zware/awx
1
0
Fork 0
mirror of https://github.com/ZwareBear/awx.git synced 2026-05-17 21:08:37 -05:00
Code Issues Packages Projects Releases Wiki Activity

Configure Tower in Tower:

Browse Source 
* Add separate Django app for configuration: awx.conf.
* Migrate from existing main.TowerSettings model to conf.Setting.
* Add settings wrapper to allow get/set/del via django.conf.settings.
* Update existing references to tower_settings to use django.conf.settings.
* Add a settings registry to allow for each Django app to register configurable settings.
* Support setting validation and conversion using Django REST Framework fields.
* Add /api/v1/settings/ to display a list of setting categories.
* Add /api/v1/settings/<slug>/ to display all settings in a category as a single object.
* Allow PUT/PATCH to update setting singleton, DELETE to reset to defaults.
* Add "all" category to display all settings across categories.
* Add "changed" category to display only settings configured in the database.
* Support per-user settings via "user" category (/api/v1/settings/user/).
* Support defaults for user settings via "user-defaults" category (/api/v1/settings/user-defaults/).
* Update serializer metadata to support category, category_slug and placeholder on OPTIONS responses.
* Update serializer metadata to handle child fields of a list/dict.
* Hide raw data form in browsable API for OPTIONS and DELETE.
* Combine existing licensing code into single "TaskEnhancer" class.
* Move license helper functions from awx.api.license into awx.conf.license.
* Update /api/v1/config/ to read/verify/update license using TaskEnhancer and settings wrapper.
* Add support for caching settings accessed via settings wrapper.
* Invalidate cached settings when Setting model changes or is deleted.
* Preload all database settings into cache on first access via settings wrapper.
* Add support for read-only settings than can update their value depending on other settings.
* Use setting_changed signal whenever a setting changes.
* Register configurable authentication, jobs, system and ui settings.
* Register configurable LDAP, RADIUS and social auth settings.
* Add custom fields and validators for URL, LDAP, RADIUS and social auth settings.
* Rewrite existing validator for Credential ssh_private_key to support validating private keys, certs or combinations of both.
* Get all unit/functional tests working with above changes.
* Add "migrate_to_database_settings" command to determine settings to be migrated into the database and comment them out when set in Python settings files.
* Add support for migrating license key from file to database.
* Remove database-configuable settings from local_settings.py example files.
* Update setup role to no longer install files for database-configurable settings.

f 94ff6ee More settings work.
f af4c4e0 Even more db settings stuff.
f 96ea9c0 More settings, attempt at singleton serializer for settings.
f 937c760 More work on singleton/category views in API, add code to comment out settings in Python files, work on command to migrate settings to database.
f 425b0d3 Minor fixes for sprint demo.
f ea402a4 Add support for read-only settings, cleanup license engine, get license support working with DB settings.
f ec289e4 Rename migration, minor fixmes, update setup role.
f 603640b Rewrite key/cert validator, finish adding social auth fields, hook up signals for setting_changed, use None to imply a setting is not set.
f 67d1b5a Get functional/unit tests passing.
f 2919b62 Flake8 fixes.
f e62f421 Add redbaron to requirements, get file to database migration working (except for license).
f c564508 Add support for migrating license file.
f 982f767 Add support for regex in social map fields.
This commit is contained in:
Chris Church
2016-09-26 22:14:47 -04:00
parent 609a3e6f2f
commit 6ebe45b1bd
92 changed files with 4401 additions and 1791 deletions
Download Patch File Download Diff File Expand all files Collapse all files
awx/api/views.py
+25 -105
View File
@@ -3,14 +3,12 @@
# All Rights Reserved.
# Python
import os
import cgi
import datetime
import dateutil
import time
import socket
import sys
import errno
import logging
from base64 import b64encode
from collections import OrderedDict
@@ -18,7 +16,6 @@ from collections import OrderedDict
# Django
from django.conf import settings
from django.contrib.auth.models import User
from django.core.cache import cache
from django.core.urlresolvers import reverse
from django.core.exceptions import FieldError
from django.db.models import Q, Count
@@ -57,7 +54,6 @@ import ansiconv
from social.backends.utils import load_backends
# AWX
from awx.main.task_engine import TaskSerializer, TASK_FILE, TEMPORARY_TASK_FILE
from awx.main.tasks import send_notifications
from awx.main.access import get_user_queryset
from awx.main.ha import is_ha_environment
@@ -65,7 +61,7 @@ from awx.api.authentication import TaskAuthentication, TokenGetAuthentication
from awx.api.utils.decorators import paginated
from awx.api.generics import get_view_name
from awx.api.generics import * # noqa
from awx.api.license import feature_enabled, feature_exists, LicenseForbids
from awx.conf.license import get_license, feature_enabled, feature_exists, LicenseForbids
from awx.main.models import * # noqa
from awx.main.utils import * # noqa
from awx.api.permissions import * # noqa
@@ -73,7 +69,6 @@ from awx.api.renderers import * # noqa
from awx.api.serializers import * # noqa
from awx.api.metadata import RoleMetadata
from awx.main.utils import emit_websocket_notification
from awx.main.conf import tower_settings
logger = logging.getLogger('awx.api.views')
@@ -119,7 +114,7 @@ class ApiV1RootView(APIView):
data['authtoken'] = reverse('api:auth_token_view')
data['ping'] = reverse('api:api_v1_ping_view')
data['config'] = reverse('api:api_v1_config_view')
data['settings'] = reverse('api:settings_list')
data['settings'] = reverse('api:setting_category_list')
data['me'] = reverse('api:user_me_list')
data['dashboard'] = reverse('api:dashboard_view')
data['organizations'] = reverse('api:organization_list')
@@ -189,12 +184,15 @@ class ApiV1ConfigView(APIView):
def get(self, request, format=None):
'''Return various sitewide configuration settings.'''
license_reader = TaskSerializer()
license_data = license_reader.from_database(show_key=request.user.is_superuser or request.user.is_system_auditor)
if request.user.is_superuser or request.user.is_system_auditor:
license_data = get_license(show_key=True)
else:
license_data = get_license(show_key=False)
if license_data and 'features' in license_data and 'activity_streams' in license_data['features']:
license_data['features']['activity_streams'] &= tower_settings.ACTIVITY_STREAM_ENABLED
# FIXME: Make the final setting value dependent on the feature?
license_data['features']['activity_streams'] &= settings.ACTIVITY_STREAM_ENABLED
pendo_state = tower_settings.PENDO_TRACKING_STATE if tower_settings.PENDO_TRACKING_STATE in ('off', 'anonymous', 'detailed') else 'off'
pendo_state = settings.PENDO_TRACKING_STATE if settings.PENDO_TRACKING_STATE in ('off', 'anonymous', 'detailed') else 'off'
data = dict(
time_zone=settings.TIME_ZONE,
@@ -245,19 +243,18 @@ class ApiV1ConfigView(APIView):
except Exception:
# FIX: Log
return Response({"error": "Invalid JSON"}, status=status.HTTP_400_BAD_REQUEST)
license_reader = TaskSerializer()
try:
license_data = license_reader.from_string(data_actual)
from awx.main.task_engine import TaskEnhancer
license_data = json.loads(data_actual)
license_data = TaskEnhancer(**license_data).validate_enhancements()
except Exception:
# FIX: Log
return Response({"error": "Invalid License"}, status=status.HTTP_400_BAD_REQUEST)
# If the license is valid, write it to disk.
# If the license is valid, write it to the database.
if license_data['valid_key']:
tower_settings.LICENSE = data_actual
tower_settings.TOWER_URL_BASE = "{}://{}".format(request.scheme, request.get_host())
# Clear cache when license is updated.
cache.clear()
settings.LICENSE = data_actual
settings.TOWER_URL_BASE = "{}://{}".format(request.scheme, request.get_host())
return Response(license_data)
return Response({"error": "Invalid license"}, status=status.HTTP_400_BAD_REQUEST)
@@ -266,26 +263,14 @@ class ApiV1ConfigView(APIView):
if not request.user.is_superuser:
return Response(None, status=status.HTTP_404_NOT_FOUND)
# Remove license file
has_error = None
for fname in (TEMPORARY_TASK_FILE, TASK_FILE):
try:
os.remove(fname)
except OSError as e:
if e.errno != errno.ENOENT:
has_error = e.errno
break
TowerSettings.objects.filter(key="LICENSE").delete()
# Clear cache when license is updated.
cache.clear()
# Only stop mongod if license removal succeeded
if has_error is None:
try:
settings.LICENSE = {}
return Response(status=status.HTTP_204_NO_CONTENT)
else:
except:
# FIX: Log
return Response({"error": "Failed to remove license (%s)" % has_error}, status=status.HTTP_400_BAD_REQUEST)
class DashboardView(APIView):
view_name = "Dashboard"
@@ -554,7 +539,7 @@ class AuthTokenView(APIView):
# Note: This header is normally added in the middleware whenever an
# auth token is included in the request header.
headers = {
'Auth-Token-Timeout': int(tower_settings.AUTH_TOKEN_EXPIRATION)
'Auth-Token-Timeout': int(settings.AUTH_TOKEN_EXPIRATION)
}
return Response({'token': token.key, 'expires': token.expires}, headers=headers)
if 'username' in request.data:
@@ -3590,9 +3575,9 @@ class UnifiedJobStdout(RetrieveAPIView):
def retrieve(self, request, *args, **kwargs):
unified_job = self.get_object()
obj_size = unified_job.result_stdout_size
if request.accepted_renderer.format != 'txt_download' and obj_size > tower_settings.STDOUT_MAX_BYTES_DISPLAY:
if request.accepted_renderer.format != 'txt_download' and obj_size > settings.STDOUT_MAX_BYTES_DISPLAY:
response_message = "Standard Output too large to display (%d bytes), only download supported for sizes over %d bytes" % (obj_size,
tower_settings.STDOUT_MAX_BYTES_DISPLAY)
settings.STDOUT_MAX_BYTES_DISPLAY)
if request.accepted_renderer.format == 'json':
return Response({'range': {'start': 0, 'end': 1, 'absolute_end': 1}, 'content': response_message})
else:
@@ -3689,8 +3674,8 @@ class NotificationTemplateTest(GenericAPIView):
def post(self, request, *args, **kwargs):
obj = self.get_object()
notification = obj.generate_notification("Tower Notification Test {} {}".format(obj.id, tower_settings.TOWER_URL_BASE),
{"body": "Ansible Tower Test Notification {} {}".format(obj.id, tower_settings.TOWER_URL_BASE)})
notification = obj.generate_notification("Tower Notification Test {} {}".format(obj.id, settings.TOWER_URL_BASE),
{"body": "Ansible Tower Test Notification {} {}".format(obj.id, settings.TOWER_URL_BASE)})
if not notification:
return Response({}, status=status.HTTP_400_BAD_REQUEST)
else:
@@ -3765,71 +3750,6 @@ class ActivityStreamDetail(RetrieveAPIView):
# Okay, let it through.
return super(ActivityStreamDetail, self).get(request, *args, **kwargs)
class SettingsList(ListCreateAPIView):
model = TowerSettings
serializer_class = TowerSettingsSerializer
authentication_classes = [TokenGetAuthentication] + api_settings.DEFAULT_AUTHENTICATION_CLASSES
new_in_300 = True
filter_backends = ()
def get_queryset(self):
class SettingsIntermediary(object):
def __init__(self, key, description, category, value,
value_type, user=None):
self.key = key
self.description = description
self.category = category
self.value = value
self.value_type = value_type
self.user = user
if not self.request.user.is_superuser:
# NOTE: Shortcutting the rbac class due to the merging of the settings manifest and the database
# we'll need to extend this more in the future when we have user settings
return []
all_defined_settings = {}
for s in TowerSettings.objects.all():
all_defined_settings[s.key] = SettingsIntermediary(s.key,
s.description,
s.category,
s.value_converted,
s.value_type,
s.user)
manifest_settings = settings.TOWER_SETTINGS_MANIFEST
settings_actual = []
for settings_key in manifest_settings:
if settings_key in all_defined_settings:
settings_actual.append(all_defined_settings[settings_key])
else:
m_entry = manifest_settings[settings_key]
settings_actual.append(SettingsIntermediary(settings_key,
m_entry['description'],
m_entry['category'],
m_entry['default'],
m_entry['type']))
return settings_actual
def delete(self, request, *args, **kwargs):
if not request.user.can_access(self.model, 'delete', None):
raise PermissionDenied()
TowerSettings.objects.all().delete()
return Response()
class SettingsReset(APIView):
view_name = "Reset a settings value"
new_in_300 = True
def post(self, request):
# NOTE: Extend more with user settings
if not request.user.can_access(TowerSettings, 'delete', None):
raise PermissionDenied()
settings_key = request.data.get('key', None)
if settings_key is not None:
TowerSettings.objects.filter(key=settings_key).delete()
return Response(status=status.HTTP_204_NO_CONTENT)
class RoleList(ListAPIView):