Merge branch 'develop' into dist/risotto/risotto-2.8.0/develop

add check_role to dispatcher
2021-04-12 15:11:54 +02:00 · 2021-04-12 15:11:46 +02:00 · 2021-03-27 10:59:19 +01:00 · 2021-03-27 10:59:10 +01:00 · 2020-11-14 19:11:57 +01:00 · 2020-11-14 19:01:34 +01:00
8 changed files with 107 additions and 25 deletions
--- a/debian/control
+++ b/debian/control
@ -9,7 +9,11 @@ Homepage: https://forge.cadoles.com/Infra/risotto
 Package: python3-risotto
 Architecture: any
 Pre-Depends: dpkg, python3, ${misc:Pre-Depends}
-Depends: ${python:Depends}, ${misc:Depends}, python3-asyncpg, python3-rougail, python3-aiohttp
+Depends: ${python:Depends}, ${misc:Depends},
 	python3-asyncpg,
 	python3-rougail,
 	python3-aiohttp,
 	python3-sdnotify
 Description: configuration manager libraries
 Package: risotto
--- a/script/risotto-server
+++ b/script/risotto-server
@ -1,13 +1,16 @@
 #!/usr/bin/env python3
 from sdnotify import SystemdNotifier
 from asyncio import get_event_loop
 from risotto import get_app
 if __name__ == '__main__':
    notifier = SystemdNotifier()
    loop = get_event_loop()
    loop.run_until_complete(get_app(loop))
    print('HTTP server ready')
    notifier.notify("READY=1")
    try:
        print('HTTP server ready')
        loop.run_forever()
    except KeyboardInterrupt:
        pass
--- a/src/risotto/config.py
+++ b/src/risotto/config.py
@ -1,6 +1,7 @@
 from os import environ
 from os.path import isfile
 from configobj import ConfigObj
 from uuid import uuid4
 CONFIG_FILE = environ.get('CONFIG_FILE', '/etc/risotto/risotto.conf')
@ -88,6 +89,40 @@ if 'IMAGE_PATH' in environ:
    IMAGE_PATH = environ['IMAGE_PATH']
 else:
    IMAGE_PATH = config.get('IMAGE_PATH', '/tmp')
 if 'PASSWORD_ADMIN_USERNAME' in environ:
    PASSWORD_ADMIN_USERNAME = environ['PASSWORD_ADMIN_USERNAME']
 else:
    PASSWORD_ADMIN_USERNAME = config.get('PASSWORD_ADMIN_USERNAME', 'risotto')
 if 'PASSWORD_ADMIN_EMAIL' in environ:
    PASSWORD_ADMIN_EMAIL = environ['PASSWORD_ADMIN_EMAIL']
 else:
    # this parameter is mandatory
    PASSWORD_ADMIN_EMAIL = config['PASSWORD_ADMIN_EMAIL']
 if 'PASSWORD_ADMIN_PASSWORD' in environ:
    PASSWORD_ADMIN_PASSWORD = environ['PASSWORD_ADMIN_PASSWORD']
 else:
    # this parameter is mandatory
    PASSWORD_ADMIN_PASSWORD = config['PASSWORD_ADMIN_PASSWORD']
 if 'PASSWORD_DEVICE_IDENTIFIER' in environ:
    PASSWORD_DEVICE_IDENTIFIER = environ['PASSWORD_DEVICE_IDENTIFIER']
 else:
    PASSWORD_DEVICE_IDENTIFIER = config.get('PASSWORD_DEVICE_IDENTIFIER', uuid4())
 if 'PASSWORD_URL' in environ:
    PASSWORD_URL = environ['PASSWORD_URL']
 else:
    PASSWORD_URL = config.get('PASSWORD_URL', 'https://localhost:8001/')
 if 'PKI_ADMIN_PASSWORD' in environ:
    PKI_ADMIN_PASSWORD = environ['PKI_ADMIN_PASSWORD']
 else:
    PKI_ADMIN_PASSWORD = config['PKI_ADMIN_PASSWORD']
 if 'PKI_ADMIN_EMAIL' in environ:
    PKI_ADMIN_EMAIL = environ['PKI_ADMIN_EMAIL']
 else:
    PKI_ADMIN_EMAIL = config['PKI_ADMIN_EMAIL']
 if 'PKI_URL' in environ:
    PKI_URL = environ['PKI_URL']
 else:
    PKI_URL = config.get('PKI_URL', 'http://localhost:8002')
 def dsn_factory(database, user, password, address=DB_ADDRESS):
@ -110,6 +145,16 @@ _config = {'database': {'dsn': dsn_factory(RISOTTO_DB_NAME, RISOTTO_DB_USER, RIS
                      'sql_dir': SQL_DIR,
                      'tmp_dir': TMP_DIR,
                      },
           'password': {'admin_username': PASSWORD_ADMIN_USERNAME,
                        'admin_email': PASSWORD_ADMIN_EMAIL,
                        'admin_password': PASSWORD_ADMIN_PASSWORD,
                        'device_identifier': PASSWORD_DEVICE_IDENTIFIER,
                        'service_url': PASSWORD_URL,
                        },
           'pki': {'admin_password': PKI_ADMIN_PASSWORD,
                   'owner': PKI_ADMIN_EMAIL,
                   'url': PKI_URL,
                   },
           'cache': {'root_path': CACHE_ROOT_PATH},
           'servermodel': {'internal_source_path': SRV_SEED_PATH,
                           'internal_source': 'internal'},
--- a/src/risotto/controller.py
+++ b/src/risotto/controller.py
@ -48,6 +48,31 @@ class Controller:
                                 **kwargs,
                                 )
    @staticmethod
    async def check_role(self,
                         uri: str,
                         username: str,
                         **kwargs: dict,
                         ) -> None:
        # create a new config
        async with await Config(dispatcher.option) as config:
            await config.property.read_write()
            await config.option('message').value.set(uri)
            subconfig = config.option(uri)
            for key, value in kwargs.items():
                try:
                    await subconfig.option(key).value.set(value)
                except AttributeError:
                    if get_config()['global']['debug']:
                        print_exc()
                    raise ValueError(_(f'unknown parameter in "{uri}": "{key}"'))
                except ValueOptionError as err:
                    raise ValueError(_(f'invalid parameter in "{uri}": {err}'))
            await dispatcher.check_role(subconfig,
                                        username,
                                        uri,
                                        )
    async def on_join(self,
                      risotto_context,
                      ):
--- a/src/risotto/dispatcher.py
+++ b/src/risotto/dispatcher.py
@ -333,7 +333,7 @@ class Dispatcher(register.RegisterDispatcher,
            parameters = await subconfig.value.dict()
            if extra_parameters:
                parameters.update(extra_parameters)
-            return parameters
+        return parameters
    def get_service(self,
                    name: str):
@ -342,14 +342,15 @@ class Dispatcher(register.RegisterDispatcher,
    async def check_role(self,
                         config: Config,
                         user_login: str,
-                         uri: str) -> None:
+                         uri: str,
                         ) -> None:
        async with self.pool.acquire() as connection:
            async with connection.transaction():
                # Verify if user exists and get ID
                sql = '''
                SELECT UserId
                FROM UserUser
-                WHERE UserLogin = $1
+                WHERE Login = $1
                '''
                user_id = await connection.fetchval(sql,
                                                    user_login)
@ -407,7 +408,7 @@ class Dispatcher(register.RegisterDispatcher,
                    kw[key] = value
        kw['risotto_context'] = risotto_context
-        returns = await function(self.injected_self[function_obj['module']], **kw)
+        returns = await function(self.get_service(function_obj['module']), **kw)
        if risotto_context.type == 'rpc':
            # valid returns
            await self.valid_call_returns(risotto_context,
--- a/src/risotto/http.py
+++ b/src/risotto/http.py
@ -29,7 +29,8 @@ def create_context(request):
 def register(version: str,
-             path: str):
+             path: str,
             ):
    """ Decorator to register function to the http route
    """
    def decorator(function):
@ -41,7 +42,9 @@ def register(version: str,
 class extra_route_handler:
-    async def __new__(cls, request):
+    async def __new__(cls,
                      request,
                      ):
        kwargs = dict(request.match_info)
        kwargs['request'] = request
        kwargs['risotto_context'] = create_context(request)
@ -96,11 +99,13 @@ async def handle(request):
            print_exc()
        raise HTTPInternalServerError(reason=str(err))
    return Response(text=dumps({'response': text}),
-                    content_type='application/json')
+                    content_type='application/json',
                    )
 async def api(request,
-              risotto_context):
+              risotto_context,
              ):
    global TIRAMISU
    if not TIRAMISU:
        # check all URI that have an associated role
@ -152,7 +157,8 @@ async def get_app(loop):
    for version in versions:
        api_route = {'function': api,
                     'version': version,
-                     'path': f'/api/{version}'}
+                     'path': f'/api/{version}',
                     }
        extra_handler = type(api_route['path'], (extra_route_handler,), api_route)
        routes.append(get(api_route['path'], extra_handler))
        print(f'  - {api_route["path"]} (http_get)')
@ -174,7 +180,10 @@ async def get_app(loop):
    await dispatcher.register_remote()
    print()
    await dispatcher.on_join()
-    return await loop.create_server(app.make_handler(), '*', get_config()['http_server']['port'])
+    return await loop.create_server(app.make_handler(),
                                    '*',
                                    get_config()['http_server']['port'],
                                    )
 TIRAMISU = None
--- a/src/risotto/register.py
+++ b/src/risotto/register.py
@ -23,7 +23,7 @@ class Services():
    def load_services(self):
        for entry_point in iter_entry_points(group='risotto_services'):
-            self.services.setdefault(entry_point.name, [])
+            self.services.setdefault(entry_point.name, {})
        self.services_loaded = True
    def load_modules(self,
@ -32,21 +32,20 @@ class Services():
        for entry_point in iter_entry_points(group='risotto_modules'):
            service_name, module_name = entry_point.name.split('.')
            if limit_services is None or service_name in limit_services:
-                setattr(self, module_name, entry_point.load())
+                self.services[service_name][module_name] = entry_point.load()
                self.services[service_name].append(module_name)
        self.modules_loaded = True
-
+#
-    def get_services(self):
+#    def get_services(self):
-        if not self.services_loaded:
+#        if not self.services_loaded:
-            self.load_services()
+#            self.load_services()
-        return [(s, getattr(self, s)) for s in self.services]
+#        return [(service, getattr(self, service)) for service in self.services]
    def get_modules(self,
                    limit_services: Optional[List[str]]=None,
                    ) -> List[str]:
        if not self.modules_loaded:
            self.load_modules(limit_services=limit_services)
-        return [(module + '.' + submodule, getattr(self, submodule)) for module, submodules in self.services.items() for submodule in submodules]
+        return [(module + '.' + submodule, entry_point) for module, submodules in self.services.items() for submodule, entry_point in submodules.items()]
    def get_services_list(self):
        return self.services.keys()
--- a/tests/test_config.py
+++ b/tests/test_config.py
@ -392,7 +392,6 @@ async def test_server_created_base():
                             release_distribution='last',
                             site_name='site_1',
                             zones_name=['zones'],
                             zones_ip=['1.1.1.1'],
                             )
    assert list(config_module.server) == [server_name]
    assert set(config_module.server[server_name]) == {'server', 'server_to_deploy', 'funcs_file'}
@ -420,7 +419,6 @@ async def test_server_created_own_sm():
                             release_distribution='last',
                             site_name='site_1',
                             zones_name=['zones'],
                             zones_ip=['1.1.1.1'],
                             )
    assert list(config_module.server) == [server_name]
    assert set(config_module.server[server_name]) == {'server', 'server_to_deploy', 'funcs_file'}
@ -469,7 +467,6 @@ async def test_server_configuration_get():
                             release_distribution='last',
                             site_name='site_1',
                             zones_name=['zones'],
                             zones_ip=['1.1.1.1'],
                             )
    #
    await config_module.server[server_name]['server'].property.read_write()
@ -515,7 +512,6 @@ async def test_server_configuration_deployed():
                             release_distribution='last',
                             site_name='site_1',
                             zones_name=['zones'],
                             zones_ip=['1.1.1.1'],
                             )
    #
    await config_module.server[server_name]['server'].property.read_write()
Author	SHA1	Message	Date
Emmanuel Garette	83d74c2b06	Merge branch 'develop' into dist/risotto/risotto-2.8.0/develop	2021-04-12 15:11:54 +02:00
Emmanuel Garette	01834c6ba7	add check_role to dispatcher	2021-04-12 15:11:46 +02:00
Emmanuel Garette	6a27b002ff	Merge branch 'develop' into dist/risotto/risotto-2.8.0/develop	2021-03-27 10:59:19 +01:00
Emmanuel Garette	8fdc34c4d3	fix	2021-03-27 10:59:10 +01:00
Emmanuel Garette	e2d73932c0	add sdnotify dependency	2020-11-14 19:11:57 +01:00
Emmanuel Garette	980a119ef9	Merge branch 'develop' into dist/risotto/risotto-2.8.0/develop	2020-11-14 19:01:34 +01:00
Emmanuel Garette	f623feb8a8	add systemd notifier	2020-11-14 19:01:28 +01:00
Emmanuel Garette	b9da2ce686	Merge branch 'develop' into dist/risotto/risotto-2.8.0/develop	2020-11-14 08:12:50 +01:00
Emmanuel Garette	46f8a4323b	add pki informations	2020-11-14 08:12:39 +01:00
Emmanuel Garette	941261c830	Merge branch 'develop' into dist/risotto/risotto-2.8.0/develop	2020-10-14 18:30:13 +02:00
Emmanuel Garette	6c4bbb3dca	add password support	2020-10-14 18:30:05 +02:00