def update_db_version(self):
# update version updater settings
try:
updater_settings_values = UpdaterModule.__DEFAULT_SETTINGS__
ssr = SystemSettingsReader(self.setup_database_manager)
try:
updater_settings_values = ssr.get_all_values_from_section(
'updater')
updater_setting_instance = UpdateSettings(
**updater_settings_values)
except Exception:
# create updater section if not exist
system_setting_writer: SystemSettingsWriter = SystemSettingsWriter(
self.setup_database_manager)
updater_setting_instance = UpdateSettings(
**updater_settings_values)
system_setting_writer.write(
_id='updater', data=updater_setting_instance.__dict__)
# start running update files
updater_setting_instance.run_updates(
updater_settings_values.get('version'), ssr)
except Exception as err:
self.status = UpdateRoutine.UpateStatus.ERROR
raise RuntimeError(
f'Something went wrong during the generation of the updater module. \n Error: {err}'
)
def has_updates(self) -> bool:
"""
check if updates are available
Returns: True else raise error
"""
from cmdb.updater import UpdaterModule
from cmdb.utils.system_reader import SystemSettingsReader, SectionError
try:
ssr = SystemSettingsReader(self.setup_database_manager)
ssr.get_all_values_from_section('updater')
upd_module = UpdaterModule(ssr)
new_version = upd_module.get_last_version()['version']
current_version = upd_module.settings.version
if new_version > current_version:
LOGGER.error(
f'Please run an update. There are new updates available.'
f'Current Updater Version: {current_version} '
f'Newest Update Version: {new_version}'
)
return False
except SectionError as err:
LOGGER.error(err.message)
return False
return True
def __init__(self, database_manager: DatabaseManagerMongo):
"""
Args:
key_directory: key based directory
"""
self.ssr = SystemSettingsReader(database_manager)
self.rsa_public = self.get_public_key()
self.rsa_private = self.get_private_key()
def increase_updater_version(self, value: int):
ssr = SystemSettingsReader(self.database_manager)
system_setting_writer: SystemSettingsWriter = SystemSettingsWriter(
self.database_manager)
updater_settings_values = ssr.get_all_values_from_section('updater')
updater_setting_instance = UpdateSettings(**updater_settings_values)
updater_setting_instance.version = value
system_setting_writer.write(_id='updater',
data=updater_setting_instance.__dict__)
def __init__(self, key_directory=None):
"""
Args:
key_directory: key based directory
"""
self.scr = SystemConfigReader()
self.__dbm = DatabaseManagerMongo(
**self.scr.get_all_values_from_section('Database'))
self.ssr = SystemSettingsReader(self.__dbm)
self.rsa_public = self.get_public_key()
self.rsa_private = self.get_private_key()
def run_updates(self, version: int, ssr: SystemSettingsReader):
from cmdb.updater import UpdaterModule
ssr.get_all_values_from_section('updater')
updater_instance = UpdaterModule(ssr)
versions = updater_instance.__UPDATER_VERSIONS_POOL__
current_version = updater_instance.get_last_version()['version']
for num, file in enumerate(sorted(versions)):
if current_version > version:
process_bar('Process', len(versions), num + 1)
updater_class = load_class(
f'cmdb.updater.versions.updater_{current_version}.Update{current_version}'
)
updater_instance = updater_class()
updater_instance.start_update()
def __init__(self, database_manager: DatabaseManagerMongo = None):
self.key_holder = KeyHolder()
self.header = {'alg': 'RS512'}
self.database_manager = database_manager or DatabaseManagerMongo(
**SystemConfigReader().get_all_values_from_section('Database'))
self.auth_module = AuthModule(
SystemSettingsReader(self.database_manager))
def parse_authorization_header(header):
"""
Parses the HTTP Auth Header to a JWT Token
Args:
header: Authorization header of the HTTP Request
Examples:
request.headers['Authorization'] or something same
Returns:
Valid JWT token
"""
if not header:
return None
value = wsgi_to_bytes(header)
try:
auth_type, auth_info = value.split(None, 1)
auth_type = auth_type.lower()
except ValueError:
# Fallback for old versions
auth_type = b"bearer"
auth_info = value
if auth_type == b"basic":
try:
username, password = base64.b64decode(auth_info).split(b":", 1)
with current_app.app_context():
username = to_unicode(username, "utf-8")
password = to_unicode(password, "utf-8")
user_manager: UserManager = UserManager(
current_app.database_manager)
auth_module = AuthModule(
SystemSettingsReader(current_app.database_manager))
try:
user_instance = auth_module.login(user_manager, username,
password)
except Exception as e:
return None
if user_instance:
tg = TokenGenerator(current_app.database_manager)
return tg.generate_token(payload={
'user': {
'public_id': user_instance.get_public_id()
}
})
else:
return None
except Exception:
return None
if auth_type == b"bearer":
try:
tv = TokenValidator()
decoded_token = tv.decode_token(auth_info)
tv.validate_token(decoded_token)
return auth_info
except Exception:
return None
return None
class KeyHolder:
def __init__(self, database_manager: DatabaseManagerMongo):
"""
Args:
key_directory: key based directory
"""
self.ssr = SystemSettingsReader(database_manager)
self.rsa_public = self.get_public_key()
self.rsa_private = self.get_private_key()
def get_public_key(self):
return self.ssr.get_value('asymmetric_key', 'security')['public']
def get_private_key(self):
return self.ssr.get_value('asymmetric_key', 'security')['private']
def __init__(self, database_manager: DatabaseManagerMongo = None):
self.key_holder = KeyHolder(database_manager)
self.header = {'alg': 'RS512'}
self.database_manager = database_manager
self.auth_module = AuthModule(
SystemSettingsReader(
self.database_manager).get_all_values_from_section(
'auth', default=AuthModule.__DEFAULT_SETTINGS__))
class KeyHolder:
def __init__(self, key_directory=None):
"""
Args:
key_directory: key based directory
"""
self.scr = SystemConfigReader()
self.__dbm = DatabaseManagerMongo(
**self.scr.get_all_values_from_section('Database'))
self.ssr = SystemSettingsReader(self.__dbm)
self.rsa_public = self.get_public_key()
self.rsa_private = self.get_private_key()
def get_public_key(self):
return self.ssr.get_value('asymmetric_key', 'security')['public']
def get_private_key(self):
return self.ssr.get_value('asymmetric_key', 'security')['private']
def __init__(self, database_manager):
self.ssr = SystemSettingsReader(database_manager)
self.ssw = SystemSettingsWriter(database_manager)
self.salt = "cmdb"
class SecurityManager:
DEFAULT_BLOCK_SIZE = 32
DEFAULT_ALG = 'HS512'
DEFAULT_EXPIRES = int(10)
def __init__(self, database_manager):
self.ssr = SystemSettingsReader(database_manager)
self.ssw = SystemSettingsWriter(database_manager)
self.salt = "cmdb"
def generate_hmac(self, data):
import hashlib
import hmac
generated_hash = hmac.new(self.get_symmetric_aes_key(),
bytes(data + self.salt, 'utf-8'),
hashlib.sha256)
generated_hash.hexdigest()
return base64.b64encode(generated_hash.digest()).decode("utf-8")
def encrypt_aes(self, raw):
"""
see https://stackoverflow.com/questions/12524994/encrypt-decrypt-using-pycrypto-aes-256
:param raw: unencrypted data
:return:
"""
if type(raw) == list:
import json
from bson import json_util
raw = json.dumps(raw, default=json_util.default)
raw = SecurityManager._pad(raw).encode('UTF-8')
iv = Random.new().read(AES.block_size)
cipher = AES.new(self.get_symmetric_aes_key(), AES.MODE_CBC, iv)
return base64.b64encode(iv + cipher.encrypt(raw))
def decrypt_aes(self, enc):
enc = base64.b64decode(enc)
iv = enc[:AES.block_size]
cipher = AES.new(self.get_symmetric_aes_key(), AES.MODE_CBC, iv)
return SecurityManager._unpad(cipher.decrypt(
enc[AES.block_size:])).decode('utf-8')
@staticmethod
def _pad(s):
return s + (SecurityManager.DEFAULT_BLOCK_SIZE - len(s) % SecurityManager.DEFAULT_BLOCK_SIZE) * \
chr(SecurityManager.DEFAULT_BLOCK_SIZE - len(s) % SecurityManager.DEFAULT_BLOCK_SIZE)
@staticmethod
def _unpad(s):
return s[:-ord(s[len(s) - 1:])]
def generate_symmetric_aes_key(self):
return self.ssw.write(
'security', {'symmetric_aes_key': Random.get_random_bytes(32)})
def get_symmetric_aes_key(self):
try:
symmetric_key = self.ssr.get_value('symmetric_aes_key', 'security')
except NoDocumentFound:
self.generate_symmetric_aes_key()
symmetric_key = self.ssr.get_value('symmetric_aes_key', 'security')
return symmetric_key
@staticmethod
def encode_object_base_64(data: object):
from bson.json_util import dumps
return base64.b64encode(dumps(data).encode('utf-8')).decode("utf-8")
LOGGER = logging.getLogger(__name__)
try:
from cmdb.utils.error import CMDBError
except ImportError:
CMDBError = Exception
settings_blueprint = RootBlueprint('settings_rest',
__name__,
url_prefix='/settings')
with current_app.app_context():
from cmdb.interface.rest_api.settings_routes.system_routes import system_blueprint
settings_blueprint.register_nested_blueprint(system_blueprint)
system_settings_reader = SystemSettingsReader(
database_manager=current_app.database_manager)
@settings_blueprint.route('/<string:section>/', methods=['GET'])
@settings_blueprint.route('/<string:section>', methods=['GET'])
@login_required
@insert_request_user
@right_required('base.system.view')
def get_settings_from_section(section: str, request_user: User):
section_settings = system_settings_reader.get_all_values_from_section(
section=section)
if len(section_settings) < 1:
return make_response([], 204)
return make_response(section_settings)
