示例#1
0
def do(data, resource):
    partition = 'logic-function'
    body = {}
    params = data['params']

    function_name = params.get('function_name')
    description = params.get('description', None)
    zip_file = params.get('zip_file', None)
    runtime = params.get('runtime')
    handler = params.get('handler')
    runnable = params.get('runnable', True)
    sdk_config = params.get('sdk_config', {})

    zip_file_id = uuid()
    requirements_zip_file_id = uuid()

    item = dict()
    item['function_name'] = function_name
    item['description'] = description
    item['handler'] = handler
    item['runtime'] = runtime
    item['runnable'] = runnable
    item['zip_file_id'] = zip_file_id
    item['requirements_zip_file_id'] = requirements_zip_file_id
    item['sdk_config'] = sdk_config

    item_ids, _ = resource.db_get_item_id_and_orders(partition,
                                                     'function_name',
                                                     function_name)
    if len(item_ids) == 0:
        zip_file_b64 = zip_file.encode('utf-8')
        zip_file_bin = base64.b64decode(zip_file_b64)
        requirements_zip_file_bin = generate_requirements_zipfile(zip_file_bin)
        resource.file_upload_bin(zip_file_id, zip_file_bin)
        resource.file_upload_bin(requirements_zip_file_id,
                                 requirements_zip_file_bin)
        resource.db_put_item(partition, item)
        body['function_name'] = function_name
        return Response(body)
    else:
        body['error'] = error.EXISTING_FUNCTION
        return Response(body)
示例#2
0
def do(data, resource):
    partition = 'logic-function'
    body = {}
    params = data['params']

    function_name = params.get('function_name')

    items, _ = resource.db_query(partition, [{
        'option': None,
        'field': 'function_name',
        'value': function_name,
        'condition': 'eq'
    }])

    if len(items) == 0:
        body['error'] = error.NO_SUCH_FUNCTION
        return Response(body)
    else:
        body['item'] = items[0]
        return Response(body)
示例#3
0
def do(data, resource):
    body = {}
    params = data['params']

    partition_to_apply = params.get('partition_to_apply')
    mode = params.get('mode')
    code = params.get('code')

    if mode not in POLICY_MODES:
        body['error'] = error.NO_SUCH_POLICY_MODE
        return Response(body)

    item_id = '{}-policy-{}-{}'.format(SERVICE, partition_to_apply, mode)
    item = {
        'partition_to_apply': partition_to_apply,
        'mode': mode,
        'code': code,
    }
    resource.db_put_item('{}-policy'.format(SERVICE), item, item_id)
    return Response(body)
示例#4
0
def do(data, resource):
    body = {}
    params = data['params']
    group_name = params['group_name']
    permission = params.get('permission')

    if group_name == 'admin':
        body['error'] = error.ADMIN_GROUP_CANNOT_BE_MODIFIED
        return Response(body)

    item = resource.db_get_item('user-group-{}'.format(group_name))
    item_permissions = item.get('permissions', [])
    item_permissions.remove(permission)
    item_permissions = list(set(item_permissions))
    item['permissions'] = item_permissions

    success = resource.db_put_item('user_group', item,
                                   'user-group-{}'.format(group_name))
    body['success'] = success
    return Response(body)
示例#5
0
def do(data, resource):
    body = {}
    params = data['params']

    start_key = params.get('start_key', None)
    limit = params.get('limit', 100)
    partition = 'user'

    items, end_key = resource.db_get_items_in_partition(partition, start_key=start_key, limit=limit, reverse=True)
    body['items'] = items
    body['end_key'] = end_key
    return Response(body)
示例#6
0
def do(data, resource):
    body = {}
    params = data['params']
    user = data['user']

    file_id_to_delete = params.get('file_id')

    while file_id_to_delete:
        file_item = resource.db_get_item(file_id_to_delete)

        if file_item and match_policy_after_get_policy_code(
                resource, 'delete', 'files', user, file_item):
            resource.file_delete_bin(file_id_to_delete)
            success = resource.db_delete_item(file_id_to_delete)
            body['success'] = success
            file_id_to_delete = file_item.get('parent_file_id', None)
        else:
            body['error'] = error.PERMISSION_DENIED
            return Response(body)

    return Response(body)
示例#7
0
def do(data, resource):
    body = {}
    params = data['params']

    user_id = params.get('user_id', None)
    field = params.get('field')
    value = params.get('value', None)

    user = resource.db_get_item(user_id)

    # For security
    if field in [
            'id', 'email', 'password_hash', 'salt', 'groups', 'login_method'
    ]:
        body['error'] = error.FORBIDDEN_MODIFICATION
        return Response(body)
    else:
        user[field] = value
        resource.db_update_item(user_id, user)
        body['user_id'] = user_id
        return Response(body)
示例#8
0
def do(data, resource):
    body = {}
    params = data['params']
    session_id = params.get('session_id', None)
    try:
        item = resource.db_get_item(Hash.sha3_512(session_id))
    except BaseException as ex:
        print(ex)
        body['error'] = error.PERMISSION_DENIED
        return Response(body)
    print('session_item:', item)
    if item:
        user_id = item.get('user_id', None)
    else:
        user_id = None

    if user_id:
        user = resource.db_get_item(user_id)
        body['item'] = user
    else:
        body['item'] = None
    return Response(body)
示例#9
0
def do(data, resource):
    body = {}
    params = data['params']

    partition_to_apply = 'files'
    mode = params.get('mode')

    policy_code = get_policy_code(resource, partition_to_apply, mode)
    if policy_code:
        body['code'] = policy_code
    else:
        body['error'] = error.NO_SUCH_POLICY_MODE
    return Response(body)
示例#10
0
def do(data, resource):
    body = {}
    params = data['params']
    user_id = params['user_id']
    group_name = params.get('group_name')

    user = resource.db_get_item(user_id)
    groups = user.get('groups', [])
    groups.append(group_name)
    groups = list(set(groups))
    user['groups'] = groups
    success = resource.db_update_item(user_id, user)
    body['success'] = success
    return Response(body)
示例#11
0
def do(data, resource):
    body = {}
    params = data['params']
    user = data['user']

    item_id = params.get('item_id', None)

    item = resource.db_get_item(item_id)
    if item is None:
        body['error'] = error.NO_SUCH_ITEM
        return Response(body)

    if database_can_not_access_to_item(item):
        body['error'] = error.PERMISSION_DENIED
        return Response(body)

    if match_policy_after_get_policy_code(resource, 'delete',
                                          item['partition'], user, item):
        success = resource.db_delete_item(item_id)
        body['success'] = success
    else:
        body['message'] = error.PERMISSION_DENIED
    return Response(body)
示例#12
0
def do(data, resource):
    body = {}
    params = data['params']
    login_method = params.get(
        'login_method')  # email_login, guest_login, facebook_login
    if login_method not in LOGIN_METHODS:
        body['error'] = error.NO_SUCH_LOGIN_METHOD
        return Response(body)

    item = resource.db_get_item('auth-login-method-{}'.format(login_method))
    default_policy_code = get_default_policy_code(login_method)

    if not item:
        item = {
            'enabled': True,
            'default_group_name': 'user',
            'register_policy_code': default_policy_code,
        }
        resource.db_put_item('meta-info', item, login_method)
    if item.get('register_policy_code', None) is None:
        item['register_policy_code'] = default_policy_code

    body['item'] = item
    return Response(body)
示例#13
0
def do(data, resource):
    body = {}
    params = data['params']
    user = data['user']

    item_id = params.get('item_id', None)
    field_name = params.get('field_name', None)
    field_value = params.get('field_value', None)

    item = resource.db_get_item(item_id)
    if database_can_not_access_to_item(item):
        body['error'] = error.PERMISSION_DENIED
        return Response(body)

    if match_policy_after_get_policy_code(resource, 'update',
                                          item['partition'], user, item):
        item[field_name] = field_value
        if field_value is None:
            item.pop(field_name)
        success = resource.db_update_item(item_id, item)
        body['success'] = success
    else:
        body['error'] = error.PERMISSION_DENIED
    return Response(body)
示例#14
0
def do(data, resource):
    partition = 'logic-function'
    body = {}
    params = data['params']

    function_name = params.get('function_name')
    file_path = params.get('file_path')

    items, _ = resource.db_query(partition, [{
        'option': None,
        'field': 'function_name',
        'value': function_name,
        'condition': 'eq'
    }])

    if not file_path:
        body['error'] = error.NO_SUCH_FILE
        return Response(body)

    if items:
        item = items[0]
        zip_file_id = item['zip_file_id']
        zip_file_bin = resource.file_download_bin(zip_file_id)
        zip_temp_dir = tempfile.mktemp()
        extracted_dir = tempfile.mkdtemp()
        with open(zip_temp_dir, 'wb') as zip_temp:
            zip_temp.write(zip_file_bin)
        with ZipFile(zip_temp_dir) as zip_file:
            zip_file.extractall(extracted_dir)
        with open(os.path.join(extracted_dir, file_path), 'r') as fp:
            content = fp.read()
        body['item'] = {'type': 'text', 'content': content}
        return Response(body)

    body['error'] = 'function_name: {} did not exist'.format(function_name)
    return Response(body)
def do(data, resource):
    partition = 'logic-function-test'
    body = {}
    params = data['params']

    test_name = params.get('test_name')
    function_name = params.get('function_name')
    test_input = params.get('test_input')
    if isinstance(test_input, dict):
        test_input = json.dumps(test_input)

    item = dict()
    item['test_name'] = test_name
    item['function_name'] = function_name
    item['test_input'] = test_input

    item_ids, _ = resource.db_get_item_id_and_orders(partition, 'test_name', test_name)
    if len(item_ids) == 0:
        resource.db_put_item(partition, item)
        body['test_name'] = test_name
        return Response(body)
    else:
        body['error'] = error.EXISTING_FUNCTION
        return Response(body)
示例#16
0
def do(data, resource):
    body = {}
    params = data['params']
    user = data['user']

    item_id = params.get('item_id', None)
    item = resource.db_get_item(item_id)

    if match_policy_after_get_policy_code(resource, 'read', item['partition'],
                                          user, item):
        body['item'] = item
    else:
        body['error'] = error.PERMISSION_DENIED

    return Response(body)
def do(data, resource):
    partition = 'logic-function-test'
    body = {}
    params = data['params']

    test_name = params.get('test_name')
    items, _ = resource.db_query(partition, [{
        'option': None,
        'field': 'test_name',
        'value': test_name,
        'condition': 'eq'
    }])
    for item in items:
        success = resource.db_delete_item(item['id'])
        body['success'] = success
    return Response(body)
示例#18
0
def do(data, resource):  # This is for admins
    body = {}
    params = data['params']

    partition = 'files'
    start_key = params.get('start_key', None)
    limit = params.get('limit', 100)
    reverse = params.get('reverse', False)

    items, end_key = resource.db_get_items_in_partition(partition,
                                                        start_key=start_key,
                                                        limit=limit,
                                                        reverse=reverse)

    body['items'] = list(
        filter(lambda x: x.get('next_file_id', None) is None, items))
    body['end_key'] = end_key
    return Response(body)
示例#19
0
def do(data, resource):
    partition = 'logic-function-test'
    body = {}
    params = data['params']

    start_key = None
    limit = 1000

    items = []
    while True:
        _items, end_key = resource.db_get_items_in_partition(partition, start_key=start_key, limit=limit)
        items.extend(_items)
        start_key = end_key
        if not start_key:
            break

    body['items'] = items
    body['end_key'] = end_key
    return Response(body)
示例#20
0
def do(data, resource):
    body = {}
    params = data['params']
    default_groups = {
        'user': {
            'name': 'user',
            'description': 'Default user group',
            'permissions': Permission.default_user_permissions,
        },
    }
    admin_groups = {
        'admin': {
            'name': 'admin',
            'description': 'Admin has full control of the system',
            'permissions': Permission.all(),
        }
    }

    group_items, _ = resource.db_get_items_in_partition('user_group',
                                                        limit=10000)
    has_default_groups = True
    for group_name in default_groups:
        if group_name not in [
                group_item['name'] for group_item in group_items
        ]:
            has_default_groups = False
            resource.db_put_item('user_group', default_groups[group_name],
                                 'user-group-{}'.format(group_name))

    for group_name in admin_groups:
        resource.db_put_item('user_group', admin_groups[group_name],
                             'user-group-{}'.format(group_name))

    if not has_default_groups:
        group_items, _ = resource.db_get_items_in_partition('user_group',
                                                            limit=10000)

    body['groups'] = group_items
    return Response(body)
示例#21
0
def do(data, resource):
    partition = 'logic-function'
    body = {}
    params = data['params']

    function_name = params.get('function_name')
    file_path = params.get('file_path')
    file_content = params.get('file_content')
    file_type = params.get('file_type', 'text')

    print(params)

    if file_type not in SUPPORT_TYPES:
        body['error'] = error.UNSUPPORTED_FILE_TYPE
        return Response(body)

    items, _ = resource.db_query(partition, [{
        'option': None,
        'field': 'function_name',
        'value': function_name,
        'condition': 'eq'
    }])

    if len(items) == 0:
        body['message'] = 'function_name: {} did not exist'.format(
            function_name)
        return Response(body)
    else:
        item = items[0]
        zip_file_id = item['zip_file_id']
        zip_file_bin = resource.file_download_bin(zip_file_id)
        zip_temp_dir = tempfile.mktemp()
        extracted_dir = tempfile.mkdtemp()

        with open(zip_temp_dir, 'wb') as zip_temp:
            zip_temp.write(zip_file_bin)
        with ZipFile(zip_temp_dir) as zip_file:
            zip_file.extractall(extracted_dir)
        with open(os.path.join(extracted_dir, file_path), 'w+') as fp:
            fp.write(file_content)
        with ZipFile(zip_temp_dir, 'a') as zip_file:
            file_name = os.path.join(extracted_dir, file_path)
            zip_file.write(file_name, file_path)

        zip_file_id = uuid()

        with open(zip_temp_dir, 'rb') as zip_file:
            zip_file_bin = zip_file.read()
            resource.file_upload_bin(zip_file_id, zip_file_bin)
            if 'zip_file_id' in item:
                resource.file_delete_bin(
                    item['zip_file_id'])  # Remove previous zip file
            item['zip_file_id'] = zip_file_id  # Set new file's id
            success = resource.db_update_item(item['id'], item)
            body['success'] = success

        if 'requirements.txt' in file_path:
            requirements_zipfile_id = uuid()
            requirements_zipfile_bin = generate_requirements_zipfile(
                zip_file_bin)
            resource.file_upload_bin(requirements_zipfile_id,
                                     requirements_zipfile_bin)
            if 'requirements_zipfile_id' in item:
                resource.file_delete_bin(item['requirements_zipfile_id'])
            item['requirements_zipfile_id'] = requirements_zipfile_id

        return Response(body)
示例#22
0
def do(data, resource):
    partition = 'logic-function'
    body = {}
    params = data['params']
    user = data.get('user', None)

    function_name = params.get('function_name')
    payload = params.get('payload')

    items, _ = resource.db_query(partition, [{
        'option': None,
        'field': 'function_name',
        'value': function_name,
        'condition': 'eq'
    }])

    if len(items) == 0:
        body['error'] = error.NO_SUCH_FUNCTION
        return Response(body)
    else:
        item = items[0]

        zip_file_id = item['zip_file_id']
        requirements_zip_file_id = item.get('requirements_zip_file_id', None)
        function_handler = item['handler']
        sdk_config = item.get('sdk_config', {})
        function_package = '.'.join(function_handler.split('.')[:-1])
        function_method = function_handler.split('.')[-1]

        zip_file_bin = resource.file_download_bin(zip_file_id)
        requirements_zip_file_bin = resource.file_download_bin(
            requirements_zip_file_id)
        zip_temp_dir = tempfile.mktemp()
        requirements_zip_temp_dir = tempfile.mktemp()
        extracted_dir = tempfile.mkdtemp()

        with open(zip_temp_dir, 'wb') as zip_temp:
            zip_temp.write(zip_file_bin)
        with open(requirements_zip_temp_dir, 'wb') as zip_temp:
            zip_temp.write(requirements_zip_file_bin)
        # Extract function files and copy configs
        with ZipFile(zip_temp_dir) as zip_file:
            zip_file.extractall(extracted_dir)
            copy_configfile(extracted_dir, sdk_config)
        # Extract requirements folders and files
        with ZipFile(requirements_zip_temp_dir) as zip_temp:
            zip_temp.extractall(extracted_dir)

        try:
            #  Comment removing cache because of a performance issue
            #  invalidate_caches()
            sys.path.insert(0, extracted_dir)
            module = import_module(function_package)
            std_str = io.StringIO()
            with redirect_stdout(std_str):
                handler = getattr(module, function_method)
                body['response'] = handler(payload, user)
            body['stdout'] = std_str.getvalue()
        except Exception as ex:
            body['error'] = error.FUNCTION_ERROR
            body['error']['message'] = body['error']['message'].format(ex)
        os.remove(zip_temp_dir)

        return Response(body)
示例#23
0
def do(data, resource):
    body = {}
    params = data['params']
    permissions = sorted(Permission.all())
    body['permissions'] = permissions
    return Response(body)
示例#24
0
def do(data, resource):
    body = {}
    params = data['params']
    partitions = resource.db_get_partitions()
    body['items'] = partitions
    return Response(body)
示例#25
0
def do(data, resource):
    body = {}
    partition = 'session'
    count = resource.db_get_count(partition)
    body['item'] = {'count': count}
    return Response(body)