Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
def init():
global cfg, _CLASSES, _DEFAULT_CLASS
assert not cfg
cfg = pkconfig.init(
modules=((_DEFAULT_MODULE,), set, 'available job driver modules'),
)
_CLASSES = PKDict()
p = pkinspect.this_module().__name__
for n in cfg.modules:
m = importlib.import_module(pkinspect.module_name_join((p, n)))
_CLASSES[n] = m.init_class()
_DEFAULT_CLASS = _CLASSES.get('docker') or _CLASSES.get(_DEFAULT_MODULE)
pkdlog('initialized with drivers {}', _CLASSES.keys())
def init_apis(app, *args, **kwargs):
global uri_router, simulation_db, _app, visible_methods, valid_methods, non_guest_methods
assert not _METHOD_MODULES
assert not cfg.logged_in_user, \
'Do not set $SIREPO_AUTH_LOGGED_IN_USER in server'
uri_router = importlib.import_module('sirepo.uri_router')
simulation_db = importlib.import_module('sirepo.simulation_db')
auth_db.init(app)
_app = app
p = pkinspect.this_module().__name__
visible_methods = []
valid_methods = cfg.methods.union(cfg.deprecated_methods)
for n in valid_methods:
m = importlib.import_module(pkinspect.module_name_join((p, n)))
uri_router.register_api_module(m)
_METHOD_MODULES[n] = m
if m.AUTH_METHOD_VISIBLE and n in cfg.methods:
visible_methods.append(n)
visible_methods = tuple(visible_methods)
non_guest_methods = tuple(m for m in visible_methods if m != METHOD_GUEST)
cookie.auth_hook_from_header = _auth_hook_from_header
for n in _REQUIRED_MODULES + tuple(sorted(feature_config.cfg().api_modules)):
register_api_module(importlib.import_module('sirepo.' + n))
_init_uris(app, simulation_db)
sirepo.http_request.init(
simulation_db=simulation_db,
)
sirepo.http_reply.init(
app,
simulation_db=simulation_db,
)
sirepo.uri.init(
http_reply=sirepo.http_reply,
http_request=sirepo.http_request,
simulation_db=simulation_db,
uri_router=pkinspect.this_module(),
)
if app.sirepo_use_reloader and os.environ.get('WERKZEUG_RUN_MAIN') != 'true':
# avoid first call to init() when using reloader
return
global _job_class
if _job_class:
return
if cfg.job_class is None:
from sirepo import server
d = _JOB_CLASS_DEFAULT
if server.cfg.job_queue:
# Handle deprecated case
d = server.cfg.job_queue.lower()
cfg.job_class = d
m = importlib.import_module(
pkinspect.module_name_join((
__name__,
cfg.job_class,
)),
)
_job_class = m.init_class(app)
from sirepo import runner_api
from sirepo import uri_router
uri_router.register_api_module(runner_api)
def _init_root():
global cfg, _root
cfg = pkconfig.init(
root=(None, _cfg_root, 'where database resides'),
)
v = cfg.root
if v:
assert os.path.isabs(v), \
'{}: SIREPO_SRDB_ROOT must be absolute'.format(v)
assert os.path.isdir(v), \
'{}: SIREPO_SRDB_ROOT must be a directory and exist'.format(v)
v = pkio.py_path(v)
else:
assert pkconfig.channel_in('dev'), \
'SIREPO_SRDB_ROOT must be configured except in DEV'
fn = sys.modules[pkinspect.root_package(_init_root)].__file__
root = pkio.py_path(pkio.py_path(pkio.py_path(fn).dirname).dirname)
# Check to see if we are in our dev directory. This is a hack,
# but should be reliable.
if not root.join('requirements.txt').check():
# Don't run from an install directory
root = pkio.py_path('.')
v = pkio.mkdir_parent(root.join(_DEFAULT_ROOT))
_root = v
return v
def init_apis(app, *args, **kwargs):
global uri_router, simulation_db, _app, visible_methods, valid_methods, non_guest_methods
assert not _METHOD_MODULES
assert not cfg.logged_in_user, \
'Do not set $SIREPO_AUTH_LOGGED_IN_USER in server'
uri_router = importlib.import_module('sirepo.uri_router')
simulation_db = importlib.import_module('sirepo.simulation_db')
auth_db.init(app)
_app = app
p = pkinspect.this_module().__name__
visible_methods = []
valid_methods = cfg.methods.union(cfg.deprecated_methods)
for n in valid_methods:
m = importlib.import_module(pkinspect.module_name_join((p, n)))
uri_router.register_api_module(m)
_METHOD_MODULES[n] = m
if m.AUTH_METHOD_VISIBLE and n in cfg.methods:
visible_methods.append(n)
visible_methods = tuple(visible_methods)
non_guest_methods = tuple(m for m in visible_methods if m != METHOD_GUEST)
cookie.auth_hook_from_header = _auth_hook_from_header
def sim_type(cls):
return cls._memoize(pkinspect.module_basename(cls))
write_status('pending', run_dir)
sim_type = data.simulationType
template = sirepo.template.import_module(data)
s = sirepo.sim_data.get_class(sim_type)
s.lib_files_to_run_dir(data, run_dir)
write_json(run_dir.join(template_common.INPUT_BASE_NAME), data)
#TODO(robnagler) encapsulate in template
is_p = s.is_parallel(data)
template.write_parameters(
data,
run_dir=run_dir,
is_parallel=is_p,
)
cmd = [
pkinspect.root_package(template),
pkinspect.module_basename(template),
'run-background' if is_p else 'run',
str(run_dir),
]
return cmd, run_dir
from sirepo import api_perm
from sirepo import auth
from sirepo import cookie
from sirepo import http_request
from sirepo import srtime
import datetime
import sirepo.util
AUTH_METHOD = auth.METHOD_GUEST
#: User can see it
AUTH_METHOD_VISIBLE = True
#: module handle
this_module = pkinspect.this_module()
#: time to recheck login against db (prefix is "sraz", because github is "srag")
_COOKIE_EXPIRY_TIMESTAMP = 'srazt'
_ONE_DAY = datetime.timedelta(days=1)
@api_perm.require_cookie_sentinel
def api_authGuestLogin(simulation_type):
"""You have to be an anonymous or logged in user at this point"""
req = http_request.parse_params(type=simulation_type)
# if already logged in as guest, just redirect
if auth.user_if_logged_in(AUTH_METHOD):
auth.login_success_redirect(req.type)
auth.login(this_module, sim_type=req.type)
raise AssertionError('auth.login returned unexpectedly')
import sirepo.auth
import sirepo.http_reply
import sirepo.http_request
import time
#: configuration
cfg = None
AUTH_METHOD = 'bluesky'
#: bots only
AUTH_METHOD_VISIBLE = False
#: module handle
this_module = pkinspect.this_module()
#: separates the values of the clear text for the hash
# POSIT: ':' not part of simulationType or simulationId
_AUTH_HASH_SEPARATOR = ':'
#: half the window length for replay attacks
_AUTH_NONCE_REPLAY_SECS = 10
#: separates the time stamp from the uniqifier in the nonce
_AUTH_NONCE_SEPARATOR = '-'
@api_perm.allow_cookieless_set_user
def api_authBlueskyLogin():
req = sirepo.http_request.parse_post(id=True)
auth_hash(req.req_data, verify=True)