From: parmentelat Date: Wed, 12 Dec 2018 12:50:41 +0000 (+0100) Subject: prune everything about aspects that is python2 and too tedious to port X-Git-Tag: plcapi-7.0-0~28 X-Git-Url: http://git.onelab.eu/?p=plcapi.git;a=commitdiff_plain;h=d25a3757799c787ee44bb5a6539e3a0edf05fd80 prune everything about aspects that is python2 and too tedious to port --- diff --git a/Makefile b/Makefile index e038082..429cdca 100644 --- a/Makefile +++ b/Makefile @@ -84,7 +84,7 @@ ifeq (,$(SSHURL)) @echo " make sync PLCHOSTLXC=.. GUESTHOSTNAME=.. GUESTNAME=.." @exit 1 else - +$(RSYNC) plcsh PLC planetlab5.sql migrations aspects $(SSHURL)/usr/share/plc_api/ + +$(RSYNC) plcsh PLC planetlab5.sql migrations $(SSHURL)/usr/share/plc_api/ +$(RSYNC) db-config.d/ $(SSHURL)/etc/planetlab/db-config.d/ +$(RSYNC) plc.d/ $(SSHURL)/etc/plc.d/ +$(RSYNC) apache/plc.wsgi $(SSHURL)/usr/share/plc_api/apache/ diff --git a/PLC/API.py b/PLC/API.py index 772014b..8ba9367 100644 --- a/PLC/API.py +++ b/PLC/API.py @@ -163,18 +163,6 @@ class PLCAPI: raise PLCAPIError("Unsupported database type " + self.config.PLC_DB_TYPE) - # Aspects modify the API by injecting code before, after or - # around method calls. - # http://github.com/baris/pyaspects/blob/master/README - # - if self.config.PLC_RATELIMIT_ENABLED: - from aspects import apply_ratelimit_aspect - apply_ratelimit_aspect() - - if getattr(self.config, "PLC_NETCONFIG_ENABLED", False): - from aspects.netconfigaspects import apply_netconfig_aspect - apply_netconfig_aspect() - # Enable Caching. Only for GetSlivers for the moment. # TODO: we may consider to do this in an aspect like the ones above. try: diff --git a/aspects/__init__.py b/aspects/__init__.py deleted file mode 100644 index 41cbe77..0000000 --- a/aspects/__init__.py +++ /dev/null @@ -1,14 +0,0 @@ -from pyaspects.weaver import weave_class_method - -from PLC.Method import Method -from aspects.ratelimitaspects import RateLimitAspect - -def apply_ratelimit_aspect(): - weave_class_method(RateLimitAspect(), Method, "__call__") - -def apply_debugger_aspect(): - # just log all method calls w/ their parameters - from pyaspects.debuggeraspect import DebuggerAspect - weave_class_method(DebuggerAspect(out=open("/tmp/all_method_calls.log", "a")), Method, "__call__") - - diff --git a/aspects/ratelimitaspects.py b/aspects/ratelimitaspects.py deleted file mode 100644 index a290079..0000000 --- a/aspects/ratelimitaspects.py +++ /dev/null @@ -1,164 +0,0 @@ -#-*- coding: utf-8 -*- -# -# S.Çağlar Onur - -from PLC.Config import Config -from PLC.Faults import PLCPermissionDenied - -from PLC.Nodes import Node, Nodes -from PLC.Persons import Person, Persons -from PLC.Sessions import Session, Sessions - -from datetime import datetime, timedelta - -from pyaspects.meta import MetaAspect - -import memcache - -import os -import sys -import socket - -class BaseRateLimit(object): - - def __init__(self): - self.config = Config("/etc/planetlab/plc_config") - - # FIXME: change with Config values - self.prefix = "ratelimit" - self.minutes = 5 # The time period - self.requests = 50 # Number of allowed requests in that time period - self.expire_after = (self.minutes + 1) * 60 - - self.whitelist = [] - - def log(self, line): - log = open("/var/log/plc_api_ratelimit.log", "a") - date = datetime.now().strftime("%d/%m/%y %H:%M") - log.write("%s - %s\n" % (date, line)) - log.flush() - - def mail(self, to): - sendmail = os.popen("/usr/sbin/sendmail -N never -t -f%s" % self.config.PLC_MAIL_SUPPORT_ADDRESS, "w") - - subject = "[PLCAPI] Maximum allowed number of API calls exceeded" - - header = {'from': "%s Support <%s>" % (self.config.PLC_NAME, self.config.PLC_MAIL_SUPPORT_ADDRESS), - 'to': "%s, %s" % (to, self.config.PLC_MAIL_SUPPORT_ADDRESS), - 'version': sys.version.split(" ")[0], - 'subject': subject} - - body = "Maximum allowed number of API calls exceeded for the user %s within the last %s minutes." % (to, self.minutes) - - # Write headers - sendmail.write( -""" -Content-type: text/plain -From: %(from)s -Reply-To: %(from)s -To: %(to)s -X-Mailer: Python/%(version)s -Subject: %(subject)s - -""".lstrip() % header) - - # Write body - sendmail.write(body) - # Done - sendmail.close() - - def before(self, wobj, data, *args, **kwargs): - # ratelimit_128.112.139.115_201011091532 = 1 - # ratelimit_128.112.139.115_201011091533 = 14 - # ratelimit_128.112.139.115_201011091534 = 11 - # Now, on every request we work out the keys for the past five minutes and use get_multi to retrieve them. - # If the sum of those counters exceeds the maximum allowed for that time period, we block the request. - - api_method_name = wobj.name - api_method_source = wobj.source - - try: - api_method = args[0]["AuthMethod"] - except: - return - - # decode api_method_caller - if api_method == "session": - api_method_caller = Sessions(wobj.api, {'session_id': args[0]["session"]}) - if api_method_caller == []: - return - elif api_method_caller[0]["person_id"] != None: - api_method_caller = Persons(wobj.api, api_method_caller[0]["person_id"])[0]["email"] - elif api_method_caller[0]["node_id"] != None: - api_method_caller = Nodes(wobj.api, api_method_caller[0]["node_id"])[0]["hostname"] - else: - api_method_caller = args[0]["session"] - elif api_method == "password" or api_method == "capability": - api_method_caller = args[0]["Username"] - elif api_method == "gpg": - api_method_caller = args[0]["name"] - elif api_method == "hmac" or api_method == "hmac_dummybox": - api_method_caller = args[0]["node_id"] - elif api_method == "anonymous": - api_method_caller = "anonymous" - else: - api_method_caller = "unknown" - - # excludes - if api_method_source == None or api_method_source[0] == socket.gethostbyname(self.config.PLC_API_HOST) or api_method_source[0] in self.whitelist: - return - - # sanity check - if api_method_caller == None: - self.log("%s called from %s with Username = None?" % (api_method_name, api_method_source[0])) - return - - # normalize unicode string otherwise memcache throws an exception - api_method_caller = str(api_method_caller) - - mc = memcache.Client(["%s:11211" % self.config.PLC_API_HOST]) - now = datetime.now() - - current_key = "%s_%s_%s_%s" % (self.prefix, api_method_caller, api_method_source[0], now.strftime("%Y%m%d%H%M")) - keys_to_check = ["%s_%s_%s_%s" % (self.prefix, api_method_caller, api_method_source[0], (now - timedelta(minutes = minute)).strftime("%Y%m%d%H%M")) for minute in range(self.minutes + 1)] - - try: - value = mc.incr(current_key) - except ValueError: - value = None - - if value == None: - mc.set(current_key, 1, time=self.expire_after) - - results = mc.get_multi(keys_to_check) - total_requests = 0 - for i in results: - total_requests += results[i] - - if total_requests > self.requests: - self.log("%s - %s" % (api_method_source[0], api_method_caller)) - - caller_key = "%s_%s" % (self.prefix, api_method_caller) - if mc.get(caller_key) == None: - mc.set(caller_key, 1, time = self.expire_after) - if (api_method == "session" and api_method_caller.__contains__("@")) or (api_method == "password" or api_method == "capability"): - self.mail(api_method_caller) - - raise PLCPermissionDenied("Maximum allowed number of API calls exceeded") - - def after(self, wobj, data, *args, **kwargs): - return - -class RateLimitAspect_class(BaseRateLimit, metaclass=MetaAspect): - name = "ratelimitaspect_class" - - def __init__(self): - BaseRateLimit.__init__(self) - - def before(self, wobj, data, *args, **kwargs): - BaseRateLimit.before(self, wobj, data, *args, **kwargs) - - def after(self, wobj, data, *args, **kwargs): - BaseRateLimit.after(self, wobj, data, *args, **kwargs) - -RateLimitAspect = RateLimitAspect_class diff --git a/plcapi.spec b/plcapi.spec index ac4016e..dc50a3c 100644 --- a/plcapi.spec +++ b/plcapi.spec @@ -35,8 +35,6 @@ Requires: python3-pycurl Requires: python3-lxml # for the RebootNodeWithPCU method Requires: pcucontrol >= 1.0-6 -# for OMF integration - xxx aspects needs porting too -Requires: pyaspects >= 0.4 # for memcache Requires: memcached python3-memcached diff --git a/setup.py b/setup.py index 7ef2690..a530ad1 100755 --- a/setup.py +++ b/setup.py @@ -9,7 +9,7 @@ from distutils.core import setup from glob import glob -setup(packages = ['PLC', 'PLC/Methods', 'PLC/Methods/system', 'PLC/Accessors', 'aspects'], +setup(packages = ['PLC', 'PLC/Methods', 'PLC/Methods/system', 'PLC/Accessors'], scripts = ['plcsh', 'Server.py'], data_files = [ ('', ['planetlab5.sql']),