summaryrefslogtreecommitdiff
path: root/src/services/vyos-http-api-server
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2019-10-24 15:26:55 +0200
committerChristian Poessinger <christian@poessinger.com>2019-10-24 15:26:55 +0200
commit1d8e7c841d7eee501e9a822db727fc1eec449b5e (patch)
tree6d31b0319a71e92b2b0ef18abe6c0bd64fb55457 /src/services/vyos-http-api-server
parent034c68aa62b5a9a493e77e8ac18f4e38ee621b25 (diff)
parent3400b1dd79702553ebbd40516bf454f3fe47885b (diff)
downloadvyos-1x-1d8e7c841d7eee501e9a822db727fc1eec449b5e.tar.gz
vyos-1x-1d8e7c841d7eee501e9a822db727fc1eec449b5e.zip
Merge branch 'current' of github.com:vyos/vyos-1x into equuleus
* 'current' of github.com:vyos/vyos-1x: T1762: adjust the set_level() calls to use the new list representation. [vyos.config] T1764: support both string and list arguments in config functions. T1759: bug fixes, missing interface IP [vyos.config] T1758: use vyos.configtree for reading values, instead of calling cli-shell-api. [HTTP API] Add endpoints for config file and image management. ddclient: T1030: add cloudflare zone config entry [service https] T1443: organize internal data by server block [vyos.config] T1758: check that config setup has completed before calling showConfig, else, default to config.boot [HTTP API] Use a decorator for functions that require authentication. ddclient: T1030: adjust to latest syntax ddclient: T1030: auto create runtime directories ddclient: T1030: use new default configuration file path T1759: Migrating interfaces T1755: fixes issue with 'show vpn ipsec sa' command where lack of keysize (encr-keysize) will result in KeyError - such as for CHACHA20_POLY1305 T1755: fixes issue with 'show vpn ipsec sa' command where lack of hash (integ-alg) will result in KeyError - such as with GCM based options
Diffstat (limited to 'src/services/vyos-http-api-server')
-rwxr-xr-xsrc/services/vyos-http-api-server106
1 files changed, 92 insertions, 14 deletions
diff --git a/src/services/vyos-http-api-server b/src/services/vyos-http-api-server
index afab9be70..04c44c2be 100755
--- a/src/services/vyos-http-api-server
+++ b/src/services/vyos-http-api-server
@@ -27,12 +27,13 @@ import vyos.config
import bottle
+from functools import wraps
+
from vyos.configsession import ConfigSession, ConfigSessionError
from vyos.config import VyOSError
DEFAULT_CONFIG_FILE = '/etc/vyos/http-api.conf'
-
CFG_GROUP = 'vyattacfg'
app = bottle.default_app()
@@ -61,16 +62,23 @@ def success(data):
resp = {"success": True, "data": data, "error": None}
return json.dumps(resp)
+def auth_required(f):
+ @wraps(f)
+ def decorated_function(*args, **kwargs):
+ key = bottle.request.forms.get("key")
+ api_keys = app.config['vyos_keys']
+ id = check_auth(api_keys, key)
+ if not id:
+ return error(401, "Valid API key is required")
+ return f(*args, **kwargs)
+
+ return decorated_function
+
@app.route('/configure', method='POST')
+@auth_required
def configure():
session = app.config['vyos_session']
config = app.config['vyos_config']
- api_keys = app.config['vyos_keys']
-
- key = bottle.request.forms.get("key")
- id = check_auth(api_keys, key)
- if not id:
- return error(401, "Valid API key is required")
strict_field = bottle.request.forms.get("strict")
if strict_field == "true":
@@ -177,17 +185,11 @@ def configure():
return success(None)
@app.route('/retrieve', method='POST')
+@auth_required
def get_value():
config = app.config['vyos_config']
session = app.config['vyos_session']
- api_keys = app.config['vyos_keys']
-
- key = bottle.request.forms.get("key")
- id = check_auth(api_keys, key)
- if not id:
- return error(401, "Valid API key is required")
-
command = bottle.request.forms.get("data")
command = json.loads(command)
@@ -220,6 +222,82 @@ def get_value():
return success(res)
+@app.route('/config-file', method='POST')
+@auth_required
+def config_file_op():
+ config = app.config['vyos_config']
+ session = app.config['vyos_session']
+
+ command = bottle.request.forms.get("data")
+ command = json.loads(command)
+
+ try:
+ op = command['op']
+ except KeyError:
+ return error(400, "Missing required field \"op\"")
+
+ try:
+ if op == 'save':
+ try:
+ path = command['file']
+ except KeyError:
+ path = '/config/config.boot'
+ res = session.save_config(path)
+ elif op == 'load':
+ try:
+ path = command['file']
+ except KeyError:
+ return error(400, "Missing required field \"file\"")
+ res = session.load_config(path)
+ res = session.commit()
+ else:
+ return error(400, "\"{0}\" is not a valid operation".format(op))
+ except VyOSError as e:
+ return error(400, str(e))
+ except Exception as e:
+ print(traceback.format_exc(), file=sys.stderr)
+ return error(500, "An internal error occured. Check the logs for details.")
+
+ return success(res)
+
+@app.route('/image', method='POST')
+@auth_required
+def config_file_op():
+ config = app.config['vyos_config']
+ session = app.config['vyos_session']
+
+ command = bottle.request.forms.get("data")
+ command = json.loads(command)
+
+ try:
+ op = command['op']
+ except KeyError:
+ return error(400, "Missing required field \"op\"")
+
+ try:
+ if op == 'add':
+ try:
+ url = command['url']
+ except KeyError:
+ return error(400, "Missing required field \"url\"")
+ res = session.install_image(url)
+ elif op == 'delete':
+ try:
+ name = command['name']
+ except KeyError:
+ return error(400, "Missing required field \"name\"")
+ res = session.remove_image(name)
+ else:
+ return error(400, "\"{0}\" is not a valid operation".format(op))
+ except VyOSError as e:
+ return error(400, str(e))
+ except Exception as e:
+ print(traceback.format_exc(), file=sys.stderr)
+ return error(500, "An internal error occured. Check the logs for details.")
+
+ return success(res)
+
+
if __name__ == '__main__':
# systemd's user and group options don't work, do it by hand here,
# else no one else will be able to commit