slapos_cloud: add constrain to check caucase web service configuration

35ca1295 · Alain Takoudjou · 8ca07000 · 35ca1295 · 35ca1295 · 35ca1295
Commit 35ca1295 authored Jul 06, 2017 by Alain Takoudjou
14 changed files
--- a/master/bt5/slapos_cloud/DocumentTemplateItem/portal_components/document.erp5.Person.py
+++ b/master/bt5/slapos_cloud/DocumentTemplateItem/portal_components/document.erp5.Person.py
@@ -20,7 +20,7 @@ class Person(ERP5Person):

  def getPersonCertificateList(self):
    return [x for x in
-      self.contentValues(portal_type="Certificate Access ID")
+      self.contentValues(portal_type="Certificate Login")
      if x.getValidationState() == 'validated']

  security.declarePublic('signCertificate')
@@ -39,7 +39,7 @@ class Person(ERP5Person):

    # link to the user
    certificate_id = self.newContent(
-      portal_type="Certificate Access ID",
+      portal_type="Certificate Login",
      reference=crt_id,
      url_string=url)


--- a/master/bt5/slapos_cloud/DocumentTemplateItem/portal_components/document.erp5.SoftwareInstance.py
+++ b/master/bt5/slapos_cloud/DocumentTemplateItem/portal_components/document.erp5.SoftwareInstance.py
@@ -71,7 +71,7 @@ class SoftwareInstance(Item):

  def _getInstanceCertificate(self):
    certificate_id_list = [x for x in
-      self.contentValues(portal_type="Certificate Access ID")
+      self.contentValues(portal_type="Certificate Login")
      if x.getValidationState() == 'validated']

    if certificate_id_list:
@@ -112,7 +112,7 @@ class SoftwareInstance(Item):

    # link to the Instance
    certificate_id = self.newContent(
-      portal_type="Certificate Access ID",
+      portal_type="Certificate Login",
      reference=crt_id,
      url_string=url)


--- a/master/bt5/slapos_cloud/ExtensionTemplateItem/portal_components/extension.erp5.Caucase.py
+++ b/master/bt5/slapos_cloud/ExtensionTemplateItem/portal_components/extension.erp5.Caucase.py
+###############################################################################
+#
+# Copyright (c) 2002-2011 Nexedi SA and Contributors. All Rights Reserved.
+#
+# WARNING: This program as such is intended to be used by professional
+# programmers who take the whole responsibility of assessing all potential
+# consequences resulting from its eventual inadequacies and bugs
+# End users who are looking for a ready-to-use solution with commercial
+# guarantees and support are strongly adviced to contract a Free Software
+# Service Company
+#
+# This program is Free Software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+#
+##############################################################################
+
+from urlparse import urlparse, urljoin
+import ssl
+import string
+import random
+import urllib2
+import urllib
+
+
+def generatePassword():
+  return ''.join(random.choice(string.ascii_uppercase + string.ascii_lowercase + string.digits) for _ in range(16))
+
+def getCaucaseUrl(promise_url):
+  parse_url = urlparse(promise_url)
+  if parse_url.scheme == 'http':
+    if parse_url.port:
+      # Always consider caucase https port is http port + 1
+      https_port = parse_url.port + 1
+      port_index = parse_url.netloc.rindex('%s' % parse_url.port)
+      return (parse_url.hostname,
+              'https://%s%s/%s' % (parse_url.netloc[:port_index], https_port, parse_url.path))
+    else:
+      return (parse_url.hostname,
+              'https://%s%s' % (parse_url.netloc, parse_url.path))
+  else:
+    return parse_url.hostname, promise_url
+
+def getCaucaseServiceUrl(self, promise_url):
+  return getCaucaseUrl(promise_url)
+
+def configureCaucase(self, promise_url):
+  if not promise_url:
+    return
+
+  ca_service = self.getPortalObject().portal_web_services.caucase_adapter
+  hostname, caucase_url = getCaucaseUrl(promise_url)
+
+  # XXX - we should create a valid ssl context from caucase
+  context = ssl._create_unverified_context()
+  response = urllib2.urlopen(caucase_url, context=context)
+
+  if response.getcode() != 200:
+    raise ValueError('Server responded with status=%r, url=%r, body=%r' % (
+      response.getcode(),
+      caucase_url,
+      response.read(),
+    ))
+
+  if response.geturl().endswith('admin/configure'):
+    # no password set, we where redirected to set password page
+    # set a new password
+    password = generatePassword()
+    passwd_url = urljoin(caucase_url, '/admin/setpassword')
+    request_dict = {'password': password}
+    request = urllib2.Request(passwd_url, urllib.urlencode(request_dict))
+    response = urllib2.urlopen(request, context=context)
+    if response.getcode() != 200:
+      raise ValueError('Server responded with status=%r, url=%r, body=%r' % (
+        response.getcode(),
+        passwd_url,
+        response.read(),
+      ))
+
+    ca_service.edit(source_hostname=hostname,
+                    url_string=caucase_url,
+                    user_id='admin',
+                    password=password)
+  else:
+    ca_service.edit(source_hostname=hostname,
+                    url_string=caucase_url)
+  if ca_service.getValidationState() != 'validated':
+    ca_service.validate()
--- a/master/bt5/slapos_cloud/ExtensionTemplateItem/portal_components/extension.erp5.Caucase.xml
+++ b/master/bt5/slapos_cloud/ExtensionTemplateItem/portal_components/extension.erp5.Caucase.xml
+<?xml version="1.0"?>
+<ZopeData>
+  <record id="1" aka="AAAAAAAAAAE=">
+    <pickle>
+      <global name="Extension Component" module="erp5.portal_type"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>_recorded_property_dict</string> </key>
+            <value>
+              <persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
+            </value>
+        </item>
+        <item>
+            <key> <string>default_reference</string> </key>
+            <value> <string>Caucase</string> </value>
+        </item>
+        <item>
+            <key> <string>description</string> </key>
+            <value>
+              <none/>
+            </value>
+        </item>
+        <item>
+            <key> <string>id</string> </key>
+            <value> <string>extension.erp5.Caucase</string> </value>
+        </item>
+        <item>
+            <key> <string>portal_type</string> </key>
+            <value> <string>Extension Component</string> </value>
+        </item>
+        <item>
+            <key> <string>sid</string> </key>
+            <value>
+              <none/>
+            </value>
+        </item>
+        <item>
+            <key> <string>text_content_error_message</string> </key>
+            <value>
+              <tuple/>
+            </value>
+        </item>
+        <item>
+            <key> <string>text_content_warning_message</string> </key>
+            <value>
+              <tuple/>
+            </value>
+        </item>
+        <item>
+            <key> <string>version</string> </key>
+            <value> <string>erp5</string> </value>
+        </item>
+        <item>
+            <key> <string>workflow_history</string> </key>
+            <value>
+              <persistent> <string encoding="base64">AAAAAAAAAAM=</string> </persistent>
+            </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+  <record id="2" aka="AAAAAAAAAAI=">
+    <pickle>
+      <global name="PersistentMapping" module="Persistence.mapping"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>data</string> </key>
+            <value>
+              <dictionary/>
+            </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+  <record id="3" aka="AAAAAAAAAAM=">
+    <pickle>
+      <global name="PersistentMapping" module="Persistence.mapping"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>data</string> </key>
+            <value>
+              <dictionary>
+                <item>
+                    <key> <string>component_validation_workflow</string> </key>
+                    <value>
+                      <persistent> <string encoding="base64">AAAAAAAAAAQ=</string> </persistent>
+                    </value>
+                </item>
+              </dictionary>
+            </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+  <record id="4" aka="AAAAAAAAAAQ=">
+    <pickle>
+      <global name="WorkflowHistoryList" module="Products.ERP5Type.patches.WorkflowTool"/>
+    </pickle>
+    <pickle>
+      <tuple>
+        <none/>
+        <list>
+          <dictionary>
+            <item>
+                <key> <string>action</string> </key>
+                <value> <string>validate</string> </value>
+            </item>
+            <item>
+                <key> <string>validation_state</string> </key>
+                <value> <string>validated</string> </value>
+            </item>
+          </dictionary>
+        </list>
+      </tuple>
+    </pickle>
+  </record>
+</ZopeData>
--- a/master/bt5/slapos_cloud/PortalTypeAllowedContentTypeTemplateItem/allowed_content_types.xml
+++ b/master/bt5/slapos_cloud/PortalTypeAllowedContentTypeTemplateItem/allowed_content_types.xml
 <allowed_content_type_list>
 <portal_type id="Computer">
-  <item>Certificate Access ID</item>
+  <item>Certificate Login</item>
 </portal_type>
 <portal_type id="Hosting Subscription Module">
  <item>Hosting Subscription</item>
 </portal_type>
 <portal_type id="Person">
-  <item>Certificate Access ID</item>
+  <item>Certificate Login</item>
 </portal_type>
 <portal_type id="Software Installation Module">
  <item>Software Installation</item>
 </portal_type>
 <portal_type id="Software Instance">
-  <item>Certificate Access ID</item>
+  <item>Certificate Login</item>
 </portal_type>
 <portal_type id="Software Instance Module">
  <item>Slave Instance</item>

--- a/master/bt5/slapos_cloud/PortalTypePropertySheetTemplateItem/property_sheet_list.xml
+++ b/master/bt5/slapos_cloud/PortalTypePropertySheetTemplateItem/property_sheet_list.xml
@@ -7,7 +7,7 @@
  <item>RESTClientInterface</item>
  <item>Url</item>
 </portal_type>
- <portal_type id="Certificate Access ID">
+ <portal_type id="Certificate Login">
  <item>Reference</item>
  <item>Url</item>
 </portal_type>

--- a/master/bt5/slapos_cloud/PropertySheetTemplateItem/portal_property_sheets/CaucaseRESTClientAdapterCheckConstraint.xml
+++ b/master/bt5/slapos_cloud/PropertySheetTemplateItem/portal_property_sheets/CaucaseRESTClientAdapterCheckConstraint.xml
+<?xml version="1.0"?>
+<ZopeData>
+  <record id="1" aka="AAAAAAAAAAE=">
+    <pickle>
+      <global name="Property Sheet" module="erp5.portal_type"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>_count</string> </key>
+            <value>
+              <persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
+            </value>
+        </item>
+        <item>
+            <key> <string>_mt_index</string> </key>
+            <value>
+              <persistent> <string encoding="base64">AAAAAAAAAAM=</string> </persistent>
+            </value>
+        </item>
+        <item>
+            <key> <string>_tree</string> </key>
+            <value>
+              <persistent> <string encoding="base64">AAAAAAAAAAQ=</string> </persistent>
+            </value>
+        </item>
+        <item>
+            <key> <string>description</string> </key>
+            <value>
+              <none/>
+            </value>
+        </item>
+        <item>
+            <key> <string>id</string> </key>
+            <value> <string>CaucaseRESTClientAdapterCheckConstraint</string> </value>
+        </item>
+        <item>
+            <key> <string>portal_type</string> </key>
+            <value> <string>Property Sheet</string> </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+  <record id="2" aka="AAAAAAAAAAI=">
+    <pickle>
+      <global name="Length" module="BTrees.Length"/>
+    </pickle>
+    <pickle> <int>0</int> </pickle>
+  </record>
+  <record id="3" aka="AAAAAAAAAAM=">
+    <pickle>
+      <global name="OOBTree" module="BTrees.OOBTree"/>
+    </pickle>
+    <pickle>
+      <none/>
+    </pickle>
+  </record>
+  <record id="4" aka="AAAAAAAAAAQ=">
+    <pickle>
+      <global name="OOBTree" module="BTrees.OOBTree"/>
+    </pickle>
+    <pickle>
+      <none/>
+    </pickle>
+  </record>
+</ZopeData>
--- a/master/bt5/slapos_cloud/PropertySheetTemplateItem/portal_property_sheets/CaucaseRESTClientAdapterCheckConstraint/caucase_adapter_consistency_constraint_constraint.xml
+++ b/master/bt5/slapos_cloud/PropertySheetTemplateItem/portal_property_sheets/CaucaseRESTClientAdapterCheckConstraint/caucase_adapter_consistency_constraint_constraint.xml
+<?xml version="1.0"?>
+<ZopeData>
+  <record id="1" aka="AAAAAAAAAAE=">
+    <pickle>
+      <global name="Script Constraint" module="erp5.portal_type"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>_identity_criterion</string> </key>
+            <value>
+              <persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
+            </value>
+        </item>
+        <item>
+            <key> <string>_range_criterion</string> </key>
+            <value>
+              <persistent> <string encoding="base64">AAAAAAAAAAM=</string> </persistent>
+            </value>
+        </item>
+        <item>
+            <key> <string>categories</string> </key>
+            <value>
+              <tuple>
+                <string>constraint_type/post_upgrade</string>
+              </tuple>
+            </value>
+        </item>
+        <item>
+            <key> <string>description</string> </key>
+            <value>
+              <none/>
+            </value>
+        </item>
+        <item>
+            <key> <string>id</string> </key>
+            <value> <string>caucase_adapter_consistency_constraint_constraint</string> </value>
+        </item>
+        <item>
+            <key> <string>portal_type</string> </key>
+            <value> <string>Script Constraint</string> </value>
+        </item>
+        <item>
+            <key> <string>script_id</string> </key>
+            <value> <string>CaucaseRESTClient_checkCaucaseConsistency</string> </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+  <record id="2" aka="AAAAAAAAAAI=">
+    <pickle>
+      <global name="PersistentMapping" module="Persistence.mapping"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>data</string> </key>
+            <value>
+              <dictionary/>
+            </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+  <record id="3" aka="AAAAAAAAAAM=">
+    <pickle>
+      <global name="PersistentMapping" module="Persistence.mapping"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>data</string> </key>
+            <value>
+              <dictionary/>
+            </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+</ZopeData>
--- a/master/bt5/slapos_cloud/SkinTemplateItem/portal_skins/erp5_web_service/CaucaseRESTClient_checkCaucaseConsistency.py
+++ b/master/bt5/slapos_cloud/SkinTemplateItem/portal_skins/erp5_web_service/CaucaseRESTClient_checkCaucaseConsistency.py
+portal = context.getPortalObject()
+
+error_list = []
+if context.getId() != "caucase_adapter":
+  return error_list
+caucase_service = portal.portal_web_services.caucase_adapter
+promise_caucase_url = portal.getPromiseParameter('external_service', 'caucase_url')
+
+if promise_caucase_url is not None:
+  url_string = caucase_service.getUrlString()
+  _, caucase_url = context.CaucaseRESTClient_getSecureServiceUrl(promise_caucase_url)
+  if not url_string or not caucase_service.getPassword() \
+      or not caucase_service.getUserId():
+    error_list.append("Caucase web service is not configured!")
+  elif caucase_url.rstrip('/') != url_string.rstrip('/'):
+    # caucase URL was modified
+    error_list.append(
+      "Caucase web service is not configured as Expected: %s" %
+        "Expect as url_string: %s\nGot %s" % (caucase_url, url_string))
+
+
+if len(error_list) > 0 and fixit:
+  context.CaucaseRESTClient_configureCaucase(promise_caucase_url)
+return error_list
--- a/master/bt5/slapos_cloud/SkinTemplateItem/portal_skins/erp5_web_service/CaucaseRESTClient_checkCaucaseConsistency.xml
+++ b/master/bt5/slapos_cloud/SkinTemplateItem/portal_skins/erp5_web_service/CaucaseRESTClient_checkCaucaseConsistency.xml
+<?xml version="1.0"?>
+<ZopeData>
+  <record id="1" aka="AAAAAAAAAAE=">
+    <pickle>
+      <global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>Script_magic</string> </key>
+            <value> <int>3</int> </value>
+        </item>
+        <item>
+            <key> <string>_bind_names</string> </key>
+            <value>
+              <object>
+                <klass>
+                  <global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
+                </klass>
+                <tuple/>
+                <state>
+                  <dictionary>
+                    <item>
+                        <key> <string>_asgns</string> </key>
+                        <value>
+                          <dictionary>
+                            <item>
+                                <key> <string>name_container</string> </key>
+                                <value> <string>container</string> </value>
+                            </item>
+                            <item>
+                                <key> <string>name_context</string> </key>
+                                <value> <string>context</string> </value>
+                            </item>
+                            <item>
+                                <key> <string>name_m_self</string> </key>
+                                <value> <string>script</string> </value>
+                            </item>
+                            <item>
+                                <key> <string>name_subpath</string> </key>
+                                <value> <string>traverse_subpath</string> </value>
+                            </item>
+                          </dictionary>
+                        </value>
+                    </item>
+                  </dictionary>
+                </state>
+              </object>
+            </value>
+        </item>
+        <item>
+            <key> <string>_params</string> </key>
+            <value> <string>fixit=False, activate_kw={}, **kw</string> </value>
+        </item>
+        <item>
+            <key> <string>id</string> </key>
+            <value> <string>CaucaseRESTClient_checkCaucaseConsistency</string> </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+</ZopeData>
--- a/master/bt5/slapos_cloud/SkinTemplateItem/portal_skins/erp5_web_service/CaucaseRESTClient_configureCaucase.xml
+++ b/master/bt5/slapos_cloud/SkinTemplateItem/portal_skins/erp5_web_service/CaucaseRESTClient_configureCaucase.xml
+<?xml version="1.0"?>
+<ZopeData>
+  <record id="1" aka="AAAAAAAAAAE=">
+    <pickle>
+      <global name="ExternalMethod" module="Products.ExternalMethod.ExternalMethod"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>_function</string> </key>
+            <value> <string>configureCaucase</string> </value>
+        </item>
+        <item>
+            <key> <string>_module</string> </key>
+            <value> <string>Caucase</string> </value>
+        </item>
+        <item>
+            <key> <string>id</string> </key>
+            <value> <string>CaucaseRESTClient_configureCaucase</string> </value>
+        </item>
+        <item>
+            <key> <string>title</string> </key>
+            <value> <string>Caucase REST Client Interface Configuration</string> </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+</ZopeData>
--- a/master/bt5/slapos_cloud/SkinTemplateItem/portal_skins/erp5_web_service/CaucaseRESTClient_getSecureServiceUrl.xml
+++ b/master/bt5/slapos_cloud/SkinTemplateItem/portal_skins/erp5_web_service/CaucaseRESTClient_getSecureServiceUrl.xml
+<?xml version="1.0"?>
+<ZopeData>
+  <record id="1" aka="AAAAAAAAAAE=">
+    <pickle>
+      <global name="ExternalMethod" module="Products.ExternalMethod.ExternalMethod"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>_function</string> </key>
+            <value> <string>getCaucaseServiceUrl</string> </value>
+        </item>
+        <item>
+            <key> <string>_module</string> </key>
+            <value> <string>Caucase</string> </value>
+        </item>
+        <item>
+            <key> <string>id</string> </key>
+            <value> <string>CaucaseRESTClient_getSecureServiceUrl</string> </value>
+        </item>
+        <item>
+            <key> <string>title</string> </key>
+            <value> <string></string> </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+</ZopeData>
--- a/master/bt5/slapos_cloud/bt/template_extension_id_list
+++ b/master/bt5/slapos_cloud/bt/template_extension_id_list
 extension.erp5.SlapOSCloud
-extension.erp5.SlapOSSecurity
\ No newline at end of file
+extension.erp5.SlapOSSecurity
+extension.erp5.Caucase
\ No newline at end of file
--- a/master/bt5/slapos_cloud/bt/template_property_sheet_id_list
+++ b/master/bt5/slapos_cloud/bt/template_property_sheet_id_list
@@ -11,4 +11,5 @@ SlaposPersonConstraint
 SlaposAssignmentConstraint
 SlaposEmailConstraint
 SlaposComputerConstraint
-RESTClientInterface
\ No newline at end of file
+RESTClientInterface
+CaucaseRESTClientAdapterCheckConstraint
\ No newline at end of file