vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Add ID-based pagination to logs using new decorators and an encrypted token

Browse source 
Fixes #599
This commit is contained in:
Joseph Schorr 2015-12-22 09:05:17 -05:00
parent af77b92bcf
commit bd0a098282
8 changed files with 110 additions and 36 deletions
Download patch file Download diff file Expand all files Collapse all files

37
endpoints/api/__init__.py
View file

@ -1,5 +1,6 @@
import logging
import datetime
import json
from app import app, metric_queue
from flask import Blueprint, request, make_response, jsonify, session
@ -21,6 +22,7 @@ from auth.auth import process_oauth
from endpoints.csrf import csrf_protect
from endpoints.decorators import check_anon_protection
from util.saas.metricqueue import time_decorator
from util.security.aes import AESCipher
logger = logging.getLogger(__name__)
@ -209,6 +211,41 @@ def query_param(name, help_str, type=reqparse.text_type, default=None,
return add_param
def page_support(func):
""" Adds pagination support to an API endpoint. The decorated API will have an
added query parameter named 'next_page'. Works in tandem with the
modelutil paginate method.
"""
@wraps(func)
@query_param('next_page', 'The page token for the next page', type=str)
def wrapper(self, query_args, *args, **kwargs):
page_token = None
unecrypted = None
if query_args['next_page']:
# Decrypt the page token.
cipher = AESCipher(app.config['PAGE_TOKEN_KEY'])
try:
unecrypted = cipher.decrypt(query_args['next_page'])
except TypeError:
pass
if unecrypted is not None:
try:
page_token = json.loads(unecrypted)
except ValueError:
pass
(result, next_page_token) = func(self, query_args, page_token, *args, **kwargs)
if next_page_token is not None:
cipher = AESCipher(app.config['PAGE_TOKEN_KEY'])
result['next_page'] = cipher.encrypt(json.dumps(next_page_token))
return result
return wrapper
def parse_args(func):
@wraps(func)
def wrapper(self, *args, **kwargs):

41
endpoints/api/logs.py
View file

@ -8,15 +8,14 @@ from dateutil.relativedelta import relativedelta
from endpoints.api import (resource, nickname, ApiResource, query_param, parse_args,
RepositoryParamResource, require_repo_admin, related_user_resource,
format_date, Unauthorized, NotFound, require_user_admin,
internal_only, path_param, require_scope)
internal_only, path_param, require_scope, page_support)
from auth.permissions import AdministerOrganizationPermission, AdministerOrganizationPermission
from auth.auth_context import get_authenticated_user
from data import model
from data import model, database
from auth import scopes
from app import avatar
LOGS_PER_PAGE = 50
MAX_PAGES = 20
LOGS_PER_PAGE = 20
def log_view(log, kinds):
view = {
@ -79,20 +78,22 @@ def _validate_logs_arguments(start_time, end_time, performer_name):
return (start_time, end_time, performer)
def get_logs(start_time, end_time, performer_name=None, repository=None, namespace=None, page=None):
def get_logs(start_time, end_time, performer_name=None, repository=None, namespace=None,
page_token=None):
(start_time, end_time, performer) = _validate_logs_arguments(start_time, end_time, performer_name)
page = min(MAX_PAGES, page if page else 1)
kinds = model.log.get_log_entry_kinds()
logs = model.log.list_logs(start_time, end_time, performer=performer, repository=repository,
namespace=namespace, page=page, count=LOGS_PER_PAGE + 1)
logs_query = model.log.get_logs_query(start_time, end_time, performer=performer,
repository=repository, namespace=namespace)
logs, next_page_token = model.modelutil.paginate(logs_query, database.LogEntry, descending=True,
page_token=page_token, limit=LOGS_PER_PAGE)
return {
'start_time': format_date(start_time),
'end_time': format_date(end_time),
'logs': [log_view(log, kinds) for log in logs[0:LOGS_PER_PAGE]],
'page': page,
'has_additional': len(logs) > LOGS_PER_PAGE,
}
'logs': [log_view(log, kinds) for log in logs],
}, next_page_token
def get_aggregate_logs(start_time, end_time, performer_name=None, repository=None, namespace=None):
(start_time, end_time, performer) = _validate_logs_arguments(start_time, end_time, performer_name)
@ -116,7 +117,8 @@ class RepositoryLogs(RepositoryParamResource):
@query_param('starttime', 'Earliest time from which to get logs (%m/%d/%Y %Z)', type=str)
@query_param('endtime', 'Latest time to which to get logs (%m/%d/%Y %Z)', type=str)
@query_param('page', 'The page number for the logs', type=int, default=1)
def get(self, args, namespace, repository):
@page_support
def get(self, args, page_token, namespace, repository):
""" List the logs for the specified repository. """
repo = model.repository.get_repository(namespace, repository)
if not repo:
@ -124,7 +126,7 @@ class RepositoryLogs(RepositoryParamResource):
start_time = args['starttime']
end_time = args['endtime']
return get_logs(start_time, end_time, repository=repo, page=args['page'])
return get_logs(start_time, end_time, repository=repo, page_token=page_token)
@resource('/v1/user/logs')
@ -137,8 +139,8 @@ class UserLogs(ApiResource):
@query_param('starttime', 'Earliest time from which to get logs. (%m/%d/%Y %Z)', type=str)
@query_param('endtime', 'Latest time to which to get logs. (%m/%d/%Y %Z)', type=str)
@query_param('performer', 'Username for which to filter logs.', type=str)
@query_param('page', 'The page number for the logs', type=int, default=1)
def get(self, args):
@page_support
def get(self, args, page_token):
""" List the logs for the current user. """
performer_name = args['performer']
start_time = args['starttime']
@ -146,7 +148,7 @@ class UserLogs(ApiResource):
user = get_authenticated_user()
return get_logs(start_time, end_time, performer_name=performer_name, namespace=user.username,
page=args['page'])
page_token=page_token)
@resource('/v1/organization/<orgname>/logs')
@ -160,8 +162,9 @@ class OrgLogs(ApiResource):
@query_param('endtime', 'Latest time to which to get logs. (%m/%d/%Y %Z)', type=str)
@query_param('performer', 'Username for which to filter logs.', type=str)
@query_param('page', 'The page number for the logs', type=int, default=1)
@page_support
@require_scope(scopes.ORG_ADMIN)
def get(self, args, orgname):
def get(self, args, page_token, orgname):
""" List the logs for the specified organization. """
permission = AdministerOrganizationPermission(orgname)
if permission.can():
@ -170,7 +173,7 @@ class OrgLogs(ApiResource):
end_time = args['endtime']
return get_logs(start_time, end_time, namespace=orgname, performer_name=performer_name,
page=args['page'])
page_token=page_token)
raise Unauthorized()

8
endpoints/api/superuser.py
View file

@ -12,7 +12,8 @@ import features
from app import app, avatar, superusers, authentication, config_provider
from endpoints.api import (ApiResource, nickname, resource, validate_json_request,
internal_only, require_scope, show_if, parse_args,
query_param, abort, require_fresh_login, path_param, verify_not_prod)
query_param, abort, require_fresh_login, path_param, verify_not_prod,
page_support)
from endpoints.api.logs import get_logs, get_aggregate_logs
from data import model
from auth.permissions import SuperUserPermission
@ -116,14 +117,15 @@ class SuperUserLogs(ApiResource):
@query_param('starttime', 'Earliest time from which to get logs (%m/%d/%Y %Z)', type=str)
@query_param('endtime', 'Latest time to which to get logs (%m/%d/%Y %Z)', type=str)
@query_param('page', 'The page number for the logs', type=int, default=1)
@page_support
@require_scope(scopes.SUPERUSER)
def get(self, args):
def get(self, args, page_token):
""" List the usage logs for the current system. """
if SuperUserPermission().can():
start_time = args['starttime']
end_time = args['endtime']
return get_logs(start_time, end_time, page=args['page'])
return get_logs(start_time, end_time, page_token=page_token)
abort(403)