def get_addr_groups_op(self, request, arg): try: def cb(res): request.write(simplejson.dumps(res)) request.finish() gtype_str = get_principal_type_from_args(arg) gtype = groupname_to_type[gtype_str] if gtype == Directory.NWADDR_GROUP: addr = create_cidr_ipaddr(arg['<address>'].encode('utf-8')) elif gtype == Directory.DLADDR_GROUP: addr = create_eaddr(arg['<address>'].encode('utf-8')) else: return webservice.badRequest( request, "Could not retrieve " "address groups: invalid address type.") if addr is None: return webservice.badRequest( request, "Could not retrieve " "address groups: invalid address format.") d = self.dm.get_group_membership(gtype, addr) d.addCallback(cb) d.addErrback(self.err, request, "get_group_parents", "Could not retrieve address groups.") return NOT_DONE_YET except Exception, e: return self.err(Failure(), request, "get_addr_groups", "Could not retrieve address groups.")
def shutdown(self, request, arg): try: content = json_parse_message_body(request) if content == None: return webservice.badRequest(request, "Unable to parse message body.") if not content in self.shutdown_scripts: return webservice.badRequest(request, "Cannot shutdown '%s'." % content) d = defer.Deferred() args = self.shutdown_scripts[content] env = dict(os.environ) process = reactor.spawnProcess(OutputGrabber(d), self.shutdown_scripts[content][0], args=args, env=env) def success(output): lg.debug("Shutdown completed:\n%s" % output) def error(failure): lg.error("Shutdown did not complete:\n%s" % str(failure)) d.addCallback(success).\ addErrback(error) return simplejson.dumps(True) except Exception, e: return self.err(Failure(), request, "shutdown", "Could not shutdown the system/process.")
def render_POST(self,request): try: if "req" not in request.args: webservice.badRequest(request, "POST did not include a 'req' argument") return webservice.NOT_DONE_YET req = request.args["req"][0] fp = hashlib.sha1(req).hexdigest() def err(res): lg.error("error submitting pki sign req: %s" % str(res)) webservice.internalError(request, "server error: %s" % str(res)) def write_ok(res): request.write(fp) request.finish() def find_slot_ok(slot_id): data = [fp,req] d = self.simple_config.set_config(REQUEST_SEC_ID,{slot_id : data}) d.addCallbacks(write_ok,err) d = self.find_next_slot() d.addCallbacks(find_slot_ok,err) return webservice.NOT_DONE_YET except Exception,e: lg.error("exception: " + str(e)) webservice.badRequest(request, "failed to get CSR") return webservice.NOT_DONE_YET
def put_interface(self, request, arg): try: intf = cfg_interface() content = json_parse_message_body(request) if content == None: return webservice.badRequest(request, "Unable to parse message body.") try: if not 'name' in content: return webservice.badRequest(request, "Cannot configure interface: Name parameter not present.") intf.name = str(content['name']) if 'hwaddr' in content: intf.hwaddr = str(content['hwaddr']) if 'ip4addr' in content: intf.ip4addr = str(content['ip4addr']) if 'ip4mask' in content: intf.ip4mask = str(content['ip4mask']) if 'ip4bcast' in content: intf.ip4bcast = str(content['ip4bcast']) if 'ip4gw' in content: intf.ip4gw = str(content['ip4gw']) if 'ip4dns' in content: intf.ip4dns = str(content['ip4dns']) if 'dhcp' in content: intf.dhcp = content['dhcp'] except Exception, e: f = Failure() lg.error("put_interface_config: error reading interface information from request:" + str(f)) return webservice.badRequest(request,"Cannot configure interface: invalid content parameters.") self.cfg.set_interface(intf) return simplejson.dumps(True)
def member_op_start(self, request, arg, otype_str): try: groupname = arg["<group name>"] groupdir = arg["<group dir>"] mangled_group = mangle_name(groupdir, groupname) membername = arg["<member name>"] memberdir = arg.get("<member dir>") ptype_str = get_principal_type_from_args(arg) ctype_str = find_value_in_args(arg, ["principal", "address", "subgroup"]) if memberdir == self.dm.discovered_dir.name: return webservice.badRequest( request, "Discovered principals " "may not be added to groups; try moving principal to " "a persistent directory first.", ) ptype = groupname_to_type[ptype_str] is_address = ctype_str == "address" if is_address and ptype == Directory_Factory.DLADDR_GROUP: mangled_member = create_eaddr(membername.encode("utf-8")) elif is_address and ptype == Directory_Factory.NWADDR_GROUP: mangled_member = create_cidr_ipaddr(membername.encode("utf-8")) else: mangled_member = mangle_name(memberdir, membername) if mangled_member is None: return webservice.badRequest(request, "Invalid group member parameter: '%s'" % membername) d = self.dm.get_group(ptype, mangled_group) f = lambda x: self.member_op(request, x, mangled_member, ptype_str, otype_str, ctype_str) d.addCallback(f) d.addErrback(self.err, request, "member_op_start", "Could not retrieve group.") return NOT_DONE_YET except Exception, e: return self.err(Failure(), request, "member_op_start", "Could not retrieve group.")
def render_POST(self, request): try: if "req" not in request.args: webservice.badRequest(request, "POST did not include a 'req' argument") return webservice.NOT_DONE_YET req = request.args["req"][0] fp = hashlib.sha1(req).hexdigest() def err(res): lg.error("error submitting pki sign req: %s" % str(res)) webservice.internalError(request, "server error: %s" % str(res)) def write_ok(res): request.write(fp) request.finish() def find_slot_ok(slot_id): data = [fp, req] d = self.simple_config.set_config(REQUEST_SEC_ID, {slot_id: data}) d.addCallbacks(write_ok, err) d = self.find_next_slot() d.addCallbacks(find_slot_ok, err) return webservice.NOT_DONE_YET except Exception, e: lg.error("exception: " + str(e)) webservice.badRequest(request, "failed to get CSR") return webservice.NOT_DONE_YET
def post_config_base64(self,request, arg): try: section_id = arg['<section>'] content = {} boundary = None content_type = request.getHeader("Content-Type") for field in content_type.split("; "): arr = field.split("=") if arr[0] == "boundary": boundary = arr[1] break if not boundary: lg.error("Could not find boundary in multipart request") return webservice.badRequest(request, \ "Could not find boundary to parse multipart/form-data") if str(type(request.content)) == "<type 'cStringIO.StringO'>": multipart_str = str(request.content.getvalue()).lower() elif isinstance(request.content,file): multipart_str = request.content.read() else: lg.error("request.content has unknown type '%s'" % \ str(type(request.content))) return webservice.internalError(request,"Cannot handle request.content type.") multipart_arr = multipart_str.split(boundary) for key,value in request.args.iteritems(): if key == "section_id": continue # TODO: figure out how to stop this in javascript content[key] = [ base64.b64encode(value[0])] found = False for chunk in multipart_arr: if chunk.find("name=\""+key+"\"") >= 0: start_index = chunk.find("content-type:") end_index = chunk.find("\n",start_index) content [key + "_content_type"] = \ chunk[start_index:end_index].split(" ")[1].strip() start_index = chunk.find("filename=") q1_index = chunk.find("\"", start_index) q2_index = chunk.find("\"", q1_index + 1) content [key + "_filename"] = chunk[(q1_index + 1):q2_index] found = True break if not found: msg = "Could not find Content-Type in multipart/form-data for item %s" % key lg.error("post_config_base64: %s" % msg) return webservice.badRequest(request, msg) request.setHeader("Content-Type", "text/plain") return self.set_config_common(request,section_id,content) except Exception, e: return self.err(Failure(), request, "post_config_base64", "Could not set key.")
def __post_rules__(self, tmp, request, data, content): if not content.has_key('policy_id'): return webservice.badRequest(request, 'Request must include policy id to update.') elif content['policy_id'] != self.policy.policy_id: return webservice.conflictError(request, 'Cannot apply changes to old policy id %u.' % content['policy_id']) if not content.has_key('rules'): return webservice.badRequest(request, 'Request must include array of new policy rules.') d = self.__categorize_rules__(content['rules']) d.addCallbacks(self.__post_rules2__, self.badReq, (request,), None, (request, "post_rules")) return d
def put_record_rule_senders(self, request, data): try: content = webservice.json_parse_message_body(request) if content == None: return webservice.badRequest(request, "Unable to parse message body.") elif not self.policy.set_record_rule_senders(data['<rule id>'], content['record_senders']): return webservice.badRequest(request, "Could not set record senders for rule ID %u." % data['<rule id>']) return "Success" except Exception, e: return self.err(Failure(), request, "put_record_rule_senders", "Could not set record rule senders field.")
def member_op(self, request, group_info, member, ptype_str, otype_str, ctype_str): try: def ok(res): def unicode_(s, encoding): if isinstance(s, unicode): return s return unicode(s, encoding) members = [] for member in res[0]: if not isinstance(member, basestring): member = str(member) members.append(unicode_(member, 'utf-8')) subgroups = [ unicode_(subgroup, 'utf-8') for subgroup in res[1] ] res_str = [members, subgroups] request.write(simplejson.dumps(res_str)) request.finish() if group_info is None: return webservice.badRequest(request, "Group does not exist.") exists = is_member(group_info, member, ctype_str) if otype_str == "add" and exists: return webservice.badRequest(request, "%s is already a %s in the group." \ % (member,ctype_str)) if otype_str != "add" and not exists: return webservice.notFound(request, "%s %s not found in group." \ % (ctype_str.capitalize(),member)) if otype_str == "": # special case, this is just a membership test # if the request got this far, return success request.finish() return ptype = groupname_to_type[ptype_str] method_name = otype_str + "_group_members" f = getattr(self.dm, method_name) if ctype_str in ["principal", "address"]: d = f(ptype, group_info.name, (member, ), ()) else: # 'subgroup' case d = f(ptype, group_info.name, (), (member, )) d.addCallback(ok) d.addErrback(self.err, request, "%s member_op" % method_name, "Could not %s." % method_name) return NOT_DONE_YET except Exception, e: return self.err(Failure(), request, "member_op", "Could not perform group operation.")
def put_record_rule_senders(self, request, data): try: content = webservice.json_parse_message_body(request) if content == None: return webservice.badRequest(request, "Unable to parse message body.") elif not self.policy.set_record_rule_senders( data['<rule id>'], content['record_senders']): return webservice.badRequest( request, "Could not set record senders for rule ID %u." % data['<rule id>']) return "Success" except Exception, e: return self.err(Failure(), request, "put_record_rule_senders", "Could not set record rule senders field.")
def __put_analysis__(self, tmp, request, data, content): if not content.has_key('rules'): return webservice.badRequest(request, 'Request must include array of policy rules to analyze.') d = self.__categorize_rules__(request, content['rules']) d.addCallbacks(self.__put_analysis2__, self.badReq, (request,), None, (request, "put_analysis")) return d
def set_port_name_config_bool(self, request, arg, switch_info, maskbit): try: dpid = switch_info.dpid.as_host() if dpid not in self.switchstats.dp_stats: return webservice.notFound(request, "Switch not active to set config.") portname = arg['<port name>'] port = None for p in self.switchstats.dp_stats[dpid]['ports']: if p['name'] == portname: port = p break if port is None: return webservice.notFound(request, "Port not active to set config.") content = json_parse_message_body(request) if content != True and content != False: return webservice.badRequest(request, "Excepts a boolean value as message body.") port_no = port['port_no'] hw_addr = port['hw_addr'].replace('-',':') mask = 0 | maskbit if content: config = 0 else: config = 0xffffffff ret = self.switchstats.send_port_mod(dpid, port_no, hw_addr, mask, config) request.write(simplejson.dumps(ret)) request.finish() return NOT_DONE_YET except Exception, e: return self.err(Failure(), request, "set_port_name_config", "Could not set port name config.")
def _change_search_order(self, request, arg): def err_specific(res): if isinstance(res.value, DirectoryException) \ and res.value.code == DirectoryException.NONEXISTING_NAME: lg.error( "Bad request: _change_search_order received nonexisting_name: %s" % str(res)) return webservice.badRequest(request, res.value.message) return self.err(res, request, "_change_search_order", "Could not change search order.") try: content = json_parse_message_body(request) if content == None: return webservice.badRequest(request, "Unable to parse message body.") def ok(res): request.write(simplejson.dumps(res)) request.finish() d = self._dm.set_search_order(content) d.addCallback(ok) d.addErrback(err_specific) return NOT_DONE_YET except Exception, e: err_specific(Failure())
def err_specific(res): if isinstance(res.value, DirectoryException) \ and res.value.code == DirectoryException.NONEXISTING_NAME: lg.error("Bad request: _change_search_order received nonexisting_name: %s" % str(res)) return webservice.badRequest(request, res.value.message) return self.err(res, request, "_change_search_order", "Could not change search order.")
def member_op(self, request, group_info, member, ptype_str, otype_str, ctype_str): try: def ok(res): def unicode_(s, encoding): if isinstance(s, unicode): return s return unicode(s, encoding) members = [] for member in res[0]: if not isinstance(member, basestring): member = str(member) members.append(unicode_(member, "utf-8")) subgroups = [unicode_(subgroup, "utf-8") for subgroup in res[1]] res_str = [members, subgroups] request.write(simplejson.dumps(res_str)) request.finish() if group_info is None: return webservice.badRequest(request, "Group does not exist.") exists = is_member(group_info, member, ctype_str) if otype_str == "add" and exists: return webservice.badRequest(request, "%s is already a %s in the group." % (member, ctype_str)) if otype_str != "add" and not exists: return webservice.notFound(request, "%s %s not found in group." % (ctype_str.capitalize(), member)) if otype_str == "": # special case, this is just a membership test # if the request got this far, return success request.finish() return ptype = groupname_to_type[ptype_str] method_name = otype_str + "_group_members" f = getattr(self.dm, method_name) if ctype_str in ["principal", "address"]: d = f(ptype, group_info.name, (member,), ()) else: # 'subgroup' case d = f(ptype, group_info.name, (), (member,)) d.addCallback(ok) d.addErrback(self.err, request, "%s member_op" % method_name, "Could not %s." % method_name) return NOT_DONE_YET except Exception, e: return self.err(Failure(), request, "member_op", "Could not perform group operation.")
def group_op(self, request, group_info, mangled_group, ptype_str, otype_str): try: def ok(res): if isinstance(res, GroupInfo): request.write(simplejson.dumps(res.to_str_dict())) else: request.write(simplejson.dumps(res)) request.finish() is_get_op = otype_str == "get" or otype_str == "principal" or otype_str == "subgroup" if group_info is None and (is_get_op or otype_str == "del"): return webservice.notFound(request, "Group %s does not exist." % mangled_group) # read operations finish here. this includes 'get','principal' # and 'subgroup' otype_str if is_get_op: str_dict = group_info.to_str_dict() if otype_str == "get": request.write(simplejson.dumps(str_dict)) elif otype_str == "principal": request.write(simplejson.dumps(str_dict["member_names"])) elif otype_str == "subgroup": request.write(simplejson.dumps(str_dict["subgroup_names"])) request.finish() return # only otype_str == 'add' or 'del' continues to this point ptype = groupname_to_type[ptype_str] if otype_str == "add": content = json_parse_message_body(request) if content == None: return webservice.badRequest(request, "Unable to parse message body.") if group_info is None: content["name"] = mangled_group d = getattr(self.dm, "add_group")(ptype, GroupInfo.from_str_dict(content)) elif len(content) == 1 and content.has_key("name"): d = getattr(self.dm, "rename_group")(ptype, mangled_group, content["name"], "", "") else: content["name"] = mangled_group d = getattr(self.dm, "modify_group")(ptype, GroupInfo.from_str_dict(content)) else: # delete d = getattr(self.dm, "del_group")(ptype, mangled_group) d.addCallback(ok) d.addErrback( self.err, request, "%s %s group_op" % (otype_str, ptype_str), "Could not perform %s group operation." % ptype_str, ) return NOT_DONE_YET except Exception, e: return self.err( Failure(), request, "%s %s group_op" % (otype_str, ptype_str), "Could not perform %s group operation." % ptype_str, )
def __post_rules__(self, tmp, request, data, content): if not content.has_key('policy_id'): return webservice.badRequest( request, 'Request must include policy id to update.') elif content['policy_id'] != self.policy.policy_id: return webservice.conflictError( request, 'Cannot apply changes to old policy id %u.' % content['policy_id']) if not content.has_key('rules'): return webservice.badRequest( request, 'Request must include array of new policy rules.') d = self.__categorize_rules__(content['rules']) d.addCallbacks(self.__post_rules2__, self.badReq, (request, ), None, (request, "post_rules")) return d
def do_set_creds(self, request, arg): try: def _ok(res): ret = {Directory.AUTH_SIMPLE : []} if len(res): ret[Directory.AUTH_SIMPLE].append(res[0].to_str_dict()) request.write(simplejson.dumps(ret)) request.finish() user_name = arg["<principal name>"] dir_name = arg["<dir name>"] content = json_parse_message_body(request) if content == None: return webservice.badRequest(request, "Unable to parse message body.") pwcreds = [] enabled_auth_types = self.dm.get_directory_instance(dir_name)._instance.get_enabled_auth_types() for credtype, credlist in content.items(): if not isinstance(credlist, list): return webservice.badRequest(request, "Credentials must be a list") if credtype not in enabled_auth_types or credtype != Directory.AUTH_SIMPLE: return webservice.badRequest(request, "Unsupported credential type '%s'" %credtype) if len(credlist) > 1: return webservice.badRequest(request, "Only one "+Directory.AUTH_SIMPLE + " credential may be supplied") for pwdict in credlist: pwcred = PasswordCredential.from_str_dict(pwdict) if pwcred.password is None: return webservice.badRequest(request, "Invalid "+Directory.AUTH_SIMPLE + " credential supplied") pwcreds.append(pwcred) d = self.dm.put_credentials(Directory.USER_PRINCIPAL, user_name, pwcreds, dir_name=dir_name) d.addCallback(_ok) d.addErrback(self.err, request, "do_set_creds", "Could not set credential information.") return NOT_DONE_YET except Exception, e: return self.err(Failure(), request, "do_set_creds", "Could not set credential information.")
def __delete_rule__(self, tmp, request, data): id = data['<rule id>'] if not self.policy.remove_rule(id): return webservice.badRequest(request, "Could not remove rule %u." % id) d = self.policy.apply(request.getSession().user.username) d.addCallback(self.write_policy_id, request) return d
def get_policy_names(self, request, data): try: content = web_arg_utils.flatten_args(request.args) keys = ['inport', 'dpsrc', 'dlsrc', 'dldst', 'nwsrc', 'nwdst'] for key in keys: if not content.has_key(key): return webservice.badRequest(request, "Must include '%s' argument." % key) try: dp = create_datapathid_from_host(long(content['dpsrc'])) if dp == None: return webservice.badRequest(request, "Invalid datapath ID.") except ValueError, e: return webservice.badRequest(request, "Invalid datapath.") try: port = int(content['inport']) except ValueError, e: return webservice.badRequest(request, "Invalid inport.")
def _modify_dir(self, request, arg): try: def _config_set(res): ep = convert_map_name_to_type(content["enabled_principals"]) d = di.set_enabled_principals(ep) d.addCallback(_enabled_principals_set) return d def _enabled_principals_set(res): d = di.set_enabled_auth_types(content["enabled_auth_types"]) d.addCallback(_enabled_auth_set) return d def _enabled_auth_set(res): if content["name"] != dname: lg.error("TODO: implement renaming directories") item = self._convert_instance_to_dict(instance) ret = simplejson.dumps(item) request.write(ret) request.finish() dname = arg['<dir name>'] content = json_parse_message_body(request) if content is None: return webservice.badRequest(request, "Unable to parse message body.") if request.args.get('add', ['false'])[0].lower() == 'true': return self._add_dir(request, dname, content) instance = self._dm.get_directory_instance(dname) if instance is None: return webservice.badRequest( request, "Could not modify " "directory: directory named '%s' does not exist" % dname) # otherwise, proceed with normal modify di = instance._instance d = di.set_config_params(content["config_params"]) d.addCallback(_config_set) d.addErrback(self.err, request, "_modify_dir", "Could not modify directory.") return NOT_DONE_YET except Exception, e: return self.err(Failure(), request, "_modify_dir", "Could not add/modify directory.")
def err_specific(res): if isinstance(res.value, DirectoryException) \ and res.value.code == DirectoryException.NONEXISTING_NAME: lg.error( "Bad request: _change_search_order received nonexisting_name: %s" % str(res)) return webservice.badRequest(request, res.value.message) return self.err(res, request, "_change_search_order", "Could not change search order.")
def _modify_dir(self,request,arg): try: def _config_set(res): ep = convert_map_name_to_type(content["enabled_principals"]) d = di.set_enabled_principals(ep) d.addCallback(_enabled_principals_set) return d def _enabled_principals_set(res): d = di.set_enabled_auth_types(content["enabled_auth_types"]) d.addCallback(_enabled_auth_set) return d def _enabled_auth_set(res): if content["name"] != dname: lg.error("TODO: implement renaming directories") item = self._convert_instance_to_dict(instance) ret = simplejson.dumps(item) request.write(ret) request.finish() dname = arg['<dir name>'] content = json_parse_message_body(request) if content is None: return webservice.badRequest(request, "Unable to parse message body.") if request.args.get('add', ['false'])[0].lower() == 'true': return self._add_dir(request, dname, content) instance = self._dm.get_directory_instance(dname) if instance is None: return webservice.badRequest(request,"Could not modify " "directory: directory named '%s' does not exist" %dname) # otherwise, proceed with normal modify di = instance._instance d = di.set_config_params(content["config_params"]) d.addCallback(_config_set) d.addErrback(self.err, request, "_modify_dir", "Could not modify directory.") return NOT_DONE_YET except Exception, e: return self.err(Failure(), request, "_modify_dir", "Could not add/modify directory.")
def get_policy_names(self, request, data): try: content = web_arg_utils.flatten_args(request.args) keys = ['inport', 'dpsrc', 'dlsrc', 'dldst', 'nwsrc', 'nwdst'] for key in keys: if not content.has_key(key): return webservice.badRequest( request, "Must include '%s' argument." % key) try: dp = create_datapathid_from_host(long(content['dpsrc'])) if dp == None: return webservice.badRequest(request, "Invalid datapath ID.") except ValueError, e: return webservice.badRequest(request, "Invalid datapath.") try: port = int(content['inport']) except ValueError, e: return webservice.badRequest(request, "Invalid inport.")
def put_config_from_request(self,request, arg): try: section_id = arg['<section>'] content = webservice.json_parse_message_body(request) if content == None: return webservice.badRequest(request, "Unable to parse message body.") return self.set_config_common(request,section_id,content) except Exception, e: return self.err(Failure(), request, "put_config_from_request", "Could not set config.")
def __put_analysis__(self, tmp, request, data, content): if not content.has_key('rules'): return webservice.badRequest( request, 'Request must include array of policy rules to analyze.') d = self.__categorize_rules__(request, content['rules']) d.addCallbacks(self.__put_analysis2__, self.badReq, (request, ), None, (request, "put_analysis")) return d
def send_switch_command(self, request, arg, switch_info): try: dpid = switch_info.dpid.as_host() content = json_parse_message_body(request) if content == None: return webservice.badRequest(request,"Unable to parse message body.") if type(content) != type({}): return webservice.badRequest(request,"Bad message body, expecting dict.") if 'command' not in content: return webservice.badRequest(request,"No 'command' key in put") args = [] if 'args' in content: args = content['args'] res = self.dm.send_switch_command(dpid, content['command'], args) request.write(simplejson.dumps(res)) request.finish() return NOT_DONE_YET except Exception, e: return self.err(Failure(), request, "send_switch_command", "Sending command failed.")
def get_rule_stats(self, request, data): try: stats = self.policy.get_rule_stats(data['<rule id>']) if stats == None: return webservice.badRequest(request, "Could not retrieve rule stats for ID %u." % data['<rule id>']) stats['sender_macs'] = [ str(eth) for eth in stats['sender_macs'] ] return simplejson.dumps(stats) except Exception, e: return self.err(Failure(), request, "get_rule_stats", "Could not retrieve policy rule stats.")
def render_GET(self, request): if "req" not in request.args: webservice.badRequest(request, "POST did not include a 'req' argument") return webservice.NOT_DONE_YET fp = request.args["fp"][0] print "trying to retreive cert with fingerprint = '%s'" def err(res): lg.error("Error looking for signed cert: %s" % str(res)) webservice.internalError(request, "server error: %s" % str(res)) def find_cert(cert_dict): if fp in cert_dict: request.write(cert_dict[fp]) request.finish() else: webservice.notFound(request, "No approved cert with fingerprint = '%s'" % fp) d = self.simple_config.get_config(CERT_SEC_ID) d.addCallbacks(get_slot,err) return webservice.NOT_DONE_YET
def _add_table_row(self, request, arg): schema = arg[self.dbschema.dbname] table_name = arg["<db table name>"] row = webservice.json_parse_message_body(request) if row == None: return webservice.NOT_DONE_YET e = base_storagews._errors_in_row(schema, table_name, row, noGUID=True) if len(e) != 0: errmsg = "Errors in message body:" + "\n - ".join(e) return webservice.badRequest(request, errmsg) p = self.op_cls(self.db, schema, request) p.doPut(table_name, row) return webservice.NOT_DONE_YET
def get_rule_stats(self, request, data): try: stats = self.policy.get_rule_stats(data['<rule id>']) if stats == None: return webservice.badRequest( request, "Could not retrieve rule stats for ID %u." % data['<rule id>']) stats['sender_macs'] = [str(eth) for eth in stats['sender_macs']] return simplejson.dumps(stats) except Exception, e: return self.err(Failure(), request, "get_rule_stats", "Could not retrieve policy rule stats.")
def member_op_start(self, request, arg, otype_str): try: groupname = arg['<group name>'] groupdir = arg['<group dir>'] mangled_group = mangle_name(groupdir, groupname) membername = arg['<member name>'] memberdir = arg.get('<member dir>') ptype_str = get_principal_type_from_args(arg) ctype_str = find_value_in_args( arg, ["principal", "address", "subgroup"]) if memberdir == self.dm.discovered_dir.name: return webservice.badRequest( request, "Discovered principals " "may not be added to groups; try moving principal to " "a persistent directory first.") ptype = groupname_to_type[ptype_str] is_address = ctype_str == "address" if is_address and ptype == Directory_Factory.DLADDR_GROUP: mangled_member = create_eaddr(membername.encode('utf-8')) elif is_address and ptype == Directory_Factory.NWADDR_GROUP: mangled_member = create_cidr_ipaddr(membername.encode('utf-8')) else: mangled_member = mangle_name(memberdir, membername) if mangled_member is None: return webservice.badRequest( request, "Invalid group member parameter: '%s'" % membername) d = self.dm.get_group(ptype, mangled_group) f = lambda x: self.member_op(request, x, mangled_member, ptype_str, otype_str, ctype_str) d.addCallback(f) d.addErrback(self.err, request, "member_op_start", "Could not retrieve group.") return NOT_DONE_YET except Exception, e: return self.err(Failure(), request, "member_op_start", "Could not retrieve group.")
def put_rule(self, request, data): try: content = webservice.json_parse_message_body(request) if content == None: return webservice.badRequest(request, "Unable to parse message body.") d = self.policy.lock_policy() d.addCallback(self.__put_rule__, request, data, content) d.addBoth(self.unlock_policy) d.addErrback(self.err, request, "put_rule", "Could not modify rule.") except Exception, e: return self.err(Failure(), request, "put_rule", "Could not modify rule.")
def put_interface(self, request, arg): try: intf = cfg_interface() content = json_parse_message_body(request) if content == None: return webservice.badRequest(request, "Unable to parse message body.") try: if not 'name' in content: return webservice.badRequest( request, "Cannot configure interface: Name parameter not present." ) intf.name = str(content['name']) if 'hwaddr' in content: intf.hwaddr = str(content['hwaddr']) if 'ip4addr' in content: intf.ip4addr = str(content['ip4addr']) if 'ip4mask' in content: intf.ip4mask = str(content['ip4mask']) if 'ip4bcast' in content: intf.ip4bcast = str(content['ip4bcast']) if 'ip4gw' in content: intf.ip4gw = str(content['ip4gw']) if 'ip4dns' in content: intf.ip4dns = str(content['ip4dns']) if 'dhcp' in content: intf.dhcp = content['dhcp'] except Exception, e: f = Failure() lg.error( "put_interface_config: error reading interface information from request:" + str(f)) return webservice.badRequest( request, "Cannot configure interface: invalid content parameters.") self.cfg.set_interface(intf) return simplejson.dumps(True)
def put_analysis(self, request, data): try: content = webservice.json_parse_message_body(request) if content == None: return webservice.badRequest(request, "Unable to parse message body.") d = self.policy.lock_policy() d.addCallback(self.__put_analysis__, request, data, content) d.addBoth(self.unlock_policy) d.addErrback(self.err, request, "put_analysis", "Could not analyze rules.") return webservice.NOT_DONE_YET except Exception, e: return self.err(Failure(), request, "put_analysis", "Could not analyze rules.")
def get_addr_groups_op(self, request, arg): try: def cb(res): request.write(simplejson.dumps(res)) request.finish() gtype_str = get_principal_type_from_args(arg) gtype = groupname_to_type[gtype_str] if gtype == Directory.NWADDR_GROUP: addr = create_cidr_ipaddr(arg["<address>"].encode("utf-8")) elif gtype == Directory.DLADDR_GROUP: addr = create_eaddr(arg["<address>"].encode("utf-8")) else: return webservice.badRequest(request, "Could not retrieve " "address groups: invalid address type.") if addr is None: return webservice.badRequest(request, "Could not retrieve " "address groups: invalid address format.") d = self.dm.get_group_membership(gtype, addr) d.addCallback(cb) d.addErrback(self.err, request, "get_group_parents", "Could not retrieve address groups.") return NOT_DONE_YET except Exception, e: return self.err(Failure(), request, "get_addr_groups", "Could not retrieve address groups.")
def modify_protocol(request, data): try: content = webservice.json_parse_message_body(request) if content == None: return webservice.badRequest(request, "Unable to parse message body.") d = to_protocol_tup(request, content) d.addCallback(__modify_protocol2__, request, data) d.addErrback(err, request, "modify_protocol", "Could not modify protocol.") return webservice.NOT_DONE_YET except Exception, e: return err(Failure(), request, "modify_protocol", "Could not modify protocol.")
def render_GET(self, request): if "req" not in request.args: webservice.badRequest(request, "POST did not include a 'req' argument") return webservice.NOT_DONE_YET fp = request.args["fp"][0] print "trying to retreive cert with fingerprint = '%s'" def err(res): lg.error("Error looking for signed cert: %s" % str(res)) webservice.internalError(request, "server error: %s" % str(res)) def find_cert(cert_dict): if fp in cert_dict: request.write(cert_dict[fp]) request.finish() else: webservice.notFound( request, "No approved cert with fingerprint = '%s'" % fp) d = self.simple_config.get_config(CERT_SEC_ID) d.addCallbacks(get_slot, err) return webservice.NOT_DONE_YET
def _do_auth_event(self, request, arg): content = json_parse_message_body(request) try : type = Auth_event.AUTHENTICATE if "type" in content and content["type"] == "deauthenticate": type = Auth_event.DEAUTHENTICATE ni = NetInfo.from_str_dict(content) hostname =str(content.get("hostname",Authenticator.get_unknown_name())) username =str(content.get("username", Authenticator.get_unknown_name())) ae = Auth_event(type, ni.dpid, ni.port, ni.dladdr,ni.nwaddr,False, hostname, username, 0, 0) self.post(ae) return "[]" except Exception , e : traceback.print_exc() return webservice.badRequest(request, str(e))
def _do_auth_event(self, request, arg): content = json_parse_message_body(request) try: type = Auth_event.AUTHENTICATE if "type" in content and content["type"] == "deauthenticate": type = Auth_event.DEAUTHENTICATE ni = NetInfo.from_str_dict(content) hostname = str( content.get("hostname", Authenticator.get_unknown_name())) username = str( content.get("username", Authenticator.get_unknown_name())) ae = Auth_event(type, ni.dpid, ni.port, ni.dladdr, ni.nwaddr, False, hostname, username, 0, 0) self.post(ae) return "[]" except Exception, e: traceback.print_exc() return webservice.badRequest(request, str(e))
def _update_table_row(self, request, arg): schema = arg[self.dbschema.dbname] table_name = arg["<db table name>"] guid = arg["<db row guid>"] row = webservice.json_parse_message_body(request) if row == None: return webservice.NOT_DONE_YET e = base_storagews._errors_in_row(schema, table_name, row, noGUID=False) if guid != row["GUID"]: e.append("GUID in message body must match GUID in URI.") if len(e) != 0: errmsg = "The following error(s) were found:\n\n - " errmsg += "\n - ".join(e) return webservice.badRequest(request, errmsg) # TBD: remove this hack when storage API supports python # TBD: unicode strings. base_storagews._strip_unicode_in_dict(row) p = self.op_cls(self.db, schema, request) p.doModifyRow(table_name, row) return webservice.NOT_DONE_YET
def _do_user_deauth(self, request, arg): try: dirname = arg['<dir name>'] name = arg['<principal name>'] mangled_name = mangle_name(dirname,name) def cb(entity_list): if len(entity_list) == 0: msg = "User '%s' is not currently authenticated. No entries removed." % \ (mangled_name) request.write(simplejson.dumps(msg)) request.finish() return for e in entity_list: dpid = datapathid.from_host(e[0]) port = e[1] dladdr = ethernetaddr(e[2]) nwaddr = e[3] hostname = Authenticator.get_unknown_name() username = mangled_name ae = Auth_event(Auth_event.DEAUTHENTICATE, dpid, port, dladdr,nwaddr, False, hostname, username, 0, 0) self.post(ae) msg = "successfully removed %s user entries for '%s'" % \ (len(entity_list), mangled_name) request.write(simplejson.dumps(msg)) request.finish() self.bs.get_entities_by_name(mangled_name,Name.USER,cb) return NOT_DONE_YET except Exception, e: traceback.print_exc() return webservice.badRequest(request,"Invalid URL parameters: %s" % e)
def _do_user_deauth(self, request, arg): try: dirname = arg['<dir name>'] name = arg['<principal name>'] mangled_name = mangle_name(dirname, name) def cb(entity_list): if len(entity_list) == 0: msg = "User '%s' is not currently authenticated. No entries removed." % \ (mangled_name) request.write(simplejson.dumps(msg)) request.finish() return for e in entity_list: dpid = datapathid.from_host(e[0]) port = e[1] dladdr = ethernetaddr(e[2]) nwaddr = e[3] hostname = Authenticator.get_unknown_name() username = mangled_name ae = Auth_event(Auth_event.DEAUTHENTICATE, dpid, port, dladdr, nwaddr, False, hostname, username, 0, 0) self.post(ae) msg = "successfully removed %s user entries for '%s'" % \ (len(entity_list), mangled_name) request.write(simplejson.dumps(msg)) request.finish() self.bs.get_entities_by_name(mangled_name, Name.USER, cb) return NOT_DONE_YET except Exception, e: traceback.print_exc() return webservice.badRequest(request, "Invalid URL parameters: %s" % e)
def _change_search_order(self, request, arg): def err_specific(res): if isinstance(res.value, DirectoryException) \ and res.value.code == DirectoryException.NONEXISTING_NAME: lg.error("Bad request: _change_search_order received nonexisting_name: %s" % str(res)) return webservice.badRequest(request, res.value.message) return self.err(res, request, "_change_search_order", "Could not change search order.") try: content = json_parse_message_body(request) if content == None: return webservice.badRequest(request,"Unable to parse message body.") def ok(res): request.write(simplejson.dumps(res)) request.finish() d = self._dm.set_search_order(content) d.addCallback(ok) d.addErrback(err_specific) return NOT_DONE_YET except Exception, e: err_specific(Failure())
def set_port_name_config(self, request, arg, switch_info): try: dpid = switch_info.dpid.as_host() if dpid not in self.switchstats.dp_stats: return webservice.notFound(request, "Switch not active to set config.") portname = arg['<port name>'] port = None for p in self.switchstats.dp_stats[dpid]['ports']: if p['name'] == portname: port = p break if port is None: return webservice.notFound(request, "Port not active to set config.") content = json_parse_message_body(request) if content == None: return webservice.badRequest(request,"Unable to parse message body.") port_no = port['port_no'] hw_addr = port['hw_addr'].replace('-',':') config = 0 mask = 0 if 'flood' in content: mask |= openflow.OFPPC_NO_FLOOD if content['flood'] == False: config |= openflow.OFPPC_NO_FLOOD if 'enabled' in content: mask |= openflow.OFPPC_PORT_DOWN if content['enabled'] == False: config |= openflow.OFPPC_PORT_DOWN ret = self.switchstats.send_port_mod(dpid, port_no, hw_addr, mask, config) request.write(simplejson.dumps(ret)) request.finish() return NOT_DONE_YET except Exception, e: return self.err(Failure(), request, "set_port_name_config", "Could not set port name config.")
def group_op(self, request, group_info, mangled_group, ptype_str, otype_str): try: def ok(res): if isinstance(res, GroupInfo): request.write(simplejson.dumps(res.to_str_dict())) else: request.write(simplejson.dumps(res)) request.finish() is_get_op = otype_str == "get" or otype_str == "principal" \ or otype_str == "subgroup" if group_info is None and (is_get_op or otype_str == "del"): return webservice.notFound( request, "Group %s does not exist." % mangled_group) # read operations finish here. this includes 'get','principal' # and 'subgroup' otype_str if is_get_op: str_dict = group_info.to_str_dict() if otype_str == "get": request.write(simplejson.dumps(str_dict)) elif otype_str == "principal": request.write(simplejson.dumps(str_dict["member_names"])) elif otype_str == "subgroup": request.write(simplejson.dumps(str_dict["subgroup_names"])) request.finish() return # only otype_str == 'add' or 'del' continues to this point ptype = groupname_to_type[ptype_str] if otype_str == "add": content = json_parse_message_body(request) if content == None: return webservice.badRequest( request, "Unable to parse message body.") if group_info is None: content["name"] = mangled_group d = getattr(self.dm, "add_group")(ptype, GroupInfo.from_str_dict(content)) elif len(content) == 1 and content.has_key('name'): d = getattr(self.dm, "rename_group")(ptype, mangled_group, content['name'], '', '') else: content["name"] = mangled_group d = getattr(self.dm, "modify_group")( ptype, GroupInfo.from_str_dict(content)) else: # delete d = getattr(self.dm, "del_group")(ptype, mangled_group) d.addCallback(ok) d.addErrback(self.err, request, "%s %s group_op" % (otype_str, ptype_str), "Could not perform %s group operation." % ptype_str) return NOT_DONE_YET except Exception, e: return self.err( Failure(), request, "%s %s group_op" % (otype_str, ptype_str), "Could not perform %s group operation." % ptype_str)