Skip to content

Commit

Permalink
Merge branch 'RESTAPI-971-return-uid-and-groups' into 'master'
Browse files Browse the repository at this point in the history 
Added groups parameter to /utilities/whoami

See merge request firecrest/firecrest!268
  • Loading branch information
Juan Pablo Dorsch committed Feb 12, 2024
2 parents c676144 + 9466856 commit 36d14a1
Show file tree
Hide file tree
Showing 4 changed files with 154 additions and 19 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0

### Added

- `/utilities/whoami` adds the `boolean` parameter "`groups`" which set on `true` returns a dictionary with `uid`, `gid`, and `groups`
- Add F7T_LOG_TYPE to select logging to files or stdout.
- Add F7T_GUNICORN_LOG for Gunicorn logs.

Expand Down
64 changes: 57 additions & 7 deletions doc/openapi/firecrest-api.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ openapi: 3.0.0
servers:
- url: "/"
info:
version: 1.14.0
version: 1.14.1
title: FirecREST API
description: >
FirecREST platform, a RESTful Services Gateway to HPC resources, is a
Expand Down Expand Up @@ -1222,12 +1222,19 @@ paths:

'/utilities/whoami':
parameters:
- in: header
name: X-Machine-Name
- name: X-Machine-Name
in: header
description: The system name
required: true
schema:
type: string
- name: groups
in: query
description: returns a list of groups of the user
required: false
schema:
type: boolean
default: false
get:
summary: Returns current system username
description: 'Returns the current username on the {X-Machine-Name}.'
Expand All @@ -1239,8 +1246,9 @@ paths:
content:
application/json:
schema:
$ref: '#/components/schemas/Utilities-ok'

oneOf:
- $ref: '#/components/schemas/Utilities-ok'
- $ref: '#/components/schemas/Whoami-Ok-With-Groups'
'400':
description: Failed to return username
content:
Expand Down Expand Up @@ -2632,11 +2640,11 @@ components:
type: string
status:
type: string
status_code:
type: integer
enum:
- available
- unavailable
status_code:
type: integer
description:
type: string
Services:
Expand Down Expand Up @@ -2749,6 +2757,48 @@ components:
type: string
output:
type: string
Whoami-Ok-With-Groups:
type: object
properties:
description:
type: string
default: User information
output:
type: object
properties:
user:
description: Unix user name and ID
type: object
properties:
name:
description: Unix user name
type: string
id:
description: Unix user ID
type: string
group:
description: Primary user's Unix group name and ID
type: object
properties:
name:
description: Primary user's Unix group name
type: string
id:
description: Primary user's Unix group ID
type: string
groups:
description: List of Unix group names and IDs (primary and secondary) to which the user belongs to
type: array
items:
type: object
properties:
name:
description: Secondary user's Unix group name
type: string
id:
description: Seconfary user's Unix group ID
type: string

Utilities-notok:
type: object
properties:
Expand Down
66 changes: 57 additions & 9 deletions doc/openapi/firecrest-developers-api.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ openapi: 3.0.0
servers:
- url: "/"
info:
version: 1.14.0
version: 1.14.1
title: FirecREST Developers API
description: >
This API specification is intended for FirecREST developers only. There're some endpoints that are not available in the public version for client developers.
Expand All @@ -21,9 +21,6 @@ paths:
description, and status.
tags:
- Status
# parameters:
# - $ref: '#/components/parameters/pageSize'
# - $ref: '#/components/parameters/pageNumber'
responses:
'200':
description: List of services with status and description.
Expand Down Expand Up @@ -1210,14 +1207,22 @@ paths:
description: Command has finished with timeout signal
schema:
type: string

'/utilities/whoami':
parameters:
- in: header
name: X-Machine-Name
- name: X-Machine-Name
in: header
description: The system name
required: true
schema:
type: string
- name: groups
in: query
description: returns a list of groups of the user
required: false
schema:
type: boolean
default: false
get:
summary: Returns current system username
description: 'Returns the current username on the {X-Machine-Name}.'
Expand All @@ -1229,8 +1234,9 @@ paths:
content:
application/json:
schema:
$ref: '#/components/schemas/Utilities-ok'

oneOf:
- $ref: '#/components/schemas/Utilities-ok'
- $ref: '#/components/schemas/Whoami-Ok-With-Groups'
'400':
description: Failed to return username
content:
Expand Down Expand Up @@ -2053,7 +2059,7 @@ paths:
name: tasks
schema:
type: string
description: Comma-separated list of `{taskid}`
description: Comma-separated list of `{task_id}`
required: false
responses:
'200':
Expand Down Expand Up @@ -2964,6 +2970,48 @@ components:
type: string
output:
type: string
Whoami-Ok-With-Groups:
type: object
properties:
description:
type: string
default: User information
output:
type: object
properties:
user:
description: Unix user name and ID
type: object
properties:
name:
description: Unix user name
type: string
id:
description: Unix user ID
type: string
group:
description: Primary user's Unix group name and ID
type: object
properties:
name:
description: Primary user's Unix group name
type: string
id:
description: Primary user's Unix group ID
type: string
groups:
description: List of Unix group names and IDs (primary and secondary) to which the user belongs to
type: array
items:
type: object
properties:
name:
description: Secondary user's Unix group name
type: string
id:
description: Seconfary user's Unix group ID
type: string

Utilities-notok:
type: object
properties:
Expand Down
42 changes: 39 additions & 3 deletions src/utilities/utilities.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -472,7 +472,12 @@ def common_fs_operation(request, command):
file_transfer = 'upload'
success_code = 201
elif command == "whoami":
action = "id -un" # id command is already whitelisted
groups = request.args.get("groups")
whoami_groups = get_boolean_var(groups)
if not whoami_groups:
action = "id -un" # id command is already whitelisted
else:
action = "id"
success_code = 200
else:
app.logger.error(f"Unknown command on common_fs_operation: {command}")
Expand Down Expand Up @@ -523,8 +528,39 @@ def common_fs_operation(request, command):
elif command == "upload":
description="File upload successful"
elif command == "whoami":
description = "Username"
output = retval["msg"]
description = "User information"
whoami_response = retval["msg"]
output = whoami_response
if whoami_groups:

uid_i = whoami_response.find("=",0)
uname_i = whoami_response.find("(", whoami_response.find("uid=",0))
uname_j = whoami_response.find(")", whoami_response.find("uid=",0))
uname = whoami_response[uname_i+1 : uname_j]
uid = whoami_response[uid_i+1:uname_i]
user_json = {"name": uname, "id": uid}

gid_i = whoami_response.find("=",uname_j)
gname_i = whoami_response.find("(", whoami_response.find("gid=",0))
gname_j = whoami_response.find(")", whoami_response.find("gid=",0))
gname = whoami_response[gname_i+1 : gname_j]
gid = whoami_response[gid_i+1 : gname_i]
group_json = {"name": gname, "id": gid}

groups = []

group_list = whoami_response[whoami_response.find("=",gname_j)+1:].split(",")

for group in group_list:
gname_i = group.find("(", 0)
gname_j = group.find(")", 0)
gname = group[gname_i+1 : gname_j]
gid = group[:gname_i]

groups.append({"name": gname, "id": gid})


output = {"user": user_json, "group": group_json, "groups": groups}

return jsonify(description=description, output=output), success_code

Expand Down

0 comments on commit 36d14a1

Please sign in to comment.