__init__.py 24 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730
  1. #
  2. # The Qubes OS Project, https://www.qubes-os.org/
  3. #
  4. # Copyright (C) 2010-2015 Joanna Rutkowska <joanna@invisiblethingslab.com>
  5. # Copyright (C) 2011-2015 Marek Marczykowski-Górecki
  6. # <marmarek@invisiblethingslab.com>
  7. # Copyright (C) 2014-2015 Wojtek Porczyk <woju@invisiblethingslab.com>
  8. #
  9. # This library is free software; you can redistribute it and/or
  10. # modify it under the terms of the GNU Lesser General Public
  11. # License as published by the Free Software Foundation; either
  12. # version 2.1 of the License, or (at your option) any later version.
  13. #
  14. # This library is distributed in the hope that it will be useful,
  15. # but WITHOUT ANY WARRANTY; without even the implied warranty of
  16. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  17. # Lesser General Public License for more details.
  18. #
  19. # You should have received a copy of the GNU Lesser General Public
  20. # License along with this library; if not, see <https://www.gnu.org/licenses/>.
  21. #
  22. '''
  23. Qubes OS
  24. :copyright: © 2010-2015 Invisible Things Lab
  25. '''
  26. import builtins
  27. import collections
  28. import os
  29. import os.path
  30. import string
  31. import lxml.etree
  32. import qubes.config
  33. import qubes.events
  34. import qubes.exc
  35. __author__ = 'Invisible Things Lab'
  36. __license__ = 'GPLv2 or later'
  37. __version__ = 'R3'
  38. class Label(object):
  39. '''Label definition for virtual machines
  40. Label specifies colour of the padlock displayed next to VM's name.
  41. When this is a :py:class:`qubes.vm.dispvm.DispVM`, padlock is overlayed
  42. with recycling pictogram.
  43. :param int index: numeric identificator of label
  44. :param str color: colour specification as in HTML (``#abcdef``)
  45. :param str name: label's name like "red" or "green"
  46. '''
  47. def __init__(self, index, color, name):
  48. #: numeric identificator of label
  49. self.index = index
  50. #: colour specification as in HTML (``#abcdef``)
  51. self.color = color
  52. #: label's name like "red" or "green"
  53. self.name = name
  54. #: freedesktop icon name, suitable for use in
  55. #: :py:meth:`PyQt4.QtGui.QIcon.fromTheme`
  56. self.icon = 'appvm-' + name
  57. #: freedesktop icon name, suitable for use in
  58. #: :py:meth:`PyQt4.QtGui.QIcon.fromTheme` on DispVMs
  59. self.icon_dispvm = 'dispvm-' + name
  60. @classmethod
  61. def fromxml(cls, xml):
  62. '''Create label definition from XML node
  63. :param lxml.etree._Element xml: XML node reference
  64. :rtype: :py:class:`qubes.Label`
  65. '''
  66. index = int(xml.get('id').split('-', 1)[1])
  67. color = xml.get('color')
  68. name = xml.text
  69. return cls(index, color, name)
  70. def __xml__(self):
  71. element = lxml.etree.Element(
  72. 'label', id='label-{}'.format(self.index), color=self.color)
  73. element.text = self.name
  74. return element
  75. def __str__(self):
  76. return self.name
  77. def __repr__(self):
  78. return '{}({!r}, {!r}, {!r})'.format(
  79. self.__class__.__name__,
  80. self.index,
  81. self.color,
  82. self.name)
  83. def __eq__(self, other):
  84. if isinstance(other, Label):
  85. return self.name == other.name
  86. return NotImplemented
  87. def __hash__(self):
  88. return hash(self.name)
  89. @builtins.property
  90. def icon_path(self):
  91. '''Icon path
  92. .. deprecated:: 2.0
  93. use :py:meth:`PyQt4.QtGui.QIcon.fromTheme` and :py:attr:`icon`
  94. '''
  95. return os.path.join(qubes.config.system_path['qubes_icon_dir'],
  96. self.icon) + ".png"
  97. @builtins.property
  98. def icon_path_dispvm(self):
  99. '''Icon path
  100. .. deprecated:: 2.0
  101. use :py:meth:`PyQt4.QtGui.QIcon.fromTheme` and :py:attr:`icon_dispvm`
  102. '''
  103. return os.path.join(qubes.config.system_path['qubes_icon_dir'],
  104. self.icon_dispvm) + ".png"
  105. class property(object): # pylint: disable=redefined-builtin,invalid-name
  106. '''Qubes property.
  107. This class holds one property that can be saved to and loaded from
  108. :file:`qubes.xml`. It is used for both global and per-VM properties.
  109. Property can be unset by ordinary ``del`` statement or assigning
  110. :py:attr:`DEFAULT` special value to it. After deletion (or before first
  111. assignment/load) attempting to read a property will get its default value
  112. or, when no default, py:class:`exceptions.AttributeError`.
  113. :param str name: name of the property
  114. :param collections.Callable setter: if not :py:obj:`None`, this is used to \
  115. initialise value; first parameter to the function is holder instance \
  116. and the second is value; this is called before ``type``
  117. :param collections.Callable saver: function to coerce value to something \
  118. readable by setter
  119. :param type type: if not :py:obj:`None`, value is coerced to this type
  120. :param object default: default value; if callable, will be called with \
  121. holder as first argument
  122. :param int load_stage: stage when property should be loaded (see \
  123. :py:class:`Qubes` for description of stages)
  124. :param int order: order of evaluation (bigger order values are later)
  125. :param bool clone: :py:meth:`PropertyHolder.clone_properties` will not \
  126. include this property by default if :py:obj:`False`
  127. :param str doc: docstring; this should be one paragraph of plain RST, no \
  128. sphinx-specific features
  129. Setters and savers have following signatures:
  130. .. :py:function:: setter(self, prop, value)
  131. :noindex:
  132. :param self: instance of object that is holding property
  133. :param prop: property object
  134. :param value: value being assigned
  135. .. :py:function:: saver(self, prop, value)
  136. :noindex:
  137. :param self: instance of object that is holding property
  138. :param prop: property object
  139. :param value: value being saved
  140. :rtype: str
  141. :raises property.DontSave: when property should not be saved at all
  142. '''
  143. #: Assigning this value to property means setting it to its default value.
  144. #: If property has no default value, this will unset it.
  145. DEFAULT = object()
  146. # internal use only
  147. _NO_DEFAULT = object()
  148. def __init__(self, name, setter=None, saver=None, type=None,
  149. default=_NO_DEFAULT, write_once=False, load_stage=2, order=0,
  150. save_via_ref=False, clone=True,
  151. doc=None):
  152. # pylint: disable=redefined-builtin
  153. self.__name__ = name
  154. self._setter = setter
  155. self._saver = saver if saver is not None else (
  156. lambda self, prop, value: str(value))
  157. self.type = type
  158. self._default = default
  159. self._write_once = write_once
  160. self.order = order
  161. self.load_stage = load_stage
  162. self.save_via_ref = save_via_ref
  163. self.clone = clone
  164. self.__doc__ = doc
  165. self._attr_name = '_qubesprop_' + name
  166. def __get__(self, instance, owner):
  167. if instance is None:
  168. return self
  169. # XXX this violates duck typing, shall we keep it?
  170. if not isinstance(instance, PropertyHolder):
  171. raise AttributeError('qubes.property should be used on '
  172. 'qubes.PropertyHolder instances only')
  173. try:
  174. return getattr(instance, self._attr_name)
  175. except AttributeError:
  176. return self.get_default(instance)
  177. def get_default(self, instance):
  178. if self._default is self._NO_DEFAULT:
  179. raise AttributeError(
  180. 'property {!r} have no default'.format(self.__name__))
  181. elif isinstance(self._default, collections.Callable):
  182. return self._default(instance)
  183. else:
  184. return self._default
  185. def __set__(self, instance, value):
  186. self._enforce_write_once(instance)
  187. if value is self.__class__.DEFAULT:
  188. self.__delete__(instance)
  189. return
  190. try:
  191. oldvalue = getattr(instance, self.__name__)
  192. has_oldvalue = True
  193. except AttributeError:
  194. has_oldvalue = False
  195. if self._setter is not None:
  196. value = self._setter(instance, self, value)
  197. if self.type not in (None, type(value)):
  198. value = self.type(value)
  199. if has_oldvalue:
  200. instance.fire_event('property-pre-set:' + self.__name__,
  201. pre_event=True,
  202. name=self.__name__, newvalue=value, oldvalue=oldvalue)
  203. else:
  204. instance.fire_event('property-pre-set:' + self.__name__,
  205. pre_event=True,
  206. name=self.__name__, newvalue=value)
  207. instance._property_init(self, value) # pylint: disable=protected-access
  208. if has_oldvalue:
  209. instance.fire_event('property-set:' + self.__name__,
  210. name=self.__name__, newvalue=value, oldvalue=oldvalue)
  211. else:
  212. instance.fire_event('property-set:' + self.__name__,
  213. name=self.__name__, newvalue=value)
  214. def __delete__(self, instance):
  215. self._enforce_write_once(instance)
  216. try:
  217. oldvalue = getattr(instance, self.__name__)
  218. has_oldvalue = True
  219. except AttributeError:
  220. has_oldvalue = False
  221. if has_oldvalue:
  222. instance.fire_event('property-pre-del:' + self.__name__,
  223. pre_event=True,
  224. name=self.__name__, oldvalue=oldvalue)
  225. try:
  226. delattr(instance, self._attr_name)
  227. except AttributeError:
  228. pass
  229. instance.fire_event('property-del:' + self.__name__,
  230. name=self.__name__, oldvalue=oldvalue)
  231. else:
  232. instance.fire_event('property-pre-del:' + self.__name__,
  233. pre_event=True,
  234. name=self.__name__)
  235. instance.fire_event('property-del:' + self.__name__,
  236. name=self.__name__)
  237. def __repr__(self):
  238. default = ' default={!r}'.format(self._default) \
  239. if self._default is not self._NO_DEFAULT \
  240. else ''
  241. return '<{} object at {:#x} name={!r}{}>'.format(
  242. self.__class__.__name__, id(self), self.__name__, default)
  243. def __str__(self):
  244. return self.__name__
  245. def __hash__(self):
  246. return hash(self.__name__)
  247. def __lt__(self, other):
  248. if isinstance(other, property):
  249. return (self.load_stage, self.order, self.__name__) <\
  250. (other.load_stage, other.order, other.__name__)
  251. return NotImplemented
  252. def __eq__(self, other):
  253. if isinstance(other, str):
  254. return self.__name__ == other
  255. return isinstance(other, property) and self.__name__ == other.__name__
  256. def _enforce_write_once(self, instance):
  257. if self._write_once and not instance.property_is_default(self):
  258. raise AttributeError(
  259. 'property {!r} is write-once and already set'.format(
  260. self.__name__))
  261. def sanitize(self, *, untrusted_newvalue):
  262. '''Coarse sanitization of value to be set, before sending it to a
  263. setter. Can raise QubesValueError if the value is invalid.
  264. :param untrusted_newvalue: value to be validated
  265. :return: sanitized value
  266. :raises: qubes.exc.QubesValueError
  267. '''
  268. # do not treat type='str' as sufficient validation
  269. if self.type is not None and self.type is not str:
  270. # assume specific type will preform enough validation
  271. try:
  272. untrusted_newvalue = untrusted_newvalue.decode('ascii',
  273. errors='strict')
  274. except UnicodeDecodeError:
  275. raise qubes.exc.QubesValueError
  276. if self.type is bool:
  277. return self.bool(None, None, untrusted_newvalue)
  278. else:
  279. try:
  280. return self.type(untrusted_newvalue)
  281. except ValueError:
  282. raise qubes.exc.QubesValueError
  283. else:
  284. # 'str' or not specified type
  285. try:
  286. untrusted_newvalue = untrusted_newvalue.decode('ascii',
  287. errors='strict')
  288. except UnicodeDecodeError:
  289. raise qubes.exc.QubesValueError
  290. allowed_set = string.printable
  291. if not all(x in allowed_set for x in untrusted_newvalue):
  292. raise qubes.exc.QubesValueError(
  293. 'Invalid characters in property value')
  294. return untrusted_newvalue
  295. #
  296. # exceptions
  297. #
  298. class DontSave(Exception):
  299. '''This exception may be raised from saver to sign that property should
  300. not be saved.
  301. '''
  302. pass
  303. @staticmethod
  304. def dontsave(self, prop, value):
  305. '''Dummy saver that never saves anything.'''
  306. # pylint: disable=bad-staticmethod-argument,unused-argument
  307. raise property.DontSave()
  308. #
  309. # some setters provided
  310. #
  311. @staticmethod
  312. def forbidden(self, prop, value):
  313. '''Property setter that forbids loading a property.
  314. This is used to effectively disable property in classes which inherit
  315. unwanted property. When someone attempts to load such a property, it
  316. :throws AttributeError: always
  317. ''' # pylint: disable=bad-staticmethod-argument,unused-argument
  318. raise AttributeError(
  319. 'setting {} property on {} instance is forbidden'.format(
  320. prop.__name__, self.__class__.__name__))
  321. @staticmethod
  322. def bool(self, prop, value):
  323. '''Property setter for boolean properties.
  324. It accepts (case-insensitive) ``'0'``, ``'no'`` and ``false`` as
  325. :py:obj:`False` and ``'1'``, ``'yes'`` and ``'true'`` as
  326. :py:obj:`True`.
  327. ''' # pylint: disable=bad-staticmethod-argument,unused-argument
  328. if isinstance(value, str):
  329. lcvalue = value.lower()
  330. if lcvalue in ('0', 'no', 'false', 'off'):
  331. return False
  332. if lcvalue in ('1', 'yes', 'true', 'on'):
  333. return True
  334. raise qubes.exc.QubesValueError(
  335. 'Invalid literal for boolean property: {!r}'.format(value))
  336. return bool(value)
  337. def stateless_property(func):
  338. '''Decorator similar to :py:class:`builtins.property`, but for properties
  339. exposed through management API (including qvm-prefs etc)'''
  340. return property(func.__name__,
  341. setter=property.forbidden,
  342. saver=property.DontSave,
  343. default=func,
  344. doc=func.__doc__)
  345. class PropertyHolder(qubes.events.Emitter):
  346. '''Abstract class for holding :py:class:`qubes.property`
  347. Events fired by instances of this class:
  348. .. event:: property-load (subject, event)
  349. Fired once after all properties are loaded from XML. Individual
  350. ``property-set`` events are not fired.
  351. .. event:: property-set:<propname> \
  352. (subject, event, name, newvalue[, oldvalue])
  353. Fired when property changes state. Signature is variable,
  354. *oldvalue* is present only if there was an old value.
  355. :param name: Property name
  356. :param newvalue: New value of the property
  357. :param oldvalue: Old value of the property
  358. .. event:: property-pre-set:<propname> \
  359. (subject, event, name, newvalue[, oldvalue])
  360. Fired before property changes state. Signature is variable,
  361. *oldvalue* is present only if there was an old value.
  362. :param name: Property name
  363. :param newvalue: New value of the property
  364. :param oldvalue: Old value of the property
  365. .. event:: property-del:<propname> \
  366. (subject, event, name[, oldvalue])
  367. Fired when property gets deleted (is set to default). Signature is
  368. variable, *oldvalue* is present only if there was an old value.
  369. :param name: Property name
  370. :param oldvalue: Old value of the property
  371. .. event:: property-pre-del:<propname> \
  372. (subject, event, name[, oldvalue])
  373. Fired before property gets deleted (is set to default). Signature
  374. is variable, *oldvalue* is present only if there was an old value.
  375. :param name: Property name
  376. :param oldvalue: Old value of the property
  377. .. event:: clone-properties (subject, event, src, proplist)
  378. :param src: object, from which we are cloning
  379. :param proplist: list of properties
  380. Members:
  381. '''
  382. def __init__(self, xml, **kwargs):
  383. self.xml = xml
  384. propvalues = {}
  385. all_names = set(prop.__name__ for prop in self.property_list())
  386. for key in list(kwargs):
  387. if not key in all_names:
  388. continue
  389. propvalues[key] = kwargs.pop(key)
  390. super(PropertyHolder, self).__init__(**kwargs)
  391. for key, value in propvalues.items():
  392. setattr(self, key, value)
  393. if self.xml is not None:
  394. # check if properties are appropriate
  395. all_names = set(prop.__name__ for prop in self.property_list())
  396. for node in self.xml.xpath('./properties/property'):
  397. name = node.get('name')
  398. if name not in all_names:
  399. raise TypeError(
  400. 'property {!r} not applicable to {!r}'.format(
  401. name, self.__class__.__name__))
  402. @classmethod
  403. def property_list(cls, load_stage=None):
  404. '''List all properties attached to this VM's class
  405. :param load_stage: Filter by load stage
  406. :type load_stage: :py:func:`int` or :py:obj:`None`
  407. '''
  408. props = set()
  409. for class_ in cls.__mro__:
  410. props.update(prop for prop in class_.__dict__.values()
  411. if isinstance(prop, property))
  412. if load_stage is not None:
  413. props = set(prop for prop in props
  414. if prop.load_stage == load_stage)
  415. return sorted(props)
  416. def _property_init(self, prop, value):
  417. '''Initialise property to a given value, without side effects.
  418. :param qubes.property prop: property object of particular interest
  419. :param value: value
  420. '''
  421. # pylint: disable=protected-access
  422. setattr(self, self.property_get_def(prop)._attr_name, value)
  423. def property_is_default(self, prop):
  424. '''Check whether property is in it's default value.
  425. Properties when unset may return some default value, so
  426. ``hasattr(vm, prop.__name__)`` is wrong in some circumstances. This
  427. method allows for checking if the value returned is in fact it's
  428. default value.
  429. :param qubes.property prop: property object of particular interest
  430. :rtype: bool
  431. ''' # pylint: disable=protected-access
  432. # both property_get_def() and ._attr_name may throw AttributeError,
  433. # which we don't want to catch
  434. attrname = self.property_get_def(prop)._attr_name
  435. return not hasattr(self, attrname)
  436. def property_get_default(self, prop):
  437. '''Get property default value.
  438. :param qubes.property or str prop: property object of particular
  439. interest
  440. '''
  441. return self.property_get_def(prop).get_default(self)
  442. @classmethod
  443. def property_get_def(cls, prop):
  444. '''Return property definition object.
  445. If prop is already :py:class:`qubes.property` instance, return the same
  446. object.
  447. :param prop: property object or name
  448. :type prop: qubes.property or str
  449. :rtype: qubes.property
  450. '''
  451. if isinstance(prop, qubes.property):
  452. return prop
  453. for p in cls.property_list():
  454. if p.__name__ == prop:
  455. return p
  456. raise AttributeError('No property {!r} found in {!r}'.format(
  457. prop, cls))
  458. def load_properties(self, load_stage=None):
  459. '''Load properties from immediate children of XML node.
  460. ``property-set`` events are not fired for each individual property.
  461. :param int load_stage: Stage of loading.
  462. '''
  463. if self.xml is None:
  464. return
  465. all_names = set(
  466. prop.__name__ for prop in self.property_list(load_stage))
  467. for node in self.xml.xpath('./properties/property'):
  468. name = node.get('name')
  469. value = node.get('ref') or node.text
  470. if not name in all_names:
  471. continue
  472. setattr(self, name, value)
  473. def xml_properties(self, with_defaults=False):
  474. '''Iterator that yields XML nodes representing set properties.
  475. :param bool with_defaults: If :py:obj:`True`, then it also includes \
  476. properties which were not set explicite, but have default values \
  477. filled.
  478. '''
  479. properties = lxml.etree.Element('properties')
  480. for prop in self.property_list():
  481. # pylint: disable=protected-access
  482. try:
  483. value = getattr(
  484. self, (prop.__name__ if with_defaults else prop._attr_name))
  485. except AttributeError:
  486. continue
  487. try:
  488. value = prop._saver(self, prop, value)
  489. except property.DontSave:
  490. continue
  491. element = lxml.etree.Element('property', name=prop.__name__)
  492. if prop.save_via_ref:
  493. element.set('ref', value)
  494. else:
  495. element.text = value
  496. properties.append(element)
  497. return properties
  498. # this was clone_attrs
  499. def clone_properties(self, src, proplist=None):
  500. '''Clone properties from other object.
  501. :param PropertyHolder src: source object
  502. :param iterable proplist: list of properties \
  503. (:py:obj:`None` or omit for all properties except those with \
  504. :py:attr:`property.clone` set to :py:obj:`False`)
  505. '''
  506. if proplist is None:
  507. proplist = [prop for prop in self.property_list()
  508. if prop.clone]
  509. else:
  510. proplist = [prop for prop in self.property_list()
  511. if prop.__name__ in proplist or prop in proplist]
  512. for prop in proplist:
  513. try:
  514. # pylint: disable=protected-access
  515. self._property_init(prop, getattr(src, prop._attr_name))
  516. except AttributeError:
  517. continue
  518. self.fire_event('clone-properties', src=src, proplist=proplist)
  519. def property_require(self, prop, allow_none=False, hard=False):
  520. '''Complain badly when property is not set.
  521. :param prop: property name or object
  522. :type prop: qubes.property or str
  523. :param bool allow_none: if :py:obj:`True`, don't complain if \
  524. :py:obj:`None` is found
  525. :param bool hard: if :py:obj:`True`, raise :py:class:`AssertionError`; \
  526. if :py:obj:`False`, log warning instead
  527. '''
  528. if isinstance(prop, qubes.property):
  529. prop = prop.__name__
  530. try:
  531. value = getattr(self, prop)
  532. if value is None and not allow_none:
  533. raise AttributeError()
  534. except AttributeError:
  535. # pylint: disable=no-member
  536. msg = 'Required property {!r} not set on {!r}'.format(prop, self)
  537. if hard:
  538. raise AssertionError(msg)
  539. else:
  540. # pylint: disable=no-member
  541. self.log.fatal(msg)
  542. def close(self):
  543. super().close()
  544. # Remove all properties -- somewhere in them there are cyclic
  545. # references. This just removes all the properties, just in case.
  546. # They are removed directly, bypassing write_once.
  547. for prop in self.property_list():
  548. # pylint: disable=protected-access
  549. try:
  550. delattr(self, prop._attr_name)
  551. except AttributeError:
  552. pass
  553. # pylint: disable=wrong-import-position
  554. from qubes.vm import VMProperty
  555. from qubes.app import Qubes
  556. __all__ = [
  557. 'Label',
  558. 'PropertyHolder',
  559. 'Qubes',
  560. 'VMProperty',
  561. 'property',
  562. ]