lemur/lemur/endpoints/service.py

"""
.. module: lemur.endpoints.service
    :platform: Unix
    :synopsis: This module contains all of the services level functions used to
    administer endpoints in Lemur
    :copyright: (c) 2018 by Netflix Inc., see AUTHORS for more
    :license: Apache, see LICENSE for more details.
.. moduleauthor:: Kevin Glisson <kglisson@netflix.com>

"""
import arrow

from sqlalchemy import func

from lemur import database
from lemur.common.utils import truthiness
from lemur.endpoints.models import Endpoint, Policy, Cipher
from lemur.extensions import metrics


def get_all():
    """
    Get all endpoints that are currently in Lemur.

    :rtype : List
    :return:
    """
    query = database.session_query(Endpoint)
    return database.find_all(query, Endpoint, {}).all()


def get(endpoint_id):
    """
    Retrieves an endpoint given it's ID

    :param endpoint_id:
    :return:
    """
    return database.get(Endpoint, endpoint_id)


def get_by_name(name):
    """
    Retrieves an endpoint given it's name.

    :param name:
    :return:
    """
    return database.get(Endpoint, name, field="name")


def get_by_dnsname(dnsname):
    """
    Retrieves an endpoint given it's name.

    :param dnsname:
    :return:
    """
    return database.get(Endpoint, dnsname, field="dnsname")


def get_by_dnsname_and_port(dnsname, port):
    """
    Retrieves and endpoint by it's dnsname and port.
    :param dnsname:
    :param port:
    :return:
    """
    return (
        Endpoint.query.filter(Endpoint.dnsname == dnsname)
        .filter(Endpoint.port == port)
        .scalar()
    )


def get_by_source(source_label):
    """
    Retrieves all endpoints for a given source.
    :param source_label:
    :return:
    """
    return Endpoint.query.filter(Endpoint.source.label == source_label).all()  # noqa


def get_all_pending_rotation():
    """
    Retrieves all endpoints which have certificates deployed
    that have been replaced.
    :return:
    """
    return Endpoint.query.filter(Endpoint.replaced.any()).all()


def create(**kwargs):
    """
    Creates a new endpoint.
    :param kwargs:
    :return:
    """
    endpoint = Endpoint(**kwargs)
    database.create(endpoint)
    metrics.send(
        "endpoint_added", "counter", 1, metric_tags={"source": endpoint.source.label}
    )
    return endpoint


def get_or_create_policy(**kwargs):
    policy = database.get(Policy, kwargs["name"], field="name")

    if not policy:
        policy = Policy(**kwargs)
        database.create(policy)

    return policy


def get_or_create_cipher(**kwargs):
    cipher = database.get(Cipher, kwargs["name"], field="name")

    if not cipher:
        cipher = Cipher(**kwargs)
        database.create(cipher)

    return cipher


def update(endpoint_id, **kwargs):
    endpoint = database.get(Endpoint, endpoint_id)

    endpoint.policy = kwargs["policy"]
    endpoint.certificate = kwargs["certificate"]
    endpoint.source = kwargs["source"]
    endpoint.last_updated = arrow.utcnow()
    metrics.send(
        "endpoint_updated", "counter", 1, metric_tags={"source": endpoint.source.label}
    )
    database.update(endpoint)
    return endpoint


def render(args):
    """
    Helper that helps us render the REST Api responses.
    :param args:
    :return:
    """
    query = database.session_query(Endpoint)
    filt = args.pop("filter")

    if filt:
        terms = filt.split(";")
        if "active" in filt:  # this is really weird but strcmp seems to not work here??
            query = query.filter(Endpoint.active == truthiness(terms[1]))
        elif "port" in filt:
            if terms[1] != "null":  # ng-table adds 'null' if a number is removed
                query = query.filter(Endpoint.port == terms[1])
        elif "ciphers" in filt:
            query = query.filter(Cipher.name == terms[1])
        else:
            query = database.filter(query, Endpoint, terms)

    return database.sort_and_page(query, Endpoint, args)


def stats(**kwargs):
    """
    Helper that defines some useful statistics about endpoints.

    :param kwargs:
    :return:
    """
    attr = getattr(Endpoint, kwargs.get("metric"))
    query = database.db.session.query(attr, func.count(attr))

    items = query.group_by(attr).all()

    keys = []
    values = []
    for key, count in items:
        keys.append(key)
        values.append(count)

    return {"labels": keys, "values": values}
Closes #284 (#336) 2016-06-27 23:40:46 +02:00			`"""`
			`.. module: lemur.endpoints.service`
			`:platform: Unix`
			`:synopsis: This module contains all of the services level functions used to`
			`administer endpoints in Lemur`
Addressing comments. Updating copyrights. Added function to determine authorative name server 2018-05-29 19:18:16 +02:00			`:copyright: (c) 2018 by Netflix Inc., see AUTHORS for more`
Closes #284 (#336) 2016-06-27 23:40:46 +02:00			`:license: Apache, see LICENSE for more details.`
			`.. moduleauthor:: Kevin Glisson <kglisson@netflix.com>`

			`"""`
Endpoint sync fixes (#604) 2016-12-15 19:26:59 +01:00			`import arrow`

Certificate rotation enhancements (#570) 2016-12-08 01:24:59 +01:00			`from sqlalchemy import func`

Closes #284 (#336) 2016-06-27 23:40:46 +02:00			`from lemur import database`
Fix filtering on boolean columns, broken with SQLAlchemy 1.2 upgrade SQLAlchemy 1.2 does not allow comparing string values to boolean columns. This caused errors like: sqlalchemy.exc.StatementError: (builtins.TypeError) Not a boolean value: 'true' For more details see http://docs.sqlalchemy.org/en/latest/changelog/migration_12.html#boolean-datatype-now-enforces-strict-true-false-none-values 2018-04-02 17:33:51 +02:00			`from lemur.common.utils import truthiness`
Closes #284 (#336) 2016-06-27 23:40:46 +02:00			`from lemur.endpoints.models import Endpoint, Policy, Cipher`
Certificate rotation enhancements (#570) 2016-12-08 01:24:59 +01:00			`from lemur.extensions import metrics`
Closes #284 (#336) 2016-06-27 23:40:46 +02:00

			`def get_all():`
			`"""`
			`Get all endpoints that are currently in Lemur.`

			`:rtype : List`
			`:return:`
			`"""`
			`query = database.session_query(Endpoint)`
			`return database.find_all(query, Endpoint, {}).all()`


			`def get(endpoint_id):`
			`"""`
			`Retrieves an endpoint given it's ID`

			`:param endpoint_id:`
			`:return:`
			`"""`
			`return database.get(Endpoint, endpoint_id)`


Modifying the way rotation works. (#629) * Modifying the way rotation works. * Adding docs. * Fixing tests. 2016-12-23 22:18:42 +01:00			`def get_by_name(name):`
Closes #284 (#336) 2016-06-27 23:40:46 +02:00			`"""`
			`Retrieves an endpoint given it's name.`

Modifying the way rotation works. (#629) * Modifying the way rotation works. * Adding docs. * Fixing tests. 2016-12-23 22:18:42 +01:00			`:param name:`
Closes #284 (#336) 2016-06-27 23:40:46 +02:00			`:return:`
			`"""`
Black lint all the things 2019-05-16 16:57:02 +02:00			`return database.get(Endpoint, name, field="name")`
Modifying the way rotation works. (#629) * Modifying the way rotation works. * Adding docs. * Fixing tests. 2016-12-23 22:18:42 +01:00

			`def get_by_dnsname(dnsname):`
			`"""`
			`Retrieves an endpoint given it's name.`

			`:param dnsname:`
			`:return:`
			`"""`
Black lint all the things 2019-05-16 16:57:02 +02:00			`return database.get(Endpoint, dnsname, field="dnsname")`
Closes #284 (#336) 2016-06-27 23:40:46 +02:00

Ensures we can get multiple endpoints with the same name but different ports. (#1011) 2017-12-04 22:13:02 +01:00			`def get_by_dnsname_and_port(dnsname, port):`
			`"""`
			`Retrieves and endpoint by it's dnsname and port.`
			`:param dnsname:`
			`:param port:`
			`:return:`
			`"""`
Black lint all the things 2019-05-16 16:57:02 +02:00			`return (`
			`Endpoint.query.filter(Endpoint.dnsname == dnsname)`
			`.filter(Endpoint.port == port)`
			`.scalar()`
			`)`
Ensures we can get multiple endpoints with the same name but different ports. (#1011) 2017-12-04 22:13:02 +01:00

Fixing various problems with the syncing of endpoints, throttling sta… (#398) * Fixing various problems with the syncing of endpoints, throttling stale endpoints etc. 2016-07-12 17:40:49 +02:00			`def get_by_source(source_label):`
			`"""`
			`Retrieves all endpoints for a given source.`
			`:param source_label:`
			`:return:`
			`"""`
			`return Endpoint.query.filter(Endpoint.source.label == source_label).all() # noqa`


Modifying the way rotation works. (#629) * Modifying the way rotation works. * Adding docs. * Fixing tests. 2016-12-23 22:18:42 +01:00			`def get_all_pending_rotation():`
			`"""`
			`Retrieves all endpoints which have certificates deployed`
			`that have been replaced.`
			`:return:`
			`"""`
			`return Endpoint.query.filter(Endpoint.replaced.any()).all()`


Closes #284 (#336) 2016-06-27 23:40:46 +02:00			`def create(**kwargs):`
			`"""`
			`Creates a new endpoint.`
			`:param kwargs:`
			`:return:`
			`"""`
			`endpoint = Endpoint(**kwargs)`
			`database.create(endpoint)`
Black lint all the things 2019-05-16 16:57:02 +02:00			`metrics.send(`
			`"endpoint_added", "counter", 1, metric_tags={"source": endpoint.source.label}`
			`)`
Closes #284 (#336) 2016-06-27 23:40:46 +02:00			`return endpoint`


			`def get_or_create_policy(**kwargs):`
Black lint all the things 2019-05-16 16:57:02 +02:00			`policy = database.get(Policy, kwargs["name"], field="name")`
Closes #284 (#336) 2016-06-27 23:40:46 +02:00
			`if not policy:`
			`policy = Policy(**kwargs)`
			`database.create(policy)`

			`return policy`


			`def get_or_create_cipher(**kwargs):`
Black lint all the things 2019-05-16 16:57:02 +02:00			`cipher = database.get(Cipher, kwargs["name"], field="name")`
Closes #284 (#336) 2016-06-27 23:40:46 +02:00
			`if not cipher:`
			`cipher = Cipher(**kwargs)`
			`database.create(cipher)`

			`return cipher`


			`def update(endpoint_id, **kwargs):`
			`endpoint = database.get(Endpoint, endpoint_id)`

Black lint all the things 2019-05-16 16:57:02 +02:00			`endpoint.policy = kwargs["policy"]`
			`endpoint.certificate = kwargs["certificate"]`
			`endpoint.source = kwargs["source"]`
Endpoint sync fixes (#604) 2016-12-15 19:26:59 +01:00			`endpoint.last_updated = arrow.utcnow()`
Black lint all the things 2019-05-16 16:57:02 +02:00			`metrics.send(`
			`"endpoint_updated", "counter", 1, metric_tags={"source": endpoint.source.label}`
			`)`
Closes #284 (#336) 2016-06-27 23:40:46 +02:00			`database.update(endpoint)`
			`return endpoint`


			`def render(args):`
			`"""`
			`Helper that helps us render the REST Api responses.`
			`:param args:`
			`:return:`
			`"""`
			`query = database.session_query(Endpoint)`
Black lint all the things 2019-05-16 16:57:02 +02:00			`filt = args.pop("filter")`
Closes #284 (#336) 2016-06-27 23:40:46 +02:00
			`if filt:`
Black lint all the things 2019-05-16 16:57:02 +02:00			`terms = filt.split(";")`
			`if "active" in filt: # this is really weird but strcmp seems to not work here??`
Fix filtering on boolean columns, broken with SQLAlchemy 1.2 upgrade SQLAlchemy 1.2 does not allow comparing string values to boolean columns. This caused errors like: sqlalchemy.exc.StatementError: (builtins.TypeError) Not a boolean value: 'true' For more details see http://docs.sqlalchemy.org/en/latest/changelog/migration_12.html#boolean-datatype-now-enforces-strict-true-false-none-values 2018-04-02 17:33:51 +02:00			`query = query.filter(Endpoint.active == truthiness(terms[1]))`
Black lint all the things 2019-05-16 16:57:02 +02:00			`elif "port" in filt:`
			`if terms[1] != "null": # ng-table adds 'null' if a number is removed`
Closes #284 (#336) 2016-06-27 23:40:46 +02:00			`query = query.filter(Endpoint.port == terms[1])`
Black lint all the things 2019-05-16 16:57:02 +02:00			`elif "ciphers" in filt:`
			`query = query.filter(Cipher.name == terms[1])`
Closes #284 (#336) 2016-06-27 23:40:46 +02:00			`else:`
			`query = database.filter(query, Endpoint, terms)`

			`return database.sort_and_page(query, Endpoint, args)`


			`def stats(**kwargs):`
			`"""`
			`Helper that defines some useful statistics about endpoints.`

			`:param kwargs:`
			`:return:`
			`"""`
Black lint all the things 2019-05-16 16:57:02 +02:00			`attr = getattr(Endpoint, kwargs.get("metric"))`
Closes #284 (#336) 2016-06-27 23:40:46 +02:00			`query = database.db.session.query(attr, func.count(attr))`

			`items = query.group_by(attr).all()`

			`keys = []`
			`values = []`
			`for key, count in items:`
			`keys.append(key)`
			`values.append(count)`

Black lint all the things 2019-05-16 16:57:02 +02:00			`return {"labels": keys, "values": values}`