Commit 8dacca2d authored by Lukas Burgey's avatar Lukas Burgey

First REST prototype

The problem is that we don't have deployment 'per service'
parent c307f65b
...@@ -2,76 +2,100 @@ ...@@ -2,76 +2,100 @@
import logging import logging
from django.contrib.auth import authenticate from django.contrib.auth import authenticate
from django.shortcuts import get_object_or_404
from rest_framework import status from rest_framework import status
from rest_framework import views from rest_framework import views
from rest_framework.permissions import AllowAny from rest_framework.permissions import AllowAny
from rest_framework.response import Response from rest_framework.response import Response
from .. import models
from ..models import serializers from ..models import serializers
LOGGER = logging.getLogger(__name__) LOGGER = logging.getLogger(__name__)
example_input = { EXAMPLE_INPUT = {
'at': '<OpenID Connect Access Token>', 'at': '<OpenID Connect Access Token>',
'iss': '<Issuer URI>', 'iss': '<Issuer URI>',
'key': '<SSH public key>', 'key_name': '<SSH public key name>',
'key_value': '<Value for a new SSH key (if the key "key_name" does not yet exist)>',
's': '<service identifier>', 's': '<service identifier>',
} }
def _error_response(error):
def _error_response(request, error):
return Response( return Response(
{ {
'error': error, 'error': error,
'example_input': example_input 'example_input': EXAMPLE_INPUT,
'request.data': request.data
}, },
status=status.HTTP_400_BAD_REQUEST, status=status.HTTP_400_BAD_REQUEST,
) )
class ProvisioningView(views.APIView): class ProvisioningView(views.APIView):
permission_classes = (AllowAny,) permission_classes = (AllowAny,)
@staticmethod
def access_token_valid(access_token):
return False
@staticmethod
def service_exists(service_id):
return False
def post(self, request): def post(self, request):
LOGGER.debug("Got user REST request: %s", request)
if 'at' not in request.data: if 'at' not in request.data:
return _error_response("Need access token field 'at'") return _error_response(request, "Need access token field 'at'")
if 'iss' not in request.data: if 'iss' not in request.data:
return _error_response("Need issuer uri field 'iss'") return _error_response(request, "Need issuer uri field 'iss'")
if 'key' not in request.data:
return _error_response("Need ssh key field 'key'")
if 's' not in request.data:
return _error_response("Need service identifier field 's'")
access_token = request.data['at']
issuer_uri = request.data['iss']
key = request.data['key']
service_id = request.data['s']
user = authenticate( user = authenticate(
request, request,
token=access_token, token=request.data['at'],
issuer_uri=issuer_uri, issuer_uri=request.data['iss'],
) )
if user is None:
return _error_response(request, "Unable to authenticate user")
if user is None: if user is None:
return _error_response("Unable to authenticate user") return _error_response("Unable to authenticate user")
LOGGER.debug("USER-RESTAPI: authenticated user %s using access token", user) LOGGER.debug("USER-RESTAPI: authenticated user %s using access token", user)
if 'key_name' not in request.data:
return _error_response(request, "Need ssh key field 'key_name'")
ssh_key = None
if not self.service_exists(service_id): try:
return _error_response("Invalid service id: Does not exist") ssh_key = user.ssh_keys.get(
name=request.data['key_name']
)
return Response({ except models.SSHPublicKey.DoesNotExist:
'foo': 'bar', if 'key_value' not in request.data:
}) return _error_response(request, "Need ssh key field 'key_value'")
ssh_key = models.SSHPublicKey(
name=request.data['key_name'],
key=request.data['key_value'],
user=user,
)
ssh_key.save()
if 's' not in request.data:
return _error_response(request, "Need service identifier field 's'")
try:
service = user.services.get(
name=request.data['s'],
)
# the problem is that without VO name the state items may be ambiguous
state_items = user.state_items.filter(service=service)
return Response({
'state_items': serializers.DeploymentStateSerializer(state_items, many=True).data,
'service': serializers.ServiceSerializer(service).data,
'ssh_key': serializers.SSHPublicKeySerializer(ssh_key).data,
})
except models.Service.DoesNotExist:
return _error_response(
request,
"Service '%s' does not exist / you are not authorised to use it".format(request.data['s']),
)
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment