def post(self): request_body = self.request.body.decode("UTF-8") execution_id = json.loads(request_body).get('executionId') if execution_id: self.application.execution_service.stop_script(execution_id) else: respond_error(self, 400, "Invalid stop request") return
def post(self): request_body = self.request.body.decode("UTF-8") process_id = json.loads(request_body).get("processId") if (process_id): stop_script(int(process_id)) else: respond_error(self, 400, "Invalid stop request") return
def write_error(self, status_code, **kwargs): if ('exc_info' in kwargs) and (kwargs['exc_info']): (type, value, traceback) = kwargs['exc_info'] (custom_code, custom_message) = exception_to_code_and_message(value) if custom_code: respond_error(self, custom_code, custom_message) return respond_error(self, status_code, self._reason)
def get(self, user, script_name): try: config = self.application.config_service.load_config(script_name, user) except ConfigNotAllowedException: LOGGER.warning('Admin access to the script "' + script_name + '" is denied for ' + user.get_audit_name()) respond_error(self, 403, 'Access to the script is denied') return if config is None: raise tornado.web.HTTPError(404, str('Failed to find config for name: ' + script_name)) self.write(json.dumps(config))
def prepare(self): if self.request.method != 'POST': respond_error(self, 405, 'Method not allowed') return audit_name = get_audit_name_from_request(self) file_upload_feature = self.application.file_upload_feature upload_folder = file_upload_feature.prepare_new_folder(audit_name) self.request.connection.set_max_body_size(self.application.max_request_size_mb * BYTES_IN_MB) self.form_reader = StreamingFormReader(self.request.headers, upload_folder)
def prepare(self): if self.request.method != 'POST': respond_error(self, 405, 'Method not allowed') return audit_name = get_audit_name_from_request(self) file_upload_feature = self.application.file_upload_feature upload_folder = file_upload_feature.prepare_new_folder(audit_name) self.request.connection.set_max_body_size(self.application.max_request_size_mb * BYTES_IN_MB) self.form_reader = StreamingFormReader(self.request.headers, upload_folder)
def put(self, user): request = tornado_utils.get_request_body(self) config = request.get('config') filename = request.get('filename') try: self.application.config_service.update_config(user, config, filename) except (InvalidConfigException, InvalidFileException) as e: raise tornado.web.HTTPError(422, str(e)) except ConfigNotAllowedException: LOGGER.warning('Admin access to the script "' + config['name'] + '" is denied for ' + user.get_audit_name()) respond_error(self, 403, 'Access to the script is denied') return
def put(self, user): (config, filename, uploaded_script) = self.read_config_parameters() try: self.application.config_service.update_config(user, config, filename, uploaded_script) except (InvalidConfigException, InvalidFileException) as e: raise tornado.web.HTTPError(422, str(e)) except ConfigNotAllowedException: LOGGER.warning('Admin access to the script "' + config['name'] + '" is denied for ' + user.get_audit_name()) respond_error(self, 403, 'Access to the script is denied') return except InvalidAccessException as e: raise tornado.web.HTTPError(403, reason=str(e))
def get(self): try: name = self.get_query_argument("name") except tornado.web.MissingArgumentError: respond_error(self, 400, "Script name is not specified") return config = load_config(name) if not config: respond_error(self, 400, "Couldn't find a script by name") return self.write(external_model.config_to_json(config))
def authenticate(self, request_handler): if not self.is_enabled(): return LOGGER.info('Trying to authenticate user') login_generic_error = 'Something went wrong. Please contact the administrator or try later' try: username = self.authenticator.authenticate(request_handler) if isinstance(username, tornado.concurrent.Future): username = yield username except auth_base.AuthRejectedError as e: respond_error(request_handler, 401, e.get_message()) return except auth_base.AuthFailureError: respond_error(request_handler, 500, login_generic_error) return except auth_base.AuthBadRequestException as e: respond_error(request_handler, 400, e.get_message()) return except: LOGGER.exception('Failed to call authenticate') respond_error(request_handler, 500, login_generic_error) return LOGGER.info('Authenticated user ' + username) if not self.authorizer.is_allowed_in_app(username): LOGGER.info('User ' + username + ' have no access') respond_error( request_handler, 403, 'Access is prohibited. Please contact system administrator') return request_handler.set_secure_cookie('username', username) path = tornado.escape.url_unescape( request_handler.get_argument('next', '/')) # redirect only to internal URLs if path.startswith('http'): path = '/' redirect_relative(path, request_handler)
def get(self): try: name = self.get_query_argument("name") except tornado.web.MissingArgumentError: respond_error(self, 400, "Script name is not specified") return config = self.application.config_service.load_config(name) if not config: respond_error(self, 400, "Couldn't find a script by name") return if not can_access_script(config, self): raise tornado.web.HTTPError(403, reason='Access to the script is denied') self.write(external_model.config_to_json(config))
def get(self, user): try: name = self.get_query_argument("name") except tornado.web.MissingArgumentError: respond_error(self, 400, "Script name is not specified") return try: config = self.application.config_service.load_config_model(name, user) except ConfigNotAllowedException: raise tornado.web.HTTPError(403, reason='Access to the script is denied') if not config: respond_error(self, 400, "Couldn't find a script by name") return self.write(external_model.config_to_external(config))
def get(self, execution_id): if is_empty(execution_id): respond_error(self, 400, 'Execution id is not specified') return history_entry = self.application.execution_logging_service.find_history_entry(execution_id) if history_entry is None: respond_error(self, 400, 'No history found for id ' + execution_id) return log = self.application.execution_logging_service.find_log(execution_id) if is_empty(log): LOGGER.warning('No log found for execution ' + execution_id) running = self.application.execution_service.is_running(history_entry.id) long_log = to_long_execution_log(history_entry, log, running) self.write(json.dumps(long_log))
def get(self, execution_id): if is_empty(execution_id): respond_error(self, 400, 'Execution id is not specified') return history_entry = self.application.execution_logging_service.find_history_entry(execution_id) if history_entry is None: respond_error(self, 400, 'No history found for id ' + execution_id) return log = self.application.execution_logging_service.find_log(execution_id) if is_empty(log): LOGGER.warning('No log found for execution ' + execution_id) running = self.application.execution_service.is_running(history_entry.id) long_log = to_long_execution_log(history_entry, log, running) self.write(json.dumps(long_log))
def get(self, user, script_name): try: loaded_script = self.application.config_service.load_script_code(script_name, user) except ConfigNotAllowedException: LOGGER.warning('Admin access to the script "' + script_name + '" is denied for ' + user.get_audit_name()) respond_error(self, 403, 'Access to the script is denied') return except InvalidFileException as e: LOGGER.warning('Failed to load script code for script ' + script_name, exc_info=True) respond_error(self, 422, str(e)) return except InvalidAccessException as e: raise tornado.web.HTTPError(403, reason=str(e)) if loaded_script is None: raise tornado.web.HTTPError(404, str('Failed to find config for name: ' + script_name)) self.write(json.dumps(loaded_script))
def get(self, user, execution_id): if is_empty(execution_id): respond_error(self, 400, 'Execution id is not specified') return try: history_entry = self.application.execution_logging_service.find_history_entry( execution_id, user.user_id) except AccessProhibitedException: respond_error( self, 403, 'Access to execution #' + str(execution_id) + ' is prohibited') return if history_entry is None: respond_error(self, 400, 'No history found for id ' + execution_id) return log = self.application.execution_logging_service.find_log(execution_id) if is_empty(log): LOGGER.warning('No log found for execution ' + execution_id) running = self.application.execution_service.is_running( history_entry.id, user) long_log = to_long_execution_log(history_entry, log, running) self.write(json.dumps(long_log))
def authenticate(self, request_handler): if not self.is_enabled(): return LOGGER.info('Trying to authenticate user') login_generic_error = 'Something went wrong. Please contact the administrator or try later' try: username = self.authenticator.authenticate(request_handler) if asyncio.iscoroutine(username): username = yield username except auth_base.AuthRejectedError as e: respond_error(request_handler, 401, e.get_message()) return except auth_base.AuthFailureError: respond_error(request_handler, 500, login_generic_error) return except auth_base.AuthBadRequestException as e: respond_error(request_handler, 400, e.get_message()) return except: LOGGER.exception('Failed to call authenticate') respond_error(request_handler, 500, login_generic_error) return LOGGER.info('Authenticated user ' + username) request_handler.set_secure_cookie('username', username, expires_days=self.authenticator.auth_expiration_days) path = tornado.escape.url_unescape(request_handler.get_argument('next', '/')) # redirect only to internal URLs if path.startswith('http'): path = '/' redirect_relative(path, request_handler)
def authenticate(self, request_handler): if not self.is_enabled(): return LOGGER.info('Trying to authenticate user') login_generic_error = 'Something went wrong. Please contact the administrator or try later' try: username = self.authenticator.authenticate(request_handler) if isinstance(username, tornado.concurrent.Future): username = yield username except auth_base.AuthRejectedError as e: respond_error(request_handler, 401, e.get_message()) return except auth_base.AuthFailureError: respond_error(request_handler, 500, login_generic_error) return except auth_base.AuthBadRequestException as e: respond_error(request_handler, 400, e.get_message()) return except: LOGGER.exception('Failed to call authenticate') respond_error(request_handler, 500, login_generic_error) return LOGGER.info('Authenticated user ' + username) request_handler.set_secure_cookie('username', username) path = tornado.escape.url_unescape(request_handler.get_argument('next', '/')) # redirect only to internal URLs if path.startswith('http'): path = '/' redirect_relative(path, request_handler)
def get(self, user, script_name, parameter_name): id = self.get_query_argument('id') if not id: respond_error(self, 400, 'Model id is not specified') return if id not in active_config_models: respond_error(self, 400, 'Model with id=' + str(id) + ' does not exist') return active_model = active_config_models[id] config_user_id = active_model['user_id'] if config_user_id != user.user_id: LOGGER.warning('User ' + str(user) + ' tried to access config ' + script_name + ' of user #' + config_user_id) respond_error(self, 400, 'Model with id=' + str(id) + ' does not exist') return config_model = active_model['model'] if config_model.name != script_name: LOGGER.warning('Config name differences for #' + str(id) + '. Expected ' + config_model.name + ', got ' + script_name) respond_error(self, 500, 'Failed to load script by name') return path = self.get_query_arguments('path') try: files = config_model.list_files_for_param(parameter_name, path) self.write(json.dumps(files)) except ParameterNotFoundException as e: respond_error(self, 404, 'Parameter ' + e.param_name + ' does not exist') return except (InvalidValueException, WrongParameterUsageException) as e: respond_error(self, 400, str(e)) return
def post(self, user): script_name = None audit_name = user.get_audit_name() try: arguments = self.form_reader.values execution_info = external_model.to_execution_info(arguments) script_name = execution_info.script config_model = self.application.config_service.create_config_model( script_name, user) if not config_model: message = 'Script with name "' + str( script_name) + '" not found' LOGGER.error(message) respond_error(self, 400, message) return parameter_values = execution_info.param_values if self.form_reader.files: for key, value in self.form_reader.files.items(): parameter_values[key] = value.path try: config_model.set_all_param_values(parameter_values) normalized_values = dict(config_model.parameter_values) except InvalidValueException as e: message = 'Invalid parameter %s value: %s' % (e.param_name, str(e)) LOGGER.error(message) respond_error(self, 400, message) return all_audit_names = user.audit_names LOGGER.info('Calling script %s. User %s', script_name, all_audit_names) execution_id = self.application.execution_service.start_script( config_model, normalized_values, user.user_id, all_audit_names) self.write(str(execution_id)) except ConfigNotAllowedException: LOGGER.warning('Access to the script "' + script_name + '" is denied for ' + audit_name) respond_error(self, 403, 'Access to the script is denied') return except Exception as e: LOGGER.exception("Error while calling the script") if hasattr(e, "strerror") and e.strerror: error_output = e.strerror else: error_output = "Unknown error occurred, contact the administrator" result = " --- ERRORS --- \n" result += error_output if script_name: script = str(script_name) else: script = "Some script" audit_name = audit_name self.application.alerts_service.send_alert( script + ' NOT STARTED', "Couldn't start the script " + script + ' by ' + audit_name + '.\n\n' + result) respond_error(self, 500, result)
def write_error(self, status_code, **kwargs): respond_error(self, status_code, self._reason)
def post(self): script_name = None audit_name = get_audit_name(self) try: arguments = tornado_utils.get_form_arguments(self) execution_info = external_model.to_execution_info(arguments) script_name = execution_info.script config = load_config(script_name) if not config: message = 'Script with name "' + str( script_name) + '" not found' LOGGER.error(message) respond_error(self, 400, message) return file_upload_feature = self.application.file_upload_feature if self.request.files: for key, value in self.request.files.items(): file_info = value[0] file_path = file_upload_feature.save_file( file_info.filename, file_info.body, audit_name) execution_info.param_values[key] = file_path valid_parameters = model_helper.validate_parameters( execution_info.param_values, config) if not valid_parameters: message = 'Received invalid parameters' LOGGER.error(message) respond_error(self, 400, message) return executor = ScriptExecutor(config, execution_info.param_values, audit_name) audit_command = executor.get_secure_command() LOGGER.info('Calling script: ' + audit_command) LOGGER.info('User info: ' + str(get_all_audit_names(self))) process_id = executor.start() running_scripts[process_id] = executor self.write(str(process_id)) secure_output_stream = executor.get_secure_output_stream() self.start_script_output_logger(audit_name, script_name, secure_output_stream) alerts_config = self.application.alerts_config if alerts_config: self.subscribe_fail_alerter(script_name, alerts_config, audit_name, executor, secure_output_stream) except Exception as e: LOGGER.exception("Error while calling the script") if hasattr(e, "strerror") and e.strerror: error_output = e.strerror else: error_output = "Unknown error occurred, contact the administrator" result = " --- ERRORS --- \n" result += error_output if script_name: script = str(script_name) else: script = "Some script" audit_name = audit_name send_alerts( self.application.alerts_config, script + ' NOT STARTED', "Couldn't start the script " + script + ' by ' + audit_name + '.\n\n' + result) respond_error(self, 500, result)
def write_error(self, status_code, **kwargs): respond_error(self, status_code, self._reason)
def post(self, user): script_name = None audit_name = user.get_audit_name() try: arguments = self.form_reader.values execution_info = external_model.to_execution_info(arguments) script_name = execution_info.script config_model = self.application.config_service.create_config_model(script_name, user) if not config_model: message = 'Script with name "' + str(script_name) + '" not found' LOGGER.error(message) respond_error(self, 400, message) return parameter_values = execution_info.param_values if self.form_reader.files: for key, value in self.form_reader.files.items(): parameter_values[key] = value.path try: config_model.set_all_param_values(parameter_values) normalized_values = dict(config_model.parameter_values) except InvalidValueException as e: message = 'Invalid parameter %s value: %s' % (e.param_name, str(e)) LOGGER.error(message) respond_error(self, 400, message) return all_audit_names = user.audit_names LOGGER.info('Calling script %s. User %s', script_name, all_audit_names) execution_id = self.application.execution_service.start_script( config_model, normalized_values, user.user_id, all_audit_names) self.write(str(execution_id)) except ConfigNotAllowedException: LOGGER.warning('Access to the script "' + script_name + '" is denied for ' + audit_name) respond_error(self, 403, 'Access to the script is denied') return except Exception as e: LOGGER.exception("Error while calling the script") if hasattr(e, "strerror") and e.strerror: error_output = e.strerror else: error_output = "Unknown error occurred, contact the administrator" result = " --- ERRORS --- \n" result += error_output if script_name: script = str(script_name) else: script = "Some script" audit_name = audit_name self.application.alerts_service.send_alert( script + ' NOT STARTED', "Couldn't start the script " + script + ' by ' + audit_name + '.\n\n' + result) respond_error(self, 500, result)
def get(self, user, script_name, parameter_name): id = self.get_query_argument('id') if not id: respond_error(self, 400, 'Model id is not specified') return if id not in active_config_models: respond_error(self, 400, 'Model with id=' + str(id) + ' does not exist') return active_model = active_config_models[id] config_user_id = active_model['user_id'] if config_user_id != user.user_id: LOGGER.warning('User ' + str(user) + ' tried to access config ' + script_name + ' of user #' + config_user_id) respond_error(self, 400, 'Model with id=' + str(id) + ' does not exist') return config_model = active_model['model'] if config_model.name != script_name: LOGGER.warning( 'Config name differences for #' + str(id) + '. Expected ' + config_model.name + ', got ' + script_name) respond_error(self, 500, 'Failed to load script by name') return path = self.get_query_arguments('path') try: files = config_model.list_files_for_param(parameter_name, path) self.write(json.dumps(files)) except ParameterNotFoundException as e: respond_error(self, 404, 'Parameter ' + e.param_name + ' does not exist') return except (InvalidValueException, WrongParameterUsageException) as e: respond_error(self, 400, str(e)) return
def post(self): script_name = None audit_name = get_audit_name_from_request(self) try: arguments = tornado_utils.get_form_arguments(self) execution_info = external_model.to_execution_info(arguments) script_name = execution_info.script config = self.application.config_service.load_config(script_name) if not config: message = 'Script with name "' + str(script_name) + '" not found' LOGGER.error(message) respond_error(self, 400, message) return if not can_access_script(config, self): LOGGER.warning('Access to the script "' + script_name + '" is denied for ' + audit_name) respond_error(self, 403, 'Access to the script is denied') return file_upload_feature = self.application.file_upload_feature if self.request.files: for key, value in self.request.files.items(): file_info = value[0] file_path = file_upload_feature.save_file(file_info.filename, file_info.body, audit_name) execution_info.param_values[key] = file_path model_helper.prepare_multiselect_values(execution_info.param_values, config.parameters) valid_parameters = model_helper.validate_parameters(execution_info.param_values, config) if not valid_parameters: message = 'Received invalid parameters' LOGGER.error(message) respond_error(self, 400, message) return user_id = _identify_user(self) all_audit_names = get_all_audit_names(self) LOGGER.info('Calling script ' + script_name + '. User ' + str(all_audit_names)) execution_id = self.application.execution_service.start_script( config, execution_info.param_values, user_id, all_audit_names) self.write(str(execution_id)) except Exception as e: LOGGER.exception("Error while calling the script") if hasattr(e, "strerror") and e.strerror: error_output = e.strerror else: error_output = "Unknown error occurred, contact the administrator" result = " --- ERRORS --- \n" result += error_output if script_name: script = str(script_name) else: script = "Some script" audit_name = audit_name self.application.alerts_service.send_alert( script + ' NOT STARTED', "Couldn't start the script " + script + ' by ' + audit_name + '.\n\n' + result) respond_error(self, 500, result)