def put(self, instance, ref_or_id): op = 'PUT /policies/%s/' % ref_or_id db_model = self._get_by_ref_or_id(ref_or_id=ref_or_id) LOG.debug('%s found object: %s', op, db_model) db_model_id = db_model.id try: validate_not_part_of_system_pack(db_model) except ValueValidationException as e: LOG.exception('%s unable to update object from system pack.', op) abort(http_client.BAD_REQUEST, str(e)) if not getattr(instance, 'pack', None): instance.pack = db_model.pack try: db_model = self.model.to_model(instance) db_model.id = db_model_id db_model = self.access.add_or_update(db_model) except (ValidationError, ValueError) as e: LOG.exception('%s unable to update object: %s', op, db_model) abort(http_client.BAD_REQUEST, str(e)) return LOG.debug('%s updated object: %s', op, db_model) LOG.audit('Policy updated. Policy.id=%s' % (db_model.id), extra={'policy_db': db_model}) return self.model.from_model(db_model)
def put(self, triggertype, triggertype_ref_or_id): triggertype_db = self._get_by_ref_or_id(ref_or_id=triggertype_ref_or_id) triggertype_id = triggertype_db.id try: validate_not_part_of_system_pack(triggertype_db) except ValueValidationException as e: abort(http_client.BAD_REQUEST, str(e)) try: triggertype_db = TriggerTypeAPI.to_model(triggertype) if triggertype.id is not None and len(triggertype.id) > 0 and \ triggertype.id != triggertype_id: LOG.warning('Discarding mismatched id=%s found in payload and using uri_id=%s.', triggertype.id, triggertype_id) triggertype_db.id = triggertype_id old_triggertype_db = triggertype_db triggertype_db = TriggerType.add_or_update(triggertype_db) except (ValidationError, ValueError) as e: LOG.exception('Validation failed for triggertype data=%s', triggertype) abort(http_client.BAD_REQUEST, str(e)) return extra = {'old_triggertype_db': old_triggertype_db, 'new_triggertype_db': triggertype_db} LOG.audit('TriggerType updated. TriggerType.id=%s' % (triggertype_db.id), extra=extra) triggertype_api = TriggerTypeAPI.from_model(triggertype_db) return triggertype_api
def delete(self, ref_or_id): """ Delete a policy. Handles requests: POST /policies/1?_method=delete DELETE /policies/1 DELETE /policies/mypack.mypolicy """ op = 'DELETE /policies/%s/' % ref_or_id db_model = self._get_by_ref_or_id(ref_or_id=ref_or_id) LOG.debug('%s found object: %s', op, db_model) try: validate_not_part_of_system_pack(db_model) except ValueValidationException as e: LOG.exception('%s unable to delete object from system pack.', op) abort(http_client.BAD_REQUEST, str(e)) try: self.access.delete(db_model) except Exception as e: LOG.exception('%s unable to delete object: %s', op, db_model) abort(http_client.INTERNAL_SERVER_ERROR, str(e)) return LOG.debug('%s deleted object: %s', op, db_model) LOG.audit('Policy deleted. Policy.id=%s' % (db_model.id), extra={'policy_db': db_model}) return None
def delete(self, action_ref_or_id): """ Delete an action. Handles requests: POST /actions/1?_method=delete DELETE /actions/1 DELETE /actions/mypack.myaction """ action_db = self._get_by_ref_or_id(ref_or_id=action_ref_or_id) action_id = action_db.id try: validate_not_part_of_system_pack(action_db) except ValueValidationException as e: abort(http_client.BAD_REQUEST, str(e)) LOG.debug('DELETE /actions/ lookup with ref_or_id=%s found object: %s', action_ref_or_id, action_db) try: Action.delete(action_db) except Exception as e: LOG.error('Database delete encountered exception during delete of id="%s". ' 'Exception was %s', action_id, e) abort(http_client.INTERNAL_SERVER_ERROR, str(e)) return extra = {'action_db': action_db} LOG.audit('Action deleted. Action.id=%s' % (action_db.id), extra=extra) return None
def put(self, triggertype_ref_or_id, triggertype): try: triggertype_db = self._get_by_ref_or_id(ref_or_id=triggertype_ref_or_id) except Exception as e: LOG.exception(e.message) abort(http_client.NOT_FOUND, e.message) return triggertype_id = triggertype_db.id try: validate_not_part_of_system_pack(triggertype_db) except ValueValidationException as e: abort(http_client.BAD_REQUEST, str(e)) try: triggertype_db = TriggerTypeAPI.to_model(triggertype) if triggertype.id is not None and len(triggertype.id) > 0 and \ triggertype.id != triggertype_id: LOG.warning('Discarding mismatched id=%s found in payload and using uri_id=%s.', triggertype.id, triggertype_id) triggertype_db.id = triggertype_id old_triggertype_db = triggertype_db triggertype_db = TriggerType.add_or_update(triggertype_db) except (ValidationError, ValueError) as e: LOG.exception('Validation failed for triggertype data=%s', triggertype) abort(http_client.BAD_REQUEST, str(e)) return extra = {'old_triggertype_db': old_triggertype_db, 'new_triggertype_db': triggertype_db} LOG.audit('TriggerType updated. TriggerType.id=%s' % (triggertype_db.id), extra=extra) triggertype_api = TriggerTypeAPI.from_model(triggertype_db) return triggertype_api
def put(self, action_ref_or_id, action): action_db = self._get_by_ref_or_id(ref_or_id=action_ref_or_id) action_id = action_db.id try: validate_not_part_of_system_pack(action_db) except ValueValidationException as e: abort(http_client.BAD_REQUEST, str(e)) if not getattr(action, 'pack', None): action.pack = action_db.pack try: action_validator.validate_action(action) except ValueValidationException as e: abort(http_client.BAD_REQUEST, str(e)) return try: action_db = ActionAPI.to_model(action) action_db.id = action_id action_db = Action.add_or_update(action_db) except (ValidationError, ValueError) as e: LOG.exception('Unable to update action data=%s', action) abort(http_client.BAD_REQUEST, str(e)) return action_api = ActionAPI.from_model(action_db) LOG.debug('PUT /actions/ client_result=%s', action_api) return action_api
def delete(self, triggertype_ref_or_id): """ Delete a triggertype. Handles requests: DELETE /triggertypes/1 DELETE /triggertypes/pack.name """ LOG.info('DELETE /triggertypes/ with ref_or_id=%s', triggertype_ref_or_id) triggertype_db = self._get_by_ref_or_id(ref_or_id=triggertype_ref_or_id) triggertype_id = triggertype_db.id try: validate_not_part_of_system_pack(triggertype_db) except ValueValidationException as e: abort(http_client.BAD_REQUEST, str(e)) try: TriggerType.delete(triggertype_db) except Exception as e: LOG.exception('Database delete encountered exception during delete of id="%s". ', triggertype_id) abort(http_client.INTERNAL_SERVER_ERROR, str(e)) return else: extra = {'triggertype': triggertype_db} LOG.audit('TriggerType deleted. TriggerType.id=%s' % (triggertype_db.id), extra=extra) if not triggertype_db.parameters_schema: TriggerTypeController._delete_shadow_trigger(triggertype_db) return Response(status=http_client.NO_CONTENT)
def delete(self, triggertype_ref_or_id): """ Delete a triggertype. Handles requests: DELETE /triggertypes/1 DELETE /triggertypes/pack.name """ LOG.info('DELETE /triggertypes/ with ref_or_id=%s', triggertype_ref_or_id) triggertype_db = self._get_by_ref_or_id(ref_or_id=triggertype_ref_or_id) triggertype_id = triggertype_db.id try: validate_not_part_of_system_pack(triggertype_db) except ValueValidationException as e: abort(http_client.BAD_REQUEST, six.text_type(e)) try: TriggerType.delete(triggertype_db) except Exception as e: LOG.exception('Database delete encountered exception during delete of id="%s". ', triggertype_id) abort(http_client.INTERNAL_SERVER_ERROR, six.text_type(e)) return else: extra = {'triggertype': triggertype_db} LOG.audit('TriggerType deleted. TriggerType.id=%s' % (triggertype_db.id), extra=extra) if not triggertype_db.parameters_schema: TriggerTypeController._delete_shadow_trigger(triggertype_db) return Response(status=http_client.NO_CONTENT)
def post(self, action): """ Create a new action. Handles requests: POST /actions/ """ # Perform validation validate_not_part_of_system_pack(action) action_validator.validate_action(action) # Write pack data files to disk (if any are provided) data_files = getattr(action, 'data_files', []) written_data_files = [] if data_files: written_data_files = self._handle_data_files(pack_name=action.pack, data_files=data_files) action_model = ActionAPI.to_model(action) LOG.debug('/actions/ POST verified ActionAPI object=%s', action) action_db = Action.add_or_update(action_model) LOG.debug('/actions/ POST saved ActionDB object=%s', action_db) # Dispatch an internal trigger for each written data file. This way user # automate comitting this files to git using StackStorm rule if written_data_files: self._dispatch_trigger_for_written_data_files( action_db=action_db, written_data_files=written_data_files) extra = {'acion_db': action_db} LOG.audit('Action created. Action.id=%s' % (action_db.id), extra=extra) action_api = ActionAPI.from_model(action_db) return action_api
def delete(self, action_ref_or_id): """ Delete an action. Handles requests: POST /actions/1?_method=delete DELETE /actions/1 DELETE /actions/mypack.myaction """ action_db = self._get_by_ref_or_id(ref_or_id=action_ref_or_id) action_id = action_db.id try: validate_not_part_of_system_pack(action_db) except ValueValidationException as e: abort(http_client.BAD_REQUEST, str(e)) LOG.debug('DELETE /actions/ lookup with ref_or_id=%s found object: %s', action_ref_or_id, action_db) try: Action.delete(action_db) except Exception as e: LOG.error( 'Database delete encountered exception during delete of id="%s". ' 'Exception was %s', action_id, e) abort(http_client.INTERNAL_SERVER_ERROR, str(e)) return extra = {'action_db': action_db} LOG.audit('Action deleted. Action.id=%s' % (action_db.id), extra=extra) return None
def post(self, action): """ Create a new action. Handles requests: POST /actions/ """ # Perform validation validate_not_part_of_system_pack(action) action_validator.validate_action(action) # Write pack data files to disk (if any are provided) data_files = getattr(action, 'data_files', []) written_data_files = [] if data_files: written_data_files = self._handle_data_files(pack_name=action.pack, data_files=data_files) action_model = ActionAPI.to_model(action) LOG.debug('/actions/ POST verified ActionAPI object=%s', action) action_db = Action.add_or_update(action_model) LOG.debug('/actions/ POST saved ActionDB object=%s', action_db) # Dispatch an internal trigger for each written data file. This way user # automate comitting this files to git using StackStorm rule if written_data_files: self._dispatch_trigger_for_written_data_files(action_db=action_db, written_data_files=written_data_files) extra = {'acion_db': action_db} LOG.audit('Action created. Action.id=%s' % (action_db.id), extra=extra) action_api = ActionAPI.from_model(action_db) return action_api
def post(self, action, requester_user): """ Create a new action. Handles requests: POST /actions/ """ permission_type = PermissionType.ACTION_CREATE rbac_utils = get_rbac_backend().get_utils_class() rbac_utils.assert_user_has_resource_api_permission( user_db=requester_user, resource_api=action, permission_type=permission_type) try: # Perform validation validate_not_part_of_system_pack(action) action_validator.validate_action(action) except ( ValidationError, ValueError, ValueValidationException, InvalidActionParameterException, ) as e: LOG.exception("Unable to create action data=%s", action) abort(http_client.BAD_REQUEST, six.text_type(e)) return # Write pack data files to disk (if any are provided) data_files = getattr(action, "data_files", []) written_data_files = [] if data_files: written_data_files = self._handle_data_files(pack_ref=action.pack, data_files=data_files) action_model = ActionAPI.to_model(action) LOG.debug("/actions/ POST verified ActionAPI object=%s", action) action_db = Action.add_or_update(action_model) LOG.debug("/actions/ POST saved ActionDB object=%s", action_db) # Dispatch an internal trigger for each written data file. This way user # automate comitting this files to git using StackStorm rule if written_data_files: self._dispatch_trigger_for_written_data_files( action_db=action_db, written_data_files=written_data_files) extra = {"acion_db": action_db} LOG.audit("Action created. Action.id=%s" % (action_db.id), extra=extra) action_api = ActionAPI.from_model(action_db) return Response(json=action_api, status=http_client.CREATED)
def put(self, action, ref_or_id, requester_user): action_db = self._get_by_ref_or_id(ref_or_id=ref_or_id) # Assert permissions permission_type = PermissionType.ACTION_MODIFY rbac_utils = get_rbac_backend().get_utils_class() rbac_utils.assert_user_has_resource_db_permission( user_db=requester_user, resource_db=action_db, permission_type=permission_type, ) action_id = action_db.id if not getattr(action, "pack", None): action.pack = action_db.pack # Perform validation validate_not_part_of_system_pack(action) action_validator.validate_action(action) # Write pack data files to disk (if any are provided) data_files = getattr(action, "data_files", []) written_data_files = [] if data_files: written_data_files = self._handle_data_files(pack_ref=action.pack, data_files=data_files) try: action_db = ActionAPI.to_model(action) LOG.debug("/actions/ PUT incoming action: %s", action_db) action_db.id = action_id action_db = Action.add_or_update(action_db) LOG.debug("/actions/ PUT after add_or_update: %s", action_db) except (ValidationError, ValueError) as e: LOG.exception("Unable to update action data=%s", action) abort(http_client.BAD_REQUEST, six.text_type(e)) return # Dispatch an internal trigger for each written data file. This way user # automate committing this files to git using StackStorm rule if written_data_files: self._dispatch_trigger_for_written_data_files( action_db=action_db, written_data_files=written_data_files) action_api = ActionAPI.from_model(action_db) LOG.debug("PUT /actions/ client_result=%s", action_api) return action_api
def post(self, action, requester_user): """ Create a new action. Handles requests: POST /actions/ """ permission_type = PermissionType.ACTION_CREATE rbac_utils = get_rbac_backend().get_utils_class() rbac_utils.assert_user_has_resource_api_permission(user_db=requester_user, resource_api=action, permission_type=permission_type) try: # Perform validation validate_not_part_of_system_pack(action) action_validator.validate_action(action) except (ValidationError, ValueError, ValueValidationException, InvalidActionParameterException) as e: LOG.exception('Unable to create action data=%s', action) abort(http_client.BAD_REQUEST, six.text_type(e)) return # Write pack data files to disk (if any are provided) data_files = getattr(action, 'data_files', []) written_data_files = [] if data_files: written_data_files = self._handle_data_files(pack_ref=action.pack, data_files=data_files) action_model = ActionAPI.to_model(action) LOG.debug('/actions/ POST verified ActionAPI object=%s', action) action_db = Action.add_or_update(action_model) LOG.debug('/actions/ POST saved ActionDB object=%s', action_db) # Dispatch an internal trigger for each written data file. This way user # automate comitting this files to git using StackStorm rule if written_data_files: self._dispatch_trigger_for_written_data_files(action_db=action_db, written_data_files=written_data_files) extra = {'acion_db': action_db} LOG.audit('Action created. Action.id=%s' % (action_db.id), extra=extra) action_api = ActionAPI.from_model(action_db) return Response(json=action_api, status=http_client.CREATED)
def put(self, action, ref_or_id, requester_user): action_db = self._get_by_ref_or_id(ref_or_id=ref_or_id) # Assert permissions permission_type = PermissionType.ACTION_MODIFY rbac_utils = get_rbac_backend().get_utils_class() rbac_utils.assert_user_has_resource_db_permission(user_db=requester_user, resource_db=action_db, permission_type=permission_type) action_id = action_db.id if not getattr(action, 'pack', None): action.pack = action_db.pack # Perform validation validate_not_part_of_system_pack(action) action_validator.validate_action(action) # Write pack data files to disk (if any are provided) data_files = getattr(action, 'data_files', []) written_data_files = [] if data_files: written_data_files = self._handle_data_files(pack_ref=action.pack, data_files=data_files) try: action_db = ActionAPI.to_model(action) LOG.debug('/actions/ PUT incoming action: %s', action_db) action_db.id = action_id action_db = Action.add_or_update(action_db) LOG.debug('/actions/ PUT after add_or_update: %s', action_db) except (ValidationError, ValueError) as e: LOG.exception('Unable to update action data=%s', action) abort(http_client.BAD_REQUEST, six.text_type(e)) return # Dispatch an internal trigger for each written data file. This way user # automate committing this files to git using StackStorm rule if written_data_files: self._dispatch_trigger_for_written_data_files(action_db=action_db, written_data_files=written_data_files) action_api = ActionAPI.from_model(action_db) LOG.debug('PUT /actions/ client_result=%s', action_api) return action_api
def delete(self, ref_or_id, requester_user): """ Delete an action. Handles requests: POST /actions/1?_method=delete DELETE /actions/1 DELETE /actions/mypack.myaction """ action_db = self._get_by_ref_or_id(ref_or_id=ref_or_id) action_id = action_db.id permission_type = PermissionType.ACTION_DELETE rbac_utils = get_rbac_backend().get_utils_class() rbac_utils.assert_user_has_resource_db_permission( user_db=requester_user, resource_db=action_db, permission_type=permission_type, ) try: validate_not_part_of_system_pack(action_db) except ValueValidationException as e: abort(http_client.BAD_REQUEST, six.text_type(e)) LOG.debug( "DELETE /actions/ lookup with ref_or_id=%s found object: %s", ref_or_id, action_db, ) try: Action.delete(action_db) except Exception as e: LOG.error( 'Database delete encountered exception during delete of id="%s". ' "Exception was %s", action_id, e, ) abort(http_client.INTERNAL_SERVER_ERROR, six.text_type(e)) return extra = {"action_db": action_db} LOG.audit("Action deleted. Action.id=%s" % (action_db.id), extra=extra) return Response(status=http_client.NO_CONTENT)
def put(self, sensor_type, ref_or_id, requester_user): # Note: Right now this function only supports updating of "enabled" # attribute on the SensorType model. # The reason for that is that SensorTypeAPI.to_model right now only # knows how to work with sensor type definitions from YAML files. sensor_type_db = self._get_by_ref_or_id(ref_or_id=ref_or_id) permission_type = PermissionType.SENSOR_MODIFY rbac_utils = get_rbac_backend().get_utils_class() rbac_utils.assert_user_has_resource_db_permission( user_db=requester_user, resource_db=sensor_type_db, permission_type=permission_type, ) sensor_type_id = sensor_type_db.id try: validate_not_part_of_system_pack(sensor_type_db) except ValueValidationException as e: abort(http_client.BAD_REQUEST, six.text_type(e)) return if not getattr(sensor_type, "pack", None): sensor_type.pack = sensor_type_db.pack try: old_sensor_type_db = sensor_type_db sensor_type_db.id = sensor_type_id sensor_type_db.enabled = getattr(sensor_type, "enabled", False) sensor_type_db = SensorType.add_or_update(sensor_type_db) except (ValidationError, ValueError) as e: LOG.exception("Unable to update sensor_type data=%s", sensor_type) abort(http_client.BAD_REQUEST, six.text_type(e)) return extra = { "old_sensor_type_db": old_sensor_type_db, "new_sensor_type_db": sensor_type_db, } LOG.audit("Sensor updated. Sensor.id=%s." % (sensor_type_db.id), extra=extra) sensor_type_api = SensorTypeAPI.from_model(sensor_type_db) return sensor_type_api
def put(self, instance, ref_or_id, requester_user): op = "PUT /policies/%s/" % ref_or_id db_model = self._get_by_ref_or_id(ref_or_id=ref_or_id) LOG.debug("%s found object: %s", op, db_model) permission_type = PermissionType.POLICY_MODIFY rbac_utils = get_rbac_backend().get_utils_class() rbac_utils.assert_user_has_resource_db_permission( user_db=requester_user, resource_db=db_model, permission_type=permission_type, ) db_model_id = db_model.id try: validate_not_part_of_system_pack(db_model) except ValueValidationException as e: LOG.exception("%s unable to update object from system pack.", op) abort(http_client.BAD_REQUEST, six.text_type(e)) if not getattr(instance, "pack", None): instance.pack = db_model.pack try: db_model = self.model.to_model(instance) db_model.id = db_model_id db_model = self.access.add_or_update(db_model) except (ValidationError, ValueError) as e: LOG.exception("%s unable to update object: %s", op, db_model) abort(http_client.BAD_REQUEST, six.text_type(e)) return LOG.debug("%s updated object: %s", op, db_model) LOG.audit( "Policy updated. Policy.id=%s" % (db_model.id), extra={"policy_db": db_model}, ) exec_result = self.model.from_model(db_model) return Response(json=exec_result, status=http_client.OK)
def put(self, triggertype_ref_or_id, triggertype): LOG.info( 'PUT /triggertypes/ with triggertype ref_or_id=%s and data=%s', triggertype_ref_or_id, triggertype) try: triggertype_db = self._get_by_ref_or_id( ref_or_id=triggertype_ref_or_id) except Exception as e: LOG.exception(e.message) abort(http_client.NOT_FOUND, e.message) return triggertype_id = triggertype_db.id try: validate_not_part_of_system_pack(triggertype_db) except ValueValidationException as e: abort(http_client.BAD_REQUEST, str(e)) try: triggertype_db = TriggerTypeAPI.to_model(triggertype) if triggertype.id is not None and len(triggertype.id) > 0 and \ triggertype.id != triggertype_id: LOG.warning( 'Discarding mismatched id=%s found in payload and using uri_id=%s.', triggertype.id, triggertype_id) triggertype_db.id = triggertype_id old_triggertype_db = triggertype_db triggertype_db = TriggerType.add_or_update(triggertype_db) except (ValidationError, ValueError) as e: LOG.exception('Validation failed for triggertype data=%s', triggertype) abort(http_client.BAD_REQUEST, str(e)) return LOG.audit( 'TriggerType updated. TriggerType=%s and original TriggerType=%s', triggertype_db, old_triggertype_db) triggertype_api = TriggerTypeAPI.from_model(triggertype_db) LOG.debug('PUT /triggertypes/ client_result=%s', triggertype_api) return triggertype_api
def delete(self, ref_or_id, requester_user): """ Delete a policy. Handles requests: POST /policies/1?_method=delete DELETE /policies/1 DELETE /policies/mypack.mypolicy """ op = "DELETE /policies/%s/" % ref_or_id db_model = self._get_by_ref_or_id(ref_or_id=ref_or_id) LOG.debug("%s found object: %s", op, db_model) permission_type = PermissionType.POLICY_DELETE rbac_utils = get_rbac_backend().get_utils_class() rbac_utils.assert_user_has_resource_db_permission( user_db=requester_user, resource_db=db_model, permission_type=permission_type, ) try: validate_not_part_of_system_pack(db_model) except ValueValidationException as e: LOG.exception("%s unable to delete object from system pack.", op) abort(http_client.BAD_REQUEST, six.text_type(e)) try: self.access.delete(db_model) except Exception as e: LOG.exception("%s unable to delete object: %s", op, db_model) abort(http_client.INTERNAL_SERVER_ERROR, six.text_type(e)) return LOG.debug("%s deleted object: %s", op, db_model) LOG.audit( "Policy deleted. Policy.id=%s" % (db_model.id), extra={"policy_db": db_model}, ) # return None return Response(status=http_client.NO_CONTENT)
def put(self, sensor_type, ref_or_id, requester_user): # Note: Right now this function only supports updating of "enabled" # attribute on the SensorType model. # The reason for that is that SensorTypeAPI.to_model right now only # knows how to work with sensor type definitions from YAML files. sensor_type_db = self._get_by_ref_or_id(ref_or_id=ref_or_id) permission_type = PermissionType.SENSOR_MODIFY rbac_utils = get_rbac_backend().get_utils_class() rbac_utils.assert_user_has_resource_db_permission(user_db=requester_user, resource_db=sensor_type_db, permission_type=permission_type) sensor_type_id = sensor_type_db.id try: validate_not_part_of_system_pack(sensor_type_db) except ValueValidationException as e: abort(http_client.BAD_REQUEST, six.text_type(e)) return if not getattr(sensor_type, 'pack', None): sensor_type.pack = sensor_type_db.pack try: old_sensor_type_db = sensor_type_db sensor_type_db.id = sensor_type_id sensor_type_db.enabled = getattr(sensor_type, 'enabled', False) sensor_type_db = SensorType.add_or_update(sensor_type_db) except (ValidationError, ValueError) as e: LOG.exception('Unable to update sensor_type data=%s', sensor_type) abort(http_client.BAD_REQUEST, six.text_type(e)) return extra = { 'old_sensor_type_db': old_sensor_type_db, 'new_sensor_type_db': sensor_type_db } LOG.audit('Sensor updated. Sensor.id=%s.' % (sensor_type_db.id), extra=extra) sensor_type_api = SensorTypeAPI.from_model(sensor_type_db) return sensor_type_api
def put(self, ref_or_id, sensor_type): # Note: Right now this function only supports updating of "enabled" # attribute on the SensorType model. # The reason for that is that SensorTypeAPI.to_model right now only # knows how to work with sensor type definitions from YAML files. try: sensor_type_db = self._get_by_ref_or_id(ref_or_id=ref_or_id) except Exception as e: LOG.exception(e.message) abort(http_client.NOT_FOUND, e.message) return sensor_type_id = sensor_type_db.id try: validate_not_part_of_system_pack(sensor_type_db) except ValueValidationException as e: abort(http_client.BAD_REQUEST, str(e)) return if not getattr(sensor_type, 'pack', None): sensor_type.pack = sensor_type_db.pack try: old_sensor_type_db = sensor_type_db sensor_type_db.id = sensor_type_id sensor_type_db.enabled = getattr(sensor_type, 'enabled', False) sensor_type_db = SensorType.add_or_update(sensor_type_db) except (ValidationError, ValueError) as e: LOG.exception('Unable to update sensor_type data=%s', sensor_type) abort(http_client.BAD_REQUEST, str(e)) return extra = { 'old_sensor_type_db': old_sensor_type_db, 'new_sensor_type_db': sensor_type_db } LOG.audit('Sensor updated. Sensor.id=%s.' % (sensor_type_db.id), extra=extra) sensor_type_api = SensorTypeAPI.from_model(sensor_type_db) return sensor_type_api
def put(self, action_ref_or_id, action): action_db = self._get_by_ref_or_id(ref_or_id=action_ref_or_id) # Assert permissions action_id = action_db.id if not getattr(action, 'pack', None): action.pack = action_db.pack # Perform validation validate_not_part_of_system_pack(action) action_validator.validate_action(action) # Write pack data files to disk (if any are provided) data_files = getattr(action, 'data_files', []) written_data_files = [] if data_files: written_data_files = self._handle_data_files(pack_name=action.pack, data_files=data_files) try: action_db = ActionAPI.to_model(action) LOG.debug('/actions/ PUT incoming action: %s', action_db) action_db.id = action_id action_db = Action.add_or_update(action_db) LOG.debug('/actions/ PUT after add_or_update: %s', action_db) except (ValidationError, ValueError) as e: LOG.exception('Unable to update action data=%s', action) abort(http_client.BAD_REQUEST, str(e)) return # Dispatch an internal trigger for each written data file. This way user # automate comitting this files to git using StackStorm rule if written_data_files: self._dispatch_trigger_for_written_data_files( action_db=action_db, written_data_files=written_data_files) action_api = ActionAPI.from_model(action_db) LOG.debug('PUT /actions/ client_result=%s', action_api) return action_api
def put(self, action_ref_or_id, action): action_db = self._get_by_ref_or_id(ref_or_id=action_ref_or_id) # Assert permissions action_id = action_db.id if not getattr(action, 'pack', None): action.pack = action_db.pack # Perform validation validate_not_part_of_system_pack(action) action_validator.validate_action(action) # Write pack data files to disk (if any are provided) data_files = getattr(action, 'data_files', []) written_data_files = [] if data_files: written_data_files = self._handle_data_files(pack_name=action.pack, data_files=data_files) try: action_db = ActionAPI.to_model(action) action_db.id = action_id action_db = Action.add_or_update(action_db) except (ValidationError, ValueError) as e: LOG.exception('Unable to update action data=%s', action) abort(http_client.BAD_REQUEST, str(e)) return # Dispatch an internal trigger for each written data file. This way user # automate comitting this files to git using StackStorm rule if written_data_files: self._dispatch_trigger_for_written_data_files(action_db=action_db, written_data_files=written_data_files) action_api = ActionAPI.from_model(action_db) LOG.debug('PUT /actions/ client_result=%s', action_api) return action_api
def put(self, instance, ref_or_id, requester_user): op = 'PUT /policies/%s/' % ref_or_id db_model = self._get_by_ref_or_id(ref_or_id=ref_or_id) LOG.debug('%s found object: %s', op, db_model) permission_type = PermissionType.POLICY_MODIFY rbac_utils = get_rbac_backend().get_utils_class() rbac_utils.assert_user_has_resource_db_permission(user_db=requester_user, resource_db=db_model, permission_type=permission_type) db_model_id = db_model.id try: validate_not_part_of_system_pack(db_model) except ValueValidationException as e: LOG.exception('%s unable to update object from system pack.', op) abort(http_client.BAD_REQUEST, six.text_type(e)) if not getattr(instance, 'pack', None): instance.pack = db_model.pack try: db_model = self.model.to_model(instance) db_model.id = db_model_id db_model = self.access.add_or_update(db_model) except (ValidationError, ValueError) as e: LOG.exception('%s unable to update object: %s', op, db_model) abort(http_client.BAD_REQUEST, six.text_type(e)) return LOG.debug('%s updated object: %s', op, db_model) LOG.audit('Policy updated. Policy.id=%s' % (db_model.id), extra={'policy_db': db_model}) exec_result = self.model.from_model(db_model) return Response(json=exec_result, status=http_client.OK)
def delete(self, ref_or_id, requester_user): """ Delete an action. Handles requests: POST /actions/1?_method=delete DELETE /actions/1 DELETE /actions/mypack.myaction """ action_db = self._get_by_ref_or_id(ref_or_id=ref_or_id) action_id = action_db.id permission_type = PermissionType.ACTION_DELETE rbac_utils = get_rbac_backend().get_utils_class() rbac_utils.assert_user_has_resource_db_permission(user_db=requester_user, resource_db=action_db, permission_type=permission_type) try: validate_not_part_of_system_pack(action_db) except ValueValidationException as e: abort(http_client.BAD_REQUEST, six.text_type(e)) LOG.debug('DELETE /actions/ lookup with ref_or_id=%s found object: %s', ref_or_id, action_db) try: Action.delete(action_db) except Exception as e: LOG.error('Database delete encountered exception during delete of id="%s". ' 'Exception was %s', action_id, e) abort(http_client.INTERNAL_SERVER_ERROR, six.text_type(e)) return extra = {'action_db': action_db} LOG.audit('Action deleted. Action.id=%s' % (action_db.id), extra=extra) return Response(status=http_client.NO_CONTENT)
def delete(self, ref_or_id, requester_user): """ Delete a policy. Handles requests: POST /policies/1?_method=delete DELETE /policies/1 DELETE /policies/mypack.mypolicy """ op = 'DELETE /policies/%s/' % ref_or_id db_model = self._get_by_ref_or_id(ref_or_id=ref_or_id) LOG.debug('%s found object: %s', op, db_model) permission_type = PermissionType.POLICY_DELETE rbac_utils = get_rbac_backend().get_utils_class() rbac_utils.assert_user_has_resource_db_permission(user_db=requester_user, resource_db=db_model, permission_type=permission_type) try: validate_not_part_of_system_pack(db_model) except ValueValidationException as e: LOG.exception('%s unable to delete object from system pack.', op) abort(http_client.BAD_REQUEST, six.text_type(e)) try: self.access.delete(db_model) except Exception as e: LOG.exception('%s unable to delete object: %s', op, db_model) abort(http_client.INTERNAL_SERVER_ERROR, six.text_type(e)) return LOG.debug('%s deleted object: %s', op, db_model) LOG.audit('Policy deleted. Policy.id=%s' % (db_model.id), extra={'policy_db': db_model}) # return None return Response(status=http_client.NO_CONTENT)
def put(self, action_ref_or_id, action): try: action_db = self._get_by_ref_or_id(ref_or_id=action_ref_or_id) except Exception as e: LOG.exception(e.message) abort(http_client.NOT_FOUND, e.message) return action_id = action_db.id try: validate_not_part_of_system_pack(action_db) except ValueValidationException as e: abort(http_client.BAD_REQUEST, str(e)) if not getattr(action, 'pack', None): action.pack = action_db.pack try: action_validator.validate_action(action) except ValueValidationException as e: abort(http_client.BAD_REQUEST, str(e)) return try: action_db = ActionAPI.to_model(action) action_db.id = action_id action_db = Action.add_or_update(action_db) except (ValidationError, ValueError) as e: LOG.exception('Unable to update action data=%s', action) abort(http_client.BAD_REQUEST, str(e)) return action_api = ActionAPI.from_model(action_db) LOG.debug('PUT /actions/ client_result=%s', action_api) return action_api
def delete(self, options, ref_or_id, requester_user): """ Delete an action. Handles requests: POST /actions/1?_method=delete DELETE /actions/1 DELETE /actions/mypack.myaction """ action_db = self._get_by_ref_or_id(ref_or_id=ref_or_id) action_id = action_db.id permission_type = PermissionType.ACTION_DELETE rbac_utils = get_rbac_backend().get_utils_class() rbac_utils.assert_user_has_resource_db_permission( user_db=requester_user, resource_db=action_db, permission_type=permission_type, ) try: validate_not_part_of_system_pack(action_db) except ValueValidationException as e: abort(http_client.BAD_REQUEST, six.text_type(e)) LOG.debug( "DELETE /actions/ lookup with ref_or_id=%s found object: %s", ref_or_id, action_db, ) pack_name = action_db["pack"] entry_point = action_db["entry_point"] metadata_file = action_db["metadata_file"] try: Action.delete(action_db) except Exception as e: LOG.error( 'Database delete encountered exception during delete of id="%s". ' "Exception was %s", action_id, e, ) abort(http_client.INTERNAL_SERVER_ERROR, six.text_type(e)) return if options.remove_files: try: delete_action_files_from_pack( pack_name=pack_name, entry_point=entry_point, metadata_file=metadata_file, ) except PermissionError as e: LOG.error("No permission to delete resource files from disk.") action_db.id = None Action.add_or_update(action_db) abort(http_client.FORBIDDEN, six.text_type(e)) return except Exception as e: LOG.error( "Exception encountered during deleting resource files from disk. " "Exception was %s", e, ) action_db.id = None Action.add_or_update(action_db) abort(http_client.INTERNAL_SERVER_ERROR, six.text_type(e)) return extra = {"action_db": action_db} LOG.audit("Action deleted. Action.id=%s" % (action_db.id), extra=extra) return Response(status=http_client.NO_CONTENT)