chore(controller): add blocklist api

Author: duanhongyi

rootfs/api/authentication.py

@@ -21,20 +21,8 @@ def authenticate(self, request):
         return AnonymousUser(), None
 
 
-class AnonymousOrAuthenticatedAuthentication(authentication.BaseAuthentication):
-
-    def authenticate(self, request):
-        """
-        Authenticate the request for anyone or if a valid token is provided, a user.
-        """
-        try:
-            return TokenAuthentication.authenticate(TokenAuthentication(), request)
-        except Exception as e:
-            logger.debug(e)
-            return AnonymousUser(), None
-
-
 class DryccAuthentication(TokenAuthentication):
+
     def authenticate(self, request):
         if 'Drycc' in request.META.get('HTTP_USER_AGENT', ''):
             auth = get_authorization_header(request).split()

rootfs/api/migrations/0002_blocklist.py

@@ -0,0 +1,29 @@
+# Generated by Django 3.2.5 on 2021-12-08 02:08
+
+from django.db import migrations, models
+import uuid
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('api', '0001_initial'),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='Blocklist',
+            fields=[
+                ('uuid', models.UUIDField(auto_created=True, default=uuid.uuid4, editable=False, primary_key=True, serialize=False, unique=True, verbose_name='UUID')),
+                ('created', models.DateTimeField(auto_now_add=True)),
+                ('updated', models.DateTimeField(auto_now=True)),
+                ('id', models.CharField(db_index=True, max_length=128)),
+                ('type', models.PositiveIntegerField(choices=[(1, 'app'), (2, 'user')])),
+                ('remark', models.TextField(blank=True, default='Blocked for unknown reason', null=True)),
+            ],
+            options={
+                'ordering': ['-created'],
+                'unique_together': {('id', 'type')},
+            },
+        ),
+    ]

rootfs/api/models/blocklist.py

@@ -0,0 +1,40 @@
+from django.db import models
+from django.contrib.auth.models import User
+from api.models import UuidAuditedModel, App
+
+
+class Blocklist(UuidAuditedModel):
+    """
+    You can block apps or users.
+    If a user is blocked, all apps owned by the user will be stopped.
+    The apps managed by the user will not be affected.
+    """
+    type_choices = [(1, "app", ), (2, "user")]
+    id = models.CharField(max_length=128, db_index=True)
+    type = models.PositiveIntegerField(choices=type_choices)
+    remark = models.TextField(blank=True, null=True, default="Blocked for unknown reason")
+
+    @property
+    def related_apps(self):
+        if self.type == 2:
+            user = User.objects.get(id=self.id)
+            return App.objects.filter(owner=user)
+        else:
+            return App.objects.filter(id=self.id)
+
+    @classmethod
+    def get_type(cls, name: str):
+        for _index, _name in cls.type_choices:
+            if _name == name:
+                return _index
+        raise ValueError("This type was not found")
+
+    @classmethod
+    def get_blocklist(cls, app: App):
+        return cls.objects.filter(
+            models.Q(id=app.id, type=1) | models.Q(id=app.owner_id, type=2)
+        ).first()
+
+    class Meta:
+        ordering = ['-created']
+        unique_together = (("id", "type"),)

rootfs/api/settings/testing.py

@@ -62,3 +62,7 @@ def __getitem__(self, item):
 
 
 MIGRATION_MODULES = DisableMigrations()
+
+# WORKFLOW_MANAGER_URL = "http://127.0.0.1:8000"
+WORKFLOW_MANAGER_ACCESS_KEY = "1234567890"
+WORKFLOW_MANAGER_SECRET_KEY = "1234567890"

rootfs/api/tests/test_workflow_manager.py

@@ -0,0 +1,58 @@
+# -*- coding: utf-8 -*-
+"""
+Unit tests for the Drycc api app.
+
+Run the tests with "./manage.py test api"
+"""
+import base64
+from django.core.cache import cache
+from django.conf import settings
+from django.contrib.auth.models import User
+from rest_framework.authtoken.models import Token
+from api.tests import adapter, DryccTransactionTestCase
+import requests_mock
+
+
+@requests_mock.Mocker(real_http=True, adapter=adapter)
+class ManagerTest(DryccTransactionTestCase):
+    """Tests setting and updating config values"""
+
+    fixtures = ['tests.json']
+
+    def setUp(self):
+
+        self.user = User.objects.get(username='autotest')
+        self.token = Token.objects.get(user=self.user).key
+        self.client.credentials(HTTP_AUTHORIZATION='Token ' + self.token)
+        self.app_id = self.create_app()
+        self.user_id = 7
+        # workflow manager token
+        token = base64.b85encode(b"%s:%s" % (
+            settings.WORKFLOW_MANAGER_ACCESS_KEY.encode("utf8"),
+            settings.WORKFLOW_MANAGER_SECRET_KEY.encode("utf8"),
+        )).decode("utf8")
+        self.client.credentials(HTTP_AUTHORIZATION='Token ' + token)
+
+    def tearDown(self):
+        # Restore default tags to empty string
+        settings.DRYCC_DEFAULT_CONFIG_TAGS = ''
+        # make sure every test has a clean slate for k8s mocking
+        cache.clear()
+
+    def test_block(self, mock_requests):
+        response = self.client.post(
+            '/v2/manager/{}/{}/block/'.format("users", 7),
+            data={'remark': 'Arrears blockade'},
+        )
+        self.assertEqual(response.status_code, 201)
+
+    def test_unblock(self, mock_requests):
+        response = self.client.post(
+            '/v2/manager/{}/{}/block/'.format("users", 7),
+            data={'remark': 'Arrears blockade'},
+        )
+        self.assertEqual(response.status_code, 201)
+        response = self.client.delete(
+            '/v2/manager/{}/{}/unblock/'.format("users", 7),
+        )
+        self.assertEqual(response.status_code, 204)

rootfs/api/views.py

@@ -19,7 +19,7 @@
 from rest_framework.response import Response
 from rest_framework.viewsets import GenericViewSet
 
-from api import influxdb, models, permissions, serializers, viewsets
+from api import influxdb, models, permissions, serializers, viewsets, authentication
 from api.tasks import scale_app, restart_app
 from api.models import AlreadyExists, ServiceUnavailable, DryccException, \
     UnprocessableEntity
@@ -120,19 +120,19 @@ def list(self, request, **kwargs):
 
 
 class WorkflowManagerViewset(GenericViewSet):
-
     permission_classes = (permissions.IsWorkflowManager, )
+    authentication_classes = (authentication.AnonymousAuthentication, )
 
     def block(self, request,  **kwargs):
         try:
-            blocklist = models.Blocklist(
+            blocklist, _ = models.Blocklist.objects.get_or_create(
                 id=kwargs['id'],
                 type=models.Blocklist.get_type(kwargs["type"]),
-                remark=request.data.get("remark")
+                defaults={"remark": request.data.get("remark")}
             )
-            apps = blocklist.related_apps
-            [scale_app(app, app.owner, {key: 0 for key in app.structure.keys()}) for app in apps]
-            blocklist.save()
+            for app in blocklist.related_apps:
+                scale_app.delay(app, app.owner, {key: 0 for key in app.structure.keys()})
+            return HttpResponse(status=201)
         except ValueError as e:
             logger.info(e)
             raise DryccException("Unsupported block type: %s" % kwargs["type"])
@@ -143,6 +143,7 @@ def unblock(self, request,  **kwargs):
                 id=kwargs['id'],
                 type=models.Blocklist.get_type(kwargs["type"])
             ).delete()
+            return HttpResponse(status=204)
         except ValueError as e:
             logger.info(e)
             raise DryccException("Unsupported block type: %s" % kwargs["type"])