def get(self, service_uuid):
try:
token = request.headers.get('token')
token_ret = token_auth(token)
except Exception, e:
log.error('Token check error, reason=%s' % e)
return request_result(201)
def broad_for(cls):
try:
token = request.headers.get('token')
token_ret = token_auth(token)
except Exception, e:
log.error('Token check error, reason=%s' % e)
return json.dumps(request_result(201))
def monitor_for(cls, pod_name, rtype):
try:
token = request.headers.get('token')
token_ret = token_auth(token)
except Exception, e:
log.error('Token check error, reason=%s' % e)
return json.dumps(request_result(201))
def get(self):
try:
token = request.headers.get('token')
token_ret = token_auth(token)
log.info('admin token check result is: %s' % token_ret)
except Exception, e:
log.error('Token check error, reason=%s' % e)
return request_result(201)
def put(self, alarm_uuid):
log.info('111111111----')
try:
token = request.headers.get('token')
token_ret = token_auth(token)
except Exception, e:
log.error('Token check error, reason=%s' % e)
return request_result(201)
def get(self):
parameters = dict()
try:
token = request.headers.get('token')
token_ret = token_auth(token)
except Exception, e:
log.error('Token check error, reason=%s' % e)
return json.dumps(request_result(201))
def put(self, certify_uuid):
try:
token = request.headers.get('token')
token_ret = token_auth(token)
source_ip = request.headers.get('X-Real-IP')
if source_ip is None:
source_ip = request.remote_addr
except Exception, e:
log.error('Token check error, reason=%s' % e)
return request_result(201)
def cloudhost_list(self, context, parameters):
try:
user_info = token_auth(context['token'])['result']
user_uuid = user_info.get('user_uuid')
team_uuid = user_info.get('team_uuid')
team_priv = user_info.get('team_priv')
project_uuid = user_info.get('project_uuid')
project_priv = user_info.get('project_priv')
except Exception, e:
log.warning('parameters error, context=%s, '
'parameters=%s, reason=%s' % (context, parameters, e))
return request_result(101)
def _aclauth(*args, **kwargs):
func_args = inspect.getcallargs(func, *args, **kwargs)
context = func_args.get('context')
token = context['token']
resource_uuid = context['resource_uuid']
action = context['action']
user_info = token_auth(token)['result']
user_uuid = user_info['user_uuid']
team_uuid = user_info['team_uuid']
team_priv = user_info['team_priv']
project_uuid = user_info['project_uuid']
project_priv = user_info['project_priv']
context = "%s%s%s%s%s%s%s" % (user_uuid, team_uuid, team_priv,
project_uuid, project_priv,
resource_uuid, action)
log.debug('start ack check, context=%s' % (context))
acl_info = caches.get(context)
if (acl_info is LocalCache.notFound):
log.debug('Cache acl not hit, context=%s' % (context))
auth_manager = AuthManager()
ret = auth_manager.resource_acl_check(
user_uuid, team_uuid, team_priv,
project_uuid, project_priv,
resource_uuid, action)
expire = int(time.time()) + 300
caches.set(context, {"acl_check": ret, "expire": expire})
log.debug('Cached acl check, context=%s' % (context))
else:
log.debug('Cache acl hit, context=%s' % (context))
ret = acl_info['acl_check']
log.debug('ack check result=%s' % (ret))
if ret == 0:
return func(*args, **kwargs)
else:
log.warning('Resource acl auth denied: user_uuid = %s, \
team_uuid=%s, team_priv=%s, project_uuid=%s, \
project_priv=%s, resource_uuid=%s, action=%s'
% (user_uuid, team_uuid, team_priv,
project_uuid, project_priv,
resource_uuid, action))
return request_result(202)
def __aclauth(*args, **kwargs):
func_args = inspect.getcallargs(func, *args, **kwargs)
context = func_args.get('context')
token = context['token']
resource_uuid = context['resource_uuid']
action = context['action']
user_info = token_auth(token)['result']
user_uuid = user_info['user_uuid']
team_uuid = user_info['team_uuid']
team_priv = user_info['team_priv']
project_uuid = user_info['project_uuid']
project_priv = user_info['project_priv']
context = "%s%s%s%s%s%s%s" % (user_uuid, team_uuid, team_priv,
project_uuid, project_priv,
resource_uuid, action)
log.debug('start ack check, context=%s' % (context))
acl_info = caches.get(context)
if (acl_info is LocalCache.notFound):
log.debug('Cache acl not hit, context=%s' % (context))
auth_manager = AuthManager(service_name)
ret = auth_manager.resource_acl_check(
user_uuid, team_uuid, team_priv,
project_uuid, project_priv,
resource_uuid, action)
expire = int(time.time()) + 300
caches.set(context, {"acl_check": ret, "expire": expire})
log.debug('Cached acl check, context=%s' % (context))
else:
log.debug('Cache acl hit, context=%s' % (context))
ret = acl_info['acl_check']
log.debug('ack check result=%s' % (ret))
if ret == 0:
try:
return func(*args, **kwargs)
except Exception, e:
log.error('function(%s) exec error, reason = %s'
% (func.__name__, e))
return request_result(999)
def snapshot_create(self, context, parameters):
try:
token = context['token']
source_ip = context.get('source_ip')
user_info = token_auth(context['token'])['result']
user_uuid = user_info.get('user_uuid')
team_uuid = user_info.get('team_uuid')
project_uuid = user_info.get('project_uuid')
cloudhost_uuid = parameters.get('cloudhost_uuid')
snapshot_name = parameters.get('snapshot')
comment = parameters.get('comment')
cloudhost_uuid = parameter_check(cloudhost_uuid, ptype='pstr')
snapshot_name = parameter_check(snapshot_name, ptype='pnam')
except Exception, e:
log.warning('parameters error, context=%s, '
'parameters=%s, reason=%s' % (context, parameters, e))
return request_result(101)
def __reslmt(*args, **kwargs):
try:
func_args = inspect.getcallargs(func, *args, **kwargs)
token = func_args.get('token')
cost = func_args.get('cost')
user_info = token_auth(token)['result']
team_uuid = user_info.get('team_uuid')
project_uuid = user_info.get('project_uuid')
user_uuid = user_info.get('user_uuid')
if user_uuid != 'sysadmin':
limit_info = billing_limit_check(token, resource_type,
cost)
balance_check = limit_info['result']['balance_check']
if int(balance_check) != 0:
log.warning('Limit check denied, not enough balance')
return request_result(302)
limit_check = limit_info['result']['limit_check']
res_db = resources_db.ResourcesDB()
resource_count = res_db.resource_count(
resource_type, team_uuid, project_uuid, user_uuid)
log.debug('billing_limit_check=%s, resource_count=%s' %
(limit_check, resource_count))
if int(resource_count) >= int(limit_check):
log.warning(
'Limit check denied, Team(%s) resource(%s) '
'reach upper limit' % (team_uuid, resource_type))
return request_result(303)
try:
return func(*args, **kwargs)
except Exception, e:
log.error('function(%s) exec error, reason = %s' %
(func.__name__, e))
return request_result(601)
except Exception, e:
log.error('Limit check error, reason=%s' % (e))
return request_result(303)
def cloudhost_create(self, context, parameters=None):
try:
token = context['token']
source_ip = context.get('source_ip')
user_info = token_auth(context['token'])['result']
user_uuid = user_info.get('user_uuid')
team_uuid = user_info.get('team_uuid')
project_uuid = user_info.get('project_uuid')
availzone_uuid = parameters.get('availzone_uuid')
image_uuid = parameters.get('image_uuid')
vm_name = parameters.get('vm_name')
vm_cpu = parameters.get('vm_cpu')
vm_mem = parameters.get('vm_mem')
disk_list = parameters.get('disk_list')
nic_list = parameters.get('nic_list')
password = parameters.get('password')
cost = parameters.get('cost')
availzone_uuid = parameter_check(availzone_uuid, ptype='pstr')
image_uuid = parameter_check(image_uuid, ptype='pstr')
vm_name = parameter_check(vm_name, ptype='pnam')
vm_cpu = parameter_check(vm_cpu, ptype='pint')
vm_mem = parameter_check(vm_mem, ptype='pint')
password = parameter_check(password, ptype='ppwd')
if self.billing_check is True:
cost = parameter_check(cost, ptype='pflt')
if float(cost) < 0:
raise (Exception('Parameter cost error, '
'cost must greater than 0'))
else:
cost = parameter_check(cost, ptype='pflt', exist='no')
except Exception, e:
log.warning('parameters error, context=%s, '
'parameters=%s, reason=%s' % (context, parameters, e))
return request_result(101)
