def _add_security_service(self, req, id, data):
"""Associate share network with a given security service."""
context = req.environ['manila.context']
policy.check_policy(context, RESOURCE_NAME, 'add_security_service')
share_network = db_api.share_network_get(context, id)
if share_network['share_servers']:
msg = _("Cannot add security services. Share network is used.")
raise exc.HTTPForbidden(explanation=msg)
security_service = db_api.security_service_get(
context, data['security_service_id'])
for attached_service in share_network['security_services']:
if attached_service['type'] == security_service['type']:
msg = _("Cannot add security service to share network. "
"Security service with '%(ss_type)s' type already "
"added to '%(sn_id)s' share network") % {
'ss_type': security_service['type'],
'sn_id': share_network['id']}
raise exc.HTTPConflict(explanation=msg)
try:
share_network = db_api.share_network_add_security_service(
context,
id,
data['security_service_id'])
except KeyError:
msg = "Malformed request body"
raise exc.HTTPBadRequest(explanation=msg)
except exception.NotFound as e:
raise exc.HTTPNotFound(explanation=six.text_type(e))
except exception.ShareNetworkSecurityServiceAssociationError as e:
raise exc.HTTPBadRequest(explanation=six.text_type(e))
return self._view_builder.build_share_network(share_network)
def check_add_security_service(self, req, id, body):
"""Check the feasibility of associate a new security service."""
context = req.environ['manila.context']
share_network = db_api.share_network_get(context, id)
policy.check_policy(context, RESOURCE_NAME,
'add_security_service_check',
target_obj=share_network)
data = body['add_security_service_check']
try:
security_service = db_api.security_service_get(
context, data['security_service_id'])
except KeyError:
msg = "Malformed request body."
raise exc.HTTPBadRequest(explanation=msg)
except exception.NotFound:
msg = ("Security service %s doesn't exist."
) % data['security_service_id']
raise exc.HTTPBadRequest(explanation=msg)
reset_check = utils.get_bool_from_api_params('reset_operation', data)
try:
result = (
self.share_api.check_share_network_security_service_update(
context, share_network, security_service,
reset_operation=reset_check))
except exception.ServiceIsDown as e:
raise exc.HTTPConflict(explanation=e.msg)
except exception.InvalidShareNetwork as e:
raise exc.HTTPBadRequest(explanation=e.msg)
except exception.InvalidSecurityService as e:
raise exc.HTTPConflict(explanation=e.msg)
return self._view_builder.build_security_service_update_check(
req, data, result)
def update_security_service(self, req, id, body):
"""Update security service parameters from a given share network."""
context = req.environ['manila.context']
share_network = db_api.share_network_get(context, id)
policy.check_policy(context, RESOURCE_NAME, 'update_security_service',
target_obj=share_network)
try:
data = body['update_security_service']
current_security_service = db_api.security_service_get(
context, data['current_service_id']
)
new_security_service = db_api.security_service_get(
context, data['new_service_id']
)
except KeyError:
msg = "Malformed request body."
raise exc.HTTPBadRequest(explanation=msg)
except exception.NotFound:
msg = ("The current security service or the new security service "
"doesn't exist.")
raise exc.HTTPBadRequest(explanation=msg)
try:
self.share_api.update_share_network_security_service(
context, share_network, new_security_service,
current_security_service=current_security_service)
except exception.ServiceIsDown as e:
raise exc.HTTPConflict(explanation=e.msg)
except exception.InvalidShareNetwork as e:
raise exc.HTTPBadRequest(explanation=e.msg)
except exception.InvalidSecurityService as e:
raise exc.HTTPConflict(explanation=e.msg)
try:
share_network = db_api.share_network_update_security_service(
context,
id,
data['current_service_id'],
data['new_service_id'])
except exception.NotFound as e:
raise exc.HTTPNotFound(explanation=e.msg)
except (exception.ShareNetworkSecurityServiceDissociationError,
exception.ShareNetworkSecurityServiceAssociationError) as e:
raise exc.HTTPBadRequest(explanation=e.msg)
return self._view_builder.build_share_network(req, share_network)
def test_get(self):
db_api.security_service_create(self.fake_context,
security_service_dict)
result = db_api.security_service_get(self.fake_context,
security_service_dict['id'])
self._check_expected_fields(result, security_service_dict)
def test_get(self):
db_api.security_service_create(self.fake_context,
security_service_dict)
result = db_api.security_service_get(self.fake_context,
security_service_dict['id'])
self._check_expected_fields(result, security_service_dict)
def add_security_service(self, req, id, body):
"""Associate share network with a given security service."""
context = req.environ['manila.context']
share_network = db_api.share_network_get(context, id)
policy.check_policy(context, RESOURCE_NAME, 'add_security_service',
target_obj=share_network)
try:
data = body['add_security_service']
security_service = db_api.security_service_get(
context, data['security_service_id'])
except KeyError:
msg = "Malformed request body"
raise exc.HTTPBadRequest(explanation=msg)
contain_share_servers = (
self._share_network_subnets_contain_share_servers(share_network))
support_adding_to_in_use_networks = (
req.api_version_request >= api_version.APIVersionRequest("2.63"))
if contain_share_servers:
if not support_adding_to_in_use_networks:
msg = _("Cannot add security services. Share network is used.")
raise exc.HTTPForbidden(explanation=msg)
try:
self.share_api.update_share_network_security_service(
context, share_network, security_service)
except exception.ServiceIsDown as e:
raise exc.HTTPConflict(explanation=e.msg)
except exception.InvalidShareNetwork as e:
raise exc.HTTPBadRequest(explanation=e.msg)
except exception.InvalidSecurityService as e:
raise exc.HTTPConflict(explanation=e.msg)
try:
share_network = db_api.share_network_add_security_service(
context,
id,
data['security_service_id'])
except exception.NotFound as e:
raise exc.HTTPNotFound(explanation=e.msg)
except exception.ShareNetworkSecurityServiceAssociationError as e:
raise exc.HTTPBadRequest(explanation=e.msg)
return self._view_builder.build_share_network(req, share_network)