nielsperetzke
/
healthchecks
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 32 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1335 Commits
2 Branches
15 MiB
Tree: 3730c67c80
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '3730c67c80'
${ noResults }
healthchecks/hc/api/views.py

347 lines
9.5 KiB
Raw Normal View History

First stab at API, POST /api/v1/checks
9 years ago
Include timestamp in the metrics response.
5 years ago
Validate channel identifiers as UUIDs
6 years ago
Move timer call to api
9 years ago
Adding "Overall status" badge.
7 years ago
Lightweight 'server status' API endpoint, to be used by external load balancers
8 years ago
Source formatted with Black
6 years ago
Return 403 when API key is wrong. Return 404 when resource not found. Return 405 when request method is wrong. Return 400 when request syntax is wrong.
8 years ago
Initial commit
10 years ago
forwarded for and forwarded protocol
9 years ago
ping is csrf exempt.
9 years ago
Unsubscribe links serve a form, and require HTTP POST to actually unsubscribe
5 years ago
forwarded for and forwarded protocol
9 years ago
First stab at API, POST /api/v1/checks
9 years ago
Add CORS support to API endpoints. Fixes #208
6 years ago
Added /api/v1/metrics/ endpoint, useful for monitoring the service itself
5 years ago
Badges
8 years ago
Initial commit
10 years ago
Don't let SuspiciousOperation bubble up when validating channel ids in API
5 years ago
ping is csrf exempt.
9 years ago
forwarded for and forwarded protocol
9 years ago
Add "/ping/<code>/start" API endpoint
6 years ago
Return 403 when API key is wrong. Return 404 when resource not found. Return 405 when request method is wrong. Return 400 when request syntax is wrong.
8 years ago
Initial commit
10 years ago
Keep a log of pings
9 years ago
forwarded for and forwarded protocol
9 years ago
Email listener: "./manage.py smtpd"
7 years ago
Preliminary Django 2 support
7 years ago
Email listener: "./manage.py smtpd"
7 years ago
"Filtering Rules" dialog, an option to require HTTP POST. Fixes #297
5 years ago
Add "/ping/<code>/start" API endpoint
6 years ago
Keep a log of pings
9 years ago
CORS header for ping call
9 years ago
Move timer call to api
9 years ago
Use the api keys from project, not user profile
6 years ago
API call for updating checks
8 years ago
Use the api keys from project, not user profile
6 years ago
API call for updating checks
8 years ago
Validate channel identifiers before creating/updating a check. Fixes #335
5 years ago
API call for updating checks
8 years ago
API support for cron syntax
8 years ago
being able to set/update the description of a check when creating/updating using the api
5 years ago
API support for cron syntax
8 years ago
API: fix updating kind=cron to kind=simple
8 years ago
API support for cron syntax
8 years ago
API: fix updating kind=cron to kind=simple
8 years ago
API support for cron syntax
8 years ago
API: update check's "alert_after" field when changing schedule
5 years ago
API support for cron syntax
8 years ago
Validate channel identifiers before creating/updating a check. Fixes #335
5 years ago
API support for cron syntax
8 years ago
API call for updating checks
8 years ago
API support for cron syntax
8 years ago
Add read-only API key support
6 years ago
Use the api keys from project, not user profile
6 years ago
Prefetch Channel objects, avoid running a query per check.
6 years ago
tags querystring param to filter checks by tags
7 years ago
Add read-only API key support
6 years ago
Ensure filter matches tag exactly
7 years ago
Add read-only API key support
6 years ago
Don't include ping URLs in API responses when the read-only key is used
5 years ago
Ensure filter matches tag exactly
7 years ago
Add read-only API key support
6 years ago
More data in API responses.
8 years ago
Pricing page tweaks. Limit free accounts to 20 checks per account.
8 years ago
Add read-only API key support
6 years ago
Use the api keys from project, not user profile
6 years ago
Add read-only API key support
6 years ago
Project.num_checks_available() method.
6 years ago
Add read-only API key support
6 years ago
API call for updating checks
8 years ago
Drop Check.user_id and Channel.user_id (obsolete, using project_id now)
6 years ago
Add read-only API key support
6 years ago
Don't let SuspiciousOperation bubble up when validating channel ids in API
5 years ago
Add read-only API key support
6 years ago
Add CORS support to API endpoints. Fixes #208
6 years ago
Add read-only API key support
6 years ago
Add CORS support to API endpoints. Fixes #208
6 years ago
Add read-only API key support
6 years ago
Move timer call to api
9 years ago
Add CORS support to API endpoints. Fixes #208
6 years ago
Badges
8 years ago
Add CORS support to API endpoints. Fixes #208
6 years ago
Add "Get a List of Existing Integrations" API call
6 years ago
Don't include ping URLs in API responses when the read-only key is used
5 years ago
Add "Get a List of Existing Integrations" API call
6 years ago
Use the api keys from project, not user profile
6 years ago
Add "Get a List of Existing Integrations" API call
6 years ago
Changes to prototype this for testing with real data
5 years ago
"Get a single check" API call now supports read-only API keys. Fixes #346
5 years ago
Add read-only API key support
6 years ago
"Get a single check" API call now supports read-only API keys. Fixes #346
5 years ago
Return 403 when API key is wrong. Return 404 when resource not found. Return 405 when request method is wrong. Return 400 when request syntax is wrong.
8 years ago
Use the api keys from project, not user profile
6 years ago
Return 403 when API key is wrong. Return 404 when resource not found. Return 405 when request method is wrong. Return 400 when request syntax is wrong.
8 years ago
API call for updating checks
8 years ago
"Get a single check" API call now supports read-only API keys. Fixes #346
5 years ago
Don't let SuspiciousOperation bubble up when validating channel ids in API
5 years ago
API call for deleting checks.
7 years ago
"Get a single check" API call now supports read-only API keys. Fixes #346
5 years ago
API call for deleting checks.
7 years ago
"Get a single check" API call now supports read-only API keys. Fixes #346
5 years ago
Changes to prototype this for testing with real data
5 years ago
"Get a single check" API call now supports read-only API keys. Fixes #346
5 years ago
API call for updating checks
8 years ago
Add CORS support to API endpoints. Fixes #208
6 years ago
API call for updating checks
8 years ago
Refactor API key checking code
6 years ago
Add read-only API key support
6 years ago
New feature: pause monitoring of an individual check. Fixes #67
8 years ago
Return 403 when API key is wrong. Return 404 when resource not found. Return 405 when request method is wrong. Return 400 when request syntax is wrong.
8 years ago
Use the api keys from project, not user profile
6 years ago
Return 403 when API key is wrong. Return 404 when resource not found. Return 405 when request method is wrong. Return 400 when request syntax is wrong.
8 years ago
New feature: pause monitoring of an individual check. Fixes #67
8 years ago
Add "/ping/<code>/start" API endpoint
6 years ago
Clear Check.alert_after when pausing a check.
6 years ago
New feature: pause monitoring of an individual check. Fixes #67
8 years ago
Badges
8 years ago
Add CORS support to API endpoints. Fixes #208
6 years ago
Added support for Shields.io badges. cc: #304, #305
5 years ago
Use Project.badge_key in api.views.badge
6 years ago
Return 403 when API key is wrong. Return 404 when resource not found. Return 405 when request method is wrong. Return 400 when request syntax is wrong.
8 years ago
Badges
8 years ago
Added support for Shields.io badges. cc: #304, #305
5 years ago
Use Project.badge_key in api.views.badge
6 years ago
Adding "Overall status" badge.
7 years ago
Show check counts in JSON "badges". Fixes #251
6 years ago
Badges
8 years ago
Adding "Overall status" badge.
7 years ago
Badges
8 years ago
Show check counts in JSON "badges". Fixes #251
6 years ago
Tag labels in "My Checks" page and SVG badges should ignore the "started" state.
6 years ago
Badges
8 years ago
Merge Check.get_status() and Check.in_grace_period() into one. This avoids duplicate calls to Check.get_grace_start() in several places.
7 years ago
Show check counts in JSON "badges". Fixes #251
6 years ago
Badges
8 years ago
Added support for Shields.io badges. cc: #304, #305
5 years ago
Show check counts in JSON "badges". Fixes #251
6 years ago
Badges
8 years ago
Added support for Shields.io badges. cc: #304, #305
5 years ago
Source formatted with Black
6 years ago
Badges can now return either SVG or JSON
7 years ago
Adding "Overall status" badge.
7 years ago
Badges
8 years ago
"X-Bounce-Url" header in email messages. An API endpoint to handle bounce notifications. (#112)
8 years ago
No CSRF check for /bounce endpoint
8 years ago
Unsubscribe links serve a form, and require HTTP POST to actually unsubscribe
5 years ago
"X-Bounce-Url" header in email messages. An API endpoint to handle bounce notifications. (#112)
8 years ago
Return 403 when API key is wrong. Return 404 when resource not found. Return 405 when request method is wrong. Return 400 when request syntax is wrong.
8 years ago
"X-Bounce-Url" header in email messages. An API endpoint to handle bounce notifications. (#112)
8 years ago
Return 403 when API key is wrong. Return 404 when resource not found. Return 405 when request method is wrong. Return 400 when request syntax is wrong.
8 years ago
"X-Bounce-Url" header in email messages. An API endpoint to handle bounce notifications. (#112)
8 years ago
Preliminary Django 2 support
7 years ago
"X-Bounce-Url" header in email messages. An API endpoint to handle bounce notifications. (#112)
8 years ago
hc.api.views.bounce updates Channel.last_error
5 years ago
hc.api.views.bounce handles transient email bounces (logs error, does not disable the integration)
5 years ago
hc.api.views.bounce updates Channel.last_error
5 years ago
hc.api.views.bounce handles transient email bounces (logs error, does not disable the integration)
5 years ago
hc.api.views.bounce updates Channel.last_error
5 years ago
Disable channel (mark as email_verified=False) when email bounces.
7 years ago
"X-Bounce-Url" header in email messages. An API endpoint to handle bounce notifications. (#112)
8 years ago
Lightweight 'server status' API endpoint, to be used by external load balancers
8 years ago
Added /api/v1/metrics/ endpoint, useful for monitoring the service itself
5 years ago
Return max notification_id in metrics.
5 years ago
Added /api/v1/metrics/ endpoint, useful for monitoring the service itself
5 years ago
Lightweight 'server status' API endpoint, to be used by external load balancers
8 years ago
 
  1. from datetime import timedelta as td
  2. import time
  3. import uuid
  4. 

  5. from django.conf import settings
  6. from django.db import connection
  7. from django.http import (
  8.     HttpResponse,
  9.     HttpResponseForbidden,
  10.     HttpResponseNotFound,
  11.     JsonResponse,
  12. )
  13. from django.shortcuts import get_object_or_404
  14. from django.utils import timezone
  15. from django.views.decorators.cache import never_cache
  16. from django.views.decorators.csrf import csrf_exempt
  17. from django.views.decorators.http import require_POST
  18. 

  19. from hc.api import schemas
  20. from hc.api.decorators import authorize, authorize_read, cors, validate_json
  21. from hc.api.models import Flip, Channel, Check, Notification, Ping
  22. from hc.lib.badges import check_signature, get_badge_svg
  23. 

  24. 

  25. class BadChannelException(Exception):
  26.     pass
  27. 

  28. 

  29. @csrf_exempt
  30. @never_cache
  31. def ping(request, code, action="success"):
  32.     check = get_object_or_404(Check, code=code)
  33. 

  34.     headers = request.META
  35.     remote_addr = headers.get("HTTP_X_FORWARDED_FOR", headers["REMOTE_ADDR"])
  36.     remote_addr = remote_addr.split(",")[0]
  37.     scheme = headers.get("HTTP_X_FORWARDED_PROTO", "http")
  38.     method = headers["REQUEST_METHOD"]
  39.     ua = headers.get("HTTP_USER_AGENT", "")
  40.     body = request.body.decode()
  41. 

  42.     if check.methods == "POST" and method != "POST":
  43.         action = "ign"
  44. 

  45.     check.ping(remote_addr, scheme, method, ua, body, action)
  46. 

  47.     response = HttpResponse("OK")
  48.     response["Access-Control-Allow-Origin"] = "*"
  49.     return response
  50. 

  51. 

  52. def _lookup(project, spec):
  53.     unique_fields = spec.get("unique", [])
  54.     if unique_fields:
  55.         existing_checks = Check.objects.filter(project=project)
  56.         if "name" in unique_fields:
  57.             existing_checks = existing_checks.filter(name=spec.get("name"))
  58.         if "tags" in unique_fields:
  59.             existing_checks = existing_checks.filter(tags=spec.get("tags"))
  60.         if "timeout" in unique_fields:
  61.             timeout = td(seconds=spec["timeout"])
  62.             existing_checks = existing_checks.filter(timeout=timeout)
  63.         if "grace" in unique_fields:
  64.             grace = td(seconds=spec["grace"])
  65.             existing_checks = existing_checks.filter(grace=grace)
  66. 

  67.         return existing_checks.first()
  68. 

  69. 

  70. def _update(check, spec):
  71.     channels = set()
  72.     # First, validate the supplied channel codes
  73.     if "channels" in spec and spec["channels"] not in ("*", ""):
  74.         q = Channel.objects.filter(project=check.project)
  75.         for s in spec["channels"].split(","):
  76.             try:
  77.                 code = uuid.UUID(s)
  78.             except ValueError:
  79.                 raise BadChannelException("invalid channel identifier: %s" % s)
  80. 

  81.             try:
  82.                 channels.add(q.get(code=code))
  83.             except Channel.DoesNotExist:
  84.                 raise BadChannelException("invalid channel identifier: %s" % s)
  85. 

  86.     if "name" in spec:
  87.         check.name = spec["name"]
  88. 

  89.     if "tags" in spec:
  90.         check.tags = spec["tags"]
  91. 

  92.     if "desc" in spec:
  93.         check.desc = spec["desc"]
  94. 

  95.     if "timeout" in spec and "schedule" not in spec:
  96.         check.kind = "simple"
  97.         check.timeout = td(seconds=spec["timeout"])
  98. 

  99.     if "grace" in spec:
  100.         check.grace = td(seconds=spec["grace"])
  101. 

  102.     if "schedule" in spec:
  103.         check.kind = "cron"
  104.         check.schedule = spec["schedule"]
  105.         if "tz" in spec:
  106.             check.tz = spec["tz"]
  107. 

  108.     check.alert_after = check.going_down_after()
  109.     check.save()
  110. 

  111.     # This needs to be done after saving the check, because of
  112.     # the M2M relation between checks and channels:
  113.     if spec.get("channels") == "*":
  114.         check.assign_all_channels()
  115.     elif spec.get("channels") == "":
  116.         check.channel_set.clear()
  117.     elif channels:
  118.         check.channel_set.set(channels)
  119. 

  120.     return check
  121. 

  122. 

  123. @validate_json()
  124. @authorize_read
  125. def get_checks(request):
  126.     q = Check.objects.filter(project=request.project)
  127.     q = q.prefetch_related("channel_set")
  128. 

  129.     tags = set(request.GET.getlist("tag"))
  130.     for tag in tags:
  131.         # approximate filtering by tags
  132.         q = q.filter(tags__contains=tag)
  133. 

  134.     checks = []
  135.     for check in q:
  136.         # precise, final filtering
  137.         if not tags or check.matches_tag_set(tags):
  138.             checks.append(check.to_dict(readonly=request.readonly))
  139. 

  140.     return JsonResponse({"checks": checks})
  141. 

  142. 

  143. @validate_json(schemas.check)
  144. @authorize
  145. def create_check(request):
  146.     created = False
  147.     check = _lookup(request.project, request.json)
  148.     if check is None:
  149.         if request.project.num_checks_available() <= 0:
  150.             return HttpResponseForbidden()
  151. 

  152.         check = Check(project=request.project)
  153.         created = True
  154. 

  155.     try:
  156.         _update(check, request.json)
  157.     except BadChannelException as e:
  158.         return JsonResponse({"error": str(e)}, status=400)
  159. 

  160.     return JsonResponse(check.to_dict(), status=201 if created else 200)
  161. 

  162. 

  163. @csrf_exempt
  164. @cors("GET", "POST")
  165. def checks(request):
  166.     if request.method == "POST":
  167.         return create_check(request)
  168. 

  169.     return get_checks(request)
  170. 

  171. 

  172. @cors("GET")
  173. @validate_json()
  174. @authorize
  175. def channels(request):
  176.     q = Channel.objects.filter(project=request.project)
  177.     channels = [ch.to_dict() for ch in q]
  178.     return JsonResponse({"channels": channels})
  179. 

  180. 

  181. @validate_json()
  182. @authorize_read
  183. def get_check(request, code):
  184.     check = get_object_or_404(Check, code=code)
  185.     if check.project != request.project:
  186.         return HttpResponseForbidden()
  187. 

  188.     return JsonResponse(check.to_dict(readonly=request.readonly))
  189. 

  190. 

  191. @validate_json(schemas.check)
  192. @authorize
  193. def update_check(request, code):
  194.     check = get_object_or_404(Check, code=code)
  195.     if check.project != request.project:
  196.         return HttpResponseForbidden()
  197. 

  198.     try:
  199.         _update(check, request.json)
  200.     except BadChannelException as e:
  201.         return JsonResponse({"error": str(e)}, status=400)
  202. 

  203.     return JsonResponse(check.to_dict())
  204. 

  205. 

  206. @validate_json()
  207. @authorize
  208. def delete_check(request, code):
  209.     check = get_object_or_404(Check, code=code)
  210.     if check.project != request.project:
  211.         return HttpResponseForbidden()
  212. 

  213.     response = check.to_dict()
  214.     check.delete()
  215.     return JsonResponse(response)
  216. 

  217. 

  218. @csrf_exempt
  219. @cors("POST", "DELETE", "GET")
  220. def single(request, code):
  221.     if request.method == "POST":
  222.         return update_check(request, code)
  223. 

  224.     if request.method == "DELETE":
  225.         return delete_check(request, code)
  226. 

  227.     return get_check(request, code)
  228. 

  229. 

  230. @cors("POST")
  231. @csrf_exempt
  232. @validate_json()
  233. @authorize
  234. def pause(request, code):
  235.     check = get_object_or_404(Check, code=code)
  236.     if check.project != request.project:
  237.         return HttpResponseForbidden()
  238. 

  239.     check.status = "paused"
  240.     check.last_start = None
  241.     check.alert_after = None
  242.     check.save()
  243.     return JsonResponse(check.to_dict())
  244. 

  245. 

  246. @never_cache
  247. @cors("GET")
  248. def badge(request, badge_key, signature, tag, fmt="svg"):
  249.     if not check_signature(badge_key, tag, signature):
  250.         return HttpResponseNotFound()
  251. 

  252.     if fmt not in ("svg", "json", "shields"):
  253.         return HttpResponseNotFound()
  254. 

  255.     q = Check.objects.filter(project__badge_key=badge_key)
  256.     if tag != "*":
  257.         q = q.filter(tags__contains=tag)
  258.         label = tag
  259.     else:
  260.         label = settings.MASTER_BADGE_LABEL
  261. 

  262.     status, total, grace, down = "up", 0, 0, 0
  263.     for check in q:
  264.         if tag != "*" and tag not in check.tags_list():
  265.             continue
  266. 

  267.         total += 1
  268.         check_status = check.get_status(with_started=False)
  269. 

  270.         if check_status == "down":
  271.             down += 1
  272.             status = "down"
  273.             if fmt == "svg":
  274.                 # For SVG badges, we can leave the loop as soon as we
  275.                 # find the first "down"
  276.                 break
  277.         elif check_status == "grace":
  278.             grace += 1
  279.             if status == "up":
  280.                 status = "late"
  281. 

  282.     if fmt == "shields":
  283.         color = "success"
  284.         if status == "down":
  285.             color = "critical"
  286.         elif status == "late":
  287.             color = "important"
  288. 

  289.         return JsonResponse({"label": label, "message": status, "color": color})
  290. 

  291.     if fmt == "json":
  292.         return JsonResponse(
  293.             {"status": status, "total": total, "grace": grace, "down": down}
  294.         )
  295. 

  296.     svg = get_badge_svg(label, status)
  297.     return HttpResponse(svg, content_type="image/svg+xml")
  298. 

  299. 

  300. @csrf_exempt
  301. @require_POST
  302. def bounce(request, code):
  303.     notification = get_object_or_404(Notification, code=code)
  304. 

  305.     # If webhook is more than 10 minutes late, don't accept it:
  306.     td = timezone.now() - notification.created
  307.     if td.total_seconds() > 600:
  308.         return HttpResponseForbidden()
  309. 

  310.     notification.error = request.body.decode()[:200]
  311.     notification.save()
  312. 

  313.     notification.channel.last_error = notification.error
  314.     if request.GET.get("type") in (None, "Permanent"):
  315.         # For permanent bounces, mark the channel as not verified, so we
  316.         # will not try to deliver to it again.
  317.         notification.channel.email_verified = False
  318. 

  319.     notification.channel.save()
  320. 

  321.     return HttpResponse()
  322. 

  323. 

  324. def metrics(request):
  325.     if not settings.METRICS_KEY:
  326.         return HttpResponseForbidden()
  327. 

  328.     key = request.META.get("HTTP_X_METRICS_KEY")
  329.     if key != settings.METRICS_KEY:
  330.         return HttpResponseForbidden()
  331. 

  332.     doc = {
  333.         "ts": int(time.time()),
  334.         "max_ping_id": Ping.objects.values_list("id", flat=True).last(),
  335.         "max_notification_id": Notification.objects.values_list("id", flat=True).last(),
  336.         "num_unprocessed_flips": Flip.objects.filter(processed__isnull=True).count(),
  337.     }
  338. 

  339.     return JsonResponse(doc)
  340. 

  341. 

  342. def status(request):
  343.     with connection.cursor() as c:
  344.         c.execute("SELECT 1")
  345.         c.fetchone()
  346. 

  347.     return HttpResponse("OK")