From 605fc8d3396f2d01c59a2036611648fc4190c35a Mon Sep 17 00:00:00 2001 From: Jorge Miguel Lobo Escalona Date: Tue, 1 Feb 2022 17:05:45 +0100 Subject: [PATCH] F #5698: System config server admin (#1734) (cherry picked from commit 982e09706fc444ae60a8ad2f818d6a795cbbdab4) --- .../src/server/routes/api/auth/utils.js | 93 ++++++------------- src/fireedge/src/server/routes/api/index.js | 1 + .../src/server/routes/api/system/basepath.js | 17 ++++ .../src/server/routes/api/system/functions.js | 90 ++++++++++++++++++ .../src/server/routes/api/system/index.js | 27 ++++++ .../src/server/routes/api/system/routes.js | 37 ++++++++ 6 files changed, 200 insertions(+), 65 deletions(-) create mode 100644 src/fireedge/src/server/routes/api/system/basepath.js create mode 100644 src/fireedge/src/server/routes/api/system/functions.js create mode 100644 src/fireedge/src/server/routes/api/system/index.js create mode 100644 src/fireedge/src/server/routes/api/system/routes.js diff --git a/src/fireedge/src/server/routes/api/auth/utils.js b/src/fireedge/src/server/routes/api/auth/utils.js index cae72d3dd9..40d3d305fd 100644 --- a/src/fireedge/src/server/routes/api/auth/utils.js +++ b/src/fireedge/src/server/routes/api/auth/utils.js @@ -52,8 +52,6 @@ const namespace = appConfig.namespace || defaultNamespace const { GET } = httpMethod let user = '' -let key = '' -let iv = '' let pass = '' let type = '' let tfatoken = '' @@ -69,20 +67,6 @@ let relativeTime = '' let limitToken = defaultSessionExpiration let limitExpirationReuseToken = defaultSessionLimitExpiration -/** - * Get key opennebula. - * - * @returns {string} get key - */ -const getKey = () => key - -/** - * Get initialization vector. - * - * @returns {string} get initialization vector - */ -const getIV = () => iv - /** * Get user opennebula. * @@ -104,30 +88,6 @@ const getPass = () => pass */ const getRelativeTime = () => relativeTime -/** - * Opennebula encode-decode key. - * - * @param {string} newKey - new key - * @returns {string} get key - */ -const setKey = (newKey) => { - key = newKey - - return key -} - -/** - * Initialization vector (encrypt). - * - * @param {string} newIV - //16 characters - * @returns {string} get IV - */ -const setIV = (newIV) => { - iv = newIV - - return iv -} - /** * Username opennebula. * @@ -442,23 +402,23 @@ const setZones = () => { /** * Create token server admin. * - * @param {string} serverAdmin - serveradmin name - * @param {string} username - user name - * @returns {string} data encrypted serveradmin + * @param {object} config - config create token serveradmin + * @param {string} config.serverAdmin - serverAdmin username + * @param {string} config.username - user name + * @param {string} config.key - serverAdmin key + * @param {string} config.iv - serverAdmin iv + * @returns {object|undefined} data encrypted serveradmin */ -const createTokenServerAdmin = (serverAdmin = '', username = '') => { - let rtn - const keyGet = getKey() - const ivGet = getIV() +const createTokenServerAdmin = ({ serverAdmin, username, key, iv }) => { if (serverAdmin && username && key && iv) { + !(expireTime && typeof expireTime.toSeconds === 'function') && setDates() const expire = parseInt(expireTime.toSeconds(), 10) - rtn = { - token: encrypt(`${serverAdmin}:${username}:${expire}`, keyGet, ivGet), + + return { + token: encrypt(`${serverAdmin}:${username}:${expire}`, key, iv), time: expire, } } - - return rtn } /** @@ -483,13 +443,6 @@ const wrapUserWithServerAdmin = (serverAdminData = {}, userData = {}) => { userData.ID && userData.TEMPLATE ) { - /********************************************************* - * equals what is placed in: - * src/authm_mad/remotes/server_cipher/server_cipher_auth.rb:44 - *********************************************************/ - setKey(serverAdminPassword.substring(0, 32)) - setIV(serverAdminPassword.substring(0, 16)) - const JWTusername = `${serverAdminName}:${userName}` let tokenWithServerAdmin @@ -499,7 +452,16 @@ const wrapUserWithServerAdmin = (serverAdminData = {}, userData = {}) => { tokenWithServerAdmin = validToken } else { setGlobalNewToken = true - tokenWithServerAdmin = createTokenServerAdmin(serverAdminName, userName) + tokenWithServerAdmin = createTokenServerAdmin({ + serverAdmin: serverAdminName, + username: userName, + /********************************************************* + * equals what is placed in: + * src/authm_mad/remotes/server_cipher/server_cipher_auth.rb:44 + *********************************************************/ + key: serverAdminPassword.substring(0, 32), + iv: serverAdminPassword.substring(0, 16), + }) } if (tokenWithServerAdmin) { @@ -543,12 +505,12 @@ const getServerAdminAndWrapUser = (userData = {}) => { serverAdminData.key && serverAdminData.iv ) { - setKey(serverAdminData.key) - setIV(serverAdminData.iv) - const tokenWithServerAdmin = createTokenServerAdmin( - serverAdminData.username, - serverAdminData.username - ) + const tokenWithServerAdmin = createTokenServerAdmin({ + serverAdmin: serverAdminData.username, + username: serverAdminData.username, + key: serverAdminData.key, + iv: serverAdminData.iv, + }) if (tokenWithServerAdmin.token) { const oneConnect = connectOpennebula( `${serverAdminData.username}:${serverAdminData.username}`, @@ -617,6 +579,7 @@ const functionRoutes = { setNodeConnect, connectOpennebula, getCreatedTokenOpennebula, + createTokenServerAdmin, } module.exports = functionRoutes diff --git a/src/fireedge/src/server/routes/api/index.js b/src/fireedge/src/server/routes/api/index.js index 9aab4a04f7..f45d720730 100644 --- a/src/fireedge/src/server/routes/api/index.js +++ b/src/fireedge/src/server/routes/api/index.js @@ -33,6 +33,7 @@ const routes = [ 'zendesk', 'oneprovision', 'sunstone', + 'system', ] const serverRoutes = [] diff --git a/src/fireedge/src/server/routes/api/system/basepath.js b/src/fireedge/src/server/routes/api/system/basepath.js new file mode 100644 index 0000000000..b356f70bfd --- /dev/null +++ b/src/fireedge/src/server/routes/api/system/basepath.js @@ -0,0 +1,17 @@ +/* ------------------------------------------------------------------------- * + * Copyright 2002-2021, OpenNebula Project, OpenNebula Systems * + * * + * Licensed under the Apache License, Version 2.0 (the "License"); you may * + * not use this file except in compliance with the License. You may obtain * + * a copy of the License at * + * * + * http://www.apache.org/licenses/LICENSE-2.0 * + * * + * Unless required by applicable law or agreed to in writing, software * + * distributed under the License is distributed on an "AS IS" BASIS, * + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * + * See the License for the specific language governing permissions and * + * limitations under the License. * + * ------------------------------------------------------------------------- */ + +module.exports = 'system' diff --git a/src/fireedge/src/server/routes/api/system/functions.js b/src/fireedge/src/server/routes/api/system/functions.js new file mode 100644 index 0000000000..761c7245c2 --- /dev/null +++ b/src/fireedge/src/server/routes/api/system/functions.js @@ -0,0 +1,90 @@ +/* ------------------------------------------------------------------------- * + * Copyright 2002-2021, OpenNebula Project, OpenNebula Systems * + * * + * Licensed under the Apache License, Version 2.0 (the "License"); you may * + * not use this file except in compliance with the License. You may obtain * + * a copy of the License at * + * * + * http://www.apache.org/licenses/LICENSE-2.0 * + * * + * Unless required by applicable law or agreed to in writing, software * + * distributed under the License is distributed on an "AS IS" BASIS, * + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * + * See the License for the specific language governing permissions and * + * limitations under the License. * + * ------------------------------------------------------------------------- */ +const { defaults, httpCodes } = require('server/utils/constants') +const { httpResponse, getSunstoneAuth } = require('server/utils/server') +const { + getDefaultParamsOfOpennebulaCommand, +} = require('server/utils/opennebula') +const { + Actions: ActionSystem, +} = require('server/utils/constants/commands/system') +const { createTokenServerAdmin } = require('server/routes/api/auth/utils') + +const { defaultEmptyFunction, httpMethod } = defaults +const { ok, internalServerError, badRequest } = httpCodes +const { GET } = httpMethod + +/** + * Get system config. + * + * @param {object} res - http response + * @param {Function} next - express stepper + * @param {object} params - params of http request + * @param {object} userData - user of http request + * @param {function(string, string): Function} oneConnection - One Connection + */ +const getConfig = ( + res = {}, + next = defaultEmptyFunction, + params = {}, + userData = {}, + oneConnection = defaultEmptyFunction +) => { + const rtn = httpResponse(badRequest, '', '') + + const { username, key, iv } = getSunstoneAuth() + if (!(username && key && iv)) { + res.locals.httpCode = rtn + next() + + return + } + + const tokenWithServerAdmin = createTokenServerAdmin({ + serverAdmin: username, + username, + key, + iv, + }) + if (!tokenWithServerAdmin.token) { + res.locals.httpCode = rtn + next() + + return + } + + const connect = oneConnection( + `${username}:${username}`, + tokenWithServerAdmin.token + ) + connect( + ActionSystem.SYSTEM_CONFIG, + getDefaultParamsOfOpennebulaCommand(ActionSystem.SYSTEM_CONFIG, GET), + (err, value) => { + if (err) { + res.locals.httpCode = httpResponse(internalServerError, '', '') + + return + } + res.locals.httpCode = httpResponse(ok, value) + next() + } + ) +} + +module.exports = { + getConfig, +} diff --git a/src/fireedge/src/server/routes/api/system/index.js b/src/fireedge/src/server/routes/api/system/index.js new file mode 100644 index 0000000000..0824218aca --- /dev/null +++ b/src/fireedge/src/server/routes/api/system/index.js @@ -0,0 +1,27 @@ +/* ------------------------------------------------------------------------- * + * Copyright 2002-2021, OpenNebula Project, OpenNebula Systems * + * * + * Licensed under the Apache License, Version 2.0 (the "License"); you may * + * not use this file except in compliance with the License. You may obtain * + * a copy of the License at * + * * + * http://www.apache.org/licenses/LICENSE-2.0 * + * * + * Unless required by applicable law or agreed to in writing, software * + * distributed under the License is distributed on an "AS IS" BASIS, * + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * + * See the License for the specific language governing permissions and * + * limitations under the License. * + * ------------------------------------------------------------------------- */ + +const { Actions, Commands } = require('server/routes/api/system/routes') +const { getConfig } = require('server/routes/api/system/functions') + +const { SYSTEM_CONFIG } = Actions + +module.exports = [ + { + ...Commands[SYSTEM_CONFIG], + action: getConfig, + }, +] diff --git a/src/fireedge/src/server/routes/api/system/routes.js b/src/fireedge/src/server/routes/api/system/routes.js new file mode 100644 index 0000000000..dba210ef37 --- /dev/null +++ b/src/fireedge/src/server/routes/api/system/routes.js @@ -0,0 +1,37 @@ +/* ------------------------------------------------------------------------- * + * Copyright 2002-2021, OpenNebula Project, OpenNebula Systems * + * * + * Licensed under the Apache License, Version 2.0 (the "License"); you may * + * not use this file except in compliance with the License. You may obtain * + * a copy of the License at * + * * + * http://www.apache.org/licenses/LICENSE-2.0 * + * * + * Unless required by applicable law or agreed to in writing, software * + * distributed under the License is distributed on an "AS IS" BASIS, * + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * + * See the License for the specific language governing permissions and * + * limitations under the License. * + * ------------------------------------------------------------------------- */ + +const { httpMethod } = require('server/utils/constants/defaults') +const SYSTEM = require('server/routes/api/system/basepath') + +const basepath = `/${SYSTEM}` +const { GET } = httpMethod + +const SYSTEM_CONFIG = 'system.config' +const Actions = { + SYSTEM_CONFIG, +} + +module.exports = { + Actions, + Commands: { + [SYSTEM_CONFIG]: { + path: `${basepath}/config`, + httpMethod: GET, + auth: true, + }, + }, +}