nielsperetzke
/
healthchecks
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 32 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1437 Commits
2 Branches
15 MiB
Tree: b63f3bed8e
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'b63f3bed8e'
${ noResults }
healthchecks/hc/api/views.py

481 lines
14 KiB
Raw Normal View History

First stab at API, POST /api/v1/checks
9 years ago
Include timestamp in the metrics response.
5 years ago
Validate channel identifiers as UUIDs
6 years ago
Move timer call to api
9 years ago
Adding "Overall status" badge.
7 years ago
Lightweight 'server status' API endpoint, to be used by external load balancers
8 years ago
Source formatted with Black
6 years ago
Second interation of this
4 years ago
Source formatted with Black
6 years ago
Return 403 when API key is wrong. Return 404 when resource not found. Return 405 when request method is wrong. Return 400 when request syntax is wrong.
8 years ago
Initial commit
10 years ago
forwarded for and forwarded protocol
9 years ago
ping is csrf exempt.
9 years ago
Unsubscribe links serve a form, and require HTTP POST to actually unsubscribe
5 years ago
forwarded for and forwarded protocol
9 years ago
Add "Get a list of checks's logged pings" API call (#371)
4 years ago
First stab at API, POST /api/v1/checks
9 years ago
Add CORS support to API endpoints. Fixes #208
6 years ago
Simplify hc.api.views.flips, add validation and more tests.
4 years ago
Add "Get a list of checks's logged pings" API call (#371)
4 years ago
Badges
8 years ago
Initial commit
10 years ago
Don't let SuspiciousOperation bubble up when validating channel ids in API
5 years ago
ping is csrf exempt.
9 years ago
forwarded for and forwarded protocol
9 years ago
Add "/ping/<code>/start" API endpoint
6 years ago
Return 403 when API key is wrong. Return 404 when resource not found. Return 405 when request method is wrong. Return 400 when request syntax is wrong.
8 years ago
Initial commit
10 years ago
Keep a log of pings
9 years ago
forwarded for and forwarded protocol
9 years ago
Email listener: "./manage.py smtpd"
7 years ago
Preliminary Django 2 support
7 years ago
Email listener: "./manage.py smtpd"
7 years ago
"Filtering Rules" dialog, an option to require HTTP POST. Fixes #297
5 years ago
Add "/ping/<code>/start" API endpoint
6 years ago
Keep a log of pings
9 years ago
CORS header for ping call
9 years ago
Move timer call to api
9 years ago
Use the api keys from project, not user profile
6 years ago
API call for updating checks
8 years ago
Use the api keys from project, not user profile
6 years ago
API call for updating checks
8 years ago
Validate channel identifiers before creating/updating a check. Fixes #335
5 years ago
API call for updating checks
8 years ago
API support for cron syntax
8 years ago
being able to set/update the description of a check when creating/updating using the api
5 years ago
Paused ping handling can be controlled via API. Fixes #376
5 years ago
API support for cron syntax
8 years ago
API: fix updating kind=cron to kind=simple
8 years ago
API support for cron syntax
8 years ago
API: fix updating kind=cron to kind=simple
8 years ago
API support for cron syntax
8 years ago
API: update check's "alert_after" field when changing schedule
5 years ago
API support for cron syntax
8 years ago
Validate channel identifiers before creating/updating a check. Fixes #335
5 years ago
API support for cron syntax
8 years ago
API call for updating checks
8 years ago
API support for cron syntax
8 years ago
Add read-only API key support
6 years ago
Use the api keys from project, not user profile
6 years ago
Prefetch Channel objects, avoid running a query per check.
6 years ago
tags querystring param to filter checks by tags
7 years ago
Add read-only API key support
6 years ago
Ensure filter matches tag exactly
7 years ago
Add read-only API key support
6 years ago
Don't include ping URLs in API responses when the read-only key is used
5 years ago
Ensure filter matches tag exactly
7 years ago
Add read-only API key support
6 years ago
More data in API responses.
8 years ago
Pricing page tweaks. Limit free accounts to 20 checks per account.
8 years ago
Add read-only API key support
6 years ago
Use the api keys from project, not user profile
6 years ago
Add read-only API key support
6 years ago
Project.num_checks_available() method.
6 years ago
Add read-only API key support
6 years ago
API call for updating checks
8 years ago
Drop Check.user_id and Channel.user_id (obsolete, using project_id now)
6 years ago
Add read-only API key support
6 years ago
Don't let SuspiciousOperation bubble up when validating channel ids in API
5 years ago
Add read-only API key support
6 years ago
Add CORS support to API endpoints. Fixes #208
6 years ago
Add read-only API key support
6 years ago
Add CORS support to API endpoints. Fixes #208
6 years ago
Add read-only API key support
6 years ago
Move timer call to api
9 years ago
Add CORS support to API endpoints. Fixes #208
6 years ago
Badges
8 years ago
Add CORS support to API endpoints. Fixes #208
6 years ago
Add "Get a List of Existing Integrations" API call
6 years ago
Don't include ping URLs in API responses when the read-only key is used
5 years ago
Add "Get a List of Existing Integrations" API call
6 years ago
Use the api keys from project, not user profile
6 years ago
Add "Get a List of Existing Integrations" API call
6 years ago
Changes to prototype this for testing with real data
5 years ago
"Get a single check" API call now supports read-only API keys. Fixes #346
5 years ago
API, optimization: avoid retrieving project twice from the database
4 years ago
"Get a single check" API call now supports read-only API keys. Fixes #346
5 years ago
In urls.py, route "api/v1/checks/<sha1:unique_key>" directly to the hc.api.views.get_check_by_unique_key view. Minor API documentation edits.
4 years ago
Implementing new changes discussed to resolve #370
4 years ago
In urls.py, route "api/v1/checks/<sha1:unique_key>" directly to the hc.api.views.get_check_by_unique_key view. Minor API documentation edits.
4 years ago
Implementing new changes discussed to resolve #370
4 years ago
In urls.py, route "api/v1/checks/<sha1:unique_key>" directly to the hc.api.views.get_check_by_unique_key view. Minor API documentation edits.
4 years ago
Implementing new changes discussed to resolve #370
4 years ago
"Get a single check" API call now supports read-only API keys. Fixes #346
5 years ago
In urls.py, route "api/v1/checks/<sha1:unique_key>" directly to the hc.api.views.get_check_by_unique_key view. Minor API documentation edits.
4 years ago
"Get a single check" API call now supports read-only API keys. Fixes #346
5 years ago
Add read-only API key support
6 years ago
"Get a single check" API call now supports read-only API keys. Fixes #346
5 years ago
Return 403 when API key is wrong. Return 404 when resource not found. Return 405 when request method is wrong. Return 400 when request syntax is wrong.
8 years ago
API, optimization: avoid retrieving project twice from the database
4 years ago
Return 403 when API key is wrong. Return 404 when resource not found. Return 405 when request method is wrong. Return 400 when request syntax is wrong.
8 years ago
API call for updating checks
8 years ago
"Get a single check" API call now supports read-only API keys. Fixes #346
5 years ago
Don't let SuspiciousOperation bubble up when validating channel ids in API
5 years ago
API call for deleting checks.
7 years ago
"Get a single check" API call now supports read-only API keys. Fixes #346
5 years ago
API, optimization: avoid retrieving project twice from the database
4 years ago
"Get a single check" API call now supports read-only API keys. Fixes #346
5 years ago
API call for deleting checks.
7 years ago
"Get a single check" API call now supports read-only API keys. Fixes #346
5 years ago
Changes to prototype this for testing with real data
5 years ago
In urls.py, route "api/v1/checks/<sha1:unique_key>" directly to the hc.api.views.get_check_by_unique_key view. Minor API documentation edits.
4 years ago
API call for updating checks
8 years ago
Add CORS support to API endpoints. Fixes #208
6 years ago
API call for updating checks
8 years ago
Refactor API key checking code
6 years ago
Add read-only API key support
6 years ago
New feature: pause monitoring of an individual check. Fixes #67
8 years ago
Return 403 when API key is wrong. Return 404 when resource not found. Return 405 when request method is wrong. Return 400 when request syntax is wrong.
8 years ago
API, optimization: avoid retrieving project twice from the database
4 years ago
Return 403 when API key is wrong. Return 404 when resource not found. Return 405 when request method is wrong. Return 400 when request syntax is wrong.
8 years ago
New feature: pause monitoring of an individual check. Fixes #67
8 years ago
Add "/ping/<code>/start" API endpoint
6 years ago
Clear Check.alert_after when pausing a check.
6 years ago
New feature: pause monitoring of an individual check. Fixes #67
8 years ago
Add "Get a list of checks's logged pings" API call (#371)
4 years ago
Simplify hc.api.views.flips, add validation and more tests.
4 years ago
Commit with requested changes and tests
4 years ago
Second interation of this
4 years ago
Simplify hc.api.views.flips, add validation and more tests.
4 years ago
Returning all historical flips if no parameters are passed
4 years ago
Simplify hc.api.views.flips, add validation and more tests.
4 years ago
Returning all historical flips if no parameters are passed
4 years ago
Simplify hc.api.views.flips, add validation and more tests.
4 years ago
Returning all historical flips if no parameters are passed
4 years ago
Simplify hc.api.views.flips, add validation and more tests.
4 years ago
Returning all historical flips if no parameters are passed
4 years ago
Simplify hc.api.views.flips, add validation and more tests.
4 years ago
Second interation of this
4 years ago
Commit with requested changes and tests
4 years ago
Second interation of this
4 years ago
Simplify hc.api.views.flips, add validation and more tests.
4 years ago
Commit with requested changes and tests
4 years ago
Simplify hc.api.views.flips, add validation and more tests.
4 years ago
Commit with requested changes and tests
4 years ago
Simplify hc.api.views.flips, add validation and more tests.
4 years ago
Second interation of this
4 years ago
Commit with requested changes and tests
4 years ago
Second interation of this
4 years ago
Simplify hc.api.views.flips, add validation and more tests.
4 years ago
Second interation of this
4 years ago
Add "Get a list of checks's logged pings" API call (#371)
4 years ago
Simplify hc.api.views.flips, add validation and more tests.
4 years ago
Badges
8 years ago
Add CORS support to API endpoints. Fixes #208
6 years ago
Added support for Shields.io badges. cc: #304, #305
5 years ago
Use Project.badge_key in api.views.badge
6 years ago
Return 403 when API key is wrong. Return 404 when resource not found. Return 405 when request method is wrong. Return 400 when request syntax is wrong.
8 years ago
Badges
8 years ago
Added support for Shields.io badges. cc: #304, #305
5 years ago
Use Project.badge_key in api.views.badge
6 years ago
Adding "Overall status" badge.
7 years ago
Show check counts in JSON "badges". Fixes #251
6 years ago
Badges
8 years ago
Adding "Overall status" badge.
7 years ago
Badges
8 years ago
Show check counts in JSON "badges". Fixes #251
6 years ago
Refactor: change Check.get_status(with_started=...) default value from True to False (with_started=False is or will be useful in more places)
4 years ago
Badges
8 years ago
Merge Check.get_status() and Check.in_grace_period() into one. This avoids duplicate calls to Check.get_grace_start() in several places.
7 years ago
Show check counts in JSON "badges". Fixes #251
6 years ago
Badges
8 years ago
Added support for Shields.io badges. cc: #304, #305
5 years ago
Show check counts in JSON "badges". Fixes #251
6 years ago
Badges
8 years ago
Added support for Shields.io badges. cc: #304, #305
5 years ago
Source formatted with Black
6 years ago
Badges can now return either SVG or JSON
7 years ago
Adding "Overall status" badge.
7 years ago
Badges
8 years ago
"X-Bounce-Url" header in email messages. An API endpoint to handle bounce notifications. (#112)
8 years ago
No CSRF check for /bounce endpoint
8 years ago
Unsubscribe links serve a form, and require HTTP POST to actually unsubscribe
5 years ago
"X-Bounce-Url" header in email messages. An API endpoint to handle bounce notifications. (#112)
8 years ago
Return 403 when API key is wrong. Return 404 when resource not found. Return 405 when request method is wrong. Return 400 when request syntax is wrong.
8 years ago
"X-Bounce-Url" header in email messages. An API endpoint to handle bounce notifications. (#112)
8 years ago
Return 403 when API key is wrong. Return 404 when resource not found. Return 405 when request method is wrong. Return 400 when request syntax is wrong.
8 years ago
"X-Bounce-Url" header in email messages. An API endpoint to handle bounce notifications. (#112)
8 years ago
Preliminary Django 2 support
7 years ago
"X-Bounce-Url" header in email messages. An API endpoint to handle bounce notifications. (#112)
8 years ago
hc.api.views.bounce updates Channel.last_error
5 years ago
hc.api.views.bounce handles transient email bounces (logs error, does not disable the integration)
5 years ago
hc.api.views.bounce updates Channel.last_error
5 years ago
hc.api.views.bounce handles transient email bounces (logs error, does not disable the integration)
5 years ago
hc.api.views.bounce updates Channel.last_error
5 years ago
Disable channel (mark as email_verified=False) when email bounces.
7 years ago
"X-Bounce-Url" header in email messages. An API endpoint to handle bounce notifications. (#112)
8 years ago
Lightweight 'server status' API endpoint, to be used by external load balancers
8 years ago
Handle status callbacks from Twilio, show SMS delivery failures in the Integrations page.
4 years ago
Handle Twilio status callbacks for SMS, WhatsApp and phone call notifications.
4 years ago
Handle status callbacks from Twilio, show SMS delivery failures in the Integrations page.
4 years ago
Handle Twilio status callbacks for SMS, WhatsApp and phone call notifications.
4 years ago
Handle status callbacks from Twilio, show SMS delivery failures in the Integrations page.
4 years ago
Handle Twilio status callbacks for SMS, WhatsApp and phone call notifications.
4 years ago
Handle status callbacks from Twilio, show SMS delivery failures in the Integrations page.
4 years ago
Added /api/v1/metrics/ endpoint, useful for monitoring the service itself
5 years ago
Return max notification_id in metrics.
5 years ago
Added /api/v1/metrics/ endpoint, useful for monitoring the service itself
5 years ago
Lightweight 'server status' API endpoint, to be used by external load balancers
8 years ago
 
  1. from datetime import timedelta as td
  2. import time
  3. import uuid
  4. 

  5. from django.conf import settings
  6. from django.db import connection
  7. from django.http import (
  8.     HttpResponse,
  9.     HttpResponseForbidden,
  10.     HttpResponseNotFound,
  11.     HttpResponseBadRequest,
  12.     JsonResponse,
  13. )
  14. from django.shortcuts import get_object_or_404
  15. from django.utils import timezone
  16. from django.views.decorators.cache import never_cache
  17. from django.views.decorators.csrf import csrf_exempt
  18. from django.views.decorators.http import require_POST
  19. 

  20. from hc.accounts.models import Profile
  21. from hc.api import schemas
  22. from hc.api.decorators import authorize, authorize_read, cors, validate_json
  23. from hc.api.forms import FlipsFiltersForm
  24. from hc.api.models import MAX_DELTA, Flip, Channel, Check, Notification, Ping
  25. from hc.lib.badges import check_signature, get_badge_svg
  26. 

  27. 

  28. class BadChannelException(Exception):
  29.     pass
  30. 

  31. 

  32. @csrf_exempt
  33. @never_cache
  34. def ping(request, code, action="success"):
  35.     check = get_object_or_404(Check, code=code)
  36. 

  37.     headers = request.META
  38.     remote_addr = headers.get("HTTP_X_FORWARDED_FOR", headers["REMOTE_ADDR"])
  39.     remote_addr = remote_addr.split(",")[0]
  40.     scheme = headers.get("HTTP_X_FORWARDED_PROTO", "http")
  41.     method = headers["REQUEST_METHOD"]
  42.     ua = headers.get("HTTP_USER_AGENT", "")
  43.     body = request.body.decode()
  44. 

  45.     if check.methods == "POST" and method != "POST":
  46.         action = "ign"
  47. 

  48.     check.ping(remote_addr, scheme, method, ua, body, action)
  49. 

  50.     response = HttpResponse("OK")
  51.     response["Access-Control-Allow-Origin"] = "*"
  52.     return response
  53. 

  54. 

  55. def _lookup(project, spec):
  56.     unique_fields = spec.get("unique", [])
  57.     if unique_fields:
  58.         existing_checks = Check.objects.filter(project=project)
  59.         if "name" in unique_fields:
  60.             existing_checks = existing_checks.filter(name=spec.get("name"))
  61.         if "tags" in unique_fields:
  62.             existing_checks = existing_checks.filter(tags=spec.get("tags"))
  63.         if "timeout" in unique_fields:
  64.             timeout = td(seconds=spec["timeout"])
  65.             existing_checks = existing_checks.filter(timeout=timeout)
  66.         if "grace" in unique_fields:
  67.             grace = td(seconds=spec["grace"])
  68.             existing_checks = existing_checks.filter(grace=grace)
  69. 

  70.         return existing_checks.first()
  71. 

  72. 

  73. def _update(check, spec):
  74.     channels = set()
  75.     # First, validate the supplied channel codes
  76.     if "channels" in spec and spec["channels"] not in ("*", ""):
  77.         q = Channel.objects.filter(project=check.project)
  78.         for s in spec["channels"].split(","):
  79.             try:
  80.                 code = uuid.UUID(s)
  81.             except ValueError:
  82.                 raise BadChannelException("invalid channel identifier: %s" % s)
  83. 

  84.             try:
  85.                 channels.add(q.get(code=code))
  86.             except Channel.DoesNotExist:
  87.                 raise BadChannelException("invalid channel identifier: %s" % s)
  88. 

  89.     if "name" in spec:
  90.         check.name = spec["name"]
  91. 

  92.     if "tags" in spec:
  93.         check.tags = spec["tags"]
  94. 

  95.     if "desc" in spec:
  96.         check.desc = spec["desc"]
  97. 

  98.     if "manual_resume" in spec:
  99.         check.manual_resume = spec["manual_resume"]
  100. 

  101.     if "timeout" in spec and "schedule" not in spec:
  102.         check.kind = "simple"
  103.         check.timeout = td(seconds=spec["timeout"])
  104. 

  105.     if "grace" in spec:
  106.         check.grace = td(seconds=spec["grace"])
  107. 

  108.     if "schedule" in spec:
  109.         check.kind = "cron"
  110.         check.schedule = spec["schedule"]
  111.         if "tz" in spec:
  112.             check.tz = spec["tz"]
  113. 

  114.     check.alert_after = check.going_down_after()
  115.     check.save()
  116. 

  117.     # This needs to be done after saving the check, because of
  118.     # the M2M relation between checks and channels:
  119.     if spec.get("channels") == "*":
  120.         check.assign_all_channels()
  121.     elif spec.get("channels") == "":
  122.         check.channel_set.clear()
  123.     elif channels:
  124.         check.channel_set.set(channels)
  125. 

  126.     return check
  127. 

  128. 

  129. @validate_json()
  130. @authorize_read
  131. def get_checks(request):
  132.     q = Check.objects.filter(project=request.project)
  133.     q = q.prefetch_related("channel_set")
  134. 

  135.     tags = set(request.GET.getlist("tag"))
  136.     for tag in tags:
  137.         # approximate filtering by tags
  138.         q = q.filter(tags__contains=tag)
  139. 

  140.     checks = []
  141.     for check in q:
  142.         # precise, final filtering
  143.         if not tags or check.matches_tag_set(tags):
  144.             checks.append(check.to_dict(readonly=request.readonly))
  145. 

  146.     return JsonResponse({"checks": checks})
  147. 

  148. 

  149. @validate_json(schemas.check)
  150. @authorize
  151. def create_check(request):
  152.     created = False
  153.     check = _lookup(request.project, request.json)
  154.     if check is None:
  155.         if request.project.num_checks_available() <= 0:
  156.             return HttpResponseForbidden()
  157. 

  158.         check = Check(project=request.project)
  159.         created = True
  160. 

  161.     try:
  162.         _update(check, request.json)
  163.     except BadChannelException as e:
  164.         return JsonResponse({"error": str(e)}, status=400)
  165. 

  166.     return JsonResponse(check.to_dict(), status=201 if created else 200)
  167. 

  168. 

  169. @csrf_exempt
  170. @cors("GET", "POST")
  171. def checks(request):
  172.     if request.method == "POST":
  173.         return create_check(request)
  174. 

  175.     return get_checks(request)
  176. 

  177. 

  178. @cors("GET")
  179. @validate_json()
  180. @authorize
  181. def channels(request):
  182.     q = Channel.objects.filter(project=request.project)
  183.     channels = [ch.to_dict() for ch in q]
  184.     return JsonResponse({"channels": channels})
  185. 

  186. 

  187. @validate_json()
  188. @authorize_read
  189. def get_check(request, code):
  190.     check = get_object_or_404(Check, code=code)
  191.     if check.project_id != request.project.id:
  192.         return HttpResponseForbidden()
  193.     return JsonResponse(check.to_dict(readonly=request.readonly))
  194. 

  195. 

  196. @cors("GET")
  197. @csrf_exempt
  198. @validate_json()
  199. @authorize_read
  200. def get_check_by_unique_key(request, unique_key):
  201.     checks = Check.objects.filter(project=request.project.id)
  202.     for check in checks:
  203.         if check.unique_key == unique_key:
  204.             return JsonResponse(check.to_dict(readonly=request.readonly))
  205.     return HttpResponseNotFound()
  206. 

  207. 

  208. @validate_json(schemas.check)
  209. @authorize
  210. def update_check(request, code):
  211.     check = get_object_or_404(Check, code=code)
  212.     if check.project_id != request.project.id:
  213.         return HttpResponseForbidden()
  214. 

  215.     try:
  216.         _update(check, request.json)
  217.     except BadChannelException as e:
  218.         return JsonResponse({"error": str(e)}, status=400)
  219. 

  220.     return JsonResponse(check.to_dict())
  221. 

  222. 

  223. @validate_json()
  224. @authorize
  225. def delete_check(request, code):
  226.     check = get_object_or_404(Check, code=code)
  227.     if check.project_id != request.project.id:
  228.         return HttpResponseForbidden()
  229. 

  230.     response = check.to_dict()
  231.     check.delete()
  232.     return JsonResponse(response)
  233. 

  234. 

  235. @csrf_exempt
  236. @cors("POST", "DELETE", "GET")
  237. def single(request, code):
  238.     if request.method == "POST":
  239.         return update_check(request, code)
  240. 

  241.     if request.method == "DELETE":
  242.         return delete_check(request, code)
  243. 

  244.     return get_check(request, code)
  245. 

  246. 

  247. @cors("POST")
  248. @csrf_exempt
  249. @validate_json()
  250. @authorize
  251. def pause(request, code):
  252.     check = get_object_or_404(Check, code=code)
  253.     if check.project_id != request.project.id:
  254.         return HttpResponseForbidden()
  255. 

  256.     check.status = "paused"
  257.     check.last_start = None
  258.     check.alert_after = None
  259.     check.save()
  260.     return JsonResponse(check.to_dict())
  261. 

  262. 

  263. @cors("GET")
  264. @validate_json()
  265. @authorize
  266. def pings(request, code):
  267.     check = get_object_or_404(Check, code=code)
  268.     if check.project_id != request.project.id:
  269.         return HttpResponseForbidden()
  270. 

  271.     # Look up ping log limit from account's profile.
  272.     # There might be more pings in the database (depends on how pruning is handled)
  273.     # but we will not return more than the limit allows.
  274.     profile = Profile.objects.get(user__project=request.project)
  275.     limit = profile.ping_log_limit
  276. 

  277.     # Query in descending order so we're sure to get the most recent
  278.     # pings, regardless of the limit restriction
  279.     pings = Ping.objects.filter(owner=check).order_by("-id")[:limit]
  280. 

  281.     # Ascending order is more convenient for calculating duration, so use reverse()
  282.     prev, dicts = None, []
  283.     for ping in reversed(pings):
  284.         d = ping.to_dict()
  285.         if ping.kind != "start" and prev and prev.kind == "start":
  286.             delta = ping.created - prev.created
  287.             if delta < MAX_DELTA:
  288.                 d["duration"] = delta.total_seconds()
  289. 

  290.         dicts.insert(0, d)
  291.         prev = ping
  292. 

  293.     return JsonResponse({"pings": dicts})
  294. 

  295. 

  296. def flips(request, check):
  297.     if check.project_id != request.project.id:
  298.         return HttpResponseForbidden()
  299. 

  300.     form = FlipsFiltersForm(request.GET)
  301.     if not form.is_valid():
  302.         return HttpResponseBadRequest()
  303. 

  304.     flips = Flip.objects.filter(owner=check).order_by("-id")
  305. 

  306.     if form.cleaned_data["start"]:
  307.         flips = flips.filter(created__gte=form.cleaned_data["start"])
  308. 

  309.     if form.cleaned_data["end"]:
  310.         flips = flips.filter(created__lt=form.cleaned_data["end"])
  311. 

  312.     if form.cleaned_data["seconds"]:
  313.         threshold = timezone.now() - td(seconds=form.cleaned_data["seconds"])
  314.         flips = flips.filter(created__gte=threshold)
  315. 

  316.     return JsonResponse({"flips": [flip.to_dict() for flip in flips]})
  317. 

  318. 

  319. @cors("GET")
  320. @csrf_exempt
  321. @validate_json()
  322. @authorize_read
  323. def flips_by_uuid(request, code):
  324.     check = get_object_or_404(Check, code=code)
  325.     return flips(request, check)
  326. 

  327. 

  328. @cors("GET")
  329. @csrf_exempt
  330. @validate_json()
  331. @authorize_read
  332. def flips_by_unique_key(request, unique_key):
  333.     checks = Check.objects.filter(project=request.project.id)
  334.     for check in checks:
  335.         if check.unique_key == unique_key:
  336.             return flips(request, check)
  337.     return HttpResponseNotFound()
  338. 

  339. 

  340. @never_cache
  341. @cors("GET")
  342. def badge(request, badge_key, signature, tag, fmt="svg"):
  343.     if not check_signature(badge_key, tag, signature):
  344.         return HttpResponseNotFound()
  345. 

  346.     if fmt not in ("svg", "json", "shields"):
  347.         return HttpResponseNotFound()
  348. 

  349.     q = Check.objects.filter(project__badge_key=badge_key)
  350.     if tag != "*":
  351.         q = q.filter(tags__contains=tag)
  352.         label = tag
  353.     else:
  354.         label = settings.MASTER_BADGE_LABEL
  355. 

  356.     status, total, grace, down = "up", 0, 0, 0
  357.     for check in q:
  358.         if tag != "*" and tag not in check.tags_list():
  359.             continue
  360. 

  361.         total += 1
  362.         check_status = check.get_status()
  363. 

  364.         if check_status == "down":
  365.             down += 1
  366.             status = "down"
  367.             if fmt == "svg":
  368.                 # For SVG badges, we can leave the loop as soon as we
  369.                 # find the first "down"
  370.                 break
  371.         elif check_status == "grace":
  372.             grace += 1
  373.             if status == "up":
  374.                 status = "late"
  375. 

  376.     if fmt == "shields":
  377.         color = "success"
  378.         if status == "down":
  379.             color = "critical"
  380.         elif status == "late":
  381.             color = "important"
  382. 

  383.         return JsonResponse({"label": label, "message": status, "color": color})
  384. 

  385.     if fmt == "json":
  386.         return JsonResponse(
  387.             {"status": status, "total": total, "grace": grace, "down": down}
  388.         )
  389. 

  390.     svg = get_badge_svg(label, status)
  391.     return HttpResponse(svg, content_type="image/svg+xml")
  392. 

  393. 

  394. @csrf_exempt
  395. @require_POST
  396. def bounce(request, code):
  397.     notification = get_object_or_404(Notification, code=code)
  398. 

  399.     # If webhook is more than 10 minutes late, don't accept it:
  400.     td = timezone.now() - notification.created
  401.     if td.total_seconds() > 600:
  402.         return HttpResponseForbidden()
  403. 

  404.     notification.error = request.body.decode()[:200]
  405.     notification.save()
  406. 

  407.     notification.channel.last_error = notification.error
  408.     if request.GET.get("type") in (None, "Permanent"):
  409.         # For permanent bounces, mark the channel as not verified, so we
  410.         # will not try to deliver to it again.
  411.         notification.channel.email_verified = False
  412. 

  413.     notification.channel.save()
  414. 

  415.     return HttpResponse()
  416. 

  417. 

  418. @csrf_exempt
  419. @require_POST
  420. def notification_status(request, code):
  421.     """ Handle notification delivery status callbacks. """
  422. 

  423.     notification = get_object_or_404(Notification, code=code)
  424. 

  425.     # If webhook is more than 1 hour late, don't accept it:
  426.     td = timezone.now() - notification.created
  427.     if td.total_seconds() > 3600:
  428.         return HttpResponseForbidden()
  429. 

  430.     error, mark_not_verified = None, False
  431. 

  432.     # Look for "error" and "mark_not_verified" keys:
  433.     if request.POST.get("error"):
  434.         error = request.POST["error"][:200]
  435.         mark_not_verified = request.POST.get("mark_not_verified")
  436. 

  437.     # Handle "MessageStatus" key from Twilio
  438.     if request.POST.get("MessageStatus") in ("failed", "undelivered"):
  439.         status = request.POST["MessageStatus"]
  440.         error = f"Delivery failed (status={status})."
  441. 

  442.     # Handle "CallStatus" key from Twilio
  443.     if request.POST.get("CallStatus") == "failed":
  444.         error = f"Delivery failed (status=failed)."
  445. 

  446.     if error:
  447.         notification.error = error
  448.         notification.save(update_fields=["error"])
  449. 

  450.         channel_q = Channel.objects.filter(id=notification.channel_id)
  451.         channel_q.update(last_error=error)
  452.         if mark_not_verified:
  453.             channel_q.update(email_verified=False)
  454. 

  455.     return HttpResponse()
  456. 

  457. 

  458. def metrics(request):
  459.     if not settings.METRICS_KEY:
  460.         return HttpResponseForbidden()
  461. 

  462.     key = request.META.get("HTTP_X_METRICS_KEY")
  463.     if key != settings.METRICS_KEY:
  464.         return HttpResponseForbidden()
  465. 

  466.     doc = {
  467.         "ts": int(time.time()),
  468.         "max_ping_id": Ping.objects.values_list("id", flat=True).last(),
  469.         "max_notification_id": Notification.objects.values_list("id", flat=True).last(),
  470.         "num_unprocessed_flips": Flip.objects.filter(processed__isnull=True).count(),
  471.     }
  472. 

  473.     return JsonResponse(doc)
  474. 

  475. 

  476. def status(request):
  477.     with connection.cursor() as c:
  478.         c.execute("SELECT 1")
  479.         c.fetchone()
  480. 

  481.     return HttpResponse("OK")