goosebit 0.1.2__py3-none-any.whl → 0.2.1__py3-none-any.whl

goosebit/settings/const.py

@@ -0,0 +1,21 @@
+import os
+from pathlib import Path
+
+from argon2 import PasswordHasher
+
+GOOSEBIT_ROOT_DIR = Path(__file__).resolve().parent.parent.parent
+CURRENT_DIR = Path(os.getcwd())
+
+PWD_CXT = PasswordHasher()
+
+LOGGING_DEFAULT = {
+    "version": 1,
+    "formatters": {"simple": {"format": "%(asctime)s - %(name)s - %(levelname)s - %(message)s"}},
+    "handlers": {"console": {"class": "logging.StreamHandler", "formatter": "simple", "level": "DEBUG"}},
+    "loggers": {
+        "tortoise": {"handlers": ["console"], "level": "WARNING", "propagate": True},
+        "aiosqlite": {"handlers": ["console"], "level": "WARNING", "propagate": True},
+        "multipart": {"handlers": ["console"], "level": "INFO", "propagate": True},
+    },
+    "root": {"level": "INFO", "handlers": ["console"]},
+}

goosebit/settings/schema.py

@@ -0,0 +1,86 @@
+import os
+import secrets
+from pathlib import Path
+from typing import Annotated
+
+from joserfc.rfc7518.oct_key import OctKey
+from pydantic import BaseModel, BeforeValidator, Field
+from pydantic_settings import (
+    BaseSettings,
+    PydanticBaseSettingsSource,
+    SettingsConfigDict,
+    YamlConfigSettingsSource,
+)
+
+from .const import CURRENT_DIR, GOOSEBIT_ROOT_DIR, LOGGING_DEFAULT, PWD_CXT
+
+
+class User(BaseModel):
+    username: str
+    hashed_pwd: Annotated[str, BeforeValidator(PWD_CXT.hash)] = Field(validation_alias="password")
+    permissions: set[str]
+
+    def get_json_permissions(self):
+        return [str(p) for p in self.permissions]
+
+
+class PrometheusSettings(BaseModel):
+    enable: bool = False
+
+
+class MetricsSettings(BaseModel):
+    prometheus: PrometheusSettings = PrometheusSettings()
+
+
+class GooseBitSettings(BaseSettings):
+    model_config = SettingsConfigDict(env_prefix="GOOSEBIT_")
+
+    port: int = 60053  # GOOSE
+
+    poll_time_default: str = "00:01:00"
+    poll_time_updating: str = "00:00:05"
+    poll_time_registration: str = "00:00:10"
+
+    secret_key: Annotated[OctKey, BeforeValidator(OctKey.import_key)] = secrets.token_hex(16)
+
+    users: list[User] = []
+
+    db_uri: str = f"sqlite:///{GOOSEBIT_ROOT_DIR.joinpath('db.sqlite3')}"
+    artifacts_dir: Path = GOOSEBIT_ROOT_DIR.joinpath("artifacts")
+
+    metrics: MetricsSettings = MetricsSettings()
+
+    logging: dict = LOGGING_DEFAULT
+
+    @classmethod
+    def settings_customise_sources(
+        cls,
+        settings_cls: type[BaseSettings],
+        init_settings: PydanticBaseSettingsSource,
+        env_settings: PydanticBaseSettingsSource,
+        dotenv_settings: PydanticBaseSettingsSource,
+        file_secret_settings: PydanticBaseSettingsSource,
+    ) -> tuple[PydanticBaseSettingsSource, ...]:
+        settings_sources = [env_settings]
+        config_files = []
+
+        if (path := os.getenv("GOOSEBIT_SETTINGS")) is not None:
+            config_files.append(Path(path))
+
+        config_files.extend(
+            [
+                CURRENT_DIR.joinpath("goosebit.yaml"),
+                GOOSEBIT_ROOT_DIR.joinpath("goosebit.yaml"),
+                Path("/etc/goosebit.yaml"),
+            ]
+        )
+
+        cls.config_file = None
+        for config_file in config_files:
+            if config_file.exists():
+                settings_sources.append(
+                    YamlConfigSettingsSource(settings_cls, config_file),
+                )
+                cls.config_file = config_file
+                break
+        return tuple(settings_sources)

goosebit/ui/bff/__init__.py

@@ -0,0 +1 @@
+from .routes import router  # noqa: F401

goosebit/ui/bff/devices/__init__.py

@@ -0,0 +1 @@
+from .routes import router  # noqa: F401

goosebit/ui/bff/devices/requests.py

@@ -0,0 +1,12 @@
+from __future__ import annotations
+
+from pydantic import BaseModel
+
+
+class DevicesPatchRequest(BaseModel):
+    devices: list[str]
+    software: str | None = None
+    name: str | None = None
+    pinned: bool | None = None
+    feed: str | None = None
+    force_update: bool | None = None

goosebit/ui/bff/devices/responses.py

@@ -0,0 +1,39 @@
+from __future__ import annotations
+
+import asyncio
+
+from fastapi.requests import Request
+from pydantic import BaseModel, Field
+
+from goosebit.schema.devices import DeviceSchema
+
+
+class BFFDeviceResponse(BaseModel):
+    data: list[DeviceSchema]
+    draw: int
+    records_total: int = Field(serialization_alias="recordsTotal")
+    records_filtered: int = Field(serialization_alias="recordsFiltered")
+
+    @classmethod
+    async def convert(cls, request: Request, query, search_filter, total_records):
+        params = request.query_params
+
+        draw = int(params.get("draw", 1))
+        start = int(params.get("start", 0))
+        length = int(params.get("length", 10))
+        search_value = params.get("search[value]", None)
+        order_column_index = params.get("order[0][column]", None)
+        order_column = params.get(f"columns[{order_column_index}][data]", None)
+        order_dir = params.get("order[0][dir]", None)
+
+        if search_value:
+            query = query.filter(search_filter(search_value))
+
+        if order_column:
+            query = query.order_by(f"{'-' if order_dir == 'desc' else ''}{order_column}")
+
+        filtered_records = await query.count()
+        devices = await query.offset(start).limit(length).all()
+        data = await asyncio.gather(*[DeviceSchema.convert(d) for d in devices])
+
+        return cls(data=data, draw=draw, records_total=total_records, records_filtered=filtered_records)

goosebit/ui/bff/devices/routes.py

@@ -0,0 +1,72 @@
+from __future__ import annotations
+
+from fastapi import APIRouter, Security
+from fastapi.requests import Request
+from tortoise.expressions import Q
+
+from goosebit.api.responses import StatusResponse
+from goosebit.api.v1.devices import routes
+from goosebit.auth import validate_user_permissions
+from goosebit.db.models import Device, Software, UpdateModeEnum, UpdateStateEnum
+from goosebit.updater.manager import get_update_manager
+
+from .requests import DevicesPatchRequest
+from .responses import BFFDeviceResponse
+
+router = APIRouter(prefix="/devices")
+
+
+@router.get(
+    "",
+    dependencies=[Security(validate_user_permissions, scopes=["home.read"])],
+)
+async def devices_get(request: Request) -> BFFDeviceResponse:
+    def search_filter(search_value):
+        return (
+            Q(uuid__icontains=search_value)
+            | Q(name__icontains=search_value)
+            | Q(feed__icontains=search_value)
+            | Q(sw_version__icontains=search_value)
+            | Q(update_mode=int(UpdateModeEnum.from_str(search_value)))
+            | Q(last_state=int(UpdateStateEnum.from_str(search_value)))
+        )
+
+    query = Device.all().prefetch_related("assigned_software", "hardware")
+    total_records = await Device.all().count()
+
+    return await BFFDeviceResponse.convert(request, query, search_filter, total_records)
+
+
+@router.patch(
+    "",
+    dependencies=[Security(validate_user_permissions, scopes=["device.write"])],
+)
+async def devices_patch(_: Request, config: DevicesPatchRequest) -> StatusResponse:
+    for uuid in config.devices:
+        updater = await get_update_manager(uuid)
+        if config.software is not None:
+            if config.software == "rollout":
+                await updater.update_update(UpdateModeEnum.ROLLOUT, None)
+            elif config.software == "latest":
+                await updater.update_update(UpdateModeEnum.LATEST, None)
+            else:
+                software = await Software.get_or_none(id=config.software)
+                await updater.update_update(UpdateModeEnum.ASSIGNED, software)
+        if config.pinned is not None:
+            await updater.update_update(UpdateModeEnum.PINNED, None)
+        if config.name is not None:
+            await updater.update_name(config.name)
+        if config.feed is not None:
+            await updater.update_feed(config.feed)
+        if config.force_update is not None:
+            await updater.update_force_update(config.force_update)
+    return StatusResponse(success=True)
+
+
+router.add_api_route(
+    "",
+    routes.devices_delete,
+    methods=["DELETE"],
+    dependencies=[Security(validate_user_permissions, scopes=["device.delete"])],
+    name="bff_devices_delete",
+)

goosebit/ui/bff/download/__init__.py

@@ -0,0 +1 @@
+from .routes import router  # noqa : F401

goosebit/ui/bff/download/routes.py

@@ -0,0 +1,22 @@
+from fastapi import APIRouter, HTTPException
+from fastapi.requests import Request
+from fastapi.responses import FileResponse, RedirectResponse
+
+from goosebit.db.models import Software
+
+router = APIRouter(prefix="/download", tags=["download"])
+
+
+@router.get("/{file_id}")
+async def download_file(_: Request, file_id: int):
+    software = await Software.get_or_none(id=file_id)
+    if software is None:
+        raise HTTPException(404)
+    if software.local:
+        return FileResponse(
+            software.path,
+            media_type="application/octet-stream",
+            filename=software.path.name,
+        )
+    else:
+        return RedirectResponse(url=software.uri)

goosebit/ui/bff/rollouts/__init__.py

@@ -0,0 +1 @@
+from .routes import router  # noqa: F401

goosebit/ui/bff/rollouts/responses.py

@@ -0,0 +1,37 @@
+import asyncio
+
+from fastapi.requests import Request
+from pydantic import BaseModel, Field
+
+from goosebit.schema.rollouts import RolloutSchema
+
+
+class BFFRolloutsResponse(BaseModel):
+    data: list[RolloutSchema]
+    draw: int
+    records_total: int = Field(serialization_alias="recordsTotal")
+    records_filtered: int = Field(serialization_alias="recordsFiltered")
+
+    @classmethod
+    async def convert(cls, request: Request, query, search_filter, total_records):
+        params = request.query_params
+
+        draw = int(params.get("draw", 1))
+        start = int(params.get("start", 0))
+        length = int(params.get("length", 10))
+        search_value = params.get("search[value]", None)
+        order_column_index = params.get("order[0][column]", None)
+        order_column = params.get(f"columns[{order_column_index}][data]", None)
+        order_dir = params.get("order[0][dir]", None)
+
+        if search_value:
+            query = query.filter(search_filter(search_value))
+
+        if order_column:
+            query = query.order_by(f"{'-' if order_dir == 'desc' else ''}{order_column}")
+
+        filtered_records = await query.count()
+        rollouts = await query.offset(start).limit(length).all()
+        data = await asyncio.gather(*[RolloutSchema.convert(r) for r in rollouts])
+
+        return cls(data=data, draw=draw, records_total=total_records, records_filtered=filtered_records)

goosebit/ui/bff/rollouts/routes.py

@@ -0,0 +1,52 @@
+from fastapi import APIRouter, Security
+from fastapi.requests import Request
+from tortoise.expressions import Q
+
+from goosebit.api.v1.rollouts import routes
+from goosebit.auth import validate_user_permissions
+from goosebit.db.models import Rollout
+
+from .responses import BFFRolloutsResponse
+
+router = APIRouter(prefix="/rollouts")
+
+
+@router.get(
+    "",
+    dependencies=[Security(validate_user_permissions, scopes=["rollout.read"])],
+)
+async def rollouts_get(request: Request) -> BFFRolloutsResponse:
+    def search_filter(search_value):
+        return Q(name__icontains=search_value) | Q(feed__icontains=search_value)
+
+    query = Rollout.all().prefetch_related("software")
+    total_records = await Rollout.all().count()
+
+    return await BFFRolloutsResponse.convert(request, query, search_filter, total_records)
+
+
+router.add_api_route(
+    "",
+    routes.rollouts_put,
+    methods=["POST"],
+    dependencies=[Security(validate_user_permissions, scopes=["rollout.write"])],
+    name="bff_rollouts_post",
+)
+
+
+router.add_api_route(
+    "",
+    routes.rollouts_patch,
+    methods=["PATCH"],
+    dependencies=[Security(validate_user_permissions, scopes=["rollout.write"])],
+    name="bff_rollouts_patch",
+)
+
+
+router.add_api_route(
+    "",
+    routes.rollouts_delete,
+    methods=["DELETE"],
+    dependencies=[Security(validate_user_permissions, scopes=["rollout.delete"])],
+    name="bff_rollouts_delete",
+)

goosebit/ui/bff/routes.py

@@ -0,0 +1,11 @@
+from __future__ import annotations
+
+from fastapi import APIRouter
+
+from . import devices, download, rollouts, software
+
+router = APIRouter(prefix="/bff", tags=["bff"])
+router.include_router(devices.router)
+router.include_router(software.router)
+router.include_router(rollouts.router)
+router.include_router(download.router)

goosebit/ui/bff/software/__init__.py

@@ -0,0 +1 @@
+from .routes import router  # noqa: F401

goosebit/ui/bff/software/responses.py

@@ -0,0 +1,37 @@
+import asyncio
+
+from fastapi.requests import Request
+from pydantic import BaseModel, Field
+
+from goosebit.schema.software import SoftwareSchema
+
+
+class BFFSoftwareResponse(BaseModel):
+    data: list[SoftwareSchema]
+    draw: int
+    records_total: int = Field(serialization_alias="recordsTotal")
+    records_filtered: int = Field(serialization_alias="recordsFiltered")
+
+    @classmethod
+    async def convert(cls, request: Request, query, search_filter, total_records):
+        params = request.query_params
+
+        draw = int(params.get("draw", 1))
+        start = int(params.get("start", 0))
+        length = int(params.get("length", 10))
+        search_value = params.get("search[value]", None)
+        order_column_index = params.get("order[0][column]", None)
+        order_column = params.get(f"columns[{order_column_index}][data]", None)
+        order_dir = params.get("order[0][dir]", None)
+
+        if search_value:
+            query = query.filter(search_filter(search_value))
+
+        if order_column:
+            query = query.order_by(f"{'-' if order_dir == 'desc' else ''}{order_column}")
+
+        filtered_records = await query.count()
+        devices = await query.offset(start).limit(length).all()
+        data = await asyncio.gather(*[SoftwareSchema.convert(d) for d in devices])
+
+        return cls(data=data, draw=draw, records_total=total_records, records_filtered=filtered_records)

goosebit/ui/bff/software/routes.py

@@ -0,0 +1,83 @@
+from __future__ import annotations
+
+import aiofiles
+from fastapi import APIRouter, Form, HTTPException, Security, UploadFile
+from fastapi.requests import Request
+from tortoise.expressions import Q
+
+from goosebit.api.v1.software import routes
+from goosebit.auth import validate_user_permissions
+from goosebit.db.models import Rollout, Software
+from goosebit.settings import config
+from goosebit.updates import create_software_update
+
+from .responses import BFFSoftwareResponse
+
+router = APIRouter(prefix="/software")
+
+
+@router.get(
+    "",
+    dependencies=[Security(validate_user_permissions, scopes=["software.read"])],
+)
+async def software_get(request: Request) -> BFFSoftwareResponse:
+    def search_filter(search_value):
+        return Q(uri__icontains=search_value) | Q(version__icontains=search_value)
+
+    query = Software.all().prefetch_related("compatibility")
+    total_records = await Software.all().count()
+
+    return await BFFSoftwareResponse.convert(request, query, search_filter, total_records)
+
+
+router.add_api_route(
+    "",
+    routes.software_delete,
+    methods=["DELETE"],
+    dependencies=[Security(validate_user_permissions, scopes=["software.delete"])],
+    name="bff_software_delete",
+)
+
+
+@router.post(
+    "",
+    dependencies=[Security(validate_user_permissions, scopes=["software.write"])],
+)
+async def post_update(
+    request: Request,
+    url: str = Form(default=None),
+    chunk: UploadFile = Form(default=None),
+    init: bool = Form(default=None),
+    done: bool = Form(default=None),
+    filename: str = Form(default=None),
+):
+    if url is not None:
+        # remote file
+        software = await Software.get_or_none(uri=url)
+        if software is not None:
+            rollout_count = await Rollout.filter(software=software).count()
+            if rollout_count == 0:
+                await software.delete()
+            else:
+                raise HTTPException(409, "Software with same URL already exists and is referenced by rollout")
+
+        await create_software_update(url, None)
+    else:
+        # local file
+        file = config.artifacts_dir.joinpath(filename)
+        config.artifacts_dir.mkdir(parents=True, exist_ok=True)
+
+        temp_file = file.with_suffix(".tmp")
+        if init:
+            temp_file.unlink(missing_ok=True)
+
+        contents = await chunk.read()
+
+        async with aiofiles.open(temp_file, mode="ab") as f:
+            await f.write(contents)
+
+        if done:
+            try:
+                await create_software_update(file.absolute().as_uri(), temp_file)
+            finally:
+                temp_file.unlink(missing_ok=True)

goosebit/ui/nav.py

@@ -0,0 +1,16 @@
+class Navigation:
+    def __init__(self):
+        self.items = []
+
+    def route(self, text: str, permissions: str = None):
+        def decorator(func):
+            self.items.append({"function": func.__name__, "text": text, "permissions": permissions})
+            return func
+
+        return decorator
+
+    def get(self):
+        return self.items
+
+
+nav = Navigation()

goosebit/ui/routes.py

@@ -1,101 +1,64 @@
-import aiofiles
-from fastapi import APIRouter, Depends, Form, Security, UploadFile
+from fastapi import APIRouter, Depends, Security
 from fastapi.requests import Request
 from fastapi.responses import RedirectResponse
 from fastapi.security import OAuth2PasswordBearer
 
-from goosebit.auth import authenticate_session, validate_user_permissions
-from goosebit.models import Firmware
-from goosebit.permissions import Permissions
-from goosebit.settings import UPDATES_DIR
-from goosebit.ui.templates import templates
-from goosebit.updates import create_firmware_update
+from goosebit.auth import redirect_if_unauthenticated, validate_user_permissions
+from goosebit.ui.nav import nav
+
+from . import bff
+from .templates import templates
 
 oauth2_scheme = OAuth2PasswordBearer(tokenUrl="login")
 
-router = APIRouter(prefix="/ui", dependencies=[Depends(authenticate_session)], include_in_schema=False)
+router = APIRouter(prefix="/ui", dependencies=[Depends(redirect_if_unauthenticated)], include_in_schema=False)
+router.include_router(bff.router)
 
 
-@router.get("/")
+@router.get("")
 async def ui_root(request: Request):
     return RedirectResponse(request.url_for("home_ui"))
 
 
-@router.get(
-    "/firmware",
-    dependencies=[Security(validate_user_permissions, scopes=[Permissions.FIRMWARE.READ])],
-)
-async def firmware_ui(request: Request):
-    return templates.TemplateResponse(request, "firmware.html", context={"title": "Firmware"})
-
-
-@router.post(
-    "/upload/local",
-    dependencies=[Security(validate_user_permissions, scopes=[Permissions.FIRMWARE.WRITE])],
-)
-async def upload_update_local(
-    request: Request,
-    chunk: UploadFile = Form(...),
-    init: bool = Form(...),
-    done: bool = Form(...),
-    filename: str = Form(...),
-):
-    file = UPDATES_DIR.joinpath(filename)
-    firmware = await Firmware.get_or_none(uri=file.absolute().as_uri())
-    if firmware is not None:
-        await firmware.delete()
-
-    tmpfile = file.with_suffix(".tmp")
-    contents = await chunk.read()
-    if init:
-        file.unlink(missing_ok=True)
-
-    async with aiofiles.open(tmpfile, mode="ab") as f:
-        await f.write(contents)
-    if done:
-        tmpfile.replace(file)
-        await create_firmware_update(file.absolute().as_uri())
-
-
-@router.post(
-    "/upload/remote",
-    dependencies=[Security(validate_user_permissions, scopes=[Permissions.FIRMWARE.WRITE])],
-)
-async def upload_update_remote(request: Request, url: str = Form(...)):
-    firmware = await Firmware.get_or_none(uri=url)
-    if firmware is not None:
-        await firmware.delete()
-
-    await create_firmware_update(url)
-
-
 @router.get(
     "/home",
-    dependencies=[Security(validate_user_permissions, scopes=[Permissions.HOME.READ])],
+    dependencies=[Security(validate_user_permissions, scopes=["home.read"])],
 )
+@nav.route("Home", permissions=["home.read"])
 async def home_ui(request: Request):
-    return templates.TemplateResponse(request, "index.html", context={"title": "Home"})
+    return templates.TemplateResponse(request, "index.html.jinja", context={"title": "Home"})
 
 
 @router.get(
     "/devices",
-    dependencies=[Security(validate_user_permissions, scopes=[Permissions.DEVICE.READ])],
+    dependencies=[Security(validate_user_permissions, scopes=["device.read"])],
 )
+@nav.route("Devices", permissions=["device.read"])
 async def devices_ui(request: Request):
-    return templates.TemplateResponse(request, "devices.html", context={"title": "Devices"})
+    return templates.TemplateResponse(request, "devices.html.jinja", context={"title": "Devices"})
+
+
+@router.get(
+    "/software",
+    dependencies=[Security(validate_user_permissions, scopes=["software.read"])],
+)
+@nav.route("Software", permissions=["software.read"])
+async def software_ui(request: Request):
+    return templates.TemplateResponse(request, "software.html.jinja", context={"title": "Software"})
 
 
 @router.get(
     "/rollouts",
-    dependencies=[Security(validate_user_permissions, scopes=[Permissions.ROLLOUT.READ])],
+    dependencies=[Security(validate_user_permissions, scopes=["rollout.read"])],
 )
+@nav.route("Rollouts", permissions=["rollout.read"])
 async def rollouts_ui(request: Request):
-    return templates.TemplateResponse(request, "rollouts.html", context={"title": "Rollouts"})
+    return templates.TemplateResponse(request, "rollouts.html.jinja", context={"title": "Rollouts"})
 
 
 @router.get(
     "/logs/{dev_id}",
-    dependencies=[Security(validate_user_permissions, scopes=[Permissions.DEVICE.READ])],
+    dependencies=[Security(validate_user_permissions, scopes=["device.read"])],
 )
 async def logs_ui(request: Request, dev_id: str):
-    return templates.TemplateResponse(request, "logs.html", context={"title": "Log", "device": dev_id})
+    return templates.TemplateResponse(request, "logs.html.jinja", context={"title": "Log", "device": dev_id})