Added logging ingo and examples on top of file

[flowspy] / rapi / api.py

from tastypie.resources import ModelResource
from flowspy.flowspec.models import *
from tastypie import fields
from django.contrib.auth.models import User
from flowspy.accounts.models import *
from tastypie.authentication import BasicAuthentication
from tastypie.authorization import Authorization
from flowspy.djangobackends.restauthBackend import restauthBackend
from django.template.loader import render_to_string
from django import forms
from flowspy.flowspec.forms import *
from ipaddr import *
from flowspy.flowspec.views import send_new_mail as new_mail
from flowspy.flowspec.views import get_peer_techc_mails as get_peer_techcs_contact
from django.conf import settings
from django.core.exceptions import ObjectDoesNotExist
from tastypie.exceptions import *
from tastypie import http
import logging
import datetime
from django.shortcuts import get_object_or_404
from copy import deepcopy
import os

LOG_FILENAME = os.path.join(settings.LOG_FILE_LOCATION, 'celery_jobs.log')
#FORMAT = '%(asctime)s %(levelname)s: %(message)s'
#logging.basicConfig(format=FORMAT)
formatter = logging.Formatter('%(asctime)s %(levelname)s %(clientip)s %(user)s: %(message)s')

logger = logging.getLogger(__name__)
logger.setLevel(logging.DEBUG)
handler = logging.FileHandler(LOG_FILENAME)
handler.setFormatter(formatter)
logger.addHandler(handler)


'''Usage example:
GET all: curl --user username:APIKEY  --dump-header - -H "Content-Type: application/json" -X GET https://example.com/fod/api/v1/rule/?format=json
GET rule_by_pk: curl --user username:APIKEY  --dump-header - -H "Content-Type: application/json" -X GET https://example.com/fod/api/v1/rule/{rule_pk}?format=json
UPDATE RULE (PUT) : curl --user username:APIKEY  --dump-header - -H "Content-Type: application/json" -X PUT --data '{"comments": "", "destination": "", "destinationport": [{"port": "9090"}], "expires": "2012-02-21", "id": "11", "port": [], "source": "5.6.7.8/32", "sourceport": [{"port": "9090"}], "status": "ACTIVE", "then": [{"action": "discard", "action_value": ""}]}' https://example.com/fod/api/v1/rule/11/?format=json
DELETE RULE: curl --user username:APIKEY  --dump-header - -H "Content-Type: application/json" -X DELETE https://example.com/fod/api/v1/rule/11/?format=json
CREATE RULE (POST): curl --user username:APIKEY  --dump-header - -H "Content-Type: application/json" -X POST --data '{"name":"", "comments": "", "destination": "", "destinationport": [{"port": "9090"}], "expires": "2012-02-21", "port": [], "source": "5.6.7.8/32", "sourceport": [{"port": "9090"}], "status": "ACTIVE", "then": [{"action": "discard", "action_value": ""}]}' https://example.com/fod/api/v1/rule/?format=json 
'''
class SourcePortRes(ModelResource):
    class Meta:
        queryset = MatchPort.objects.all()
        resource_name = 'sourceport'
        fields = ['port']
        allowed_methods = ['get']

class DestPortRes(ModelResource):
    class Meta:
        queryset = MatchPort.objects.all()
        resource_name = 'destinationport'
        fields = ['port']
        allowed_methods = ['get']
        
class PortRes(ModelResource):
    class Meta:
        queryset = MatchPort.objects.all()
        resource_name = 'port'
        fields = ['port']
        allowed_methods = ['get']        

class ThenResource(ModelResource):
    class Meta:
        queryset = ThenAction.objects.all()
        resource_name = 'then'
        allowed_methods = ['get']
        fields = ['action', 'action_value']

class RuleResource(ModelResource):
    name = fields.CharField(attribute='name', help_text="A slug field (no spaces)")
    sourceport = fields.ManyToManyField(SourcePortRes, 'sourceport', full=True, null=True)
    destinationport = fields.ManyToManyField(DestPortRes, 'destinationport', full=True, null=True)
    then = fields.ManyToManyField(ThenResource, 'then', full=True, null=True)
    port = fields.ManyToManyField(PortRes, 'port', full=True, null=True)
       
    def get_object_list(self, request):
        logger.info('Got REST GET list request %s' %request)
        group_routes = []
        user = request.user
        peer = user.get_profile().peer
        if peer:
            peer_members = UserProfile.objects.filter(peer=peer)
            users = [prof.user for prof in peer_members]
        return super(RuleResource, self).get_object_list(request).filter(applier__in=users)
    
    def obj_create(self, bundle, request=None, **kwargs):
        logger.info('Got REST POST request %s' %kwargs)
        then_list = []
        sourceport_list = []
        destport_list = []
        port_list = []
        bundle.obj = self._meta.object_class()

        for key, value in kwargs.items():
            setattr(bundle.obj, key, value)

        bundle = self.full_hydrate(bundle)
        m2m_bundle = self.hydrate_m2m(bundle)
        
        then_action_dict = m2m_bundle.data['then'][0].obj.__dict__
        then_action_pk = ThenAction.objects.get(action=then_action_dict['action'], action_value=then_action_dict['action_value']).pk
        then_list.append(then_action_pk)
        try:
            sourceport_dict = m2m_bundle.data['sourceport']
        except:
            sourceport_dict = None
        if sourceport_dict:
            for sp in sourceport_dict:
                sourceport_pk = get_port_pk_or_create(sp)
                sourceport_list.append(sourceport_pk)

        try:
            destport_dict = m2m_bundle.data['destinationport']
        except:
            destport_dict = None
        if destport_dict:
            for dp in destport_dict:
                destport_pk = get_port_pk_or_create(dp)
                destport_list.append(destport_pk)

        try:
            port_dict = m2m_bundle.data['port']
        except:
            port_dict = None
        if port_dict:
            for prt in port_dict:
                port_pk = get_port_pk_or_create(prt) 
                port_list.append(port_pk)

        datadict = bundle.obj.__dict__
        datadict['applier'] =  request.user.pk
        datadict['comments'] =  "%s: %s" %("Submitted via REST API", datadict['comments'])
        datadict['then'] =  then_list
        datadict['sourceport'] =  sourceport_list
        datadict['destinationport'] =  destport_list
        datadict['port'] =  port_list
        form = RouteForm(data=datadict)

        if form.is_valid():
            route=form.save(commit=False)
            route.applier = request.user
            route.status = "PENDING"
            route.source = IPNetwork("%s/%s" %(IPNetwork(route.source).network.compressed, IPNetwork(route.source).prefixlen)).compressed
            route.destination = IPNetwork("%s/%s" %(IPNetwork(route.destination).network.compressed, IPNetwork(route.destination).prefixlen)).compressed
            route.save()
            form.save_m2m()
            route.commit_add()
            requesters_address = request.META['HTTP_X_FORWARDED_FOR']
            mail_body = render_to_string("rule_add_mail.txt",
                                             {"route": route, "address": requesters_address})
            user_mail = "%s" %route.applier.email
            user_mail = user_mail.split(';')
            new_mail(settings.EMAIL_SUBJECT_PREFIX + "Rule %s creation request submitted by %s via REST api" %(route.name, route.applier.username),
                              mail_body, settings.SERVER_EMAIL, user_mail,
                              get_peer_techcs_contact(route.applier))
            d = { 'clientip' : "REST_API: %s" %requesters_address, 'user' : route.applier.username }
            logger.info(mail_body, extra=d)
        else:
            raise ApiFieldError("ERRORS %s %s" %(form.errors, form.__dict__))

        return bundle
    
    def obj_delete(self, request=None, **kwargs):
        logger.info('Got REST DELETE request %s' %kwargs)
        obj = kwargs.pop('pk', None)
        if obj:
            try:
                route = Route.objects.get(pk=obj)
            except:
                raise NotFound("A model instance matching the provided arguments could not be found.")
            applier_peer = route.applier.get_profile().peer
            requester_peer = request.user.get_profile().peer
            if applier_peer == requester_peer:
                route.status = "PENDING"
                route.expires = datetime.date.today()
                route.save()
                route.commit_delete()
                requesters_address = request.META['HTTP_X_FORWARDED_FOR']
                mail_body = render_to_string("rule_delete_mail.txt",
                                                 {"route": route, "address": requesters_address})
                user_mail = "%s" %route.applier.email
                user_mail = user_mail.split(';')
                new_mail(settings.EMAIL_SUBJECT_PREFIX + "Rule %s removal request submitted by %s" %(route.name, route.applier.username), 
                                  mail_body, settings.SERVER_EMAIL, user_mail,
                                 get_peer_techcs_contact(route.applier))
                d = { 'clientip' : "REST_API: %s" %requesters_address, 'user' : route.applier.username }
                logger.info(mail_body, extra=d)
            else:
                raise NotFound("A model instance matching the provided arguments could not be found.")
        else:
            raise NotFound("A model instance matching the provided arguments could not be found.")
        
    def delete_list(self, request, **kwargs):
        return http.HttpForbidden()

    def obj_update(self, bundle, request=None, **kwargs):
        logger.info('Got REST PUT request %s' %kwargs)
        then_list = []
        sourceport_list = []
        destport_list = []
        port_list = []
        applier = request.user.pk
        applier_peer = request.user.get_profile().peer
        route_edit = get_object_or_404(Route, pk=kwargs['pk'])
        route_edit_applier_peer = route_edit.applier.get_profile().peer
        if applier_peer != route_edit_applier_peer:
            return http.HttpForbidden()

        route_original = deepcopy(route_edit)
        if not bundle.obj or not bundle.obj.pk:

            try:
                bundle.obj = self.get_object_list(request).model()
                bundle.data.update(kwargs)
                bundle = self.full_hydrate(bundle)
                lookup_kwargs = kwargs.copy()

                for key in kwargs.keys():
                    if key == 'pk':
                        continue
                    elif getattr(bundle.obj, key, NOT_AVAILABLE) is not NOT_AVAILABLE:
                        lookup_kwargs[key] = getattr(bundle.obj, key)
                    else:
                        del lookup_kwargs[key]
            except:
                # if there is trouble hydrating the data, fall back to just
                # using kwargs by itself (usually it only contains a "pk" key
                # and this will work fine.
                lookup_kwargs = kwargs

            try:
                bundle.obj = self.obj_get(request, **lookup_kwargs)
            except ObjectDoesNotExist:
                raise NotFound("A model instance matching the provided arguments could not be found.")

        bundle = self.full_hydrate(bundle)
        m2m_bundle = self.hydrate_m2m(bundle)
        try:
            then_action_dict = m2m_bundle.data['then'][0].obj.__dict__
            then_action_pk = ThenAction.objects.get(action=then_action_dict['action'], action_value=then_action_dict['action_value']).pk
            then_list.append(then_action_pk)
        except:
            then_list.extend([x.pk for x in route_edit.then.all() if x])

        try:
            sourceport_dict = m2m_bundle.data['sourceport']
        except:
            sourceport_dict = None
        if sourceport_dict:
            for sp in sourceport_dict:
                sourceport_pk = get_port_pk_or_create(sp)
                sourceport_list.append(sourceport_pk)
        else:
             sourceport_list.extend([x.pk for x in route_edit.sourceport.all() if x])

        try:
            destport_dict = m2m_bundle.data['destinationport']
        except:
            destport_dict = None
        if destport_dict:
            for dp in destport_dict:
                destport_pk = get_port_pk_or_create(dp)
                destport_list.append(destport_pk)
        else:
             destport_list.extend([x.pk for x in route_edit.destinationport.all() if x])
        try:
            port_dict = m2m_bundle.data['port']
        except:
            port_dict = None
        if port_dict:
            for prt in port_dict:
                port_pk = get_port_pk_or_create(prt)
                port_list.append(port_pk)
        else:
            port_list.extend([x.pk for x in route_edit.port.all() if x])
        
    
        datadict = bundle.obj.__dict__
        datadict['applier'] =  request.user.pk
        comment_text = "Submitted via REST API"
        if comment_text not in datadict['comments']:
            datadict['comments'] =  "%s: %s" %("Submitted via REST API", datadict['comments'])
        datadict['then'] =  then_list
        datadict['sourceport'] =  sourceport_list
        datadict['destinationport'] =  destport_list
        datadict['port'] =  port_list
        datadict['name'] =  route_edit.name
        datadict['expires'] = datetime.date.today() + datetime.timedelta(days = settings.EXPIRATION_DAYS_OFFSET)
        form = RouteForm(data=datadict, instance = route_edit)

        if form.is_valid():
            route=form.save(commit=False)
            route.name = route_original.name
            route.applier = request.user
            route.status = "PENDING"
            route.source = IPNetwork("%s/%s" %(IPNetwork(route.source).network.compressed, IPNetwork(route.source).prefixlen)).compressed
            route.destination = IPNetwork("%s/%s" %(IPNetwork(route.destination).network.compressed, IPNetwork(route.destination).prefixlen)).compressed
            route.save()
            form.save_m2m()
            route.commit_edit()
            requesters_address = request.META['HTTP_X_FORWARDED_FOR']
            mail_body = render_to_string("rule_edit_mail.txt",
                                             {"route": route, "address": requesters_address})
            user_mail = "%s" %route.applier.email
            user_mail = user_mail.split(';')
            new_mail(settings.EMAIL_SUBJECT_PREFIX + "Rule %s edit request submitted by %s via REST api" %(route.name, route.applier.username),
                              mail_body, settings.SERVER_EMAIL, user_mail,
                              get_peer_techcs_contact(route.applier))
            d = { 'clientip' : "REST_API: %s" %requesters_address, 'user' : route.applier.username }
            logger.info(mail_body, extra=d)
        else:
            raise ApiFieldError("ERRORS %s %s" %(form.errors, form.__dict__))
        return bundle
    
    
    class Meta:
        queryset = Route.objects.all()
        default_format = "application/json"
        resource_name = 'rule'
        allowed_methods = ['get', 'post', 'delete', 'put']
        fields = ['comments', 'source', 'destination', 'expires', 'status', 'id', 'sourceport', 'destinationport', 'then']
        authentication = BasicAuthentication(restauthBackend())
        authorization= Authorization()
        
def get_port_pk_or_create(prt):
    try:
        port_pk = MatchPort.objects.get(port=prt.obj.__dict__['port']).pk
    except:
        try:
            assert (int(prt.obj.__dict__['port']))
            mp = MatchPort(port=int(int(prt.obj.__dict__['port'])))
            mp.save()
            port_pk=mp.pk
        except:
            raise ApiFieldError("Port should be an integer")
    return port_pk