F #5698: System config server admin (#1734)

(cherry picked from commit 982e09706fc444ae60a8ad2f818d6a795cbbdab4)
2025-03-21 14:50:08 +03:00 · 2022-02-01 17:05:45 +01:00 · 2022-02-01 17:05:45 +01:00 · 605fc8d339
commit 605fc8d339
parent 4d19829486
6 changed files with 200 additions and 65 deletions
--- a/src/fireedge/src/server/routes/api/auth/utils.js
+++ b/src/fireedge/src/server/routes/api/auth/utils.js
@ -52,8 +52,6 @@ const namespace = appConfig.namespace || defaultNamespace
 const { GET } = httpMethod

 let user = ''
-let key = ''
-let iv = ''
 let pass = ''
 let type = ''
 let tfatoken = ''
@ -69,20 +67,6 @@ let relativeTime = ''
 let limitToken = defaultSessionExpiration
 let limitExpirationReuseToken = defaultSessionLimitExpiration

-/**
- * Get key opennebula.
- *
- * @returns {string} get key
- */
-const getKey = () => key
-
-/**
- * Get initialization vector.
- *
- * @returns {string} get initialization vector
- */
-const getIV = () => iv
-
 /**
 * Get user opennebula.
 *
@ -104,30 +88,6 @@ const getPass = () => pass
 */
 const getRelativeTime = () => relativeTime

-/**
- * Opennebula encode-decode key.
- *
- * @param {string} newKey - new key
- * @returns {string} get key
- */
-const setKey = (newKey) => {
-  key = newKey
-
-  return key
-}
-
-/**
- * Initialization vector (encrypt).
- *
- * @param {string} newIV - //16 characters
- * @returns {string} get IV
- */
-const setIV = (newIV) => {
-  iv = newIV
-
-  return iv
-}
-
 /**
 * Username opennebula.
 *
@ -442,23 +402,23 @@ const setZones = () => {
 /**
 * Create token server admin.
 *
- * @param {string} serverAdmin - serveradmin name
- * @param {string} username - user name
- * @returns {string} data encrypted serveradmin
+ * @param {object} config - config create  token serveradmin
+ * @param {string} config.serverAdmin - serverAdmin username
+ * @param {string} config.username - user name
+ * @param {string} config.key - serverAdmin key
+ * @param {string} config.iv - serverAdmin iv
+ * @returns {object|undefined} data encrypted serveradmin
 */
-const createTokenServerAdmin = (serverAdmin = '', username = '') => {
-  let rtn
-  const keyGet = getKey()
-  const ivGet = getIV()
+const createTokenServerAdmin = ({ serverAdmin, username, key, iv }) => {
  if (serverAdmin && username && key && iv) {
+    !(expireTime && typeof expireTime.toSeconds === 'function') && setDates()
    const expire = parseInt(expireTime.toSeconds(), 10)
-    rtn = {
-      token: encrypt(`${serverAdmin}:${username}:${expire}`, keyGet, ivGet),
+
+    return {
+      token: encrypt(`${serverAdmin}:${username}:${expire}`, key, iv),
      time: expire,
    }
  }
-
-  return rtn
 }

 /**
@ -483,13 +443,6 @@ const wrapUserWithServerAdmin = (serverAdminData = {}, userData = {}) => {
    userData.ID &&
    userData.TEMPLATE
  ) {
-    /*********************************************************
-     * equals what is placed in:
-     * src/authm_mad/remotes/server_cipher/server_cipher_auth.rb:44
-     *********************************************************/
-    setKey(serverAdminPassword.substring(0, 32))
-    setIV(serverAdminPassword.substring(0, 16))
-
    const JWTusername = `${serverAdminName}:${userName}`

    let tokenWithServerAdmin
@ -499,7 +452,16 @@ const wrapUserWithServerAdmin = (serverAdminData = {}, userData = {}) => {
      tokenWithServerAdmin = validToken
    } else {
      setGlobalNewToken = true
-      tokenWithServerAdmin = createTokenServerAdmin(serverAdminName, userName)
+      tokenWithServerAdmin = createTokenServerAdmin({
+        serverAdmin: serverAdminName,
+        username: userName,
+        /*********************************************************
+         * equals what is placed in:
+         * src/authm_mad/remotes/server_cipher/server_cipher_auth.rb:44
+         *********************************************************/
+        key: serverAdminPassword.substring(0, 32),
+        iv: serverAdminPassword.substring(0, 16),
+      })
    }

    if (tokenWithServerAdmin) {
@ -543,12 +505,12 @@ const getServerAdminAndWrapUser = (userData = {}) => {
    serverAdminData.key &&
    serverAdminData.iv
  ) {
-    setKey(serverAdminData.key)
-    setIV(serverAdminData.iv)
-    const tokenWithServerAdmin = createTokenServerAdmin(
-      serverAdminData.username,
-      serverAdminData.username
-    )
+    const tokenWithServerAdmin = createTokenServerAdmin({
+      serverAdmin: serverAdminData.username,
+      username: serverAdminData.username,
+      key: serverAdminData.key,
+      iv: serverAdminData.iv,
+    })
    if (tokenWithServerAdmin.token) {
      const oneConnect = connectOpennebula(
        `${serverAdminData.username}:${serverAdminData.username}`,
@ -617,6 +579,7 @@ const functionRoutes = {
  setNodeConnect,
  connectOpennebula,
  getCreatedTokenOpennebula,
+  createTokenServerAdmin,
 }

 module.exports = functionRoutes
--- a/src/fireedge/src/server/routes/api/index.js
+++ b/src/fireedge/src/server/routes/api/index.js
@ -33,6 +33,7 @@ const routes = [
  'zendesk',
  'oneprovision',
  'sunstone',
+  'system',
 ]

 const serverRoutes = []
--- a/src/fireedge/src/server/routes/api/system/basepath.js
+++ b/src/fireedge/src/server/routes/api/system/basepath.js
@ -0,0 +1,17 @@
+/* ------------------------------------------------------------------------- *
+ * Copyright 2002-2021, OpenNebula Project, OpenNebula Systems               *
+ *                                                                           *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may   *
+ * not use this file except in compliance with the License. You may obtain   *
+ * a copy of the License at                                                  *
+ *                                                                           *
+ * http://www.apache.org/licenses/LICENSE-2.0                                *
+ *                                                                           *
+ * Unless required by applicable law or agreed to in writing, software       *
+ * distributed under the License is distributed on an "AS IS" BASIS,         *
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  *
+ * See the License for the specific language governing permissions and       *
+ * limitations under the License.                                            *
+ * ------------------------------------------------------------------------- */
+
+module.exports = 'system'
--- a/src/fireedge/src/server/routes/api/system/functions.js
+++ b/src/fireedge/src/server/routes/api/system/functions.js
@ -0,0 +1,90 @@
+/* ------------------------------------------------------------------------- *
+ * Copyright 2002-2021, OpenNebula Project, OpenNebula Systems               *
+ *                                                                           *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may   *
+ * not use this file except in compliance with the License. You may obtain   *
+ * a copy of the License at                                                  *
+ *                                                                           *
+ * http://www.apache.org/licenses/LICENSE-2.0                                *
+ *                                                                           *
+ * Unless required by applicable law or agreed to in writing, software       *
+ * distributed under the License is distributed on an "AS IS" BASIS,         *
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  *
+ * See the License for the specific language governing permissions and       *
+ * limitations under the License.                                            *
+ * ------------------------------------------------------------------------- */
+const { defaults, httpCodes } = require('server/utils/constants')
+const { httpResponse, getSunstoneAuth } = require('server/utils/server')
+const {
+  getDefaultParamsOfOpennebulaCommand,
+} = require('server/utils/opennebula')
+const {
+  Actions: ActionSystem,
+} = require('server/utils/constants/commands/system')
+const { createTokenServerAdmin } = require('server/routes/api/auth/utils')
+
+const { defaultEmptyFunction, httpMethod } = defaults
+const { ok, internalServerError, badRequest } = httpCodes
+const { GET } = httpMethod
+
+/**
+ * Get system config.
+ *
+ * @param {object} res - http response
+ * @param {Function} next - express stepper
+ * @param {object} params - params of http request
+ * @param {object} userData - user of http request
+ * @param {function(string, string): Function} oneConnection - One Connection
+ */
+const getConfig = (
+  res = {},
+  next = defaultEmptyFunction,
+  params = {},
+  userData = {},
+  oneConnection = defaultEmptyFunction
+) => {
+  const rtn = httpResponse(badRequest, '', '')
+
+  const { username, key, iv } = getSunstoneAuth()
+  if (!(username && key && iv)) {
+    res.locals.httpCode = rtn
+    next()
+
+    return
+  }
+
+  const tokenWithServerAdmin = createTokenServerAdmin({
+    serverAdmin: username,
+    username,
+    key,
+    iv,
+  })
+  if (!tokenWithServerAdmin.token) {
+    res.locals.httpCode = rtn
+    next()
+
+    return
+  }
+
+  const connect = oneConnection(
+    `${username}:${username}`,
+    tokenWithServerAdmin.token
+  )
+  connect(
+    ActionSystem.SYSTEM_CONFIG,
+    getDefaultParamsOfOpennebulaCommand(ActionSystem.SYSTEM_CONFIG, GET),
+    (err, value) => {
+      if (err) {
+        res.locals.httpCode = httpResponse(internalServerError, '', '')
+
+        return
+      }
+      res.locals.httpCode = httpResponse(ok, value)
+      next()
+    }
+  )
+}
+
+module.exports = {
+  getConfig,
+}
--- a/src/fireedge/src/server/routes/api/system/index.js
+++ b/src/fireedge/src/server/routes/api/system/index.js
@ -0,0 +1,27 @@
+/* ------------------------------------------------------------------------- *
+ * Copyright 2002-2021, OpenNebula Project, OpenNebula Systems               *
+ *                                                                           *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may   *
+ * not use this file except in compliance with the License. You may obtain   *
+ * a copy of the License at                                                  *
+ *                                                                           *
+ * http://www.apache.org/licenses/LICENSE-2.0                                *
+ *                                                                           *
+ * Unless required by applicable law or agreed to in writing, software       *
+ * distributed under the License is distributed on an "AS IS" BASIS,         *
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  *
+ * See the License for the specific language governing permissions and       *
+ * limitations under the License.                                            *
+ * ------------------------------------------------------------------------- */
+
+const { Actions, Commands } = require('server/routes/api/system/routes')
+const { getConfig } = require('server/routes/api/system/functions')
+
+const { SYSTEM_CONFIG } = Actions
+
+module.exports = [
+  {
+    ...Commands[SYSTEM_CONFIG],
+    action: getConfig,
+  },
+]
--- a/src/fireedge/src/server/routes/api/system/routes.js
+++ b/src/fireedge/src/server/routes/api/system/routes.js
@ -0,0 +1,37 @@
+/* ------------------------------------------------------------------------- *
+ * Copyright 2002-2021, OpenNebula Project, OpenNebula Systems               *
+ *                                                                           *
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may   *
+ * not use this file except in compliance with the License. You may obtain   *
+ * a copy of the License at                                                  *
+ *                                                                           *
+ * http://www.apache.org/licenses/LICENSE-2.0                                *
+ *                                                                           *
+ * Unless required by applicable law or agreed to in writing, software       *
+ * distributed under the License is distributed on an "AS IS" BASIS,         *
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  *
+ * See the License for the specific language governing permissions and       *
+ * limitations under the License.                                            *
+ * ------------------------------------------------------------------------- */
+
+const { httpMethod } = require('server/utils/constants/defaults')
+const SYSTEM = require('server/routes/api/system/basepath')
+
+const basepath = `/${SYSTEM}`
+const { GET } = httpMethod
+
+const SYSTEM_CONFIG = 'system.config'
+const Actions = {
+  SYSTEM_CONFIG,
+}
+
+module.exports = {
+  Actions,
+  Commands: {
+    [SYSTEM_CONFIG]: {
+      path: `${basepath}/config`,
+      httpMethod: GET,
+      auth: true,
+    },
+  },
+}