goosebit 0.1.2__py3-none-any.whl → 0.2.1__py3-none-any.whl

goosebit/__init__.py

@@ -1,19 +1,18 @@
+import importlib.metadata
 from contextlib import asynccontextmanager
 from typing import Annotated
 
 from fastapi import Depends, FastAPI
+from fastapi.openapi.docs import get_swagger_ui_html
 from fastapi.requests import Request
 from fastapi.responses import RedirectResponse
 from fastapi.security import OAuth2PasswordRequestForm
 from opentelemetry.instrumentation.fastapi import FastAPIInstrumentor as Instrumentor
 
-from goosebit import api, db, realtime, telemetry, ui, updater
-from goosebit.auth import (
-    authenticate_user,
-    auto_redirect,
-    create_session,
-    get_current_user,
-)
+from goosebit import api, db, realtime, ui, updater
+from goosebit.api.telemetry import metrics
+from goosebit.auth import get_user_from_request, login_user, redirect_if_authenticated
+from goosebit.ui.nav import nav
 from goosebit.ui.static import static
 from goosebit.ui.templates import templates
 
@@ -21,12 +20,30 @@ from goosebit.ui.templates import templates
 @asynccontextmanager
 async def lifespan(_: FastAPI):
     await db.init()
-    await telemetry.init()
+    await metrics.init()
     yield
     await db.close()
 
 
-app = FastAPI(lifespan=lifespan)
+app = FastAPI(
+    title="gooseBit",
+    summary="A simplistic, opinionated remote update server implementing hawkBit™'s DDI API.",
+    version=importlib.metadata.version("goosebit"),
+    lifespan=lifespan,
+    license_info={
+        "name": "Apache 2.0",
+        "identifier": "Apache-2.0",
+    },
+    redoc_url=None,
+    docs_url=None,
+    openapi_tags=[
+        {
+            "name": "login",
+            "description": "API authentication.  "
+            "Can be used in the `authorization` header, in the format `{token_type} {access_token}`.",
+        }
+    ],
+)
 app.include_router(updater.router)
 app.include_router(ui.router)
 app.include_router(api.router)
@@ -37,7 +54,13 @@ Instrumentor.instrument_app(app)
 
 @app.middleware("http")
 async def attach_user(request: Request, call_next):
-    request.scope["user"] = get_current_user(request)
+    request.scope["user"] = await get_user_from_request(request)
+    return await call_next(request)
+
+
+@app.middleware("http")
+async def attach_nav(request: Request, call_next):
+    request.scope["nav"] = nav.get()
     return await call_next(request)
 
 
@@ -46,20 +69,28 @@ def root_redirect(request: Request):
     return RedirectResponse(request.url_for("ui_root"))
 
 
-@app.get("/login", dependencies=[Depends(auto_redirect)], include_in_schema=False)
-async def login_ui(request: Request):
-    return templates.TemplateResponse(request, "login.html")
+@app.get("/login", include_in_schema=False, dependencies=[Depends(redirect_if_authenticated)])
+async def login_get(request: Request):
+    return templates.TemplateResponse(request, "login.html.jinja")
 
 
-@app.post("/login", include_in_schema=False, dependencies=[Depends(authenticate_user)])
-async def login(request: Request, form_data: Annotated[OAuth2PasswordRequestForm, Depends()]):
-    resp = RedirectResponse(request.url_for("ui_root"), status_code=302)
-    resp.set_cookie(key="session_id", value=create_session(form_data.username))
-    return resp
+@app.post("/login", tags=["login"])
+async def login_post(form_data: Annotated[OAuth2PasswordRequestForm, Depends()]):
+    return {"access_token": login_user(form_data.username, form_data.password), "token_type": "bearer"}
 
 
 @app.get("/logout", include_in_schema=False)
 async def logout(request: Request):
-    resp = RedirectResponse(request.url_for("login_ui"), status_code=302)
+    resp = RedirectResponse(request.url_for("login_get"), status_code=302)
     resp.delete_cookie(key="session_id")
     return resp
+
+
+@app.get("/docs")
+async def swagger_docs(request: Request):
+    return get_swagger_ui_html(
+        title="gooseBit docs",
+        openapi_url="/openapi.json",
+        swagger_favicon_url=str(request.url_for("static", path="/favicon.svg")),
+        swagger_ui_parameters={"operationsSorter": "alpha"},
+    )

goosebit/__main__.py

@@ -0,0 +1,7 @@
+import uvicorn
+
+from goosebit import app
+from goosebit.settings import config
+
+if __name__ == "__main__":
+    uvicorn.run(app, host="0.0.0.0", port=config.port)

goosebit/api/responses.py

@@ -0,0 +1,5 @@
+from pydantic import BaseModel
+
+
+class StatusResponse(BaseModel):
+    success: bool

goosebit/api/routes.py

@@ -1,19 +1,9 @@
 from fastapi import APIRouter, Depends
 
-from goosebit.api import devices, download, firmware, rollouts
-from goosebit.auth import authenticate_api_session
+from goosebit.auth import validate_current_user
 
-# main router that requires authentication
-main_router = APIRouter(prefix="/api", dependencies=[Depends(authenticate_api_session)], tags=["api"])
-main_router.include_router(firmware.router)
-main_router.include_router(devices.router)
-main_router.include_router(rollouts.router)
+from . import telemetry, v1
 
-# download router without authentication
-download_router = APIRouter(prefix="/api", tags=["api"])
-download_router.include_router(download.router)
-
-# include both routers
-router = APIRouter()
-router.include_router(main_router)
-router.include_router(download_router)
+router = APIRouter(prefix="/api", dependencies=[Depends(validate_current_user)])
+router.include_router(telemetry.router)
+router.include_router(v1.router)

goosebit/api/telemetry/__init__.py

@@ -0,0 +1 @@
+from .routes import router  # noqa: F401

goosebit/{telemetry/__init__.py → api/telemetry/metrics.py}

@@ -2,13 +2,19 @@ from opentelemetry import metrics
 from opentelemetry.sdk.metrics import MeterProvider
 from opentelemetry.sdk.resources import SERVICE_NAME, Resource
 
-from goosebit import settings
+from goosebit.settings import USERS, config
 
 from . import prometheus
 
+readers = []
+
+if config.metrics.prometheus.enable:
+    readers.append(prometheus.reader)
+
+
 resource = Resource(attributes={SERVICE_NAME: "goosebit"})
 
-provider = MeterProvider(resource=resource, metric_readers=[prometheus.reader])
+provider = MeterProvider(resource=resource, metric_readers=readers)
 metrics.set_meter_provider(provider)
 
 meter = metrics.get_meter("goosebit.meter")
@@ -25,4 +31,4 @@ users_count = meter.create_gauge(
 
 
 async def init():
-    users_count.set(len(settings.USERS))
+    users_count.set(len(USERS))

goosebit/api/telemetry/prometheus/__init__.py

@@ -0,0 +1,2 @@
+from .readers import reader  # noqa: F401
+from .routes import router  # noqa: F401

goosebit/api/telemetry/prometheus/readers.py

@@ -0,0 +1,3 @@
+from opentelemetry.exporter.prometheus import PrometheusMetricReader
+
+reader = PrometheusMetricReader()

goosebit/api/telemetry/prometheus/routes.py

@@ -0,0 +1,18 @@
+from fastapi import APIRouter, Header
+from fastapi.requests import Request
+from fastapi.responses import Response
+from prometheus_client import REGISTRY
+from prometheus_client.exposition import _bake_output
+
+router = APIRouter(prefix="/prometheus", tags=["prometheus"])
+
+
+@router.get("/metrics")
+async def metrics(
+    request: Request, accept: list[str] = Header(None), accept_encoding: list[str] = Header(None)
+) -> Response:
+    status, http_headers, output = _bake_output(
+        REGISTRY, ",".join(accept), ",".join(accept_encoding), request.query_params, False
+    )
+    headers = {h[0]: h[1] for h in http_headers}
+    return Response(content=output, headers=headers)

goosebit/api/telemetry/routes.py

@@ -0,0 +1,9 @@
+from fastapi import APIRouter
+
+from goosebit.settings import config
+
+from . import prometheus
+
+router = APIRouter(prefix="/telemetry")
+if config.metrics.prometheus.enable:
+    router.include_router(prometheus.router)

goosebit/api/v1/__init__.py

@@ -0,0 +1 @@
+from .routes import router  # noqa: F401

goosebit/api/v1/devices/__init__.py

@@ -0,0 +1 @@
+from .routes import router  # noqa : F401

goosebit/api/v1/devices/device/__init__.py

@@ -0,0 +1 @@
+from .routes import router  # noqa : F401

goosebit/api/v1/devices/device/responses.py

@@ -0,0 +1,13 @@
+from __future__ import annotations
+
+from pydantic import BaseModel
+
+from goosebit.schema.devices import DeviceSchema
+
+
+class DeviceLogResponse(BaseModel):
+    log: str | None
+
+
+class DeviceResponse(DeviceSchema):
+    pass

goosebit/api/v1/devices/device/routes.py

@@ -0,0 +1,27 @@
+from __future__ import annotations
+
+from fastapi import APIRouter, Depends, Security
+from fastapi.requests import Request
+
+from goosebit.api.v1.devices.device.responses import DeviceLogResponse, DeviceResponse
+from goosebit.auth import validate_user_permissions
+from goosebit.updater.manager import UpdateManager, get_update_manager
+
+router = APIRouter(prefix="/{dev_id}")
+
+
+@router.get(
+    "",
+    dependencies=[Security(validate_user_permissions, scopes=["home.read"])],
+)
+async def device_get(_: Request, updater: UpdateManager = Depends(get_update_manager)) -> DeviceResponse:
+    return await DeviceResponse.convert(await updater.get_device())
+
+
+@router.get(
+    "/log",
+    dependencies=[Security(validate_user_permissions, scopes=["home.read"])],
+)
+async def device_logs(_: Request, updater: UpdateManager = Depends(get_update_manager)) -> DeviceLogResponse:
+    device = await updater.get_device()
+    return DeviceLogResponse(log=device.last_log)

goosebit/api/v1/devices/requests.py

@@ -0,0 +1,7 @@
+from __future__ import annotations
+
+from pydantic import BaseModel
+
+
+class DevicesDeleteRequest(BaseModel):
+    devices: list[str]

goosebit/api/v1/devices/responses.py

@@ -0,0 +1,16 @@
+from __future__ import annotations
+
+import asyncio
+
+from pydantic import BaseModel
+
+from goosebit.db.models import Device
+from goosebit.schema.devices import DeviceSchema
+
+
+class DevicesResponse(BaseModel):
+    devices: list[DeviceSchema]
+
+    @classmethod
+    async def convert(cls, devices: list[Device]):
+        return cls(devices=await asyncio.gather(*[DeviceSchema.convert(d) for d in devices]))

goosebit/api/v1/devices/routes.py

@@ -0,0 +1,35 @@
+from __future__ import annotations
+
+from fastapi import APIRouter, Security
+from fastapi.requests import Request
+
+from goosebit.api.responses import StatusResponse
+from goosebit.auth import validate_user_permissions
+from goosebit.db.models import Device
+from goosebit.updater.manager import delete_devices
+
+from . import device
+from .requests import DevicesDeleteRequest
+from .responses import DevicesResponse
+
+router = APIRouter(prefix="/devices", tags=["devices"])
+
+
+@router.get(
+    "",
+    dependencies=[Security(validate_user_permissions, scopes=["home.read"])],
+)
+async def devices_get(_: Request) -> DevicesResponse:
+    return await DevicesResponse.convert(await Device.all().prefetch_related("assigned_software", "hardware"))
+
+
+@router.delete(
+    "",
+    dependencies=[Security(validate_user_permissions, scopes=["device.delete"])],
+)
+async def devices_delete(_: Request, config: DevicesDeleteRequest) -> StatusResponse:
+    await delete_devices(config.devices)
+    return StatusResponse(success=True)
+
+
+router.include_router(device.router)

goosebit/api/v1/download/__init__.py

@@ -0,0 +1 @@
+from .routes import router  # noqa : F401

goosebit/api/v1/download/routes.py

@@ -0,0 +1,22 @@
+from fastapi import APIRouter, HTTPException
+from fastapi.requests import Request
+from fastapi.responses import FileResponse, RedirectResponse
+
+from goosebit.db.models import Software
+
+router = APIRouter(prefix="/download", tags=["download"])
+
+
+@router.get("/{file_id}")
+async def download_file(_: Request, file_id: int):
+    software = await Software.get_or_none(id=file_id)
+    if software is None:
+        raise HTTPException(404)
+    if software.local:
+        return FileResponse(
+            software.path,
+            media_type="application/octet-stream",
+            filename=software.path.name,
+        )
+    else:
+        return RedirectResponse(url=software.uri)

goosebit/api/v1/rollouts/__init__.py

@@ -0,0 +1 @@
+from .routes import router  # noqa: F401

goosebit/api/v1/rollouts/requests.py

@@ -0,0 +1,16 @@
+from pydantic import BaseModel
+
+
+class RolloutsPutRequest(BaseModel):
+    name: str
+    feed: str
+    software_id: int
+
+
+class RolloutsPatchRequest(BaseModel):
+    ids: list[int]
+    paused: bool
+
+
+class RolloutsDeleteRequest(BaseModel):
+    ids: list[int]

goosebit/api/v1/rollouts/responses.py

@@ -0,0 +1,19 @@
+import asyncio
+
+from pydantic import BaseModel
+
+from goosebit.api.responses import StatusResponse
+from goosebit.db.models import Rollout
+from goosebit.schema.rollouts import RolloutSchema
+
+
+class RolloutsPutResponse(StatusResponse):
+    id: int
+
+
+class RolloutsResponse(BaseModel):
+    rollouts: list[RolloutSchema]
+
+    @classmethod
+    async def convert(cls, devices: list[Rollout]):
+        return cls(rollouts=await asyncio.gather(*[RolloutSchema.convert(d) for d in devices]))

goosebit/api/v1/rollouts/routes.py

@@ -0,0 +1,50 @@
+from fastapi import APIRouter, Security
+from fastapi.requests import Request
+
+from goosebit.api.responses import StatusResponse
+from goosebit.auth import validate_user_permissions
+from goosebit.db.models import Rollout
+
+from .requests import RolloutsDeleteRequest, RolloutsPatchRequest, RolloutsPutRequest
+from .responses import RolloutsPutResponse, RolloutsResponse
+
+router = APIRouter(prefix="/rollouts", tags=["rollouts"])
+
+
+@router.get(
+    "",
+    dependencies=[Security(validate_user_permissions, scopes=["rollout.read"])],
+)
+async def rollouts_get(_: Request) -> RolloutsResponse:
+    return await RolloutsResponse.convert(await Rollout.all().prefetch_related("software"))
+
+
+@router.post(
+    "",
+    dependencies=[Security(validate_user_permissions, scopes=["rollout.write"])],
+)
+async def rollouts_put(_: Request, rollout: RolloutsPutRequest) -> RolloutsPutResponse:
+    rollout = await Rollout.create(
+        name=rollout.name,
+        feed=rollout.feed,
+        software_id=rollout.software_id,
+    )
+    return RolloutsPutResponse(success=True, id=rollout.id)
+
+
+@router.patch(
+    "",
+    dependencies=[Security(validate_user_permissions, scopes=["rollout.write"])],
+)
+async def rollouts_patch(_: Request, rollouts: RolloutsPatchRequest) -> StatusResponse:
+    await Rollout.filter(id__in=rollouts.ids).update(paused=rollouts.paused)
+    return StatusResponse(success=True)
+
+
+@router.delete(
+    "",
+    dependencies=[Security(validate_user_permissions, scopes=["rollout.delete"])],
+)
+async def rollouts_delete(_: Request, rollouts: RolloutsDeleteRequest) -> StatusResponse:
+    await Rollout.filter(id__in=rollouts.ids).delete()
+    return StatusResponse(success=True)

goosebit/api/v1/routes.py

@@ -0,0 +1,9 @@
+from fastapi import APIRouter
+
+from . import devices, download, rollouts, software
+
+router = APIRouter(prefix="/v1")
+router.include_router(software.router)
+router.include_router(devices.router)
+router.include_router(rollouts.router)
+router.include_router(download.router)

goosebit/api/v1/software/__init__.py

@@ -0,0 +1 @@
+from .routes import router  # noqa: F401

goosebit/api/v1/software/requests.py

@@ -0,0 +1,5 @@
+from pydantic import BaseModel
+
+
+class SoftwareDeleteRequest(BaseModel):
+    software_ids: list[int]

goosebit/api/v1/software/responses.py

@@ -0,0 +1,16 @@
+from __future__ import annotations
+
+import asyncio
+
+from pydantic import BaseModel
+
+from goosebit.db.models import Software
+from goosebit.schema.software import SoftwareSchema
+
+
+class SoftwareResponse(BaseModel):
+    software: list[SoftwareSchema]
+
+    @classmethod
+    async def convert(cls, software: list[Software]):
+        return cls(software=await asyncio.gather(*[SoftwareSchema.convert(f) for f in software]))

goosebit/api/v1/software/routes.py

@@ -0,0 +1,77 @@
+from pathlib import Path
+
+import aiofiles
+from fastapi import APIRouter, File, Form, HTTPException, Security, UploadFile
+from fastapi.requests import Request
+
+from goosebit.api.responses import StatusResponse
+from goosebit.auth import validate_user_permissions
+from goosebit.db.models import Rollout, Software
+from goosebit.settings import config
+from goosebit.updates import create_software_update
+
+from .requests import SoftwareDeleteRequest
+from .responses import SoftwareResponse
+
+router = APIRouter(prefix="/software", tags=["software"])
+
+
+@router.get(
+    "",
+    dependencies=[Security(validate_user_permissions, scopes=["software.read"])],
+)
+async def software_get(_: Request) -> SoftwareResponse:
+    return await SoftwareResponse.convert(await Software.all().prefetch_related("compatibility"))
+
+
+@router.delete(
+    "",
+    dependencies=[Security(validate_user_permissions, scopes=["software.delete"])],
+)
+async def software_delete(_: Request, delete_req: SoftwareDeleteRequest) -> StatusResponse:
+    success = False
+    for software_id in delete_req.software_ids:
+        software = await Software.get_or_none(id=software_id)
+
+        if software is None:
+            continue
+
+        rollout_count = await Rollout.filter(software=software).count()
+        if rollout_count > 0:
+            raise HTTPException(409, "Software is referenced by rollout")
+
+        if software.local:
+            path = software.path
+            if path.exists():
+                path.unlink()
+
+        await software.delete()
+        success = True
+    return StatusResponse(success=success)
+
+
+@router.post(
+    "",
+    dependencies=[Security(validate_user_permissions, scopes=["software.write"])],
+)
+async def post_update(_: Request, file: UploadFile | None = File(None), url: str | None = Form(None)):
+    if url is not None:
+        # remote file
+        software = await Software.get_or_none(uri=url)
+        if software is not None:
+            rollout_count = await Rollout.filter(software=software).count()
+            if rollout_count == 0:
+                await software.delete()
+            else:
+                raise HTTPException(409, "Software with same URL already exists and is referenced by rollout")
+
+        software = await create_software_update(url, None)
+    else:
+        # local file
+        file_path = config.artifacts_dir.joinpath(file.filename)
+
+        async with aiofiles.tempfile.NamedTemporaryFile("w+b") as f:
+            await f.write(await file.read())
+            software = await create_software_update(file_path.absolute().as_uri(), Path(f.name))
+
+    return {"id": software.id}