diff options
author | Daniil Baturin <daniil@baturin.org> | 2019-10-23 17:08:09 +0200 |
---|---|---|
committer | Daniil Baturin <daniil@baturin.org> | 2019-10-23 17:08:09 +0200 |
commit | 62ea78e3030802e81dd739fc4c45e6a10faddb36 (patch) | |
tree | 66205ac7fa8290e1d6eda1d4c94e57f4f78c1dd1 /src/services | |
parent | d9ee0b95d1020b6d5412dd011ebb1ef7f6ef3fc7 (diff) | |
parent | 3f8884587ab1291c13f633b079058879241ac3c1 (diff) | |
download | vyos-1x-62ea78e3030802e81dd739fc4c45e6a10faddb36.tar.gz vyos-1x-62ea78e3030802e81dd739fc4c45e6a10faddb36.zip |
Merge branch 'current' of https://github.com/vyos/vyos-1x into current
Diffstat (limited to 'src/services')
-rwxr-xr-x | src/services/vyos-http-api-server | 106 |
1 files changed, 92 insertions, 14 deletions
diff --git a/src/services/vyos-http-api-server b/src/services/vyos-http-api-server index afab9be70..04c44c2be 100755 --- a/src/services/vyos-http-api-server +++ b/src/services/vyos-http-api-server @@ -27,12 +27,13 @@ import vyos.config import bottle +from functools import wraps + from vyos.configsession import ConfigSession, ConfigSessionError from vyos.config import VyOSError DEFAULT_CONFIG_FILE = '/etc/vyos/http-api.conf' - CFG_GROUP = 'vyattacfg' app = bottle.default_app() @@ -61,16 +62,23 @@ def success(data): resp = {"success": True, "data": data, "error": None} return json.dumps(resp) +def auth_required(f): + @wraps(f) + def decorated_function(*args, **kwargs): + key = bottle.request.forms.get("key") + api_keys = app.config['vyos_keys'] + id = check_auth(api_keys, key) + if not id: + return error(401, "Valid API key is required") + return f(*args, **kwargs) + + return decorated_function + @app.route('/configure', method='POST') +@auth_required def configure(): session = app.config['vyos_session'] config = app.config['vyos_config'] - api_keys = app.config['vyos_keys'] - - key = bottle.request.forms.get("key") - id = check_auth(api_keys, key) - if not id: - return error(401, "Valid API key is required") strict_field = bottle.request.forms.get("strict") if strict_field == "true": @@ -177,17 +185,11 @@ def configure(): return success(None) @app.route('/retrieve', method='POST') +@auth_required def get_value(): config = app.config['vyos_config'] session = app.config['vyos_session'] - api_keys = app.config['vyos_keys'] - - key = bottle.request.forms.get("key") - id = check_auth(api_keys, key) - if not id: - return error(401, "Valid API key is required") - command = bottle.request.forms.get("data") command = json.loads(command) @@ -220,6 +222,82 @@ def get_value(): return success(res) +@app.route('/config-file', method='POST') +@auth_required +def config_file_op(): + config = app.config['vyos_config'] + session = app.config['vyos_session'] + + command = bottle.request.forms.get("data") + command = json.loads(command) + + try: + op = command['op'] + except KeyError: + return error(400, "Missing required field \"op\"") + + try: + if op == 'save': + try: + path = command['file'] + except KeyError: + path = '/config/config.boot' + res = session.save_config(path) + elif op == 'load': + try: + path = command['file'] + except KeyError: + return error(400, "Missing required field \"file\"") + res = session.load_config(path) + res = session.commit() + else: + return error(400, "\"{0}\" is not a valid operation".format(op)) + except VyOSError as e: + return error(400, str(e)) + except Exception as e: + print(traceback.format_exc(), file=sys.stderr) + return error(500, "An internal error occured. Check the logs for details.") + + return success(res) + +@app.route('/image', method='POST') +@auth_required +def config_file_op(): + config = app.config['vyos_config'] + session = app.config['vyos_session'] + + command = bottle.request.forms.get("data") + command = json.loads(command) + + try: + op = command['op'] + except KeyError: + return error(400, "Missing required field \"op\"") + + try: + if op == 'add': + try: + url = command['url'] + except KeyError: + return error(400, "Missing required field \"url\"") + res = session.install_image(url) + elif op == 'delete': + try: + name = command['name'] + except KeyError: + return error(400, "Missing required field \"name\"") + res = session.remove_image(name) + else: + return error(400, "\"{0}\" is not a valid operation".format(op)) + except VyOSError as e: + return error(400, str(e)) + except Exception as e: + print(traceback.format_exc(), file=sys.stderr) + return error(500, "An internal error occured. Check the logs for details.") + + return success(res) + + if __name__ == '__main__': # systemd's user and group options don't work, do it by hand here, # else no one else will be able to commit |