From 48e3df1bcb3376fd39e499e7e6863b4b54403370 Mon Sep 17 00:00:00 2001
From: Ricardo Dias <rdias@suse.com>
Date: Wed, 24 Jan 2018 12:25:54 +0000
Subject: [PATCH] mgr/dashboard_v2: Fix python 2/3 compability problems

Signed-off-by: Ricardo Dias <rdias@suse.com>
---
 src/pybind/mgr/dashboard_v2/__init__.py       |  5 ++-
 src/pybind/mgr/dashboard_v2/auth.py           | 37 ++++++++++++++-----
 src/pybind/mgr/dashboard_v2/module.py         | 14 ++++---
 .../mgr/dashboard_v2/tests/test_auth.py       |  4 +-
 4 files changed, 40 insertions(+), 20 deletions(-)

diff --git a/src/pybind/mgr/dashboard_v2/__init__.py b/src/pybind/mgr/dashboard_v2/__init__.py
index b2af2e0aa220e..62ecfa0b88558 100644
--- a/src/pybind/mgr/dashboard_v2/__init__.py
+++ b/src/pybind/mgr/dashboard_v2/__init__.py
@@ -2,14 +2,15 @@
 """
 openATTIC module
 """
+from __future__ import absolute_import
 
 import os
 
 if 'UNITTEST' not in os.environ:
     # pylint: disable=W0403,W0401
-    from module import *  # NOQA
+    from .module import *  # NOQA
 else:
     import sys
     # pylint: disable=W0403
-    import ceph_module_mock
+    from . import ceph_module_mock
     sys.modules['ceph_module'] = ceph_module_mock
diff --git a/src/pybind/mgr/dashboard_v2/auth.py b/src/pybind/mgr/dashboard_v2/auth.py
index 911b10212b0cb..aa3b5b3d0acf1 100644
--- a/src/pybind/mgr/dashboard_v2/auth.py
+++ b/src/pybind/mgr/dashboard_v2/auth.py
@@ -3,19 +3,23 @@
 import bcrypt
 import cherrypy
 import time
+import sys
+
 from cherrypy import tools
 
+
 class Auth(object):
     """
     Provide login and logout actions.
 
     Supported config-keys:
 
-      | KEY             | DEFAULT | DESCR                                                        |
-      --------------------------------------------------------------------------------------------
-      | username        | None    | Username                                                     |
-      | password        | None    | Password encrypted using bcrypt                              |
-      | session-expire  | 1200    | Session will expire after <expires> seconds without activity |
+      | KEY             | DEFAULT | DESCR                                     |
+      ------------------------------------------------------------------------|
+      | username        | None    | Username                                  |
+      | password        | None    | Password encrypted using bcrypt           |
+      | session-expire  | 1200    | Session will expire after <expires>       |
+      |                           | seconds without activity                  |
     """
 
     SESSION_KEY = '_username'
@@ -23,6 +27,15 @@ class Auth(object):
 
     DEFAULT_SESSION_EXPIRE = 1200
 
+    @staticmethod
+    def password_hash(password, salt_password=None):
+        if not salt_password:
+            salt_password = bcrypt.gensalt()
+        if sys.version_info > (3, 0):
+            return bcrypt.hashpw(password, salt_password)
+        else:
+            return bcrypt.hashpw(password.encode('utf8'), salt_password)
+
     def __init__(self, module):
         self.module = module
         self.log = self.module.log
@@ -34,7 +47,8 @@ class Auth(object):
         now = int(time.time())
         config_username = self.module.get_localized_config('username', None)
         config_password = self.module.get_localized_config('password', None)
-        hash_password = bcrypt.hashpw(password.encode('utf8'), config_password)
+        hash_password = Auth.password_hash(password,
+                                           config_password)
         if username == config_username and hash_password == config_password:
             cherrypy.session.regenerate()
             cherrypy.session[Auth.SESSION_KEY] = username
@@ -57,10 +71,12 @@ class Auth(object):
         username = cherrypy.session.get(Auth.SESSION_KEY)
         if not username:
             self.log.debug("Unauthorized")
-            raise cherrypy.HTTPError(401,
-                                     'You are not authorized to access that resource')
+            raise cherrypy.HTTPError(401, 'You are not authorized to access '
+                                          'that resource')
         now = int(time.time())
-        expires = int(self.module.get_localized_config('session-expire', Auth.DEFAULT_SESSION_EXPIRE))
+        expires = int(self.module.get_localized_config(
+                        'session-expire',
+                        Auth.DEFAULT_SESSION_EXPIRE))
         if expires > 0:
             username_ts = cherrypy.session.get(Auth.SESSION_KEY_TS, None)
             if username_ts and username_ts < now - expires:
@@ -68,5 +84,6 @@ class Auth(object):
                 cherrypy.session[Auth.SESSION_KEY_TS] = None
                 self.log.debug("Session expired.")
                 raise cherrypy.HTTPError(401,
-                                         'Session expired. You are not authorized to access that resource')
+                                         'Session expired. You are not '
+                                         'authorized to access that resource')
         cherrypy.session[Auth.SESSION_KEY_TS] = now
diff --git a/src/pybind/mgr/dashboard_v2/module.py b/src/pybind/mgr/dashboard_v2/module.py
index 2fb4f408d7ff2..da032bd1c0483 100644
--- a/src/pybind/mgr/dashboard_v2/module.py
+++ b/src/pybind/mgr/dashboard_v2/module.py
@@ -1,15 +1,15 @@
 # -*- coding: utf-8 -*-
-
 """
 openATTIC mgr plugin (based on CherryPy)
 """
+from __future__ import absolute_import
+
 
-import bcrypt
 import os
 import cherrypy
 from cherrypy import tools
 
-from auth import Auth
+from .auth import Auth
 from mgr_module import MgrModule
 
 
@@ -55,7 +55,8 @@ class Module(MgrModule):
                                 'server.socket_port': int(server_port),
                                })
         auth = Auth(self)
-        cherrypy.tools.autenticate = cherrypy.Tool('before_handler', auth.check_auth)
+        cherrypy.tools.autenticate = cherrypy.Tool('before_handler',
+                                                   auth.check_auth)
         noauth_required_config = {
             '/': {
                 'tools.autenticate.on': False,
@@ -69,7 +70,8 @@ class Module(MgrModule):
             }
         }
         cherrypy.tree.mount(auth, "/api/auth", config=noauth_required_config)
-        cherrypy.tree.mount(Module.HelloWorld(self), "/api/hello", config=auth_required_config)
+        cherrypy.tree.mount(Module.HelloWorld(self), "/api/hello",
+                            config=auth_required_config)
         cherrypy.engine.start()
         self.log.info("Waiting for engine...")
         cherrypy.engine.block()
@@ -83,7 +85,7 @@ class Module(MgrModule):
     def handle_command(self, cmd):
         if cmd['prefix'] == 'dashboard set-login-credentials':
             self.set_localized_config('username', cmd['username'])
-            hashed_passwd = bcrypt.hashpw(cmd['password'], bcrypt.gensalt())
+            hashed_passwd = Auth.password_hash(cmd['password'])
             self.set_localized_config('password', hashed_passwd)
             return 0, 'Username and password updated', ''
         else:
diff --git a/src/pybind/mgr/dashboard_v2/tests/test_auth.py b/src/pybind/mgr/dashboard_v2/tests/test_auth.py
index b03dfc17f0e30..09d5767491c46 100644
--- a/src/pybind/mgr/dashboard_v2/tests/test_auth.py
+++ b/src/pybind/mgr/dashboard_v2/tests/test_auth.py
@@ -27,8 +27,8 @@ class AuthTest(helper.CPWebCase):
                             config={'/': {'tools.autenticate.on': True}})
         module.set_localized_config('session-expire','2')
         module.set_localized_config('username','admin')
-        module.set_localized_config('password',
-            '$2b$12$KunrLI/uq7pqjvwUcAhIZu.B1dAGZ3liB8KFIJUOqZC.5/bEEmBQG')
+        pass_hash = Auth.password_hash('admin')
+        module.set_localized_config('password', pass_hash)
 
     def test_login_valid(self):
         sess_mock = RamSession()
-- 
2.39.5