-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmvApp(blank).py
347 lines (272 loc) · 11.4 KB
/
mvApp(blank).py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
#!/usr/bin/python
import logging
import base64
import urllib2
import json
import requests
import argparse
"""
add the SCC fully qualified hostname and access_code below
save the script as mvApp.py
run the script "mvApp.py <from_group_id> <to_group_id>"
"""
# Fully qualified hostname as string in single quotes
HOSTNAME = ''
# Access code generated from the appliance. Break up the access code to fit in 3 lines between the single quotes.
ACCESS_CODE = '' \
'' \
''
# Do not modify below this comment! Do not modify below this comment! Do not modify below this comment!
# ------------------------------------------------------------------------------------------------------------------
#
# Application group_id's
application_group_id = {
'1': 'Business Bulk',
'2': 'Business Critical',
'3': 'Business Productivity',
'4': 'Business Standard',
'5': 'Business VDI',
'6': 'Business Video',
'7': 'Business Voice',
'8': 'Recreational',
'9': 'Standard Bulk',
'10': 'Custom Applications'
}
PROTOCOL = "https"
# API URI template
API_URL = PROTOCOL + "://" + HOSTNAME + "/api/cmc.applications/2.0/{0}"
# API resource to execute
RESOURCE = "applications"
GROUP_RESOURCE = "groups"
def validate_args():
if args.from_group and not args.to_group:
print('Cannot specify a from_group without a to_group')
exit(1)
if args.to_group and not args.from_group:
print('Cannot specify a to_group without a from_group')
exit(1)
if args.built_in_only and not (args.to_group and args.from_group):
print ('Cannot specify built_in_only without a to_group and a from_group')
exit(1)
if args.restore and (args.collect or args.from_group or args.to_group or args.group_restore or args.built_in_only):
print('Cannot specify restore with any other option.')
exit(1)
if args.collect and (args.restore or args.from_group or args.to_group or args.group_restore or args.built_in_only):
print('Cannot specify collect with any other option.')
exit(1)
if args.group_restore and (args.restore or args.from_group or args.to_group or args.collect or args.built_in_only):
print('Cannot specify group_restore with any other option.')
exit(1)
def encode(s):
return base64.urlsafe_b64encode(s)
def init_mp_logger(logger_filename, name=None):
logger = logging.getLogger(name)
logger.setLevel(logging.WARNING)
fh = logging.FileHandler(logger_filename)
fh.setLevel(logging.WARNING)
formatter = logging.Formatter('[%(asctime)s] %(message)s')
fh.setFormatter(formatter)
logger.addHandler(fh)
return logger
def request_body(access_code):
"""
This method prepares the request to be
sent to the oauth REST API
@param access_code: Access code from appliance
"""
header_encoded = encode("{\"alg\":\"none\"}\n")
payload = access_code
payload_str = ''.join(payload)
signature_encoded = ''
assertion = '.'.join([header_encoded, payload_str])
assert_str = assertion.rstrip()
assert_str2 = '.'.join([assert_str, signature_encoded])
grant_type = 'access_code'
state = 'a34rfFas'
data = 'grant_type=%s&assertion=%s&state=%s' % (
grant_type, assert_str2, state)
return data
def get_access_token(hostname, request_body):
"""
This method makes an oauth REST API call and gets the access token
from appliance/resource owner
@param hostname: Appliance name
@param request_body: Request for making REST call
"""
api_url = "https://{0}/api/common/1.0/oauth/token"
req = urllib2.Request(url=api_url.format(hostname),
data=request_body)
f = urllib2.urlopen(req)
data = f.read()
decoded_data = json.loads(data)
"""
resp = requests.post(url, data=json.dumps(input_data), headers=headers, verify=False)
"""
payload = decoded_data['access_token'].strip()
payload_str = ''.join(payload)
return "Authorization: Bearer %s" % payload_str
def do_put_data(data, headers, to_group_id):
# build the URL to request all the data for the application to be moved
url = API_URL.format(RESOURCE) + "/items/" + str(data['id'])
# get request to the SCC to collect all the data for the application to be moved
resp = requests.get(url, headers=headers, verify=False)
# store the data collected
new_data = resp.json()
# collect the name of the application for logging
app = new_data['name']
# collect the old group_id for logging
from_group_id = new_data['group_id']
# replace the old group_id in new_data with the new group_id
new_data['group_id'] = int(to_group_id)
# put request to push all the old data with the new group_id back to the SCC
requests.put(url, data=json.dumps(new_data), verify=False, headers=headers)
# log the application that was moved to include the to and from group names and ID's
logger.warning('Moved application ID:' +
str(data['id']) + ' (' + str(app) + ') from group ID:' +
str(from_group_id) + ' (' + application_group_id[str(from_group_id)] + ') to group ID:' +
str(to_group_id) + ' (' + application_group_id[str(to_group_id)] + ')')
def collect_rest_api(access_token):
try:
auth = access_token.split(":")
headers = {'Content-Type': 'application/json',
auth[0]: auth[1]
}
url = API_URL.format(RESOURCE)
resp = requests.get(url, headers=headers, verify=False)
data = resp.json()
appList = []
for app in data:
app_obj = {}
app_obj['app_id'] = app['id']
app_obj['app_name'] = app['name']
app_obj['group_name'] = app['group_name']
for tag in app['tags']:
if app['group_name'] == tag['name']:
app_obj['group_id'] = tag['id']
appList.append(app_obj)
fh = open('defaultGroups.txt', 'w')
json.dump(appList, fh)
fh.close()
logger.warning('The file defaultGroups.txt has been created, store it in a safe place!')
except Exception, e:
print e.message
def group_rest_api(access_token):
try:
auth = access_token.split(":")
headers = {'Content-Type': 'application/json',
auth[0]: auth[1]
}
url = API_URL.format(RESOURCE)
resp = requests.get(url, headers=headers, verify=False)
data = resp.json()
with open('defaultGroups.txt') as default_groups:
default_data = json.load(default_groups)
if to_group_id == 10:
for id in data:
if not id['is_built_in']:
do_put_data(id, headers, to_group_id)
else:
for id in data:
if id['is_built_in']:
default_gen = (item for item in default_data if item['app_id'] == id['id'])
for item in default_gen:
if item['group_id'] == to_group_id:
do_put_data(id, headers, to_group_id)
break
except Exception, e:
print e.message
def restore_rest_api(access_token):
try:
auth = access_token.split(":")
headers = {'Content-Type': 'application/json',
auth[0]: auth[1]
}
url = API_URL.format(RESOURCE)
resp = requests.get(url, headers=headers, verify=False)
data = resp.json()
with open('defaultGroups.txt') as default_groups:
default_data = json.load(default_groups)
for id in data:
if id['is_built_in']:
default_gen = (item for item in default_data if item['app_id'] == id['id'])
for item in default_gen:
to_group_id = item['group_id']
do_put_data(id, headers, to_group_id)
break
else:
to_group_id = 10
do_put_data(id, headers, to_group_id)
except Exception, e:
print e.message
def execute_rest_api(access_token):
try:
auth = access_token.split(":")
headers = {'Content-Type': 'application/json',
auth[0]: auth[1]
}
url = API_URL.format(GROUP_RESOURCE) + "/items/" + str(from_group_id)
resp = requests.get(url, headers=headers, verify=False)
data = resp.json()
for d in data['applications']:
if args.built_in_only:
if d['is_built_in']:
do_put_data(d, headers, to_group_id)
else:
continue
else:
do_put_data(d, headers, to_group_id)
except Exception, e:
print e.message
if __name__ == '__main__':
"""
This is the main method
"""
parser = argparse.ArgumentParser()
parser.add_argument('-f', '--from_group', help="The group_id to remove applications from", type=int)
parser.add_argument('-t', '--to_group', help="The group_id to move applications to", type=int)
parser.add_argument('-b', '--built_in_only', action="store_true", dest="built_in_only", default=False,
help="Move only default applications, do not move custom apps")
parser.add_argument('-g', '--group_restore', help="Move a select group of applications to the default group",
type=int)
parser.add_argument('-r', '--restore', action="store_true", dest="restore", default=False,
help="Move all applications to their default groups")
parser.add_argument('-c', '--collect', action="store_true", dest="collect", default=False,
help="Create a defaultGroups.txt file from a SCC")
args = parser.parse_args()
validate_args()
from_group_id = args.from_group
if args.to_group is None:
to_group_id = args.group_restore
else:
to_group_id = args.to_group
if from_group_id not in range(1, 11) and from_group_id is not None:
print("group_id's must be between 1 and 10")
exit(1)
if to_group_id not in range(1, 11) and from_group_id is not None:
print("group_id's must be between 1 and 10")
exit(1)
hostname = HOSTNAME
access_code = ACCESS_CODE
logger_filename = './mvApp.log'
logger = init_mp_logger(logger_filename)
request_body = request_body(access_code)
access_token = get_access_token(hostname, request_body)
if args.restore:
api_result = restore_rest_api(access_token)
print api_result
print "All applications have been restored to their default groups!"
exit(0)
elif args.collect:
api_result = collect_rest_api(access_token)
print "The file defaultGroups.txt has been created"
print "Store it in a safe place!"
exit(0)
elif args.group_restore:
api_result = group_rest_api(access_token)
print ('All applications from group ID:' + str(to_group_id) + ' (' + application_group_id[str(to_group_id)] + ') have been moved back to group ID:' + str(to_group_id) + ' (' + application_group_id[str(to_group_id)] + ')')
exit(0)
else:
api_result = execute_rest_api(access_token)
print api_result
print ('All applications from group ID:' + str(from_group_id) + ' (' + application_group_id[str(from_group_id)] + ') have been moved to group ID:' + str(to_group_id) + ' (' + application_group_id[str(to_group_id)] + ')')
exit(0)