Commit 036b2b6c authored by Lukas Burgey's avatar Lukas Burgey

Change the RabbitMQ exchanges

parent ecb9dd85
......@@ -83,7 +83,7 @@ def _webpage_client_valid(request):
def user_endpoint(request):
if _webpage_client_valid(request):
LOGGER.info('Authenticated webpage client')
# LOGGER.info('Authenticated webpage client')
return ALLOW
user = authenticate(
......@@ -91,7 +91,7 @@ def user_endpoint(request):
password=request.POST.get('password'),
)
if user is not None:
LOGGER.info('Authenticated client as %s', user)
#LOGGER.info('Authenticated client as %s', user)
return ALLOW
......@@ -112,7 +112,7 @@ def _resource_authorized_webpage_client(request):
permission = request.POST.get('permission', [])
return (
resource == 'exchange'
and name == 'update'
and name == 'users'
and not 'write' in permission
) or (
resource == 'queue'
......@@ -148,7 +148,7 @@ def resource_endpoint(request):
):
if CLIENT_DEBUGGING:
LOGGER.debug(
'Granted %s access to resource %s %s to client',
'[auth:resource_endpoint] Granted %s access to resource %s %s to client',
permission,
resource,
name,
......@@ -161,7 +161,7 @@ def resource_endpoint(request):
):
if CLIENT_DEBUGGING:
LOGGER.debug(
'Granted %s access to resource %s %s to client',
'[auth:resource_endpoint] Granted %s access to resource %s %s to client',
permission,
resource,
name,
......@@ -169,9 +169,10 @@ def resource_endpoint(request):
return ALLOW
LOGGER.error(
'Authorization check of resource %s %s for client failed',
'[auth:resource_endpoint] check of %s %s (%s) for client failed',
resource,
name,
permission,
)
return DENY
......@@ -192,7 +193,7 @@ def topic_endpoint(request):
):
if CLIENT_DEBUGGING:
LOGGER.debug(
'Granted %s access to %s %s to client',
'[auth:topic_endpoint] Granted %s access to %s %s to client',
permission,
resource,
routing_key,
......@@ -200,16 +201,17 @@ def topic_endpoint(request):
return ALLOW
LOGGER.error(
'Authorization check of resource %s %s for client failed',
'[auth:topic_endpoint] Authorization check for resource %s %s %s for client failed',
resource,
name,
routing_key,
)
return DENY
user = _apiclient_get(request)
if user:
routing_key = request.POST.get('routing_key', '')
if name == 'deployments':
if name == 'services':
if routing_key.startswith('service.'):
match = re.search('service.(.+)', routing_key)
if match:
......@@ -220,7 +222,10 @@ def topic_endpoint(request):
if routing_key == user.site.name:
return ALLOW
else:
LOGGER.error("Client of site %s tried to access site %s", user.site, routing_key)
LOGGER.error('[auth:topic_endpoint] Client of site %s tried to access site %s', user.site, routing_key)
elif name == 'groups':
# TODO do some sensible filtering here!
return ALLOW
LOGGER.error('Authorization check for topic failed for %s', request.POST)
LOGGER.error('[auth:topic_endpoint] Authorization check for topic failed for %s', request.POST)
return DENY
......@@ -114,7 +114,13 @@ class RabbitMQInstance(SingletonModel):
def _init_exchanges(self, channel):
channel.exchange_declare(
exchange='deployments',
exchange='services',
durable=True,
auto_delete=False,
exchange_type='topic',
)
channel.exchange_declare(
exchange='groups',
durable=True,
auto_delete=False,
exchange_type='topic',
......@@ -126,7 +132,7 @@ class RabbitMQInstance(SingletonModel):
exchange_type='topic',
)
channel.exchange_declare(
exchange='update',
exchange='users',
durable=True,
auto_delete=False,
exchange_type='topic',
......@@ -186,8 +192,8 @@ class RabbitMQInstance(SingletonModel):
# PUBLIC API
def publish_by_service(self, service, msg):
self._publish(
'deployments',
service.routing_key,
'services',
service.name,
msg,
)
......@@ -207,9 +213,9 @@ class RabbitMQInstance(SingletonModel):
def publish_to_user(self, user, msg):
self._publish(
'update',
'users',
str(user.id),
json.dumps(msg),
msg,
)
......@@ -498,10 +504,6 @@ class Service(models.Model):
blank=True,
)
@property
def routing_key(self):
return 'service.{}'.format(self.name)
def __str__(self):
return self.name
......@@ -834,34 +836,33 @@ class DeploymentState(models.Model):
# each state item publishes its state to the user
def publish_to_client(self):
# mitigating circular dependencies here
from .clientapi.serializers import DeploymentStateSerializer
msg = json.dumps(DeploymentStateSerializer(self).data)
if self.service is not None:
# mitigating circular dependencies here
from .clientapi.serializers import DeploymentStateSerializer
msg = json.dumps(DeploymentStateSerializer(self).data)
if self.service is not None:
RabbitMQInstance.load().publish_by_service(
self.service,
msg,
)
elif self.group is not None:
RabbitMQInstance.load().publish_by_group(
self.group,
msg,
)
else:
LOGGER.error("Deployment as neither a group or a service")
RabbitMQInstance.load().publish_by_service(
self.service,
msg,
)
elif self.group is not None:
RabbitMQInstance.load().publish_by_group(
self.group,
msg,
)
else:
LOGGER.error("Deployment as neither a group or a service")
# update the state of the remote webpage
def publish_to_user(self):
if self.user is not None:
from .frontend.views import user_state
content = {
msg = json.dumps({
'user_state': user_state(self.user),
}
})
RabbitMQInstance.load().publish_to_user(
self.user,
content,
msg,
)
def msg(self, msg):
......@@ -931,7 +932,10 @@ class DeploymentStateItem(models.Model):
LOGGER.info(self.msg('ignoring invalid state transition user_deploy'))
return
self._set_state('deployment_pending')
self._set_state(
'deployment_pending',
publish=False, # the post response already contains the update
)
# user: removal requested
def user_remove(self):
......@@ -946,12 +950,15 @@ class DeploymentStateItem(models.Model):
LOGGER.info(self.msg('ignoring invalid state transition user_remove'))
return
self._set_state('removal_pending')
self._set_state(
'removal_pending',
publish=False, # the post response already contains the update
)
# user: questionnaire answered
def user_answers(self, answers=None):
self.questionnaire = answers
self._set_state('deployment_pending')
self._set_state('deployment_pending', publish=False)
self.parent.publish_to_client()
# returns None on success, or a string describing an error
......@@ -984,7 +991,7 @@ class DeploymentStateItem(models.Model):
def msg(self, msg):
return '[DSItem:{}] {}'.format(self, msg)
def _set_state(self, state):
def _set_state(self, state, publish=True):
if self.state == 'rejected':
LOGGER.info('refusing to change state of rejected state_item')
self.save()
......@@ -993,7 +1000,8 @@ class DeploymentStateItem(models.Model):
self.state = state
self.save()
LOGGER.debug(self.msg('state: '+self.state))
self.parent.publish_to_user()
if publish:
self.parent.publish_to_user()
def __str__(self):
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment