nielsperetzke
/
healthchecks
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 32 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1188 Commits
2 Branches
15 MiB
Tree: 50280875cd
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '50280875cd'
${ noResults }
healthchecks/hc/api/views.py

291 lines
8.1 KiB
Raw Normal View History

First stab at API, POST /api/v1/checks
9 years ago
Validate channel identifiers as UUIDs
6 years ago
Move timer call to api
9 years ago
Adding "Overall status" badge.
7 years ago
Allow specific channel uuid to be specified in create/update check api
6 years ago
Lightweight 'server status' API endpoint, to be used by external load balancers
8 years ago
Source formatted with Black
6 years ago
Return 403 when API key is wrong. Return 404 when resource not found. Return 405 when request method is wrong. Return 400 when request syntax is wrong.
8 years ago
Initial commit
10 years ago
forwarded for and forwarded protocol
9 years ago
ping is csrf exempt.
9 years ago
Unsubscribe links serve a form, and require HTTP POST to actually unsubscribe
5 years ago
forwarded for and forwarded protocol
9 years ago
First stab at API, POST /api/v1/checks
9 years ago
Add CORS support to API endpoints. Fixes #208
6 years ago
Allow specific channel uuid to be specified in create/update check api
6 years ago
Badges
8 years ago
Initial commit
10 years ago
ping is csrf exempt.
9 years ago
forwarded for and forwarded protocol
9 years ago
Add "/ping/<code>/start" API endpoint
6 years ago
Return 403 when API key is wrong. Return 404 when resource not found. Return 405 when request method is wrong. Return 400 when request syntax is wrong.
8 years ago
Initial commit
10 years ago
Keep a log of pings
9 years ago
forwarded for and forwarded protocol
9 years ago
Email listener: "./manage.py smtpd"
7 years ago
Preliminary Django 2 support
7 years ago
Email listener: "./manage.py smtpd"
7 years ago
"Filtering Rules" dialog, an option to require HTTP POST. Fixes #297
5 years ago
Add "/ping/<code>/start" API endpoint
6 years ago
Keep a log of pings
9 years ago
CORS header for ping call
9 years ago
Move timer call to api
9 years ago
Use the api keys from project, not user profile
6 years ago
API call for updating checks
8 years ago
Use the api keys from project, not user profile
6 years ago
API call for updating checks
8 years ago
API support for cron syntax
8 years ago
being able to set/update the description of a check when creating/updating using the api
5 years ago
API support for cron syntax
8 years ago
API: fix updating kind=cron to kind=simple
8 years ago
API support for cron syntax
8 years ago
API: fix updating kind=cron to kind=simple
8 years ago
API support for cron syntax
8 years ago
API call for updating checks
8 years ago
Refactoring and a testcase for channels=None
6 years ago
API call for updating checks
8 years ago
Refactoring and a testcase for channels=None
6 years ago
Validate channel identifiers as UUIDs
6 years ago
Refactoring and a testcase for channels=None
6 years ago
API support for cron syntax
8 years ago
API call for updating checks
8 years ago
API support for cron syntax
8 years ago
Add read-only API key support
6 years ago
Use the api keys from project, not user profile
6 years ago
Prefetch Channel objects, avoid running a query per check.
6 years ago
tags querystring param to filter checks by tags
7 years ago
Add read-only API key support
6 years ago
Ensure filter matches tag exactly
7 years ago
Add read-only API key support
6 years ago
Don't include ping URLs in API responses when the read-only key is used
5 years ago
Ensure filter matches tag exactly
7 years ago
Add read-only API key support
6 years ago
More data in API responses.
8 years ago
Pricing page tweaks. Limit free accounts to 20 checks per account.
8 years ago
Add read-only API key support
6 years ago
Use the api keys from project, not user profile
6 years ago
Add read-only API key support
6 years ago
Project.num_checks_available() method.
6 years ago
Add read-only API key support
6 years ago
API call for updating checks
8 years ago
Drop Check.user_id and Channel.user_id (obsolete, using project_id now)
6 years ago
Add read-only API key support
6 years ago
Add CORS support to API endpoints. Fixes #208
6 years ago
Add read-only API key support
6 years ago
Add CORS support to API endpoints. Fixes #208
6 years ago
Add read-only API key support
6 years ago
Move timer call to api
9 years ago
Add CORS support to API endpoints. Fixes #208
6 years ago
Badges
8 years ago
Add CORS support to API endpoints. Fixes #208
6 years ago
Add "Get a List of Existing Integrations" API call
6 years ago
Don't include ping URLs in API responses when the read-only key is used
5 years ago
Add "Get a List of Existing Integrations" API call
6 years ago
Use the api keys from project, not user profile
6 years ago
Add "Get a List of Existing Integrations" API call
6 years ago
New feature: pause monitoring of an individual check. Fixes #67
8 years ago
Add CORS support to API endpoints. Fixes #208
6 years ago
API call for updating checks
8 years ago
Add read-only API key support
6 years ago
API call for updating checks
8 years ago
Return 403 when API key is wrong. Return 404 when resource not found. Return 405 when request method is wrong. Return 400 when request syntax is wrong.
8 years ago
Use the api keys from project, not user profile
6 years ago
Return 403 when API key is wrong. Return 404 when resource not found. Return 405 when request method is wrong. Return 400 when request syntax is wrong.
8 years ago
API call for updating checks
8 years ago
API call for deleting checks.
7 years ago
API call for updating checks
8 years ago
Add CORS support to API endpoints. Fixes #208
6 years ago
API call for updating checks
8 years ago
Refactor API key checking code
6 years ago
Add read-only API key support
6 years ago
New feature: pause monitoring of an individual check. Fixes #67
8 years ago
Return 403 when API key is wrong. Return 404 when resource not found. Return 405 when request method is wrong. Return 400 when request syntax is wrong.
8 years ago
Use the api keys from project, not user profile
6 years ago
Return 403 when API key is wrong. Return 404 when resource not found. Return 405 when request method is wrong. Return 400 when request syntax is wrong.
8 years ago
New feature: pause monitoring of an individual check. Fixes #67
8 years ago
Add "/ping/<code>/start" API endpoint
6 years ago
Clear Check.alert_after when pausing a check.
6 years ago
New feature: pause monitoring of an individual check. Fixes #67
8 years ago
Badges
8 years ago
Add CORS support to API endpoints. Fixes #208
6 years ago
Added support for Shields.io badges. cc: #304, #305
5 years ago
Use Project.badge_key in api.views.badge
6 years ago
Return 403 when API key is wrong. Return 404 when resource not found. Return 405 when request method is wrong. Return 400 when request syntax is wrong.
8 years ago
Badges
8 years ago
Added support for Shields.io badges. cc: #304, #305
5 years ago
Use Project.badge_key in api.views.badge
6 years ago
Adding "Overall status" badge.
7 years ago
Show check counts in JSON "badges". Fixes #251
6 years ago
Badges
8 years ago
Adding "Overall status" badge.
7 years ago
Badges
8 years ago
Show check counts in JSON "badges". Fixes #251
6 years ago
Tag labels in "My Checks" page and SVG badges should ignore the "started" state.
6 years ago
Badges
8 years ago
Merge Check.get_status() and Check.in_grace_period() into one. This avoids duplicate calls to Check.get_grace_start() in several places.
7 years ago
Show check counts in JSON "badges". Fixes #251
6 years ago
Badges
8 years ago
Added support for Shields.io badges. cc: #304, #305
5 years ago
Show check counts in JSON "badges". Fixes #251
6 years ago
Badges
8 years ago
Added support for Shields.io badges. cc: #304, #305
5 years ago
Source formatted with Black
6 years ago
Badges can now return either SVG or JSON
7 years ago
Adding "Overall status" badge.
7 years ago
Badges
8 years ago
"X-Bounce-Url" header in email messages. An API endpoint to handle bounce notifications. (#112)
8 years ago
No CSRF check for /bounce endpoint
8 years ago
Unsubscribe links serve a form, and require HTTP POST to actually unsubscribe
5 years ago
"X-Bounce-Url" header in email messages. An API endpoint to handle bounce notifications. (#112)
8 years ago
Return 403 when API key is wrong. Return 404 when resource not found. Return 405 when request method is wrong. Return 400 when request syntax is wrong.
8 years ago
"X-Bounce-Url" header in email messages. An API endpoint to handle bounce notifications. (#112)
8 years ago
Return 403 when API key is wrong. Return 404 when resource not found. Return 405 when request method is wrong. Return 400 when request syntax is wrong.
8 years ago
"X-Bounce-Url" header in email messages. An API endpoint to handle bounce notifications. (#112)
8 years ago
Preliminary Django 2 support
7 years ago
"X-Bounce-Url" header in email messages. An API endpoint to handle bounce notifications. (#112)
8 years ago
hc.api.views.bounce updates Channel.last_error
5 years ago
hc.api.views.bounce handles transient email bounces (logs error, does not disable the integration)
5 years ago
hc.api.views.bounce updates Channel.last_error
5 years ago
hc.api.views.bounce handles transient email bounces (logs error, does not disable the integration)
5 years ago
hc.api.views.bounce updates Channel.last_error
5 years ago
Disable channel (mark as email_verified=False) when email bounces.
7 years ago
"X-Bounce-Url" header in email messages. An API endpoint to handle bounce notifications. (#112)
8 years ago
Lightweight 'server status' API endpoint, to be used by external load balancers
8 years ago
 
  1. from datetime import timedelta as td
  2. import uuid
  3. 

  4. from django.conf import settings
  5. from django.core.exceptions import SuspiciousOperation
  6. from django.db import connection
  7. from django.http import (
  8.     HttpResponse,
  9.     HttpResponseForbidden,
  10.     HttpResponseNotFound,
  11.     JsonResponse,
  12. )
  13. from django.shortcuts import get_object_or_404
  14. from django.utils import timezone
  15. from django.views.decorators.cache import never_cache
  16. from django.views.decorators.csrf import csrf_exempt
  17. from django.views.decorators.http import require_POST
  18. 

  19. from hc.api import schemas
  20. from hc.api.decorators import authorize, authorize_read, cors, validate_json
  21. from hc.api.models import Check, Notification, Channel
  22. from hc.lib.badges import check_signature, get_badge_svg
  23. 

  24. 

  25. @csrf_exempt
  26. @never_cache
  27. def ping(request, code, action="success"):
  28.     check = get_object_or_404(Check, code=code)
  29. 

  30.     headers = request.META
  31.     remote_addr = headers.get("HTTP_X_FORWARDED_FOR", headers["REMOTE_ADDR"])
  32.     remote_addr = remote_addr.split(",")[0]
  33.     scheme = headers.get("HTTP_X_FORWARDED_PROTO", "http")
  34.     method = headers["REQUEST_METHOD"]
  35.     ua = headers.get("HTTP_USER_AGENT", "")
  36.     body = request.body.decode()
  37. 

  38.     if check.methods == "POST" and method != "POST":
  39.         action = "ign"
  40. 

  41.     check.ping(remote_addr, scheme, method, ua, body, action)
  42. 

  43.     response = HttpResponse("OK")
  44.     response["Access-Control-Allow-Origin"] = "*"
  45.     return response
  46. 

  47. 

  48. def _lookup(project, spec):
  49.     unique_fields = spec.get("unique", [])
  50.     if unique_fields:
  51.         existing_checks = Check.objects.filter(project=project)
  52.         if "name" in unique_fields:
  53.             existing_checks = existing_checks.filter(name=spec.get("name"))
  54.         if "tags" in unique_fields:
  55.             existing_checks = existing_checks.filter(tags=spec.get("tags"))
  56.         if "timeout" in unique_fields:
  57.             timeout = td(seconds=spec["timeout"])
  58.             existing_checks = existing_checks.filter(timeout=timeout)
  59.         if "grace" in unique_fields:
  60.             grace = td(seconds=spec["grace"])
  61.             existing_checks = existing_checks.filter(grace=grace)
  62. 

  63.         return existing_checks.first()
  64. 

  65. 

  66. def _update(check, spec):
  67.     if "name" in spec:
  68.         check.name = spec["name"]
  69. 

  70.     if "tags" in spec:
  71.         check.tags = spec["tags"]
  72. 

  73.     if "desc" in spec:
  74.         check.desc = spec["desc"]
  75. 

  76.     if "timeout" in spec and "schedule" not in spec:
  77.         check.kind = "simple"
  78.         check.timeout = td(seconds=spec["timeout"])
  79. 

  80.     if "grace" in spec:
  81.         check.grace = td(seconds=spec["grace"])
  82. 

  83.     if "schedule" in spec:
  84.         check.kind = "cron"
  85.         check.schedule = spec["schedule"]
  86.         if "tz" in spec:
  87.             check.tz = spec["tz"]
  88. 

  89.     check.save()
  90. 

  91.     # This needs to be done after saving the check, because of
  92.     # the M2M relation between checks and channels:
  93.     if "channels" in spec:
  94.         if spec["channels"] == "*":
  95.             check.assign_all_channels()
  96.         elif spec["channels"] == "":
  97.             check.channel_set.clear()
  98.         else:
  99.             channels = []
  100.             for chunk in spec["channels"].split(","):
  101.                 try:
  102.                     chunk = uuid.UUID(chunk)
  103.                 except ValueError:
  104.                     raise SuspiciousOperation("Invalid channel identifier")
  105. 

  106.                 try:
  107.                     channel = Channel.objects.get(code=chunk)
  108.                     channels.append(channel)
  109.                 except Channel.DoesNotExist:
  110.                     raise SuspiciousOperation("Invalid channel identifier")
  111.             check.channel_set.set(channels)
  112. 

  113.     return check
  114. 

  115. 

  116. @validate_json()
  117. @authorize_read
  118. def get_checks(request):
  119.     q = Check.objects.filter(project=request.project)
  120.     q = q.prefetch_related("channel_set")
  121. 

  122.     tags = set(request.GET.getlist("tag"))
  123.     for tag in tags:
  124.         # approximate filtering by tags
  125.         q = q.filter(tags__contains=tag)
  126. 

  127.     checks = []
  128.     for check in q:
  129.         # precise, final filtering
  130.         if not tags or check.matches_tag_set(tags):
  131.             checks.append(check.to_dict(readonly=request.readonly))
  132. 

  133.     return JsonResponse({"checks": checks})
  134. 

  135. 

  136. @validate_json(schemas.check)
  137. @authorize
  138. def create_check(request):
  139.     created = False
  140.     check = _lookup(request.project, request.json)
  141.     if check is None:
  142.         if request.project.num_checks_available() <= 0:
  143.             return HttpResponseForbidden()
  144. 

  145.         check = Check(project=request.project)
  146.         created = True
  147. 

  148.     _update(check, request.json)
  149.     return JsonResponse(check.to_dict(), status=201 if created else 200)
  150. 

  151. 

  152. @csrf_exempt
  153. @cors("GET", "POST")
  154. def checks(request):
  155.     if request.method == "POST":
  156.         return create_check(request)
  157. 

  158.     return get_checks(request)
  159. 

  160. 

  161. @cors("GET")
  162. @validate_json()
  163. @authorize
  164. def channels(request):
  165.     q = Channel.objects.filter(project=request.project)
  166.     channels = [ch.to_dict() for ch in q]
  167.     return JsonResponse({"channels": channels})
  168. 

  169. 

  170. @csrf_exempt
  171. @cors("POST", "DELETE")
  172. @validate_json(schemas.check)
  173. @authorize
  174. def update(request, code):
  175.     check = get_object_or_404(Check, code=code)
  176.     if check.project != request.project:
  177.         return HttpResponseForbidden()
  178. 

  179.     if request.method == "POST":
  180.         _update(check, request.json)
  181.         return JsonResponse(check.to_dict())
  182. 

  183.     elif request.method == "DELETE":
  184.         response = check.to_dict()
  185.         check.delete()
  186.         return JsonResponse(response)
  187. 

  188.     # Otherwise, method not allowed
  189.     return HttpResponse(status=405)
  190. 

  191. 

  192. @cors("POST")
  193. @csrf_exempt
  194. @validate_json()
  195. @authorize
  196. def pause(request, code):
  197.     check = get_object_or_404(Check, code=code)
  198.     if check.project != request.project:
  199.         return HttpResponseForbidden()
  200. 

  201.     check.status = "paused"
  202.     check.last_start = None
  203.     check.alert_after = None
  204.     check.save()
  205.     return JsonResponse(check.to_dict())
  206. 

  207. 

  208. @never_cache
  209. @cors("GET")
  210. def badge(request, badge_key, signature, tag, fmt="svg"):
  211.     if not check_signature(badge_key, tag, signature):
  212.         return HttpResponseNotFound()
  213. 

  214.     if fmt not in ("svg", "json", "shields"):
  215.         return HttpResponseNotFound()
  216. 

  217.     q = Check.objects.filter(project__badge_key=badge_key)
  218.     if tag != "*":
  219.         q = q.filter(tags__contains=tag)
  220.         label = tag
  221.     else:
  222.         label = settings.MASTER_BADGE_LABEL
  223. 

  224.     status, total, grace, down = "up", 0, 0, 0
  225.     for check in q:
  226.         if tag != "*" and tag not in check.tags_list():
  227.             continue
  228. 

  229.         total += 1
  230.         check_status = check.get_status(with_started=False)
  231. 

  232.         if check_status == "down":
  233.             down += 1
  234.             status = "down"
  235.             if fmt == "svg":
  236.                 # For SVG badges, we can leave the loop as soon as we
  237.                 # find the first "down"
  238.                 break
  239.         elif check_status == "grace":
  240.             grace += 1
  241.             if status == "up":
  242.                 status = "late"
  243. 

  244.     if fmt == "shields":
  245.         color = "success"
  246.         if status == "down":
  247.             color = "critical"
  248.         elif status == "late":
  249.             color = "important"
  250. 

  251.         return JsonResponse({"label": label, "message": status, "color": color})
  252. 

  253.     if fmt == "json":
  254.         return JsonResponse(
  255.             {"status": status, "total": total, "grace": grace, "down": down}
  256.         )
  257. 

  258.     svg = get_badge_svg(label, status)
  259.     return HttpResponse(svg, content_type="image/svg+xml")
  260. 

  261. 

  262. @csrf_exempt
  263. @require_POST
  264. def bounce(request, code):
  265.     notification = get_object_or_404(Notification, code=code)
  266. 

  267.     # If webhook is more than 10 minutes late, don't accept it:
  268.     td = timezone.now() - notification.created
  269.     if td.total_seconds() > 600:
  270.         return HttpResponseForbidden()
  271. 

  272.     notification.error = request.body.decode()[:200]
  273.     notification.save()
  274. 

  275.     notification.channel.last_error = notification.error
  276.     if request.GET.get("type") in (None, "Permanent"):
  277.         # For permanent bounces, mark the channel as not verified, so we
  278.         # will not try to deliver to it again.
  279.         notification.channel.email_verified = False
  280. 

  281.     notification.channel.save()
  282. 

  283.     return HttpResponse()
  284. 

  285. 

  286. def status(request):
  287.     with connection.cursor() as c:
  288.         c.execute("SELECT 1")
  289.         c.fetchone()
  290. 

  291.     return HttpResponse("OK")