Merge pull request #387 from EverythingMe/feature/api_key_auth

Record event when accessing query result from API

migrations/0001_allow_delete_query.py

@@ -1,16 +1,15 @@
-try:
-    from playhouse.migrate import Migrator
-except ImportError:
-    from playhouse.migrate import PostgresqlMigrator as Migrator
+from playhouse.migrate import PostgresqlMigrator, migrate
 
 from redash.models import db
 from redash import models
 
 if __name__ == '__main__':
     db.connect_db()
-    migrator = Migrator(db.database)
+    migrator = PostgresqlMigrator(db.database)
 
     with db.database.transaction():
-        migrator.add_column(models.Query, models.Query.is_archived, 'is_archived')
+        migrate(
+            migrator.add_column('queries', 'is_archived', models.Query.is_archived)
+        )
 
     db.close_db(None)

migrations/0004_allow_null_in_event_user.py

@@ -0,0 +1,12 @@
+from playhouse.migrate import PostgresqlMigrator, migrate
+
+from redash.models import db
+
+if __name__ == '__main__':
+    db.connect_db()
+    migrator = PostgresqlMigrator(db.database)
+
+    with db.database.transaction():
+        migrate(
+            migrator.drop_not_null('events', 'user_id')
+        )

rd_ui/app/scripts/controllers/admin_controllers.js

@@ -16,16 +16,9 @@
       $timeout(refresh, 59 * 1000);
     };
 
-    $scope.flowerUrl = featureFlags.flowerUrl;
-
     refresh();
   }
 
-  var AdminWorkersCtrl = function ($scope, $sce) {
-    $scope.flowerUrl = $sce.trustAsResourceUrl(featureFlags.flowerUrl);
-  };
-
   angular.module('redash.admin_controllers', [])
          .controller('AdminStatusCtrl', ['$scope', 'Events', '$http', '$timeout', AdminStatusCtrl])
-         .controller('AdminWorkersCtrl', ['$scope', '$sce', AdminWorkersCtrl])
 })();

rd_ui/app/scripts/controllers/query_view.js

@@ -33,6 +33,10 @@
       $scope.queryExecuting = lock;
     };
 
+    $scope.showApiKey = function() {
+      alert("API Key for this query:\n" + $scope.query.api_key);
+    };
+
     $scope.saveQuery = function(options, data) {
       if (data) {
         data.id = $scope.query.id;

rd_ui/app/views/admin_status.html

@@ -24,10 +24,6 @@
                     <span class="badge">{{manager.outdated_queries_count}}</span>
                     Outdated Queries Count
                 </li>
-
-                <li class="list-group-item" ng-if="flowerUrl">
-                    <a href="/admin/workers">Workers' Status</a>
-                </li>
             </ul>
             <ul class="list-group col-lg-4">
                 <li class="list-group-item active">Queues</li>

rd_ui/app/views/admin_workers.html

@@ -1,3 +0,0 @@
-<div class="container-fluid iframe-container">
-    <iframe src="{{flowerUrl}}" style="width:100%; height:100%; background-color:transparent;"></iframe>
-</div>

rd_ui/app/views/query.html

@@ -139,7 +139,11 @@
                    ng-show="!query.is_archived && query.id != undefined && (isQueryOwner || currentUser.hasPermission('admin'))">
                     <i class="fa fa-archive" title="Archive Query"></i>
                 </a>
-                
+
+                <button class="btn btn-default btn-sm" ng-show="query.id != undefined" ng-click="showApiKey()">
+                    <i class="fa fa-key" title="Show API Key"></i>
+                </button>
+
                 <div class="modal fade" id="archive-confirmation-modal" tabindex="-1" role="dialog" aria-labelledby="archiveConfirmationModal" aria-hidden="true">
                   <div class="modal-dialog">
                     <div class="modal-content">

redash/authentication.py

@@ -5,7 +5,7 @@ import time
 import logging
 
 from flask import request, make_response, redirect, url_for
-from flask.ext.login import LoginManager, login_user, current_user
+from flask.ext.login import LoginManager, login_user, current_user, logout_user
 
 from redash import models, settings, google_oauth
 
@@ -23,9 +23,38 @@ def sign(key, path, expires):
     return h.hexdigest()
 
 
-class HMACAuthentication(object):
-    @staticmethod
-    def api_key_authentication():
+class Authentication(object):
+    def verify_authentication(self):
+        return False
+
+    def required(self, fn):
+        @functools.wraps(fn)
+        def decorated(*args, **kwargs):
+            if current_user.is_authenticated() or self.verify_authentication():
+                return fn(*args, **kwargs)
+
+            return make_response(redirect(url_for("login", next=request.url)))
+
+        return decorated
+
+
+class ApiKeyAuthentication(Authentication):
+    def verify_authentication(self):
+        api_key = request.args.get('api_key')
+        query_id = request.view_args.get('query_id', None)
+
+        if query_id and api_key:
+            query = models.Query.get(models.Query.id == query_id)
+
+            if query.api_key and api_key == query.api_key:
+                login_user(models.ApiUser(query.api_key), remember=False)
+                return True
+
+        return False
+
+
+class HMACAuthentication(Authentication):
+    def verify_authentication(self):
         signature = request.args.get('signature')
         expires = float(request.args.get('expires') or 0)
         query_id = request.view_args.get('query_id', None)
@@ -41,22 +70,14 @@ class HMACAuthentication(object):
 
         return False
 
-    def required(self, fn):
-        @functools.wraps(fn)
-        def decorated(*args, **kwargs):
-            if current_user.is_authenticated():
-                return fn(*args, **kwargs)
-
-            if self.api_key_authentication():
-                return fn(*args, **kwargs)
-
-            return make_response(redirect(url_for("login", next=request.url)))
-
-        return decorated
-
 
 @login_manager.user_loader
 def load_user(user_id):
+    # If the user was previously logged in as api user, the user_id will be the api key and will raise an exception as
+    # it can't be casted to int.
+    if isinstance(user_id, basestring) and not user_id.isdigit():
+        return None
+
     return models.User.select().where(models.User.id == user_id).first()
 
 
@@ -66,4 +87,13 @@ def setup_authentication(app):
     app.secret_key = settings.COOKIE_SECRET
     app.register_blueprint(google_oauth.blueprint)
 
-    return HMACAuthentication()
+    if settings.AUTH_TYPE == 'hmac':
+        auth = HMACAuthentication()
+    elif settings.AUTH_TYPE == 'api_key':
+        auth = ApiKeyAuthentication()
+    else:
+        logger.warning("Unknown authentication type ({}). Using default (HMAC).".format(settings.AUTH_TYPE))
+        auth = HMACAuthentication()
+
+    return auth
+

redash/controllers.py

@@ -7,9 +7,8 @@ but this is only due to configuration issues and temporary.
 import csv
 import hashlib
 import json
-import numbers
 import cStringIO
-import datetime
+import time
 import logging
 
 from flask import render_template, send_from_directory, make_response, request, jsonify, redirect, \
@@ -53,8 +52,7 @@ def index(**kwargs):
     }
 
     features = {
-        'clientSideMetrics': settings.CLIENT_SIDE_METRICS,
-        'flowerUrl': settings.CELERY_FLOWER_URL
+        'clientSideMetrics': settings.CLIENT_SIDE_METRICS
     }
 
     return render_template("index.html", user=json.dumps(user), name=settings.NAME,
@@ -491,6 +489,24 @@ class QueryResultAPI(BaseResource):
             query_result = models.QueryResult.get_by_id(query_result_id)
 
         if query_result:
+            if isinstance(self.current_user, models.ApiUser):
+                event = {
+                    'user_id': None,
+                    'action': 'api_get',
+                    'timestamp': int(time.time()),
+                    'api_key': self.current_user.id,
+                    'file_type': filetype
+                }
+
+                if query_id:
+                    event['object_type'] = 'query'
+                    event['object_id'] = query_id
+                else:
+                    event['object_type'] = 'query_result'
+                    event['object_id'] = query_result_id
+
+                record_event.delay(event)
+
             if filetype == 'json':
                 data = json.dumps({'query_result': query_result.to_dict()}, cls=utils.JSONEncoder)
                 return make_response(data, 200, cache_headers)

redash/models.py

@@ -84,6 +84,9 @@ class ApiUser(UserMixin, PermissionsCheckMixin):
     def __init__(self, api_key):
         self.id = api_key
 
+    def __repr__(self):
+        return u"<ApiUser: {}>".format(self.id)
+
     @property
     def permissions(self):
         return ['view_query']
@@ -589,7 +592,7 @@ class Widget(BaseModel):
 
 
 class Event(BaseModel):
-    user = peewee.ForeignKeyField(User, related_name="events")
+    user = peewee.ForeignKeyField(User, related_name="events", null=True)
     action = peewee.CharField()
     object_type = peewee.CharField()
     object_id = peewee.CharField(null=True)

redash/settings.py

@@ -44,22 +44,20 @@ STATSD_HOST = os.environ.get('REDASH_STATSD_HOST', "127.0.0.1")
 STATSD_PORT = int(os.environ.get('REDASH_STATSD_PORT', "8125"))
 STATSD_PREFIX = os.environ.get('REDASH_STATSD_PREFIX', "redash")
 
-# The following is kept for backward compatability, and shouldn't be used any more.
-CONNECTION_ADAPTER = os.environ.get("REDASH_CONNECTION_ADAPTER", "pg")
-CONNECTION_STRING = os.environ.get("REDASH_CONNECTION_STRING", "user= password= host= port=5439 dbname=")
-
 # Connection settings for re:dash's own database (where we store the queries, results, etc)
 DATABASE_CONFIG = parse_db_url(os.environ.get("REDASH_DATABASE_URL", "postgresql://postgres"))
 
 # Celery related settings
 CELERY_BROKER = os.environ.get("REDASH_CELERY_BROKER", REDIS_URL)
 CELERY_BACKEND = os.environ.get("REDASH_CELERY_BACKEND", REDIS_URL)
-CELERY_FLOWER_URL = os.environ.get("REDASH_CELERY_FLOWER_URL", "/flower")
 
 # The following enables periodic job (every 5 minutes) of removing unused query results. Behind this "feature flag" until
 # proved to be "safe".
 QUERY_RESULTS_CLEANUP_ENABLED = parse_boolean(os.environ.get("REDASH_QUERY_RESULTS_CLEANUP_ENABLED", "false"))
 
+AUTH_TYPE = os.environ.get("REDASH_AUTH_TYPE", "hmac")
+PASSWORD_LOGIN_ENABLED = parse_boolean(os.environ.get("REDASH_PASSWORD_LOGIN_ENABLED", "true"))
+
 # Google Apps domain to allow access from; any user with email in this Google Apps will be allowed
 # access
 GOOGLE_APPS_DOMAIN = os.environ.get("REDASH_GOOGLE_APPS_DOMAIN", "")
@@ -68,9 +66,7 @@ GOOGLE_CLIENT_ID = os.environ.get("REDASH_GOOGLE_CLIENT_ID", "")
 GOOGLE_CLIENT_SECRET = os.environ.get("REDASH_GOOGLE_CLIENT_SECRET", "")
 GOOGLE_OAUTH_ENABLED = GOOGLE_CLIENT_ID and GOOGLE_CLIENT_SECRET
 
-PASSWORD_LOGIN_ENABLED = parse_boolean(os.environ.get("REDASH_PASSWORD_LOGIN_ENABLED", "true"))
 STATIC_ASSETS_PATH = fix_assets_path(os.environ.get("REDASH_STATIC_ASSETS_PATH", "../rd_ui/app/"))
-WORKERS_COUNT = int(os.environ.get("REDASH_WORKERS_COUNT", "2"))
 JOB_EXPIRY_TIME = int(os.environ.get("REDASH_JOB_EXPIRY_TIME", 3600*6))
 COOKIE_SECRET = os.environ.get("REDASH_COOKIE_SECRET", "c292a0a3aa32397cdb050e233733900f")
 LOG_LEVEL = os.environ.get("REDASH_LOG_LEVEL", "INFO")

tests/test_authentication.py

@@ -1,8 +1,45 @@
+from flask.ext.login import current_user
 from mock import patch
 from tests import BaseTestCase
 from redash import models
 from redash.google_oauth import create_and_login_user
-from tests.factories import user_factory
+from redash.authentication import ApiKeyAuthentication
+from tests.factories import user_factory, query_factory
+from redash.wsgi import app
+
+
+class TestApiKeyAuthentication(BaseTestCase):
+    #
+    # This is a bad way to write these tests, but the way Flask works doesn't make it easy to write them properly...
+    #
+    def setUp(self):
+        super(TestApiKeyAuthentication, self).setUp()
+        self.api_key = 10
+        self.query = query_factory.create(api_key=self.api_key)
+
+    def test_no_api_key(self):
+        auth = ApiKeyAuthentication()
+        with app.test_client() as c:
+            rv = c.get('/api/queries/{0}'.format(self.query.id))
+            self.assertFalse(auth.verify_authentication())
+
+    def test_wrong_api_key(self):
+        auth = ApiKeyAuthentication()
+        with app.test_client() as c:
+            rv = c.get('/api/queries/{0}'.format(self.query.id), query_string={'api_key': 'whatever'})
+            self.assertFalse(auth.verify_authentication())
+
+    def test_correct_api_key(self):
+        auth = ApiKeyAuthentication()
+        with app.test_client() as c:
+            rv = c.get('/api/queries/{0}'.format(self.query.id), query_string={'api_key': self.api_key})
+            self.assertTrue(auth.verify_authentication())
+
+    def test_no_query_id(self):
+        auth = ApiKeyAuthentication()
+        with app.test_client() as c:
+            rv = c.get('/api/queries', query_string={'api_key': self.api_key})
+            self.assertFalse(auth.verify_authentication())
 
 
 class TestCreateAndLoginUser(BaseTestCase):