Support for adding TM1 server instances to the Admin server?

[dusherwo57]

Describe what did you try to do with TM1py
Looking for functionality to add server instances to the Admin server
https://www.ibm.com/support/knowledgecenter/SSD29G_2.0.0/com.ibm.swg.ba.cognos.tm1_nfg.2.0.0.doc/c_pa_nf_post_delete_support.html
Describe what's not working the way you expect
Couldn't find this....

[rkvinoth]

@MariusWirtz Have you started working on this? This looks like a cool feature.

[MariusWirtz]

Nope. Haven't started with this one yet.

[josrobins]

Hi @MariusWirtz

I've been digging around in the Util.py file and found the existing call to the admin host to get the list of servers. Based on This I've worked up some functions to make a post and delete call to the admin host to add a new instance.

Issues:

• Don't seem to be able to get the require_admin and require version decorators to apply, when un-commented the function call simply fails to execute
• Not sure TM1pyREST exception is the right context

Does this solution appear to be on the right track?

Function Definitions:
(https://github.com/jrobinsonAG/tm1py/blob/7f4fcc9c6e378fa3670935e38d9baa899fa6018f/TM1py/Utils/Utils.py#L79)
(https://github.com/jrobinsonAG/tm1py/blob/7f4fcc9c6e378fa3670935e38d9baa899fa6018f/TM1py/Utils/Utils.py#L95)

Example use:

with TM1Service(**config[ env ]) as tm1:
    admin_server = tm1.server.get_admin_host()
    server_as_dict = {
        "Name":"MyModel1",
        "IPAddress":"192.168.0.1",
        "IPv6Address":None,
        "PortNumber":12345,
        "UsingSSL": True,
        "ClientMessagePortNumber":61098,
        "HTTPPortNumber":8000,
        "ClientExportSSLSvrCert":False,
        "ClientExportSSLSvrKeyID":None,
        "AcceptingClients":True
    }

    new_server = Utils.create_server_on_adminhost(adminhost=admin_server, server_as_dict=server_as_dict)
    servers = Utils.get_all_servers_from_adminhost(adminhost=admin_server)
    response = Utils.delete_server_on_adminhost(adminhost=admin_server, server_name='MyModel1')
```

[MariusWirtz]

Hi,

I think it makes sense, that the require_admin decorator fails because this function is not running "within the scope of a TM1 session". I mean you don't have to be authenticated with TM1 to speak to the admin host.

Sames goes for the require_version decorator I think. They only work in the TM1py Service classes, like the SubsetService or the CellService or something. The decorators are designed to work within those services. Certain assumptions don't apply when you use them to decorate a TM1py Utils function.

Actually, the delete request is kinda irritating me. If no authentication is required to send this delete request towards the admin host, does that mean everyone can just remove servers from the admin host?

[josrobins]

Yes, saw the decorators in the other service classes, and (now see) the is_admin property only exists on the instantiated REST Service object🙄.

In terms of the confirmation about the admin host action, and unauthenticated requests, its something I'm not able to to thoroughly explore given my available environments, though early evidence suggests so.

If this is confirmed seems like a hole that could be exploited, and the package would not want to expose in any way.

[rclapp]

I agree, I did this in postman and then realized the implications of it. It is super powerful, but makes me nervous.

[josrobins]

I agree @rclapp .

Does this mean we should close this issue?

[MariusWirtz]

If this is confirmed seems like a hole that could be exploited, and the package would not want to expose in any way.

I agree. We should probably not include this in the package.

We may include the add functionality though. it doesn't seem harmful to me.

[MariusWirtz]

Actually, you can only update/delete a server that has been manually added to the Admin Server through the REST API. If a server has self-registered itself with the Admin Host on startup, then you won’t be able to update/delete it (you can see the SelfRegistered property when you query the Admin Host).