From 34588e756821e51663069b292d017fada3513d9b Mon Sep 17 00:00:00 2001 From: RubenCGomes Date: Tue, 17 Dec 2024 10:00:05 +0000 Subject: [PATCH] endpoints on client added --- delivery2/client/bin/rep_add_permission | 57 +++++++++++++++---- delivery2/client/bin/rep_add_role | 7 ++- delivery2/client/bin/rep_assume_role | 5 +- delivery2/client/bin/rep_decrypt_file | 2 +- delivery2/client/bin/rep_drop_role | 4 +- .../client/bin/rep_list_permission_roles | 5 +- .../client/bin/rep_list_role_permissions | 5 +- delivery2/client/bin/rep_list_role_subjects | 5 +- delivery2/client/bin/rep_list_roles | 5 +- delivery2/client/bin/rep_list_subject_roles | 5 +- delivery2/client/bin/rep_reactivate_role | 5 +- delivery2/client/bin/rep_remove_permission | 55 ++++++++++++++---- delivery2/client/bin/rep_suspend_role | 5 +- 13 files changed, 123 insertions(+), 42 deletions(-) diff --git a/delivery2/client/bin/rep_add_permission b/delivery2/client/bin/rep_add_permission index 94012cb..08ef11f 100644 --- a/delivery2/client/bin/rep_add_permission +++ b/delivery2/client/bin/rep_add_permission @@ -16,7 +16,7 @@ state = main(sys.argv) BASE_DIR = os.path.join(os.path.expanduser('~'), '.sio/') -#session file - role - permission +#session file - role - value(permission or username) def addPermission(args): parser = argparse.ArgumentParser() @@ -26,12 +26,12 @@ def addPermission(args): parser.add_argument('session', nargs='?', default=None) parser.add_argument('role', nargs='?',default=None) - parser.add_argument('permission', nargs='?',default=None) + parser.add_argument('value', nargs='?',default=None) args = parser.parse_args() #Check number of arguments - if not args.session or not args.role or not args.permission: + if not args.session or not args.role or not args.value: logger.error("Need session file and role.") sys.exit(1) @@ -39,7 +39,7 @@ def addPermission(args): #TODO # Check for session file - if (not os.path.isfile(BASE_DIR + args.session)): + if not os.path.isfile(BASE_DIR + args.session): logger.error("File '" + args.session + "' not found.") sys.exit(1) @@ -47,13 +47,48 @@ def addPermission(args): with open(BASE_DIR + args.session, 'r') as f: args.session = json.load(f) - # TODO: - try: - req = requests.post(f'http://{state['REP_ADDRESS']}/user/' + args.username + '/activate', headers={'Authorization': args.session['token']}) - req.raise_for_status() - except requests.exceptions.RequestException as errex: - logger.error("Failed to obtain response from server.") - sys.exit(-1) + + isPerm = False; isUsername = False + + # query for permission + if args.value in ['ROLE_ACL', 'SUBJECT_NEW', 'SUBJECT_DOWN', 'SUBJECT_UP', 'DOC_NEW']: + isPerm = True + else: + try: + subjects = requests.get(f'http://{state['REP_ADDRESS']}/user/list', + json=json.dumps({'username' : args.value}), + headers={'Authorization': args.session['token']}) + subjects.raise_for_status() + isUsername = True + except requests.exceptions.RequestException as errex: + logger.error("Username doesn't exist.") + sys.exit(1) + + + if isPerm: + try: + req = requests.post(f'http://{state['REP_ADDRESS']}/role/' + args.role + '/perm/add/' + args.value, + headers={'Authorization': args.session['token']}) + req.raise_for_status() + except requests.exceptions.RequestException as errex: + logger.error("Failed to obtain response from server.") + sys.exit(-1) + elif isUsername: + try: + req = requests.post(f'http://{state['REP_ADDRESS']}/role/' + args.role + '/user/add/' + args.value, + headers={'Authorization': args.session['token']}) + req.raise_for_status() + except requests.exceptions.RequestException as errex: + logger.error("Failed to obtain response from server.") + sys.exit(-1) + else: + logger.error("Invalid permission or username.") + sys.exit(1) + + req = req.json() + + # TODO: print response + if __name__ == '__main__': addPermission(sys.argv[1:]) \ No newline at end of file diff --git a/delivery2/client/bin/rep_add_role b/delivery2/client/bin/rep_add_role index 277f7b8..75d5601 100644 --- a/delivery2/client/bin/rep_add_role +++ b/delivery2/client/bin/rep_add_role @@ -17,6 +17,7 @@ state = main(sys.argv) BASE_DIR = os.path.join(os.path.expanduser('~'), '.sio/') #session file - role +# add_role: adds/creates a role in the current organization def addRole(args): parser = argparse.ArgumentParser() @@ -38,7 +39,7 @@ def addRole(args): #TODO # Check for session file - if (not os.path.isfile(BASE_DIR + args.session)): + if not os.path.isfile(BASE_DIR + args.session): logger.error("File '" + args.session + "' not found.") sys.exit(1) @@ -48,7 +49,9 @@ def addRole(args): # TODO: try: - req = requests.post(f'http://{state['REP_ADDRESS']}/user/' + args.username + '/activate', headers={'Authorization': args.session['token']}) + req = requests.post(f'http://{state['REP_ADDRESS']}/role/create/', + json=json.dumps({'role' : args.role}), + headers={'Authorization': args.session['token']}) req.raise_for_status() except requests.exceptions.RequestException as errex: logger.error("Failed to obtain response from server.") diff --git a/delivery2/client/bin/rep_assume_role b/delivery2/client/bin/rep_assume_role index b2eafa8..d5b1f61 100644 --- a/delivery2/client/bin/rep_assume_role +++ b/delivery2/client/bin/rep_assume_role @@ -36,8 +36,9 @@ def assumeRole(args): #Validate role name #TODO + # Check for session file - if (not os.path.isfile(BASE_DIR + args.session)): + if not os.path.isfile(BASE_DIR + args.session): logger.error("File '" + args.session + "' not found.") sys.exit(1) @@ -47,7 +48,7 @@ def assumeRole(args): # TODO: try: - req = requests.post(f'http://{state['REP_ADDRESS']}/user/' + args.username + '/activate', headers={'Authorization': args.session['token']}) + req = requests.post(f'http://{state['REP_ADDRESS']}/role/session/assume/' + args.role, headers={'Authorization': args.session['token']}) req.raise_for_status() except requests.exceptions.RequestException as errex: logger.error("Failed to obtain response from server.") diff --git a/delivery2/client/bin/rep_decrypt_file b/delivery2/client/bin/rep_decrypt_file index 373ca3a..a328f7f 100755 --- a/delivery2/client/bin/rep_decrypt_file +++ b/delivery2/client/bin/rep_decrypt_file @@ -42,7 +42,7 @@ def decryptFile(args): print(args.metadata) metadata = json.loads(args.metadata) - content = symmetric_encryption.decrypt_file(metadata['nonce'].encode(), metadata['key'].encode(), BASE_DIR + args.encrypted) + content = symmetric_encryption.decrypt_file(metadata['key'].encode(), BASE_DIR + args.encrypted, 'file.txt') # Send decrypted content to stdout sys.stdout.write(content) diff --git a/delivery2/client/bin/rep_drop_role b/delivery2/client/bin/rep_drop_role index a5a8dda..b099631 100644 --- a/delivery2/client/bin/rep_drop_role +++ b/delivery2/client/bin/rep_drop_role @@ -37,7 +37,7 @@ def dropRole(args): #Validate role name #TODO # Check for session file - if (not os.path.isfile(BASE_DIR + args.session)): + if not os.path.isfile(BASE_DIR + args.session): logger.error("File '" + args.session + "' not found.") sys.exit(1) @@ -47,7 +47,7 @@ def dropRole(args): # TODO: try: - req = requests.post(f'http://{state['REP_ADDRESS']}/user/' + args.username + '/activate', headers={'Authorization': args.session['token']}) + req = requests.post(f'http://{state['REP_ADDRESS']}/role/session/drop/' + args.username + '/activate', headers={'Authorization': args.session['token']}) req.raise_for_status() except requests.exceptions.RequestException as errex: logger.error("Failed to obtain response from server.") diff --git a/delivery2/client/bin/rep_list_permission_roles b/delivery2/client/bin/rep_list_permission_roles index 850f10c..3cf6404 100644 --- a/delivery2/client/bin/rep_list_permission_roles +++ b/delivery2/client/bin/rep_list_permission_roles @@ -17,6 +17,7 @@ state = main(sys.argv) BASE_DIR = os.path.join(os.path.expanduser('~'), '.sio/') #session file - permission +# list_permission_roles: lists the roles that have a specific permission in the current organization def listPermissionRoles(args): parser = argparse.ArgumentParser() @@ -38,7 +39,7 @@ def listPermissionRoles(args): #TODO # Check for session file - if (not os.path.isfile(BASE_DIR + args.session)): + if not os.path.isfile(BASE_DIR + args.session): logger.error("File '" + args.session + "' not found.") sys.exit(1) @@ -48,7 +49,7 @@ def listPermissionRoles(args): # TODO: try: - req = requests.post(f'http://{state['REP_ADDRESS']}/user/' + args.username + '/activate', headers={'Authorization': args.session['token']}) + req = requests.get(f'http://{state['REP_ADDRESS']}/role/perm/' + args.permission + '/roles', headers={'Authorization': args.session['token']}) req.raise_for_status() except requests.exceptions.RequestException as errex: logger.error("Failed to obtain response from server.") diff --git a/delivery2/client/bin/rep_list_role_permissions b/delivery2/client/bin/rep_list_role_permissions index 038db12..deb7554 100644 --- a/delivery2/client/bin/rep_list_role_permissions +++ b/delivery2/client/bin/rep_list_role_permissions @@ -17,6 +17,7 @@ state = main(sys.argv) BASE_DIR = os.path.join(os.path.expanduser('~'), '.sio/') #session file - role +# list_role_permissions: lists the permissions of a role in the current organization def listRolePermissions(args): parser = argparse.ArgumentParser() @@ -35,7 +36,7 @@ def listRolePermissions(args): sys.exit(1) # Check for session file - if (not os.path.isfile(BASE_DIR + args.session)): + if not os.path.isfile(BASE_DIR + args.session): logger.error("File '" + args.session + "' not found.") sys.exit(1) @@ -45,7 +46,7 @@ def listRolePermissions(args): # TODO: try: - req = requests.post(f'http://{state['REP_ADDRESS']}/user/' + args.username + '/activate', headers={'Authorization': args.session['token']}) + req = requests.get(f'http://{state['REP_ADDRESS']}/role/' + args.role + '/list/perms', headers={'Authorization': args.session['token']}) req.raise_for_status() except requests.exceptions.RequestException as errex: logger.error("Failed to obtain response from server.") diff --git a/delivery2/client/bin/rep_list_role_subjects b/delivery2/client/bin/rep_list_role_subjects index 26f436c..d4e994a 100644 --- a/delivery2/client/bin/rep_list_role_subjects +++ b/delivery2/client/bin/rep_list_role_subjects @@ -17,6 +17,7 @@ state = main(sys.argv) BASE_DIR = os.path.join(os.path.expanduser('~'), '.sio/') #session file - role +# list_role_subjects: lists the subjects that have a specific role in the current organization def listRoleSubjects(args): parser = argparse.ArgumentParser() @@ -38,7 +39,7 @@ def listRoleSubjects(args): #TODO # Check for session file - if (not os.path.isfile(BASE_DIR + args.session)): + if not os.path.isfile(BASE_DIR + args.session): logger.error("File '" + args.session + "' not found.") sys.exit(1) @@ -48,7 +49,7 @@ def listRoleSubjects(args): # TODO: try: - req = requests.post(f'http://{state['REP_ADDRESS']}/user/' + args.username + '/activate', headers={'Authorization': args.session['token']}) + req = requests.get(f'http://{state['REP_ADDRESS']}/role/' + args.role + '/list/users', headers={'Authorization': args.session['token']}) req.raise_for_status() except requests.exceptions.RequestException as errex: logger.error("Failed to obtain response from server.") diff --git a/delivery2/client/bin/rep_list_roles b/delivery2/client/bin/rep_list_roles index 44db243..8c68ec6 100644 --- a/delivery2/client/bin/rep_list_roles +++ b/delivery2/client/bin/rep_list_roles @@ -17,6 +17,7 @@ state = main(sys.argv) BASE_DIR = os.path.join(os.path.expanduser('~'), '.sio/') #session file - role +# list_roles: lists the roles of the current session def listRoles(args): parser = argparse.ArgumentParser() @@ -38,7 +39,7 @@ def listRoles(args): #TODO # Check for session file - if (not os.path.isfile(BASE_DIR + args.session)): + if not os.path.isfile(BASE_DIR + args.session): logger.error("File '" + args.session + "' not found.") sys.exit(1) @@ -48,7 +49,7 @@ def listRoles(args): # TODO: try: - req = requests.post(f'http://{state['REP_ADDRESS']}/user/' + args.username + '/activate', headers={'Authorization': args.session['token']}) + req = requests.get(f'http://{state['REP_ADDRESS']}/role/session/list', headers={'Authorization': args.session['token']}) req.raise_for_status() except requests.exceptions.RequestException as errex: logger.error("Failed to obtain response from server.") diff --git a/delivery2/client/bin/rep_list_subject_roles b/delivery2/client/bin/rep_list_subject_roles index 9d6c8cb..e1543c5 100644 --- a/delivery2/client/bin/rep_list_subject_roles +++ b/delivery2/client/bin/rep_list_subject_roles @@ -17,6 +17,7 @@ state = main(sys.argv) BASE_DIR = os.path.join(os.path.expanduser('~'), '.sio/') #session file - username +# list_subject_roles: lists the roles of someone in the current organization def listSubjectRoles(args): parser = argparse.ArgumentParser() @@ -35,7 +36,7 @@ def listSubjectRoles(args): sys.exit(1) # Check for session file - if (not os.path.isfile(BASE_DIR + args.session)): + if not os.path.isfile(BASE_DIR + args.session): logger.error("File '" + args.session + "' not found.") sys.exit(1) @@ -45,7 +46,7 @@ def listSubjectRoles(args): # TODO: try: - req = requests.post(f'http://{state['REP_ADDRESS']}/user/' + args.username + '/activate', headers={'Authorization': args.session['token']}) + req = requests.get(f'http://{state['REP_ADDRESS']}/user/' + args.username + '/roles', headers={'Authorization': args.session['token']}) req.raise_for_status() except requests.exceptions.RequestException as errex: logger.error("Failed to obtain response from server.") diff --git a/delivery2/client/bin/rep_reactivate_role b/delivery2/client/bin/rep_reactivate_role index 3d90244..ba61ddb 100644 --- a/delivery2/client/bin/rep_reactivate_role +++ b/delivery2/client/bin/rep_reactivate_role @@ -17,6 +17,7 @@ state = main(sys.argv) BASE_DIR = os.path.join(os.path.expanduser('~'), '.sio/') #session file - role +# reactivate_role: reactivates a role in the current organization def reactivateRole(args): parser = argparse.ArgumentParser() @@ -38,7 +39,7 @@ def reactivateRole(args): #TODO # Check for session file - if (not os.path.isfile(BASE_DIR + args.session)): + if not os.path.isfile(BASE_DIR + args.session): logger.error("File '" + args.session + "' not found.") sys.exit(1) @@ -48,7 +49,7 @@ def reactivateRole(args): # TODO: try: - req = requests.post(f'http://{state['REP_ADDRESS']}/user/' + args.username + '/activate', headers={'Authorization': args.session['token']}) + req = requests.post(f'http://{state['REP_ADDRESS']}/role/' + args.role + '/activate', headers={'Authorization': args.session['token']}) req.raise_for_status() except requests.exceptions.RequestException as errex: logger.error("Failed to obtain response from server.") diff --git a/delivery2/client/bin/rep_remove_permission b/delivery2/client/bin/rep_remove_permission index 6f04e24..0ce68db 100644 --- a/delivery2/client/bin/rep_remove_permission +++ b/delivery2/client/bin/rep_remove_permission @@ -26,12 +26,12 @@ def removePermission(args): parser.add_argument('session', nargs='?', default=None) parser.add_argument('role', nargs='?',default=None) - parser.add_argument('permission', nargs='?',default=None) + parser.add_argument('value', nargs='?',default=None) args = parser.parse_args() #Check number of arguments - if not args.session or not args.role or not args.permission: + if not args.session or not args.role or not args.value: logger.error("Need session file and role.") sys.exit(1) @@ -39,7 +39,7 @@ def removePermission(args): #TODO # Check for session file - if (not os.path.isfile(BASE_DIR + args.session)): + if not os.path.isfile(BASE_DIR + args.session): logger.error("File '" + args.session + "' not found.") sys.exit(1) @@ -47,13 +47,48 @@ def removePermission(args): with open(BASE_DIR + args.session, 'r') as f: args.session = json.load(f) - # TODO: - try: - req = requests.post(f'http://{state['REP_ADDRESS']}/user/' + args.username + '/activate', headers={'Authorization': args.session['token']}) - req.raise_for_status() - except requests.exceptions.RequestException as errex: - logger.error("Failed to obtain response from server.") - sys.exit(-1) + + isPerm = False; isUsername = False + + # query for permission + if args.value in ['ROLE_ACL', 'SUBJECT_NEW', 'SUBJECT_DOWN', 'SUBJECT_UP', 'DOC_NEW']: + isPerm = True + else: + try: + subjects = requests.get(f'http://{state['REP_ADDRESS']}/user/list', + json=json.dumps({'username' : args.value}), + headers={'Authorization': args.session['token']}) + subjects.raise_for_status() + isUsername = True + except requests.exceptions.RequestException as errex: + logger.error("Username doesn't exist.") + sys.exit(1) + + + if isPerm: + try: + req = requests.post(f'http://{state['REP_ADDRESS']}/role/' + args.role + '/perm/remove/' + args.value, + headers={'Authorization': args.session['token']}) + req.raise_for_status() + except requests.exceptions.RequestException as errex: + logger.error("Failed to obtain response from server.") + sys.exit(-1) + elif isUsername: + try: + req = requests.post(f'http://{state['REP_ADDRESS']}/role/' + args.role + '/user/remove/' + args.value, + headers={'Authorization': args.session['token']}) + req.raise_for_status() + except requests.exceptions.RequestException as errex: + logger.error("Failed to obtain response from server.") + sys.exit(-1) + else: + logger.error("Invalid permission or username.") + sys.exit(1) + + # TODO: print response + + req = req.json() + if __name__ == '__main__': removePermission(sys.argv[1:]) \ No newline at end of file diff --git a/delivery2/client/bin/rep_suspend_role b/delivery2/client/bin/rep_suspend_role index 4c08590..c730220 100644 --- a/delivery2/client/bin/rep_suspend_role +++ b/delivery2/client/bin/rep_suspend_role @@ -17,6 +17,7 @@ state = main(sys.argv) BASE_DIR = os.path.join(os.path.expanduser('~'), '.sio/') #session file - role +# suspend_role: suspends a role in the current organization def suspendRole(args): parser = argparse.ArgumentParser() @@ -38,7 +39,7 @@ def suspendRole(args): #TODO # Check for session file - if (not os.path.isfile(BASE_DIR + args.session)): + if not os.path.isfile(BASE_DIR + args.session): logger.error("File '" + args.session + "' not found.") sys.exit(1) @@ -48,7 +49,7 @@ def suspendRole(args): # TODO: try: - req = requests.post(f'http://{state['REP_ADDRESS']}/user/' + args.username + '/activate', headers={'Authorization': args.session['token']}) + req = requests.post(f'http://{state['REP_ADDRESS']}/role/' + args.role + '/suspend', headers={'Authorization': args.session['token']}) req.raise_for_status() except requests.exceptions.RequestException as errex: logger.error("Failed to obtain response from server.")