115 lines
3.5 KiB
Python
115 lines
3.5 KiB
Python
import logging
|
|
import os
|
|
from flask import Blueprint, request
|
|
from flask import redirect, url_for
|
|
from app import auth
|
|
|
|
from flask import jsonify
|
|
|
|
from hsapi_client import Node, User, Route, PreAuthKey
|
|
from hsapi_client.preauthkeys import (v1CreatePreAuthKeyRequest,
|
|
v1ExpirePreAuthKeyRequest)
|
|
from hsapi_client.nodes import v1BackfillNodeIPsResponse
|
|
|
|
|
|
log = logging.getLogger()
|
|
|
|
# REST calls
|
|
rest_blueprint = Blueprint(
|
|
'rest', __name__, url_prefix=os.getenv('APPLICATION_ROOT', '/'))
|
|
|
|
|
|
@rest_blueprint.route('/routeToggle/<int:routeId>', methods=['GET'])
|
|
@auth.authorize_admins('default')
|
|
def routeToggle(routeId: int):
|
|
route = Route().get(routeId)
|
|
if route:
|
|
if route.enabled:
|
|
action = 'disabled'
|
|
else:
|
|
action = 'enabled'
|
|
log.info(
|
|
f"route '{route.prefix}' via '{route.node.givenName}' "
|
|
f"{action} by '{auth.username}'")
|
|
Route().toggle(routeId)
|
|
return redirect(request.referrer)
|
|
|
|
|
|
@rest_blueprint.route('/node/<int:nodeId>/expire', methods=['GET'])
|
|
@auth.access_control('default')
|
|
def expireNode(nodeId: int):
|
|
"""
|
|
This expires a node from the node page.
|
|
The difference from above is that it returns to the /node/nodeId page
|
|
"""
|
|
node = Node().get(nodeId)
|
|
if not auth.userOrAdmin(node.user.name):
|
|
return auth.unathorized
|
|
Node().expire(nodeId)
|
|
log.info(f"node '{nodeId}' expired by '{auth.username}'")
|
|
return redirect(request.referrer)
|
|
|
|
|
|
@rest_blueprint.route('/node/<int:nodeId>/delete', methods=['GET'])
|
|
@auth.access_control('default')
|
|
def deleteNode(nodeId: int):
|
|
node = Node().get(nodeId)
|
|
if not auth.userOrAdmin(node.user.name):
|
|
return auth.unathorized
|
|
Node().expire(nodeId)
|
|
Node().delete(nodeId)
|
|
log.info(f"node '{nodeId}' deleted by '{auth.username}'")
|
|
return redirect(request.referrer)
|
|
|
|
|
|
@rest_blueprint.route('/node/<int:nodeId>/rename/<newName>', methods=['GET'])
|
|
@auth.access_control('default')
|
|
def renameNode(nodeId: int, newName: str):
|
|
node = Node().get(nodeId)
|
|
if not auth.userOrAdmin(node.user.name):
|
|
return auth.unathorized
|
|
Node().rename(nodeId, newName)
|
|
return jsonify(dict(newName=newName))
|
|
|
|
|
|
@rest_blueprint.route('/user/<userName>/delete', methods=['GET'])
|
|
@auth.authorize_admins('default')
|
|
def deleteUser(userName: str):
|
|
nodes = Node().byUser(userName)
|
|
for node in nodes.nodes:
|
|
Node().expire(node.id)
|
|
Node().delete(node.id)
|
|
User().delete(userName)
|
|
return redirect(url_for("main.users"))
|
|
|
|
|
|
@rest_blueprint.route('/user/<userName>/pakcreate', methods=['POST'])
|
|
@auth.authorize_admins('default')
|
|
def createPKA(userName: str):
|
|
data = request.json
|
|
log.debug(data)
|
|
expiration = f"{data['expiration']}:00Z"
|
|
req = v1CreatePreAuthKeyRequest(user=userName,
|
|
reusable=data['reusable'],
|
|
ephemeral=data['ephemeral'],
|
|
expiration=expiration)
|
|
pak = PreAuthKey().create((req))
|
|
return jsonify(dict(key=pak.preAuthKey.key))
|
|
|
|
|
|
@rest_blueprint.route('/user/<userName>/expire/<key>', methods=['GET'])
|
|
@auth.authorize_admins('default')
|
|
def expirePKA(userName: str, key: str):
|
|
log.debug(key)
|
|
req = v1ExpirePreAuthKeyRequest(user=userName, key=key)
|
|
|
|
PreAuthKey().expire(req)
|
|
return redirect(url_for('main.user', userName=userName))
|
|
|
|
|
|
@rest_blueprint.route('/backfillips', methods=['POST'])
|
|
@auth.authorize_admins('default')
|
|
def backfillips():
|
|
response = Node().backfillips()
|
|
return jsonify(response.changes)
|