Adding support for pre-access scripts so UDS can support certain

operations (i.e. add an user to an specific group, or allowing user to access using specific protocol, thanks to José Luis Sepúlveda from upv for the feedback ;-)
2014-12-04 13:03:58 +01:00 · 2014-12-04 13:03:58 +01:00 · 9a86682c9d
commit 9a86682c9d
parent 2159e0f29d
8 changed files with 77 additions and 11 deletions
--- a/server/src/uds/REST/methods/actor.py
+++ b/server/src/uds/REST/methods/actor.py
@ -122,7 +122,7 @@ class Actor(Handler):
        if len(self._args) < 1:
            raise RequestError('Invalid request')
-        # if path is .../test (/rest/actor/[test|init]?key=.....&version=....&id=....)
+        # if path is .../test (/rest/actor/[test|init]?key=.....&version=....&id=....)  version & ids are only used on init
        if self._args[0] in ('test', 'init'):
            v = self.validateRequestKey()
            if v is not None:
@ -142,7 +142,10 @@ class Actor(Handler):
                if service.deployed_service.osmanager is not None:
                    maxIdle = service.deployed_service.osmanager.getInstance().maxIdle()
                    logger.debug('Max idle: {}'.format(maxIdle))
-                return Actor.result((service.uuid, service.unique_id, 0 if maxIdle is None else maxIdle))
+                return Actor.result((service.uuid,
                                     service.unique_id,
                                     0 if maxIdle is None else maxIdle)
                                    )
        raise RequestError('Invalid request')
    # Must be invoked as '/rest/actor/UUID/[message], with message data in post body
@ -170,7 +173,7 @@ class Actor(Handler):
        username = ''
        if message == 'notifyComms':
-            service.setProperty('comms_url', data)
+            service.setCommsUrl(data)
            return Actor.result('ok')
        # Preprocess some messages, common to all clients, such as "log"
@ -181,7 +184,7 @@ class Actor(Handler):
            username = data
        try:
-            res = service.getInstance().osmanager().process(service, message, data)
+            res = service.getInstance().osmanager().process(service, message, data, options={'scramble': False})
        except Exception as e:
            return Actor.result(six.text_type(e), ERR_OSMANAGER_ERROR)
--- a/server/src/uds/REST/methods/user_services.py
+++ b/server/src/uds/REST/methods/user_services.py
@ -155,6 +155,7 @@ class CachedService(AssignedService):
            {'friendly_name': {'title': _('Friendly name')}},
            {'state': {'title': _('State'), 'type': 'dict', 'dict': State.dictionary()}},
            {'cache_level': {'title': _('Cache level')}},
            {'actor_version': {'title': _('Actor version')}}
        ]
    def getLogs(self, parent, item):
--- a/server/src/uds/REST/model.py
+++ b/server/src/uds/REST/model.py
@ -47,7 +47,7 @@ import logging
 logger = logging.getLogger(__name__)
-__updated__ = '2014-11-12'
+__updated__ = '2014-12-04'
 # a few constants
--- a/server/src/uds/core/managers/UserServiceManager.py
+++ b/server/src/uds/core/managers/UserServiceManager.py
@ -45,6 +45,8 @@ from uds.core.services.Exceptions import MaxServicesReachedException
 from uds.models import UserService, getSqlDatetime
 from uds.core import services
 from uds.core.services import Service
 import requests
 import json
 import logging
 logger = logging.getLogger(__name__)
@ -444,6 +446,46 @@ class UserServiceManager(object):
        UserServiceOpChecker.makeUnique(uService, ui, state)
        return False
    def manageOsManagerPreConnection(self, uService, user):
        '''
        Sends, if the user service has os manager and the os manager "wants" to send an pre-script to actor
        the script to the Service
        If fails, it will silently ignore it, but probably connection will not success
        This is so right now to keep compatibility with previos xmlrpc actor..
        @return: Nothing
        '''
        logger.debug('Managing specific OS Manager data before connection')
        if uService.needsOsManager() is False:
            logger.debug('No os manager for service, finishing')
            return
        osm = uService.getOsManager()
        instanceOsManager = osm.getInstance()
        script = instanceOsManager.preAccessScript(uService, user)
        if script is None:
            logger.debug('OS Manager does not provides a pre access script')
        logger.debug('Pre access script: {}'.format(script))
        return self.sendScript(uService, script)
    def sendScript(self, uService, script):
        '''
        If allowed, send script to user service
        '''
        url = uService.getCommsUrl()
        if url is None:
            logger.error('Can\'t connect with actor (no actor or legacy actor)')
            return
        try:
            r = requests.post(url, data={'script': script}, headers={'content-type': 'application/json'}, verify=False, timeout=5)
            r = json.loads(r.content)
            # In fact we ignore result right now
        except Exception as e:
            logger.error('Exception caught sending script: {}. Check connection on destination machine: {}'.format(e, url))
        # All done
    def checkForRemoval(self, uService):
        '''
        This method is used by UserService when a request for setInUse(False) is made
--- a/server/src/uds/core/osmanagers/BaseOsManager.py
+++ b/server/src/uds/core/osmanagers/BaseOsManager.py
@ -36,7 +36,7 @@ from django.utils.translation import ugettext_noop as _
 from uds.core.util.State import State
 from uds.core import Module
-__updated__ = '2014-12-01'
+__updated__ = '2014-12-04'
 STORAGE_KEY = 'osmk'
@ -89,7 +89,7 @@ class OSManager(Module):
        pass
    # These methods must be overriden
-    def process(self, service, message, data):
+    def process(self, service, message, data, options=None):
        '''
        This method must be overriden so your so manager can manage requests and responses from agent.
        @param service: Service that sends the request (virtual machine or whatever)
@ -126,6 +126,14 @@ class OSManager(Module):
        '''
        return None
    def preAccessScript(self, userService, user):
        '''
        This gives us the chance to include "customized" initialization for any os manager for an specifyc user & service on assignation to an user
        such as "include" in allowed user list, etc...
        Both values are db objects
        '''
        return None
    @classmethod
    def transformsUserOrPasswordForService(cls):
        '''
--- a/server/src/uds/models/UserService.py
+++ b/server/src/uds/models/UserService.py
@ -35,7 +35,7 @@
 from __future__ import unicode_literals
-__updated__ = '2014-12-02'
+__updated__ = '2014-12-04'
 from django.db import models
 from django.db.models import signals
@ -246,11 +246,14 @@ class UserService(UUIDModel):
        '''
        return [self.src_ip, self.src_hostname]
    def getOsManager(self):
        return self.deployed_service.osmanager
    def needsOsManager(self):
        '''
        Returns True if this User Service needs an os manager (i.e. parent services pools is marked to use an os manager)
        '''
-        return self.deployed_service.osmanager is not None
+        return self.getOsManager() is not None
    def transformsUserOrPasswordForService(self):
        '''
@ -419,9 +422,15 @@ class UserService(UUIDModel):
    def setProperty(self, propName, propValue):
        prop, _ = self.properties.get_or_create(name=propName)
-        prop.value = propValue
+        prop.value = propValue if propValue is None else ''
        prop.save()
    def setCommsUrl(self, commsUrl=None):
        self.setProperty('comms_url', commsUrl)
    def getCommsUrl(self):
        return self.getProperty('comms_url', None)
    def __str__(self):
        return "User service {0}, cache_level {1}, user {2}, name {3}, state {4}:{5}".format(self.id, self.cache_level, self.user, self.friendly_name,
                                                                                             State.toString(self.state), State.toString(self.os_state))
--- a/server/src/uds/osmanagers/WindowsOsManager/WindowsOsManager.py
+++ b/server/src/uds/osmanagers/WindowsOsManager/WindowsOsManager.py
@ -115,7 +115,7 @@ class WindowsOsManager(osmanagers.OSManager):
        except Exception:
            log.doLog(service, log.ERROR, "do not understand {0}".format(data), origin)
-    def process(self, service, msg, data):
+    def process(self, service, msg, data, options):
        '''
        We understand this messages:
        * msg = info, data = None. Get information about name of machine (or domain, in derived WinDomainOsManager class) (old method)
@ -180,6 +180,8 @@ class WindowsOsManager(osmanagers.OSManager):
            else:
                UserServiceManager.manager().notifyReadyFromOsManager(service, '')
        logger.debug('Returning {} to {} message'.format(ret, msg))
        if options is not None and options.get('scramble', True) is False:
            return ret
        return scrambleMsg(ret)
    def processUnused(self, userService):
--- a/server/src/uds/web/views.py
+++ b/server/src/uds/web/views.py
@ -276,6 +276,7 @@ def service(request, idService, idTransport):
            if ip is not None:
                itrans = trans.getInstance()
                if itrans.isAvailableFor(ip):
                    UserServiceManager.manager().manageOsManagerPreConnection(ads, request.user)
                    log.doLog(ads, log.INFO, "User service ready, rendering transport", log.WEB)
                    transport = itrans.renderForHtml(ads, ads.uuid, trans.uuid, ip, request.session['OS'], request.user, webPassword(request))
                    return render_to_response(theme.template('show_transport.html'), {'transport': transport, 'nolang': True}, context_instance=RequestContext(request))