def proceed_with_node(): """ Read the node configuration for the node process. If needed, the database file is created and initialized as well. If it fails, it returns None and prints the reason of the failure (so the caller may not bother doing it). @returns: The port-to-node_settings mapping, like C{settings.get_my_nodes_settings()}; or None if failed for some reason. @rtype: dict, NoneType """ settings.configure_logging(postfix='common') node_settings_map = settings.get_my_nodes_settings() rel_db_url = settings.get_common().rel_db_url db.init(rel_db_url, SQLALCHEMY_ECHO) node_common_settings = settings.get_common() try: ds.init(fast_db_url=node_common_settings.fast_db_url, big_db_url=node_common_settings.big_db_url) except ds.MongoDBInitializationException as e: print(u'MongoDB problem: {}'.format(e)) else: # Create the database if the file is missing or 0 bytes long. if not db.RDB.is_schema_initialized: print('Initializing database schema...') try: db.create_node_db_schema() except Exception: cli_error('cannot create the RDB schema:\n%s', traceback.format_exc()) else: print('Successfully initialized.') else: # If the database is available, launch maintenance procedures. with db.RDB() as rdbw: Queries.System.maintenance(rdbw) logger.debug('Maintenance done') __migrate_if_needed() return node_settings_map
def test_web_download(arguments): node_map = proceed_with_node() if len(arguments) < 3: cli_error(u'You must pass at least 3 arguments to this command: ' u'the dataset UUID , ' u'base directory of the file, ' u'and the relative path of the file.' .format(op=op_name)) else: ds_uuid = try_parse_uuid(arguments.popleft()) base_dir = arguments.popleft() rel_path = arguments.popleft() edition = settings.get_common().edition print(u'Downloading file from dataset {}, base directory {}, ' u'path {}' .format(ds_uuid, base_dir, rel_path)) with db.RDB() as rdbw, ds.BDB() as bdbw: cr = data_ops.get_cryptographer(ds_uuid, edition, rdbw) file_data = data_ops.download_file(ds_uuid, base_dir, rel_path, edition, rdbw) result_filename = os.path.basename(rel_path) logger.debug('Writing to file %r %i bytes long', result_filename, file_data.size) with open(result_filename, 'wb') as fh: # Preallocate file if file_data.size: fh.seek(file_data.size - 1) fh.write('\x00') fh.seek(0) # Now write the file contents. try: for bl in data_ops.get_file_of_blocks_gen( file_data.blocks, cr, bdbw=bdbw): fh.write(bl) except BDBQueries.Chunks.NoChunkException as e: logger.error('Problem while downloading the file: %s', e) print(u'Error: file {!r} cannot be created!'.format( result_filename))
def on_end(self): # By this time, whatever process to determine the host UUID # for the user we use, we've definitely completed it, # and the proper host UUID is present in the source message. _host = self.message.src _message = self.message _ack = self.message_ack = self.message.reply() if _host is None: _ack.ack_result = 'fail' elif self.manager.app.known_hosts.is_peer_alive(_host.uuid): _ack.ack_result = 'dual login' else: _ack.ack_result = 'ok' _ack.ack_host_uuid = _host.uuid with db.RDB() as rdbw: user_groups = list( Queries.Inhabitants.get_groups_for_user( _host.user.name, rdbw)) thost_uuids = \ {h.uuid for h in TrustedQueries.HostAtNode .get_all_trusted_hosts( rdbw=rdbw)} is_trusted_host = _host.uuid in thost_uuids _ack.ack_username = self.message.src.user.name _ack.ack_groups = user_groups logger.debug('For user %r, %s %r, groups are: %r', _ack.ack_username, 'trusted host' if is_trusted_host else 'host', _host.uuid, _ack.ack_groups) # If we have an SSL request, create the certificate _req = _message.cert_request if _req is not None: assert isinstance(_req, crypto.X509Req), \ repr(_req) subj = _req.get_subject() if not ssl.validate_host_req(_req): # Need explicit str() here, as subj is non-pickleable! logger.warning('%s probably trying to spoof himself: %r', _host.uuid, str(subj)) else: # Force CN to be the host UUID subj.commonName = str(_host.uuid) node_cert = get_common().ssl_cert node_key = get_common().ssl_pkey _key_duration = ssl.OPENSSL_TRUSTED_HOST_KEY_DURATION \ if is_trusted_host \ else ssl.OPENSSL_HOST_KEY_DURATION _ack.ack_ssl_cert = \ ssl.createCertificate( _req, node_cert, node_key, notAfter=long(_key_duration.total_seconds())) self.manager.post_message(self.message_ack)
def on_end(self): # By this time, whatever process to determine the host UUID # for the user we use, we've definitely completed it, # and the proper host UUID is present in the source message. _host = self.message.src _message = self.message _ack = self.message_ack = self.message.reply() if _host is None: _ack.ack_result = 'fail' elif self.manager.app.known_hosts.is_peer_alive(_host.uuid): _ack.ack_result = 'dual login' else: _ack.ack_result = 'ok' _ack.ack_host_uuid = _host.uuid with db.RDB() as rdbw: user_groups = list(Queries.Inhabitants .get_groups_for_user(_host.user.name, rdbw)) thost_uuids = \ {h.uuid for h in TrustedQueries.HostAtNode .get_all_trusted_hosts( rdbw=rdbw)} is_trusted_host = _host.uuid in thost_uuids _ack.ack_username = self.message.src.user.name _ack.ack_groups = user_groups logger.debug('For user %r, %s %r, groups are: %r', _ack.ack_username, 'trusted host' if is_trusted_host else 'host', _host.uuid, _ack.ack_groups) # If we have an SSL request, create the certificate _req = _message.cert_request if _req is not None: assert isinstance(_req, crypto.X509Req), \ repr(_req) subj = _req.get_subject() if not ssl.validate_host_req(_req): # Need explicit str() here, as subj is non-pickleable! logger.warning('%s probably trying to spoof himself: %r', _host.uuid, str(subj)) else: # Force CN to be the host UUID subj.commonName = str(_host.uuid) node_cert = get_common().ssl_cert node_key = get_common().ssl_pkey _key_duration = ssl.OPENSSL_TRUSTED_HOST_KEY_DURATION \ if is_trusted_host \ else ssl.OPENSSL_HOST_KEY_DURATION _ack.ack_ssl_cert = \ ssl.createCertificate( _req, node_cert, node_key, notAfter=long(_key_duration.total_seconds())) self.manager.post_message(self.message_ack)