Reformat NBI to standardized format
[osm/NBI.git] / osm_nbi / html_out.py
index efb3945..2d5a929 100644 (file)
@@ -26,7 +26,8 @@ html_start = """
 <html>
 <head>
   <link href="/osm/static/style.css" rel="stylesheet">
-<title>Welcome to OSM</title>
+  <title>Welcome to OSM</title>
+  <link rel="shortcut icon" href="/osm/static/favicon.ico">
 </head>
 <body>
   <div id="osm_topmenu">
@@ -46,8 +47,9 @@ html_start = """
       <a href="/osm/admin/v1/vim_accounts">VIMs </a>
       <a href="/osm/admin/v1/wim_accounts">WIMs </a>
       <a href="/osm/admin/v1/sdns">SDNs </a>
-      <a href="/osm/admin/v1/k8sclusters">K8s_cluseters </a>
+      <a href="/osm/admin/v1/k8sclusters">K8s_clusters </a>
       <a href="/osm/admin/v1/k8srepos">K8s_repos </a>
+      <a href="/osm/nslcm/v1/subscriptions">NS_Subs </a>
       <a href="/osm/admin/v1/tokens?METHOD=DELETE">logout </a>
     </div>
   </div>
@@ -71,6 +73,7 @@ html_auth2 = """
 <head><META http-equiv="Content-Type" content="text/html; charset=UTF-8">
   <link href="/osm/static/style.css" rel="stylesheet">
   <title>OSM Login</title>
+  <link rel="shortcut icon" href="/osm/static/favicon.ico">
 </head>
 <body>
   <div id="osm_header">
@@ -129,6 +132,13 @@ html_nsilcmop_body = """
 </form>
 """
 
+html_vnfpackage_body = (
+    """<a href="/osm/vnfpkgm/v1/vnf_packages/{id}/artifacts">Artifacts </a>"""
+)
+html_nspackage_body = (
+    """<a href="/osm/nsd/v1/ns_descriptors/{id}/artifacts">Artifacts </a>"""
+)
+
 
 def format(data, request, response, toke_info):
     """
@@ -138,18 +148,35 @@ def format(data, request, response, toke_info):
     :param response: cherrypy response
     :return: string with teh html response
     """
-    response.headers["Content-Type"] = 'text/html'
+    response.headers["Content-Type"] = "text/html"
     if response.status == HTTPStatus.UNAUTHORIZED.value:
-        if response.headers.get("WWW-Authenticate") and request.config.get("auth.allow_basic_authentication"):
-            response.headers["WWW-Authenticate"] = "Basic" + response.headers["WWW-Authenticate"][6:]
+        if response.headers.get("WWW-Authenticate") and request.config.get(
+            "auth.allow_basic_authentication"
+        ):
+            response.headers["WWW-Authenticate"] = (
+                "Basic" + response.headers["WWW-Authenticate"][6:]
+            )
             return
         else:
             return html_auth2.format(error=data)
     if request.path_info in ("/version", "/system"):
-        return "<pre>" + yaml.safe_dump(data, explicit_start=False, indent=4, default_flow_style=False) + "</pre>"
-    body = html_body.format(item=request.path_info)
+        return (
+            "<pre>"
+            + yaml.safe_dump(
+                data, explicit_start=False, indent=4, default_flow_style=False
+            )
+            + "</pre>"
+        )
+    body = html_body.format(item=html_escape(request.path_info))
     if response.status and response.status > 202:
-        body += html_body_error.format(yaml.safe_dump(data, explicit_start=True, indent=4, default_flow_style=False))
+        # input request.path_info (URL) can contain XSS that are translated into output error detail
+        body += html_body_error.format(
+            html_escape(
+                yaml.safe_dump(
+                    data, explicit_start=True, indent=4, default_flow_style=False
+                )
+            )
+        )
     elif isinstance(data, (list, tuple)):
         if request.path_info == "/vnfpkgm/v1/vnf_packages":
             body += html_upload_body.format(request.path_info + "_content", "VNFD")
@@ -162,24 +189,42 @@ def format(data, request, response, toke_info):
                 data_id = k.pop("_id", None)
             elif isinstance(k, str):
                 data_id = k
-            body += '<p> <a href="/osm/{url}/{id}">{id}</a>: {t} </p>'.format(url=request.path_info, id=data_id,
-                                                                              t=html_escape(str(k)))
+            body += '<p> <a href="/osm/{url}/{id}">{id}</a>: {t} </p>'.format(
+                url=request.path_info, id=data_id, t=html_escape(str(k))
+            )
     elif isinstance(data, dict):
         if "Location" in response.headers:
             body += '<a href="{}"> show </a>'.format(response.headers["Location"])
         else:
-            body += '<a href="/osm/{}?METHOD=DELETE"> <img src="/osm/static/delete.png" height="25" width="25"> </a>'\
-                .format(request.path_info)
-            if request.path_info.startswith("/nslcm/v1/ns_instances_content/") or \
-                    request.path_info.startswith("/nslcm/v1/ns_instances/"):
-                _id = request.path_info[request.path_info.rfind("/")+1:]
+            _id = request.path_info[request.path_info.rfind("/") + 1 :]
+            body += '<a href="/osm/{}?METHOD=DELETE"> <img src="/osm/static/delete.png" height="25" width="25"> </a>'.format(
+                request.path_info
+            )
+            if request.path_info.startswith(
+                "/nslcm/v1/ns_instances_content/"
+            ) or request.path_info.startswith("/nslcm/v1/ns_instances/"):
                 body += html_nslcmop_body.format(id=_id)
-            elif request.path_info.startswith("/nsilcm/v1/netslice_instances_content/") or \
-                    request.path_info.startswith("/nsilcm/v1/netslice_instances/"):
-                _id = request.path_info[request.path_info.rfind("/")+1:]
+            elif request.path_info.startswith(
+                "/nsilcm/v1/netslice_instances_content/"
+            ) or request.path_info.startswith("/nsilcm/v1/netslice_instances/"):
                 body += html_nsilcmop_body.format(id=_id)
-        body += "<pre>" + html_escape(yaml.safe_dump(data, explicit_start=True, indent=4, default_flow_style=False)) + \
-                "</pre>"
+            elif request.path_info.startswith(
+                "/vnfpkgm/v1/vnf_packages/"
+            ) or request.path_info.startswith("/vnfpkgm/v1/vnf_packages_content/"):
+                body += html_vnfpackage_body.format(id=_id)
+            elif request.path_info.startswith(
+                "/nsd/v1/ns_descriptors/"
+            ) or request.path_info.startswith("/nsd/v1/ns_descriptors_content/"):
+                body += html_nspackage_body.format(id=_id)
+        body += (
+            "<pre>"
+            + html_escape(
+                yaml.safe_dump(
+                    data, explicit_start=True, indent=4, default_flow_style=False
+                )
+            )
+            + "</pre>"
+        )
     elif data is None:
         if request.method == "DELETE" or "METHOD=DELETE" in request.query_string:
             body += "<pre> deleted </pre>"