Merge branch 'develop' into dist/risotto/risotto-2.8.0/develop

debian/control

@@ -9,7 +9,11 @@ Homepage: https://forge.cadoles.com/Infra/risotto
 Package: python3-risotto
 Architecture: any
 Pre-Depends: dpkg, python3, ${misc:Pre-Depends}
-Depends: ${python:Depends}, ${misc:Depends}, python3-asyncpg, python3-rougail, python3-aiohttp
+Depends: ${python:Depends}, ${misc:Depends},
+	python3-asyncpg,
+	python3-rougail,
+	python3-aiohttp,
+	python3-sdnotify
 Description: configuration manager libraries
 
 Package: risotto

script/risotto-server

@@ -1,13 +1,16 @@
 #!/usr/bin/env python3
+from sdnotify import SystemdNotifier
 from asyncio import get_event_loop
 from risotto import get_app
 
 
 if __name__ == '__main__':
+    notifier = SystemdNotifier()
     loop = get_event_loop()
     loop.run_until_complete(get_app(loop))
-    try:
     print('HTTP server ready')
+    notifier.notify("READY=1")
+    try:
         loop.run_forever()
     except KeyboardInterrupt:
         pass

src/risotto/config.py

@@ -1,6 +1,7 @@
 from os import environ
 from os.path import isfile
 from configobj import ConfigObj
+from uuid import uuid4
 
 
 CONFIG_FILE = environ.get('CONFIG_FILE', '/etc/risotto/risotto.conf')
@@ -88,6 +89,40 @@ if 'IMAGE_PATH' in environ:
     IMAGE_PATH = environ['IMAGE_PATH']
 else:
     IMAGE_PATH = config.get('IMAGE_PATH', '/tmp')
+if 'PASSWORD_ADMIN_USERNAME' in environ:
+    PASSWORD_ADMIN_USERNAME = environ['PASSWORD_ADMIN_USERNAME']
+else:
+    PASSWORD_ADMIN_USERNAME = config.get('PASSWORD_ADMIN_USERNAME', 'risotto')
+if 'PASSWORD_ADMIN_EMAIL' in environ:
+    PASSWORD_ADMIN_EMAIL = environ['PASSWORD_ADMIN_EMAIL']
+else:
+    # this parameter is mandatory
+    PASSWORD_ADMIN_EMAIL = config['PASSWORD_ADMIN_EMAIL']
+if 'PASSWORD_ADMIN_PASSWORD' in environ:
+    PASSWORD_ADMIN_PASSWORD = environ['PASSWORD_ADMIN_PASSWORD']
+else:
+    # this parameter is mandatory
+    PASSWORD_ADMIN_PASSWORD = config['PASSWORD_ADMIN_PASSWORD']
+if 'PASSWORD_DEVICE_IDENTIFIER' in environ:
+    PASSWORD_DEVICE_IDENTIFIER = environ['PASSWORD_DEVICE_IDENTIFIER']
+else:
+    PASSWORD_DEVICE_IDENTIFIER = config.get('PASSWORD_DEVICE_IDENTIFIER', uuid4())
+if 'PASSWORD_URL' in environ:
+    PASSWORD_URL = environ['PASSWORD_URL']
+else:
+    PASSWORD_URL = config.get('PASSWORD_URL', 'https://localhost:8001/')
+if 'PKI_ADMIN_PASSWORD' in environ:
+    PKI_ADMIN_PASSWORD = environ['PKI_ADMIN_PASSWORD']
+else:
+    PKI_ADMIN_PASSWORD = config['PKI_ADMIN_PASSWORD']
+if 'PKI_ADMIN_EMAIL' in environ:
+    PKI_ADMIN_EMAIL = environ['PKI_ADMIN_EMAIL']
+else:
+    PKI_ADMIN_EMAIL = config['PKI_ADMIN_EMAIL']
+if 'PKI_URL' in environ:
+    PKI_URL = environ['PKI_URL']
+else:
+    PKI_URL = config.get('PKI_URL', 'http://localhost:8002')
 
 
 def dsn_factory(database, user, password, address=DB_ADDRESS):
@@ -110,6 +145,16 @@ _config = {'database': {'dsn': dsn_factory(RISOTTO_DB_NAME, RISOTTO_DB_USER, RIS
                       'sql_dir': SQL_DIR,
                       'tmp_dir': TMP_DIR,
                       },
+           'password': {'admin_username': PASSWORD_ADMIN_USERNAME,
+                        'admin_email': PASSWORD_ADMIN_EMAIL,
+                        'admin_password': PASSWORD_ADMIN_PASSWORD,
+                        'device_identifier': PASSWORD_DEVICE_IDENTIFIER,
+                        'service_url': PASSWORD_URL,
+                        },
+           'pki': {'admin_password': PKI_ADMIN_PASSWORD,
+                   'owner': PKI_ADMIN_EMAIL,
+                   'url': PKI_URL,
+                   },
            'cache': {'root_path': CACHE_ROOT_PATH},
            'servermodel': {'internal_source_path': SRV_SEED_PATH,
                            'internal_source': 'internal'},

src/risotto/controller.py

@@ -48,6 +48,31 @@ class Controller:
                                  **kwargs,
                                  )
 
+    @staticmethod
+    async def check_role(self,
+                         uri: str,
+                         username: str,
+                         **kwargs: dict,
+                         ) -> None:
+        # create a new config
+        async with await Config(dispatcher.option) as config:
+            await config.property.read_write()
+            await config.option('message').value.set(uri)
+            subconfig = config.option(uri)
+            for key, value in kwargs.items():
+                try:
+                    await subconfig.option(key).value.set(value)
+                except AttributeError:
+                    if get_config()['global']['debug']:
+                        print_exc()
+                    raise ValueError(_(f'unknown parameter in "{uri}": "{key}"'))
+                except ValueOptionError as err:
+                    raise ValueError(_(f'invalid parameter in "{uri}": {err}'))
+            await dispatcher.check_role(subconfig,
+                                        username,
+                                        uri,
+                                        )
+
     async def on_join(self,
                       risotto_context,
                       ):

src/risotto/dispatcher.py

@@ -342,14 +342,15 @@ class Dispatcher(register.RegisterDispatcher,
     async def check_role(self,
                          config: Config,
                          user_login: str,
-                         uri: str) -> None:
+                         uri: str,
+                         ) -> None:
         async with self.pool.acquire() as connection:
             async with connection.transaction():
                 # Verify if user exists and get ID
                 sql = '''
                 SELECT UserId
                 FROM UserUser
-                WHERE UserLogin = $1
+                WHERE Login = $1
                 '''
                 user_id = await connection.fetchval(sql,
                                                     user_login)
@@ -407,7 +408,7 @@ class Dispatcher(register.RegisterDispatcher,
                     kw[key] = value
 
         kw['risotto_context'] = risotto_context
-        returns = await function(self.injected_self[function_obj['module']], **kw)
+        returns = await function(self.get_service(function_obj['module']), **kw)
         if risotto_context.type == 'rpc':
             # valid returns
             await self.valid_call_returns(risotto_context,

src/risotto/http.py

@@ -29,7 +29,8 @@ def create_context(request):
 
 
 def register(version: str,
-             path: str):
+             path: str,
+             ):
     """ Decorator to register function to the http route
     """
     def decorator(function):
@@ -41,7 +42,9 @@ def register(version: str,
 
 
 class extra_route_handler:
-    async def __new__(cls, request):
+    async def __new__(cls,
+                      request,
+                      ):
         kwargs = dict(request.match_info)
         kwargs['request'] = request
         kwargs['risotto_context'] = create_context(request)
@@ -96,11 +99,13 @@ async def handle(request):
             print_exc()
         raise HTTPInternalServerError(reason=str(err))
     return Response(text=dumps({'response': text}),
-                    content_type='application/json')
+                    content_type='application/json',
+                    )
 
 
 async def api(request,
-              risotto_context):
+              risotto_context,
+              ):
     global TIRAMISU
     if not TIRAMISU:
         # check all URI that have an associated role
@@ -152,7 +157,8 @@ async def get_app(loop):
     for version in versions:
         api_route = {'function': api,
                      'version': version,
-                     'path': f'/api/{version}'}
+                     'path': f'/api/{version}',
+                     }
         extra_handler = type(api_route['path'], (extra_route_handler,), api_route)
         routes.append(get(api_route['path'], extra_handler))
         print(f'  - {api_route["path"]} (http_get)')
@@ -174,7 +180,10 @@ async def get_app(loop):
     await dispatcher.register_remote()
     print()
     await dispatcher.on_join()
-    return await loop.create_server(app.make_handler(), '*', get_config()['http_server']['port'])
+    return await loop.create_server(app.make_handler(),
+                                    '*',
+                                    get_config()['http_server']['port'],
+                                    )
 
 
 TIRAMISU = None

src/risotto/register.py

@@ -23,7 +23,7 @@ class Services():
 
     def load_services(self):
         for entry_point in iter_entry_points(group='risotto_services'):
-            self.services.setdefault(entry_point.name, [])
+            self.services.setdefault(entry_point.name, {})
         self.services_loaded = True
 
     def load_modules(self,
@@ -32,21 +32,20 @@ class Services():
         for entry_point in iter_entry_points(group='risotto_modules'):
             service_name, module_name = entry_point.name.split('.')
             if limit_services is None or service_name in limit_services:
-                setattr(self, module_name, entry_point.load())
-                self.services[service_name].append(module_name)
+                self.services[service_name][module_name] = entry_point.load()
         self.modules_loaded = True
-
-    def get_services(self):
-        if not self.services_loaded:
-            self.load_services()
-        return [(s, getattr(self, s)) for s in self.services]
+#
+#    def get_services(self):
+#        if not self.services_loaded:
+#            self.load_services()
+#        return [(service, getattr(self, service)) for service in self.services]
 
     def get_modules(self,
                     limit_services: Optional[List[str]]=None,
                     ) -> List[str]:
         if not self.modules_loaded:
             self.load_modules(limit_services=limit_services)
-        return [(module + '.' + submodule, getattr(self, submodule)) for module, submodules in self.services.items() for submodule in submodules]
+        return [(module + '.' + submodule, entry_point) for module, submodules in self.services.items() for submodule, entry_point in submodules.items()]
 
     def get_services_list(self):
         return self.services.keys()

tests/test_config.py

@@ -392,7 +392,6 @@ async def test_server_created_base():
                              release_distribution='last',
                              site_name='site_1',
                              zones_name=['zones'],
-                             zones_ip=['1.1.1.1'],
                              )
     assert list(config_module.server) == [server_name]
     assert set(config_module.server[server_name]) == {'server', 'server_to_deploy', 'funcs_file'}
@@ -420,7 +419,6 @@ async def test_server_created_own_sm():
                              release_distribution='last',
                              site_name='site_1',
                              zones_name=['zones'],
-                             zones_ip=['1.1.1.1'],
                              )
     assert list(config_module.server) == [server_name]
     assert set(config_module.server[server_name]) == {'server', 'server_to_deploy', 'funcs_file'}
@@ -469,7 +467,6 @@ async def test_server_configuration_get():
                              release_distribution='last',
                              site_name='site_1',
                              zones_name=['zones'],
-                             zones_ip=['1.1.1.1'],
                              )
     #
     await config_module.server[server_name]['server'].property.read_write()
@@ -515,7 +512,6 @@ async def test_server_configuration_deployed():
                              release_distribution='last',
                              site_name='site_1',
                              zones_name=['zones'],
-                             zones_ip=['1.1.1.1'],
                              )
     #
     await config_module.server[server_name]['server'].property.read_write()