# Copyright (C) 2005-2025 Splunk Inc. All Rights Reserved. import json import os import sys import http.client from splunk.clilib.bundle_paths import make_splunkhome_path from splunk.persistconn.application import PersistentServerConnectionApplication sys.path.append(make_splunkhome_path(['etc', 'apps', 'SA-UserAccess', 'lib'])) from user_access_utils import CheckUserAccess sys.path.append(make_splunkhome_path(['etc', 'apps', 'SA-ITOA', 'lib'])) import itsi_py3 from ITOA.setup_logging import getLogger from ITOA.controller_utils import ITOAError, ItoaValidationError from ITOA.rest_interface_provider_base import SplunkdRestInterfaceBase from itsi.content_pack_authorship.content_pack_authorship_rest_provider import ContentPackAuthorshipRestProvider from itsi.itsi_utils import CAPABILITY_MATRIX, ITOAInterfaceUtils from ITOA import itoa_common logger = getLogger() logger.debug("Initialized Content Pack Authorship REST splunkd handler interface log") class ContentPackAuthorshipInterfaceProviderSplunkd(ContentPackAuthorshipRestProvider): """ This wrapper class for the REST provider in ContentPackAuthorshipRestProvider which handles all access check decorators and passes on to provider to serve rest of the request """ def __init__(self, session_key, current_user, rest_method): """ Constructor for provider for the interface @type: string @param session_key: the splunkd session key for the request @type: string @param current_user: current user invoking the request @type: string @param: type of REST method of this request, GET/PUT/POST/DELETE """ self._setup(session_key, current_user, rest_method) def get_rest_request_info(self, args, kwargs): """ Invoked by access check (CheckUserAccess decorator) in SA-UserAccess to get splunkd request specific information @type: object @param self: the self reference @type: tuple @param args: args of the decorated REST handler function being processed @type: dict @param kwargs: kwargs of the decorated REST handler function being processed @rtype: tuple @return: tuple containing (user, session_key, object_type, operation, owner) for this request """ owner = args[0] if len(args) > 0 else None object_type = args[1] if len(args) > 1 else None session_key = self._session_key user = self._current_user method = self._rest_method if method == 'GET': operation = 'read' elif method in ['POST', 'PUT']: operation = 'write' elif method == 'DELETE': operation = 'delete' else: message = 'Unsupported operation - {0}.'.format(method) raise Exception(message) return user, session_key, object_type, operation, owner @CheckUserAccess(capability_matrix=CAPABILITY_MATRIX, object_type=None, logger=logger) def bulk_crud(self, owner, object_type, **kwargs): """ Routes CRUD operations on objects @type: object @param self: the self reference @type: string @param owner: owner making the request @type: string @param object_type: type of content_pack object @type: dict @param **kwargs: key word arguments extracted from request @rtype: json @return: json of the REST method results """ return self._bulk_crud(owner, object_type, **kwargs) @CheckUserAccess(capability_matrix=CAPABILITY_MATRIX, object_type=None, logger=logger) def crud_by_id(self, owner, object_type, object_id, **kwargs): """ Routes CRUD operations per object @type: object @param self: the self reference @type: string @param owner: owner making the request @type: string @param object_type: type of content_pack object @type: string @param object_id: id of content_pack object @type: dict @param **kwargs: key word arguments extracted from request @rtype: json @return: json of the results of the REST method """ return self._crud_by_id(owner, object_type, object_id, **kwargs) @CheckUserAccess(capability_matrix=CAPABILITY_MATRIX, object_type='content_pack_file_download', logger=logger) def download_content_pack_by_key(self, owner, object_type, object_id, **kwargs): """ Gets tar.gz package of the specified content pack @type: object @param self: the self reference @type: string @param owner: owner making the request @type: string @param object_type: type of content_pack object @type: string @param object_id: object_id of content pack authorship object @type: dict @param **kwargs: key word arguments extracted from request @rtype: file @return: tar.gz file of the content pack """ return self._download_content_pack(owner, object_type, object_id=object_id, **kwargs) @CheckUserAccess(capability_matrix=CAPABILITY_MATRIX, object_type=None, logger=logger) def get_objects_count(self, owner, object_type, **kwargs): """ Gets count of objects with filters applied @type: object @param self: the self reference @type: string @param owner: owner making the request @type: string @param object_type: type of content_pack object @type: dict @param **kwargs: key word arguments extracted from request @rtype: json @return: json of the count of objects """ return self._get_object_count(owner, object_type, **kwargs) @CheckUserAccess(capability_matrix=CAPABILITY_MATRIX, object_type=None, logger=logger) def sumbit_object_by_id(self, owner, object_type, object_id, **kwargs): """ Routes CRUD operations per object @type: object @param self: the self reference @type: string @param owner: owner making the request @type: string @param object_type: type of content_pack object @type: string @param object_id: id of content_pack object @type: dict @param **kwargs: key word arguments extracted from request @rtype: json @return: json of the results of the REST method """ return self._sumbit_object_by_id(owner, object_type, object_id, **kwargs) class ContentPackAuthorshipInterfaceSplunkd(PersistentServerConnectionApplication, SplunkdRestInterfaceBase): """ Class implementation for REST handler providing services for maintenance services interface endpoints. """ def __init__(self, command_line, command_arg): """ Basic constructor @type: string @param command_line: command line invoked for handler @type: string @param command_arg: args for invoked command line for handler """ super(ContentPackAuthorshipInterfaceSplunkd, self).__init__() def handle(self, args): """ Blanket handler for all REST calls on the interface routing the GET/POST/PUT/DELETE requests. Derived implementation from PersistentServerConnectionApplication. @type args: json @param args: a JSON string representing a dictionary of arguments to the REST call. @rtype: json @return: a valid REST response """ return self._default_handle(args) def _dispatch_to_provider(self, args): """ Parses the REST path on the interface to help route to respective handlers This handler's thin layer parses the paths and routes actual handling for the call to ContentPackAuthorshipInterfaceProviderSplunkd @type: dict @param args: the args routed for the REST method @rtype: dict @return: results of the REST method """ if not isinstance(args, dict): message = 'Invalid REST args received by content pack authorship interface - {}'.format(args) raise ItoaValidationError(message=message, logger=logger) session_key = args['session']['authtoken'] current_user = args['session']['user'] rest_method = args['method'] rest_method_args = {} SplunkdRestInterfaceBase.extract_rest_args(args, 'query', rest_method_args) rest_method_args.update(SplunkdRestInterfaceBase.extract_data_payload(args)) interface_provider = ContentPackAuthorshipInterfaceProviderSplunkd(session_key, current_user, rest_method) rest_path = args['rest_path'] if not isinstance(rest_path, itsi_py3.string_type): message = 'Invalid REST path received by content pack authorship interface - {}'.format(rest_path) raise ItoaValidationError(message=message, logger=logger) # feature flag check if not itoa_common.is_feature_enabled('itsi-content-pack-authorship', session_key): raise ITOAError(status=http.client.INTERNAL_SERVER_ERROR, message=('itsi-content-pack-authorship is an unsupported feature. ' + f"feature_enablement_cache={itoa_common.feature_enablement_cache} " + f"pid={os.getpid()}")) # Double check this is ITOA interface path path_parts = rest_path.strip().strip('/').split('/') if ((not isinstance(path_parts, list)) or (len(path_parts) < 2) or (path_parts[0] != 'itoa_interface')): raise ITOAError(status=http.client.NOT_FOUND, message='Specified REST url/path is invalid - {}.'.format(rest_path)) path_parts.pop(0) # Version check the API. It should be in the second part of URL if specified. Samples: # /itoa_interface/vLatest/... where vLatest implies latest ITSI version # /itoa_interface//... # Currently only latest version of ITSI is supported for all APIs if len(path_parts) < 1: raise ITOAError(status=http.client.NOT_FOUND, message='Specified REST url/path is invalid - {}.'.format(rest_path)) if path_parts[0] in ['vLatest', 'v' + ITOAInterfaceUtils.get_app_version(session_key, app='itsi')]: path_parts.pop(0) if len(path_parts) < 1: raise ITOAError(status=http.client.NOT_FOUND, message='Specified REST url/path is invalid - {}.'.format(rest_path)) # Double check this is content_pack_authorship interface path if path_parts[0] != 'content_pack_authorship': raise ITOAError(status=http.client.NOT_FOUND, message='Specified REST url/path is invalid - {}.'.format(rest_path)) path_parts.pop(0) first_path_part = path_parts[0] if first_path_part in interface_provider.SUPPORTED_OBJECT_TYPES: owner = self.extract_request_owner(args, rest_method_args) object_type = first_path_part if object_type in interface_provider.SUPPORTED_OBJECT_TYPES_FOR_CRUD: if len(path_parts) == 1: return interface_provider.bulk_crud(owner, 'content_pack', **rest_method_args) elif len(path_parts) == 2: if path_parts[1] == 'count': return interface_provider.get_objects_count(owner, object_type, **rest_method_args) else: # Path is for object CRUD by id object_id = path_parts[1] return interface_provider.crud_by_id(owner, object_type, object_id, **rest_method_args) elif len(path_parts) == 3: if path_parts[2] == 'submit': return interface_provider.sumbit_object_by_id( owner, object_type, path_parts[1], **rest_method_args ) if object_type in ['files']: if len(path_parts) == 1: raise ITOAError(status=http.client.BAD_REQUEST, message='Content Pack package name not specified') elif len(path_parts) == 2: object_id = path_parts[1] if not object_id.endswith('.tar.gz'): raise ITOAError(status=http.client.BAD_REQUEST, message='Incorrect or missing file extension') return interface_provider.download_content_pack_by_key( owner, object_type, object_id[:-len('.tar.gz')], **rest_method_args) # No takers so far implies REST path is crazy, error out raise ITOAError(status=http.client.NOT_FOUND, message='Specified REST url/path is invalid - {}.'.format(rest_path))