fejesd
diff --git a/‎src/alerts/alerts_service.py‎
Lines changed: 34 additions & 0 deletions b/‎src/alerts/alerts_service.py‎
Lines changed: 34 additions & 0 deletions
diff --git a/‎src/auth/authorization.py‎
Lines changed: 21 additions & 2 deletions b/‎src/auth/authorization.py‎
Lines changed: 21 additions & 2 deletions
diff --git a/‎src/auth/tornado_auth.py‎
Lines changed: 2 additions & 2 deletions b/‎src/auth/tornado_auth.py‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎src/execution/execution_service.py‎
Lines changed: 95 additions & 0 deletions b/‎src/execution/execution_service.py‎
Lines changed: 95 additions & 0 deletions
diff --git a/‎src/execution/executor.py‎
Lines changed: 5 additions & 4 deletions b/‎src/execution/executor.py‎
Lines changed: 5 additions & 4 deletions
diff --git a/‎src/execution/id_generator.py‎
Lines changed: 26 additions & 0 deletions b/‎src/execution/id_generator.py‎
Lines changed: 26 additions & 0 deletions
@@ -0,0 +1,34 @@
+import logging
+import threading
+
+LOGGER = logging.getLogger('script_server.alerts_service')
+
+
+class AlertsService:
+    def __init__(self, alerts_config):
+        if alerts_config:
+            self._destinations = alerts_config.get_destinations()
+        else:
+            self._destinations = []
+
+        self._running_threads = []
+
+    def send_alert(self, title, body, logs=None):
+        if not self._destinations:
+            return
+
+        def _send():
+            for destination in self._destinations:
+                try:
+                    destination.send(title, body, logs)
+                except:
+                    LOGGER.exception("Couldn't send alert to " + str(destination))
+
+        thread = threading.Thread(target=_send, name='AlertThread-' + title)
+        thread.start()
+
+    @staticmethod
+    def _wait():
+        for thread in threading.enumerate():
+            if thread.name.startswith('AlertThread-'):
+                thread.join()
@@ -1,12 +1,31 @@
-class ListBasedAuthorizer:
+ANY_USER = 'ANY_USER'
+
+
+class Authorizer:
+    def __init__(self, app_allowed_users, admin_users):
+        if ANY_USER in app_allowed_users:
+            self._app_auth_check = AnyUserAuthorizationCheck()
+        else:
+            self._app_auth_check = ListBasedAuthorizationCheck(app_allowed_users)
+
+        self._admin_users = admin_users
+
+    def is_allowed_in_app(self, username):
+        return self._app_auth_check.is_allowed(username)
+
+    def is_admin(self, username):
+        return username in self._admin_users
+
+
+class ListBasedAuthorizationCheck:
     def __init__(self, allowed_users) -> None:
         self.allowed_users = allowed_users
 
     def is_allowed(self, username):
         return username in self.allowed_users
 
 
-class AnyUserAuthorizer:
+class AnyUserAuthorizationCheck:
     @staticmethod
     def is_allowed(username):
         return True
@@ -31,7 +31,7 @@ def is_authorized(self, request_handler):
             return True
 
         username = self._get_current_user(request_handler)
-        return self.authorizer.is_allowed(username)
+        return self.authorizer.is_allowed_in_app(username)
 
     @staticmethod
     def _get_current_user(request_handler):
@@ -81,7 +81,7 @@ def authenticate(self, request_handler):
 
         LOGGER.info('Authenticated user ' + username)
 
-        if not self.authorizer.is_allowed(username):
+        if not self.authorizer.is_allowed_in_app(username):
             LOGGER.info('User ' + username + ' have no access')
             respond_error(request_handler, 403, 'Access is prohibited. Please contact system administrator')
             return
 
@@ -0,0 +1,95 @@
+import logging
+import time
+import uuid
+
+from alerts.alerts_service import AlertsService
+from execution.executor import ScriptExecutor
+from execution.logging import ExecutionLoggingService
+from react.observable import Observable
+from utils.date_utils import get_current_millis
+
+LOGGER = logging.getLogger('script_server.execution_service')
+
+
+class ExecutionService:
+    def __init__(self, execution_logging_service, alerts_service, id_generator):
+        self._execution_logging_service = execution_logging_service  # type: ExecutionLoggingService
+        self._alerts_service = alerts_service  # type: AlertsService
+        self._id_generator = id_generator
+
+        self._running_scripts = {}
+
+    def get_active_executor(self, execution_id):
+        return self._running_scripts.get(execution_id)
+
+    def start_script(self, config, values, audit_name):
+        script_name = config.name
+
+        executor = ScriptExecutor(config, values, audit_name)
+        execution_id = self._id_generator.next_id()
+
+        audit_command = executor.get_secure_command()
+        LOGGER.info('Calling script #%s: %s', execution_id, audit_command)
+
+        executor.start()
+        self._running_scripts[execution_id] = executor
+
+        secure_output_stream = executor.get_secure_output_stream()
+
+        self._execution_logging_service.start_logging(
+            execution_id, audit_name, script_name, audit_command, secure_output_stream, self)
+
+        self.subscribe_fail_alerter(
+            script_name,
+            self._alerts_service,
+            audit_name,
+            executor,
+            secure_output_stream)
+
+        return execution_id
+
+    def stop_script(self, execution_id):
+        if execution_id in self._running_scripts:
+            self._running_scripts[execution_id].stop()
+
+    def get_exit_code(self, execution_id):
+        executor = self._running_scripts.get(execution_id)  # type: ScriptExecutor
+        if executor is None:
+            return None
+
+        return executor.get_return_code()
+
+    def is_running(self, execution_id):
+        executor = self._running_scripts.get(execution_id)  # type: ScriptExecutor
+        if executor is None:
+            return False
+
+        return not executor.is_finished()
+
+    @staticmethod
+    def subscribe_fail_alerter(
+            script_name,
+            alerts_service,
+            audit_name,
+            executor: ScriptExecutor,
+            output_stream: Observable):
+
+        class Alerter(object):
+            def finished(self):
+                return_code = executor.get_return_code()
+
+                if return_code != 0:
+                    script = str(script_name)
+
+                    title = script + ' FAILED'
+                    body = 'The script "' + script + '", started by ' + audit_name + \
+                           ' exited with return code ' + str(return_code) + '.' + \
+                           ' Usually this means an error, occurred during the execution.' + \
+                           ' Please check the corresponding logs'
+
+                    output_stream.wait_close()
+                    script_output = ''.join(output_stream.get_old_data())
+
+                    alerts_service.send_alert(title, body, script_output)
+
+        executor.add_finish_listener(Alerter())
@@ -19,7 +19,7 @@ def __init__(self, config, parameter_values, audit_name):
         self.parameter_values = parameter_values
         self.audit_name = audit_name
 
-        self.working_directory = self.get_working_directory()
+        self.working_directory = self._get_working_directory()
         self.script_base_command = process_utils.split_command(
             self.config.get_script_command(),
             self.working_directory)
@@ -29,7 +29,7 @@ def __init__(self, config, parameter_values, audit_name):
         self.output_stream = None
         self.secure_output_stream = None
 
-    def get_working_directory(self):
+    def _get_working_directory(self):
         working_directory = self.config.get_working_directory()
         if working_directory is not None:
             working_directory = file_utils.normalize_path(working_directory)
@@ -70,8 +70,6 @@ def start(self, process_constructor=None):
         else:
             self.secure_output_stream = self.output_stream
 
-        return process_wrapper.get_process_id()
-
     def __init_secure_replacements(self):
         word_replacements = {}
         for parameter in self.config.parameters:
@@ -120,6 +118,9 @@ def get_unsecure_output_stream(self):
     def get_return_code(self):
         return self.process_wrapper.get_return_code()
 
+    def is_finished(self):
+        return self.process_wrapper.is_finished()
+
     def add_finish_listener(self, listener):
         self.process_wrapper.add_finish_listener(listener)
 
 
@@ -0,0 +1,26 @@
+import threading
+
+
+class IdGenerator:
+    def __init__(self, existing_ids):
+        self._next_id = self._calc_next_id(existing_ids)
+        self.lock = threading.Lock()
+
+    @staticmethod
+    def _calc_next_id(existing_ids):
+        max_id = 0
+        for existing_id in existing_ids:
+            try:
+                numeric_id = int(existing_id)
+                if numeric_id > max_id:
+                    max_id = numeric_id
+            except ValueError:
+                continue
+        return max_id + 1
+
+    def next_id(self):
+        with self.lock:
+            id = self._next_id
+            self._next_id += 1
+
+        return str(id)