external/proxstar
1
0
Fork 0
mirror of https://github.com/ComputerScienceHouse/proxstar.git synced 2025-03-09 15:40:09 +00:00
Code Issues Releases Wiki Activity

use oidc for auth, remove proxtar from paths, check if rtp when necessary

Browse source
This commit is contained in:
Jordan Rodgers 2017-12-12 15:41:25 -05:00
parent e6fd8b1c0c
commit b656df33ba
6 changed files with 115 additions and 74 deletions
Download patch file Download diff file Expand all files Collapse all files

97
app.py
View file

@ -5,7 +5,8 @@ import subprocess
from db import *
from starrs import *
from proxmox import *
from flask import Flask, render_template, request, redirect, send_from_directory
from flask_pyoidc.flask_pyoidc import OIDCAuthentication
from flask import Flask, render_template, request, redirect, send_from_directory, session
app = Flask(__name__)
@ -16,11 +17,16 @@ app.config.from_pyfile(config)
app.config["GIT_REVISION"] = subprocess.check_output(
['git', 'rev-parse', '--short', 'HEAD']).decode('utf-8').rstrip()
user = 'proxstar'
auth = OIDCAuthentication(app,
issuer=app.config['OIDC_ISSUER'],
client_registration_info=app.config['OIDC_CLIENT_CONFIG'])
@app.route("/")
@auth.oidc_auth
def list_vms():
user = session['userinfo']['preferred_username']
rtp = 'rtp' in session['userinfo']['groups']
proxmox = connect_proxmox(app.config['PROXMOX_HOST'],
app.config['PROXMOX_USER'],
app.config['PROXMOX_PASS'])
@ -29,7 +35,7 @@ def list_vms():
if 'name' not in vm:
vms.remove(vm)
vms = sorted(vms, key=lambda k: k['name'])
return render_template('list_vms.html', username='com6056', vms=vms)
return render_template('list_vms.html', username=user, rtp=rtp, vms=vms)
@app.route("/isos")
@ -57,13 +63,15 @@ def hostname(name):
@app.route("/vm/<string:vmid>")
def vm_details(vmid):
user = session['userinfo']['preferred_username']
rtp = 'rtp' in session['userinfo']['groups']
proxmox = connect_proxmox(app.config['PROXMOX_HOST'],
app.config['PROXMOX_USER'],
app.config['PROXMOX_PASS'])
starrs = connect_starrs(
app.config['STARRS_DB_NAME'], app.config['STARRS_DB_USER'],
app.config['STARRS_DB_HOST'], app.config['STARRS_DB_PASS'])
if int(vmid) in get_user_allowed_vms(proxmox, user):
if int(vmid) in get_user_allowed_vms(proxmox, user) or 'rtp' in session['userinfo']['groups']:
vm = get_vm(proxmox, vmid)
vm['vmid'] = vmid
vm['config'] = get_vm_config(proxmox, vmid)
@ -76,17 +84,18 @@ def vm_details(vmid):
usage = get_user_usage(proxmox, 'proxstar')
limits = get_user_usage_limits(user)
usage_check = check_user_usage(proxmox, user, vm['config']['cores'], vm['config']['memory'], 0)
return render_template('vm_details.html', username='com6056', vm=vm, usage=usage, limits=limits, usage_check=usage_check)
return render_template('vm_details.html', username=user, rtp=rtp, vm=vm, usage=usage, limits=limits, usage_check=usage_check)
else:
return '', 403
@app.route("/vm/<string:vmid>/power/<string:action>", methods=['POST'])
def vm_power(vmid, action):
user = session['userinfo']['preferred_username']
proxmox = connect_proxmox(app.config['PROXMOX_HOST'],
app.config['PROXMOX_USER'],
app.config['PROXMOX_PASS'])
if int(vmid) in get_user_allowed_vms(proxmox, user):
if int(vmid) in get_user_allowed_vms(proxmox, user) or 'rtp' in session['userinfo']['groups']:
if action == 'start':
config = get_vm_config(proxmox, vmid)
usage_check = check_user_usage(proxmox, user, config['cores'], config['memory'], 0)
@ -100,10 +109,11 @@ def vm_power(vmid, action):
@app.route("/vm/<string:vmid>/cpu/<int:cores>", methods=['POST'])
def vm_cpu(vmid, cores):
user = session['userinfo']['preferred_username']
proxmox = connect_proxmox(app.config['PROXMOX_HOST'],
app.config['PROXMOX_USER'],
app.config['PROXMOX_PASS'])
if int(vmid) in get_user_allowed_vms(proxmox, user):
if int(vmid) in get_user_allowed_vms(proxmox, user) or 'rtp' in session['userinfo']['groups']:
cur_cores = get_vm_config(proxmox, vmid)['cores']
if cores >= cur_cores:
status = get_vm(proxmox, vmid)['qmpstatus']
@ -121,10 +131,11 @@ def vm_cpu(vmid, cores):
@app.route("/vm/<string:vmid>/mem/<int:mem>", methods=['POST'])
def vm_mem(vmid, mem):
user = session['userinfo']['preferred_username']
proxmox = connect_proxmox(app.config['PROXMOX_HOST'],
app.config['PROXMOX_USER'],
app.config['PROXMOX_PASS'])
if int(vmid) in get_user_allowed_vms(proxmox, user):
if int(vmid) in get_user_allowed_vms(proxmox, user) or 'rtp' in session['userinfo']['groups']:
cur_mem = get_vm_config(proxmox, vmid)['memory'] // 1024
if mem >= cur_mem:
status = get_vm(proxmox, vmid)['qmpstatus']
@ -142,13 +153,14 @@ def vm_mem(vmid, mem):
@app.route("/vm/<string:vmid>/renew", methods=['POST'])
def vm_renew(vmid):
user = session['userinfo']['preferred_username']
proxmox = connect_proxmox(app.config['PROXMOX_HOST'],
app.config['PROXMOX_USER'],
app.config['PROXMOX_PASS'])
starrs = connect_starrs(
app.config['STARRS_DB_NAME'], app.config['STARRS_DB_USER'],
app.config['STARRS_DB_HOST'], app.config['STARRS_DB_PASS'])
if int(vmid) in get_user_allowed_vms(proxmox, user):
if int(vmid) in get_user_allowed_vms(proxmox, user) or 'rtp' in session['userinfo']['groups']:
renew_vm_expire(vmid, app.config['VM_EXPIRE_MONTHS'])
for interface in get_vm_interfaces(proxmox, vmid):
renew_ip(starrs, get_ip_for_mac(starrs, interface[1]))
@ -159,10 +171,11 @@ def vm_renew(vmid):
@app.route("/vm/<string:vmid>/eject", methods=['POST'])
def iso_eject(vmid):
user = session['userinfo']['preferred_username']
proxmox = connect_proxmox(app.config['PROXMOX_HOST'],
app.config['PROXMOX_USER'],
app.config['PROXMOX_PASS'])
if int(vmid) in get_user_allowed_vms(proxmox, user):
if int(vmid) in get_user_allowed_vms(proxmox, user) or 'rtp' in session['userinfo']['groups']:
eject_vm_iso(proxmox, vmid)
return '', 200
else:
@ -171,10 +184,11 @@ def iso_eject(vmid):
@app.route("/vm/<string:vmid>/mount/<string:iso>", methods=['POST'])
def iso_mount(vmid, iso):
user = session['userinfo']['preferred_username']
proxmox = connect_proxmox(app.config['PROXMOX_HOST'],
app.config['PROXMOX_USER'],
app.config['PROXMOX_PASS'])
if int(vmid) in get_user_allowed_vms(proxmox, user):
if int(vmid) in get_user_allowed_vms(proxmox, user) or 'rtp' in session['userinfo']['groups']:
iso = "{}:iso/{}".format(app.config['PROXMOX_ISO_STORAGE'], iso)
mount_vm_iso(proxmox, vmid, iso)
return '', 200
@ -184,13 +198,14 @@ def iso_mount(vmid, iso):
@app.route("/vm/<string:vmid>/delete", methods=['POST'])
def delete(vmid):
user = session['userinfo']['preferred_username']
proxmox = connect_proxmox(app.config['PROXMOX_HOST'],
app.config['PROXMOX_USER'],
app.config['PROXMOX_PASS'])
starrs = connect_starrs(
app.config['STARRS_DB_NAME'], app.config['STARRS_DB_USER'],
app.config['STARRS_DB_HOST'], app.config['STARRS_DB_PASS'])
if int(vmid) in get_user_allowed_vms(proxmox, user):
if int(vmid) in get_user_allowed_vms(proxmox, user) or 'rtp' in session['userinfo']['groups']:
vmname = get_vm_config(proxmox, vmid)['name']
delete_vm(proxmox, starrs, vmid)
delete_starrs(starrs, vmname)
@ -202,6 +217,8 @@ def delete(vmid):
@app.route("/vm/create", methods=['GET', 'POST'])
def create():
user = session['userinfo']['preferred_username']
rtp = 'rtp' in session['userinfo']['groups']
proxmox = connect_proxmox(app.config['PROXMOX_HOST'],
app.config['PROXMOX_USER'],
app.config['PROXMOX_PASS'])
@ -215,7 +232,8 @@ def create():
isos = get_isos(proxmox, app.config['PROXMOX_ISO_STORAGE'])
return render_template(
'create.html',
username='com6056',
username=user,
rtp=rtp,
usage=usage,
limits=limits,
percents=percents,
@ -245,32 +263,43 @@ def create():
@app.route('/limits/<string:user>', methods=['POST'])
def set_limits(user):
cpu = request.form['cpu']
mem = request.form['mem']
disk = request.form['disk']
set_user_usage_limits(user, cpu, mem, disk)
return '', 200
if 'rtp' in session['userinfo']['groups']:
cpu = request.form['cpu']
mem = request.form['mem']
disk = request.form['disk']
set_user_usage_limits(user, cpu, mem, disk)
return '', 200
else:
return '', 403
@app.route('/limits/<string:user>/reset', methods=['POST'])
def reset_limits(user):
delete_user_usage_limits(user)
return '', 200
if 'rtp' in session['userinfo']['groups']:
delete_user_usage_limits(user)
return '', 200
else:
return '', 403
@app.route('/limits')
def limits():
proxmox = connect_proxmox(app.config['PROXMOX_HOST'],
app.config['PROXMOX_USER'],
app.config['PROXMOX_PASS'])
pools = get_pools(proxmox)
pools = sorted(pools)
user_limits = []
for pool in pools:
if pool not in app.config['IGNORED_POOLS']:
limits = get_user_usage_limits(pool)
user_limits.append([pool, limits['cpu'], limits['mem'], limits['disk']])
return render_template('limits.html', username='com6056', user_limits=user_limits)
if 'rtp' in session['userinfo']['groups']:
user = session['userinfo']['preferred_username']
rtp = 'rtp' in session['userinfo']['groups']
proxmox = connect_proxmox(app.config['PROXMOX_HOST'],
app.config['PROXMOX_USER'],
app.config['PROXMOX_PASS'])
pools = get_pools(proxmox)
pools = sorted(pools)
user_limits = []
for pool in pools:
if pool not in app.config['IGNORED_POOLS']:
limits = get_user_usage_limits(pool)
user_limits.append([pool, limits['cpu'], limits['mem'], limits['disk']])
return render_template('limits.html', username=user, rtp=rtp, user_limits=user_limits)
else:
return '', 403
@app.route('/novnc/<path:path>')
@ -278,5 +307,11 @@ def send_novnc(path):
return send_from_directory('static/novnc-pve/novnc', path)
@app.route("/logout")
@auth.oidc_logout
def logout():
return redirect(url_for('list_vms'), 302)
if __name__ == "__main__":
app.run(debug=True)