pep8 corrections

parent 226b704c
......@@ -8,6 +8,8 @@
"""
import os
import re
from burpui import app
from flask.ext.restful import Api
......@@ -17,10 +19,9 @@ api = Api(app)
app.jinja_env.globals.update(api=api)
# hack to automatically import api modules
import os
import re
for f in os.listdir(__path__[0]):
if os.path.isfile(os.path.join(__path__[0], f)) and re.search('\.py$', f) and not re.match('__init__', f):
mod = 'burpui.api.'+f[:-3]
__import__(mod)
if (os.path.isfile(os.path.join(__path__[0], f)) and
re.search('\.py$', f) and not
re.match('__init__', f)):
mod = 'burpui.api.'+f[:-3]
__import__(mod)
......@@ -16,7 +16,10 @@ from flask.ext.restful import reqparse, Resource
from flask.ext.login import current_user, login_required
from flask import jsonify
@api.resource('/api/client-tree.json/<name>/<int:backup>', '/api/<server>/client-tree.json/<name>/<int:backup>', endpoint='api.client_tree')
@api.resource('/api/client-tree.json/<name>/<int:backup>',
'/api/<server>/client-tree.json/<name>/<int:backup>',
endpoint='api.client_tree')
class ClientTree(Resource):
"""
The :class:`burpui.api.client.ClientTree` resource allows you to
......@@ -81,9 +84,11 @@ class ClientTree(Resource):
return jsonify(results=j)
root = self.parser.parse_args()['root']
try:
if bui.acl_handler and\
(not bui.acl_handler.acl.is_admin(current_user.name)\
and not bui.acl_handler.acl.is_client_allowed(current_user.name, name, server)):
if (bui.acl_handler and
(not bui.acl_handler.acl.is_admin(current_user.name) and not
bui.acl_handler.acl.is_client_allowed(current_user.name,
name,
server))):
raise BUIserverException('Sorry, you are not allowed to view this client')
j = bui.cli.get_tree(name, backup, root, agent=server)
except BUIserverException, e:
......@@ -91,7 +96,12 @@ class ClientTree(Resource):
return jsonify(notif=err)
return jsonify(results=j)
@api.resource('/api/client-stat.json/<name>', '/api/<server>/client-stat.json/<name>', '/api/client-stat.json/<name>/<int:backup>', '/api/<server>/client-stat.json/<name>/<int:backup>', endpoint='api.client_stats')
@api.resource('/api/client-stat.json/<name>',
'/api/<server>/client-stat.json/<name>',
'/api/client-stat.json/<name>/<int:backup>',
'/api/<server>/client-stat.json/<name>/<int:backup>',
endpoint='api.client_stats')
class ClientStats(Resource):
"""
The :class:`burpui.api.client.ClientStats` resource allows you to
......@@ -261,7 +271,10 @@ class ClientStats(Resource):
if not name:
err = [[1, 'No client defined']]
return jsonify(notif=err)
if bui.acl_handler and not bui.acl_handler.acl.is_client_allowed(current_user.name, name, server):
if (bui.acl_handler and not
bui.acl_handler.acl.is_client_allowed(current_user.name,
name,
server)):
err = [[2, 'You don\'t have rights to view this client stats']]
return jsonify(notif=err)
if backup:
......@@ -288,7 +301,10 @@ class ClientStats(Resource):
return jsonify(notif=err)
return jsonify(results=j)
@api.resource('/api/client.json/<name>', '/api/<server>/client.json/<name>', endpoint='api.client_report')
@api.resource('/api/client.json/<name>',
'/api/<server>/client.json/<name>',
endpoint='api.client_report')
class ClientReport(Resource):
"""
The :class:`burpui.api.client.ClientReport` resource allows you to
......@@ -337,13 +353,14 @@ class ClientReport(Resource):
if not server:
server = self.parser.parse_args()['server']
try:
if bui.acl_handler and ( \
not bui.acl_handler.acl.is_admin(current_user.name) \
and not bui.acl_handler.acl.is_client_allowed(current_user.name, name, server)):
if (bui.acl_handler and (
not bui.acl_handler.acl.is_admin(current_user.name) and
not bui.acl_handler.acl.is_client_allowed(current_user.name,
name,
server))):
raise BUIserverException('Sorry, you cannot access this client')
j = bui.cli.get_client(name, agent=server)
except BUIserverException, e:
err = [[2, str(e)]]
return jsonify(notif=err)
return jsonify(results=j)
......@@ -16,7 +16,12 @@ from flask.ext.restful import reqparse, Resource
from flask.ext.login import current_user, login_required
from flask import jsonify, make_response
@api.resource('/api/running-clients.json', '/api/<server>/running-clients.json', '/api/<client>/running-clients.json', '/api/<server>/<client>/running-clients.json', endpoint='api.running_clients')
@api.resource('/api/running-clients.json',
'/api/<server>/running-clients.json',
'/api/<client>/running-clients.json',
'/api/<server>/<client>/running-clients.json',
endpoint='api.running_clients')
class RunningClients(Resource):
"""
The :class:`burpui.api.clients.RunningClients` resource allows you to
......@@ -60,7 +65,10 @@ class RunningClients(Resource):
server = self.parser.parse_args()['server']
if client:
if bui.acl_handler:
if not bui.acl_handler.acl.is_admin(current_user.name) and not bui.acl_handler.acl.is_client_allowed(current_user.name, client, server):
if (not bui.acl_handler.acl.is_admin(current_user.name) and not
bui.acl_handler.acl.is_client_allowed(current_user.name,
client,
server)):
r = []
return jsonify(results=r)
if bui.cli.is_backup_running(client, server):
......@@ -72,7 +80,8 @@ class RunningClients(Resource):
r = bui.cli.is_one_backup_running(server)
# Manage ACL
if bui.acl_handler and not bui.acl_handler.acl.is_admin(current_user.name):
if (bui.acl_handler and not
bui.acl_handler.acl.is_admin(current_user.name)):
if isinstance(r, dict):
new = {}
for serv in bui.acl_handler.acl.servers(current_user.name):
......@@ -84,7 +93,10 @@ class RunningClients(Resource):
r = [x for x in r if x in allowed]
return jsonify(results=r)
@api.resource('/api/running.json', '/api/<server>/running.json', endpoint='api.running_backup')
@api.resource('/api/running.json',
'/api/<server>/running.json',
endpoint='api.running_backup')
class RunningBackup(Resource):
"""
The :class:`burpui.api.clients.RunningBackup` resource allows you to access
......@@ -117,7 +129,8 @@ class RunningBackup(Resource):
"""
j = bui.cli.is_one_backup_running(server)
# Manage ACL
if bui.acl_handler and not bui.acl_handler.acl.is_admin(current_user.name):
if (bui.acl_handler and not
bui.acl_handler.acl.is_admin(current_user.name)):
if isinstance(j, dict):
new = {}
for serv in bui.acl_handler.acl.servers(current_user.name):
......@@ -137,7 +150,10 @@ class RunningBackup(Resource):
r = len(j) > 0
return jsonify(results=r)
@api.resource('/api/clients-report.json', '/api/<server>/clients-report.json', endpoint='api.clients_report')
@api.resource('/api/clients-report.json',
'/api/<server>/clients-report.json',
endpoint='api.clients_report')
class ClientsReport(Resource):
"""
The :class:`burpui.api.clients.ClientsReport` resource allows you to access
......@@ -182,7 +198,7 @@ class ClientsReport(Resource):
"totsize": 57055793698,
"windows": "false"
}
},
},
{
"name": "client2",
"stats": {
......@@ -211,9 +227,10 @@ class ClientsReport(Resource):
j = []
try:
# Manage ACL
if not bui.standalone and bui.acl_handler and \
(not bui.acl_handler.acl.is_admin(current_user.name) \
and server not in bui.acl_handler.acl.servers(current_user.name)):
if (not bui.standalone and bui.acl_handler and
(not bui.acl_handler.acl.is_admin(current_user.name) and
server not in
bui.acl_handler.acl.servers(current_user.name))):
raise BUIserverException('Sorry, you don\'t have rights on this server')
clients = bui.cli.get_all_clients(agent=server)
except BUIserverException, e:
......@@ -224,7 +241,8 @@ class ClientsReport(Resource):
# Filter only allowed clients
allowed = []
check = False
if bui.acl_handler and not bui.acl_handler.acl.is_admin(current_user.name):
if (bui.acl_handler and not
bui.acl_handler.acl.is_admin(current_user.name)):
check = True
allowed = bui.acl_handler.acl.clients(current_user.name, server)
aclients = []
......@@ -235,7 +253,10 @@ class ClientsReport(Resource):
j = bui.cli.get_clients_report(aclients, server)
return jsonify(results=j)
@api.resource('/api/clients.json', '/api/<server>/clients.json', endpoint='api.clients_stats')
@api.resource('/api/clients.json',
'/api/<server>/clients.json',
endpoint='api.clients_stats')
class ClientsStats(Resource):
"""
The :class:`burpui.api.clients.ClientsStats` resource allows you to access
......@@ -287,12 +308,15 @@ class ClientsStats(Resource):
if not server:
server = self.parser.parse_args()['server']
try:
if not bui.standalone and bui.acl_handler and \
(not bui.acl_handler.acl.is_admin(current_user.name) \
and server not in bui.acl_handler.acl.servers(current_user.name)):
if (not bui.standalone and
bui.acl_handler and
(not bui.acl_handler.acl.is_admin(current_user.name) and
server not in
bui.acl_handler.acl.servers(current_user.name))):
raise BUIserverException('Sorry, you don\'t have any rights on this server')
j = bui.cli.get_all_clients(agent=server)
if bui.acl_handler and not bui.acl_handler.acl.is_admin(current_user.name):
if (bui.acl_handler and not
bui.acl_handler.acl.is_admin(current_user.name)):
j = [x for x in j if x['name'] in bui.acl_handler.acl.clients(current_user.name, server)]
except BUIserverException, e:
err = [[2, str(e)]]
......
......@@ -16,7 +16,10 @@ from flask.ext.restful import reqparse, Resource, abort
from flask.ext.login import current_user, login_required
from flask import jsonify, send_file, make_response, after_this_request
@api.resource('/api/restore/<name>/<int:backup>', '/api/<server>/restore/<name>/<int:backup>', endpoint='api.restore')
@api.resource('/api/restore/<name>/<int:backup>',
'/api/<server>/restore/<name>/<int:backup>',
endpoint='api.restore')
class Restore(Resource):
"""
The :class:`burpui.api.restore.Restore` resource allows you to
......@@ -67,14 +70,25 @@ class Restore(Resource):
if not l or not name or not backup:
abort(500)
# Manage ACL
if bui.acl_handler and \
(not bui.acl_handler.acl.is_client_allowed(current_user.name, name, server) \
and not bui.acl_handler.acl.is_admin(current_user.name)):
if (bui.acl_handler and
(not bui.acl_handler.acl.is_client_allowed(current_user.name,
name,
server) and not
bui.acl_handler.acl.is_admin(current_user.name))):
abort(403)
if server:
filename = 'restoration_%d_%s_on_%s_at_%s.%s' % (backup, name, server, strftime("%Y-%m-%d_%H_%M_%S", gmtime()), f)
filename = 'restoration_%d_%s_on_%s_at_%s.%s' % (
backup,
name,
server,
strftime("%Y-%m-%d_%H_%M_%S", gmtime()),
f)
else:
filename = 'restoration_%d_%s_at_%s.%s' % (backup, name, strftime("%Y-%m-%d_%H_%M_%S", gmtime()), f)
filename = 'restoration_%d_%s_at_%s.%s' % (
backup,
name,
strftime("%Y-%m-%d_%H_%M_%S", gmtime()),
f)
if not server:
# Standalone mode, we can just return the file unless there were errors
archive, err = bui.cli.restore_files(name, backup, l, s, f, p)
......@@ -90,12 +104,16 @@ class Restore(Resource):
# when the transfert is done and the send_file method has closed
# the fh.
fh = open(archive, 'r')
@after_this_request
def remove_file(response):
import os
os.remove(archive)
return response
resp = send_file(fh, as_attachment=True, attachment_filename=filename, mimetype='application/zip')
resp = send_file(fh,
as_attachment=True,
attachment_filename=filename,
mimetype='application/zip')
resp.set_cookie('fileDownload', 'true')
except Exception, e:
app.logger.error(str(e))
......@@ -104,7 +122,13 @@ class Restore(Resource):
# Multi-agent mode
socket = None
try:
socket, length, err = bui.cli.restore_files(name, backup, l, s, f, p, server)
socket, length, err = bui.cli.restore_files(name,
backup,
l,
s,
f,
p,
server)
app.logger.debug('Need to get %d Bytes : %s', length, socket)
if err:
......@@ -123,7 +147,7 @@ class Restore(Resource):
buf = b''
r, _, _ = select.select([sock], [], [], 5)
if not r:
raise Exception ('Socket timed-out')
raise Exception('Socket timed-out')
buf += sock.recv(bsize)
if not buf:
continue
......@@ -133,11 +157,15 @@ class Restore(Resource):
sock.close()
headers = Headers()
headers.add('Content-Disposition', 'attachment', filename=filename)
headers.add('Content-Disposition',
'attachment',
filename=filename)
headers['Content-Length'] = length
resp = Response(stream_file(socket, length), mimetype='application/zip',
headers=headers, direct_passthrough=True)
resp = Response(stream_file(socket, length),
mimetype='application/zip',
headers=headers,
direct_passthrough=True)
resp.set_cookie('fileDownload', 'true')
resp.set_etag('flask-%s-%s-%s' % (
time(),
......
......@@ -7,6 +7,7 @@ from flask.ext.restful import reqparse, Resource
from flask.ext.login import current_user, login_required
from flask import jsonify
@api.resource('/api/servers.json')
class ServersStats(Resource):
......@@ -16,22 +17,29 @@ class ServersStats(Resource):
if hasattr(bui.cli, 'servers'):
check = False
allowed = []
if bui.acl_handler and not bui.acl_handler.acl.is_admin(current_user.name):
if (bui.acl_handler and not
bui.acl_handler.acl.is_admin(current_user.name)):
check = True
allowed = bui.acl_handler.acl.servers(current_user.name)
for serv in bui.cli.servers:
try:
if check:
if serv in allowed:
r.append({'name': serv, 'clients': len(bui.cli.servers[serv].get_all_clients(serv)), 'alive': bui.cli.servers[serv].ping()})
r.append({'name': serv,
'clients': len(bui.cli.servers[serv].get_all_clients(serv)),
'alive': bui.cli.servers[serv].ping()})
else:
r.append({'name': serv, 'clients': len(bui.cli.servers[serv].get_all_clients(serv)), 'alive': bui.cli.servers[serv].ping()})
r.append({'name': serv,
'clients': len(bui.cli.servers[serv].get_all_clients(serv)),
'alive': bui.cli.servers[serv].ping()})
except BUIserverException, e:
err = [[2, str(e)]]
return jsonify(notif=err)
return jsonify(results=r)
@api.resource('/api/live.json', '/api/<server>/live.json')
@api.resource('/api/live.json',
'/api/<server>/live.json')
class Live(Resource):
def __init__(self):
......
......@@ -6,13 +6,16 @@ from flask.ext.restful import reqparse, abort, Resource
from flask.ext.login import current_user, login_required
from flask import request, render_template, jsonify
@api.resource('/api/server-config', '/api/<server>/server-config')
@api.resource('/api/server-config',
'/api/<server>/server-config')
class ServerSettings(Resource):
@login_required
def get(self, server=None):
# Only the admin can edit the configuration
if bui.acl_handler and not bui.acl_handler.acl.is_admin(current_user.name):
if (bui.acl_handler and not
bui.acl_handler.acl.is_admin(current_user.name)):
abort(403, message='Sorry, you don\'t have rights to access the setting panel')
r = bui.cli.read_conf_srv(server)
return jsonify(results=r,
......@@ -25,13 +28,16 @@ class ServerSettings(Resource):
placeholders=bui.cli.get_parser_attr('placeholders', server),
defaults=bui.cli.get_parser_attr('defaults', server))
@api.resource('/api/client-config/<client>', '/api/<server>/client-config/<client>')
@api.resource('/api/client-config/<client>',
'/api/<server>/client-config/<client>')
class ClientSettings(Resource):
@login_required
def get(self, server=None, client=None):
# Only the admin can edit the configuration
if bui.acl_handler and not bui.acl_handler.acl.is_admin(current_user.name):
if (bui.acl_handler and not
bui.acl_handler.acl.is_admin(current_user.name)):
abort(403, message='Sorry, you don\'t have rights to access the setting panel')
r = bui.cli.read_conf_cli(client, server)
return jsonify(results=r)
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment