|
|
#-*- coding: utf-8 -*-
|
|
|
|
|
|
# Copyright 2010-2012 Calculate Ltd. http://www.calculate-linux.org
|
|
|
#
|
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
# you may not use this file except in compliance with the License.
|
|
|
# You may obtain a copy of the License at
|
|
|
#
|
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
|
#
|
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
# See the License for the specific language governing permissions and
|
|
|
# limitations under the License.
|
|
|
|
|
|
import sys, os
|
|
|
import subprocess
|
|
|
import OpenSSL
|
|
|
|
|
|
from soaplib.serializers.primitive import String, Integer, Boolean
|
|
|
from soaplib.serializers.clazz import Array, ClassSerializer
|
|
|
from soaplib.service import rpc
|
|
|
from calculate.core.server.api_types import ReturnedMessage
|
|
|
from calculate.core.server.api_types import (Field, GroupField,
|
|
|
ViewInfo, ViewParams)
|
|
|
from calculate.lib.datavars import VariableError
|
|
|
|
|
|
from calculate.core import datavars
|
|
|
import traceback
|
|
|
|
|
|
class CertificateInfo(ClassSerializer):
|
|
|
"""Parameters for method install"""
|
|
|
cl_cert_id = String
|
|
|
|
|
|
def catchExcept():
|
|
|
class wrapper:
|
|
|
def __init__(self,f):
|
|
|
self.f = f
|
|
|
self.func_name = f.func_name
|
|
|
self.func_code = f.func_code
|
|
|
self.__doc__ = f.__doc__
|
|
|
self.__name__ = f.__name__
|
|
|
|
|
|
def __call__(self,selfobj,*args,**kwargs):
|
|
|
try:
|
|
|
return self.f(selfobj,*args,**kwargs)
|
|
|
except BaseException as e:
|
|
|
view = ViewInfo(groups=[])
|
|
|
group = GroupField(name=_("Error"),last=True)
|
|
|
group.fields = []
|
|
|
group.fields.append(Field(
|
|
|
name = "error",
|
|
|
label = str(e),
|
|
|
default = 'color:red;',
|
|
|
element = "error"))
|
|
|
view.groups.append(group)
|
|
|
print "!!!!EXCEPTION!!!!"
|
|
|
for i in apply(traceback.format_exception, sys.exc_info()):
|
|
|
print i
|
|
|
return view
|
|
|
return wrapper
|
|
|
|
|
|
class CoreWsdl:
|
|
|
def view_cert_meth (self, dv):
|
|
|
""" rights for the selected certificate """
|
|
|
try:
|
|
|
cert_id = dv.Get('cl_cert_id')
|
|
|
data_path = dv.Get('cl_core_data')
|
|
|
group_rights = dv.Get('cl_core_group_rights')
|
|
|
rights = dv.Get('cl_core_rights')
|
|
|
|
|
|
# Помещение данных в словарь процессов
|
|
|
self.briefParams('cert_view')
|
|
|
if cert_id != 'all':
|
|
|
try:
|
|
|
cert_id_list = [int(cert_id)]
|
|
|
except:
|
|
|
self.printERROR("Error input certificate ID!")
|
|
|
return True
|
|
|
else:
|
|
|
cert_id_list = dv.Get('cl_all_cert_id')
|
|
|
for cert_id in map(lambda x: int(x), cert_id_list):
|
|
|
cert_file = data_path+'/client_certs/%s.crt' %str(cert_id)
|
|
|
if not os.path.exists(cert_file):
|
|
|
self.printERROR ("Certificate not found in server!")
|
|
|
return True
|
|
|
cert = open(cert_file, 'r').read()
|
|
|
|
|
|
#try:
|
|
|
certobj = OpenSSL.crypto.load_certificate \
|
|
|
(OpenSSL.SSL.FILETYPE_PEM, cert)
|
|
|
com = certobj.get_extension(certobj.get_extension_count()-1). \
|
|
|
get_data()
|
|
|
groups = com.split(':')[1]
|
|
|
groups_list = groups.split(',')
|
|
|
#except:
|
|
|
#return ['-1']
|
|
|
|
|
|
# if group = all and not redefined group all
|
|
|
if 'all' in groups_list:
|
|
|
find_flag = False
|
|
|
fd = open(group_rights, 'r')
|
|
|
t = fd.read()
|
|
|
# find all in group_rights file
|
|
|
for line in t.splitlines():
|
|
|
if line.split()[0] == 'all':
|
|
|
find_flag = True
|
|
|
break
|
|
|
if not find_flag:
|
|
|
self.printSUCCESS(_("Certificate %d can run all methods!") \
|
|
|
%cert_id)
|
|
|
|
|
|
else:
|
|
|
results = []
|
|
|
if not os.path.exists (group_rights):
|
|
|
open(group_rights, 'w')
|
|
|
with open(group_rights) as fd:
|
|
|
t = fd.read()
|
|
|
for line in t.splitlines():
|
|
|
words = line.split(' ',1)
|
|
|
# first word in line equal name input method
|
|
|
if words[0] in groups_list:
|
|
|
methods = words[1].split(',')
|
|
|
for i in methods:
|
|
|
results.append(i.strip())
|
|
|
|
|
|
results = uniq(results)
|
|
|
|
|
|
add_list_rights = []
|
|
|
del_list_rights = []
|
|
|
|
|
|
with open(rights) as fr:
|
|
|
t = fr.read()
|
|
|
for line in t.splitlines():
|
|
|
words = line.split()
|
|
|
meth = words[0]
|
|
|
for word in words:
|
|
|
try:
|
|
|
word = int(word)
|
|
|
except:
|
|
|
continue
|
|
|
# compare with certificat number
|
|
|
if cert_id == word:
|
|
|
# if has right
|
|
|
add_list_rights.append(meth)
|
|
|
if cert_id == -word:
|
|
|
del_list_rights.append(meth)
|
|
|
|
|
|
results += add_list_rights
|
|
|
results = uniq(results)
|
|
|
|
|
|
for method in results:
|
|
|
if method in del_list_rights:
|
|
|
results.remove(method)
|
|
|
|
|
|
if results == []:
|
|
|
results.append("No Methods")
|
|
|
|
|
|
self.printSUCCESS(_("Certificate %d can run: ") %cert_id)
|
|
|
for i in results:
|
|
|
self.printSUCCESS(i)
|
|
|
b = '<b>'
|
|
|
_b = '</b>'
|
|
|
self.printSUCCESS(b+_('Certificate groups')+':'+_b+'\n' + \
|
|
|
reduce (lambda x, y: x + ', \n' + y, groups_list))
|
|
|
self.printSUCCESS(b+_("Fingerprint = ") +_b+\
|
|
|
certobj.digest('SHA1'))
|
|
|
self.printSUCCESS(b+_("Serial Number = ") +_b +\
|
|
|
str(certobj.get_serial_number()))
|
|
|
self.printSUCCESS(' ')
|
|
|
Issuer = certobj.get_issuer().get_components()
|
|
|
self.printSUCCESS (b+_("\nIssuer") +_b)
|
|
|
for i in Issuer:
|
|
|
self.printSUCCESS ("%s : %s" %(i[0], i[1]))
|
|
|
Subject = certobj.get_subject().get_components()
|
|
|
self.printSUCCESS (b+_("\nSubject") +_b)
|
|
|
for item in Subject:
|
|
|
self.printSUCCESS ("%s : %s" %(item[0], item[1]))
|
|
|
self.printSUCCESS(' ')
|
|
|
self.printSUCCESS(' ')
|
|
|
return True
|
|
|
# Обработка сигнала прерывания работы процесса
|
|
|
except KeyboardInterrupt:
|
|
|
# Необходимо передать Fasle для сохранения данных о процессе
|
|
|
return False
|
|
|
|
|
|
############################################
|
|
|
|
|
|
def check_cert_params (self, dv, info,allvars=False,ordered=None):
|
|
|
errors = []
|
|
|
keys = sorted(filter(lambda x:x.lower() == x,
|
|
|
info._type_info.keys()))
|
|
|
if ordered:
|
|
|
keys = ordered + filter(lambda x:not x in ordered,
|
|
|
keys)
|
|
|
for var in keys:
|
|
|
# get value of variable from info
|
|
|
val = info.__getattribute__(var)
|
|
|
# check value if value send of check allvariables
|
|
|
if val != None or allvars:
|
|
|
try:
|
|
|
# if value not send, then get from datavars
|
|
|
if val == None:
|
|
|
val = dv.Get(var)
|
|
|
else:
|
|
|
uncomperr = dv.Uncompatible(var)
|
|
|
if uncomperr:
|
|
|
raise VariableError(uncomperr)
|
|
|
if not dv.Uncompatible(var):
|
|
|
dv.Set(var, val)
|
|
|
except VariableError, e:
|
|
|
mess = ''
|
|
|
messages = e.message if type(e.message) == list else [e.message]
|
|
|
for error in messages:
|
|
|
mess += str(error) + '\n'
|
|
|
errors.append(ReturnedMessage(type = 'error', field = var,
|
|
|
message = mess))
|
|
|
return errors
|
|
|
|
|
|
from calculate.core.server.baseClass import Basic
|
|
|
from calculate.core.server.decorators import Dec
|
|
|
|
|
|
def certificateCommon(self,sid,info,methodname):
|
|
|
"""
|
|
|
Install common method
|
|
|
"""
|
|
|
try:
|
|
|
dv = self.get_cache(sid,methodname,"vars")
|
|
|
if not dv:
|
|
|
#reload(cl_install)
|
|
|
dv = datavars.DataVarsCore()
|
|
|
dv.importCore()
|
|
|
dv.flIniFile()
|
|
|
errors = self.check_cert_params(dv, info,
|
|
|
ordered=['cl_cert_id'],
|
|
|
allvars=True)
|
|
|
if errors:
|
|
|
return errors
|
|
|
certificate_meth = type("certificateCommon",(self.Common,
|
|
|
CoreWsdl, object), {})
|
|
|
pid = self.startprocess(sid, target=certificate_meth,
|
|
|
method="view_cert_meth",
|
|
|
auto_delete = True,
|
|
|
args_proc = (dv,))
|
|
|
returnmess = ReturnedMessage(type = 'pid', message = pid,
|
|
|
expert = True)
|
|
|
returnmess.type = "pid"
|
|
|
returnmess.message = pid
|
|
|
dv = self.clear_cache(sid,methodname)
|
|
|
return [returnmess]
|
|
|
finally:
|
|
|
if dv:
|
|
|
self.set_cache(sid,methodname,"vars",dv,smart=False)
|
|
|
return []
|
|
|
|
|
|
@rpc(Integer, CertificateInfo, _returns = Array(ReturnedMessage))
|
|
|
@Dec.check_permissions(["view_cert"])
|
|
|
@Dec.console('view_cert')
|
|
|
@Dec.gui('Core', 'View Cert', 'certificate-server,application-certificate')
|
|
|
def view_cert ( self, sid, info):
|
|
|
if not info:
|
|
|
errors = []
|
|
|
mess = 'Certificate Identificator must be int or "all"!'
|
|
|
errors.append(ReturnedMessage(type = 'error', field = 'cl_cert_id',
|
|
|
message = mess))
|
|
|
return errors
|
|
|
dv = datavars.DataVarsCore()
|
|
|
dv.importCore()
|
|
|
dv.flIniFile()
|
|
|
dv.Set('cl_cert_id', info.cl_cert_id)
|
|
|
self.set_cache(sid, 'view_cert', "vars", dv, smart=False)
|
|
|
return self.certificateCommon(sid,info,'view_cert')
|
|
|
|
|
|
@rpc(Integer, ViewParams, _returns = ViewInfo)
|
|
|
@catchExcept()
|
|
|
def view_cert_view (self, sid, params):
|
|
|
dv = datavars.DataVarsCore()
|
|
|
dv.importCore()
|
|
|
dv.flIniFile()
|
|
|
dv.addGroup(_("Certificate View"),
|
|
|
normal=('cl_cert_id',),
|
|
|
next_label=_("View"))
|
|
|
view = ViewInfo (dv)
|
|
|
self.set_cache(sid, 'view_cert', "vars", dv, smart=False)
|
|
|
return view
|
