,
"https": proxy_uri,
"username": proxy_username,
"proxy_password": proxy_password,
"proxy": proxy_url,
"proxy_port": proxy_port
}
logger.info("Fetched configured proxy details.")
return proxy_settings
def do_additional_setup(self):
# set log level
log_level = self.inputs.get('job', {}).get('log_level', 'WARNING')
logger.setLevel(log.parse_log_level(log_level))
# set up message service
self.splunkd_messages_service = Service(port=getDefault('port'),
token=session['authtoken'],
app=APP_NAME,
owner='nobody').messages
# set up conf file manager
self.inputs_conf = conf_manager.ConfManager(
session['authtoken'], APP_NAME,
port=getDefault('port')).get_conf('inputs')
def setup(cls, session_key):
"""
Set up sesison key and conf manager.
NOTE: Must be done before performing any further actions
"""
EMVictorOps.SESSION_KEY = session_key
cls.conf_manager = conf_manager.ConfManager(EMVictorOps.SESSION_KEY,
em_constants.APP_NAME,
port=getDefault('port'))
try:
cls.conf = get_conf_stanza(cls.conf_manager, VICTOROPS_CONF_FILE)
except Exception:
return EMVictorOps.error_rest_api_response(
message=VICTOROPS_REST_API_GENERAL_ERROR_MESSAGE)
def get_conf_file(
session_key,
file,
app=APP_NAME,
realm="__REST_CREDENTIAL__#{app_name}#configs/conf-app_greynoise_settings".
format(app_name=APP_NAME)):
"""
Returns the conf object of the file
:param session_key:
:param file:
:param app:
:param realm:
:return: Conf File Object
"""
cfm = conf_manager.ConfManager(session_key, app, realm=realm)
return cfm.get_conf(file)
def handleEdit(self, confInfo):
logger.info("start edit setup configure.")
scheme, host, port = utils.extract_http_scheme_host_port(
scc.getMgmtUri())
conf_mgr = conf.ConfManager(self.getSessionKey(),
self.appName,
scheme=scheme,
host=host,
port=port)
ta_conf_file = get_or_create_conf_file(conf_mgr, setup_const.myta_conf)
customized_conf_file = get_or_create_conf_file(
conf_mgr, setup_const.myta_customized_conf)
all_origin_settings = ta_conf_file.get_all()
all_settings = utils.escape_json_control_chars(
self.callerArgs.data[setup_const.all_settings][0])
all_settings = json.loads(all_settings)
# write global and proxy settings
self._updateGlobalSettings(setup_const.global_settings, all_settings,
all_origin_settings, ta_conf_file)
# write customized settings
customized_conf_file = get_or_create_conf_file(
conf_mgr, setup_const.myta_customized_conf)
self._updateConfStanzas(
all_settings.get(setup_const.myta_customized_settings, {}),
customized_conf_file, self.encrypt_fields_customized)
# write account credential settings
for cred, conf_file in self.cred_confs:
cred_conf_file = get_or_create_conf_file(conf_mgr, conf_file)
creds = all_settings.get(cred, {})
if creds == setup_const.ignore_backend_req:
logger.info("Ignore backend rest request")
continue
if creds:
self._updateConfStanzas(creds, cred_conf_file,
self.encrypt_fields_credential)
logger.info("edit setup configure is done")
def test_conf_manager(monkeypatch):
credentials_store = {}
all_stanzas = {}
def mock_storage_passwords_list(self, count=None, **kwargs):
return credentials_store.values()
def mock_storage_passwords_create(self, password, username, realm=None):
title = "{}:{}:".format(realm,
username) if realm else ":{}:".format(username)
password = client.StoragePassword(
None,
"storage/passwords/{}".format(title),
state=record({
"content": {
"clear_password": password,
"encr_password": hashlib.md5(password.encode()).digest(),
"password": "******",
"realm": realm,
"username": username,
},
"title": title,
}),
)
credentials_store[title] = password
return password
def mock_storage_passwords_delete(self, username, realm=None):
title = "{}:{}:".format(realm,
username) if realm else ":{}:".format(username)
if title in credentials_store:
del credentials_store[title]
else:
raise KeyError("No such entity %s" % username)
def mock_storage_password_delete(self):
if self.name in credentials_store:
del credentials_store[self.name]
else:
raise KeyError("No such entity %s" % self.name)
def mock_configuration_get(self,
name="",
owner=None,
app=None,
sharing=None,
**query):
return common.make_response_record("")
def mock_configuration_file_list(self, count=None, **kwargs):
if not hasattr(mock_configuration_file_list, "normal_mode"):
mock_configuration_file_list.normal_mode = True
raise binding.HTTPError(common.make_response_record("",
status=404))
else:
if "name" in kwargs:
if kwargs["name"] in all_stanzas:
stanza_mgr = client.Stanza(
self.service,
"configs/conf-test/{0}/".format(kwargs["name"]),
skip_refresh=True,
)
stanza_mgr._state = common.record({
"title":
kwargs["name"],
"access":
common.record({"app": "test"}),
"content":
all_stanzas[kwargs["name"]],
})
return [stanza_mgr]
else:
raise binding.HTTPError(
common.make_response_record("", status=404))
else:
stanza_mgrs = []
for stanza_name, stanza in list(all_stanzas.items()):
stanza_mgr = client.Stanza(
self.service,
"configs/conf-test/{0}/".format(stanza_name),
skip_refresh=True,
)
stanza_mgr._state = common.record({
"title":
stanza_name,
"access":
common.record({"app": "test"}),
"content":
stanza,
})
stanza_mgrs.append(stanza_mgr)
return stanza_mgrs
def mock_configuration_file_get(self,
name="",
owner=None,
app=None,
sharing=None,
**query):
return common.make_response_record("")
def mock_configuration_file_create(self, name, **params):
stanza_mgr = client.Stanza(self.service,
"configs/conf-test/{0}/".format(name),
skip_refresh=True)
stanza_mgr._state = common.record({"title": name, "content": {}})
return stanza_mgr
def mock_configuration_file_delete(self, name, **params):
del all_stanzas[name]
def mock_stanza_submit(self, stanza):
all_stanzas[self.name] = stanza
common.mock_splunkhome(monkeypatch)
monkeypatch.setattr(client.StoragePasswords, "list",
mock_storage_passwords_list)
monkeypatch.setattr(client.StoragePasswords, "create",
mock_storage_passwords_create)
monkeypatch.setattr(client.StoragePasswords, "delete",
mock_storage_passwords_delete)
monkeypatch.setattr(client.StoragePassword, "delete",
mock_storage_password_delete)
monkeypatch.setattr(client.Configurations, "get", mock_configuration_get)
monkeypatch.setattr(client.ConfigurationFile, "get",
mock_configuration_file_get)
monkeypatch.setattr(client.ConfigurationFile, "list",
mock_configuration_file_list)
monkeypatch.setattr(client.ConfigurationFile, "create",
mock_configuration_file_create)
monkeypatch.setattr(client.ConfigurationFile, "delete",
mock_configuration_file_delete)
monkeypatch.setattr(client.Stanza, "submit", mock_stanza_submit)
cfm = conf_manager.ConfManager(common.SESSION_KEY, common.app)
conf = cfm.get_conf("test")
assert not conf.stanza_exist("test_stanza")
conf.update("test_stanza", {"k1": 1, "k2": 2}, ["k1", "key_not_exist"])
assert conf.get("test_stanza") == {
"k2": 2,
"k1": 1,
"eai:access": common.record({"app": "test"}),
"eai:appName": "test",
}
assert conf.get_all() == {
"test_stanza": {
"k2": 2,
"k1": 1,
"eai:access": common.record({"app": "test"}),
"eai:appName": "test",
}
}
conf.delete("test_stanza")
with pytest.raises(conf_manager.ConfStanzaNotExistException):
conf.get("test_stanza")
with pytest.raises(conf_manager.ConfStanzaNotExistException):
conf.delete("test_stanza")
conf.reload()
cfm = conf_manager.ConfManager(
common.SESSION_KEY,
common.app,
realm="__REST_CREDENTIAL__#{}#configs/conf-test".format(common.app),
)
conf = cfm.get_conf("test")
assert not conf.stanza_exist("test_stanza")
conf.update("test_stanza", {"k1": 1, "k2": 2}, ["k1", "key_not_exist"])
assert conf.get("test_stanza") == {
"k2": 2,
"k1": 1,
"eai:access": common.record({"app": "test"}),
"eai:appName": "test",
}
assert conf.get_all() == {
"test_stanza": {
"k2": 2,
"k1": 1,
"eai:access": common.record({"app": "test"}),
"eai:appName": "test",
}
}
conf.delete("test_stanza")
with pytest.raises(conf_manager.ConfStanzaNotExistException):
conf.get("test_stanza")
with pytest.raises(conf_manager.ConfStanzaNotExistException):
conf.delete("test_stanza")
conf.reload()
