%PDF- %PDF-
Mini Shell

Mini Shell

Direktori : /usr/lib/python2.7/site-packages/salt/engines/
Upload File :
Create Path :
Current File : //usr/lib/python2.7/site-packages/salt/engines/slack.pyo

�
���^c@@s�dZddlmZmZmZddlZddlZddlZddlZddl	Z	ddl
Z
ddlZeje
�ZyddlZeZWnek
r�eZnXddlZddlZddlZddlZddlZddlZddlZddlZddlZddlZddlZddl m!Z!dZ"d�Z#de$fd��YZ%ed	e&e&ed
d�Z'dS(uc
An engine that reads messages from Slack and can act on them

.. versionadded: 2016.3.0

:depends: `slackclient <https://pypi.org/project/slackclient/>`_ Python module

.. important::
    This engine requires a bot user. To create a bot user, first go to the
    **Custom Integrations** page in your Slack Workspace. Copy and paste the
    following URL, and replace ``myworkspace`` with the proper value for your
    workspace:

    ``https://myworkspace.slack.com/apps/manage/custom-integrations``

    Next, click on the ``Bots`` integration and request installation. Once
    approved by an admin, you will be able to proceed with adding the bot user.
    Once the bot user has been added, you can configure it by adding an avatar,
    setting the display name, etc. You will also at this time have access to
    your API token, which will be needed to configure this engine.

    Finally, add this bot user to a channel by switching to the channel and
    using ``/invite @mybotuser``. Keep in mind that this engine will process
    messages from each channel in which the bot is a member, so it is
    recommended to narrowly define the commands which can be executed, and the
    Slack users which are allowed to run commands.


This engine has two boolean configuration parameters that toggle specific
features (both default to ``False``):

1. ``control`` - If set to ``True``, then any message which starts with the
   trigger string (which defaults to ``!`` and can be overridden by setting the
   ``trigger`` option in the engine configuration) will be interpreted as a
   Salt CLI command and the engine will attempt to run it. The permissions
   defined in the various ``groups`` will determine if the Slack user is
   allowed to run the command. The ``targets`` and ``default_target`` options
   can be used to set targets for a given command, but the engine can also read
   the following two keyword arguments:

   - ``target`` - The target expression to use for the command

   - ``tgt_type`` - The match type, can be one of ``glob``, ``list``,
     ``pcre``, ``grain``, ``grain_pcre``, ``pillar``, ``nodegroup``, ``range``,
     ``ipcidr``, or ``compound``. The default value is ``glob``.

   Here are a few examples:

   .. code-block:: text

       !test.ping target=*
       !state.apply foo target=os:CentOS tgt_type=grain
       !pkg.version mypkg target=role:database tgt_type=pillar

2. ``fire_all`` - If set to ``True``, all messages which are not prefixed with
   the trigger string will fired as events onto Salt's ref:`event bus
   <event-system>`. The tag for these veents will be prefixed with the string
   specified by the ``tag`` config option (default: ``salt/engines/slack``).


The ``groups_pillar_name`` config option can be used to pull group
configuration from the specified pillar key.

.. note::
    In order to use ``groups_pillar_name``, the engine must be running as a
    minion running on the master, so that the ``Caller`` client can be used to
    retrieve that minions pillar data, because the master process does not have
    pillar data.


Configuration Examples
======================

.. versionchanged:: 2017.7.0
    Access control group support added

This example uses a single group called ``default``. In addition, other groups
are being loaded from pillar data. The group names do not have any
significance, it is the users and commands defined within them that are used to
determine whether the Slack user has permission to run the desired command.

.. code-block:: text

    engines:
      - slack:
          token: 'xoxb-xxxxxxxxxx-xxxxxxxxxxxxxxxxxxxxxxxx'
          control: True
          fire_all: False
          groups_pillar_name: 'slack_engine:groups_pillar'
          groups:
            default:
              users:
                - '*'
              commands:
                - test.ping
                - cmd.run
                - list_jobs
                - list_commands
              aliases:
                list_jobs:
                  cmd: jobs.list_jobs
                list_commands:
                  cmd: 'pillar.get salt:engines:slack:valid_commands target=saltmaster tgt_type=list'
              default_target:
                target: saltmaster
                tgt_type: glob
              targets:
                test.ping:
                  target: '*'
                  tgt_type: glob
                cmd.run:
                  target: saltmaster
                  tgt_type: list

This example shows multiple groups applying to different users, with all users
having access to run test.ping. Keep in mind that when using ``*``, the value
must be quoted, or else PyYAML will fail to load the configuration.

.. code-block:: text

    engines:
      - slack:
          groups_pillar: slack_engine_pillar
          token: 'xoxb-xxxxxxxxxx-xxxxxxxxxxxxxxxxxxxxxxxx'
          control: True
          fire_all: True
          tag: salt/engines/slack
          groups_pillar_name: 'slack_engine:groups_pillar'
          groups:
            default:
              users:
                - '*'
              commands:
                - test.ping
              aliases:
                list_jobs:
                  cmd: jobs.list_jobs
                list_commands:
                  cmd: 'pillar.get salt:engines:slack:valid_commands target=saltmaster tgt_type=list'
            gods:
              users:
                - garethgreenaway
              commands:
                - '*'

i(tabsolute_importtprint_functiontunicode_literalsN(tsixuslackcC@ststdfStS(Nu3The 'slackclient' Python module could not be loaded(tHAS_SLACKCLIENTtFalset__virtualname__(((s6/usr/lib/python2.7/site-packages/salt/engines/slack.pyt__virtual__�s
tSlackClientcB@s�eZd�Zd�Zd�Zd�Zd�Zd�Zd�Zd�Z	d�Z
d	�Zd
�Zd�Z
d�Zd
�Zd�Zdd�Zd�ZRS(cC@s=tjjt�|_tj|�|_|jj�|_	dS(N(
tsalttminiontMasterMiniont__opts__t
master_miniontslackclientRtsctrtm_connectt
slack_connect(tselfttoken((s6/usr/lib/python2.7/site-packages/salt/engines/slack.pyt__init__�scC@s�tjjjddd|dt�}i}d|kr�xU|dD]F}d|krA|ds�|d||d<|d||d<q�qAqAWn|S(	u*
        Get all users from Slack
        tfunctionuuserstapi_keytoptsumessageuis_botuiduname(R	tutilstslacktqueryR(RRtrettuserstitem((s6/usr/lib/python2.7/site-packages/salt/engines/slack.pytget_slack_users�s	
c	C@srtjjjddd|ditd6td6�}i}d|krnx'|dD]}|d||d	<qOWn|S(
u2
        Get all channel names from Slack
        RuroomsRRuexclude_archiveduexclude_membersumessageunameuid(R	RRRtTrue(RRRtchannelsR((s6/usr/lib/python2.7/site-packages/salt/engines/slack.pytget_slack_channels�s
cC@siit�d6t�d6id6id6id6d6}|sEi}n|}tjd|�y+tj|j|�j�|j��}Wn6tk
r�tjd||j|�|�g}nXx?|D]7\}}tj	d	||�|j
|it�d6t�d6id6id6id6�y�||djt|jdg���||djt|jdg���||dj|jdi��||dj|jdi��||dj|jdi��Wq�t
tfk
r�tjd
|�q�Xq�Wtjd|�|S(u�
        get info from groups in config, and from the named pillar

        todo: add specification for the minion to use to recover pillar
        uusersucommandsualiasesudefault_targetutargetsudefaultu
use_groups %su3Failed to get groups from %s: %s or from config: %su$Trying to get %s and %s to be usefuluHCouldn't use group %s. Check that targets is a dictionary and not a listuGot the groups: %s(tsettlogtdebugt	itertoolstchaint_groups_from_pillartitemstAttributeErrortwarningtinfot
setdefaulttupdatetgett
IndexError(Rtgroups_conftgroups_pillar_namet
ret_groupst
use_groupst
groups_gentnametconfig((s6/usr/lib/python2.7/site-packages/salt/engines/slack.pytget_config_groups�sD

	+
	
''!!%cC@so|retddkretd|i�}tjd||�tjd|�tjdt|��ni}|S(u�
        pillar_prefix is the pillar.get syntax for the pillar to be queried.
        Group name is gotten via the equivalent of using
        ``salt['pillar.get']('{}:{}'.format(pillar_prefix, group_name))``
        in a jinja template.

        returns a dictionary (unless the pillar is mis-formatted)
        XXX: instead of using Caller, make the minion to use configurable so there could be some
             restrictions placed on what pillars can be used.
        u__roleuminionu
pillar.getu#Got pillar groups %s from pillar %supillar groups is %supillar groups type is %s(Rt__salt__R#R$ttype(Rtpillar_namet
pillar_groups((s6/usr/lib/python2.7/site-packages/salt/engines/slack.pyR' scC@shtjd�dkr7tjjjttd�j}nd}|rS|||�ntd||�dS(un
        This replaces a function in main called 'fire'

        It fires an event into the salt bus.
        u__roleumasterusock_diru
event.sendN(	RR.R	Rteventtget_master_eventtfire_mastertNoneR8(RttagtmsgR>((s6/usr/lib/python2.7/site-packages/salt/engines/slack.pytfire4scC@s�tjd|||�x�|j�D]�\}}||dkrXd|dkrXq#qXn||dkr�||jdi�j�kr�d|dkr�q#q�ntjd||�||fSWtjd||�dS(	u�
        Break out the permissions into the following:

        Check whether a user is in any group, including whether a group has the '*' membership

        :type user: str
        :param user: The username being checked against

        :type command: str
        :param command: The command that is being invoked (e.g. test.ping)

        :type groups: dict
        :param groups: the dictionary with groups permissions structure.

        :rtype: tuple
        :returns: On a successful permitting match, returns 2-element tuple that contains
            the name of the group that successfully matched, and a dictionary containing
            the configuration of the group so it can be referenced.

            On failure it returns an empty tuple

        u!%s wants to run %s with groups %suusersu*ucommandsualiasesu!Slack user %s permitted to run %su%Slack user %s denied trying to run %s((R#R+R(R.tkeys(Rtusertcommandtgroupstkeytval((s6/usr/lib/python2.7/site-packages/salt/engines/slack.pytcan_user_runFs	.	c	C@s�tjjj|t|��}g}xr|D]j}d}tj||�}|r�|jd�|jd�|jd�}|j|�q,|j|�q,W|S(u{
        cmdline_str is the string of the command line
        trigger_string is the trigger string, to be removed
        u3(?P<begin>.*)(<.*\|)(?P<url>.*)(>)(?P<remainder>.*)ubeginuurlu	remainder(	R	Rtargstshlex_splittlentretmatchtgrouptappend(	Rtcmdline_strttrigger_stringtcmdlinetcmdlisttcmditemtpatterntmtchtorigtext((s6/usr/lib/python2.7/site-packages/salt/engines/slack.pytcommandline_to_listjs
)c	@s1|j||�}|j||d|�}tjd||�|sUtd
|dfS|sltd
|dfS|d|djdi�j�kr�|j|dd|djdd�d�}|j|d�n|}|j	|||�}g|D](�t
�fd�dD��r��^q�}t||fS(u#Returns a tuple of (target, cmdline,) for the response

        Raises IndexError if a user can't be looked up from all_slack_users

        Returns (False, False) if the user doesn't have permission

        These are returned together because the commandline and the targeting
        interact with the group config (specifically aliases and targeting configuration)
        so taking care of them together works out.

        The cmdline that is returned is the actual list that should be
        processed by salt, and not the alias.

        iu3slack_user_name is %s and the permitted group is %siualiasesucmduc3@s|]}�j|�VqdS(N(t
startswith(t.0tx(R(s6/usr/lib/python2.7/site-packages/salt/engines/slack.pys	<genexpr>�sutargetutgt_typeN(utargetutgt_type(RYRIR#R$RR?R.RCtextendt
get_targettallR(	Rtslack_user_namettextt
loaded_groupsRRRStpermitted_grouptuse_cmdlinettarget((Rs6/usr/lib/python2.7/site-packages/salt/engines/slack.pytcontrol_message_target~s &.
(cC@s�|jd�dkr$td��n|jdd�pQ|jdi�jdd�}ytjd|�Wn#tk
r�}tjd|�nXtjj	j
|�}tjjj|�}|s�t
d��n|S(	us
        Raises ValueError if a value doesn't work out, and TypeError if
        this isn't a message type
        utypeumessageuThis is not a messageutextu
Message is %su5Got a message that I could not log. The reason is: %su_text has no valueN(R.t	TypeErrorR?R#R+tUnicodeEncodeErrorR*R	Rtjsontdumpstyamlt	safe_loadt
ValueError(Rtm_datat_texttuee((s6/usr/lib/python2.7/site-packages/salt/engines/slack.pytmessage_text�s0c#@sl�j����j�������fd�}xYdD]9}�jrPPq=tjd�jj|�tj|�q=Wt	dj
�j���x�trg�jj�}x�|D]�}y�j
|�}	Wn8ttfk
r}
tjd|
�i|d	6Vq�nX�jjjj|d
�}||�}|	j|�rL�j||�}
|jd�s�tjd|jd
��|jdj
|d|	��i|d	6Vq�n�j|d|	|
|�\}}}tjd||�|r$i|d	6|d
d
6|dd
6|dd6|d6|d6Vq�qT|jdj
|d|��|Vq�q�|Vq�q�Witd6Vq�WdS(u�
        slack_token = string
        trigger_string = string
        input_valid_users = set
        input_valid_commands = set

        When the trigger_string prefixes the message text, yields a dictionary
        of::

            {
                'message_data': m_data,
                'cmdline': cmdline_list, # this is a list
                'channel': channel,
                'user': m_data['user'],
                'slack_client': sc
            }

        else yields {'message_data': m_data} and the caller can handle that

        When encountering an error (e.g. invalid message), yields {}, the caller can proceed to the next message

        When the websocket being read from has given up all its messages, yields {'done': True} to
        indicate that the caller has read all of the relevant data for now, and should continue
        its own processing and check back for more data later.

        This relies on the caller sleeping between checks, otherwise this could flood
        c@swd|kr�d|krFd|dkrFtjd�|dd}q�d|kr�d|dkr�tjd�|dd}q�n|jd�}|jd�}|jd�r�d}n�j|�}i|d	6|d
6�j|�d6|d6}|ds3�j��j�j����j|�|d<n|dss�j��j�j����j|�|d<n|S(
u0Always try to return the user and channel anywayuuserumessageu@Message was edited, so we look for user in the original message.ucommentu6Comment was added, so we look for user in the comment.uchanneluDuprivate chatumessage_datauuser_idu	user_nameuchannel_name(R#R$R.RZtclearR-RR!(Rntuser_idt
channel_idtchannel_nametdata(tall_slack_channelstall_slack_usersRR(s6/usr/lib/python2.7/site-packages/salt/engines/slack.pyt	just_data�s4

	




ii
ii<u4Slack connection is invalid. Server: %s, sleeping %su3Connection to slack is still invalid, giving up: {}u3Got an error from trying to get the message text %sumessage_datauchannelu	user_nameuCThe user %s can not be looked up via slack. What has happened here?uuseru;The user {} can not be looked up via slack.  Not running {}uuser_iduGot target: %s, cmdline: %sucmdlineutargetu&{0} is not allowed to use command {1}.udoneN(ii
ii<(RR!RR#R*RtserverttimetsleeptUserWarningtformatRtrtm_readRqRmRgR$R tfindRZR7R.terrortsend_messageRf(RRRRRFR1RytsleepsRARntmsg_texttmsg_errtchannelRvRbtallowedReRS((RwRxRRs6/usr/lib/python2.7/site-packages/salt/engines/slack.pytgenerate_triggered_messages�sb$
		
	c	@sidd6dd6���fd�}x�||fD]�}|j|�\}}d|kr3tjd|�d|kr�tjd|�i|dd6|dd6Si|dd6dd6Sq3WxG||fD]9}||d�}tjd	|�|jd�r�|Sq�W�S(
u�
        When we are permitted to run a command on a target, look to see
        what the default targeting is for that group, and for that specific
        command (if provided).

        It's possible for None or False to be the result of either, which means
        that it's expected that the caller provide a specific target.

        If no configured target is provided, the command line will be parsed
        for target=foo and tgt_type=bar

        Test for this::

            h = {'aliases': {}, 'commands': {'cmd.run', 'pillar.get'},
                'default_target': {'target': '*', 'tgt_type': 'glob'},
                'targets': {'pillar.get': {'target': 'you_momma', 'tgt_type': 'list'}},
                'users': {'dmangot', 'jmickle', 'pcn'}}
            f = {'aliases': {}, 'commands': {'cmd.run', 'pillar.get'},
                 'default_target': {}, 'targets': {},'users': {'dmangot', 'jmickle', 'pcn'}}

            g = {'aliases': {}, 'commands': {'cmd.run', 'pillar.get'},
                 'default_target': {'target': '*', 'tgt_type': 'glob'},
                 'targets': {}, 'users': {'dmangot', 'jmickle', 'pcn'}}

        Run each of them through ``get_configured_target(('foo', f), 'pillar.get')`` and confirm a valid target

        u*utargetuglobutgt_typec@s��\}}|jd�}|s*�}n|jd�r`|dj|�r`|d|}q`n|jd�s�tjd||�n|S(u_
            Validate cmd against the group to return the target, or a null target
            udefault_targetutargetsutargetu7Group %s is not configured to have a target for cmd %s.(R.R#R$(tcmdR5tgroup_configRe(tnull_targetRc(s6/usr/lib/python2.7/site-packages/salt/engines/slack.pytcheck_cmd_against_groupZs	utarget is in kwargs %s.utgt_type is in kwargs %s.iuthis cmdline has target %s.(tparse_args_and_kwargsR#R$R.(	RRcRSt
alias_cmdlineR�tthis_clt_tkwargstchecked((R�Rcs6/usr/lib/python2.7/site-packages/salt/engines/slack.pyR^;s cK@s�yvy#|tt|��jd�}Wnttfk
rEd}nXtjjd�t	j
|�D�d|dt�SWn9tk
r�}ddl
}tjd|j|��dSXdS(	u5
        Print out YAML using the block mode
        uoutcS@s#i|]\}}|d|�qS(ureturn((R[R\ty((s6/usr/lib/python2.7/site-packages/salt/engines/slack.pys
<dictcomp>�s	toutRiNu1Exception encountered when trying to serialize %su5Got an error trying to serialze/clean up the response(tnexttiterR.t
StopIterationR)R?R	toutputt
string_formatRt	iteritemsRt	ExceptiontpprintR#t	exceptiontpformat(RRvRR�t	outputtertexcR�((s6/usr/lib/python2.7/site-packages/salt/engines/slack.pytformat_return_textys#
	cC@s~g}i}t|�dkrtxS|dD]D}d|kr`|jdd�\}}|||<q)|j|�q)Wn||fS(uU
        cmdline: list

        returns tuple of: args (list), kwargs (dict)
        iu=(RLtsplitRP(RRSRJR�RRGtvalue((s6/usr/lib/python2.7/site-packages/salt/engines/slack.pyR��s
c	C@s�tjjt�}tjd�}|s9tjd�}ni}x�|D]�}|jjdj|�|�rF|jd|g�}|jdi�}|jdi�}itj	j
jtj	j
j|��d6|d6||<qFqFW|S(	uV
        Given a list of job_ids, return a dictionary of those job_ids that have
        completed and their results.

        Query the salt event bus via the jobs runner. jobs.list_job will show
        a job in progress, jobs.lookup_jid will return a job that has
        completed.

        returns a dictionary of job id: result
        u
ext_job_cacheumaster_job_cacheu
{}.get_jidu
jobs.list_jobuResultuFunctionudataufunction(
R	trunnertRunnerClientRR.R
t	returnersR~R�RRitloadsRj(	Rtoutstanding_jidsR�tsourcetresultstjidt
job_resultt
jid_resulttjid_function((s6/usr/lib/python2.7/site-packages/salt/engines/slack.pytget_jobs_from_runner�s
%ic	C@sti}xgtrotjd|�tj|�d}xo|D]g}tjd|j��|dkrrtjd�Pn|s�|d7}tjd�q9n|jd�r�tjd	�Pn|r
tjd
|�tjd||�|j	dj
||d
jd��|�n|r�t|�dkr�|jd�r�|jj
jj|d�}	|j|�}
tjd|
�|||
<|	jdj
|d|
��n|d7}q9Wtj�}|j|j��}tjdt|�tj�|�x�|D]y}
||
d}
||
d}|
r�tjd|
�||
}|jj
jj|d�}	|j|
|�}dj
|d|d|
|d�}|	j|�tj�}tjj|�jd�}dj
|�}|jjdd|	jd|d|�}tjd |�tjjjtjjj|��}d!|kr^|d!tkr^|djd"j
|d#��n||
=q�q�Wq	Wd$S(%u�
        Pull any pending messages from the message_generator, sending each
        one to either the event bus, the command_async or both, depending on
        the values of fire_all and command
        uSleeping for interval of %siu$Got a message from the generator: %si
u6Breaking in getting messages because count is exceedediuSkipping an empty message.udoneumsg is doneu&Firing message to the bus with tag: %su%s %su{0}/{1}umessage_datautypeucmdlineuchanneluSubmitted a job and got jid: %su%@{}'s job is submitted as salt jid {}u	user_nameu&Getting %s jobs status took %s secondsudataufunctionuret to send back is %su-@{}'s job `{}` (id: {}) (target: {}) returnedutargetu%Y%m%d%H%M%S%fusalt-results-{0}.yamlufiles.uploadR tfilenametcontentu Got back %s via the slack clientuoku
Error: {0}uerrorN( RR#ttraceR{R|RCR*R.R$RBR~RLRRzR R�trun_command_asyncR�R�R�tdatetimet
fromtimestamptstrftimetapi_calltidR	RRkRlRiRjR(Rtmessage_generatortfire_allR@tcontroltintervaltoutstandingtcountRAR�R�t
start_timet
job_statustresultRtthis_jobtreturn_textt
return_prefixttststR�trtresp((s6/usr/lib/python2.7/site-packages/salt/engines/slack.pytrun_commands_from_slack_async�sj	





,'
 #


		$!c
C@s�tjd�ttjjt�j�}|dd}|j|d�\}}d|kr{|j	dt
j|d��n|dd}|dd}tjd|�||krtjjt�}tjd	|�|j
|i|d
6|d6�}	|	d}
n�tjj�}tjd
||�tjd|||||�|jtj|�|d|d|dtj|��}
tjd|
�|
S(u�
        :type message_generator: generator of dict
        :param message_generator: Generates messages from slack that should be run

        :type fire_all: bool
        :param fire_all: Whether to also fire messages to the event bus

        :type tag: str
        :param tag: The tag to send to use to send to the event bus

        :type interval: int
        :param interval: time to wait between ending a loop and beginning the next

        u#Going to run a command asynchronousucmdlineiupillartpillarutargetutgt_typeutarget_type is: %su(Command %s will run via runner_functionsuargsukwargsujidu5Command %s will run via local.cmd_async, targeting %suRunning %s, %s, %s, %s, %stargtkwargttgt_typeuret from local.cmd_async is %s(R#R$tsortedR	R�tRunnerRt	functionsR�R-tasttliteral_evalR�tasynchronoustclienttLocalClientt	cmd_asyncRt	text_typeR+(RRAtrunner_functionsR�RJR�ReR�R�tjob_id_dicttjob_idtlocal((s6/usr/lib/python2.7/site-packages/salt/engines/slack.pyR�s(
  
6(t__name__t
__module__RRR!R7R'RBRIRYRfRqR�R^R�R�R�R�R�(((s6/usr/lib/python2.7/site-packages/salt/engines/slack.pyR�s"				7			$		,		{	>			 Du!usalt/engines/slackc	C@s�|s|jd�r@tjd�tjd�td��nyAtd|�}|j||||�}|j||||�Wn,t	k
r�t	dj
tj����nXdS(uF
    Listen to slack events and forward them to salt, new version
    uxoxbiu%Slack bot token not found, bailing...u%Slack Engine bot token not configuredRu{}N(
RZR{R|R#R�R}RR�R�R�R~t	tracebackt
format_exc(	RR�ttriggerRFR1R�R@R�R�((s6/usr/lib/python2.7/site-packages/salt/engines/slack.pytstart<s


((t__doc__t
__future__RRRR�R�R%tloggingR{RMR�t	getLoggerR�R#RRRtImportErrorRtsalt.clientR	tsalt.loadertsalt.miniontsalt.runnertsalt.utils.argstsalt.utils.eventtsalt.utils.httptsalt.utils.jsontsalt.utils.slacktsalt.utils.yamltsalt.outputtsalt.extRRRtobjectRR?R�(((s6/usr/lib/python2.7/site-packages/salt/engines/slack.pyt<module>�sJ


	���

Zerion Mini Shell 1.0