We Keep Coding

How to call Snowflake procedure in AWS Lambda

I've got a problem with my Lambda code. It can't execute the procedure in Snowflake. What I'm doing wrong? I can't call the procedure ;(
import snowflake.connector
import boto3
import json
import os
import logging
logger = logging.getLogger()
logger.setLevel(logging.INFO)
def run_query(con, query):
cursor = con.cursor();
cursor.execute(query);
cursor.close();
# function to receive a secret value from secrets manager
def get_secret(secret_name, region_name):
session = boto3.session.Session()
client = session.client(service_name="secretsmanager", region_name=region_name)
try:
get_secret_value_response = client.get_secret_value(SecretId=secret_name)
except Exception as e:
raise e
else:
if "SecretString" in get_secret_value_response:
secret = get_secret_value_response["SecretString"]
else:
secret = None
return json.loads(secret)
def lambda_handler(event, context):
# retrieve secret_name from environment configuration
try:
secret_name = os.environ['secret_name']
except KeyError:
# default secret if not set by the infrastructure
secret_name = "snowflake-login"
region_name = os.environ['AWS_DEFAULT_REGION']
# retreive the Secret, assign connection variables
sf_params = get_secret(secret_name, region_name)
try:
PASSWORD = sf_params["sfPassword"]
USER = sf_params["sfUser"]
ACCOUNT = sf_params["sfAccount"]
WAREHOUSE = sf_params["sfWarehouse"]
DATABASE = sf_params["sfDatabase"]
SCHEMA = sf_params["sfSchema"]
ROLE = sf_params["sfRole"]
except KeyError:
error_message = "Missing connection properties in the Secret"
raise ValueError(error_message)
# connect to Snowflake
con = snowflake.connector.connect(user=USER, account=ACCOUNT, password=PASSWORD, warehouse=WAREHOUSE,
database=DATABASE, schema=SCHEMA, role=ROLE)
statment5 = "call MY_SCHEMA.PROCEDURE_LOAD_CSV('MY_PARAMETER')"
run_query(con, statment5)
logger.info(statment5)

Authorization VK API error: u'{"error":"invalid_request","error_description":"Security Error"}'

I'm trying to authorize from my djano-app on vk.com. I'm using requests and client authorization. I'm trying to authorize by this way and getting an error:
{"error":"invalid_request","error_description":"Security Error"}
Internet suggests to re-login on VK in browser, but there isn't any solution for authorization from code.
My code:
class VkApiSingleton(object):
api_version = '5.95'
def __init__(self,
app_id=config.APP_ID,
login=config.ACCOUNT_LOGIN,
pswd=config.ACCOUNT_PASSWORD,
permissions='video,offline,groups'
):
# type: (int, str, str, str) -> None
self.app_id = app_id
self.app_user_login = login
self.app_user_pass = pswd
self.access_token = None
self.user_id = None
self.session = requests.Session()
self.form_parser = FormParser()
self.permissions = permissions
def __new__(cls, *args, **kwargs):
if not hasattr(cls, 'instance'):
cls.instance = super(VkApiSingleton, cls).__new__(cls, *args, **kwargs)
return cls.instance
#property
def get_session(self):
return self.session
def _parse_form(self, response):
# type: (requests.models.Response) -> None
self.form_parser = FormParser()
try:
self.form_parser.feed(str(response.content))
except Exception as err:
logger.exception(
'Error checking HTML form',
extra={'Error body': str(err)}
)
def _submit_form(self, **kwargs):
# type: (dict) -> requests.models.Response
if self.form_parser.method == 'post':
payload = copy.deepcopy(self.form_parser.params)
if kwargs.get('is_login', False):
payload.update({
'email': self.app_user_login,
'pass': self.app_user_pass
})
with self.get_session as session:
try:
return session.post(self.form_parser.url, data=payload)
except Exception as err:
logger.exception(
'Error submitting auth form',
extra={'Error body': str(err)}
)
raise VkApiError('Error submitting auth form: %s' % str(err))
def _log_in(self):
# type: () -> requests.models.Response
response = self._submit_form(is_login=True)
self._parse_form(response)
if response.status_code != 200:
raise VkApiError('Auth error: cant parse HTML form')
if 'pass' in response.text:
logger.error(
'Wrong login or password'
)
raise VkApiError('Wrong login or password')
return response
def _submit_permissions(self, url=None):
# type: () -> requests.models.Response
if 'submit_allow_access' in self.form_parser.params and 'grant_access' in self.form_parser.url:
return self._submit_form(token_url=url)
else:
logger.warning(
'Cant submit permissions for application'
)
def _get_token(self, response):
# type: (requests.models.Response) -> None
try:
params = response.url.split('#')[1].split('&')
self.access_token = params[0].split('=')[1]
self.user_id = params[2].split('=')[1]
except IndexError as err:
logger.error(
'Cant get access_token',
extra={'Error body': str(err)}
)
def auth(self):
auth_url = 'https://oauth.vk.com/authorize?revoke=1'
redirect_uri = 'https://oauth.vk.com/blank.html'
display = 'wap'
request_params = {
'client_id': self.app_id,
'scope': self.permissions,
'redirect_uri': redirect_uri,
'display': display,
'response_type': 'token',
'v': self.api_version
}
with self.get_session as session:
response = session.get(
auth_url,
params=request_params
)
self._parse_form(response)
if not self.form_parser.form_parsed:
raise VkApiError('Invalid HTML form. Check auth_url or params')
else:
login_response = self._log_in()
permissions_response = self._submit_permissions()
self._get_token(login_response)

If someone has a similar problem - I found some reasons of this.
1) Invalid type of authorization - try to use another type of authorization (it describes in official documentation)
2) Too many authorizations.
I solved problem like this:
1) Get token with "offline" permission by "Client Application Authorization"
2) Every time I need to use vk.api method - I am checking my token for expiring with secure method "secure.checkToken" (you need to get Service token to use this method. There are a lot of information in official documentation)
3) If my token expires - i am getting the new one.

Creating a Superset user programmatically

How to go about creating users programmatically in Superset with a defined role?
Say I have an email sign in page. User signs up. After sign up I would like to programmatically create the user with the gamma role into a Superset instance.

I've used a reply from superset git and created the following classes to add users with roles.
You need to have a json file with the users info and the name of the role(s) that you want to apply. Like this:
[
{
"first_name": "a",
"last_name": "b",
"username": "abc",
"email": "abc#def.com",
"password": "123",
"roles": ["generalViewer","databaseXView"]
},
{
"first_name": "b",
"last_name": "c",
"username": "bcd",
"email": "bcd#def.com",
"password": "123",
"roles": ["generalViewer","databaseXView"]
}
]
Because we are using the role name (we can get them from the superset through normal navigation) is needed to setup the database credentials to get the role_id. Also need to setup the login of any user with permissions to create another one.
import requests
import json
from bs4 import BeautifulSoup as bs
from bs4 import Comment
from time import sleep
import psycopg2
from typing import List, Tuple
import pandas as pd
class SupersetApi:
def __init__(self, username=None, password=None):
self.s = requests.session()
self.base_url = "http://123.45.67.890:8088/" #superset server ip
self._csrf = self._getCSRF(self.url('login/'))
self.headers = {'X-CSRFToken': self._csrf, 'Referer': self.url('login/')}
# note: does not use headers because of flask_wtf.csrf.validate_csrf
# if data is dict it is used as form and ends up empty but flask_wtf checks if data ...
payload = {'username': username, 'password': password, 'csrf_token': self._csrf}
self.post('login/', payload, None)
#self.s.post(self.url(), data=payload, headers = {})
def url(self, url_path):
return self.base_url + url_path
def get(self, url_path):
return self.s.get(self.url(url_path), headers=self.headers)
def post(self, url_path, data=None, json_data=None, **kwargs):
kwargs.update({'url': self.url(url_path), 'headers': self.headers})
if data:
data['csrf_token'] = self._csrf
kwargs['data'] = data
if json_data:
kwargs['json'] = json_data
try:
response = self.s.post(**kwargs)
statusCode = response.status_code
if statusCode < 399:
return True, statusCode
else:
print('POST response: {}'.format(statusCode))
return False, statusCode
except Exception as e:
print(e)
return False, e
def _getCSRF(self, url_path):
try:
response = self.s.get(url_path)
response.raise_for_status()
except Exception as e:
print(e)
exit()
soup = bs(response.content, "html.parser")
for tag in soup.find_all('input', id='csrf_token'):
csrf_token = tag['value']
return csrf_token
class PostgresDB:
def __init__(self, db_name: str, db_user: str, db_host: str, db_password: str) -> None:
self.db_name = db_name
self.db_user = db_user
self.db_host = db_host
self.db_password = db_password
self.conn = None
self.cur = None
def connect(self) -> None:
try:
self.conn = psycopg2.connect('dbname={} user={} host={} password={}'.format(
self.db_name, self.db_user, self.db_host, self.db_password))
self.cur = self.conn.cursor()
except Exception as e:
raise Exception('Couldn\'t connect to the database. Error: {}'.format(e))
def commit(self) -> None:
if self.conn is not None:
self.conn.commit()
else:
raise Exception('Connection not opened to commit')
def close_connection(self) -> None:
if self.cur is not None or self.conn is not None:
try:
self.cur.close()
except:
pass
try:
self.conn.close()
except:
pass
else:
print('Connection and Cursor not opened to be closed')
def get_from_ab_role(self, columns: List, filters: str) -> List:
roles_table = 'public.ab_role'
sql_columns = ','.join(columns)
sql = "SELECT {} FROM {} WHERE {}".format(sql_columns, roles_table, filters)
self.cur.execute(sql)
return self.cur.fetchall()
class SupersetUser:
def __init__(self, user_dict: dict, db: 'PostgresDB'):
self.first_name = user_dict.get('first_name')
self.last_name = user_dict.get('last_name')
self.username = user_dict.get('username')
self.email = user_dict.get('email')
self.active = True
self.password = user_dict.get('password')
self.roles = self.get_role_id(db, user_dict.get('roles'))
def get_role_id(self, db: 'PostgresDB', roles: List):
filter = 'name = '
filter = filter + "'{}' ".format(roles[0])
if len(roles) > 1:
for role in roles[1:]:
filter = filter + "OR name = '{}' ".format(role)
ids = []
for id in db.get_from_ab_role(['id'], filter):
ids.append(str(id[0]))
return ids
def create_user(self, superset_api: SupersetApi) -> Tuple:
Error_friendly_message = None
Error_not = True
url_path = 'users/api/create'
payload = {'first_name': self.first_name,
'last_name': self.last_name,
'username': self.username,
'email': self.email,
'active': self.active,
'conf_password': self.password,
'password': self.password,
'roles': self.roles
}
Error_not, http_response_code = superset_api.post(url_path=url_path, json=payload)
if Error_not:
print('User {} created. Corresponding e-mail: {}'.format(self.username, self.email))
return Error_not, Error_friendly_message, http_response_code
elif http_response_code == 500:
Error_not = False
Error_friendly_message = ('Ops! Something went wrong. Probably already exist an '
'user with the same e-mail: {}, or an error with the json variables... '
'All of them must be strings or a list of strings'.format(self.email))
return Error_not, Error_friendly_message, http_response_code
else:
Error_not = False
Error_friendly_message = 'Ops! Something went wrong. Try again.'
return Error_not, Error_friendly_message, http_response_code
#file that contains the users to be created
FILE_NAME = 'users.json'
#need credentials from user with admin role to create new user
ADMIN_USR = 'admin'
ADMIN_PSWD = 'adminpassword'
DB_NAME = 'superset_database'
DB_USER = 'superset_user'
DB_HOST = '123.45.67.890'
DB_PSWD = 'superset_password'
superset = SupersetApi(ADMIN_USR, ADMIN_PSWD)
portgre_db = PostgresDB(DB_NAME, DB_USER, DB_HOST, DB_PSWD)
portgre_db.connect()
try:
with open(FILE_NAME, 'r') as f:
users = json.load(f)
print('File successfully read')
except FileNotFoundError as e:
print(e)
for index, user in enumerate(users):
userRoles = []
superset_user = SupersetUser(user, portgre_db)
Error_not, Error_friendly_message, http_response_code = superset_user.create_user(superset)
if not Error_not:
print('Could\'t create user {}.'.format(superset_user.username))
print(Error_friendly_message)
print('HTTP Response Code: {}'.format(http_response_code))
portgre_db.close_connection()

If you're set on creating users programmatically, then your best bet is probably to look into overriding the SecurityManager of the underlying Flask-App-Builder (F.A.B.) framework - which Superset is based off.
The documentation can be found here: https://github.com/dpgaspar/Flask-AppBuilder/blob/master/docs/security.rst#your-custom-security
That being said - it feels your question is really about how to allow users to self-register in Superset and give them the Gamma role by default.
This is a use-case FAB addresses explicitly, and you should be able to achieve this just through configuration: http://flask-appbuilder.readthedocs.io/en/latest/user_registration.html

django-allauth get next_url from state not working

I am trying to redirect the user to next url, if login not successful.
I patched the code to this:
class OAuth2CallbackView(OAuth2View):
def dispatch(self, request):
if 'error' in request.GET or 'code' not in request.GET:
# Distinguish cancel from error
auth_error = request.GET.get('error', None)
if auth_error == self.adapter.login_cancelled_error:
error = AuthError.CANCELLED
else:
error = AuthError.UNKNOWN
return render_authentication_error(
request,
self.adapter.provider_id,
error=error)
app = self.adapter.get_provider().get_app(self.request)
client = self.get_client(request, app)
try:
access_token = client.get_access_token(request.GET['code'])
token = self.adapter.parse_token(access_token)
token.app = app
login = self.adapter.complete_login(request,
app,
token,
response=access_token)
login.token = token
if self.adapter.supports_state:
login.state = SocialLogin \
.verify_and_unstash_state(
request,
request.REQUEST.get('state'))
else:
login.state = SocialLogin.unstash_state(request)
return complete_social_login(request, login)
except (PermissionDenied, OAuth2Error, requests.RequestException) as e:
try:
next_url = SocialLogin.unstash_state(request).get('next', '') # <---- here state is not available anymore, why?
if next_url:
redir_url = '%s&loginerr=y' % next_url.split('&loginerr=y')[0]
else:
raise PermissionDenied()
except PermissionDenied: # <--- thats why, this part gets executed
next_url = request.META.get('HTTP_REFERER', '/')
redir_url = '%s?loginerr=y' % next_url
return redirect(redir_url)

soaplib2.0.0beta + django and 1C connect error

I have task get up soap service in Django (for receive data from commerce software)
Have been installed soaplib2.0.0beta and made layer from soap to django (use Django Snippets)
Created some soap-methods and data types. Everything works with suds (lib) test, but receive errors in production.
Erorrs says some column is not unique, but data is okey and method can connect to db (.all().count() test).
I think mistake in layer or nginx's config...
Code of Layer:
# Code of Layer:
class DjangoSoapApp(Application):
def __call__(self, request):
# wrap the soaplib response into a Django response object
django_response = HttpResponse()
def start_response(status, headers):
status, reason = status.split(' ', 1)
django_response.status_code = int(status)
for header, value in headers:
django_response[header] = value
response = super(DjangoSoapApp, self).__call__(request.META, start_response)
django_response.content = '\n'.join(response)
return django_response
Method's code:
# Method's code
class SyncService(DefinitionBase):
#rpc(User, Order, _returns=Array(Response))
def CreateOrder(self, user=None, order=None):
response = []
# response.append(Response(Result = True, Response = "ORDERS: " + str(self.tmp.count())))
# return response
if not user or not order:
response.append(Response(Result = False, Response = "Exception: not send user or order"))
return response
try:
new_user = user_model.objects.get(commerce_uid=user.Id)
response.append(Response(Result = True, Response="Success: Get user %s %s" % (user.Name, user.EMail)))
except Exception as e:
try:
new_user = user_model(
email=user.EMail,
commerce_uid=user.Id,
telephone=user.Phone,
name=user.Name,
username=re.sub(r'\.|\#', '', user.EMail),
isSync = True)
new_user.save()
response.append(Response(Result = True,Response = "Success: Create user %s %s" % (user.Name, user.EMail)))
except Exception as e:
response.append(Response(Result = False, Response = "Exception: user '%s' not found and can't create (%s)" % (user, e)))
return response
try:
new_order = order_model(
user=new_user,
date=order.Date,
time=order.Time,
boat=order.Boat,
amount=order.Quantity,
isSync=True
)
new_order.save()
response.append(Response(Result = True, Response = "Success: Create order %s" % (order)))
except Exception as e:
response.append(Response(Result = False, Response = "Exception: Can't create order '%s' for user '%s' (%s)" % (order, user, e)))
return response
return response
Sample of error:
Exception: user 'Id: 6d73d109-4b7b-453e-819a-94c42a883c09, Name: John Smith 2, Email: email2#email.com, Phone: +749512345679' not found and can't create (column commerce_uid is not unique)