Merge User Booking API Rev 1 (Try 3)

Signed-off-by: Sawyer Bergeron <sbergeron@iol.unh.edu>
Change-Id: Ie1eee0a59929f8da39f16bb6bc17ae3de4f1cba9
Signed-off-by: Sawyer Bergeron <sbergeron@iol.unh.edu>

9 files changed, 453 insertions, 8 deletions

diff --git a/src/api/admin.py b/src/api/admin.py
index 8b2fcb3..1e243a0 100644
--- a/src/api/admin.py
+++ b/src/api/admin.py
@@ -22,6 +22,7 @@ from api.models import (
     SoftwareRelation,
     HostHardwareRelation,
     HostNetworkRelation,
+    APILog
 )
 
 
@@ -39,3 +40,4 @@ admin.site.register(AccessRelation)
 admin.site.register(SoftwareRelation)
 admin.site.register(HostHardwareRelation)
 admin.site.register(HostNetworkRelation)
+admin.site.register(APILog)
diff --git a/src/api/migrations/0017_apilog.py b/src/api/migrations/0017_apilog.py
new file mode 100644
index 0000000..d209aef
--- /dev/null
+++ b/src/api/migrations/0017_apilog.py
@@ -0,0 +1,27 @@
+# Generated by Django 2.2 on 2021-03-19 20:45
+
+from django.conf import settings
+import django.contrib.postgres.fields.jsonb
+from django.db import migrations, models
+import django.db.models.deletion
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
+        ('api', '0016_auto_20201109_2149'),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='APILog',
+            fields=[
+                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('call_time', models.DateTimeField(auto_now=True)),
+                ('endpoint', models.CharField(max_length=300)),
+                ('body', django.contrib.postgres.fields.jsonb.JSONField()),
+                ('user', models.ForeignKey(on_delete=django.db.models.deletion.PROTECT, to=settings.AUTH_USER_MODEL)),
+            ],
+        ),
+    ]
diff --git a/src/api/migrations/0018_apilog_ip_addr.py b/src/api/migrations/0018_apilog_ip_addr.py
new file mode 100644
index 0000000..4b7ce39
--- /dev/null
+++ b/src/api/migrations/0018_apilog_ip_addr.py
@@ -0,0 +1,18 @@
+# Generated by Django 2.2 on 2021-03-22 18:12
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('api', '0017_apilog'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='apilog',
+            name='ip_addr',
+            field=models.GenericIPAddressField(null=True),
+        ),
+    ]
diff --git a/src/api/migrations/0019_auto_20210322_1823.py b/src/api/migrations/0019_auto_20210322_1823.py
new file mode 100644
index 0000000..b3c4cdf
--- /dev/null
+++ b/src/api/migrations/0019_auto_20210322_1823.py
@@ -0,0 +1,19 @@
+# Generated by Django 2.2 on 2021-03-22 18:23
+
+import django.contrib.postgres.fields.jsonb
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('api', '0018_apilog_ip_addr'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='apilog',
+            name='body',
+            field=django.contrib.postgres.fields.jsonb.JSONField(null=True),
+        ),
+    ]
diff --git a/src/api/migrations/0020_auto_20210322_2218.py b/src/api/migrations/0020_auto_20210322_2218.py
new file mode 100644
index 0000000..0252c79
--- /dev/null
+++ b/src/api/migrations/0020_auto_20210322_2218.py
@@ -0,0 +1,23 @@
+# Generated by Django 2.2 on 2021-03-22 22:18
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('api', '0019_auto_20210322_1823'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='apilog',
+            name='method',
+            field=models.CharField(max_length=4, null=True),
+        ),
+        migrations.AlterField(
+            model_name='apilog',
+            name='endpoint',
+            field=models.CharField(max_length=300, null=True),
+        ),
+    ]
diff --git a/src/api/migrations/0021_auto_20210405_1943.py b/src/api/migrations/0021_auto_20210405_1943.py
new file mode 100644
index 0000000..ca6e741
--- /dev/null
+++ b/src/api/migrations/0021_auto_20210405_1943.py
@@ -0,0 +1,18 @@
+# Generated by Django 2.2 on 2021-04-05 19:43
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('api', '0020_auto_20210322_2218'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='apilog',
+            name='method',
+            field=models.CharField(max_length=6, null=True),
+        ),
+    ]
diff --git a/src/api/models.py b/src/api/models.py
index d1bb692..d85f3e9 100644
--- a/src/api/models.py
+++ b/src/api/models.py
@@ -12,6 +12,7 @@ from django.contrib.auth.models import User
 from django.db import models
 from django.core.exceptions import PermissionDenied, ValidationError
 from django.shortcuts import get_object_or_404
+from django.contrib.postgres.fields import JSONField
 from django.http import HttpResponseNotFound
 from django.urls import reverse
 from django.utils import timezone
@@ -37,7 +38,7 @@ from account.models import Downtime, UserProfile
 from dashboard.utils import AbstractModelQuery
 
 
-class JobStatus(object):
+class JobStatus:
     """
     A poor man's enum for a job's status.
 
@@ -52,7 +53,7 @@ class JobStatus(object):
     ERROR = 300
 
 
-class LabManagerTracker(object):
+class LabManagerTracker:
 
     @classmethod
     def get(cls, lab_name, token):
@@ -72,7 +73,7 @@ class LabManagerTracker(object):
         raise PermissionDenied("Lab not authorized")
 
 
-class LabManager(object):
+class LabManager:
     """
     Handles all lab REST calls.
 
@@ -337,6 +338,96 @@ class LabManager(object):
         return profile_ser
 
 
+class APILog(models.Model):
+    user = models.ForeignKey(User, on_delete=models.PROTECT)
+    call_time = models.DateTimeField(auto_now=True)
+    method = models.CharField(null=True, max_length=6)
+    endpoint = models.CharField(null=True, max_length=300)
+    ip_addr = models.GenericIPAddressField(protocol="both", null=True, unpack_ipv4=False)
+    body = JSONField(null=True)
+
+    def __str__(self):
+        return "Call to {} at {} by {}".format(
+            self.endpoint,
+            self.call_time,
+            self.user.username
+        )
+
+
+class AutomationAPIManager:
+    @staticmethod
+    def serialize_booking(booking):
+        sbook = {}
+        sbook['id'] = booking.pk
+        sbook['owner'] = booking.owner.username
+        sbook['collaborators'] = [user.username for user in booking.collaborators.all()]
+        sbook['start'] = booking.start
+        sbook['end'] = booking.end
+        sbook['lab'] = AutomationAPIManager.serialize_lab(booking.lab)
+        sbook['purpose'] = booking.purpose
+        sbook['resourceBundle'] = AutomationAPIManager.serialize_bundle(booking.resource)
+        return sbook
+
+    @staticmethod
+    def serialize_lab(lab):
+        slab = {}
+        slab['id'] = lab.pk
+        slab['name'] = lab.name
+        return slab
+
+    @staticmethod
+    def serialize_bundle(bundle):
+        sbundle = {}
+        sbundle['id'] = bundle.pk
+        sbundle['resources'] = [
+            AutomationAPIManager.serialize_server(server)
+            for server in bundle.get_resources()]
+        return sbundle
+
+    @staticmethod
+    def serialize_server(server):
+        sserver = {}
+        sserver['id'] = server.pk
+        sserver['name'] = server.name
+        return sserver
+
+    @staticmethod
+    def serialize_resource_profile(profile):
+        sprofile = {}
+        sprofile['id'] = profile.pk
+        sprofile['name'] = profile.name
+        return sprofile
+
+    @staticmethod
+    def serialize_template(rec_temp_and_count):
+        template = rec_temp_and_count[0]
+        count = rec_temp_and_count[1]
+
+        stemplate = {}
+        stemplate['id'] = template.pk
+        stemplate['name'] = template.name
+        stemplate['count_available'] = count
+        stemplate['resourceProfiles'] = [
+            AutomationAPIManager.serialize_resource_profile(config.profile)
+            for config in template.getConfigs()
+        ]
+        return stemplate
+
+    @staticmethod
+    def serialize_image(image):
+        simage = {}
+        simage['id'] = image.pk
+        simage['name'] = image.name
+        return simage
+
+    @staticmethod
+    def serialize_userprofile(up):
+        sup = {}
+        sup['id'] = up.pk
+        sup['username'] = up.user.username
+        return sup
+
+
 class Job(models.Model):
     """
     A Job to be performed by the Lab.
diff --git a/src/api/urls.py b/src/api/urls.py
index bae86ea..52a6fc7 100644
--- a/src/api/urls.py
+++ b/src/api/urls.py
@@ -45,7 +45,15 @@ from api.views import (
     lab_users,
     lab_user,
     GenerateTokenView,
-    analytics_job
+    analytics_job,
+    user_bookings,
+    make_booking,
+    available_templates,
+    images_for_template,
+    specific_booking,
+    extend_booking,
+    all_users,
+    list_labs
 )
 
 urlpatterns = [
@@ -65,5 +73,17 @@ urlpatterns = [
     path('labs/<slug:lab_name>/jobs/getByType/DATA', analytics_job),
     path('labs/<slug:lab_name>/users', lab_users),
     path('labs/<slug:lab_name>/users/<int:user_id>', lab_user),
+
+    path('booking', user_bookings),
+    path('booking/<int:booking_id>', specific_booking),
+    path('booking/<int:booking_id>/extendBooking/<int:days>', extend_booking),
+    path('booking/makeBooking', make_booking),
+
+    path('resource_inventory/availableTemplates', available_templates),
+    path('resource_inventory/<int:template_id>/images', images_for_template),
+
+    path('users', all_users),
+    path('labs', list_labs),
+
     url(r'^token$', GenerateTokenView.as_view(), name='generate_token'),
 ]
diff --git a/src/api/views.py b/src/api/views.py
index 2e5f33f..c0da1bc 100644
--- a/src/api/views.py
+++ b/src/api/views.py
@@ -8,9 +8,14 @@
 # http://www.apache.org/licenses/LICENSE-2.0
 ##############################################################################
 
+import json
+import math
+import traceback
+import sys
+from datetime import timedelta
 
 from django.contrib.auth.decorators import login_required
-from django.shortcuts import redirect
+from django.shortcuts import redirect, get_object_or_404
 from django.utils.decorators import method_decorator
 from django.utils import timezone
 from django.views import View
@@ -23,12 +28,15 @@ from django.core.exceptions import ObjectDoesNotExist
 from api.serializers.booking_serializer import BookingSerializer
 from api.serializers.old_serializers import UserSerializer
 from api.forms import DowntimeForm
-from account.models import UserProfile
+from account.models import UserProfile, Lab
 from booking.models import Booking
-from api.models import LabManagerTracker, get_task
+from api.models import LabManagerTracker, AutomationAPIManager, get_task, APILog
 from notifier.manager import NotificationHandler
 from analytics.models import ActiveVPNUser
-import json
+from booking.quick_deployer import create_from_API
+from resource_inventory.models import ResourceTemplate
+from django.db.models import Q
+
 
 """
 API views.
@@ -234,3 +242,222 @@ def done_jobs(request, lab_name=""):
     lab_token = request.META.get('HTTP_AUTH_TOKEN')
     lab_manager = LabManagerTracker.get(lab_name, lab_token)
     return JsonResponse(lab_manager.get_done_jobs(), safe=False)
+
+
+def auth_and_log(request, endpoint):
+    """
+    Function to authenticate an API user and log info
+    in the API log model. This is to keep record of
+    all calls to the dashboard
+    """
+    user_token = request.META.get('HTTP_AUTH_TOKEN')
+    response = None
+
+    if user_token is None:
+        return HttpResponse('Unauthorized', status=401)
+
+    try:
+        token = Token.objects.get(key=user_token)
+    except Token.DoesNotExist:
+        token = None
+        response = HttpResponse('Unauthorized', status=401)
+
+    x_forwarded_for = request.META.get('HTTP_X_FORWARDED_FOR')
+    if x_forwarded_for:
+        ip = x_forwarded_for.split(',')[0]
+    else:
+        ip = request.META.get('REMOTE_ADDR')
+
+    body = None
+
+    if request.method in ['POST', 'PUT']:
+        try:
+            body = json.loads(request.body.decode('utf-8')),
+        except Exception:
+            response = HttpResponse('Invalid Request Body', status=400)
+
+    APILog.objects.create(
+        user=token.user,
+        call_time=timezone.now(),
+        method=request.method,
+        endpoint=endpoint,
+        body=body,
+        ip_addr=ip
+    )
+
+    if response:
+        return response
+    else:
+        return token
+
+
+"""
+Booking API Views
+"""
+
+
+def user_bookings(request):
+    token = auth_and_log(request, 'booking')
+
+    if isinstance(token, HttpResponse):
+        return token
+
+    bookings = Booking.objects.filter(owner=token.user, end__gte=timezone.now())
+    output = [AutomationAPIManager.serialize_booking(booking)
+              for booking in bookings]
+    return JsonResponse(output, safe=False)
+
+
+@csrf_exempt
+def specific_booking(request, booking_id=""):
+    token = auth_and_log(request, 'booking/{}'.format(booking_id))
+
+    if isinstance(token, HttpResponse):
+        return token
+
+    booking = get_object_or_404(Booking, pk=booking_id, owner=token.user)
+    if request.method == "GET":
+        sbooking = AutomationAPIManager.serialize_booking(booking)
+        return JsonResponse(sbooking, safe=False)
+
+    if request.method == "DELETE":
+
+        if booking.end < timezone.now():
+            return HttpResponse("Booking already over", status=400)
+
+        booking.end = timezone.now()
+        booking.save()
+        return HttpResponse("Booking successfully cancelled")
+
+
+@csrf_exempt
+def extend_booking(request, booking_id="", days=""):
+    token = auth_and_log(request, 'booking/{}/extendBooking/{}'.format(booking_id, days))
+
+    if isinstance(token, HttpResponse):
+        return token
+
+    booking = get_object_or_404(Booking, pk=booking_id, owner=token.user)
+
+    if booking.end < timezone.now():
+        return HttpResponse("This booking is already over, cannot extend")
+
+    if days > 30:
+        return HttpResponse("Cannot extend a booking longer than 30 days")
+
+    if booking.ext_count == 0:
+        return HttpResponse("Booking has already been extended 2 times, cannot extend again")
+
+    booking.end += timedelta(days=days)
+    booking.ext_count -= 1
+    booking.save()
+
+    return HttpResponse("Booking successfully extended")
+
+
+@csrf_exempt
+def make_booking(request):
+    token = auth_and_log(request, 'booking/makeBooking')
+
+    if isinstance(token, HttpResponse):
+        return token
+
+    try:
+        booking = create_from_API(request.body, token.user)
+
+    except Exception:
+        finalTrace = ''
+        exc_type, exc_value, exc_traceback = sys.exc_info()
+        for i in traceback.format_exception(exc_type, exc_value, exc_traceback):
+            finalTrace += '<br>' + i.strip()
+        return HttpResponse(finalTrace, status=400)
+
+    sbooking = AutomationAPIManager.serialize_booking(booking)
+    return JsonResponse(sbooking, safe=False)
+
+
+"""
+Resource Inventory API Views
+"""
+
+
+def available_templates(request):
+    token = auth_and_log(request, 'resource_inventory/availableTemplates')
+
+    if isinstance(token, HttpResponse):
+        return token
+
+    # get available templates
+    # mirrors MultipleSelectFilter Widget
+    avt = []
+    for lab in Lab.objects.all():
+        for template in ResourceTemplate.objects.filter(Q(owner=token.user) | Q(public=True), lab=lab, temporary=False):
+            available_resources = lab.get_available_resources()
+            required_resources = template.get_required_resources()
+            least_available = 100
+
+            for resource, count_required in required_resources.items():
+                try:
+                    curr_count = math.floor(available_resources[str(resource)] / count_required)
+                    if curr_count < least_available:
+                        least_available = curr_count
+                except KeyError:
+                    least_available = 0
+
+            if least_available > 0:
+                avt.append((template, least_available))
+
+    savt = [AutomationAPIManager.serialize_template(temp)
+            for temp in avt]
+
+    return JsonResponse(savt, safe=False)
+
+
+def images_for_template(request, template_id=""):
+    _ = auth_and_log(request, 'resource_inventory/{}/images'.format(template_id))
+
+    template = get_object_or_404(ResourceTemplate, pk=template_id)
+    images = [AutomationAPIManager.serialize_image(config.image)
+              for config in template.getConfigs()]
+    return JsonResponse(images, safe=False)
+
+
+"""
+User API Views
+"""
+
+
+def all_users(request):
+    token = auth_and_log(request, 'users')
+
+    if token is None:
+        return HttpResponse('Unauthorized', status=401)
+
+    users = [AutomationAPIManager.serialize_userprofile(up)
+             for up in UserProfile.objects.filter(public_user=True)]
+
+    return JsonResponse(users, safe=False)
+
+
+"""
+Lab API Views
+"""
+
+
+def list_labs(request):
+    lab_list = []
+    for lab in Lab.objects.all():
+        lab_info = {
+            'name': lab.name,
+            'username': lab.lab_user.username,
+            'status': lab.status,
+            'project': lab.project,
+            'description': lab.description,
+            'location': lab.location,
+            'info': lab.lab_info_link,
+            'email': lab.contact_email,
+            'phone': lab.contact_phone
+        }
+        lab_list.append(lab_info)
+
+    return JsonResponse(lab_list, safe=False)