X-Git-Url: https://osm.etsi.org/gitweb/?a=blobdiff_plain;f=osm_nbi%2Fnbi.py;h=8f995f5c748a6ee5d83da80efc392d23bead16e4;hb=c96fd6946c24dacce83fe5a14f95ab88ac54bb38;hp=1085ebc6e1fefa51e2dde66d35a1517df8385a15;hpb=9c63011a8f3ff8f42ad90359323606b9aa9f2e7a;p=osm%2FNBI.git diff --git a/osm_nbi/nbi.py b/osm_nbi/nbi.py index 1085ebc..8f995f5 100644 --- a/osm_nbi/nbi.py +++ b/osm_nbi/nbi.py @@ -481,7 +481,7 @@ class Server(object): cherrypy.request.headers.pop("Content-File-MD5", None) elif "application/yaml" in cherrypy.request.headers["Content-Type"]: error_text = "Invalid yaml format " - indata = yaml.load(cherrypy.request.body) + indata = yaml.load(cherrypy.request.body, Loader=yaml.SafeLoader) cherrypy.request.headers.pop("Content-File-MD5", None) elif "application/binary" in cherrypy.request.headers["Content-Type"] or \ "application/gzip" in cherrypy.request.headers["Content-Type"] or \ @@ -501,11 +501,11 @@ class Server(object): # "Only 'Content-Type' of type 'application/json' or # 'application/yaml' for input format are available") error_text = "Invalid yaml format " - indata = yaml.load(cherrypy.request.body) + indata = yaml.load(cherrypy.request.body, Loader=yaml.SafeLoader) cherrypy.request.headers.pop("Content-File-MD5", None) else: error_text = "Invalid yaml format " - indata = yaml.load(cherrypy.request.body) + indata = yaml.load(cherrypy.request.body, Loader=yaml.SafeLoader) cherrypy.request.headers.pop("Content-File-MD5", None) if not indata: indata = {} @@ -520,7 +520,7 @@ class Server(object): kwargs[k] = None elif format_yaml: try: - kwargs[k] = yaml.load(v) + kwargs[k] = yaml.load(v, Loader=yaml.SafeLoader) except Exception: pass elif k.endswith(".gt") or k.endswith(".lt") or k.endswith(".gte") or k.endswith(".lte"): @@ -539,7 +539,7 @@ class Server(object): v[index] = None elif format_yaml: try: - v[index] = yaml.load(v[index]) + v[index] = yaml.load(v[index], Loader=yaml.SafeLoader) except Exception: pass @@ -557,7 +557,7 @@ class Server(object): return string of dictionary data according to requested json, yaml, xml. By default json :param data: response to be sent. Can be a dict, text or file :param token_info: Contains among other username and project - :param _format: The format to be set as Content-Type ir data is a file + :param _format: The format to be set as Content-Type if data is a file :return: None """ accept = cherrypy.request.headers.get("Accept") @@ -621,7 +621,8 @@ class Server(object): elif args or kwargs: raise NbiException("Invalid URL or query string for version", HTTPStatus.METHOD_NOT_ALLOWED) # TODO include version of other modules, pick up from some kafka admin message - return "
NBI:\n version: {}\n date: {}\n".format(nbi_version, nbi_version_date) + osm_nbi_version = {"version": nbi_version, "date": nbi_version_date} + return self._format_out(osm_nbi_version) except NbiException as e: cherrypy.response.status = e.http_code.value problem_details = { @@ -754,14 +755,14 @@ class Server(object): return_text = "{} ->\n".format(main_topic) try: if cherrypy.request.method == 'POST': - to_send = yaml.load(cherrypy.request.body) + to_send = yaml.load(cherrypy.request.body, Loader=yaml.SafeLoader) for k, v in to_send.items(): self.engine.msg.write(main_topic, k, v) return_text += " {}: {}\n".format(k, v) elif cherrypy.request.method == 'GET': for k, v in kwargs.items(): - self.engine.msg.write(main_topic, k, yaml.load(v)) - return_text += " {}: {}\n".format(k, yaml.load(v)) + self.engine.msg.write(main_topic, k, yaml.load(v), Loader=yaml.SafeLoader) + return_text += " {}: {}\n".format(k, yaml.load(v), Loader=yaml.SafeLoader) except Exception as e: return_text += "Error: " + str(e) return_text += "\n" @@ -860,7 +861,8 @@ class Server(object): method: show, list, delete, write """ admin_query = {"force": False, "project_id": (token_info["project_id"], ), "username": token_info["username"], - "admin": token_info["admin"], "public": None} + "admin": token_info["admin"], "public": None, + "allow_show_user_project_role": token_info["allow_show_user_project_role"]} if kwargs: # FORCE if "FORCE" in kwargs: @@ -943,8 +945,7 @@ class Server(object): query_string_operations = self._extract_query_string_operations(kwargs, method) if main_topic == "admin" and topic == "tokens": return self.token(method, _id, kwargs) - - token_info = self.authenticator.authorize(role_permission, query_string_operations) + token_info = self.authenticator.authorize(role_permission, query_string_operations, _id) engine_session = self._manage_admin_query(token_info, kwargs, method, _id) indata = self._format_in(kwargs) engine_topic = topic