freezer-web-ui/freezer_ui/api/rest/rest_api.py

# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
#       http://www.apache.org/licenses/LICENSE-2.0
#
#  Unless required by applicable law or agreed to in writing, software
#  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
#  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
#  License for the specific language governing permissions and limitations
#  under the License.

import functools
import json

from django.http import HttpResponse
from django.views import generic

from openstack_dashboard.api.rest import utils as rest_utils
from openstack_dashboard.api.rest.utils import JSONResponse

import freezer_ui.api.api as freezer_api


# https://github.com/tornadoweb/tornado/issues/1009
# http://haacked.com/archive/2008/11/20/anatomy-of-a-subtle-json-vulnerability.aspx/
def prevent_json_hijacking(function):
    @functools.wraps(function)
    def wrapper(*args, **kwargs):
        response = function(*args, **kwargs)
        if isinstance(response, JSONResponse) and response.content:
            response.content = ")]}',\n" + response.content
        return response

    return wrapper


class Clients(generic.View):
    """API for nova limits."""

    @prevent_json_hijacking
    @rest_utils.ajax()
    def get(self, request):
        """Get all registered freezer clients"""

        # we don't have a "get all clients" api (probably for good reason) so
        # we need to resort to getting a very high number.
        clients = freezer_api.client_list_json(request)
        clients = json.dumps(clients)
        return HttpResponse(clients,
                            content_type="application/json")


class Actions(generic.View):
    """API for clients"""

    @prevent_json_hijacking
    @rest_utils.ajax()
    def get(self, request):
        """Get all registered freezer actions"""
        actions = freezer_api.action_list_json(request)
        actions = json.dumps(actions)
        return HttpResponse(actions,
                            content_type="application/json")


class ActionsInJob(generic.View):
    """API for actions in a job"""

    @prevent_json_hijacking
    @rest_utils.ajax()
    def get(self, request, job_id=None):
        """Get all registered freezer actions"""
        actions = freezer_api.actions_in_job_json(request, job_id)
        actions = json.dumps(actions)
        return HttpResponse(actions,
                            content_type="application/json")
Backup history. Enable a list of backups that you can restore immediately from the ui Change-Id: I8f9bdf85b4f476ea3af9e7c12f50a86d173a999f 2015-07-28 13:31:49 +01:00			`# Licensed under the Apache License, Version 2.0 (the "License"); you may`
			`# not use this file except in compliance with the License. You may obtain`
			`# a copy of the License at`
			`#`
			`# http://www.apache.org/licenses/LICENSE-2.0`
			`#`
			`# Unless required by applicable law or agreed to in writing, software`
			`# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT`
			`# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the`
			`# License for the specific language governing permissions and limitations`
			`# under the License.`

This version contains the following pages: - Overview displays charts/reports (Currently only placeholders) - Configurations allows to define new backup configurations and link them to instances - Backups shows a list of all succesful backups and allows to restore them - Restores shows a history of all restored backups It communicates with the api server via the client apis (freeezer.client.client). The "glue code" between client apis and the UI lives in freezer.api.api. Implements: Blueprint freezer-api-web-ui Change-Id: I48cd8cba2b0169c6e64f650233c1a31b91ced34f 2015-03-06 12:18:05 +00:00			`import functools`
Backup history. Enable a list of backups that you can restore immediately from the ui Change-Id: I8f9bdf85b4f476ea3af9e7c12f50a86d173a999f 2015-07-28 13:31:49 +01:00			`import json`
This version contains the following pages: - Overview displays charts/reports (Currently only placeholders) - Configurations allows to define new backup configurations and link them to instances - Backups shows a list of all succesful backups and allows to restore them - Restores shows a history of all restored backups It communicates with the api server via the client apis (freeezer.client.client). The "glue code" between client apis and the UI lives in freezer.api.api. Implements: Blueprint freezer-api-web-ui Change-Id: I48cd8cba2b0169c6e64f650233c1a31b91ced34f 2015-03-06 12:18:05 +00:00
Flexible way to create, update, delete actions in a job Job workflow now has a sortable list to select actions in order Change-Id: I67c624d3a45109e4328259fca7b42cb4fb2077f7 2015-07-09 17:15:20 +01:00			`from django.http import HttpResponse`
This version contains the following pages: - Overview displays charts/reports (Currently only placeholders) - Configurations allows to define new backup configurations and link them to instances - Backups shows a list of all succesful backups and allows to restore them - Restores shows a history of all restored backups It communicates with the api server via the client apis (freeezer.client.client). The "glue code" between client apis and the UI lives in freezer.api.api. Implements: Blueprint freezer-api-web-ui Change-Id: I48cd8cba2b0169c6e64f650233c1a31b91ced34f 2015-03-06 12:18:05 +00:00			`from django.views import generic`
Backup history. Enable a list of backups that you can restore immediately from the ui Change-Id: I8f9bdf85b4f476ea3af9e7c12f50a86d173a999f 2015-07-28 13:31:49 +01:00
This version contains the following pages: - Overview displays charts/reports (Currently only placeholders) - Configurations allows to define new backup configurations and link them to instances - Backups shows a list of all succesful backups and allows to restore them - Restores shows a history of all restored backups It communicates with the api server via the client apis (freeezer.client.client). The "glue code" between client apis and the UI lives in freezer.api.api. Implements: Blueprint freezer-api-web-ui Change-Id: I48cd8cba2b0169c6e64f650233c1a31b91ced34f 2015-03-06 12:18:05 +00:00			`from openstack_dashboard.api.rest import utils as rest_utils`
			`from openstack_dashboard.api.rest.utils import JSONResponse`

Prepare UI for split fixed paths to support new repo layout modified tox file Change-Id: Ibbe087cc4e0ae02b890824b4a559a9dd0c0a0a49 2015-08-28 15:52:15 +01:00			`import freezer_ui.api.api as freezer_api`
This version contains the following pages: - Overview displays charts/reports (Currently only placeholders) - Configurations allows to define new backup configurations and link them to instances - Backups shows a list of all succesful backups and allows to restore them - Restores shows a history of all restored backups It communicates with the api server via the client apis (freeezer.client.client). The "glue code" between client apis and the UI lives in freezer.api.api. Implements: Blueprint freezer-api-web-ui Change-Id: I48cd8cba2b0169c6e64f650233c1a31b91ced34f 2015-03-06 12:18:05 +00:00

			`# https://github.com/tornadoweb/tornado/issues/1009`
			`# http://haacked.com/archive/2008/11/20/anatomy-of-a-subtle-json-vulnerability.aspx/`
			`def prevent_json_hijacking(function):`
			`@functools.wraps(function)`
			`def wrapper(args, *kwargs):`
			`response = function(args, *kwargs)`
			`if isinstance(response, JSONResponse) and response.content:`
			`response.content = ")]}',\n" + response.content`
			`return response`

			`return wrapper`


			`class Clients(generic.View):`
			`"""API for nova limits."""`

			`@prevent_json_hijacking`
			`@rest_utils.ajax()`
			`def get(self, request):`
			`"""Get all registered freezer clients"""`

			`# we don't have a "get all clients" api (probably for good reason) so`
			`# we need to resort to getting a very high number.`
Backup history. Enable a list of backups that you can restore immediately from the ui Change-Id: I8f9bdf85b4f476ea3af9e7c12f50a86d173a999f 2015-07-28 13:31:49 +01:00			`clients = freezer_api.client_list_json(request)`
			`clients = json.dumps(clients)`
			`return HttpResponse(clients,`
			`content_type="application/json")`
Flexible way to create, update, delete actions in a job Job workflow now has a sortable list to select actions in order Change-Id: I67c624d3a45109e4328259fca7b42cb4fb2077f7 2015-07-09 17:15:20 +01:00

			`class Actions(generic.View):`
			`"""API for clients"""`

			`@prevent_json_hijacking`
			`@rest_utils.ajax()`
			`def get(self, request):`
			`"""Get all registered freezer actions"""`
			`actions = freezer_api.action_list_json(request)`
			`actions = json.dumps(actions)`
			`return HttpResponse(actions,`
			`content_type="application/json")`


			`class ActionsInJob(generic.View):`
			`"""API for actions in a job"""`

			`@prevent_json_hijacking`
			`@rest_utils.ajax()`
			`def get(self, request, job_id=None):`
			`"""Get all registered freezer actions"""`
			`actions = freezer_api.actions_in_job_json(request, job_id)`
			`actions = json.dumps(actions)`
			`return HttpResponse(actions,`
			`content_type="application/json")`