Add rabbitmq user creation for clients

87dcad26 · Lukas Burgey · 946da517 · 87dcad26
Commit 87dcad26 authored Dec 07, 2017 by Lukas Burgey
--- a/django_backend/backend/models.py
+++ b/django_backend/backend/models.py
@@ -6,6 +6,9 @@ from rest_framework.authtoken.models import Token
 from django.db.models.signals import post_save
 from datetime import datetime

+import requests
+from requests.auth import HTTPBasicAuth
+

 class User(AbstractUser):
    TYPE_CHOICES = (
@@ -24,9 +27,8 @@ class User(AbstractUser):

 @receiver(post_save, sender=settings.AUTH_USER_MODEL)
 def create_auth_token(sender, instance=None, created=False, **kwargs):
-    if created:
-        if instance.user_type == 'apiclient':
-            Token.objects.create(user=instance)
+    if instance.user_type == 'apiclient' and created:
+        Token.objects.create(user=instance)


 def construct_user(user_info):
@@ -44,8 +46,7 @@ class Site(models.Model):
    client = models.OneToOneField(
            User,
            related_name='site',
-            blank=True,
-            null=True)
+            )
    name = models.CharField(max_length=150, unique=True)
    description = models.TextField(max_length=300, blank=True)
    last_fetch = models.DateTimeField(default=datetime.utcfromtimestamp(0))
@@ -73,6 +74,79 @@ class Site(models.Model):
        return services


+@receiver(post_save, sender=Site)
+def register_client_at_rabbitmq(sender, instance=None, created=False,
+                                **kwargs):
+    if not created:
+        return
+
+    print('registerring client {}'.format(instance.client.username))
+
+    # %2f: url encoded '/' as this is the vhost we use
+    api = 'http://localhost:15672/api'
+    username = instance.client.username
+    vhost = '%2f'
+    exchange = 'deployments'
+    # guest only works on the localhost
+    auth = HTTPBasicAuth('guest', 'guest')
+
+    # create user
+    user_creation_uri = '{}/users/{}/'.format(
+            api,
+            username
+            )
+    user_creation_data = {
+            'password': str(instance.client.auth_token.key),
+            'tags': '',
+            }
+    r = requests.put(user_creation_uri, json=user_creation_data, auth=auth)
+    print('status_code {} {}'.format(r.status_code, r.text))
+
+    # set permissions for the user
+    set_permission_uri = '{}/permissions/{}/{}/'.format(
+            api,
+            vhost,
+            username,
+            )
+    permission = '^(amq\.gen.*|{})'.format(exchange)
+    set_permission_data = {
+            'configure': permission,
+            'write': permission,
+            'read': permission,
+            }
+
+    set_topic_permission_uri = '{}/topic-permissions/{}/{}/'.format(
+            api,
+            vhost,
+            username,
+            )
+    r = requests.put(set_permission_uri, json=set_permission_data, auth=auth)
+    print('status_code {} {}'.format(r.status_code, r.text))
+
+    # set permissions for the correct topics
+    # we construct a regex to match the services of the site
+    services = ''
+    omitBar = True
+    for service in instance.services.all():
+        prefix = '|'
+        if omitBar:
+            prefix = ''
+            omitBar = False
+
+        services = services + prefix + service.name
+
+    set_topic_permission_data = {
+            'exchange': exchange,
+            'write': '^$',
+            'read': '^service\.({})$'.format(services),
+            }
+
+    r = requests.put(
+            set_topic_permission_uri,
+            json=set_topic_permission_data, auth=auth)
+    print('status_code {} {}'.format(r.status_code, r.text))
+
+
 class Service(models.Model):
    name = models.CharField(max_length=150, unique=True)
    description = models.TextField(max_length=300, blank=True)