Module: RedhatAccess::Telemetry::LookUps

Included in:

Actions::Insights::EmailPoller, AnalyticsDashboardHelper, Api::TelemetryApiController, Helper, MessagingService, PortalClient, RedhatAccess::TelemetryConfigurationsController

Defined in:

app/services/redhat_access/telemetry/look_ups.rb

Defined Under Namespace

Classes: RecordNotFound

Instance Method Summary

• #can_mask_rules(user) ⇒ Object
• #can_unregister_system(user) ⇒ Object
• #disconnected_org?(org) ⇒ Boolean
• #get_basic_auth_options(org, ca_file, verify_peer, ssl_version) ⇒ Object
• #get_branch_id_for_org(org) ⇒ Object
• #get_branch_id_for_uuid(uuid) ⇒ Object
• #get_content_host(uuid = nil) ⇒ Object
• #get_content_hosts(org) ⇒ Object
• #get_default_ssl_ca_file ⇒ Object
• #get_http_options(include_user_id = false) ⇒ Object
• #get_http_user_agent ⇒ Object
• #get_leaf_id(uuid) ⇒ Object
• #get_mutual_tls_auth_options(org, ca_file, verify_peer, ssl_version) ⇒ Object
• #get_organization(uuid) ⇒ Object
• #get_plugin_parent_name ⇒ Object
• #get_plugin_parent_version ⇒ Object
• #get_portal_http_proxy ⇒ Object
• #get_rha_plugin_name ⇒ Object

  TODO: move version and name methods to generic utility.

• #get_rha_plugin_rpm_name ⇒ Object
• #get_rha_plugin_version ⇒ Object
• #get_ssl_options_for_org(org, ca_file) ⇒ Object
• #get_ssl_options_for_uuid(uuid, ca_file) ⇒ Object
• #get_telemetry_config(org) ⇒ Object
• #is_org_selected? ⇒ Boolean
• #is_susbcribed_to_redhat?(org) ⇒ Boolean
• #telemetry_enabled?(org) ⇒ Boolean
• #telemetry_enabled_for_uuid?(uuid) ⇒ Boolean
• #use_basic_auth? ⇒ Boolean
• #user_login_to_hash(login) ⇒ Object

Instance Method Details

#can_mask_rules(user) ⇒ Object

# File 'app/services/redhat_access/telemetry/look_ups.rb', line 17

def can_mask_rules(user)
  # #TODO move this to an auth class?
  # TODO move this to an auth class?
  return false if user.nil?
  return true if user.admin
  permissions = user.cached_roles.collect(&:permissions).flatten.map!(&:name)
  Rails.logger.debug("User can mask telemetry hosts : #{permissions.include?("rh_telemetry_configurations")}")
  permissions.include?("rh_telemetry_configurations")
end

#can_unregister_system(user) ⇒ Object

# File 'app/services/redhat_access/telemetry/look_ups.rb', line 7

def can_unregister_system(user)
  # TODO: move this to an auth class?
  return false if user.nil?
  return true if user.admin
  permissions = user.cached_roles.collect(&:permissions).flatten.map!(&:name)
  # Rails.logger.debug("User can unregister telemetry hosts : #{ permissions.include?("rh_telemetry_configurations")}")
  # for now we allow all.
  true
end

#disconnected_org?(org) ⇒ Boolean

Returns:

• (Boolean)

# File 'app/services/redhat_access/telemetry/look_ups.rb', line 59

def disconnected_org?(org)
  if org
    # TODO: fix hard coding
    org.redhat_repository_url != 'https://cdn.redhat.com'
  else
    raise(RecordNotFound, 'Organization not found or invalid')
  end
end

#get_basic_auth_options(org, ca_file, verify_peer, ssl_version) ⇒ Object

# File 'app/services/redhat_access/telemetry/look_ups.rb', line 138

def get_basic_auth_options(org, ca_file, verify_peer, ssl_version)
  opts = {
    :user        => org.telemetry_configuration.portal_user,
    :password    => org.telemetry_configuration.portal_password,
    :ssl_ca_file => ca_file,
    :verify_ssl  => verify_peer
  }
  opts[:ssl_version] = ssl_version if ssl_version
  opts
end

#get_branch_id_for_org(org) ⇒ Object

# File 'app/services/redhat_access/telemetry/look_ups.rb', line 77

def get_branch_id_for_org(org)
  if org
    if !org.owner_details['upstreamConsumer'] || !org.owner_details['upstreamConsumer']['uuid']
      # ldebug('Org manifest not found or invalid in get_branch_id')
      raise(RecordNotFound, 'Branch ID not found for organization')
    else
      branch_id =  org.owner_details['upstreamConsumer']['uuid']
    end
  else
    raise(RecordNotFound, 'Organization not found or invalid')
  end
end

#get_branch_id_for_uuid(uuid) ⇒ Object

# File 'app/services/redhat_access/telemetry/look_ups.rb', line 149

def get_branch_id_for_uuid(uuid)
  org = get_organization(uuid)
  get_branch_id_for_org org
end

#get_content_host(uuid = nil) ⇒ Object

# File 'app/services/redhat_access/telemetry/look_ups.rb', line 159

def get_content_host(uuid = nil)
  uuid ||= params[:id]
  facet = Katello::Host::SubscriptionFacet.where(:uuid => uuid).first
  if facet.nil?
    User.as_anonymous_admin { Resources::Candlepin::Consumer.get(uuid) }
    raise HttpErrors::NotFound, _("Couldn't find consumer '%s'") % uuid
  end
  @host = facet.host
end

#get_content_hosts(org) ⇒ Object

# File 'app/services/redhat_access/telemetry/look_ups.rb', line 169

def get_content_hosts(org)
  if org
    host_ids = ::Host::Managed.authorized('view_hosts', ::Host::Managed).where({:organization_id => org.id}).pluck(:id)
    Katello::Host::SubscriptionFacet.where(:host_id => host_ids).pluck(:uuid)
  else
    raise(RecordNotFound, 'Organization not found or invalid')
  end
end

#get_default_ssl_ca_file ⇒ Object

# File 'app/services/redhat_access/telemetry/look_ups.rb', line 117

def get_default_ssl_ca_file
  "#{RedhatAccess::Engine.root}/ca/rh_cert-api_chain.pem"
end

#get_http_options(include_user_id = false) ⇒ Object

# File 'app/services/redhat_access/telemetry/look_ups.rb', line 198

def get_http_options(include_user_id = false)
  headers = {}
  if include_user_id && User.current
    headers = {:INSIGHTS_USER_ID => user_login_to_hash(User.current.login)}
  end
  {:logger => Rails.logger,
   :http_proxy => get_portal_http_proxy,
   :user_agent => get_http_user_agent,
   :headers => headers}
end

#get_http_user_agent ⇒ Object

# File 'app/services/redhat_access/telemetry/look_ups.rb', line 193

def get_http_user_agent
  "#{get_plugin_parent_name}/#{get_plugin_parent_version};#{get_rha_plugin_name}/#{get_rha_plugin_version}"
end

#get_leaf_id(uuid) ⇒ Object

# File 'app/services/redhat_access/telemetry/look_ups.rb', line 68

def get_leaf_id(uuid)
  system = get_content_host(uuid)
  if system.nil?
    Rails.logger.debug('Host not found or invalid')
    raise(RecordNotFound, 'Host not found or invalid')
  end
  uuid
end

#get_mutual_tls_auth_options(org, ca_file, verify_peer, ssl_version) ⇒ Object

# File 'app/services/redhat_access/telemetry/look_ups.rb', line 121

def get_mutual_tls_auth_options(org, ca_file, verify_peer, ssl_version)
  upstream = org.owner_details['upstreamConsumer']
  if !upstream || !upstream['idCert'] || !upstream['idCert']['cert'] || !upstream['idCert']['key']
    raise(RecordNotFound, 'Unable to get portal SSL credentials. Missing org manifest?')
  else
    opts = {
      :ssl_client_cert => OpenSSL::X509::Certificate.new(upstream['idCert']['cert']),
      :ssl_client_key  => OpenSSL::PKey::RSA.new(upstream['idCert']['key']),
      :ssl_ca_file     => ca_file,
      :verify_ssl      => verify_peer
    }
    opts[:ssl_version] = ssl_version if ssl_version
    Rails.logger.debug("Telemetry ssl options => ca_file:#{opts[:ssl_ca_file]} , peer verify #{opts[:verify_ssl]}")
    opts
  end
end

#get_organization(uuid) ⇒ Object

# File 'app/services/redhat_access/telemetry/look_ups.rb', line 154

def get_organization(uuid)
  system = get_content_host(uuid)
  system.nil? ? nil : system.organization
end

#get_plugin_parent_name ⇒ Object

# File 'app/services/redhat_access/telemetry/look_ups.rb', line 227

def get_plugin_parent_name
  if defined? ForemanThemeSatellite::SATELLITE_VERSION
    return 'Satellite'
  end
  'Foreman'
end

#get_plugin_parent_version ⇒ Object

# File 'app/services/redhat_access/telemetry/look_ups.rb', line 234

def get_plugin_parent_version
  if defined? ForemanThemeSatellite::SATELLITE_VERSION
    return ForemanThemeSatellite::SATELLITE_VERSION.gsub(/[a-zA-Z ]/, "")
  end
  Foreman::Version.new.to_s
end

#get_portal_http_proxy ⇒ Object

# File 'app/services/redhat_access/telemetry/look_ups.rb', line 178

def get_portal_http_proxy
  proxy = nil
  if SETTINGS[:katello][:cdn_proxy] && SETTINGS[:katello][:cdn_proxy][:host]
    proxy_config = SETTINGS[:katello][:cdn_proxy]
    uri = URI('')
    uri.scheme = URI.parse(proxy_config[:host]).scheme
    uri.host = URI.parse(proxy_config[:host]).host
    uri.port = proxy_config[:port] if proxy_config[:port]
    uri.user =  ERB::Util.url_encode(proxy_config[:user]) if proxy_config[:user]
    uri.password = ERB::Util.url_encode(proxy_config[:password]) if proxy_config[:password]
    proxy = uri.to_s
  end
  proxy
end

#get_rha_plugin_name ⇒ Object

TODO: move version and name methods to generic utility

# File 'app/services/redhat_access/telemetry/look_ups.rb', line 214

def get_rha_plugin_name
  'redhat_access'
end

#get_rha_plugin_rpm_name ⇒ Object

# File 'app/services/redhat_access/telemetry/look_ups.rb', line 218

def get_rha_plugin_rpm_name
  'foreman-redhat_access'
end

#get_rha_plugin_version ⇒ Object

# File 'app/services/redhat_access/telemetry/look_ups.rb', line 223

def get_rha_plugin_version
  RedhatAccess::VERSION
end

#get_ssl_options_for_org(org, ca_file) ⇒ Object

# File 'app/services/redhat_access/telemetry/look_ups.rb', line 99

def get_ssl_options_for_org(org, ca_file)
  if org
    verify_peer = REDHAT_ACCESS_CONFIG[:telemetry_ssl_verify_peer] ? OpenSSL::SSL::VERIFY_PEER : OpenSSL::SSL::VERIFY_NONE
    ssl_version = REDHAT_ACCESS_CONFIG[:telemetry_ssl_version] ? REDHAT_ACCESS_CONFIG[:telemetry_ssl_version] : nil
    ca_file = ca_file ? ca_file : get_default_ssl_ca_file
    Rails.logger.debug("Verify peer #{verify_peer}")
    if use_basic_auth?
      Rails.logger.debug("Using basic auth for portal communication")
      get_basic_auth_options(org, ca_file, verify_peer, ssl_version)
    else
      Rails.logger.debug("Using SSL auth for portal communication")
      get_mutual_tls_auth_options(org, ca_file, verify_peer, ssl_version)
    end
  else
    raise(RecordNotFound, 'Organization not found or invalid')
  end
end

#get_ssl_options_for_uuid(uuid, ca_file) ⇒ Object

# File 'app/services/redhat_access/telemetry/look_ups.rb', line 90

def get_ssl_options_for_uuid(uuid, ca_file)
  org = get_organization(uuid)
  get_ssl_options_for_org(org, ca_file)
end

#get_telemetry_config(org) ⇒ Object

# File 'app/services/redhat_access/telemetry/look_ups.rb', line 40

def get_telemetry_config(org)
  TelemetryConfiguration.find_or_create_by(:organization_id => org.id) do |conf|
    conf.enable_telemetry = true
  end
end

#is_org_selected? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/services/redhat_access/telemetry/look_ups.rb', line 35

def is_org_selected?
  Rails.logger.debug("Org selected ? #{Organization.current.nil?}")
  Organization.current.nil? ? false : true
end

#is_susbcribed_to_redhat?(org) ⇒ Boolean

Returns:

• (Boolean)

# File 'app/services/redhat_access/telemetry/look_ups.rb', line 27

def is_susbcribed_to_redhat?(org)
  if org
    upstream = org.owner_details['upstreamConsumer']
    return upstream && upstream['idCert'] ? true : false
  end
  false
end

#telemetry_enabled?(org) ⇒ Boolean

Returns:

• (Boolean)

# File 'app/services/redhat_access/telemetry/look_ups.rb', line 46

def telemetry_enabled?(org)
  if org
    conf = get_telemetry_config(org)
    return conf.nil? ? false : conf.enable_telemetry
  else
    raise(RecordNotFound, 'Host not found or invalid')
  end
end

#telemetry_enabled_for_uuid?(uuid) ⇒ Boolean

Returns:

• (Boolean)

# File 'app/services/redhat_access/telemetry/look_ups.rb', line 55

def telemetry_enabled_for_uuid?(uuid)
  telemetry_enabled?(get_organization(uuid))
end

#use_basic_auth? ⇒ Boolean

Returns:

• (Boolean)

# File 'app/services/redhat_access/telemetry/look_ups.rb', line 95

def use_basic_auth?
  REDHAT_ACCESS_CONFIG[:enable_telemetry_basic_auth]
end

#user_login_to_hash(login) ⇒ Object

# File 'app/services/redhat_access/telemetry/look_ups.rb', line 209

def user_login_to_hash(login)
  Digest::SHA1.hexdigest(login)
end