External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-02-21 13:10:11 -03:30
Code Issues Packages Projects Releases Wiki Activity

validate galaxy server settings

Browse Source 
involves some changes to the redact code
This commit is contained in:
AlanCoding
2019-08-27 11:32:35 -04:00
parent 093bf6877b
commit 8bda048e6d
2 changed files with 49 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
awx/main/conf.py
View File

@@ -762,4 +762,51 @@ def logging_validate(serializer, attrs):
return attrs return attrs
def galaxy_validate(serializer, attrs):
"""Ansible Galaxy config options have mutual exclusivity rules, these rules
are enforced here on serializer validation so that users will not be able
to save settings which obviously break all project updates.
"""
galaxy_fields = ('url', 'username', 'password', 'token')
if not any('PRIVATE_GALAXY_{}'.format(subfield.upper()) in attrs for subfield in galaxy_fields):
return attrs
def _new_value(field_name):
if field_name in attrs:
return attrs[field_name]
elif not serializer.instance:
return ''
return getattr(serializer.instance, field_name, '')
galaxy_data = {}
for subfield in galaxy_fields:
galaxy_data[subfield] = _new_value('PRIVATE_GALAXY_{}'.format(subfield.upper()))
errors = {}
print('galaxy data')
print(galaxy_data)
if not galaxy_data['url']:
for k, v in galaxy_data.items():
if v:
setting_name = 'PRIVATE_GALAXY_{}'.format(k.upper())
errors.setdefault(setting_name, [])
errors[setting_name].append(_(
'Cannot provide field if PRIVATE_GALAXY_URL is not set.'
))
if (galaxy_data['password'] or galaxy_data['username']) and galaxy_data['token']:
for k in ('password', 'username', 'token'):
setting_name = 'PRIVATE_GALAXY_{}'.format(k.upper())
if setting_name in attrs:
errors.setdefault(setting_name, [])
errors[setting_name].append(_(
'Setting PRIVATE_GALAXY_TOKEN is mutually exclusive with '
'PRIVATE_GALAXY_USERNAME and PRIVATE_GALAXY_PASSWORD.'
))
if errors:
raise serializers.ValidationError(errors)
return attrs
register_validate('logging', logging_validate) register_validate('logging', logging_validate)
register_validate('jobs', galaxy_validate)

5
awx/main/redact.py
View File

@@ -15,7 +15,7 @@ class UriCleaner(object):
if settings.PRIVATE_GALAXY_URL: if settings.PRIVATE_GALAXY_URL:
exclude_list = (settings.PUBLIC_GALAXY_URL, settings.PRIVATE_GALAXY_URL) exclude_list = (settings.PUBLIC_GALAXY_URL, settings.PRIVATE_GALAXY_URL)
else: else:
exclude_list = (settings.PUBLIC_GALAXY_URL) exclude_list = (settings.PUBLIC_GALAXY_URL,)
redactedtext = cleartext redactedtext = cleartext
text_index = 0 text_index = 0
while True: while True:
@@ -25,7 +25,7 @@ class UriCleaner(object):
uri_str = match.group(1) uri_str = match.group(1)
# Do not redact items from the exclude list # Do not redact items from the exclude list
if any(uri_str.startswith(exclude_uri) for exclude_uri in exclude_list): if any(uri_str.startswith(exclude_uri) for exclude_uri in exclude_list):
text_index = match.start() + len(UriCleaner.REPLACE_STR) text_index = match.start() + len(uri_str)
continue continue
try: try:
# May raise a ValueError if invalid URI for one reason or another # May raise a ValueError if invalid URI for one reason or another
@@ -62,7 +62,6 @@ class UriCleaner(object):
redactedtext = t redactedtext = t
if text_index >= len(redactedtext): if text_index >= len(redactedtext):
text_index = len(redactedtext) - 1 text_index = len(redactedtext) - 1
print('URL string old: {} new: {}'.format(uri_str_old, uri_str))
except ValueError: except ValueError:
# Invalid URI, redact the whole URI to be safe # Invalid URI, redact the whole URI to be safe
redactedtext = redactedtext[:match.start()] + UriCleaner.REPLACE_STR + redactedtext[match.end():] redactedtext = redactedtext[:match.start()] + UriCleaner.REPLACE_STR + redactedtext[match.end():]