Module: RedhatAccess::Telemetry::LookUps
- Included in:
- Actions::Insights::EmailPoller, AnalyticsDashboardHelper, Api::TelemetryApiController, Helper, MessagingService, PortalClient, RedhatAccess::TelemetryConfigurationsController
- Defined in:
- app/services/redhat_access/telemetry/look_ups.rb
Defined Under Namespace
Classes: RecordNotFound
Instance Method Summary collapse
- #can_mask_rules(user) ⇒ Object
- #can_unregister_system(user) ⇒ Object
- #current_organization_object ⇒ Object
- #disconnected_org?(org) ⇒ Boolean
- #get_basic_auth_options(org, ca_file, verify_peer, ssl_version) ⇒ Object
- #get_branch_id_for_org(org) ⇒ Object
- #get_branch_id_for_uuid(uuid) ⇒ Object
- #get_content_host(uuid = nil) ⇒ Object
- #get_content_hosts(org) ⇒ Object
- #get_default_ssl_ca_file ⇒ Object
- #get_http_options(include_user_id = false) ⇒ Object
- #get_http_user_agent ⇒ Object
- #get_leaf_id(uuid) ⇒ Object
- #get_mutual_tls_auth_options(org, ca_file, verify_peer, ssl_version) ⇒ Object
- #get_organization(uuid_or_host) ⇒ Object
- #get_plugin_parent_name ⇒ Object
- #get_plugin_parent_version ⇒ Object
- #get_portal_http_proxy ⇒ Object
-
#get_rha_plugin_name ⇒ Object
TODO: move version and name methods to generic utility.
- #get_rha_plugin_rpm_name ⇒ Object
- #get_rha_plugin_version ⇒ Object
- #get_ssl_options_for_org(org, ca_file) ⇒ Object
- #get_ssl_options_for_uuid(uuid, ca_file) ⇒ Object
-
#get_tapi_timeout ⇒ Object
timeout for telemetry api operations.
- #get_telemetry_config(org) ⇒ Object
-
#get_upload_timeout ⇒ Object
timeout for telemetry uploads.
- #insights_api_host ⇒ Object
- #is_org_selected? ⇒ Boolean
- #is_susbcribed_to_redhat?(org) ⇒ Boolean
- #telemetry_enabled?(org) ⇒ Boolean
- #telemetry_enabled_for_uuid?(uuid) ⇒ Boolean
- #upstream_owner(org) ⇒ Object
- #use_basic_auth? ⇒ Boolean
-
#use_subsets? ⇒ Boolean
global use_subsets flag - defaults to false to suppress use of subsets to address scalability problems (subset and branch_id are equivalent for satellite).
- #user_login_to_hash(login) ⇒ Object
Instance Method Details
#can_mask_rules(user) ⇒ Object
17 18 19 20 21 22 23 24 |
# File 'app/services/redhat_access/telemetry/look_ups.rb', line 17 def can_mask_rules(user) # TODO move this to an auth class? return false if user.nil? return true if user.admin = user.cached_roles.collect(&:permissions).flatten.map!(&:name) Rails.logger.debug("User can mask telemetry hosts : #{.include?("rh_telemetry_configurations")}") .include?("rh_telemetry_configurations") end |
#can_unregister_system(user) ⇒ Object
7 8 9 10 11 12 13 14 15 |
# File 'app/services/redhat_access/telemetry/look_ups.rb', line 7 def can_unregister_system(user) # TODO: move this to an auth class? return false if user.nil? return true if user.admin = user.cached_roles.collect(&:permissions).flatten.map!(&:name) # Rails.logger.debug("User can unregister telemetry hosts : #{ permissions.include?("rh_telemetry_configurations")}") # for now we allow all. true end |
#current_organization_object ⇒ Object
49 50 51 |
# File 'app/services/redhat_access/telemetry/look_ups.rb', line 49 def current_organization_object Organization.current || Organization.find_by_id(session[:organization_id]) if session[:organization_id] end |
#disconnected_org?(org) ⇒ Boolean
66 67 68 69 70 71 72 73 74 |
# File 'app/services/redhat_access/telemetry/look_ups.rb', line 66 def disconnected_org?(org) if org # TODO: fix hard coding # disable insights if disconnected orgs aren't enabled and katello doesn't point to redhat's CDN !REDHAT_ACCESS_CONFIG[:enable_insights_for_disconnected_orgs] && org.redhat_repository_url != 'https://cdn.redhat.com' else raise(RecordNotFound, 'Organization not found or invalid') end end |
#get_basic_auth_options(org, ca_file, verify_peer, ssl_version) ⇒ Object
155 156 157 158 159 160 161 162 163 164 |
# File 'app/services/redhat_access/telemetry/look_ups.rb', line 155 def (org, ca_file, verify_peer, ssl_version) opts = { :user => org.telemetry_configuration.portal_user, :password => org.telemetry_configuration.portal_password, :ssl_ca_file => ca_file, :verify_ssl => verify_peer } opts[:ssl_version] = ssl_version if ssl_version opts end |
#get_branch_id_for_org(org) ⇒ Object
85 86 87 88 89 90 91 92 93 94 95 96 97 |
# File 'app/services/redhat_access/telemetry/look_ups.rb', line 85 def get_branch_id_for_org(org) if org owner = upstream_owner(org) if !owner['uuid'] # ldebug('Org manifest not found or invalid in get_branch_id') raise(RecordNotFound, 'Branch ID not found for organization') else branch_id = owner['uuid'] end else raise(RecordNotFound, 'Organization not found or invalid') end end |
#get_branch_id_for_uuid(uuid) ⇒ Object
166 167 168 169 |
# File 'app/services/redhat_access/telemetry/look_ups.rb', line 166 def get_branch_id_for_uuid(uuid) org = get_organization(uuid) get_branch_id_for_org org end |
#get_content_host(uuid = nil) ⇒ Object
181 182 183 184 185 186 187 188 189 |
# File 'app/services/redhat_access/telemetry/look_ups.rb', line 181 def get_content_host(uuid = nil) uuid ||= params[:id] facet = Katello::Host::SubscriptionFacet.where(:uuid => uuid).first if facet.nil? User.as_anonymous_admin { Katello::Resources::Candlepin::Consumer.get(uuid) } return nil end ::Host::Managed.unscoped.find(facet.host_id) end |
#get_content_hosts(org) ⇒ Object
191 192 193 194 195 196 197 |
# File 'app/services/redhat_access/telemetry/look_ups.rb', line 191 def get_content_hosts(org) if org ::Host::Managed.('view_hosts', ::Host::Managed).joins(:subscription_facet).rewhere({:organization_id => org.id}).pluck("katello_subscription_facets.uuid") else raise(RecordNotFound, 'Organization not found or invalid') end end |
#get_default_ssl_ca_file ⇒ Object
126 127 128 |
# File 'app/services/redhat_access/telemetry/look_ups.rb', line 126 def get_default_ssl_ca_file "#{RedhatAccess::Engine.root}/ca/rh_cert-api_chain.pem" end |
#get_http_options(include_user_id = false) ⇒ Object
251 252 253 254 255 256 257 258 259 260 |
# File 'app/services/redhat_access/telemetry/look_ups.rb', line 251 def (include_user_id = false) headers = {} if include_user_id && User.current headers = {:INSIGHTS_USER_ID => user_login_to_hash(User.current.login)} end {:logger => Rails.logger, :http_proxy => get_portal_http_proxy, :user_agent => get_http_user_agent, :headers => headers} end |
#get_http_user_agent ⇒ Object
247 248 249 |
# File 'app/services/redhat_access/telemetry/look_ups.rb', line 247 def get_http_user_agent "#{get_plugin_parent_name}/#{get_plugin_parent_version};#{get_rha_plugin_name}/#{get_rha_plugin_version}" end |
#get_leaf_id(uuid) ⇒ Object
76 77 78 79 80 81 82 83 |
# File 'app/services/redhat_access/telemetry/look_ups.rb', line 76 def get_leaf_id(uuid) system = get_content_host(uuid) if system.nil? Rails.logger.debug('Host not found or invalid') raise(RecordNotFound, 'Host not found or invalid') end uuid end |
#get_mutual_tls_auth_options(org, ca_file, verify_peer, ssl_version) ⇒ Object
130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 |
# File 'app/services/redhat_access/telemetry/look_ups.rb', line 130 def (org, ca_file, verify_peer, ssl_version) upstream = upstream_owner(org) if !upstream || !upstream['idCert'] || !upstream['idCert']['cert'] || !upstream['idCert']['key'] raise(RecordNotFound, 'Unable to get portal SSL credentials. Missing org manifest?') else opts = { :ssl_client_cert => OpenSSL::X509::Certificate.new(upstream['idCert']['cert']), :ssl_client_key => OpenSSL::PKey::RSA.new(upstream['idCert']['key']), :ssl_ca_file => ca_file, :verify_ssl => verify_peer } opts[:ssl_version] = ssl_version if ssl_version Rails.logger.debug("Telemetry ssl options => ca_file:#{opts[:ssl_ca_file]} , peer verify #{opts[:verify_ssl]}") opts end end |
#get_organization(uuid_or_host) ⇒ Object
171 172 173 174 175 176 177 178 179 |
# File 'app/services/redhat_access/telemetry/look_ups.rb', line 171 def get_organization(uuid_or_host) # this takes either a host object or a uuid string if uuid_or_host.is_a?(::Host::Managed) return uuid_or_host.nil? ? nil : uuid_or_host.organization end system = get_content_host(uuid_or_host) system.nil? ? nil : system.organization end |
#get_plugin_parent_name ⇒ Object
296 297 298 299 300 301 |
# File 'app/services/redhat_access/telemetry/look_ups.rb', line 296 def get_plugin_parent_name if defined? ForemanThemeSatellite::SATELLITE_VERSION return 'Satellite' end 'Foreman' end |
#get_plugin_parent_version ⇒ Object
303 304 305 306 307 308 |
# File 'app/services/redhat_access/telemetry/look_ups.rb', line 303 def get_plugin_parent_version if defined? ForemanThemeSatellite::SATELLITE_VERSION return ForemanThemeSatellite::SATELLITE_VERSION.gsub(/[a-zA-Z ]/, "") end Foreman::Version.new.to_s end |
#get_portal_http_proxy ⇒ Object
199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 |
# File 'app/services/redhat_access/telemetry/look_ups.rb', line 199 def get_portal_http_proxy begin @http_proxy_string ||= begin proxy_uri = URI('') if Setting[:content_default_http_proxy].present? proxy_config = HttpProxy.default_global_content_proxy proxy_uri = URI(proxy_config&.url) if proxy_config&.username.present? proxy_uri.user = CGI.escape(proxy_config&.username) if proxy_config&.password.present? proxy_uri.password = CGI.escape(proxy_config&.password) end end end if proxy_uri.to_s.blank? if SETTINGS[:katello][:cdn_proxy] && SETTINGS[:katello][:cdn_proxy][:host] proxy_config = SETTINGS[:katello][:cdn_proxy] proxy_uri.scheme = URI.parse(proxy_config[:host]).scheme proxy_uri.host = URI.parse(proxy_config[:host]).host proxy_uri.port = proxy_config[:port] if proxy_config[:port] if proxy_config[:user].present? proxy_uri.user = CGI.escape(proxy_config[:user]) if proxy_config[:user] if proxy_config[:password].present? proxy_uri.password = CGI.escape(proxy_config[:password]) end end end end # Ruby's uri parser doesn't handle encoded characters so Katello added two new schemes to handle proxy # passwords. See https://github.com/Katello/katello/blob/master/app/lib/katello/util/proxy_uri.rb proxy_uri.scheme = 'proxy' if proxy_uri.scheme == 'http' proxy_uri.scheme = 'proxys' if proxy_uri.scheme == 'https' proxy_uri.to_s end Rails.logger.debug("Insights proxy url = #{@http_proxy_string}") @http_proxy_string rescue Rails.logger.debug("insights plugin: Something bad happened trying to get the proxy url") raise end end |
#get_rha_plugin_name ⇒ Object
TODO: move version and name methods to generic utility
283 284 285 |
# File 'app/services/redhat_access/telemetry/look_ups.rb', line 283 def get_rha_plugin_name 'redhat_access' end |
#get_rha_plugin_rpm_name ⇒ Object
287 288 289 |
# File 'app/services/redhat_access/telemetry/look_ups.rb', line 287 def get_rha_plugin_rpm_name 'foreman-redhat_access' end |
#get_rha_plugin_version ⇒ Object
292 293 294 |
# File 'app/services/redhat_access/telemetry/look_ups.rb', line 292 def get_rha_plugin_version RedhatAccess::VERSION end |
#get_ssl_options_for_org(org, ca_file) ⇒ Object
108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 |
# File 'app/services/redhat_access/telemetry/look_ups.rb', line 108 def (org, ca_file) if org verify_peer = REDHAT_ACCESS_CONFIG[:telemetry_ssl_verify_peer] ? OpenSSL::SSL::VERIFY_PEER : OpenSSL::SSL::VERIFY_NONE ssl_version = REDHAT_ACCESS_CONFIG[:telemetry_ssl_version] ? REDHAT_ACCESS_CONFIG[:telemetry_ssl_version] : nil ca_file = ca_file ? ca_file : get_default_ssl_ca_file Rails.logger.debug("Verify peer #{verify_peer}") if use_basic_auth? Rails.logger.debug("Using basic auth for portal communication") (org, ca_file, verify_peer, ssl_version) else Rails.logger.debug("Using SSL auth for portal communication") (org, ca_file, verify_peer, ssl_version) end else raise(RecordNotFound, 'Organization not found or invalid') end end |
#get_ssl_options_for_uuid(uuid, ca_file) ⇒ Object
99 100 101 102 |
# File 'app/services/redhat_access/telemetry/look_ups.rb', line 99 def (uuid, ca_file) org = get_organization(uuid) (org, ca_file) end |
#get_tapi_timeout ⇒ Object
timeout for telemetry api operations
269 270 271 |
# File 'app/services/redhat_access/telemetry/look_ups.rb', line 269 def get_tapi_timeout REDHAT_ACCESS_CONFIG[:telemetry_api_timeout_s] || 60 end |
#get_telemetry_config(org) ⇒ Object
39 40 41 42 43 |
# File 'app/services/redhat_access/telemetry/look_ups.rb', line 39 def get_telemetry_config(org) TelemetryConfiguration.find_or_create_by(:organization_id => org.id) do |conf| conf.enable_telemetry = true end end |
#get_upload_timeout ⇒ Object
timeout for telemetry uploads
274 275 276 |
# File 'app/services/redhat_access/telemetry/look_ups.rb', line 274 def get_upload_timeout REDHAT_ACCESS_CONFIG[:telemetry_upload_timeout_s] || 120 end |
#insights_api_host ⇒ Object
45 46 47 |
# File 'app/services/redhat_access/telemetry/look_ups.rb', line 45 def insights_api_host REDHAT_ACCESS_CONFIG[:telemetry_api_host] end |
#is_org_selected? ⇒ Boolean
34 35 36 37 |
# File 'app/services/redhat_access/telemetry/look_ups.rb', line 34 def is_org_selected? Rails.logger.debug("Org selected ? #{current_organization_object.nil?}") current_organization_object.nil? ? false : true end |
#is_susbcribed_to_redhat?(org) ⇒ Boolean
26 27 28 29 30 31 32 |
# File 'app/services/redhat_access/telemetry/look_ups.rb', line 26 def is_susbcribed_to_redhat?(org) if org upstream = upstream_owner(org) return upstream && upstream['idCert'] ? true : false end false end |
#telemetry_enabled?(org) ⇒ Boolean
53 54 55 56 57 58 59 60 |
# File 'app/services/redhat_access/telemetry/look_ups.rb', line 53 def telemetry_enabled?(org) if org conf = get_telemetry_config(org) return conf.nil? ? false : conf.enable_telemetry else raise(RecordNotFound, 'Organization not found or invalid') end end |
#telemetry_enabled_for_uuid?(uuid) ⇒ Boolean
62 63 64 |
# File 'app/services/redhat_access/telemetry/look_ups.rb', line 62 def telemetry_enabled_for_uuid?(uuid) telemetry_enabled?(get_organization(uuid)) end |
#upstream_owner(org) ⇒ Object
147 148 149 150 151 152 153 |
# File 'app/services/redhat_access/telemetry/look_ups.rb', line 147 def upstream_owner(org) #We use a cache because owner_details is networkcall to Candlepin #We make a lot of these calls each time the UI is accessed Rails.cache.fetch("insights_upstream_owner-#{org.id}", expires_in: 1.minute) do org.owner_details['upstreamConsumer'] end end |
#use_basic_auth? ⇒ Boolean
104 105 106 |
# File 'app/services/redhat_access/telemetry/look_ups.rb', line 104 def use_basic_auth? REDHAT_ACCESS_CONFIG[:enable_telemetry_basic_auth] end |
#use_subsets? ⇒ Boolean
global use_subsets flag - defaults to false to suppress use of subsets to address scalability problems (subset and branch_id are equivalent for satellite)
264 265 266 |
# File 'app/services/redhat_access/telemetry/look_ups.rb', line 264 def use_subsets? REDHAT_ACCESS_CONFIG[:use_subsets] || false end |
#user_login_to_hash(login) ⇒ Object
278 279 280 |
# File 'app/services/redhat_access/telemetry/look_ups.rb', line 278 def user_login_to_hash(login) Digest::SHA1.hexdigest(login) end |