diff options
author | Christian Poessinger <christian@poessinger.com> | 2019-10-24 15:26:55 +0200 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2019-10-24 15:26:55 +0200 |
commit | 1d8e7c841d7eee501e9a822db727fc1eec449b5e (patch) | |
tree | 6d31b0319a71e92b2b0ef18abe6c0bd64fb55457 /src/services/vyos-http-api-server | |
parent | 034c68aa62b5a9a493e77e8ac18f4e38ee621b25 (diff) | |
parent | 3400b1dd79702553ebbd40516bf454f3fe47885b (diff) | |
download | vyos-1x-1d8e7c841d7eee501e9a822db727fc1eec449b5e.tar.gz vyos-1x-1d8e7c841d7eee501e9a822db727fc1eec449b5e.zip |
Merge branch 'current' of github.com:vyos/vyos-1x into equuleus
* 'current' of github.com:vyos/vyos-1x:
T1762: adjust the set_level() calls to use the new list representation.
[vyos.config] T1764: support both string and list arguments in config functions.
T1759: bug fixes, missing interface IP
[vyos.config] T1758: use vyos.configtree for reading values, instead of calling cli-shell-api.
[HTTP API] Add endpoints for config file and image management.
ddclient: T1030: add cloudflare zone config entry
[service https] T1443: organize internal data by server block
[vyos.config] T1758: check that config setup has completed before calling showConfig, else, default to config.boot
[HTTP API] Use a decorator for functions that require authentication.
ddclient: T1030: adjust to latest syntax
ddclient: T1030: auto create runtime directories
ddclient: T1030: use new default configuration file path
T1759: Migrating interfaces
T1755: fixes issue with 'show vpn ipsec sa' command where lack of keysize (encr-keysize) will result in KeyError - such as for CHACHA20_POLY1305
T1755: fixes issue with 'show vpn ipsec sa' command where lack of hash (integ-alg) will result in KeyError - such as with GCM based options
Diffstat (limited to 'src/services/vyos-http-api-server')
-rwxr-xr-x | src/services/vyos-http-api-server | 106 |
1 files changed, 92 insertions, 14 deletions
diff --git a/src/services/vyos-http-api-server b/src/services/vyos-http-api-server index afab9be70..04c44c2be 100755 --- a/src/services/vyos-http-api-server +++ b/src/services/vyos-http-api-server @@ -27,12 +27,13 @@ import vyos.config import bottle +from functools import wraps + from vyos.configsession import ConfigSession, ConfigSessionError from vyos.config import VyOSError DEFAULT_CONFIG_FILE = '/etc/vyos/http-api.conf' - CFG_GROUP = 'vyattacfg' app = bottle.default_app() @@ -61,16 +62,23 @@ def success(data): resp = {"success": True, "data": data, "error": None} return json.dumps(resp) +def auth_required(f): + @wraps(f) + def decorated_function(*args, **kwargs): + key = bottle.request.forms.get("key") + api_keys = app.config['vyos_keys'] + id = check_auth(api_keys, key) + if not id: + return error(401, "Valid API key is required") + return f(*args, **kwargs) + + return decorated_function + @app.route('/configure', method='POST') +@auth_required def configure(): session = app.config['vyos_session'] config = app.config['vyos_config'] - api_keys = app.config['vyos_keys'] - - key = bottle.request.forms.get("key") - id = check_auth(api_keys, key) - if not id: - return error(401, "Valid API key is required") strict_field = bottle.request.forms.get("strict") if strict_field == "true": @@ -177,17 +185,11 @@ def configure(): return success(None) @app.route('/retrieve', method='POST') +@auth_required def get_value(): config = app.config['vyos_config'] session = app.config['vyos_session'] - api_keys = app.config['vyos_keys'] - - key = bottle.request.forms.get("key") - id = check_auth(api_keys, key) - if not id: - return error(401, "Valid API key is required") - command = bottle.request.forms.get("data") command = json.loads(command) @@ -220,6 +222,82 @@ def get_value(): return success(res) +@app.route('/config-file', method='POST') +@auth_required +def config_file_op(): + config = app.config['vyos_config'] + session = app.config['vyos_session'] + + command = bottle.request.forms.get("data") + command = json.loads(command) + + try: + op = command['op'] + except KeyError: + return error(400, "Missing required field \"op\"") + + try: + if op == 'save': + try: + path = command['file'] + except KeyError: + path = '/config/config.boot' + res = session.save_config(path) + elif op == 'load': + try: + path = command['file'] + except KeyError: + return error(400, "Missing required field \"file\"") + res = session.load_config(path) + res = session.commit() + else: + return error(400, "\"{0}\" is not a valid operation".format(op)) + except VyOSError as e: + return error(400, str(e)) + except Exception as e: + print(traceback.format_exc(), file=sys.stderr) + return error(500, "An internal error occured. Check the logs for details.") + + return success(res) + +@app.route('/image', method='POST') +@auth_required +def config_file_op(): + config = app.config['vyos_config'] + session = app.config['vyos_session'] + + command = bottle.request.forms.get("data") + command = json.loads(command) + + try: + op = command['op'] + except KeyError: + return error(400, "Missing required field \"op\"") + + try: + if op == 'add': + try: + url = command['url'] + except KeyError: + return error(400, "Missing required field \"url\"") + res = session.install_image(url) + elif op == 'delete': + try: + name = command['name'] + except KeyError: + return error(400, "Missing required field \"name\"") + res = session.remove_image(name) + else: + return error(400, "\"{0}\" is not a valid operation".format(op)) + except VyOSError as e: + return error(400, str(e)) + except Exception as e: + print(traceback.format_exc(), file=sys.stderr) + return error(500, "An internal error occured. Check the logs for details.") + + return success(res) + + if __name__ == '__main__': # systemd's user and group options don't work, do it by hand here, # else no one else will be able to commit |