goosebit 0.1.0__py3-none-any.whl → 0.1.2__py3-none-any.whl

goosebit/__init__.py

@@ -5,8 +5,9 @@ from fastapi import Depends, FastAPI
 from fastapi.requests import Request
 from fastapi.responses import RedirectResponse
 from fastapi.security import OAuth2PasswordRequestForm
+from opentelemetry.instrumentation.fastapi import FastAPIInstrumentor as Instrumentor
 
-from goosebit import api, db, realtime, ui, updater
+from goosebit import api, db, realtime, telemetry, ui, updater
 from goosebit.auth import (
     authenticate_user,
     auto_redirect,
@@ -20,6 +21,7 @@ from goosebit.ui.templates import templates
 @asynccontextmanager
 async def lifespan(_: FastAPI):
     await db.init()
+    await telemetry.init()
     yield
     await db.close()
 
@@ -30,6 +32,7 @@ app.include_router(ui.router)
 app.include_router(api.router)
 app.include_router(realtime.router)
 app.mount("/static", static, name="static")
+Instrumentor.instrument_app(app)
 
 
 @app.middleware("http")
@@ -45,18 +48,18 @@ def root_redirect(request: Request):
 
 @app.get("/login", dependencies=[Depends(auto_redirect)], include_in_schema=False)
 async def login_ui(request: Request):
-    return templates.TemplateResponse("login.html", context={"request": request})
+    return templates.TemplateResponse(request, "login.html")
 
 
 @app.post("/login", include_in_schema=False, dependencies=[Depends(authenticate_user)])
-async def login(form_data: Annotated[OAuth2PasswordRequestForm, Depends()]):
-    resp = RedirectResponse("/ui/home", status_code=302)
+async def login(request: Request, form_data: Annotated[OAuth2PasswordRequestForm, Depends()]):
+    resp = RedirectResponse(request.url_for("ui_root"), status_code=302)
     resp.set_cookie(key="session_id", value=create_session(form_data.username))
     return resp
 
 
 @app.get("/logout", include_in_schema=False)
 async def logout(request: Request):
-    resp = RedirectResponse("/login", status_code=302)
+    resp = RedirectResponse(request.url_for("login_ui"), status_code=302)
     resp.delete_cookie(key="session_id")
     return resp

goosebit/api/__init__.py

@@ -1 +1 @@
-from .routes import router
+from .routes import router  # noqa: F401

goosebit/api/devices.py

@@ -1,17 +1,16 @@
-from __future__ import annotations
-
-import asyncio
 import time
+from typing import Any
 
 from fastapi import APIRouter, Security
 from fastapi.requests import Request
 from pydantic import BaseModel
+from tortoise.expressions import Q
 
+from goosebit.api.helper import filter_data
 from goosebit.auth import validate_user_permissions
-from goosebit.models import Device
+from goosebit.models import Device, Firmware, UpdateModeEnum, UpdateStateEnum
 from goosebit.permissions import Permissions
-from goosebit.updater.manager import delete_device, get_update_manager
-from goosebit.updater.misc import get_device_by_uuid
+from goosebit.updater.manager import delete_devices, get_update_manager
 
 router = APIRouter(prefix="/devices")
 
@@ -20,51 +19,80 @@ router = APIRouter(prefix="/devices")
     "/all",
     dependencies=[Security(validate_user_permissions, scopes=[Permissions.HOME.READ])],
 )
-async def devices_get_all() -> list[dict]:
-    devices = await Device.all()
+async def devices_get_all(request: Request) -> dict[str, int | list[Any] | Any]:
+    query = Device.all().prefetch_related("assigned_firmware", "hardware")
+
+    def search_filter(search_value):
+        return (
+            Q(uuid__icontains=search_value)
+            | Q(name__icontains=search_value)
+            | Q(feed__icontains=search_value)
+            | Q(flavor__icontains=search_value)
+            | Q(update_mode__icontains=UpdateModeEnum.from_str(search_value))
+            | Q(last_state__icontains=UpdateStateEnum.from_str(search_value))
+        )
 
     async def parse(device: Device) -> dict:
         manager = await get_update_manager(device.uuid)
+        _, target_firmware = await manager.get_update()
         last_seen = device.last_seen
         if last_seen is not None:
             last_seen = round(time.time() - device.last_seen)
         return {
             "uuid": device.uuid,
-            "web_pwd": device.web_pwd,
             "name": device.name,
-            "fw": device.fw_version,
-            "fw_file": device.fw_file,
-            "state": device.last_state,
-            "force_update": manager.force_update,
+            "fw_installed_version": device.fw_version,
+            "fw_target_version": (target_firmware.version if target_firmware is not None else None),
+            "fw_assigned": (device.assigned_firmware.id if device.assigned_firmware is not None else None),
+            "hw_model": device.hardware.model,
+            "hw_revision": device.hardware.revision,
+            "feed": device.feed,
+            "flavor": device.flavor,
+            "progress": device.progress,
+            "state": str(device.last_state),
+            "update_mode": str(device.update_mode),
+            "force_update": device.force_update,
             "last_ip": device.last_ip,
             "last_seen": last_seen,
-            "online": last_seen < 120 if last_seen is not None else None,
+            "online": (last_seen < manager.poll_seconds if last_seen is not None else None),
         }
 
-    return list(await asyncio.gather(*[parse(d) for d in devices]))
+    total_records = await Device.all().count()
+    return await filter_data(request, query, search_filter, parse, total_records)
 
 
 class UpdateDevicesModel(BaseModel):
     devices: list[str]
     firmware: str | None = None
     name: str | None = None
+    pinned: bool | None = None
+    feed: str | None = None
+    flavor: str | None = None
 
 
 @router.post(
     "/update",
-    dependencies=[
-        Security(validate_user_permissions, scopes=[Permissions.DEVICE.WRITE])
-    ],
+    dependencies=[Security(validate_user_permissions, scopes=[Permissions.DEVICE.WRITE])],
 )
-async def devices_update(request: Request, config: UpdateDevicesModel) -> dict:
+async def devices_update(_: Request, config: UpdateDevicesModel) -> dict:
     for uuid in config.devices:
         updater = await get_update_manager(uuid)
-        device = await updater.get_device()
         if config.firmware is not None:
-            device.fw_file = config.firmware
+            if config.firmware == "rollout":
+                await updater.update_update(UpdateModeEnum.ROLLOUT, None)
+            elif config.firmware == "latest":
+                await updater.update_update(UpdateModeEnum.LATEST, None)
+            else:
+                firmware = await Firmware.get_or_none(id=config.firmware)
+                await updater.update_update(UpdateModeEnum.ASSIGNED, firmware)
+        if config.pinned is not None:
+            await updater.update_update(UpdateModeEnum.PINNED, None)
         if config.name is not None:
-            device.name = config.name
-        await updater.save()
+            await updater.update_name(config.name)
+        if config.feed is not None:
+            await updater.update_feed(config.feed)
+        if config.flavor is not None:
+            await updater.update_flavor(config.flavor)
     return {"success": True}
 
 
@@ -74,14 +102,12 @@ class ForceUpdateModel(BaseModel):
 
 @router.post(
     "/force_update",
-    dependencies=[
-        Security(validate_user_permissions, scopes=[Permissions.DEVICE.WRITE])
-    ],
+    dependencies=[Security(validate_user_permissions, scopes=[Permissions.DEVICE.WRITE])],
 )
-async def devices_force_update(request: Request, config: ForceUpdateModel) -> dict:
+async def devices_force_update(_: Request, config: ForceUpdateModel) -> dict:
     for uuid in config.devices:
         updater = await get_update_manager(uuid)
-        updater.force_update = True
+        await updater.update_force_update(True)
     return {"success": True}
 
 
@@ -89,8 +115,9 @@ async def devices_force_update(request: Request, config: ForceUpdateModel) -> di
     "/logs/{dev_id}",
     dependencies=[Security(validate_user_permissions, scopes=[Permissions.HOME.READ])],
 )
-async def device_logs(request: Request, dev_id: str) -> str:
-    device = await get_device_by_uuid(dev_id)
+async def device_logs(_: Request, dev_id: str) -> str:
+    updater = await get_update_manager(dev_id)
+    device = await updater.get_device()
     if device.last_log is not None:
         return device.last_log
     return "No logs found."
@@ -102,11 +129,8 @@ class DeleteModel(BaseModel):
 
 @router.post(
     "/delete",
-    dependencies=[
-        Security(validate_user_permissions, scopes=[Permissions.DEVICE.DELETE])
-    ],
+    dependencies=[Security(validate_user_permissions, scopes=[Permissions.DEVICE.DELETE])],
 )
-async def devices_delete(request: Request, config: DeleteModel) -> dict:
-    for uuid in config.devices:
-        await delete_device(uuid)
+async def devices_delete(_: Request, config: DeleteModel) -> dict:
+    await delete_devices(config.devices)
     return {"success": True}

goosebit/api/download.py

@@ -1,20 +1,34 @@
-from fastapi import APIRouter, Security
+from fastapi import APIRouter, HTTPException
 from fastapi.requests import Request
-from fastapi.responses import FileResponse
+from fastapi.responses import FileResponse, RedirectResponse
+from starlette.responses import Response
 
-from goosebit.auth import validate_user_permissions
-from goosebit.permissions import Permissions
-from goosebit.settings import UPDATES_DIR
+from goosebit.models import Firmware
 
 router = APIRouter(prefix="/download")
 
 
-@router.get(
-    "/{file}",
-    dependencies=[
-        Security(validate_user_permissions, scopes=[Permissions.FIRMWARE.READ])
-    ],
-)
-async def download_file(request: Request, file: str):
-    filename = UPDATES_DIR.joinpath(file)
-    return FileResponse(filename, media_type="application/octet-stream")
+@router.head("/{file_id}")
+async def download_file_head(_: Request, file_id: int):
+    firmware = await Firmware.get_or_none(id=file_id)
+    if firmware is None:
+        raise HTTPException(404)
+
+    response = Response()
+    response.headers["Content-Length"] = str(firmware.size)
+    return response
+
+
+@router.get("/{file_id}")
+async def download_file(_: Request, file_id: int):
+    firmware = await Firmware.get_or_none(id=file_id)
+    if firmware is None:
+        raise HTTPException(404)
+    if firmware.local:
+        return FileResponse(
+            firmware.path,
+            media_type="application/octet-stream",
+            filename=firmware.path.name,
+        )
+    else:
+        return RedirectResponse(url=firmware.uri)

goosebit/api/firmware.py

@@ -1,64 +1,57 @@
+from typing import Any
+
 from fastapi import APIRouter, Body, Security
 from fastapi.requests import Request
+from tortoise.expressions import Q
 
+from goosebit.api.helper import filter_data
 from goosebit.auth import validate_user_permissions
+from goosebit.models import Firmware
 from goosebit.permissions import Permissions
-from goosebit.settings import UPDATES_DIR
-from goosebit.updater.misc import fw_sort_key, get_newest_fw
-from goosebit.updater.updates import FirmwareArtifact
 
 router = APIRouter(prefix="/firmware")
 
 
 @router.get(
     "/all",
-    dependencies=[
-        Security(validate_user_permissions, scopes=[Permissions.FIRMWARE.READ])
-    ],
+    dependencies=[Security(validate_user_permissions, scopes=[Permissions.FIRMWARE.READ])],
 )
-async def firmware_get_all() -> list[dict]:
-    UPDATES_DIR.mkdir(parents=True, exist_ok=True)
-
-    firmware = []
-    for file in sorted(
-        [f for f in UPDATES_DIR.iterdir() if f.suffix == ".swu"],
-        key=lambda x: fw_sort_key(x),
-        reverse=True,
-    ):
-        artifact = FirmwareArtifact(file.name)
-        firmware.append(
-            {
-                "name": file.name,
-                "size": artifact.path.stat().st_size,
-                "version": artifact.version,
-            }
-        )
-
-    return firmware
+async def firmware_get_all(
+    request: Request,
+) -> dict[str, int | list[dict[str, list[Any] | Any]]]:
+    query = Firmware.all()
 
+    def search_filter(search_value):
+        return Q(uri__icontains=search_value) | Q(version__icontains=search_value)
 
-@router.get(
-    "/latest",
-    dependencies=[
-        Security(validate_user_permissions, scopes=[Permissions.FIRMWARE.READ])
-    ],
-)
-async def firmware_get_latest() -> dict:
-    UPDATES_DIR.mkdir(parents=True, exist_ok=True)
+    async def parse(f):
+        return {
+            "id": f.id,
+            "name": f.path.name,
+            "size": f.size,
+            "hash": f.hash,
+            "version": f.version,
+            "compatibility": list(await f.compatibility.all().values()),
+        }
 
-    file_data = UPDATES_DIR.joinpath(get_newest_fw())
-    return {"name": file_data.name, "size": file_data.stat().st_size}
+    total_records = await Firmware.all().count()
+    return await filter_data(request, query, search_filter, parse, total_records)
 
 
 @router.post(
     "/delete",
-    dependencies=[
-        Security(validate_user_permissions, scopes=[Permissions.FIRMWARE.DELETE])
-    ],
+    dependencies=[Security(validate_user_permissions, scopes=[Permissions.FIRMWARE.DELETE])],
 )
-async def firmware_delete(request: Request, file: str = Body()) -> dict:
-    file_path = UPDATES_DIR.joinpath(file)
-    if file_path.exists():
-        file_path.unlink()
-        return {"success": True}
-    return {"success": False}
+async def firmware_delete(_: Request, files: list[int] = Body()) -> dict:
+    success = False
+    for f_id in files:
+        firmware = await Firmware.get_or_none(id=f_id)
+        if firmware is None:
+            continue
+        if firmware.local:
+            path = firmware.path
+            if path.exists():
+                path.unlink()
+        await firmware.delete()
+        success = True
+    return {"success": success}

goosebit/api/helper.py

@@ -0,0 +1,30 @@
+import asyncio
+
+
+async def filter_data(request, query, search_filter, parse, total_records):
+    params = request.query_params
+
+    draw = int(params.get("draw", 1))
+    start = int(params.get("start", 0))
+    length = int(params.get("length", 10))
+    search_value = params.get("search[value]", None)
+    order_column_index = params.get("order[0][column]", None)
+    order_column = params.get(f"columns[{order_column_index}][data]", None)
+    order_dir = params.get("order[0][dir]", None)
+
+    if search_value:
+        query = query.filter(search_filter(search_value))
+
+    if order_column:
+        query = query.order_by(f"{"-" if order_dir == "desc" else ""}{order_column}")
+
+    filtered_records = await query.count()
+    rollouts = await query.offset(start).limit(length).all()
+    data = list(await asyncio.gather(*[parse(r) for r in rollouts]))
+
+    return {
+        "draw": draw,
+        "recordsTotal": total_records,
+        "recordsFiltered": filtered_records,
+        "data": data,
+    }

goosebit/api/rollouts.py

@@ -0,0 +1,87 @@
+from fastapi import APIRouter, Security
+from fastapi.requests import Request
+from pydantic import BaseModel
+from tortoise.expressions import Q
+
+from goosebit.api.helper import filter_data
+from goosebit.auth import validate_user_permissions
+from goosebit.models import Rollout
+from goosebit.permissions import Permissions
+
+router = APIRouter(prefix="/rollouts")
+
+
+@router.get(
+    "/all",
+    dependencies=[Security(validate_user_permissions, scopes=[Permissions.ROLLOUT.READ])],
+)
+async def rollouts_get_all(request: Request) -> dict[str, int | list[dict]]:
+    query = Rollout.all().prefetch_related("firmware")
+
+    def search_filter(search_value):
+        return Q(name__icontains=search_value) | Q(feed__icontains=search_value) | Q(flavor__icontains=search_value)
+
+    async def parse(rollout: Rollout) -> dict:
+        return {
+            "id": rollout.id,
+            "created_at": int(rollout.created_at.timestamp() * 1000),
+            "name": rollout.name,
+            "feed": rollout.feed,
+            "flavor": rollout.flavor,
+            "fw_file": rollout.firmware.path.name,
+            "fw_version": rollout.firmware.version,
+            "paused": rollout.paused,
+            "success_count": rollout.success_count,
+            "failure_count": rollout.failure_count,
+        }
+
+    total_records = await Rollout.all().count()
+    return await filter_data(request, query, search_filter, parse, total_records)
+
+
+class CreateRolloutsModel(BaseModel):
+    name: str
+    feed: str
+    flavor: str
+    firmware_id: int
+
+
+@router.post(
+    "/",
+    dependencies=[Security(validate_user_permissions, scopes=[Permissions.ROLLOUT.WRITE])],
+)
+async def rollouts_create(_: Request, rollout: CreateRolloutsModel) -> dict:
+    rollout = await Rollout.create(
+        name=rollout.name,
+        feed=rollout.feed,
+        flavor=rollout.flavor,
+        firmware_id=rollout.firmware_id,
+    )
+    return {"success": True, "id": rollout.id}
+
+
+class UpdateRolloutsModel(BaseModel):
+    ids: list[int]
+    paused: bool
+
+
+@router.post(
+    "/update",
+    dependencies=[Security(validate_user_permissions, scopes=[Permissions.ROLLOUT.WRITE])],
+)
+async def rollouts_update(_: Request, rollouts: UpdateRolloutsModel) -> dict:
+    await Rollout.filter(id__in=rollouts.ids).update(paused=rollouts.paused)
+    return {"success": True}
+
+
+class DeleteRolloutsModel(BaseModel):
+    ids: list[int]
+
+
+@router.post(
+    "/delete",
+    dependencies=[Security(validate_user_permissions, scopes=[Permissions.ROLLOUT.DELETE])],
+)
+async def rollouts_delete(_: Request, rollouts: DeleteRolloutsModel) -> dict:
+    await Rollout.filter(id__in=rollouts.ids).delete()
+    return {"success": True}

goosebit/api/routes.py

@@ -1,11 +1,19 @@
 from fastapi import APIRouter, Depends
 
-from goosebit.api import devices, download, firmware
+from goosebit.api import devices, download, firmware, rollouts
 from goosebit.auth import authenticate_api_session
 
-router = APIRouter(
-    prefix="/api", dependencies=[Depends(authenticate_api_session)], tags=["api"]
-)
-router.include_router(firmware.router)
-router.include_router(devices.router)
-router.include_router(download.router)
+# main router that requires authentication
+main_router = APIRouter(prefix="/api", dependencies=[Depends(authenticate_api_session)], tags=["api"])
+main_router.include_router(firmware.router)
+main_router.include_router(devices.router)
+main_router.include_router(rollouts.router)
+
+# download router without authentication
+download_router = APIRouter(prefix="/api", tags=["api"])
+download_router.include_router(download.router)
+
+# include both routers
+router = APIRouter()
+router.include_router(main_router)
+router.include_router(download_router)

goosebit/auth/__init__.py

@@ -1,13 +1,16 @@
-from __future__ import annotations
+import logging
 
+from argon2.exceptions import VerifyMismatchError
 from fastapi import Depends, HTTPException
 from fastapi.requests import Request
 from fastapi.security import SecurityScopes
 from fastapi.websockets import WebSocket
-from jose import jwt
+from joserfc import jwt
+from joserfc.errors import BadSignatureError
 
 from goosebit.settings import PWD_CXT, SECRET, USERS
 
+logger = logging.getLogger(__name__)
 
 async def authenticate_user(request: Request):
     form_data = await request.form()
@@ -20,7 +23,14 @@ async def authenticate_user(request: Request):
             headers={"location": str(request.url_for("login"))},
             detail="Invalid credentials",
         )
-    if not PWD_CXT.verify(password, user.hashed_pwd):
+    try:
+        if not PWD_CXT.verify(user.hashed_pwd, password):
+            raise HTTPException(
+                status_code=302,
+                headers={"location": str(request.url_for("login"))},
+                detail="Invalid credentials",
+            )
+    except VerifyMismatchError:
         raise HTTPException(
             status_code=302,
             headers={"location": str(request.url_for("login"))},
@@ -29,46 +39,47 @@ async def authenticate_user(request: Request):
     return user
 
 
-sessions = {}
-
-
-def create_session(email: str) -> str:
-    token = jwt.encode({"email": email}, SECRET)
-    sessions[token] = email
-    return token
+def create_session(username: str) -> str:
+    return jwt.encode(header={"alg": "HS256"}, claims={"username": username}, key=SECRET)
 
 
 def authenticate_session(request: Request):
     session_id = request.cookies.get("session_id")
-    if session_id is None or session_id not in sessions:
+    if session_id is None:
         raise HTTPException(
             status_code=302,
             headers={"location": str(request.url_for("login"))},
             detail="Invalid session ID",
         )
     user = get_user_from_session(session_id)
+    if user is None:
+        raise HTTPException(
+            status_code=302,
+            headers={"location": str(request.url_for("login"))},
+            detail="Invalid username",
+        )
     return user
 
 
 def authenticate_api_session(request: Request):
     session_id = request.cookies.get("session_id")
-    if session_id is None or session_id not in sessions:
-        raise HTTPException(status_code=401, detail="Not logged in")
     user = get_user_from_session(session_id)
+    if user is None:
+        raise HTTPException(status_code=401, detail="Not logged in")
     return user
 
 
 def authenticate_ws_session(websocket: WebSocket):
     session_id = websocket.cookies.get("session_id")
-    if session_id is None or session_id not in sessions:
-        raise HTTPException(status_code=401, detail="Not logged in")
     user = get_user_from_session(session_id)
+    if user is None:
+        raise HTTPException(status_code=401, detail="Not logged in")
     return user
 
 
 def auto_redirect(request: Request):
     session_id = request.cookies.get("session_id")
-    if session_id is None or session_id not in sessions:
+    if get_user_from_session(session_id) is None:
         return request
     raise HTTPException(
         status_code=302,
@@ -78,16 +89,20 @@ def auto_redirect(request: Request):
 
 
 def get_user_from_session(session_id: str):
-    for username in USERS:
-        if username == sessions.get(session_id):
-            return username
+    if session_id is None:
+        return
+    try:
+        session_data = jwt.decode(session_id, SECRET)
+        return session_data.claims["username"]
+    except (BadSignatureError, LookupError, ValueError):
+        pass
 
 
 def get_current_user(request: Request):
     session_id = request.cookies.get("session_id")
-    if session_id is None or session_id not in sessions:
-        return None
     user = get_user_from_session(session_id)
+    if user is None:
+        return None
     return USERS[user]
 
 
@@ -101,6 +116,7 @@ def validate_user_permissions(
         return request
     for scope in security.scopes:
         if scope not in user.permissions:
+            logger.warning(f"User {username} does not have permission {scope}")
             raise HTTPException(
                 status_code=403,
                 detail="Not enough permissions",

goosebit/db.py

@@ -1,6 +1,7 @@
 from aerich import Command
 from tortoise import Tortoise, run_async
 
+from goosebit.models import Firmware
 from goosebit.settings import DB_MIGRATIONS_LOC, DB_URI
 
 TORTOISE_CONF = {
@@ -22,6 +23,10 @@ async def init():
     await command.migrate()
     await command.upgrade(run_in_transaction=True)
     await Tortoise.generate_schemas(safe=True)
+    for firmware in await Firmware.all():
+        if firmware.local and not firmware.path.exists():
+            # delete it
+            await firmware.delete()
 
 
 async def close():