Skip to content
Snippets Groups Projects
Commit 59ce4518 authored by Pavel Kácha's avatar Pavel Kácha
Browse files

Diversified HTTP codes, more unified error messages, completed authentication.

parent 8e3eaed6
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
warden3/warden_server/warden_server.py
+ 20
9
View file @ 59ce4518
...@@ -200,9 +200,12 @@ class X509Authenticator(NoAuthenticator): ...@@ -200,9 +200,12 @@ class X509Authenticator(NoAuthenticator):
return None return None
return client return client
if method in ['getInfo', 'getEvents']:
return client
try: try:
identity = event['Node'][0]['Name'].lower() identity = event['Node'][0]['Name'].lower()
except KeyError: except (KeyError, TypeError):
# Event does not bear valid Node attribute # Event does not bear valid Node attribute
logging.info("Auth failed: event does not bear valid Node attribute") logging.info("Auth failed: event does not bear valid Node attribute")
return None return None
...@@ -365,13 +368,13 @@ class MySQL(Object): ...@@ -365,13 +368,13 @@ class MySQL(Object):
logging.debug("fetch_events: id=%i, count=%i, cat=%s, nocat=%s, tag=%s, notag=%s, group=%s, nogroup=%s" % (id, count, str(cat), str(nocat), str(tag), str(notag), str(group), str(nogroup))) logging.debug("fetch_events: id=%i, count=%i, cat=%s, nocat=%s, tag=%s, notag=%s, group=%s, nogroup=%s" % (id, count, str(cat), str(nocat), str(tag), str(notag), str(group), str(nogroup)))
if cat and nocat: if cat and nocat:
raise Error("Unrealizable conditions. Choose cat or nocat option.", 500, method='getEvents', raise Error("Unrealizable conditions. Choose cat or nocat option.", 422, method='getEvents',
exc=sys.exc_info(), detail={'cat': cat, 'nocat' : nocat}) exc=sys.exc_info(), detail={'cat': cat, 'nocat' : nocat})
if tag and notag: if tag and notag:
raise Error("Unrealizable conditions. Choose tag or notag option.", 500, method='getEvents', raise Error("Unrealizable conditions. Choose tag or notag option.", 422, method='getEvents',
exc=sys.exc_info(), detail={'tag': cat, 'notag' : nocat}) exc=sys.exc_info(), detail={'tag': cat, 'notag' : nocat})
if group and nogroup: if group and nogroup:
raise Error("Unrealizable conditions. Choose group or nogroup option.", 500, method='getEvents', raise Error("Unrealizable conditions. Choose group or nogroup option.", 422, method='getEvents',
exc=sys.exc_info(), detail={'tag': cat, 'notag' : nocat}) exc=sys.exc_info(), detail={'tag': cat, 'notag' : nocat})
sqlwhere = [] sqlwhere = []
...@@ -604,7 +607,7 @@ class Server(Object): ...@@ -604,7 +607,7 @@ class Server(Object):
try: try:
injson = environ['wsgi.input'].read() injson = environ['wsgi.input'].read()
except: except:
raise Error("Data read error", 400, method=path, exc=sys.exc_info()) raise Error("Data read error", 408, method=path, exc=sys.exc_info())
try: try:
method = getattr(self.handler, path) method = getattr(self.handler, path)
...@@ -614,7 +617,7 @@ class Server(Object): ...@@ -614,7 +617,7 @@ class Server(Object):
client = self.auth.authenticate(environ) client = self.auth.authenticate(environ)
if not client: if not client:
raise Error("I'm watching YOU. (Authenticate)", 403, method=path) raise Error("I'm watching. Authenticate.", 403, method=path)
try: try:
events = json.loads(injson) if injson else None events = json.loads(injson) if injson else None
...@@ -694,7 +697,7 @@ class WardenHandler(Object): ...@@ -694,7 +697,7 @@ class WardenHandler(Object):
def getDebug(self, _env, _client): def getDebug(self, _env, _client):
auth = self.auth.authorize(_env, _client, 'getDebug', None, None) auth = self.auth.authorize(_env, _client, 'getDebug', None, None)
if not auth: if not auth:
raise Error("I'm watching YOU. (Authorization)", 403, method='getDebug', detail={"client": _client}) raise Error("I'm watching. Authorize.", 403, method='getDebug', detail={"client": _client})
return { return {
"environment": _env, "environment": _env,
...@@ -704,6 +707,10 @@ class WardenHandler(Object): ...@@ -704,6 +707,10 @@ class WardenHandler(Object):
@expose @expose
def getInfo(self, _env, _client): def getInfo(self, _env, _client):
auth = self.auth.authorize(_env, _client, 'getInfo', None, None)
if not auth:
raise Error("I'm watching. Authorize.", 403, method='getDebug', detail={"client": _client})
info = { info = {
"version": VERSION, "version": VERSION,
"send_events_limit": self.send_events_limit, "send_events_limit": self.send_events_limit,
...@@ -720,6 +727,10 @@ class WardenHandler(Object): ...@@ -720,6 +727,10 @@ class WardenHandler(Object):
tag=None, notag=None, tag=None, notag=None,
group=None, nogroup=None): group=None, nogroup=None):
auth = self.auth.authorize(_env, _client, 'getEvents', None, None)
if not auth:
raise Error("I'm watching. Authorize.", 403, method='getDebug', detail={"client": _client})
try: try:
id = int(id[0]) id = int(id[0])
except (ValueError, TypeError, IndexError): except (ValueError, TypeError, IndexError):
...@@ -760,10 +771,10 @@ class WardenHandler(Object): ...@@ -760,10 +771,10 @@ class WardenHandler(Object):
@expose @expose
def sendEvents(self, _env, _client, events=[]): def sendEvents(self, _env, _client, events=[]):
if not isinstance(events, list): if not isinstance(events, list):
raise Error("List of events expected", 400, method="sendEvents") raise Error("List of events expected.", 400, method="sendEvents")
if len(events)>self.send_events_limit: if len(events)>self.send_events_limit:
raise Error("Too much events in one batch", 400, method="sendEvents", raise Error("Too much events in one batch.", 413, method="sendEvents",
detail={"limit": self.send_events_limit}) detail={"limit": self.send_events_limit})
saved = 0 saved = 0
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment