import logging import os from flask import Blueprint, request from flask import redirect, url_for from app import auth from flask import jsonify from hsapi_client import Node, User, Route, PreAuthKey from hsapi_client.preauthkeys import (v1CreatePreAuthKeyRequest, v1ExpirePreAuthKeyRequest) from app.lib import remote_ip log = logging.getLogger() # REST calls rest_blueprint = Blueprint( 'rest', __name__, url_prefix=os.getenv('APPLICATION_ROOT', '/')) @rest_blueprint.route('/routeToggle/', methods=['GET']) @auth.authorize_admins('default') def routeToggle(routeId: int): route = Route().get(routeId) if route: if route.enabled: action = 'disabled' else: action = 'enabled' log.info( f"route '{route.prefix}' via '{route.node.givenName}' " f"{action} by '{auth.username}@{remote_ip()}'") Route().toggle(routeId) return redirect(request.referrer) @rest_blueprint.route('/node//expire', methods=['GET']) @auth.access_control('default') def expireNode(nodeId: int): """ This expires a node from the node page. The difference from above is that it returns to the /node/nodeId page """ node = Node().get(nodeId) if not auth.userOrAdmin(node.user.name): return auth.unathorized Node().expire(nodeId) log.info(f"node '{nodeId}' expired by '{auth.username}@{remote_ip()}'") return redirect(request.referrer) @rest_blueprint.route('/node//delete', methods=['GET']) @auth.access_control('default') def deleteNode(nodeId: int): node = Node().get(nodeId) if not auth.userOrAdmin(node.user.name): return auth.unathorized Node().expire(nodeId) Node().delete(nodeId) log.info(f"node '{nodeId}' deleted by '{auth.username}@{remote_ip()}'") return redirect(request.referrer) @rest_blueprint.route('/node//rename/', methods=['GET']) @auth.access_control('default') def renameNode(nodeId: int, newName: str): node = Node().get(nodeId) if not auth.userOrAdmin(node.user.name): return auth.unathorized Node().rename(nodeId, newName) return jsonify(dict(newName=newName)) @rest_blueprint.route('/user//delete', methods=['GET']) @auth.authorize_admins('default') def deleteUser(userName: str): nodes = Node().byUser(userName) for node in nodes.nodes: Node().expire(node.id) Node().delete(node.id) User().delete(userName) return redirect(url_for("main.users")) @rest_blueprint.route('/user//pakcreate', methods=['POST']) @auth.authorize_admins('default') def createPKA(userName: str): data = request.json expiration = f"{data['expiration']}:00Z" req = v1CreatePreAuthKeyRequest(user=userName, reusable=data['reusable'], ephemeral=data['ephemeral'], expiration=expiration) pak = PreAuthKey().create((req)) return jsonify(dict(key=pak.preAuthKey.key)) @rest_blueprint.route('/user//expire/', methods=['GET']) @auth.authorize_admins('default') def expirePKA(userName: str, key: str): req = v1ExpirePreAuthKeyRequest(user=userName, key=key) PreAuthKey().expire(req) return redirect(url_for('main.user', userName=userName)) @rest_blueprint.route('/backfillips', methods=['POST']) @auth.authorize_admins('default') def backfillips(): response = Node().backfillips() return jsonify(response.changes)