Merge branch 'master' of code.ungleich.ch:nico/meow-pay
This commit is contained in:
commit
de06b9ee22
33 changed files with 454 additions and 307 deletions
45
README.md
45
README.md
|
@ -1,25 +1,24 @@
|
||||||
# uncloud-pay
|
# uncloud-pay
|
||||||
|
|
||||||
The pay module for the uncloud
|
The generic product/payment system.
|
||||||
|
|
||||||
- uses [etcd3](https://coreos.com/blog/etcd3-a-new-etcd.html) for storage.
|
## Installation
|
||||||
- uses [Stripe](https://stripe.com/docs/api) as the payment gateway.
|
|
||||||
- uses [ldap3](https://github.com/cannatag/ldap3) for ldap authentication.
|
|
||||||
|
|
||||||
|
```shell script
|
||||||
|
pip3 install -r requirements.txt
|
||||||
|
```
|
||||||
|
|
||||||
## Getting started as a user
|
## Getting Started
|
||||||
|
|
||||||
|
```shell script
|
||||||
|
python ucloud_pay.py
|
||||||
**TODO**
|
```
|
||||||
|
|
||||||
## Usage
|
## Usage
|
||||||
|
|
||||||
Currently handles very basic features, such as:
|
|
||||||
|
|
||||||
#### 1. Adding of products
|
#### 1. Adding of products
|
||||||
```shell script
|
```shell script
|
||||||
http --json http://[::]:5000/product/add email=your_email_here password=your_password_here specs:=@ipv6-only-vm.json
|
http --json http://[::]:5000/product/add username=your_username_here password=your_password_here specs:=@ipv6-only-vm.json
|
||||||
```
|
```
|
||||||
|
|
||||||
#### 2. Listing of products
|
#### 2. Listing of products
|
||||||
|
@ -27,20 +26,26 @@ http --json http://[::]:5000/product/add email=your_email_here password=your_pas
|
||||||
http --json http://[::]:5000/product/list
|
http --json http://[::]:5000/product/list
|
||||||
```
|
```
|
||||||
|
|
||||||
#### 3. Ordering products
|
#### 3. Registering user's payment method (credit card for now using Stripe)
|
||||||
```shell script
|
|
||||||
http --json http://[::]:5000/product/order email=your_email_here password=your_password_here product_id=5332cb89453d495381e2b2167f32c842 cpu=1 ram=1gb os-disk-space=10gb os=alpine
|
|
||||||
```
|
|
||||||
|
|
||||||
#### 4. Listing users orders
|
|
||||||
|
|
||||||
```shell script
|
```shell script
|
||||||
http --json GET http://[::]:5000/order/list email=your_email_here password=your_password_here
|
http --json http://[::]:5000/user/register_payment card_number=4111111111111111 cvc=123 expiry_year=2020 expiry_month=8 card_holder_name="The test user" username=your_username_here password=your_password_here line1="your_billing_address" city="your_city" country="your_country"
|
||||||
```
|
```
|
||||||
|
|
||||||
|
#### 4. Ordering products
|
||||||
|
|
||||||
#### 5. Registering user's payment method (credit card for now using Stripe)
|
First of all, user have to buy the membership first.
|
||||||
|
|
||||||
```shell script
|
```shell script
|
||||||
http --json http://[::]:5000/user/register_payment card_number=4111111111111111 cvc=123 expiry_year=2020 expiry_month=8 card_holder_name="The test user" email=your_email_here password=your_password_here
|
http --json http://[::]:5000/product/order username=your_username_here password=your_password_here product_id=membership pay=True
|
||||||
|
```
|
||||||
|
|
||||||
|
```shell script
|
||||||
|
http --json http://[::]:5000/product/order username=your_username_here password=your_password_here product_id=ipv6-only-vm cpu=1 ram=1 os-disk-space=10 os=alpine pay=True
|
||||||
|
```
|
||||||
|
|
||||||
|
#### 5. Listing users orders
|
||||||
|
|
||||||
|
```shell script
|
||||||
|
http --json POST http://[::]:5000/order/list username=your_username_here password=your_password_here
|
||||||
```
|
```
|
||||||
|
|
27
config.py
27
config.py
|
@ -1,14 +1,21 @@
|
||||||
import configparser
|
import os
|
||||||
from etcd_wrapper import EtcdWrapper
|
|
||||||
from ldap_manager import LdapManager
|
|
||||||
|
|
||||||
config = configparser.ConfigParser()
|
from ungleich_common.ldap.ldap_manager import LdapManager
|
||||||
config.read('pay.conf')
|
from ungleich_common.std.configparser import StrictConfigParser
|
||||||
|
from ungleich_common.etcd.etcd_wrapper import EtcdWrapper
|
||||||
|
|
||||||
# Note 2020-02-15: this stuff clearly does not belong here,
|
config_file = os.environ.get('meow-pay-config-file', default='pay.conf')
|
||||||
# if config.py is used everywhere.
|
|
||||||
|
|
||||||
etcd_client = EtcdWrapper(host=config['etcd']['host'], port=config['etcd']['port'])
|
config = StrictConfigParser(allow_no_value=True)
|
||||||
|
config.read(config_file)
|
||||||
|
|
||||||
ldap_manager = LdapManager(server=config['ldap']['server'], admin_dn=config['ldap']['admin_dn'],
|
etcd_client = EtcdWrapper(
|
||||||
admin_password=config['ldap']['admin_password'])
|
host=config.get('etcd', 'host'), port=config.get('etcd', 'port'),
|
||||||
|
ca_cert=config.get('etcd', 'ca_cert'), cert_key=config.get('etcd', 'cert_key'),
|
||||||
|
cert_cert=config.get('etcd', 'cert_cert')
|
||||||
|
)
|
||||||
|
|
||||||
|
ldap_manager = LdapManager(
|
||||||
|
server=config.get('ldap', 'server'), admin_dn=config.get('ldap', 'admin_dn'),
|
||||||
|
admin_password=config.get('ldap', 'admin_password')
|
||||||
|
)
|
||||||
|
|
|
@ -1,75 +0,0 @@
|
||||||
import etcd3
|
|
||||||
import json
|
|
||||||
|
|
||||||
from functools import wraps
|
|
||||||
|
|
||||||
from uncloud import UncloudException
|
|
||||||
from uncloud.common import logger
|
|
||||||
|
|
||||||
|
|
||||||
class EtcdEntry:
|
|
||||||
def __init__(self, meta_or_key, value, value_in_json=True):
|
|
||||||
if hasattr(meta_or_key, 'key'):
|
|
||||||
# if meta has attr 'key' then get it
|
|
||||||
self.key = meta_or_key.key.decode('utf-8')
|
|
||||||
else:
|
|
||||||
# otherwise meta is the 'key'
|
|
||||||
self.key = meta_or_key
|
|
||||||
self.value = value.decode('utf-8')
|
|
||||||
|
|
||||||
if value_in_json:
|
|
||||||
self.value = json.loads(self.value)
|
|
||||||
|
|
||||||
|
|
||||||
def readable_errors(func):
|
|
||||||
@wraps(func)
|
|
||||||
def wrapper(*args, **kwargs):
|
|
||||||
try:
|
|
||||||
return func(*args, **kwargs)
|
|
||||||
except etcd3.exceptions.ConnectionFailedError:
|
|
||||||
raise UncloudException('Cannot connect to etcd: is etcd running as configured in uncloud.conf?')
|
|
||||||
except etcd3.exceptions.ConnectionTimeoutError as err:
|
|
||||||
raise etcd3.exceptions.ConnectionTimeoutError('etcd connection timeout.') from err
|
|
||||||
except Exception as err:
|
|
||||||
logger.exception('Some etcd error occured. See syslog for details.', err)
|
|
||||||
|
|
||||||
return wrapper
|
|
||||||
|
|
||||||
|
|
||||||
class EtcdWrapper:
|
|
||||||
@readable_errors
|
|
||||||
def __init__(self, *args, **kwargs):
|
|
||||||
self.client = etcd3.client(*args, **kwargs)
|
|
||||||
|
|
||||||
@readable_errors
|
|
||||||
def get(self, *args, value_in_json=True, **kwargs):
|
|
||||||
_value, _key = self.client.get(*args, **kwargs)
|
|
||||||
if _key is None or _value is None:
|
|
||||||
return None
|
|
||||||
return EtcdEntry(_key, _value, value_in_json=value_in_json)
|
|
||||||
|
|
||||||
@readable_errors
|
|
||||||
def put(self, *args, value_in_json=True, **kwargs):
|
|
||||||
_key, _value = args
|
|
||||||
if value_in_json:
|
|
||||||
_value = json.dumps(_value)
|
|
||||||
|
|
||||||
if not isinstance(_key, str):
|
|
||||||
_key = _key.decode('utf-8')
|
|
||||||
|
|
||||||
return self.client.put(_key, _value, **kwargs)
|
|
||||||
|
|
||||||
@readable_errors
|
|
||||||
def get_prefix(self, *args, value_in_json=True, **kwargs):
|
|
||||||
event_iterator = self.client.get_prefix(*args, **kwargs)
|
|
||||||
for e in event_iterator:
|
|
||||||
yield EtcdEntry(*e[::-1], value_in_json=value_in_json)
|
|
||||||
|
|
||||||
@readable_errors
|
|
||||||
def watch_prefix(self, key, value_in_json=True):
|
|
||||||
event_iterator, cancel = self.client.watch_prefix(key)
|
|
||||||
for e in event_iterator:
|
|
||||||
if hasattr(e, '_event'):
|
|
||||||
e = getattr('e', '_event')
|
|
||||||
if e.type == e.PUT:
|
|
||||||
yield EtcdEntry(e.kv.key, e.kv.value, value_in_json=value_in_json)
|
|
21
helper.py
21
helper.py
|
@ -1,5 +1,8 @@
|
||||||
import logging
|
import logging
|
||||||
|
|
||||||
|
import parsedatetime
|
||||||
|
|
||||||
|
from datetime import datetime
|
||||||
from stripe_utils import StripeUtils
|
from stripe_utils import StripeUtils
|
||||||
|
|
||||||
|
|
||||||
|
@ -64,3 +67,21 @@ def calculate_charges(specification, data):
|
||||||
feature_detail['unit']['value']
|
feature_detail['unit']['value']
|
||||||
)
|
)
|
||||||
return one_time_charge, recurring_charge
|
return one_time_charge, recurring_charge
|
||||||
|
|
||||||
|
|
||||||
|
def is_order_valid(order_timestamp, renewal_period):
|
||||||
|
"""
|
||||||
|
Sample Code Usage
|
||||||
|
|
||||||
|
>> current_datetime, status = cal.parse('Now')
|
||||||
|
>> current_datetime = datetime(*current_datetime[:6])
|
||||||
|
|
||||||
|
>> print('Is order valid: ', is_order_valid(current_datetime, '1 month'))
|
||||||
|
>> True
|
||||||
|
"""
|
||||||
|
cal = parsedatetime.Calendar()
|
||||||
|
|
||||||
|
renewal_datetime, status = cal.parse(renewal_period)
|
||||||
|
renewal_datetime = datetime(*renewal_datetime[:6])
|
||||||
|
|
||||||
|
return order_timestamp <= renewal_datetime
|
||||||
|
|
|
@ -1,69 +0,0 @@
|
||||||
import hashlib
|
|
||||||
import random
|
|
||||||
import base64
|
|
||||||
|
|
||||||
from ldap3 import Server, Connection, ObjectDef, Reader, ALL
|
|
||||||
|
|
||||||
|
|
||||||
class LdapManager:
|
|
||||||
def __init__(self, server, admin_dn, admin_password):
|
|
||||||
self.server = Server(server, get_info=ALL)
|
|
||||||
self.conn = Connection(server, admin_dn, admin_password, auto_bind=True)
|
|
||||||
self.person_obj_def = ObjectDef('inetOrgPerson', self.conn)
|
|
||||||
|
|
||||||
def get(self, query=None, search_base='dc=ungleich,dc=ch'):
|
|
||||||
kwargs = {
|
|
||||||
'connection': self.conn,
|
|
||||||
'object_def': self.person_obj_def,
|
|
||||||
'base': search_base,
|
|
||||||
}
|
|
||||||
if query:
|
|
||||||
kwargs['query'] = query
|
|
||||||
r = Reader(**kwargs)
|
|
||||||
return r.search()
|
|
||||||
|
|
||||||
def is_password_valid(self, query_value, password, query_key='mail', **kwargs):
|
|
||||||
entries = self.get(query='({}={})'.format(query_key, query_value), **kwargs)
|
|
||||||
if entries:
|
|
||||||
password_in_ldap = entries[0].userPassword.value
|
|
||||||
found = self._check_password(password_in_ldap, password)
|
|
||||||
if not found:
|
|
||||||
raise Exception('Invalid Password')
|
|
||||||
else:
|
|
||||||
return entries[0]
|
|
||||||
else:
|
|
||||||
raise ValueError('Such {}={} not found'.format(query_key, query_value))
|
|
||||||
|
|
||||||
@staticmethod
|
|
||||||
def _check_password(tagged_digest_salt, password):
|
|
||||||
digest_salt_b64 = tagged_digest_salt[6:]
|
|
||||||
digest_salt = base64.decodebytes(digest_salt_b64)
|
|
||||||
digest = digest_salt[:20]
|
|
||||||
salt = digest_salt[20:]
|
|
||||||
|
|
||||||
sha = hashlib.sha1(password.encode('utf-8'))
|
|
||||||
sha.update(salt)
|
|
||||||
|
|
||||||
return digest == sha.digest()
|
|
||||||
|
|
||||||
@staticmethod
|
|
||||||
def ssha_password(password):
|
|
||||||
"""
|
|
||||||
Apply the SSHA password hashing scheme to the given *password*.
|
|
||||||
*password* must be a :class:`bytes` object, containing the utf-8
|
|
||||||
encoded password.
|
|
||||||
|
|
||||||
Return a :class:`bytes` object containing ``ascii``-compatible data
|
|
||||||
which can be used as LDAP value, e.g. after armoring it once more using
|
|
||||||
base64 or decoding it to unicode from ``ascii``.
|
|
||||||
"""
|
|
||||||
SALT_BYTES = 15
|
|
||||||
|
|
||||||
sha1 = hashlib.sha1()
|
|
||||||
salt = random.SystemRandom().getrandbits(SALT_BYTES * 8).to_bytes(SALT_BYTES, 'little')
|
|
||||||
sha1.update(password)
|
|
||||||
sha1.update(salt)
|
|
||||||
|
|
||||||
digest = sha1.digest()
|
|
||||||
passwd = b'{SSHA}' + base64.b64encode(digest + salt)
|
|
||||||
return passwd
|
|
0
nicohack202002/uncloud/opennebula/__init__.py
Normal file
0
nicohack202002/uncloud/opennebula/__init__.py
Normal file
3
nicohack202002/uncloud/opennebula/admin.py
Normal file
3
nicohack202002/uncloud/opennebula/admin.py
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
from django.contrib import admin
|
||||||
|
|
||||||
|
# Register your models here.
|
5
nicohack202002/uncloud/opennebula/apps.py
Normal file
5
nicohack202002/uncloud/opennebula/apps.py
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
from django.apps import AppConfig
|
||||||
|
|
||||||
|
|
||||||
|
class OpennebulaConfig(AppConfig):
|
||||||
|
name = 'opennebula'
|
|
@ -0,0 +1,38 @@
|
||||||
|
import os
|
||||||
|
import json
|
||||||
|
|
||||||
|
from django.core.management.base import BaseCommand
|
||||||
|
from django.contrib.auth import get_user_model
|
||||||
|
from xmlrpc.client import ServerProxy as RPCClient
|
||||||
|
|
||||||
|
from xmltodict import parse
|
||||||
|
|
||||||
|
from opennebula.models import VM as VMModel
|
||||||
|
|
||||||
|
import uncloud.secrets
|
||||||
|
|
||||||
|
class Command(BaseCommand):
|
||||||
|
help = 'Syncronize VM information from OpenNebula'
|
||||||
|
|
||||||
|
def add_arguments(self, parser):
|
||||||
|
pass
|
||||||
|
|
||||||
|
def handle(self, *args, **options):
|
||||||
|
with RPCClient(uncloud.secrets.OPENNEBULA_URL) as rpc_client:
|
||||||
|
success, response, *_ = rpc_client.one.vmpool.infoextended(
|
||||||
|
uncloud.secrets.OPENNEBULA_USER_PASS, -2, -1, -1, -1
|
||||||
|
)
|
||||||
|
if success:
|
||||||
|
vms = json.loads(json.dumps(parse(response)))['VM_POOL']['VM']
|
||||||
|
for i, vm in enumerate(vms):
|
||||||
|
vm_id = vm['ID']
|
||||||
|
vm_owner = vm['UNAME']
|
||||||
|
try:
|
||||||
|
user = get_user_model().objects.get(username=vm_owner)
|
||||||
|
except get_user_model().DoesNotExist:
|
||||||
|
user = get_user_model().objects.create_user(username=vm_owner)
|
||||||
|
|
||||||
|
vm_object = VMModel.objects.create(vmid=vm_id, owner=user, data=vm)
|
||||||
|
vm_object.save()
|
||||||
|
else:
|
||||||
|
print(response)
|
23
nicohack202002/uncloud/opennebula/migrations/0001_initial.py
Normal file
23
nicohack202002/uncloud/opennebula/migrations/0001_initial.py
Normal file
|
@ -0,0 +1,23 @@
|
||||||
|
# Generated by Django 3.0.3 on 2020-02-21 10:22
|
||||||
|
|
||||||
|
from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
|
initial = True
|
||||||
|
|
||||||
|
dependencies = [
|
||||||
|
]
|
||||||
|
|
||||||
|
operations = [
|
||||||
|
migrations.CreateModel(
|
||||||
|
name='VM',
|
||||||
|
fields=[
|
||||||
|
('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
|
||||||
|
('vmid', models.IntegerField()),
|
||||||
|
('owner', models.CharField(max_length=128)),
|
||||||
|
('data', models.CharField(max_length=65536)),
|
||||||
|
],
|
||||||
|
),
|
||||||
|
]
|
|
@ -0,0 +1,23 @@
|
||||||
|
# Generated by Django 3.0.3 on 2020-02-21 10:24
|
||||||
|
|
||||||
|
from django.db import migrations, models
|
||||||
|
|
||||||
|
|
||||||
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
|
dependencies = [
|
||||||
|
('opennebula', '0001_initial'),
|
||||||
|
]
|
||||||
|
|
||||||
|
operations = [
|
||||||
|
migrations.AlterField(
|
||||||
|
model_name='vm',
|
||||||
|
name='data',
|
||||||
|
field=models.CharField(max_length=65536, null=True),
|
||||||
|
),
|
||||||
|
migrations.AlterField(
|
||||||
|
model_name='vm',
|
||||||
|
name='owner',
|
||||||
|
field=models.CharField(max_length=128, null=True),
|
||||||
|
),
|
||||||
|
]
|
|
@ -0,0 +1,21 @@
|
||||||
|
# Generated by Django 3.0.3 on 2020-02-21 11:13
|
||||||
|
|
||||||
|
from django.conf import settings
|
||||||
|
from django.db import migrations, models
|
||||||
|
import django.db.models.deletion
|
||||||
|
|
||||||
|
|
||||||
|
class Migration(migrations.Migration):
|
||||||
|
|
||||||
|
dependencies = [
|
||||||
|
migrations.swappable_dependency(settings.AUTH_USER_MODEL),
|
||||||
|
('opennebula', '0002_auto_20200221_1024'),
|
||||||
|
]
|
||||||
|
|
||||||
|
operations = [
|
||||||
|
migrations.AlterField(
|
||||||
|
model_name='vm',
|
||||||
|
name='owner',
|
||||||
|
field=models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL),
|
||||||
|
),
|
||||||
|
]
|
0
nicohack202002/uncloud/opennebula/migrations/__init__.py
Normal file
0
nicohack202002/uncloud/opennebula/migrations/__init__.py
Normal file
8
nicohack202002/uncloud/opennebula/models.py
Normal file
8
nicohack202002/uncloud/opennebula/models.py
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
from django.db import models
|
||||||
|
from django.contrib.auth import get_user_model
|
||||||
|
|
||||||
|
|
||||||
|
class VM(models.Model):
|
||||||
|
vmid = models.IntegerField()
|
||||||
|
owner = models.ForeignKey(get_user_model(), on_delete=models.CASCADE)
|
||||||
|
data = models.CharField(max_length=65536, null=True)
|
8
nicohack202002/uncloud/opennebula/serializers.py
Normal file
8
nicohack202002/uncloud/opennebula/serializers.py
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
from rest_framework import serializers
|
||||||
|
from opennebula.models import VM
|
||||||
|
|
||||||
|
|
||||||
|
class VMSerializer(serializers.HyperlinkedModelSerializer):
|
||||||
|
class Meta:
|
||||||
|
model = VM
|
||||||
|
fields = ['vmid', 'owner', 'data']
|
3
nicohack202002/uncloud/opennebula/tests.py
Normal file
3
nicohack202002/uncloud/opennebula/tests.py
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
from django.test import TestCase
|
||||||
|
|
||||||
|
# Create your tests here.
|
14
nicohack202002/uncloud/opennebula/views.py
Normal file
14
nicohack202002/uncloud/opennebula/views.py
Normal file
|
@ -0,0 +1,14 @@
|
||||||
|
from rest_framework import viewsets, generics
|
||||||
|
from .models import VM
|
||||||
|
from .serializers import VMSerializer
|
||||||
|
|
||||||
|
|
||||||
|
class VMList(generics.ListAPIView):
|
||||||
|
queryset = VM.objects.all()
|
||||||
|
serializer_class = VMSerializer
|
||||||
|
|
||||||
|
|
||||||
|
class VMDetail(generics.RetrieveAPIView):
|
||||||
|
lookup_field = 'vmid'
|
||||||
|
queryset = VM.objects.all()
|
||||||
|
serializer_class = VMSerializer
|
|
@ -2,3 +2,4 @@ django
|
||||||
djangorestframework
|
djangorestframework
|
||||||
django-auth-ldap
|
django-auth-ldap
|
||||||
stripe
|
stripe
|
||||||
|
xmltodict
|
||||||
|
|
|
@ -7,5 +7,11 @@
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
# Live/test key from stripe
|
||||||
STRIPE_KEY=""
|
STRIPE_KEY=""
|
||||||
|
|
||||||
|
# XML-RPC interface of opennebula
|
||||||
|
OPENNEBULA_URL='https://opennebula.ungleich.ch:2634/RPC2'
|
||||||
|
|
||||||
|
# user:pass for accessing opennebula
|
||||||
|
OPENNEBULA_USER_PASS='user:password'
|
||||||
|
|
|
@ -39,7 +39,8 @@ INSTALLED_APPS = [
|
||||||
'django.contrib.staticfiles',
|
'django.contrib.staticfiles',
|
||||||
'rest_framework',
|
'rest_framework',
|
||||||
'uncloud_api',
|
'uncloud_api',
|
||||||
'uncloud_auth'
|
'uncloud_auth',
|
||||||
|
'opennebula'
|
||||||
]
|
]
|
||||||
|
|
||||||
MIDDLEWARE = [
|
MIDDLEWARE = [
|
||||||
|
@ -159,7 +160,7 @@ STATIC_URL = '/static/'
|
||||||
|
|
||||||
|
|
||||||
# Uncommitted file
|
# Uncommitted file
|
||||||
import uncloud.secrets
|
# import uncloud.secrets
|
||||||
|
#
|
||||||
import stripe
|
# import stripe
|
||||||
stripe.api_key = uncloud.secrets.STRIPE_KEY
|
# stripe.api_key = uncloud.secrets.STRIPE_KEY
|
||||||
|
|
|
@ -19,6 +19,8 @@ from django.urls import path, include
|
||||||
from rest_framework import routers
|
from rest_framework import routers
|
||||||
from uncloud_api import views
|
from uncloud_api import views
|
||||||
|
|
||||||
|
from opennebula import views as oneviews
|
||||||
|
|
||||||
router = routers.DefaultRouter()
|
router = routers.DefaultRouter()
|
||||||
router.register(r'users', views.UserViewSet)
|
router.register(r'users', views.UserViewSet)
|
||||||
router.register(r'groups', views.GroupViewSet)
|
router.register(r'groups', views.GroupViewSet)
|
||||||
|
@ -28,10 +30,9 @@ router.register(r'groups', views.GroupViewSet)
|
||||||
urlpatterns = [
|
urlpatterns = [
|
||||||
path('', include(router.urls)),
|
path('', include(router.urls)),
|
||||||
path('admin/', admin.site.urls),
|
path('admin/', admin.site.urls),
|
||||||
path('api-auth/', include('rest_framework.urls', namespace='rest_framework'))
|
path('products/', views.ProductsView.as_view(), name='products'),
|
||||||
]
|
path('api-auth/', include('rest_framework.urls', namespace='rest_framework')),
|
||||||
|
path('vm/list/', oneviews.VMList.as_view(), name='vm_list'),
|
||||||
|
path('vm/detail/<int:vmid>/', oneviews.VMDetail.as_view(), name='vm_detail'),
|
||||||
|
|
||||||
#urlpatterns = [
|
]
|
||||||
# path('admin/', admin.site.urls),
|
|
||||||
# path('api/', include('api.urls')),
|
|
||||||
#]
|
|
||||||
|
|
|
@ -0,0 +1,26 @@
|
||||||
|
import time
|
||||||
|
from django.conf import settings
|
||||||
|
from django.core.management.base import BaseCommand
|
||||||
|
|
||||||
|
import uncloud_api.models
|
||||||
|
|
||||||
|
import inspect
|
||||||
|
import sys
|
||||||
|
import re
|
||||||
|
|
||||||
|
class Command(BaseCommand):
|
||||||
|
args = '<None>'
|
||||||
|
help = 'hacking - only use if you are Nico'
|
||||||
|
|
||||||
|
def add_arguments(self, parser):
|
||||||
|
parser.add_argument('command', type=str, help='Command')
|
||||||
|
|
||||||
|
def handle(self, *args, **options):
|
||||||
|
getattr(self, options['command'])(**options)
|
||||||
|
|
||||||
|
@classmethod
|
||||||
|
def classtest(cls, **_):
|
||||||
|
clsmembers = inspect.getmembers(sys.modules['uncloud_api.models'], inspect.isclass)
|
||||||
|
for name, c in clsmembers:
|
||||||
|
if re.match(r'.+Product$', name):
|
||||||
|
print("{} -> {}".format(name, c))
|
|
@ -3,28 +3,89 @@ import uuid
|
||||||
from django.db import models
|
from django.db import models
|
||||||
from django.contrib.auth import get_user_model
|
from django.contrib.auth import get_user_model
|
||||||
|
|
||||||
|
# Product in DB vs. product in code
|
||||||
|
# DB:
|
||||||
|
# - need to define params (+param types) in db -> messy?
|
||||||
|
# - get /products/ is easy / automatic
|
||||||
|
#
|
||||||
|
# code
|
||||||
|
# - can have serializer/verification of fields easily in DRF
|
||||||
|
# - can have per product side effects / extra code running
|
||||||
|
# - might (??) make features easier??
|
||||||
|
# - how to setup / query the recurring period (?)
|
||||||
|
# - could get products list via getattr() + re ...Product() classes
|
||||||
|
# -> this could include the url for ordering => /order/vm_snapshot (params)
|
||||||
|
# ---> this would work with urlpatterns
|
||||||
|
|
||||||
|
# Combination: create specific product in DB (?)
|
||||||
|
# - a table per product (?) with 1 entry?
|
||||||
|
|
||||||
|
# Orders
|
||||||
|
# define state in DB
|
||||||
|
# select a price from a product => product might change, order stays
|
||||||
|
# params:
|
||||||
|
# - the product uuid or name (?) => productuuid
|
||||||
|
# - the product parameters => for each feature
|
||||||
|
#
|
||||||
|
|
||||||
|
# logs
|
||||||
|
# Should have a log = ... => 1:n field for most models!
|
||||||
|
|
||||||
class Product(models.Model):
|
class Product(models.Model):
|
||||||
uuid = models.UUIDField(primary_key=True, default=uuid.uuid4, editable=False)
|
# override these fields by default
|
||||||
name = models.CharField(max_length=256)
|
description = ""
|
||||||
|
recurring_period = "not_recurring"
|
||||||
|
|
||||||
recurring_period = models.CharField(max_length=256,
|
status = models.CharField(max_length=256,
|
||||||
choices = (
|
choices = (
|
||||||
("per_year", "Per Year"),
|
('pending', 'Pending'),
|
||||||
("per_month", "Per Month"),
|
('being_created', 'Being created'),
|
||||||
("per_week", "Per Week"),
|
('created_active', 'Created'),
|
||||||
("per_day", "Per Day"),
|
('deleted', 'Deleted')
|
||||||
("per_hour", "Per Hour"),
|
)
|
||||||
("not_recurring", "Not recurring")
|
|
||||||
),
|
|
||||||
default="not_recurring"
|
|
||||||
)
|
|
||||||
|
|
||||||
def __str__(self):
|
def __str__(self):
|
||||||
return "{}".format(self.name)
|
return "{}".format(self.name)
|
||||||
|
|
||||||
|
|
||||||
|
class VMSnapshotProduct(Product):
|
||||||
|
price_per_gb_ssd = 0.35
|
||||||
|
price_per_gb_hdd = 1.5/100
|
||||||
|
|
||||||
|
sample_ssd = 10
|
||||||
|
sample_hdd = 100
|
||||||
|
|
||||||
|
def recurring_price(self):
|
||||||
|
return 0
|
||||||
|
|
||||||
|
def one_time_price(self):
|
||||||
|
return 0
|
||||||
|
|
||||||
|
@classmethod
|
||||||
|
def sample_price(cls):
|
||||||
|
return cls.sample_ssd * cls.price_per_gb_ssd + cls.sample_hdd * cls.price_per_gb_hdd
|
||||||
|
|
||||||
|
description = "Create snapshot of a VM"
|
||||||
|
recurring_period = "monthly"
|
||||||
|
|
||||||
|
@classmethod
|
||||||
|
def pricing_model(cls):
|
||||||
|
return """
|
||||||
|
Pricing is on monthly basis and storage prices are equivalent to the storage
|
||||||
|
price in the VM.
|
||||||
|
|
||||||
|
Price per GB SSD is: {}
|
||||||
|
Price per GB HDD is: {}
|
||||||
|
|
||||||
|
|
||||||
|
Sample price for a VM with {} GB SSD and {} GB HDD VM is: {}.
|
||||||
|
""".format(cls.price_per_gb_ssd, cls.price_per_gb_hdd,
|
||||||
|
cls.sample_ssd, cls.sample_hdd, cls.sample_price())
|
||||||
|
|
||||||
|
gb_ssd = models.FloatField()
|
||||||
|
gb_hdd = models.FloatField()
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
class Feature(models.Model):
|
class Feature(models.Model):
|
||||||
uuid = models.UUIDField(primary_key=True, default=uuid.uuid4, editable=False)
|
uuid = models.UUIDField(primary_key=True, default=uuid.uuid4, editable=False)
|
||||||
|
@ -35,6 +96,15 @@ class Feature(models.Model):
|
||||||
|
|
||||||
product = models.ForeignKey(Product, on_delete=models.CASCADE)
|
product = models.ForeignKey(Product, on_delete=models.CASCADE)
|
||||||
|
|
||||||
|
# params for "cpu": cpu_count -> int
|
||||||
|
# each feature can only have one parameters
|
||||||
|
# could call this "value" and set whether it is user usable
|
||||||
|
# has_value = True/False
|
||||||
|
# value = string -> int (?)
|
||||||
|
# value_int
|
||||||
|
# value_str
|
||||||
|
# value_float
|
||||||
|
|
||||||
def __str__(self):
|
def __str__(self):
|
||||||
return "'{}' - '{}'".format(self.product, self.name)
|
return "'{}' - '{}'".format(self.product, self.name)
|
||||||
|
|
||||||
|
@ -49,11 +119,5 @@ class Order(models.Model):
|
||||||
on_delete=models.CASCADE)
|
on_delete=models.CASCADE)
|
||||||
|
|
||||||
|
|
||||||
|
class VMSnapshotOrder(Order):
|
||||||
class OrderReference(models.Model):
|
|
||||||
"""
|
|
||||||
An order can references another product / relate to it.
|
|
||||||
This model is used for the relation
|
|
||||||
"""
|
|
||||||
|
|
||||||
pass
|
pass
|
||||||
|
|
|
@ -14,3 +14,6 @@ class GroupSerializer(serializers.HyperlinkedModelSerializer):
|
||||||
class Meta:
|
class Meta:
|
||||||
model = Group
|
model = Group
|
||||||
fields = ['url', 'name']
|
fields = ['url', 'name']
|
||||||
|
|
||||||
|
class VMSnapshotSerializer(serializers.Serializer):
|
||||||
|
pass
|
||||||
|
|
|
@ -2,9 +2,11 @@ from django.shortcuts import render
|
||||||
from django.contrib.auth import get_user_model
|
from django.contrib.auth import get_user_model
|
||||||
from django.contrib.auth.models import Group
|
from django.contrib.auth.models import Group
|
||||||
|
|
||||||
from rest_framework import viewsets, permissions
|
from rest_framework import viewsets, permissions, generics
|
||||||
|
|
||||||
from .serializers import UserSerializer, GroupSerializer
|
from .serializers import UserSerializer, GroupSerializer
|
||||||
|
from rest_framework.views import APIView
|
||||||
|
from rest_framework.response import Response
|
||||||
|
|
||||||
|
|
||||||
class CreditCardViewSet(viewsets.ModelViewSet):
|
class CreditCardViewSet(viewsets.ModelViewSet):
|
||||||
|
|
||||||
|
@ -35,3 +37,47 @@ class GroupViewSet(viewsets.ModelViewSet):
|
||||||
serializer_class = GroupSerializer
|
serializer_class = GroupSerializer
|
||||||
|
|
||||||
permission_classes = [permissions.IsAuthenticated]
|
permission_classes = [permissions.IsAuthenticated]
|
||||||
|
|
||||||
|
class GroupViewSet(viewsets.ModelViewSet):
|
||||||
|
"""
|
||||||
|
API endpoint that allows groups to be viewed or edited.
|
||||||
|
"""
|
||||||
|
queryset = Group.objects.all()
|
||||||
|
serializer_class = GroupSerializer
|
||||||
|
|
||||||
|
permission_classes = [permissions.IsAuthenticated]
|
||||||
|
|
||||||
|
|
||||||
|
# POST /vm/snapshot/ vmuuid=... => create snapshot, returns snapshot uuid
|
||||||
|
# GET /vm/snapshot => list
|
||||||
|
# DEL /vm/snapshot/<uuid:uuid> => delete
|
||||||
|
# create-list -> get, post => ListCreateAPIView
|
||||||
|
# del on other!
|
||||||
|
class VMSnapshotView(generics.ListCreateAPIView):
|
||||||
|
#lookup_field = 'uuid'
|
||||||
|
permission_classes = [permissions.IsAuthenticated]
|
||||||
|
|
||||||
|
import inspect
|
||||||
|
import sys
|
||||||
|
import re
|
||||||
|
|
||||||
|
# Next: create /order/<productname> urls
|
||||||
|
# Next: strip off "Product" at the end
|
||||||
|
class ProductsView(APIView):
|
||||||
|
def get(self, request, format=None):
|
||||||
|
clsmembers = inspect.getmembers(sys.modules['uncloud_api.models'], inspect.isclass)
|
||||||
|
products = []
|
||||||
|
for name, c in clsmembers:
|
||||||
|
# Include everything that ends in Product, but not Product itself
|
||||||
|
m = re.match(r'(?P<pname>.+)Product$', name)
|
||||||
|
if m:
|
||||||
|
products.append({
|
||||||
|
'name': m.group('pname'),
|
||||||
|
'description': c.description,
|
||||||
|
'recurring_period': c.recurring_period,
|
||||||
|
'pricing_model': c.pricing_model()
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
return Response(products)
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
from django.contrib.auth.models import AbstractUser
|
from django.contrib.auth.models import AbstractUser
|
||||||
|
|
||||||
|
|
||||||
class User(AbstractUser):
|
class User(AbstractUser):
|
||||||
pass
|
pass
|
||||||
|
|
|
@ -1,5 +1,14 @@
|
||||||
* snapshot feature
|
* snapshot feature
|
||||||
** product: vm-snapshot
|
** product: vm-snapshot
|
||||||
|
** flow
|
||||||
|
*** list all my VMs
|
||||||
|
**** get the uuid of the VM I want to take a snapshot of
|
||||||
|
*** request a snapshot
|
||||||
|
```
|
||||||
|
vmuuid=$(http nicocustomer
|
||||||
|
http -a nicocustomer:xxx http://uncloud.ch/vm/create_snapshot uuid=
|
||||||
|
password=...
|
||||||
|
```
|
||||||
* steps
|
* steps
|
||||||
** DONE authenticate via ldap
|
** DONE authenticate via ldap
|
||||||
CLOSED: [2020-02-20 Thu 19:05]
|
CLOSED: [2020-02-20 Thu 19:05]
|
||||||
|
|
6
plan.org
Normal file
6
plan.org
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
* TODO register CC
|
||||||
|
* TODO list products
|
||||||
|
* ahmed
|
||||||
|
** schemas
|
||||||
|
*** field: is_valid? - used by schemas
|
||||||
|
*** definition of a "schema"
|
|
@ -1,4 +1,11 @@
|
||||||
flask-restful
|
xmltodict
|
||||||
ldap3
|
djangorestframework
|
||||||
etcd3
|
django
|
||||||
|
done
|
||||||
stripe
|
stripe
|
||||||
|
flask
|
||||||
|
Flask-RESTful
|
||||||
|
git+https://code.ungleich.ch/ahmedbilal/ungleich-common/#egg=ungleich-common-etcd&subdirectory=etcd
|
||||||
|
git+https://code.ungleich.ch/ahmedbilal/ungleich-common/#egg=ungleich-common-ldap&subdirectory=ldap
|
||||||
|
git+https://code.ungleich.ch/ahmedbilal/ungleich-common/#egg=ungleich-common-std&subdirectory=std
|
||||||
|
git+https://code.ungleich.ch/ahmedbilal/ungleich-common/#egg=ungleich-common-schemas&subdirectory=schemas
|
||||||
|
|
17
sample-pay.conf
Normal file
17
sample-pay.conf
Normal file
|
@ -0,0 +1,17 @@
|
||||||
|
[etcd]
|
||||||
|
host = 127.0.0.1
|
||||||
|
port = 2379
|
||||||
|
ca_cert
|
||||||
|
cert_cert
|
||||||
|
cert_key
|
||||||
|
|
||||||
|
[stripe]
|
||||||
|
private_key=stripe_private_key
|
||||||
|
|
||||||
|
[app]
|
||||||
|
port = 5000
|
||||||
|
|
||||||
|
[ldap]
|
||||||
|
server = ldap_server_url
|
||||||
|
admin_dn = ldap_admin_dn
|
||||||
|
admin_password = ldap_admin_password
|
92
schemas.py
92
schemas.py
|
@ -3,95 +3,9 @@ import config
|
||||||
import json
|
import json
|
||||||
import math
|
import math
|
||||||
|
|
||||||
from config import ldap_manager
|
from config import ldap_manager, etcd_client
|
||||||
from helper import resolve_product
|
from helper import resolve_product
|
||||||
|
from ungleich_common.schemas.schemas import BaseSchema, Field, ValidationException
|
||||||
etcd_client = config.etcd_client
|
|
||||||
|
|
||||||
|
|
||||||
class ValidationException(Exception):
|
|
||||||
"""Validation Error"""
|
|
||||||
|
|
||||||
|
|
||||||
class Field:
|
|
||||||
def __init__(self, _name, _type, _value=None, validators=None, disable_validation=False):
|
|
||||||
self.validation_disabled = disable_validation
|
|
||||||
self.name = _name
|
|
||||||
self.value = _value
|
|
||||||
self.type = _type
|
|
||||||
self.validators = validators or []
|
|
||||||
|
|
||||||
def is_valid(self):
|
|
||||||
if not self.validation_disabled:
|
|
||||||
if not isinstance(self.value, self.type):
|
|
||||||
try:
|
|
||||||
self.value = self.type(self.value)
|
|
||||||
except Exception:
|
|
||||||
raise ValidationException("Incorrect Type for '{}' field".format(self.name))
|
|
||||||
|
|
||||||
for validator in self.validators:
|
|
||||||
validator()
|
|
||||||
|
|
||||||
def __repr__(self):
|
|
||||||
return self.name
|
|
||||||
|
|
||||||
|
|
||||||
class BaseSchema:
|
|
||||||
def __init__(self):
|
|
||||||
self.objects = {}
|
|
||||||
|
|
||||||
def validation(self):
|
|
||||||
# custom validation is optional
|
|
||||||
return True
|
|
||||||
|
|
||||||
def get_fields(self):
|
|
||||||
return [getattr(self, field) for field in dir(self) if isinstance(getattr(self, field), Field)]
|
|
||||||
|
|
||||||
def is_valid(self):
|
|
||||||
for field in self.get_fields():
|
|
||||||
field.is_valid()
|
|
||||||
self.validation()
|
|
||||||
|
|
||||||
def get_cleaned_values(self):
|
|
||||||
field_kv_dict = {
|
|
||||||
field.name: field.value
|
|
||||||
for field in self.get_fields()
|
|
||||||
}
|
|
||||||
cleaned_values = field_kv_dict
|
|
||||||
cleaned_values.update(self.objects)
|
|
||||||
|
|
||||||
return cleaned_values
|
|
||||||
|
|
||||||
def add_schema(self, schema, data, under_field_name=None):
|
|
||||||
s = schema(data)
|
|
||||||
s.is_valid()
|
|
||||||
|
|
||||||
base = self
|
|
||||||
if under_field_name:
|
|
||||||
# Create a field in self
|
|
||||||
setattr(self, under_field_name, Field(under_field_name, dict, _value={}, disable_validation=True))
|
|
||||||
base = getattr(self, under_field_name)
|
|
||||||
|
|
||||||
for field in s.get_fields():
|
|
||||||
if under_field_name:
|
|
||||||
getattr(base, 'value')[field.name] = field.value
|
|
||||||
else:
|
|
||||||
setattr(base, field.name, field)
|
|
||||||
|
|
||||||
self.objects.update(s.objects)
|
|
||||||
|
|
||||||
@staticmethod
|
|
||||||
def get(dictionary: dict, key: str, return_default=False, default=None):
|
|
||||||
if dictionary is None:
|
|
||||||
raise ValidationException('No data provided at all.')
|
|
||||||
try:
|
|
||||||
value = dictionary[key]
|
|
||||||
except KeyError:
|
|
||||||
if return_default:
|
|
||||||
return {'_value': default, 'disable_validation': True}
|
|
||||||
raise ValidationException("Missing data for '{}' field.".format(key))
|
|
||||||
else:
|
|
||||||
return {'_value': value, 'disable_validation': False}
|
|
||||||
|
|
||||||
|
|
||||||
class AddProductSchema(BaseSchema):
|
class AddProductSchema(BaseSchema):
|
||||||
|
@ -105,7 +19,7 @@ class AddProductSchema(BaseSchema):
|
||||||
user = self.objects['user']
|
user = self.objects['user']
|
||||||
user = json.loads(user.entry_to_json())
|
user = json.loads(user.entry_to_json())
|
||||||
uid, ou, *dc = user['dn'].replace('ou=', '').replace('dc=', '').replace('uid=', '').split(',')
|
uid, ou, *dc = user['dn'].replace('ou=', '').replace('dc=', '').replace('uid=', '').split(',')
|
||||||
if ou != config.config['ldap']['internal_user_ou']:
|
if ou != config.config.get('ldap', 'internal_user_ou', fallback='users'):
|
||||||
raise ValidationException('You do not have access to create product.')
|
raise ValidationException('You do not have access to create product.')
|
||||||
|
|
||||||
product = resolve_product(self.specs.value['usable-id'], etcd_client)
|
product = resolve_product(self.specs.value['usable-id'], etcd_client)
|
||||||
|
|
|
@ -1,12 +1,11 @@
|
||||||
import json
|
|
||||||
import re
|
import re
|
||||||
import stripe
|
import stripe
|
||||||
import stripe.error
|
import stripe.error
|
||||||
import logging
|
import logging
|
||||||
|
|
||||||
# FIXME: way too many dependencies in this import
|
from config import etcd_client as client, config as config
|
||||||
# Most of them are not needed for stripe
|
|
||||||
#from config import etcd_client as client, config as config
|
stripe.api_key = config.get('stripe', 'private_key')
|
||||||
|
|
||||||
|
|
||||||
def handle_stripe_error(f):
|
def handle_stripe_error(f):
|
||||||
|
@ -292,7 +291,7 @@ class StripeUtils(object):
|
||||||
returns the new object.
|
returns the new object.
|
||||||
|
|
||||||
:param amount: The amount in CHF cents
|
:param amount: The amount in CHF cents
|
||||||
:param name: The name of the Stripe plan to be created.
|
:param product_name: The name of the Stripe plan (product) to be created.
|
||||||
:param stripe_plan_id: The id of the Stripe plan to be
|
:param stripe_plan_id: The id of the Stripe plan to be
|
||||||
created. Use get_stripe_plan_id_string function to
|
created. Use get_stripe_plan_id_string function to
|
||||||
obtain the name of the plan to be created
|
obtain the name of the plan to be created
|
||||||
|
|
|
@ -5,7 +5,7 @@ from uuid import uuid4
|
||||||
|
|
||||||
from flask import Flask, request
|
from flask import Flask, request
|
||||||
from flask_restful import Resource, Api
|
from flask_restful import Resource, Api
|
||||||
|
from werkzeug.exceptions import HTTPException
|
||||||
from config import etcd_client as client, config as config
|
from config import etcd_client as client, config as config
|
||||||
from stripe_utils import StripeUtils
|
from stripe_utils import StripeUtils
|
||||||
from schemas import (
|
from schemas import (
|
||||||
|
@ -324,4 +324,15 @@ if __name__ == '__main__':
|
||||||
api.add_resource(UserRegisterPayment, '/user/register_payment')
|
api.add_resource(UserRegisterPayment, '/user/register_payment')
|
||||||
api.add_resource(OrderList, '/order/list')
|
api.add_resource(OrderList, '/order/list')
|
||||||
|
|
||||||
app.run(host='::', port=config['app']['port'], debug=True)
|
app.run(host='::', port=config.get('app', 'port', fallback=5000), debug=True)
|
||||||
|
|
||||||
|
|
||||||
|
@app.errorhandler(Exception)
|
||||||
|
def handle_exception(e):
|
||||||
|
app.logger.error(e)
|
||||||
|
# pass through HTTP errors
|
||||||
|
if isinstance(e, HTTPException):
|
||||||
|
return e
|
||||||
|
|
||||||
|
# now you're handling non-HTTP exceptions only
|
||||||
|
return {'message': 'Server Error'}, 500
|
||||||
|
|
Loading…
Reference in a new issue