Merge branch 'master' into testing

calesanz · calesanz · commit 3dba01d47bbc · 2021-02-12T00:19:32.000+01:00
diff --git a/bin/postversioncontrolrestore.py b/bin/postversioncontrolrestore.py
@@ -10,8 +10,28 @@
 sys.path.insert(0, os.path.join(os.path.dirname(__file__), "..", "lib"))
 
 from splunklib.searchcommands import dispatch, GeneratingCommand, Configuration, Option
+from splunklib.searchcommands.validators import Validator, Boolean, File
 from splunklib.binding import HTTPError
 
+class OrValidator(Validator):
+    def __init__(self, a, b):
+        self.a = a
+        self.b = b
+    def __call__(self, value):
+        """Returns b if a raises an exception otherwise a."""
+        try:
+            return self.a.__call__(value)
+        except ValueError:
+            return self.b.__call__(value)
+
+    def format(self, value):
+        """Returns b if a raises an exception otherwise a."""
+        try:
+            return self.a.format(value)
+        except:
+            return self.b.format(value)
+
+
 splunkLogsDir = os.environ['SPLUNK_HOME'] + "/var/log/splunk"
 #Setup the logging
 logging_config = dict(
@@ -60,7 +80,7 @@ class SVCPostRestore(GeneratingCommand):
     restoreAsUser = Option(require=True)
     scope = Option(require=True)
     timeout = Option(require=True)
-    sslVerify = Option(require=False, default=False)
+    sslVerify = Option(require=False, default=False, validate=OrValidator(File(), Boolean()))
     
     def generate(self):
         """
diff --git a/bin/splunkversioncontrol_rest_restore.py b/bin/splunkversioncontrol_rest_restore.py
@@ -59,7 +59,7 @@
 
 class SVCRestore(splunk.rest.BaseRestHandler):
 
-    def query_back_for_user_and_permissions(self, authorization_token, remoteAddr,*, sslVerify):
+    def query_back_for_user_and_permissions(self, authorization_token, *, sslVerify):
         headers = { "Authorization" : authorization_token }
 
         #Run a query back against the source system to check the username/role
@@ -104,7 +104,7 @@ def handle_POST(self):
         url = "https://localhost:8089/servicesNS/-/-/data/inputs/splunkversioncontrol_restore/" + six.moves.urllib.parse.quote(splunk_vc_name) + "?output_mode=json"
         logger.debug("Now running query against url=%s to obtain config information" % (url))
 
-        res = self.runHttpRequest(url, headers, None, "get", "querying the inputs for splunkversioncontrol_restore with name %s" % (splunk_vc_name), sslVerify=sslVerify)
+        res = self.runHttpRequest(url, headers, None, "get", "querying the inputs for splunkversioncontrol_restore with name %s" % (splunk_vc_name), sslVerify=False)
         if not res:
             return
 
@@ -160,7 +160,7 @@ def handle_POST(self):
         else:
             time_wait = 600
 
-        username, roles = self.query_back_for_user_and_permissions(payload['Authorization'][0], remoteAddr)
+        username, roles = self.query_back_for_user_and_permissions(payload['Authorization'][0], sslVerify=sslVerify)
         logger.info("username=%s roles=%s" % (username, roles))
 
         app = payload['app'][0]
diff --git a/bin/splunkversioncontrol_utility.py b/bin/splunkversioncontrol_utility.py
@@ -73,7 +73,7 @@ def get_password(password, session_key, logger, *, sslVerify=False):
 
     url = "https://localhost:8089/servicesNS/-/-/storage/passwords?output_mode=json&f=clear_password&count=0&search=" + password
     logger.debug("Trying url=%s with session_key to obtain name=%s" % (url, password))
-    res = requests.get(url, headers=headers, verify=verify)
+    res = requests.get(url, headers=headers, verify=sslVerify)
     dict = json.loads(res.text)
     if not 'entry' in dict:
         logger.warn("dict=%s did not contain the entries expected on url=%s while looking for password=%s" % (dict, url, password))
