def update_pool_maxconn(maxconn, old_maxconn, sp, user):
sp.default_limit = maxconn
sp.save()
# If pool member exists, checks if all of them have the same maxconn
# before changing its default maxconn
if (len(sp.serverpoolmember_set.all()) > 0):
if (old_maxconn != sp.default_limit and sp.pool_created):
for serverpoolmember in sp.serverpoolmember_set.all():
if serverpoolmember.limit != old_maxconn:
raise exceptions.ScriptAlterLimitPoolDiffMembersException()
else:
serverpoolmember.limit = maxconn
serverpoolmember.save()
transaction.commit()
command = settings.POOL_MANAGEMENT_LIMITS % (sp.id)
code, _, _ = exec_script(command)
if code != 0:
sp.default_limit = old_maxconn
for serverpoolmember in sp.serverpoolmember_set.all():
serverpoolmember.limit = old_maxconn
serverpoolmember.save()
sp.save()
transaction.commit()
raise exceptions.ScriptAlterLimitPoolException()
def update_pool_maxconn(maxconn, old_maxconn, sp, user):
sp.default_limit = maxconn
sp.save()
# If pool member exists, checks if all of them have the same maxconn
# before changing its default maxconn
if(len(sp.serverpoolmember_set.all()) > 0):
if(old_maxconn != sp.default_limit and sp.pool_created):
for serverpoolmember in sp.serverpoolmember_set.all():
if serverpoolmember.limit != old_maxconn:
raise exceptions.ScriptAlterLimitPoolDiffMembersException()
else:
serverpoolmember.limit = maxconn
serverpoolmember.save()
transaction.commit()
command = settings.POOL_MANAGEMENT_LIMITS % (sp.id)
code, _, _ = exec_script(command)
if code != 0:
sp.default_limit = old_maxconn
for serverpoolmember in sp.serverpoolmember_set.all():
serverpoolmember.limit = old_maxconn
serverpoolmember.save()
sp.save()
transaction.commit()
raise exceptions.ScriptAlterLimitPoolException()
def check_pool_member_status(self, obj):
command = POOL_REAL_CHECK % (obj.server_pool.id, obj.ip.id, obj.port_real)
code, _, _ = exec_script(command)
return code
def check_pool_member_status(self, obj):
command = POOL_REAL_CHECK % (
obj.server_pool.id, obj.ip.id, obj.port_real)
code, _, _ = exec_script(command)
return code
def activate_network(self, user, id):
# id => ex: '55-v4' or '55-v6'
value = id.split('-')
if len(value) != 2:
self.log.error(
u'The id network parameter is invalid format: %s.', value)
raise InvalidValueError(None, 'id_network', value)
id_net = value[0]
network_type = value[1]
if not is_valid_int_greater_zero_param(id_net):
self.log.error(
u'The id network parameter is invalid. Value: %s.', id_net)
raise InvalidValueError(None, 'id_network', id_net)
if not is_valid_version_ip(network_type, IP_VERSION):
self.log.error(
u'The type network parameter is invalid value: %s.', network_type)
raise InvalidValueError(None, 'network_type', network_type)
if network_type == 'v4':
# network_type = 'v4'
# Make command
command = NETWORKIPV4_CREATE % int(id_net)
code, stdout, stderr = exec_script(command)
if code == 0:
# Change column 'active = 1'
net = NetworkIPv4.get_by_pk(id_net)
net.activate(user)
else:
# network_type = 'v6'
# Make command
command = NETWORKIPV6_CREATE % int(id_net)
code, stdout, stderr = exec_script(command)
if code == 0:
# Change column 'active = 1'
net = NetworkIPv6.get_by_pk(id_net)
net.activate(user)
return code, stdout, stderr
def activate_network(self, user, id):
# id => ex: '55-v4' or '55-v6'
value = id.split('-')
if len(value) != 2:
self.log.error(
u'The id network parameter is invalid format: %s.', value)
raise InvalidValueError(None, 'id_network', value)
id_net = value[0]
network_type = value[1]
if not is_valid_int_greater_zero_param(id_net):
self.log.error(
u'The id network parameter is invalid. Value: %s.', id_net)
raise InvalidValueError(None, 'id_network', id_net)
if not is_valid_version_ip(network_type, IP_VERSION):
self.log.error(
u'The type network parameter is invalid value: %s.', network_type)
raise InvalidValueError(None, 'network_type', network_type)
if network_type == 'v4':
# network_type = 'v4'
# Make command
command = NETWORKIPV4_CREATE % int(id_net)
code, stdout, stderr = exec_script(command)
if code == 0:
# Change column 'active = 1'
net = NetworkIPv4.get_by_pk(id_net)
net.activate(user)
else:
# network_type = 'v6'
# Make command
command = NETWORKIPV6_CREATE % int(id_net)
code, stdout, stderr = exec_script(command)
if code == 0:
# Change column 'active = 1'
net = NetworkIPv6.get_by_pk(id_net)
net.activate(user)
return code, stdout, stderr
def apply_priorities(list_pool_member, old_priorities_list, sp, user):
transaction.commit()
command = settings.POOL_MEMBER_PRIORITIES % (sp.id)
code, _, _ = exec_script(command)
if code != 0:
for i in range(0, len(old_priorities_list)):
list_pool_member[i].priority = old_priorities_list[i]
list_pool_member[i].save()
transaction.commit()
raise exceptions.ScriptAlterPriorityPoolMembersException()
def exec_script_check_poolmember_by_pool(pool_id):
# execute script check status real
command = settings.POOL_REAL_CHECK_BY_POOL % (pool_id)
status_code, stdout, stderr = exec_script(command)
if status_code != 0:
raise exceptions.ScriptCheckStatusPoolMemberException()
return stdout
def exec_script_check_poolmember_by_pool(pool_id):
# execute script check status real
command = settings.POOL_REAL_CHECK_BY_POOL % (pool_id)
status_code, stdout, stderr = exec_script(command)
if status_code != 0:
raise exceptions.ScriptCheckStatusPoolMemberException()
return stdout
def deploy_pool_member_config(id_ip, id_pool, port_ip, spm, user):
transaction.commit()
# def prepare_and_save(self, server_pool, ip, ip_type, priority, weight, port_real, user, commit=False):
# spm.prepare_and_save(sp, ip_object, IP_VERSION.IPv4[1], dic['priority'], dic['weight'], dic['port_real'], user, True)
command = settings.POOL_REAL_CREATE % (id_pool, id_ip, port_ip)
code, _, _ = exec_script(command)
if code != 0:
spm.delete()
transaction.commit()
raise exceptions.ScriptCreatePoolException()
def deploy_pool_member_config(id_ip, id_pool, port_ip, spm, user):
transaction.commit()
# def prepare_and_save(self, server_pool, ip, ip_type, priority, weight, port_real, user, commit=False):
# spm.prepare_and_save(sp, ip_object, IP_VERSION.IPv4[1], dic['priority'], dic['weight'], dic['port_real'], user, True)
command = settings.POOL_REAL_CREATE % (id_pool, id_ip, port_ip)
code, _, _ = exec_script(command)
if code != 0:
spm.delete()
transaction.commit()
raise exceptions.ScriptCreatePoolException()
def apply_priorities(list_pool_member, old_priorities_list, sp, user):
transaction.commit()
command = settings.POOL_MEMBER_PRIORITIES % (sp.id)
code, _, _ = exec_script(command)
if code != 0:
for i in range(0, len(old_priorities_list)):
list_pool_member[i].priority = old_priorities_list[i]
list_pool_member[i].save()
transaction.commit()
raise exceptions.ScriptAlterPriorityPoolMembersException()
def deactivate_network(self, user, id):
id_network, network_type = self.get_id_and_net_type(id)
if not is_valid_int_greater_zero_param(id_network):
self.log.error(
u'The id network parameter is invalid. Value: %s.', id_network)
raise InvalidValueError(None, 'id_network', id_network)
if not is_valid_version_ip(network_type, IP_VERSION):
self.log.error(
u'The type network parameter is invalid value: %s.', network_type)
raise InvalidValueError(None, 'network_type', network_type)
if network_type == self.NETWORK_TYPE_V4:
net = NetworkIPv4.get_by_pk(id_network)
if not self.is_active_netwok(net):
raise NetworkInactiveError(
message=error_messages.get(self.CODE_MESSAGE_INACTIVE_NETWORK))
command = NETWORKIPV4_REMOVE % int(id_network)
code, stdout, stderr = exec_script(command)
if code == 0:
net = NetworkIPv4.get_by_pk(id_network)
net.deactivate(user)
else:
net = NetworkIPv6.get_by_pk(id_network)
if not self.is_active_netwok(net):
raise NetworkInactiveError(
message=error_messages.get(self.CODE_MESSAGE_INACTIVE_NETWORK))
command = NETWORKIPV6_REMOVE % int(id_network)
code, stdout, stderr = exec_script(command)
if code == 0:
net.deactivate(user)
return code, stdout, stderr
def check_pool_member_enabled(self, obj):
command = POOL_REAL_CHECK % (
obj.server_pool.id, obj.ip.id, obj.port_real)
code, _, _ = exec_script(command)
if code == 0:
return True
return False
def check_pool_member_enabled(self, obj):
command = POOL_REAL_CHECK % (obj.server_pool.id, obj.ip.id, obj.port_real)
code, _, _ = exec_script(command)
if code == 0:
return True
return False
def create_vlan(self, user, vlan_id):
if not has_perm(user, AdminPermission.VLAN_MANAGEMENT, AdminPermission.WRITE_OPERATION):
return self.not_authorized()
vlan = Vlan().get_by_pk(vlan_id)
# Check permission group equipments
equips_from_ipv4 = Equipamento.objects.filter(
ipequipamento__ip__networkipv4__vlan=vlan_id, equipamentoambiente__is_router=1)
equips_from_ipv6 = Equipamento.objects.filter(
ipv6equipament__ip__networkipv6__vlan=vlan_id, equipamentoambiente__is_router=1)
for equip in equips_from_ipv4:
# User permission
if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip.id, AdminPermission.EQUIP_WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
for equip in equips_from_ipv6:
# User permission
if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip.id, AdminPermission.EQUIP_WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
if vlan.ativada:
return self.response_error(122)
command = settings.VLAN_CREATE % (vlan.id)
code, stdout, stderr = exec_script(command)
if code == 0:
vlan.activate(user)
success_map = dict()
success_map['codigo'] = '%04d' % code
success_map['descricao'] = {'stdout': stdout, 'stderr': stderr}
map = dict()
map['sucesso'] = success_map
# Send to Queue
queue_manager = QueueManager()
serializer = VlanSerializer(vlan)
data_to_queue = serializer.data
data_to_queue.update({'description': queue_keys.VLAN_CREATE})
queue_manager.append({'action': queue_keys.VLAN_CREATE,'kind': queue_keys.VLAN_KEY,'data': data_to_queue})
queue_manager.send()
return self.response(dumps_networkapi(map))
else:
return self.response_error(2, stdout + stderr)
def update_load_balancing_method(balancing, old_lb_method, sp, user):
sp.lb_method = balancing
sp.save()
if (old_lb_method != sp.lb_method and sp.pool_created):
transaction.commit()
command = settings.POOL_MANAGEMENT_LB_METHOD % (sp.id)
code, _, _ = exec_script(command)
if code != 0:
sp.lb_method = old_lb_method
sp.save()
transaction.commit()
raise exceptions.ScriptCreatePoolException()
def update_load_balancing_method(balancing, old_lb_method, sp, user):
sp.lb_method = balancing
sp.save()
if (old_lb_method != sp.lb_method and sp.pool_created):
transaction.commit()
command = settings.POOL_MANAGEMENT_LB_METHOD % (sp.id)
code, _, _ = exec_script(command)
if code != 0:
sp.lb_method = old_lb_method
sp.save()
transaction.commit()
raise exceptions.ScriptCreatePoolException()
def apply_health_check(hc, old_healthcheck, sp, user):
# Applies new healthcheck in pool
sp.healthcheck = hc
sp.save()
if (old_healthcheck.id != hc.id and sp.pool_created):
transaction.commit()
command = settings.POOL_HEALTHCHECK % (sp.id)
code, _, _ = exec_script(command)
if code != 0:
sp.healthcheck = old_healthcheck
sp.save()
transaction.commit()
raise exceptions.ScriptCreatePoolException()
def apply_service_down_action(old_servicedownaction, servicedownaction, sp, user):
# Applies new service-down-action in pool
sp.servicedownaction = servicedownaction
sp.save()
if (old_servicedownaction != sp.servicedownaction and sp.pool_created):
transaction.commit()
command = settings.POOL_SERVICEDOWNACTION % (sp.id)
code, _, _ = exec_script(command)
if code != 0:
sp.servicedownaction = old_servicedownaction
sp.save()
transaction.commit()
raise exceptions.ScriptAlterServiceDownActionException()
def apply_health_check(hc, old_healthcheck, sp, user):
# Applies new healthcheck in pool
sp.healthcheck = hc
sp.save()
if (old_healthcheck.id != hc.id and sp.pool_created):
transaction.commit()
command = settings.POOL_HEALTHCHECK % (sp.id)
code, _, _ = exec_script(command)
if code != 0:
sp.healthcheck = old_healthcheck
sp.save()
transaction.commit()
raise exceptions.ScriptCreatePoolException()
def deactivate_network(self, user, id):
id_network, network_type = self.get_id_and_net_type(id)
if not is_valid_int_greater_zero_param(id_network):
self.log.error(
u'The id network parameter is invalid. Value: %s.', id_network)
raise InvalidValueError(None, 'id_network', id_network)
if not is_valid_version_ip(network_type, IP_VERSION):
self.log.error(
u'The type network parameter is invalid value: %s.', network_type)
raise InvalidValueError(None, 'network_type', network_type)
if not self.is_active_netwok(net):
code = 0
stdout = 'Nothing to do. Network is not active.'
stderr = ''
else:
if network_type == self.NETWORK_TYPE_V4:
net = NetworkIPv4.get_by_pk(id_network)
command = NETWORKIPV4_REMOVE % int(id_network)
code, stdout, stderr = exec_script(command)
if code == 0:
net = NetworkIPv4.get_by_pk(id_network)
net.deactivate(user)
else:
net = NetworkIPv6.get_by_pk(id_network)
command = NETWORKIPV6_REMOVE % int(id_network)
code, stdout, stderr = exec_script(command)
if code == 0:
net.deactivate(user)
return code, stdout, stderr
def deactivate_network(self, user, id):
id_network, network_type = self.get_id_and_net_type(id)
if not is_valid_int_greater_zero_param(id_network):
self.log.error(u'The id network parameter is invalid. Value: %s.',
id_network)
raise InvalidValueError(None, 'id_network', id_network)
if not is_valid_version_ip(network_type, IP_VERSION):
self.log.error(u'The type network parameter is invalid value: %s.',
network_type)
raise InvalidValueError(None, 'network_type', network_type)
if not self.is_active_netwok(net):
code = 0
stdout = 'Nothing to do. Network is not active.'
stderr = ''
else:
if network_type == self.NETWORK_TYPE_V4:
net = NetworkIPv4.get_by_pk(id_network)
command = NETWORKIPV4_REMOVE % int(id_network)
code, stdout, stderr = exec_script(command)
if code == 0:
net = NetworkIPv4.get_by_pk(id_network)
net.deactivate(user)
else:
net = NetworkIPv6.get_by_pk(id_network)
command = NETWORKIPV6_REMOVE % int(id_network)
code, stdout, stderr = exec_script(command)
if code == 0:
net.deactivate(user)
return code, stdout, stderr
def create_vip(self, vips):
try:
if vips.get('layers'):
for vip_id in vips.get('layers'):
for id_layer in vips.get('layers').get(vip_id):
vip_request = vips.get('layers').get(vip_id).get(
id_layer).get('vip_request')
command = 'gerador_vips -i %s --cria --aceonly' % vip_request[
'id']
log.info('calling script: %s' % command)
code, stdout, stderr = exec_script(command)
except Exception, e:
log.error(e)
raise base_exceptions.CommandErrorException(e)
def create_vip(self, vips):
try:
if vips.get('layers'):
for vip_id in vips.get('layers'):
for id_layer in vips.get('layers').get(vip_id):
vip_request = vips.get('layers').get(
vip_id).get(id_layer).get('vip_request')
command = 'gerador_vips -i %s --cria --aceonly' % vip_request[
'id']
log.info('calling script: %s' % command)
code, stdout, stderr = exec_script(command)
except Exception, e:
log.error(e)
raise base_exceptions.CommandErrorException(e)
def apply_service_down_action(old_servicedownaction, servicedownaction, sp,
user):
# Applies new service-down-action in pool
sp.servicedownaction = servicedownaction
sp.save()
if (old_servicedownaction != sp.servicedownaction and sp.pool_created):
transaction.commit()
command = settings.POOL_SERVICEDOWNACTION % (sp.id)
code, _, _ = exec_script(command)
if code != 0:
sp.servicedownaction = old_servicedownaction
sp.save()
transaction.commit()
raise exceptions.ScriptAlterServiceDownActionException()
def remove_pool_members(id_pool_member_noempty, sp, user):
# exclue server pool member
del_smp = sp.serverpoolmember_set.exclude(id__in=id_pool_member_noempty)
if del_smp:
for obj in del_smp:
obj.delete()
# execute script remove real if pool already created
# commit transaction after each successful script call
if sp.pool_created:
command = settings.POOL_REAL_REMOVE % (
obj.server_pool_id, obj.ip_id if obj.ip else obj.ipv6_id, obj.port_real)
code, _, _ = exec_script(command)
if code != 0:
raise exceptions.ScriptCreatePoolException()
transaction.commit()
def remove_pool_members(id_pool_member_noempty, sp, user):
# exclue server pool member
del_smp = sp.serverpoolmember_set.exclude(id__in=id_pool_member_noempty)
if del_smp:
for obj in del_smp:
obj.delete()
# execute script remove real if pool already created
# commit transaction after each successful script call
if sp.pool_created:
command = settings.POOL_REAL_REMOVE % (
obj.server_pool_id, obj.ip_id if obj.ip else obj.ipv6_id,
obj.port_real)
code, _, _ = exec_script(command)
if code != 0:
raise exceptions.ScriptCreatePoolException()
transaction.commit()
def create_vlan(self, user, vlan_id):
if not has_perm(user, AdminPermission.VLAN_MANAGEMENT, AdminPermission.WRITE_OPERATION):
return self.not_authorized()
vlan = Vlan().get_by_pk(vlan_id)
# Check permission group equipments
equips_from_ipv4 = Equipamento.objects.filter(
ipequipamento__ip__networkipv4__vlan=vlan_id, equipamentoambiente__is_router=1)
equips_from_ipv6 = Equipamento.objects.filter(
ipv6equipament__ip__networkipv6__vlan=vlan_id, equipamentoambiente__is_router=1)
for equip in equips_from_ipv4:
# User permission
if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip.id, AdminPermission.EQUIP_WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
for equip in equips_from_ipv6:
# User permission
if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip.id, AdminPermission.EQUIP_WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
if vlan.ativada:
return self.response_error(122)
command = settings.VLAN_CREATE % (vlan.id)
code, stdout, stderr = exec_script(command)
if code == 0:
vlan.activate(user)
success_map = dict()
success_map['codigo'] = '%04d' % code
success_map['descricao'] = {'stdout': stdout, 'stderr': stderr}
map = dict()
map['sucesso'] = success_map
return self.response(dumps_networkapi(map))
else:
return self.response_error(2, stdout + stderr)
def handle_put(self, request, user, *args, **kwargs):
"""Treat requests PUT change limit connections to VIP.
URLs: /vip/<id_vip>/maxcon/<maxcon>/
"""
self.log.info('Change limit connections to VIP')
try:
vip_id = kwargs.get('id_vip')
maxcon = kwargs.get('maxcon')
# User permission
if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
# Valid Vip ID
if not is_valid_int_greater_zero_param(vip_id):
self.log.error(
u'The vip_id parameter is not a valid value: %s.', vip_id)
raise InvalidValueError(None)
# Valid Maxcon
if not is_valid_int_greater_equal_zero_param(maxcon):
self.log.error(
u'The maxcon parameter is not a valid value: %s.', maxcon)
raise InvalidValueError(None)
# Existing Vip ID
vip = RequisicaoVips.get_by_pk(vip_id)
with distributedlock(LOCK_VIP % vip_id):
vip_old = clone(vip)
server_pools = ServerPool.objects.filter(
vipporttopool__requisicao_vip=vip)
server_pools_old = []
server_pools_members_old = []
for sp in server_pools:
server_pools_old.append(sp)
for spm in sp.serverpoolmember_set.all():
server_pools_members_old.append(spm)
# Vip must be created
if not vip.vip_criado:
self.log.error(
u'Maxcon can not be changed because VIP has not yet been created.')
raise RequestVipsNotBeenCreatedError(None)
# Vip equipments permission
if vip.ip is not None:
for ip_equipment in vip.ip.ipequipamento_set.all():
if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION, None, ip_equipment.equipamento_id, AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION):
self.log.error(
u'Groups of equipment registered with the IP of the VIP request is not allowed of acess.')
raise EquipmentGroupsNotAuthorizedError(None)
if vip.ipv6 is not None:
for ip_equipment in vip.ipv6.ipv6equipament_set.all():
if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION, None, ip_equipment.equipamento_id, AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION):
self.log.error(
u'Groups of equipment registered with the IP of the VIP request is not allowed of acess.')
raise EquipmentGroupsNotAuthorizedError(None)
# Get variables
variables_map = vip.variables_to_map()
# Valid variables
vip.set_variables(variables_map)
# Valid real names and real ips of real server
if variables_map.get('reals') is not None:
evip = EnvironmentVip.get_by_values(variables_map.get(
'finalidade'), variables_map.get('cliente'), variables_map.get('ambiente'))
for real in variables_map.get('reals').get('real'):
ip_aux_error = real.get('real_ip')
equip_aux_error = real.get('real_name')
equip = Equipamento.get_by_name(equip_aux_error)
# Valid Real
RequisicaoVips.valid_real_server(
ip_aux_error, equip, evip)
# Valid reals_prioritys
variables_map, code = vip.valid_values_reals_priority(
variables_map)
if code is not None:
return self.response_error(329)
# Valid reals_weight
variables_map, code = vip.valid_values_reals_weight(
variables_map)
if code is not None:
return self.response_error(330)
# Valid ports
variables_map, code = vip.valid_values_ports(variables_map)
if code is not None:
return self.response_error(331)
variables_map['maxcon'] = maxcon
vip.set_variables(variables_map)
vip.save(user, commit=True)
# update server pool limits table
# Fix #27
server_pools = ServerPool.objects.filter(
vipporttopool__requisicao_vip=vip)
for sp in server_pools:
# If exists pool member, change default maxconn of pool and
# members
if(len(sp.serverpoolmember_set.all()) > 0):
# if(old_maxconn != sp.default_limit and
# sp.pool_created):
sp.default_limit = maxcon
sp.save(user, commit=True)
for serverpoolmember in sp.serverpoolmember_set.all():
serverpoolmember.limit = maxcon
serverpoolmember.save(user, commit=True)
# gerador_vips -i <ID_REQUISICAO> --maxconn
command = 'gerador_vips -i %d --maxconn' % vip.id
code, stdout, stderr = exec_script(command)
if code == 0:
success_map = dict()
success_map['codigo'] = '%04d' % code
success_map['descricao'] = {
'stdout': stdout, 'stderr': stderr}
map = dict()
map['sucesso'] = success_map
return self.response(dumps_networkapi(map))
else:
# TODO Check if is needed to update pool members separately
vip_old.save(user, commit=True)
for sp in server_pools_old:
sp.save(user, commit=True)
for spm in server_pools_members_old:
spm.save(user, commit=True)
return self.response_error(2, stdout + stderr)
except XMLError, x:
self.log.error(u'Error reading the XML request.')
return self.response_error(3, x)
def handle_post(self, request, user, *args, **kwargs):
"""Treat POST requests to run script creation for vlan and networks
URL: vlan/v4/create/ or vlan/v6/create/
"""
try:
# Generic method for v4 and v6
network_version = kwargs.get("network_version")
# Commons Validations
# User permission
if not has_perm(user, AdminPermission.VLAN_MANAGEMENT, AdminPermission.WRITE_OPERATION):
self.log.error(u"User does not have permission to perform the operation.")
return self.not_authorized()
# Business Validations
# Load XML data
xml_map, attrs_map = loads(request.raw_post_data)
# XML data format
networkapi_map = xml_map.get("networkapi")
if networkapi_map is None:
msg = u"There is no value to the networkapi tag of XML request."
self.log.error(msg)
return self.response_error(3, msg)
vlan_map = networkapi_map.get("vlan")
if vlan_map is None:
msg = u"There is no value to the vlan tag of XML request."
self.log.error(msg)
return self.response_error(3, msg)
# Get XML data
network_ip_id = vlan_map.get("id_network_ip")
# Valid network_ip ID
if not is_valid_int_greater_zero_param(network_ip_id):
self.log.error(u"Parameter id_network_ip is invalid. Value: %s.", network_ip_id)
raise InvalidValueError(None, "id_network_ip", network_ip_id)
# Network must exists in database
if IP_VERSION.IPv4[0] == network_version:
network_ip = NetworkIPv4().get_by_pk(network_ip_id)
else:
network_ip = NetworkIPv6().get_by_pk(network_ip_id)
# Vlan must be active if Network is
if network_ip.active:
return self.response_error(299)
# Check permission group equipments
equips_from_ipv4 = Equipamento.objects.filter(
ipequipamento__ip__networkipv4__vlan=network_ip.vlan.id, equipamentoambiente__is_router=1
)
equips_from_ipv6 = Equipamento.objects.filter(
ipv6equipament__ip__networkipv6__vlan=network_ip.vlan.id, equipamentoambiente__is_router=1
)
for equip in equips_from_ipv4:
# User permission
if not has_perm(
user,
AdminPermission.EQUIPMENT_MANAGEMENT,
AdminPermission.WRITE_OPERATION,
None,
equip.id,
AdminPermission.EQUIP_WRITE_OPERATION,
):
self.log.error(u"User does not have permission to perform the operation.")
return self.not_authorized()
for equip in equips_from_ipv6:
# User permission
if not has_perm(
user,
AdminPermission.EQUIPMENT_MANAGEMENT,
AdminPermission.WRITE_OPERATION,
None,
equip.id,
AdminPermission.EQUIP_WRITE_OPERATION,
):
self.log.error(u"User does not have permission to perform the operation.")
return self.not_authorized()
# Business Rules
success_map = dict()
# If Vlan is not active, need to be created before network
if not network_ip.vlan.ativada:
# Make command
vlan_command = VLAN_CREATE % (network_ip.vlan.id)
# Execute command
code, stdout, stderr = exec_script(vlan_command)
if code == 0:
# After execute script, change to activated
network_ip.vlan.activate(user)
vlan_success = dict()
vlan_success["codigo"] = "%04d" % code
vlan_success["descricao"] = {"stdout": stdout, "stderr": stderr}
success_map["vlan"] = vlan_success
else:
return self.response_error(2, stdout + stderr)
# Make command to create Network
if IP_VERSION.IPv4[0] == network_version:
command = NETWORKIPV4_CREATE % (network_ip.id)
else:
command = NETWORKIPV6_CREATE % (network_ip.id)
# Execute command
code, stdout, stderr = exec_script(command)
if code == 0:
# After execute script, change the Network to activated
network_ip.activate(user)
network_success = dict()
network_success["codigo"] = "%04d" % code
network_success["descricao"] = {"stdout": stdout, "stderr": stderr}
success_map["network"] = network_success
else:
return self.response_error(2, stdout + stderr)
map = dict()
map["sucesso"] = success_map
vlan_obj = network_ip.vlan
# Return XML
return self.response(dumps_networkapi(map))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def manager_pools(request):
"""
Manager Status Pool Members Enable/Disabled By Pool
:param request: HttpRequest
"""
try:
pool_id = request.DATA.get("server_pool_id")
pool_members = request.DATA.get("server_pool_members", [])
# List to validate pool member status
valid_status = [0, 1, False, True]
pool_members_id = [member.get('id') for member in pool_members]
if not is_valid_int_greater_zero_param(pool_id):
raise exceptions.InvalidIdPoolException()
# Validate pool members id
is_valid_list_int_greater_zero_param(pool_members_id)
pool_obj = ServerPool.objects.get(id=pool_id)
related_pool_members = pool_obj.serverpoolmember_set.order_by('id')
received_pool_members = ServerPoolMember.objects.filter(
id__in=pool_members_id).order_by('id')
relates = list(related_pool_members)
receives = list(received_pool_members)
if relates != receives:
raise exceptions.InvalidIdPoolMemberException(
u'Required All Pool Members By Pool')
for member in pool_members:
member_id = member.get("id")
member_status = member.get("status")
if member_status not in valid_status:
raise exceptions.InvalidStatusPoolMemberException()
server_pool_member = ServerPoolMember.objects.get(id=member_id)
server_pool_member.status = member_status
server_pool_member.save(request.user, commit=True)
# Execute Script To Set Status
command = settings.POOL_MANAGEMENT_MEMBERS_STATUS % pool_id
code, _, _ = exec_script(command)
if code != 0:
raise exceptions.ScriptManagementPoolException()
except (exceptions.ScriptManagementPoolException, ScriptError), exception:
# Rollback
for old_member in related_pool_members:
old_member.save(request.user, commit=True)
raise exception
def handle_put(self, request, user, *args, **kwargs):
"""Treat PUT requests to activate a vlan
Set column ativada = 1
URL: vlan/create/
"""
try:
# User permission
if not has_perm(user, AdminPermission.VLAN_MANAGEMENT, AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
# Load XML data
xml_map, attrs_map = loads(request.raw_post_data)
# XML data format
networkapi_map = xml_map.get('networkapi')
vlan_map = networkapi_map.get('vlan')
id_vlan = vlan_map.get('vlan_id')
vlan = Vlan()
vlan = vlan.get_by_pk(id_vlan)
# Check permission group equipments
equips_from_ipv4 = Equipamento.objects.filter(
ipequipamento__ip__networkipv4__vlan=id_vlan, equipamentoambiente__is_router=1)
equips_from_ipv6 = Equipamento.objects.filter(
ipv6equipament__ip__networkipv6__vlan=id_vlan, equipamentoambiente__is_router=1)
for equip in equips_from_ipv4:
# User permission
if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None,
equip.id, AdminPermission.EQUIP_WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
for equip in equips_from_ipv6:
# User permission
if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None,
equip.id, AdminPermission.EQUIP_WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
if vlan.ativada:
return self.response(dumps_networkapi({}))
# Make command
vlan_command = settings.VLAN_CREATE % int(id_vlan)
# Execute command
code, stdout, stderr = exec_script(vlan_command)
# if command was successfully executed
if code == 0:
# After execute script, change to activated
vlan.activate(user)
else:
return self.response_error(2, stdout + stderr)
return self.response(dumps_networkapi({}))
except InvalidValueError as e:
return self.response_error(269, e.param, e.value)
except AmbienteNotFoundError as e:
return self.response_error(112)
except VlanNameDuplicatedError as e:
return self.response_error(108)
except VlanNumberNotAvailableError as e:
return self.response_error(306, vlan.num_vlan)
except VlanNumberEnvironmentNotAvailableError as e:
return self.response_error(315, e.message)
except VlanNotFoundError as e:
return self.response_error(150, e.message)
except XMLError as e:
self.log.error(u'Error reading the XML request.')
return self.response_error(3, e)
except (VlanError, AmbienteError) as e:
return self.response_error(1)
def handle_put(self, request, user, *args, **kwargs):
"""
Handles PUT requests to change the VIP's real server.
URL: vip/real/edit
"""
self.log.info("Change VIP's real server")
try:
# User permission
if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
# Commons Validations
# Load XML data
xml_map, attrs_map = loads(
request.raw_post_data, ['real', 'reals_weight', 'reals_priority'])
# XML data format
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
return self.response_error(3, u'There is no value to the networkapi tag of XML request.')
vip_map = networkapi_map.get('vip')
if vip_map is None:
return self.response_error(3, u'There is no value to the vip tag of XML request.')
# Get XML data
vip_id = vip_map.get('vip_id')
alter_priority = vip_map.get('alter_priority')
# Valid VIP ID
if not is_valid_int_greater_zero_param(vip_id):
self.log.error(
u'The vip_id parameter is not a valid value: %s.', vip_id)
raise InvalidValueError(None, 'vip_id', vip_id)
# Valid Alter Priority
if not is_valid_int_greater_equal_zero_param(alter_priority):
alter_priority = 0
# Existing Vip ID
vip = RequisicaoVips.get_by_pk(vip_id)
# Clone vip
vip_old = clone(vip)
server_pools = ServerPool.objects.filter(vipporttopool__requisicao_vip=vip)
server_pools_old = []
server_pools_members_old = []
for sp in server_pools:
server_pools_old.append(sp)
for spm in sp.serverpoolmember_set.all():
server_pools_members_old.append(spm)
# Get variables
variables_map = vip.variables_to_map()
# Valid variables
vip.set_variables(variables_map)
# Get balancing method
vip_map['metodo_bal'] = str(
variables_map.get('metodo_bal')).upper()
with distributedlock(LOCK_VIP % vip_id):
# Valid real names and real ips of real server
if vip_map.get('reals') is not None:
evip = EnvironmentVip.get_by_values(variables_map.get(
'finalidade'), variables_map.get('cliente'), variables_map.get('ambiente'))
for real in vip_map.get('reals').get('real'):
ip_aux_error = real.get('real_ip')
equip_aux_error = real.get('real_name')
if equip_aux_error is not None:
equip = Equipamento.get_by_name(equip_aux_error)
else:
self.log.error(
u'The real_name parameter is not a valid value: None.')
raise InvalidValueError(None, 'real_name', 'None')
# Valid Real
RequisicaoVips.valid_real_server(
ip_aux_error, equip, evip, False)
# Valid reals_prioritys
vip_map, code = vip.valid_values_reals_priority(vip_map)
if code is not None:
return self.response_error(329)
# Valid reals_weight
vip_map, code = vip.valid_values_reals_weight(vip_map)
if code is not None:
return self.response_error(330)
# Get variables
variables_map = vip.variables_to_map()
vip_port_list, reals_list, reals_priority, reals_weight = vip.get_vips_and_reals(
vip.id)
if reals_list:
variables_map['reals'] = {'real': reals_list}
variables_map['reals_prioritys'] = {
'reals_priority': reals_priority}
variables_map['reals_weights'] = {
'reals_weight': reals_weight}
variables_map['portas_servicos'] = {'porta': vip_port_list}
# clone variables_map
variables_map_old = clone(variables_map)
# Valid ports
variables_map, code = vip.valid_values_ports(variables_map)
if code is not None:
return self.response_error(331)
""" OLD CALLS - Deprecated """
vip_ports_pool = VipPortToPool.objects.filter(
requisicao_vip=vip)
reals = vip_map.get('reals')
new_call = True
if reals and 'port_real' not in reals['real'][0]:
new_call = False
reals_prioritys = vip_map.get('reals_prioritys')
reals_weights = dict()
if 'reals_weights' in vip_map:
reals_weights = vip_map.get('reals_weights')
reals_aux = dict()
reals_prioritys_aux = dict()
reals_weight_aux = dict()
reals_aux['real'] = list()
reals_prioritys_aux['reals_priority'] = list()
reals_weight_aux['reals_weight'] = list()
repeat = (
len(vip_ports_pool) * len(reals['real'])) / len(reals['real'])
execute_list = list()
for x in range(repeat):
execute_list.append((x + 1) * len(reals['real']))
for i in range(len(reals['real'])):
for vippp in vip_ports_pool:
reals_prioritys_aux['reals_priority'].append(
reals_prioritys['reals_priority'][i])
if 'reals_weight' in reals_weights:
reals_weight_aux['reals_weight'].append(
reals_weights['reals_weight'][i])
server_pool = ServerPool.objects.get(
vipporttopool__id=vippp.id, vipporttopool__requisicao_vip=vip)
if 'id_ip' not in reals['real'][i]:
id_ip = get_id_ip(reals['real'][i])
else:
id_ip = reals['real'][i]['id_ip']
reals_aux['real'].append({'id_ip': id_ip, 'port_real': server_pool.default_port, 'real_name': reals[
'real'][i]['real_name'], 'port_vip': vippp.port_vip, u'real_ip': reals['real'][i]['real_ip']})
vip_map['reals_prioritys'] = reals_prioritys_aux
vip_map['reals_weights'] = reals_weight_aux
vip_map['reals'] = reals_aux
""" OLD CALLS - END """
# Check diff reals (reals_to_add, reals_to_rem, reals_to_stay)
reals_to_add, reals_to_rem, reals_to_stay = diff_reals(
variables_map, vip_map)
reals_final = dict()
reals_final['reals'] = list()
reals_final['priorities'] = list()
reals_final['weights'] = list()
reals_error = list()
removes = True
error = False
##############################################
# NOT MODIFIED - reals_to_stay #
##############################################
for i in range(len(reals_to_stay['reals'])):
real, priority, weight, id_ip, port_vip, port_real, new_call = get_variables(
reals_to_stay, i, new_call)
# Check ip type
if is_valid_ipv4(real.get('real_ip')) == True:
ip_type = IP_VERSION.IPv4[1]
ip = Ip().get_by_pk(id_ip)
else:
ip_type = IP_VERSION.IPv6[1]
ip = Ipv6().get_by_pk(id_ip)
reals_final['reals'].append(reals_to_stay['reals'][i])
reals_final['priorities'].append(
reals_to_stay['priorities'][i])
if reals_to_stay['weighted']:
reals_final['weights'].append(
reals_to_stay['weights'][i])
server_pool = ServerPool.objects.get(
vipporttopool__port_vip=port_vip, vipporttopool__requisicao_vip=vip)
if ip_type == IP_VERSION.IPv4[1]:
server_pool_member = ServerPoolMember.objects.get(server_pool=server_pool,
port_real=port_real,
ip=id_ip)
else:
server_pool_member = ServerPoolMember.objects.get(server_pool=server_pool,
port_real=port_real,
ipv6=id_ip)
server_pool_member.priority = priority
server_pool_member.weight = weight
server_pool_member.save(user, commit=True)
#############################################
# ADD REALS - reals_to_add #
#############################################
for i in range(len(reals_to_add['reals'])):
real, priority, weight, id_ip, port_vip, port_real, new_call = get_variables(
reals_to_add, i, new_call)
if len(real.get('real_ip').split('.')) <= 1:
ip_type = IP_VERSION.IPv6[1]
ip = Ipv6().get_by_pk(id_ip)
if new_call:
command = VIP_REALS_v6_CREATE % (
vip.id, id_ip, port_real, port_vip)
else:
command = VIP_REAL_v6_CREATE % (
vip.id, real.get('real_name'), real.get('real_ip'))
else:
ip_type = IP_VERSION.IPv4[1]
ip = Ip().get_by_pk(id_ip)
if new_call:
command = VIP_REALS_v4_CREATE % (
vip.id, id_ip, port_real, port_vip)
else:
command = VIP_REAL_v4_CREATE % (
vip.id, real.get('real_name'), real.get('real_ip'))
self.log.info(
'------------------- ADD ----------------------')
self.log.info(
'Insert ServerPoolMember before execute script')
add_reals_before_script(
port_vip, vip, ip, ip_type, priority, weight, port_real, user)
self.log.info('The insert has completed successfully')
# if new_call or (i + 1) in execute_list:
self.log.info('Execute script: %s' % command)
code, stdout, stderr = exec_script(command)
self.log.info(
'Script was executed and returned code %s' % code)
if code != 0:
removes = False
error = True
reals_error.append(real)
self.log.info(
'Remove ServerPoolMember after execute script if code != 0')
remove_reals_after_script(
port_vip, ip_type, vip, port_real, priority, weight, id_ip, user)
self.log.info('The remove has completed successfully')
else:
reals_final['reals'].append(real)
reals_final['priorities'].append(
reals_to_add['priorities'][i])
if reals_to_add['weighted']:
reals_final['weights'].append(
reals_to_add['weights'][i])
self.log.info(
'----------------- ADD END --------------------')
##########################################
# REMOVE REALS - reals_to_rem #
##########################################
if removes:
for i in range(len(reals_to_rem['reals'])):
real, priority, weight, id_ip, port_vip, port_real, new_call = get_variables(
reals_to_rem, i, new_call)
if len(real.get('real_ip').split('.')) <= 1:
ip_type = IP_VERSION.IPv6[1]
if new_call:
command = VIP_REALS_v6_REMOVE % (
vip.id, id_ip, port_real, port_vip)
else:
command = VIP_REAL_v6_REMOVE % (
vip.id, real.get('real_name'), real.get('real_ip'))
else:
ip_type = IP_VERSION.IPv4[1]
if new_call:
command = VIP_REALS_v4_REMOVE % (
vip.id, id_ip, port_real, port_vip)
else:
command = VIP_REAL_v4_REMOVE % (
vip.id, real.get('real_name'), real.get('real_ip'))
self.log.info(
'------------------ REMOVE --------------------')
self.log.info('Execute script: %s' % command)
code, stdout, stderr = exec_script(command)
self.log.info(
'script was executed and returned code %s' % code)
if code != 0:
error = True
reals_error.append(real)
reals_final['reals'].append(real)
reals_final['priorities'].append(
reals_to_rem['priorities'][i])
if reals_to_rem['weighted']:
reals_final['weights'].append(
reals_to_rem['weights'][i])
else:
self.log.info(
'Remove ServerPoolMember after execute script')
remove_reals_after_script(
port_vip, ip_type, vip, port_real, priority, weight, id_ip, user)
self.log.info(
'The remove has completed successfully')
self.log.info(
'---------------- REMOVE END ------------------')
else:
for i in range(len(reals_to_rem['reals'])):
real = reals_to_rem['reals'][i]
reals_final['reals'].append(real)
reals_final['priorities'].append(
reals_to_rem['priorities'][i])
if reals_to_add['weighted']:
reals_final['weights'].append(
reals_to_rem['weights'][i])
variables_map['reals'] = dict()
variables_map['reals_prioritys'] = dict()
variables_map['reals_weights'] = dict()
if len(reals_final['reals']) > 0:
variables_map['reals']['real'] = reals_final['reals']
variables_map['reals_prioritys'][
'reals_priority'] = reals_final['priorities']
if reals_final['weights'] is not None:
variables_map['reals_weights'][
'reals_weight'] = reals_final['weights']
else:
variables_map.pop('reals')
variables_map.pop('reals_prioritys')
variables_map.pop('reals_weights')
# set variables
vip.set_variables(variables_map)
try:
# If Priority changed
if int(alter_priority) != 0:
# gerador_vips -i <ID_REQUISICAO> --priority
command = 'gerador_vips -i %d --priority' % vip.id
# Logging
self.log.info(
'---------------- ALTER PRIORITY ------------------')
self.log.info('Command: ' + command)
# Execute script
code, stdout, stderr = exec_script(command)
self.log.info('Code returned: ' + str(code))
self.log.info('Stdout: ' + stdout)
self.log.info(
'-------------- ALTER PRIORITY END ----------------')
# Script returned error while executing, rollback the
# changes in database
if code != 0:
self.log.info('Code != 0, rollback changes')
vip_old.save(user, commit=True)
for sp in server_pools_old:
sp.save(user, commit=True)
for spm in server_pools_members_old:
spm.save(user, commit=True)
return self.response_error(2, stdout + stderr)
except Exception, e:
if isinstance(e, IntegrityError):
# Duplicate value for Port Vip, Port Real and IP
self.log.error(u'Failed to update the request vip.')
return self.response_error(353)
else:
self.log.error(u'Failed to update the request vip.')
raise RequisicaoVipsError(
e, u'Failed to update the request vip')
if error:
# build return message
vip_list = ''
ip_list = ''
for real in reals_error:
vip_list = vip_list + real['real_name'] + ', '
ip_list = ip_list + real['real_ip'] + ', '
return self.response_error(333, vip_list[:-2], ip_list[:-2])
else:
return self.response(dumps_networkapi({}))
except XMLError, x:
self.log.error(u'Error reading the XML request.')
return self.response_error(3, x)
success_map = dict()
success_map['codigo'] = '%04d' % 0
success_map['descricao'] = {
'stdout': 'Nothing to do. Vlan was already not active', 'stderr': ''}
map = dict()
map['sucesso'] = success_map
return self.response(dumps_networkapi(map))
# Execute script
vlan_id = vlan.id
environment_id = vlan.ambiente.id
# navlan -i <ID_REQUISICAO> --remove
command = settings.VLAN_REMOVE % vlan_id
code, stdout, stderr = exec_script(command)
# Return XML
if code == 0:
success_map = dict()
success_map['codigo'] = '%04d' % code
success_map['descricao'] = {
'stdout': stdout, 'stderr': stderr}
map = dict()
map['sucesso'] = success_map
# Set as deactivate
vlan.remove(user)
return self.response(dumps_networkapi(map))
def handle_delete(self, request, user, *args, **kwargs):
"""Handles DELETE requests to remove VLAN by ID.
URLs: /vlan/<id_vlan>/remove/
"""
self.log.info('Remove VLAN by ID')
CODE_MESSAGE_VLAN_ERROR = 369
try:
# Commons Validations
# User permission
if not has_perm(user, AdminPermission.VLAN_MANAGEMENT, AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
# Business Validations
# Load URL param
vlan_id = kwargs.get('id_vlan')
# Valid VLAN ID
if not is_valid_int_greater_zero_param(vlan_id):
self.log.error(
u'Parameter id_vlan is invalid. Value: %s.', vlan_id)
raise InvalidValueError(None, 'id_vlan', vlan_id)
# Existing VLAN ID
vlan = Vlan().get_by_pk(vlan_id)
# Check permission group equipments
equips_from_ipv4 = Equipamento.objects.filter(
ipequipamento__ip__networkipv4__vlan=vlan_id, equipamentoambiente__is_router=1).distinct()
equips_from_ipv6 = Equipamento.objects.filter(
ipv6equipament__ip__networkipv6__vlan=vlan_id, equipamentoambiente__is_router=1).distinct()
for equip in equips_from_ipv4:
# User permission
if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip.id, AdminPermission.EQUIP_WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
for equip in equips_from_ipv6:
# User permission
if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip.id, AdminPermission.EQUIP_WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
with distributedlock(LOCK_VLAN % vlan_id):
# Business Rules
if vlan.ativada:
network_errors = []
for net4 in vlan.networkipv4_set.all():
if net4.active:
try:
command = settings.NETWORKIPV4_REMOVE % int(
net4.id)
code, stdout, stderr = exec_script(command)
if code == 0:
net4.deactivate(user, True)
else:
network_errors.append(str(net4.id))
except Exception, e:
network_errors.append(str(net4.id))
pass
for net6 in vlan.networkipv6_set.all():
if net6.active:
try:
command = settings.NETWORKIPV6_REMOVE % int(
net6.id)
code, stdout, stderr = exec_script(command)
if code == 0:
net6.deactivate(user, True)
else:
network_errors.append(str(net6.id))
except Exception, e:
network_errors.append(str(net6.id))
pass
if network_errors:
raise VlanNetworkError(
None, message=', '.join(network_errors))
else:
def handle_put(self, request, user, *args, **kwargs):
"""Treat PUT requests to change reals_priority list of VIP.
URLs: /vip/<id_vip>/priority/
"""
self.log.info("Change list the reals_priority to VIP")
try:
vip_id = kwargs.get('id_vip')
# Load XML data
xml_map, attrs_map = loads(request.raw_post_data,
['reals_priority'])
# XML data format
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
return self.response_error(
3,
u'There is no value to the networkapi tag of XML request.'
)
vip_map = networkapi_map.get('vip')
if vip_map is None:
return self.response_error(
3, u'There is no value to the vip tag of XML request.')
# User permission
if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT,
AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
# Valid Vip ID
if not is_valid_int_greater_zero_param(vip_id):
self.log.error(
u'The vip_id parameter is not a valid value: %s.', vip_id)
raise InvalidValueError(None, 'vip_id', vip_id)
# Valid reals_prioritys
reals_prioritys_map = vip_map.get('reals_prioritys')
if (reals_prioritys_map is not None):
reals_priority_map = reals_prioritys_map.get('reals_priority')
if (reals_priority_map is not None):
# Valid values of reals_priority
for reals_priority in reals_priority_map:
if not is_valid_int_greater_equal_zero_param(
reals_priority):
self.log.error(
u'The reals_priority parameter is not a valid value: %s.',
reals_priority)
raise InvalidValueError(None, 'reals_priority',
reals_priority)
if len(reals_priority_map) > 0:
vip_map = RequisicaoVips.is_valid_values_reals_priority(
reals_priority_map)
else:
self.log.error(
u'The reals_priority_map parameter is not a valid value: %s.',
reals_priority_map)
raise InvalidValueError(None, 'reals_priority_map',
reals_priority_map)
else:
self.log.error(
u'The reals_priority parameter is not a valid value: %s.',
reals_priority_map)
raise InvalidValueError(None, 'reals_priority',
reals_priority_map)
else:
self.log.error(
u'The reals_prioritys parameter is not a valid value: %s.',
reals_prioritys_map)
raise InvalidValueError(None, 'reals_prioritys',
reals_prioritys_map)
# Existing Vip ID
vip = RequisicaoVips.get_by_pk(vip_id)
with distributedlock(LOCK_VIP % vip_id):
vip_old = clone(vip)
# Vip must be created
if not vip.vip_criado:
self.log.error(
u'Priority can not be changed because VIP has not yet been created.'
)
raise RequestVipsNotBeenCreatedError(None)
# Vip equipments permission
for ip_equipment in vip.ip.ipequipamento_set.all():
if not has_perm(
user, AdminPermission.VIP_CREATE_SCRIPT,
AdminPermission.WRITE_OPERATION, None,
ip_equipment.equipamento_id,
AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION):
self.log.error(
u'Groups of equipment registered with the IP of the VIP request is not allowed of acess.'
)
raise EquipmentGroupsNotAuthorizedError(None)
variables_map = vip.variables_to_map()
# Valid list reals_server
"""if len(variables_map.get('reals').get('real')) != len(vip_map.get('reals_prioritys').get('reals_priority')):
self.log.error(u'List the Reals_priority is higher or lower than list the real_server.')
return self.response_error(272)"""
variables_map['reals_prioritys'] = vip_map.get(
'reals_prioritys')
vip.set_variables(variables_map)
vip.save(user, commit=True)
# gerador_vips -i <ID_REQUISICAO> --priority
command = 'gerador_vips -i %d --priority' % vip.id
code, stdout, stderr = exec_script(command)
if code == 0:
success_map = dict()
success_map['codigo'] = '%04d' % code
success_map['descricao'] = {
'stdout': stdout,
'stderr': stderr
}
map = dict()
map['sucesso'] = success_map
return self.response(dumps_networkapi(map))
else:
vip_old.save(user, commit=True)
return self.response_error(2, stdout + stderr)
except XMLError, x:
self.log.error(u'Error reading the XML request.')
return self.response_error(3, x)
def save_server_pool(user, id, identifier, default_port, hc, env, balancing, maxconn, id_pool_member, servicedownaction):
# Save Server pool
old_healthcheck = None
if id:
sp = ServerPool.objects.get(id=id)
# storage old healthcheck , lb method and service-down-action
old_servicedownaction = sp.servicedownaction
old_identifier = sp.identifier
old_healthcheck = Healthcheck.objects.get(id=sp.healthcheck.id)
old_lb_method = sp.lb_method
old_maxconn = sp.default_limit
#valid change environment
if sp.environment and sp.environment.id != env.id:
if sp.pool_created:
raise exceptions.UpdateEnvironmentPoolCreatedException()
del_smp = sp.serverpoolmember_set.exclude(id__in=id_pool_member)
vip = sp.vipporttopool_set.count()
if vip > 0:
raise exceptions.UpdateEnvironmentVIPException()
if len(del_smp) > 0:
raise exceptions.UpdateEnvironmentServerPoolMemberException()
#Pool already created, it is not possible to change Pool Identifier
if(old_identifier != identifier and sp.pool_created):
raise exceptions.CreatedPoolIdentifierException()
sp.default_port = default_port
sp.environment = env
sp.default_limit = old_maxconn
sp.healthcheck = old_healthcheck
sp.lb_method = old_lb_method
sp.identifier = identifier
sp.save(user)
sp.default_limit = maxconn
sp.save(user)
#If exists pool member, checks if all them have the same maxconn
#before changing default maxconn of pool
if(len(sp.serverpoolmember_set.all()) > 0):
if(old_maxconn != sp.default_limit and sp.pool_created):
for serverpoolmember in sp.serverpoolmember_set.all():
if serverpoolmember.limit != old_maxconn:
raise exceptions.ScriptAlterLimitPoolDiffMembersException()
else:
serverpoolmember.limit = maxconn
serverpoolmember.save(user)
transaction.commit()
command = settings.POOL_MANAGEMENT_LIMITS % (sp.id)
code, _, _ = exec_script(command)
if code != 0:
sp.default_limit = old_maxconn
for serverpoolmember in sp.serverpoolmember_set.all():
serverpoolmember.limit = old_maxconn
serverpoolmember.save(user)
sp.save(user)
transaction.commit()
raise exceptions.ScriptAlterLimitPoolException()
#Applies new healthcheck in pool
#Todo - new method
sp.healthcheck = hc
sp.save(user)
if(old_healthcheck.id != hc.id and sp.pool_created):
transaction.commit()
command = settings.POOL_HEALTHCHECK % (sp.id)
code, _, _ = exec_script(command)
if code != 0:
sp.healthcheck = old_healthcheck
sp.save(user)
transaction.commit()
raise exceptions.ScriptCreatePoolException()
#Applies new lb method in pool
#Todo - new method
sp.lb_method = balancing
sp.save(user)
if(old_lb_method != sp.lb_method and sp.pool_created):
transaction.commit()
command = settings.POOL_MANAGEMENT_LB_METHOD % (sp.id)
code, _, _ = exec_script(command)
if code != 0:
sp.lb_method = old_lb_method
sp.save(user)
transaction.commit()
raise exceptions.ScriptCreatePoolException()
#Applies new service-down-action in pool
#Todo - new method
sp.servicedownaction = servicedownaction
sp.save(user)
if(old_servicedownaction != sp.servicedownaction and sp.pool_created):
transaction.commit()
command = settings.POOL_SERVICEDOWNACTION % (sp.id)
code, _, _ = exec_script(command)
if code != 0:
sp.servicedownaction = old_servicedownaction
sp.save(user)
transaction.commit()
raise exceptions.ScriptAlterServiceDownActionException()
else:
sp = ServerPool(identifier=identifier, default_port=default_port, healthcheck=hc,
environment=env, pool_created=False, lb_method=balancing, default_limit=maxconn, servicedownaction=servicedownaction)
sp.save(user)
return sp, (old_healthcheck.id if old_healthcheck else None)
def handle_put(self, request, user, *args, **kwargs):
'''Treat PUT requests to activate a vlan
Set column ativada = 1
URL: vlan/create/
'''
try:
# User permission
if not has_perm(user, AdminPermission.VLAN_MANAGEMENT, AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
# Load XML data
xml_map, attrs_map = loads(request.raw_post_data)
# XML data format
networkapi_map = xml_map.get('networkapi')
vlan_map = networkapi_map.get('vlan')
id_vlan = vlan_map.get('vlan_id')
vlan = Vlan()
vlan = vlan.get_by_pk(id_vlan)
# Check permission group equipments
equips_from_ipv4 = Equipamento.objects.filter(
ipequipamento__ip__networkipv4__vlan=id_vlan, equipamentoambiente__is_router=1)
equips_from_ipv6 = Equipamento.objects.filter(
ipv6equipament__ip__networkipv6__vlan=id_vlan, equipamentoambiente__is_router=1)
for equip in equips_from_ipv4:
# User permission
if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip.id, AdminPermission.EQUIP_WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
for equip in equips_from_ipv6:
# User permission
if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip.id, AdminPermission.EQUIP_WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
if vlan.ativada:
return self.response_error(122)
# Make command
vlan_command = settings.VLAN_CREATE % int(id_vlan)
# Execute command
code, stdout, stderr = exec_script(vlan_command)
# if command was successfully executed
if code == 0:
# After execute script, change to activated
vlan.activate(user)
else:
return self.response_error(2, stdout + stderr)
# Send to Queue
queue_manager = QueueManager()
serializer = VlanSerializer(vlan)
data_to_queue = serializer.data
data_to_queue.update({'description': queue_keys.VLAN_ACTIVATE})
queue_manager.append({'action': queue_keys.VLAN_ACTIVATE,'kind': queue_keys.VLAN_KEY,'data': data_to_queue})
queue_manager.send()
return self.response(dumps_networkapi({}))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def handle_put(self, request, user, *args, **kwargs):
"""
Handles PUT requests to change the VIP's healthcheck.
URL: vip/<id_vip>/healthcheck
"""
self.log.info("Change VIP's healthcheck")
try:
# Commons Validations
# User permission
if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT,
AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
# Valid Vip ID
vip_id = kwargs.get('id_vip')
if not is_valid_int_greater_zero_param(vip_id):
self.log.error(
u'The vip_id parameter is not a valid value: %s.', vip_id)
raise InvalidValueError(None)
# Existing Vip ID
vip = RequisicaoVips.get_by_pk(vip_id)
with distributedlock(LOCK_VIP % vip_id):
vip_old = clone(vip)
# Vip must be created
if not vip.vip_criado:
self.log.error(
u'Healthcheck can not be changed because VIP has not yet been created.'
)
raise RequestVipsNotBeenCreatedError(None)
# Vip equipments permission
if vip.ip is not None:
for ip_equipment in vip.ip.ipequipamento_set.all():
if not has_perm(
user, AdminPermission.VIP_ALTER_SCRIPT,
AdminPermission.WRITE_OPERATION, None,
ip_equipment.equipamento_id,
AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION):
self.log.error(
u'Groups of equipment registered with the IP of the VIP request is not allowed of acess.'
)
raise EquipmentGroupsNotAuthorizedError(None)
if vip.ipv6 is not None:
for ip_equipment in vip.ipv6.ipv6equipament_set.all():
if not has_perm(
user, AdminPermission.VIP_ALTER_SCRIPT,
AdminPermission.WRITE_OPERATION, None,
ip_equipment.equipamento_id,
AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION):
self.log.error(
u'Groups of equipment registered with the IP of the VIP request is not allowed of acess.'
)
raise EquipmentGroupsNotAuthorizedError(None)
# Business Validations
# Load XML data
xml_map, attrs_map = loads(request.raw_post_data)
# XML data format
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
return self.response_error(
3,
u'There is no value to the networkapi tag of XML request.'
)
vip_map = networkapi_map.get('vip')
if vip_map is None:
return self.response_error(
3, u'There is no value to the vip tag of XML request.')
# Get XML data
healthcheck_type = upper(str(vip_map['healthcheck_type']))
healthcheck = vip_map['healthcheck']
id_healthcheck_expect = vip_map['id_healthcheck_expect']
vars = vip.variables_to_map()
environment_vip = EnvironmentVip.get_by_values(
vars.get('finalidade'), vars.get('cliente'),
vars.get('ambiente'))
healthcheck_is_valid = RequisicaoVips.heathcheck_exist(
healthcheck_type, environment_vip.id)
# healthcheck_type exist'
if not healthcheck_is_valid:
self.log.error(
u'The healthcheck_type parameter not exist.')
raise InvalidValueError(
u'The healthcheck_type parameter not exist.',
'healthcheck_type', healthcheck_type)
# If healthcheck_type is not HTTP id_healthcheck_expect and
# healthcheck must be None
if healthcheck_type != 'HTTP':
if not (id_healthcheck_expect is None
and healthcheck is None):
msg = u'The healthcheck_type parameter is %s, then healthcheck and id_healthcheck_expect must be None.' % healthcheck_type
self.log.error(msg)
raise InvalidValueError(msg)
# return self.response_error(276)
# If healthcheck_type is 'HTTP' id_healthcheck_expect and
# healthcheck must NOT be None
elif healthcheck_type == 'HTTP':
if id_healthcheck_expect is None or healthcheck is None:
msg = u'The healthcheck_type parameter is HTTP, then healthcheck and id_healthcheck_expect must NOT be None.'
self.log.error(msg)
raise InvalidValueError(msg)
else:
try:
# Valid healthcheck_expect ID
if not is_valid_int_greater_zero_param(
id_healthcheck_expect):
self.log.error(
u'The id_healthcheck_expect parameter is not a valid value: %s.',
id_healthcheck_expect)
raise InvalidValueError(
None, 'id_healthcheck_expect',
id_healthcheck_expect)
# Find healthcheck_expect by ID to check if it
# exist
healthcheck_expect = HealthcheckExpect.get_by_pk(
id_healthcheck_expect)
# Check if healthcheck is a string
if not isinstance(healthcheck, basestring):
msg = u'The healthcheck must be a string.'
self.log.error(msg)
raise InvalidValueError(
msg, 'healthcheck', healthcheck)
except HealthcheckExpectNotFoundError:
msg = u'The id_healthcheck_expect parameter does not exist.'
self.log.error(msg)
raise InvalidValueError(msg,
'id_healthcheck_expect',
id_healthcheck_expect)
# Business Rules
# Get variables
variables_map = vip.variables_to_map()
# Valid variables
vip.set_variables(variables_map)
# Set healthcheck_type
variables_map['healthcheck_type'] = healthcheck_type
# If healthcheck_type is HTTP
if healthcheck_type == 'HTTP':
# Set healthcheck
variables_map['healthcheck'] = healthcheck
# Set id_healthcheck_expect
vip.healthcheck_expect = healthcheck_expect
else:
# Set healthcheck to None
variables_map['healthcheck'] = None
# Set id_healthcheck_expect to None
vip.healthcheck_expect = None
# Set variables
vip.set_variables(variables_map)
# Save VIP
vip.save(user, commit=True)
# Executar script
# Put old call to work with new pool features
# This call is deprecated
server_pools = ServerPool.objects.filter(
vipporttopool__requisicao_vip=vip)
if healthcheck is None:
healthcheck = ''
if id_healthcheck_expect is None:
healthcheck_expect = ''
else:
healthcheck_expect = healthcheck_expect.expect_string
healthcheck_identifier = ''
healthcheck_destination = '*:*'
hc = get_or_create_healthcheck(user, healthcheck_expect,
healthcheck_type, healthcheck,
healthcheck_destination,
healthcheck_identifier)
# Applies new healthcheck in pool
# Todo - new method
old_healthchecks = []
for sp in server_pools:
old_healthchecks.append(sp.healthcheck)
sp.healthcheck = hc
sp.save(user, commit=True)
# gerador_vips -i <ID_REQUISICAO> --healthcheck
command = 'gerador_vips -i %d --healthcheck' % vip.id
code, stdout, stderr = exec_script(command)
if code == 0:
success_map = dict()
success_map['codigo'] = '%04d' % code
success_map['descricao'] = {
'stdout': stdout,
'stderr': stderr
}
map = dict()
map['sucesso'] = success_map
return self.response(dumps_networkapi(map))
else:
old_healthchecks.reverse()
for sp in server_pools:
sp.healthcheck = old_healthchecks.pop()
sp.save(user, commit=True)
vip_old.save(user, commit=True)
return self.response_error(2, stdout + stderr)
except XMLError, x:
self.log.error(u'Error reading the XML request.')
return self.response_error(3, x)
class GroupVirtualResource(RestResource):
log = logging.getLogger('GroupVirtualResource')
def handle_delete(self, request, user, *args, **kwargs):
"""Trata as requisições de PUT para remover um grupo virtual.
URL: /grupovirtual/
"""
try:
xml_map, attrs_map = loads(
request.raw_post_data,
['vip', 'equipamento', 'id_equipamento'])
except XMLError, x:
self.log.error(u'Erro ao ler o XML da requisição.')
return self.response_error(3, x)
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
return self.response_error(
3,
u'Não existe valor para a tag networkapi do XML de requisição.'
)
vips_map = networkapi_map.get('vips')
try:
equipments_map = networkapi_map['equipamentos']
except KeyError:
return self.response_error(3, u'XML de requisição inválido.')
try:
with distributedlock(LOCK_GROUP_VIRTUAL):
# Vips
if vips_map is not None:
try:
vip_maps = vips_map['vip']
for vip_map in vip_maps:
balanceadores_map = vip_map['balanceadores']
if balanceadores_map is None:
return self.response_error(
3,
u'Valor da tag balanceadores do XML de requisição inválido.'
)
ip_id = vip_map['id_ip']
try:
ip_id = int(ip_id)
except (TypeError, ValueError), e:
self.log.error(u'Valor do id_ip inválido: %s.',
ip_id)
raise IpNotFoundError(
e, u'Valor do id_ip inválido: %s.' % ip_id)
vip_s = RequisicaoVips.get_by_ipv4_id(ip_id)
# Run scripts to remove vips
for vip in vip_s:
# Make command
command = VIP_REMOVE % (vip.id)
# Execute command
code, stdout, stderr = exec_script(command)
if code == 0:
vip.vip_criado = 0
vip.save()
# SYNC_VIP
old_to_new(vip)
else:
return self.response_error(
2, stdout + stderr)
equipment_ids = balanceadores_map['id_equipamento']
for equip_id in equipment_ids:
try:
equip_id = int(equip_id)
except (TypeError, ValueError), e:
self.log.error(
u'Valor do id_equipamento inválido: %s.',
equip_id)
raise EquipamentoNotFoundError(
e,
u'Valor do id_equipamento inválido: %s.'
% equip_id)
remove_ip_equipment(ip_id, equip_id, user)
except KeyError:
return self.response_error(
3,
u'Valor das tags vips/vip do XML de requisição inválido.'
)
def handle_post(self, request, user, *args, **kwargs):
'''Treat POST requests to run remove script for vip
URL: vip/remove/
'''
try:
# Commons Validations
# User permission
if not has_perm(user, AdminPermission.VIP_REMOVE_SCRIPT,
AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
# Business Validations
# Load XML data
xml_map, attrs_map = loads(request.raw_post_data)
# XML data format
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
msg = u'There is no value to the networkapi tag of XML request.'
self.log.error(msg)
return self.response_error(3, msg)
vip_map = networkapi_map.get('vip')
if vip_map is None:
msg = u'There is no value to the vlan tag of XML request.'
self.log.error(msg)
return self.response_error(3, msg)
# Get XML data
vip_id = vip_map.get('id_vip')
# Valid vip ID
if not is_valid_int_greater_zero_param(vip_id):
self.log.error(u'Parameter id_vip is invalid. Value: %s.',
vip_id)
raise InvalidValueError(None, 'id_vip', vip_id)
map = dict()
# Vip must exists in database
vip = RequisicaoVips.get_by_pk(vip_id)
with distributedlock(LOCK_VIP % vip_id):
# Equipment permissions
if vip.ip is not None:
for ip_equipment in vip.ip.ipequipamento_set.all():
if not has_perm(
user, AdminPermission.VIP_CREATE_SCRIPT,
AdminPermission.WRITE_OPERATION, None,
ip_equipment.equipamento_id,
AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION):
return self.not_authorized()
if vip.ipv6 is not None:
for ip_equipment in vip.ipv6.ipv6equipament_set.all():
if not has_perm(
user, AdminPermission.VIP_CREATE_SCRIPT,
AdminPermission.WRITE_OPERATION, None,
ip_equipment.equipamento_id,
AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION):
return self.not_authorized()
# Must be validated
if not vip.validado:
return self.response_error(191, vip_id)
# Must be created
if not vip.vip_criado:
return self.response_error(322, vip_id)
# Business Rules
# Make command
command = VIP_REMOVE % (vip.id)
# Execute command
code, stdout, stderr = exec_script(command)
if code == 0:
success_map = dict()
success_map['codigo'] = '%04d' % code
success_map['descricao'] = {
'stdout': stdout,
'stderr': stderr
}
vip.vip_criado = 0
vip.save()
# SYNC_VIP
old_to_new(vip)
#Marks the server pool as not created if the
# server pool is not used in another already created vip request
server_pools = ServerPool.objects.filter(
vipporttopool__requisicao_vip=vip.id)
for server_pool in server_pools:
#Checks if server pool is still used in another created vip request
server_pools_still_used = VipPortToPool.objects.filter(
server_pool=server_pool).exclude(
requisicao_vip=vip.id)
vip_with_server_pool_is_created = 0
for server_pool_still_used in server_pools_still_used:
if server_pool_still_used.requisicao_vip.vip_criado:
vip_with_server_pool_is_created = 1
if not vip_with_server_pool_is_created and server_pool.pool_created:
server_pool.pool_created = 0
server_pool.save()
map['sucesso'] = success_map
else:
return self.response_error(2, stdout + stderr)
# Return XML
return self.response(dumps_networkapi(map))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def administrate_real(self, user, vip_id, equip_id, ip_id, operation, network_version, port_vip=None, port_real=None):
# Valid VIP ID
if not is_valid_int_greater_zero_param(vip_id):
self.log.error(
u'The vip_id parameter is not a valid value: %s.', vip_id)
raise InvalidValueError(None, 'vip_id', vip_id)
# Valid Equipament ID
if not is_valid_int_greater_zero_param(equip_id):
self.log.error(
u'The equip_id parameter is not a valid value: %s.', equip_id)
raise InvalidValueError(None, 'equip_id', equip_id)
# Valid IP ID
if not is_valid_int_greater_zero_param(ip_id):
self.log.error(
u'The ip_id parameter is not a valid value: %s.', ip_id)
raise InvalidValueError(None, 'ip_id', ip_id)
# Valid operation
if operation not in ['add', 'del', 'ena', 'dis', 'chk']:
self.log.error(
u'The operation parameter is not a valid value: %s.', operation)
raise InvalidValueError(None, 'operation', operation)
# Valid network version
if network_version not in ['v4', 'v6']:
self.log.error(
u'The network_version parameter is not a valid value: %s.', network_version)
raise InvalidValueError(None, 'network_version', network_version)
# User permission
if (operation == 'chk'):
if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.READ_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
else:
if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION, None, equip_id, AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
# new_call = True - New calls for Add/Del/Enable/Disable/Check with new params (Port Vip and Port Real)
# new_call = False = Old calls for compatibility
new_call = False
if port_vip != None and port_real != None:
# Valid ports
if not is_valid_int_greater_zero_param(port_vip):
self.log.error(
u'The port_vip parameter is not a valid value: %s.', port_vip)
raise InvalidValueError(None, 'port_vip', port_vip)
if not is_valid_int_greater_zero_param(port_real):
self.log.error(
u'The port_vip parameter is not a valid value: %s.', port_real)
raise InvalidValueError(None, 'port_real', port_real)
new_call = True
# Find Request VIP by ID to check if it exist
vip = RequisicaoVips.get_by_pk(vip_id)
# Get variables
variables_map = vip.variables_to_map()
# Valid variables
#vip.set_variables(variables_map)
evip = EnvironmentVip.get_by_values(variables_map.get('finalidade'), variables_map.get('cliente'), variables_map.get('ambiente'))
# Valid network_version - IPv4
if network_version == IP_VERSION.IPv4[0]:
# Find IpEquipamento to check if it exist
IpEquip = IpEquipamento().get_by_ip_equipment(ip_id, equip_id)
real_name = IpEquip.equipamento.nome
end_ip = "%s.%s.%s.%s" % (
IpEquip.ip.oct1, IpEquip.ip.oct2, IpEquip.ip.oct3, IpEquip.ip.oct4)
# Valid Real
RequisicaoVips.valid_real_server(end_ip, IpEquip.equipamento, evip, False)
# Valid network_version - IPv6
elif network_version == IP_VERSION.IPv6[0]:
# Find Ipv6Equipament to check if it exist
Ipv6Equip = Ipv6Equipament().get_by_ip_equipment(ip_id, equip_id)
real_name = Ipv6Equip.equipamento.nome
end_ip = "%s:%s:%s:%s:%s:%s:%s:%s" % (Ipv6Equip.ip.block1, Ipv6Equip.ip.block2, Ipv6Equip.ip.block3,
Ipv6Equip.ip.block4, Ipv6Equip.ip.block5, Ipv6Equip.ip.block6, Ipv6Equip.ip.block7, Ipv6Equip.ip.block8)
# Valid Real
RequisicaoVips.valid_real_server(end_ip, Ipv6Equip.equipamento, evip, False)
if (operation == 'chk'):
if IP_VERSION.IPv4[0] == network_version:
if new_call:
command = VIP_REALS_v4_CHECK % (
vip_id, ip_id, port_real, port_vip)
else:
command = VIP_REAL_v4_CHECK % (vip_id, real_name, end_ip)
else:
if new_call:
command = VIP_REALS_v6_CHECK % (
vip_id, ip_id, port_real, port_vip)
else:
command = VIP_REAL_v6_CHECK % (vip_id, real_name, end_ip)
else:
with distributedlock(LOCK_VIP_IP_EQUIP % (vip_id, ip_id, equip_id)):
if (operation == 'add'):
if IP_VERSION.IPv4[0] == network_version:
if new_call:
command = VIP_REALS_v4_CREATE % (
vip_id, ip_id, port_real, port_vip)
ServerPoolMember().save_specified_port(
vip_id, port_vip, IpEquip.ip, IP_VERSION.IPv4[1], port_real, user)
else:
command = VIP_REAL_v4_CREATE % (
vip_id, real_name, end_ip)
ServerPoolMember().save_with_default_port(
vip_id, IpEquip.ip, IP_VERSION.IPv4[1], user)
else:
if new_call:
command = VIP_REALS_v6_CREATE % (
vip_id, ip_id, port_real, port_vip)
ServerPoolMember().save_specified_port(
vip_id, port_vip, Ipv6Equip.ip, IP_VERSION.IPv6[1], port_real, user)
else:
command = VIP_REAL_v6_CREATE % (
vip_id, real_name, end_ip)
ServerPoolMember().save_with_default_port(
vip_id, Ipv6Equip.ip, IP_VERSION.IPv6[1], user)
elif (operation == 'del'):
if IP_VERSION.IPv4[0] == network_version:
if new_call:
command = VIP_REALS_v4_REMOVE % (
vip_id, ip_id, port_real, port_vip)
pool_members = ServerPoolMember.objects.filter(
ip=ip_id, server_pool__vipporttopool__requisicao_vip__id=vip_id, server_pool__vipporttopool__port_vip=port_vip, port_real=port_real)
[pool_member.delete()
for pool_member in pool_members]
else:
command = VIP_REAL_v4_REMOVE % (
vip_id, real_name, end_ip)
pool_members = ServerPoolMember.objects.filter(
ip=ip_id, server_pool__vipporttopool__requisicao_vip__id=vip_id)
[pool_member.delete()
for pool_member in pool_members]
else:
if new_call:
command = VIP_REALS_v6_REMOVE % (
vip_id, ip_id, port_real, port_vip)
pool_members = ServerPoolMember.objects.filter(
ipv6=ip_id, server_pool__vipporttopool__requisicao_vip__id=vip_id, server_pool__vipporttopool__port_vip=port_vip, port_real=port_real)
[pool_member.delete()
for pool_member in pool_members]
else:
command = VIP_REAL_v6_REMOVE % (
vip_id, real_name, end_ip)
pool_members = ServerPoolMember.objects.filter(
ipv6=ip_id, server_pool__vipporttopool__requisicao_vip__id=vip_id)
[pool_member.delete()
for pool_member in pool_members]
elif (operation == 'ena'):
if IP_VERSION.IPv4[0] == network_version:
if new_call:
command = VIP_REALS_v4_ENABLE % (
vip_id, ip_id, port_real, port_vip)
else:
command = VIP_REAL_v4_ENABLE % (
vip_id, real_name, end_ip)
else:
if new_call:
command = VIP_REALS_v6_ENABLE % (
vip_id, ip_id, port_real, port_vip)
else:
command = VIP_REAL_v6_ENABLE % (
vip_id, real_name, end_ip)
elif (operation == 'dis'):
if IP_VERSION.IPv4[0] == network_version:
if new_call:
command = VIP_REALS_v4_DISABLE % (
vip_id, ip_id, port_real, port_vip)
else:
command = VIP_REAL_v4_DISABLE % (
vip_id, real_name, end_ip)
else:
if new_call:
command = VIP_REALS_v6_DISABLE % (
vip_id, ip_id, port_real, port_vip)
else:
command = VIP_REAL_v6_DISABLE % (
vip_id, real_name, end_ip)
self.log.info(command)
# Execute script
code, stdout, stderr = exec_script(command)
self.log.info(stdout)
map = dict()
success_map = dict()
# Return XML
if code == 0:
success_map['codigo'] = '%04d' % code
success_map['descricao'] = {'stdout': stdout, 'stderr': stderr}
map['sucesso'] = success_map
return self.response(dumps_networkapi(map))
elif code == 12:
success_map['codigo'] = '0'
success_map['descricao'] = {'stdout': '0', 'stderr': ''}
map['sucesso'] = success_map
self.rollback_changes(operation, new_call, network_version,
vip_id, ip_id, port_real, port_vip, real_name, end_ip, user)
return self.response(dumps_networkapi(map))
else:
self.rollback_changes(operation, new_call, network_version,
vip_id, ip_id, port_real, port_vip, real_name, end_ip, user)
return self.response_error(2, stdout + stderr)
def handle_put(self, request, user, *args, **kwargs):
"""
Handles PUT requests to change the VIP's persistence.
URL: vip/<id_vip>/persistence
"""
self.log.info("Change VIP's persistence")
try:
# Commons Validations
# User permission
if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT,
AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
# Valid Vip ID
vip_id = kwargs.get('id_vip')
if not is_valid_int_greater_zero_param(vip_id):
self.log.error(
u'The vip_id parameter is not a valid value: %s.', vip_id)
raise InvalidValueError(None)
# Existing Vip ID
vip = RequisicaoVips.get_by_pk(vip_id)
with distributedlock(LOCK_VIP % vip_id):
vip_old = clone(vip)
# Vip must be created
if not vip.vip_criado:
self.log.error(
u'Persistence can not be changed because VIP has not yet been created.'
)
raise RequestVipsNotBeenCreatedError(None)
# Vip equipments permission
if vip.ip is not None:
for ip_equipment in vip.ip.ipequipamento_set.all():
if not has_perm(
user, AdminPermission.VIP_ALTER_SCRIPT,
AdminPermission.WRITE_OPERATION, None,
ip_equipment.equipamento_id,
AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION):
self.log.error(
u'Groups of equipment registered with the IP of the VIP request is not allowed of acess.'
)
raise EquipmentGroupsNotAuthorizedError(None)
if vip.ipv6 is not None:
for ip_equipment in vip.ipv6.ipv6equipament_set.all():
if not has_perm(
user, AdminPermission.VIP_ALTER_SCRIPT,
AdminPermission.WRITE_OPERATION, None,
ip_equipment.equipamento_id,
AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION):
self.log.error(
u'Groups of equipment registered with the IP of the VIP request is not allowed of acess.'
)
raise EquipmentGroupsNotAuthorizedError(None)
# Business Validations
# Load XML data
xml_map, attrs_map = loads(request.raw_post_data)
# XML data format
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
return self.response_error(
3,
u'There is no value to the networkapi tag of XML request.'
)
vip_map = networkapi_map.get('vip')
if vip_map is None:
return self.response_error(
3, u'There is no value to the vip tag of XML request.')
# Get variables
variables_map = vip.variables_to_map()
# validation of persistence type is doing by set_variables
persistence = vip_map.get('persistencia', None)
variables_map['persistencia'] = persistence
# Set variables
vip.set_variables(variables_map)
# Save VIP
vip.save(user, commit=True)
# SYNC_VIP
old_to_new(vip)
# Executar script
# gerador_vips -i <ID_REQUISICAO> --healthcheck
command = 'gerador_vips -i %d --persistence' % vip.id
code, stdout, stderr = exec_script(command)
if code == 0:
success_map = dict()
success_map['codigo'] = '%04d' % code
success_map['descricao'] = {
'stdout': stdout,
'stderr': stderr
}
map = dict()
map['sucesso'] = success_map
return self.response(dumps_networkapi(map))
else:
vip_old.save(user, commit=True)
return self.response_error(2, stdout + stderr)
except XMLError, x:
self.log.error(u'Error reading the XML request.')
return self.response_error(3, x)
success_map = dict()
success_map['codigo'] = '%04d' % 0
success_map['descricao'] = {
'stdout': 'Nothing to do. Vlan was already not active', 'stderr': ''}
map = dict()
map['sucesso'] = success_map
return self.response(dumps_networkapi(map))
# Execute script
vlan_id = vlan.id
environment_id = vlan.ambiente.id
# navlan -i <ID_REQUISICAO> --remove
command = settings.VLAN_REMOVE % vlan_id
code, stdout, stderr = exec_script(command)
# Return XML
if code == 0:
success_map = dict()
success_map['codigo'] = '%04d' % code
success_map['descricao'] = {
'stdout': stdout, 'stderr': stderr}
map = dict()
map['sucesso'] = success_map
#Set as deactivate
vlan.remove(user)
return self.response(dumps_networkapi(map))
def manager_pools(request):
"""
Manager Status Pool Members Enable/Disabled By Pool
:param request: HttpRequest
"""
try:
pool_id = request.DATA.get("server_pool_id")
pool_members = request.DATA.get("server_pool_members", [])
# List to validate pool member status
valid_status = [0, 1, False, True]
pool_members_id = [member.get('id') for member in pool_members]
if not is_valid_int_greater_zero_param(pool_id):
raise exceptions.InvalidIdPoolException()
# Validate pool members id
is_valid_list_int_greater_zero_param(pool_members_id)
pool_obj = ServerPool.objects.get(id=pool_id)
related_pool_members = pool_obj.serverpoolmember_set.order_by('id')
received_pool_members = ServerPoolMember.objects.filter(
id__in=pool_members_id).order_by('id')
relates = list(related_pool_members)
receives = list(received_pool_members)
if relates != receives:
raise exceptions.InvalidIdPoolMemberException(
u'Required All Pool Members By Pool')
for member in pool_members:
member_id = member.get("id")
member_status = member.get("status")
if member_status not in valid_status:
raise exceptions.InvalidStatusPoolMemberException()
server_pool_member = ServerPoolMember.objects.get(id=member_id)
server_pool_member.status = member_status
server_pool_member.save(request.user, commit=True)
# Execute Script To Set Status
command = settings.POOL_MANAGEMENT_MEMBERS_STATUS % pool_id
code, _, _ = exec_script(command)
if code != 0:
raise exceptions.ScriptManagementPoolException()
except (exceptions.ScriptManagementPoolException, ScriptError), exception:
# Rollback
for old_member in related_pool_members:
old_member.save(request.user, commit=True)
raise exception
def handle_post(self, request, user, *args, **kwargs):
'''Treat POST requests to run script creation for vlan and networks
URL: vlan/v4/create/ or vlan/v6/create/
'''
try:
# Generic method for v4 and v6
network_version = kwargs.get('network_version')
# Commons Validations
# User permission
if not has_perm(user, AdminPermission.VLAN_MANAGEMENT, AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
# Business Validations
# Load XML data
xml_map, attrs_map = loads(request.raw_post_data)
# XML data format
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
msg = u'There is no value to the networkapi tag of XML request.'
self.log.error(msg)
return self.response_error(3, msg)
vlan_map = networkapi_map.get('vlan')
if vlan_map is None:
msg = u'There is no value to the vlan tag of XML request.'
self.log.error(msg)
return self.response_error(3, msg)
# Get XML data
network_ip_id = vlan_map.get('id_network_ip')
# Valid network_ip ID
if not is_valid_int_greater_zero_param(network_ip_id):
self.log.error(
u'Parameter id_network_ip is invalid. Value: %s.', network_ip_id)
raise InvalidValueError(None, 'id_network_ip', network_ip_id)
# Network must exists in database
if IP_VERSION.IPv4[0] == network_version:
network_ip = NetworkIPv4().get_by_pk(network_ip_id)
else:
network_ip = NetworkIPv6().get_by_pk(network_ip_id)
# Vlan must be active if Network is
if network_ip.active:
return self.response_error(299)
# Check permission group equipments
equips_from_ipv4 = Equipamento.objects.filter(
ipequipamento__ip__networkipv4__vlan=network_ip.vlan.id, equipamentoambiente__is_router=1)
equips_from_ipv6 = Equipamento.objects.filter(
ipv6equipament__ip__networkipv6__vlan=network_ip.vlan.id, equipamentoambiente__is_router=1)
for equip in equips_from_ipv4:
# User permission
if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip.id, AdminPermission.EQUIP_WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
for equip in equips_from_ipv6:
# User permission
if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip.id, AdminPermission.EQUIP_WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
# Business Rules
success_map = dict()
# If Vlan is not active, need to be created before network
if not network_ip.vlan.ativada:
# Make command
vlan_command = VLAN_CREATE % (network_ip.vlan.id)
# Execute command
code, stdout, stderr = exec_script(vlan_command)
if code == 0:
# After execute script, change to activated
network_ip.vlan.activate(user)
vlan_success = dict()
vlan_success['codigo'] = '%04d' % code
vlan_success['descricao'] = {
'stdout': stdout, 'stderr': stderr}
success_map['vlan'] = vlan_success
else:
return self.response_error(2, stdout + stderr)
# Make command to create Network
if IP_VERSION.IPv4[0] == network_version:
command = NETWORKIPV4_CREATE % (network_ip.id)
else:
command = NETWORKIPV6_CREATE % (network_ip.id)
# Execute command
code, stdout, stderr = exec_script(command)
if code == 0:
# After execute script, change the Network to activated
network_ip.activate(user)
network_success = dict()
network_success['codigo'] = '%04d' % code
network_success['descricao'] = {
'stdout': stdout, 'stderr': stderr}
success_map['network'] = network_success
else:
return self.response_error(2, stdout + stderr)
map = dict()
map['sucesso'] = success_map
vlan_obj = network_ip.vlan
# Return XML
return self.response(dumps_networkapi(map))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def handle_put(self, request, user, *args, **kwargs):
"""Treat requests PUT change limit connections to VIP.
URLs: /vip/<id_vip>/maxcon/<maxcon>/
"""
self.log.info("Change limit connections to VIP")
try:
vip_id = kwargs.get('id_vip')
maxcon = kwargs.get('maxcon')
# User permission
if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
# Valid Vip ID
if not is_valid_int_greater_zero_param(vip_id):
self.log.error(
u'The vip_id parameter is not a valid value: %s.', vip_id)
raise InvalidValueError(None)
# Valid Maxcon
if not is_valid_int_greater_equal_zero_param(maxcon):
self.log.error(
u'The maxcon parameter is not a valid value: %s.', maxcon)
raise InvalidValueError(None)
# Existing Vip ID
vip = RequisicaoVips.get_by_pk(vip_id)
with distributedlock(LOCK_VIP % vip_id):
vip_old = clone(vip)
server_pools = ServerPool.objects.filter(vipporttopool__requisicao_vip=vip)
server_pools_old = []
server_pools_members_old = []
for sp in server_pools:
server_pools_old.append(sp)
for spm in sp.serverpoolmember_set.all():
server_pools_members_old.append(spm)
# Vip must be created
if not vip.vip_criado:
self.log.error(
u'Maxcon can not be changed because VIP has not yet been created.')
raise RequestVipsNotBeenCreatedError(None)
# Vip equipments permission
if vip.ip is not None:
for ip_equipment in vip.ip.ipequipamento_set.all():
if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION, None, ip_equipment.equipamento_id, AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION):
self.log.error(
u'Groups of equipment registered with the IP of the VIP request is not allowed of acess.')
raise EquipmentGroupsNotAuthorizedError(None)
if vip.ipv6 is not None:
for ip_equipment in vip.ipv6.ipv6equipament_set.all():
if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION, None, ip_equipment.equipamento_id, AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION):
self.log.error(
u'Groups of equipment registered with the IP of the VIP request is not allowed of acess.')
raise EquipmentGroupsNotAuthorizedError(None)
# Get variables
variables_map = vip.variables_to_map()
# Valid variables
vip.set_variables(variables_map)
# Valid real names and real ips of real server
if variables_map.get('reals') is not None:
evip = EnvironmentVip.get_by_values(variables_map.get(
'finalidade'), variables_map.get('cliente'), variables_map.get('ambiente'))
for real in variables_map.get('reals').get('real'):
ip_aux_error = real.get('real_ip')
equip_aux_error = real.get('real_name')
equip = Equipamento.get_by_name(equip_aux_error)
# Valid Real
RequisicaoVips.valid_real_server(
ip_aux_error, equip, evip)
# Valid reals_prioritys
variables_map, code = vip.valid_values_reals_priority(
variables_map)
if code is not None:
return self.response_error(329)
# Valid reals_weight
variables_map, code = vip.valid_values_reals_weight(
variables_map)
if code is not None:
return self.response_error(330)
# Valid ports
variables_map, code = vip.valid_values_ports(variables_map)
if code is not None:
return self.response_error(331)
variables_map['maxcon'] = maxcon
vip.set_variables(variables_map)
vip.save(user, commit=True)
#update server pool limits table
#Fix #27
server_pools = ServerPool.objects.filter(vipporttopool__requisicao_vip=vip)
for sp in server_pools:
#If exists pool member, change default maxconn of pool and members
if(len(sp.serverpoolmember_set.all()) > 0):
#if(old_maxconn != sp.default_limit and sp.pool_created):
sp.default_limit = maxcon
sp.save(user, commit=True)
for serverpoolmember in sp.serverpoolmember_set.all():
serverpoolmember.limit = maxcon
serverpoolmember.save(user, commit=True)
# gerador_vips -i <ID_REQUISICAO> --maxconn
command = 'gerador_vips -i %d --maxconn' % vip.id
code, stdout, stderr = exec_script(command)
if code == 0:
success_map = dict()
success_map['codigo'] = '%04d' % code
success_map['descricao'] = {
'stdout': stdout, 'stderr': stderr}
map = dict()
map['sucesso'] = success_map
return self.response(dumps_networkapi(map))
else:
#TODO Check if is needed to update pool members separately
vip_old.save(user, commit=True)
for sp in server_pools_old:
sp.save(user, commit=True)
for spm in server_pools_members_old:
spm.save(user, commit=True)
return self.response_error(2, stdout + stderr)
except XMLError, x:
self.log.error(u'Error reading the XML request.')
return self.response_error(3, x)
def handle_post(self, request, user, *args, **kwargs):
'''Treat POST requests to run remove script for vip
URL: vip/remove/
'''
try:
# Commons Validations
# User permission
if not has_perm(user, AdminPermission.VIP_REMOVE_SCRIPT, AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
# Business Validations
# Load XML data
xml_map, attrs_map = loads(request.raw_post_data)
# XML data format
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
msg = u'There is no value to the networkapi tag of XML request.'
self.log.error(msg)
return self.response_error(3, msg)
vip_map = networkapi_map.get('vip')
if vip_map is None:
msg = u'There is no value to the vlan tag of XML request.'
self.log.error(msg)
return self.response_error(3, msg)
# Get XML data
vip_id = vip_map.get('id_vip')
# Valid vip ID
if not is_valid_int_greater_zero_param(vip_id):
self.log.error(
u'Parameter id_vip is invalid. Value: %s.', vip_id)
raise InvalidValueError(None, 'id_vip', vip_id)
# Vip must exists in database
vip = RequisicaoVips.get_by_pk(vip_id)
with distributedlock(LOCK_VIP % vip_id):
# Equipment permissions
if vip.ip is not None:
for ip_equipment in vip.ip.ipequipamento_set.all():
if not has_perm(user, AdminPermission.VIP_CREATE_SCRIPT, AdminPermission.WRITE_OPERATION, None, ip_equipment.equipamento_id, AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION):
return self.not_authorized()
if vip.ipv6 is not None:
for ip_equipment in vip.ipv6.ipv6equipament_set.all():
if not has_perm(user, AdminPermission.VIP_CREATE_SCRIPT, AdminPermission.WRITE_OPERATION, None, ip_equipment.equipamento_id, AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION):
return self.not_authorized()
# Must be validated
if not vip.validado:
return self.response_error(191, vip_id)
# Must be created
if not vip.vip_criado:
return self.response_error(322, vip_id)
# Business Rules
# Make command
command = VIP_REMOVE % (vip.id)
# Execute command
code, stdout, stderr = exec_script(command)
if code == 0:
success_map = dict()
success_map['codigo'] = '%04d' % code
success_map['descricao'] = {
'stdout': stdout, 'stderr': stderr}
vip.vip_criado = 0
vip.save()
#Marks the server pool as not created if the
# server pool is not used in another already created vip request
server_pools = ServerPool.objects.filter(vipporttopool__requisicao_vip=vip.id)
for server_pool in server_pools:
#Checks if server pool is still used in another created vip request
server_pools_still_used = VipPortToPool.objects.filter(server_pool=server_pool).exclude(requisicao_vip=vip.id)
vip_with_server_pool_is_created = 0
for server_pool_still_used in server_pools_still_used:
if server_pool_still_used.requisicao_vip.vip_criado:
vip_with_server_pool_is_created = 1
if not vip_with_server_pool_is_created and server_pool.pool_created:
server_pool.pool_created = 0
server_pool.save()
map = dict()
map['sucesso'] = success_map
else:
return self.response_error(2, stdout + stderr)
# Return XML
return self.response(dumps_networkapi(map))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def handle_get(self, request, user, *args, **kwargs):
"""Rollback of the filter
URLs: /vip/l7/<id_vip>/rollback/
"""
self.log.info('Applies the last working filter to VIP')
try:
id_vip = kwargs.get('id_vip')
# User is authorized
if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT,
AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
# Valid Vip ID
if not is_valid_int_greater_zero_param(id_vip):
self.log.error(
u'The vip_id parameter is not a valid value: %s.', id_vip)
raise InvalidValueError(None)
# Get VIP data
vip = RequisicaoVips.get_by_pk(id_vip)
with distributedlock(LOCK_VIP % id_vip):
# backup do vip
vip_old = clone(vip)
# Vip must be created
if not vip.vip_criado:
self.log.error(
u'Filter can not be applied because VIP has not been created yet.'
)
raise RequestVipsNotBeenCreatedError(None)
# salva data do rollback, rollback para aplicado, passa o
# aplicado para l7
vip.applied_l7_datetime = datetime.now().strftime(
'%Y-%m-%d %H:%M:%S')
# Set Applied With Rollback
vip.filter_applied = vip_old.filter_rollback
vip.rule_applied = vip_old.rule_rollback
# Set Rollback With Applied
vip.filter_rollback = vip_old.filter_applied
vip.rule_rollback = vip_old.rule_applied
vip.save(user, commit=True)
# roda script
command = 'gerador_vips -i %d --l7_filter_current' % vip.id
code, stdout, stderr = exec_script(command)
# code 0 = executou com sucesso
if code == 0:
success_map = dict()
success_map['codigo'] = '%04d' % code
success_map['descricao'] = {
'stdout': stdout,
'stderr': stderr
}
map = dict()
map['sucesso'] = success_map
return self.response(dumps_networkapi(map))
else:
# pega os dados anteriores e os salva no banco
vip_old.save(user, commit=True)
return self.response_error(2, stdout + stderr)
except XMLError, x:
self.log.error(u'Error reading the XML request.')
return self.response_error(3, x)
def handle_put(self, request, user, *args, **kwargs):
"""
Handles PUT requests to change the VIP's healthcheck.
URL: vip/<id_vip>/healthcheck
"""
self.log.info("Change VIP's healthcheck")
try:
# Commons Validations
# User permission
if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION):
self.log.error(u"User does not have permission to perform the operation.")
raise UserNotAuthorizedError(None)
# Valid Vip ID
vip_id = kwargs.get("id_vip")
if not is_valid_int_greater_zero_param(vip_id):
self.log.error(u"The vip_id parameter is not a valid value: %s.", vip_id)
raise InvalidValueError(None)
# Existing Vip ID
vip = RequisicaoVips.get_by_pk(vip_id)
with distributedlock(LOCK_VIP % vip_id):
vip_old = clone(vip)
# Vip must be created
if not vip.vip_criado:
self.log.error(u"Healthcheck can not be changed because VIP has not yet been created.")
raise RequestVipsNotBeenCreatedError(None)
# Vip equipments permission
if vip.ip is not None:
for ip_equipment in vip.ip.ipequipamento_set.all():
if not has_perm(
user,
AdminPermission.VIP_ALTER_SCRIPT,
AdminPermission.WRITE_OPERATION,
None,
ip_equipment.equipamento_id,
AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION,
):
self.log.error(
u"Groups of equipment registered with the IP of the VIP request is not allowed of acess."
)
raise EquipmentGroupsNotAuthorizedError(None)
if vip.ipv6 is not None:
for ip_equipment in vip.ipv6.ipv6equipament_set.all():
if not has_perm(
user,
AdminPermission.VIP_ALTER_SCRIPT,
AdminPermission.WRITE_OPERATION,
None,
ip_equipment.equipamento_id,
AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION,
):
self.log.error(
u"Groups of equipment registered with the IP of the VIP request is not allowed of acess."
)
raise EquipmentGroupsNotAuthorizedError(None)
# Business Validations
# Load XML data
xml_map, attrs_map = loads(request.raw_post_data)
# XML data format
networkapi_map = xml_map.get("networkapi")
if networkapi_map is None:
return self.response_error(3, u"There is no value to the networkapi tag of XML request.")
vip_map = networkapi_map.get("vip")
if vip_map is None:
return self.response_error(3, u"There is no value to the vip tag of XML request.")
# Get XML data
healthcheck_type = upper(str(vip_map["healthcheck_type"]))
healthcheck = vip_map["healthcheck"]
id_healthcheck_expect = vip_map["id_healthcheck_expect"]
vars = vip.variables_to_map()
environment_vip = EnvironmentVip.get_by_values(
vars.get("finalidade"), vars.get("cliente"), vars.get("ambiente")
)
healthcheck_is_valid = RequisicaoVips.heathcheck_exist(healthcheck_type, environment_vip.id)
# healthcheck_type exist'
if not healthcheck_is_valid:
self.log.error(u"The healthcheck_type parameter not exist.")
raise InvalidValueError(
u"The healthcheck_type parameter not exist.", "healthcheck_type", healthcheck_type
)
# If healthcheck_type is not HTTP id_healthcheck_expect and
# healthcheck must be None
if healthcheck_type != "HTTP":
if not (id_healthcheck_expect == None and healthcheck == None):
msg = (
u"The healthcheck_type parameter is %s, then healthcheck and id_healthcheck_expect must be None."
% healthcheck_type
)
self.log.error(msg)
raise InvalidValueError(msg)
# return self.response_error(276)
# If healthcheck_type is 'HTTP' id_healthcheck_expect and
# healthcheck must NOT be None
elif healthcheck_type == "HTTP":
if id_healthcheck_expect == None or healthcheck == None:
msg = u"The healthcheck_type parameter is HTTP, then healthcheck and id_healthcheck_expect must NOT be None."
self.log.error(msg)
raise InvalidValueError(msg)
else:
try:
# Valid healthcheck_expect ID
if not is_valid_int_greater_zero_param(id_healthcheck_expect):
self.log.error(
u"The id_healthcheck_expect parameter is not a valid value: %s.",
id_healthcheck_expect,
)
raise InvalidValueError(None, "id_healthcheck_expect", id_healthcheck_expect)
# Find healthcheck_expect by ID to check if it
# exist
healthcheck_expect = HealthcheckExpect.get_by_pk(id_healthcheck_expect)
# Check if healthcheck is a string
if not isinstance(healthcheck, basestring):
msg = u"The healthcheck must be a string."
self.log.error(msg)
raise InvalidValueError(msg, "healthcheck", healthcheck)
except HealthcheckExpectNotFoundError:
msg = u"The id_healthcheck_expect parameter does not exist."
self.log.error(msg)
raise InvalidValueError(msg, "id_healthcheck_expect", id_healthcheck_expect)
# Business Rules
# Get variables
variables_map = vip.variables_to_map()
# Valid variables
vip.set_variables(variables_map)
# Set healthcheck_type
variables_map["healthcheck_type"] = healthcheck_type
# If healthcheck_type is HTTP
if healthcheck_type == "HTTP":
# Set healthcheck
variables_map["healthcheck"] = healthcheck
# Set id_healthcheck_expect
vip.healthcheck_expect = healthcheck_expect
else:
# Set healthcheck to None
variables_map["healthcheck"] = None
# Set id_healthcheck_expect to None
vip.healthcheck_expect = None
# Set variables
vip.set_variables(variables_map)
# Save VIP
vip.save(user, commit=True)
# Executar script
# Put old call to work with new pool features
# This call is deprecated
server_pools = ServerPool.objects.filter(vipporttopool__requisicao_vip=vip)
if healthcheck == None:
healthcheck = ""
if id_healthcheck_expect == None:
healthcheck_expect = ""
else:
healthcheck_expect = healthcheck_expect.expect_string
healthcheck_identifier = ""
healthcheck_destination = "*:*"
hc = get_or_create_healthcheck(
user,
healthcheck_expect,
healthcheck_type,
healthcheck,
healthcheck_destination,
healthcheck_identifier,
)
# Applies new healthcheck in pool
# Todo - new method
old_healthchecks = []
for sp in server_pools:
old_healthchecks.append(sp.healthcheck)
sp.healthcheck = hc
sp.save(user, commit=True)
# gerador_vips -i <ID_REQUISICAO> --healthcheck
command = "gerador_vips -i %d --healthcheck" % vip.id
code, stdout, stderr = exec_script(command)
if code == 0:
success_map = dict()
success_map["codigo"] = "%04d" % code
success_map["descricao"] = {"stdout": stdout, "stderr": stderr}
map = dict()
map["sucesso"] = success_map
return self.response(dumps_networkapi(map))
else:
old_healthchecks.reverse()
for sp in server_pools:
sp.healthcheck = old_healthchecks.pop()
sp.save(user, commit=True)
vip_old.save(user, commit=True)
return self.response_error(2, stdout + stderr)
except XMLError, x:
self.log.error(u"Error reading the XML request.")
return self.response_error(3, x)
def add_remove_check_list_vlan_trunk(self, user, networkapi_map, vlan_id, operation):
equipment_map = networkapi_map.get('equipamento')
if equipment_map is None:
return self.response_error(105)
try:
name = equipment_map.get('nome')
if name is None or name == '':
self.log.error(u'Parameter nome is invalid. Value: %s.', name)
raise InvalidValueError(None, 'nome', name)
interface_name = equipment_map.get('nome_interface')
if interface_name is None or interface_name == '':
self.log.error(
u'Parameter nome_interface is invalid. Value: %s.', interface_name)
raise InvalidValueError(None, 'nome_interface', interface_name)
if operation != 'list':
vlan = Vlan().get_by_pk(vlan_id)
# Check existence
equipment = Equipamento().get_by_name(name)
equip_permission = AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION
admin_permission = AdminPermission.WRITE_OPERATION
if operation in ['check', 'list']:
equip_permission = AdminPermission.EQUIP_READ_OPERATION
admin_permission = AdminPermission.READ_OPERATION
if not has_perm(user,
AdminPermission.VLAN_ALTER_SCRIPT,
admin_permission,
None,
equipment.id,
equip_permission):
return self.not_authorized()
interface = Interface.get_by_interface_equipment(
interface_name, equipment.id)
if interface.ligacao_front is None:
return self.response_error(139)
protected = None
if operation not in ['check', 'list']:
protected = 0
try:
switch_interface = interface.get_switch_interface_from_host_interface(
protected)
except InterfaceNotFoundError:
return self.response_error(144)
if not has_perm(user,
AdminPermission.VLAN_ALTER_SCRIPT,
admin_permission,
None,
switch_interface.equipamento_id,
equip_permission):
return self.not_authorized()
# configurador -T snmp_vlans_trunk -i <nomequip> -A “'int=<interface> add=<numvlan>'”
# configurador -T snmp_vlans_trunk -i <nomequip> -A “'int=<interface> del=<numvlan>'”
# configurador -T snmp_vlans_trunk -i <nomequip> -A “'int=<interface> check=<numvlan>'"
# configurador -T snmp_vlans_trunk -i <nomequip> -A
# “'int=<interface> list'"
command = 'configurador -T snmp_vlans_trunk -i %s -A "\'int=%s %s' % (switch_interface.equipamento.nome,
switch_interface.interface,
operation)
if operation != 'list':
command = command + '=%d' % vlan.num_vlan
command = command + '\'"'
code, stdout, stderr = exec_script(command)
if code == 0:
map = dict()
success_map = dict()
success_map['codigo'] = '%04d' % code
success_map['descricao'] = {'stdout': stdout, 'stderr': stderr}
map['sucesso'] = success_map
return self.response(dumps_networkapi(map))
else:
return self.response_error(2, stdout + stderr)
except EquipamentoNotFoundError:
return self.response_error(117, name)
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def handle_put(self, request, user, *args, **kwargs):
"""
Handles PUT requests to change the VIP's real server.
URL: vip/real/edit
"""
self.log.info("Change VIP's real server")
try:
# User permission
if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT,
AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
# Commons Validations
# Load XML data
xml_map, attrs_map = loads(
request.raw_post_data,
['real', 'reals_weight', 'reals_priority'])
# XML data format
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
return self.response_error(
3,
u'There is no value to the networkapi tag of XML request.'
)
vip_map = networkapi_map.get('vip')
if vip_map is None:
return self.response_error(
3, u'There is no value to the vip tag of XML request.')
# Get XML data
vip_id = vip_map.get('vip_id')
alter_priority = vip_map.get('alter_priority')
# Valid VIP ID
if not is_valid_int_greater_zero_param(vip_id):
self.log.error(
u'The vip_id parameter is not a valid value: %s.', vip_id)
raise InvalidValueError(None, 'vip_id', vip_id)
# Valid Alter Priority
if not is_valid_int_greater_equal_zero_param(alter_priority):
alter_priority = 0
# Existing Vip ID
vip = RequisicaoVips.get_by_pk(vip_id)
# Clone vip
vip_old = clone(vip)
server_pools = ServerPool.objects.filter(
vipporttopool__requisicao_vip=vip)
server_pools_old = []
server_pools_members_old = []
for sp in server_pools:
server_pools_old.append(sp)
for spm in sp.serverpoolmember_set.all():
server_pools_members_old.append(spm)
# Get variables
variables_map = vip.variables_to_map()
# Valid variables
vip.set_variables(variables_map)
# Get balancing method
vip_map['metodo_bal'] = str(
variables_map.get('metodo_bal')).upper()
with distributedlock(LOCK_VIP % vip_id):
# Valid real names and real ips of real server
if vip_map.get('reals') is not None:
evip = EnvironmentVip.get_by_values(
variables_map.get('finalidade'),
variables_map.get('cliente'),
variables_map.get('ambiente'))
for real in vip_map.get('reals').get('real'):
ip_aux_error = real.get('real_ip')
equip_aux_error = real.get('real_name')
if equip_aux_error is not None:
equip = Equipamento.get_by_name(equip_aux_error)
else:
self.log.error(
u'The real_name parameter is not a valid value: None.'
)
raise InvalidValueError(None, 'real_name', 'None')
# Valid Real
RequisicaoVips.valid_real_server(
ip_aux_error, equip, evip, False)
# Valid reals_prioritys
vip_map, code = vip.valid_values_reals_priority(vip_map)
if code is not None:
return self.response_error(329)
# Valid reals_weight
vip_map, code = vip.valid_values_reals_weight(vip_map)
if code is not None:
return self.response_error(330)
# Get variables
variables_map = vip.variables_to_map()
vip_port_list, reals_list, reals_priority, reals_weight = vip.get_vips_and_reals(
vip.id)
if reals_list:
variables_map['reals'] = {'real': reals_list}
variables_map['reals_prioritys'] = {
'reals_priority': reals_priority
}
variables_map['reals_weights'] = {
'reals_weight': reals_weight
}
variables_map['portas_servicos'] = {'porta': vip_port_list}
# clone variables_map
# variables_map_old = clone(variables_map)
# Valid ports
variables_map, code = vip.valid_values_ports(variables_map)
if code is not None:
return self.response_error(331)
""" OLD CALLS - Deprecated """
vip_ports_pool = VipPortToPool.objects.filter(
requisicao_vip=vip)
reals = vip_map.get('reals')
new_call = True
if reals and 'port_real' not in reals['real'][0]:
new_call = False
reals_prioritys = vip_map.get('reals_prioritys')
reals_weights = dict()
if 'reals_weights' in vip_map:
reals_weights = vip_map.get('reals_weights')
reals_aux = dict()
reals_prioritys_aux = dict()
reals_weight_aux = dict()
reals_aux['real'] = list()
reals_prioritys_aux['reals_priority'] = list()
reals_weight_aux['reals_weight'] = list()
repeat = (len(vip_ports_pool) * len(reals['real'])) / len(
reals['real'])
execute_list = list()
for x in range(repeat):
execute_list.append((x + 1) * len(reals['real']))
for i in range(len(reals['real'])):
for vippp in vip_ports_pool:
reals_prioritys_aux['reals_priority'].append(
reals_prioritys['reals_priority'][i])
if 'reals_weight' in reals_weights:
reals_weight_aux['reals_weight'].append(
reals_weights['reals_weight'][i])
server_pool = ServerPool.objects.get(
vipporttopool__id=vippp.id,
vipporttopool__requisicao_vip=vip)
if 'id_ip' not in reals['real'][i]:
id_ip = get_id_ip(reals['real'][i])
else:
id_ip = reals['real'][i]['id_ip']
reals_aux['real'].append({
'id_ip':
id_ip,
'port_real':
server_pool.default_port,
'real_name':
reals['real'][i]['real_name'],
'port_vip':
vippp.port_vip,
u'real_ip':
reals['real'][i]['real_ip']
})
vip_map['reals_prioritys'] = reals_prioritys_aux
vip_map['reals_weights'] = reals_weight_aux
vip_map['reals'] = reals_aux
""" OLD CALLS - END """
# Check diff reals (reals_to_add, reals_to_rem, reals_to_stay)
reals_to_add, reals_to_rem, reals_to_stay = diff_reals(
variables_map, vip_map)
reals_final = dict()
reals_final['reals'] = list()
reals_final['priorities'] = list()
reals_final['weights'] = list()
reals_error = list()
removes = True
error = False
##############################################
# NOT MODIFIED - reals_to_stay #
##############################################
for i in range(len(reals_to_stay['reals'])):
real, priority, weight, id_ip, port_vip, port_real, new_call = get_variables(
reals_to_stay, i, new_call)
# Check ip type
if is_valid_ipv4(real.get('real_ip')) is True:
ip_type = IP_VERSION.IPv4[1]
ip = Ip().get_by_pk(id_ip)
else:
ip_type = IP_VERSION.IPv6[1]
ip = Ipv6().get_by_pk(id_ip)
reals_final['reals'].append(reals_to_stay['reals'][i])
reals_final['priorities'].append(
reals_to_stay['priorities'][i])
if reals_to_stay['weighted']:
reals_final['weights'].append(
reals_to_stay['weights'][i])
server_pool = ServerPool.objects.get(
vipporttopool__port_vip=port_vip,
vipporttopool__requisicao_vip=vip)
if ip_type == IP_VERSION.IPv4[1]:
server_pool_member = ServerPoolMember.objects.get(
server_pool=server_pool,
port_real=port_real,
ip=id_ip)
else:
server_pool_member = ServerPoolMember.objects.get(
server_pool=server_pool,
port_real=port_real,
ipv6=id_ip)
server_pool_member.priority = priority
server_pool_member.weight = weight
server_pool_member.save(user, commit=True)
#############################################
# ADD REALS - reals_to_add #
#############################################
for i in range(len(reals_to_add['reals'])):
real, priority, weight, id_ip, port_vip, port_real, new_call = get_variables(
reals_to_add, i, new_call)
if len(real.get('real_ip').split('.')) <= 1:
ip_type = IP_VERSION.IPv6[1]
ip = Ipv6().get_by_pk(id_ip)
if new_call:
command = VIP_REALS_v6_CREATE % (
vip.id, id_ip, port_real, port_vip)
else:
command = VIP_REAL_v6_CREATE % (
vip.id, real.get('real_name'),
real.get('real_ip'))
else:
ip_type = IP_VERSION.IPv4[1]
ip = Ip().get_by_pk(id_ip)
if new_call:
command = VIP_REALS_v4_CREATE % (
vip.id, id_ip, port_real, port_vip)
else:
command = VIP_REAL_v4_CREATE % (
vip.id, real.get('real_name'),
real.get('real_ip'))
self.log.info(
'------------------- ADD ----------------------')
self.log.info(
'Insert ServerPoolMember before execute script')
add_reals_before_script(port_vip, vip, ip, ip_type,
priority, weight, port_real, user)
self.log.info('The insert has completed successfully')
# if new_call or (i + 1) in execute_list:
self.log.info('Execute script: %s' % command)
code, stdout, stderr = exec_script(command)
self.log.info('Script was executed and returned code %s' %
code)
if code != 0:
removes = False
error = True
reals_error.append(real)
self.log.info(
'Remove ServerPoolMember after execute script if code != 0'
)
remove_reals_after_script(port_vip, ip_type, vip,
port_real, priority, weight,
id_ip, user)
self.log.info('The remove has completed successfully')
else:
reals_final['reals'].append(real)
reals_final['priorities'].append(
reals_to_add['priorities'][i])
if reals_to_add['weighted']:
reals_final['weights'].append(
reals_to_add['weights'][i])
self.log.info(
'----------------- ADD END --------------------')
##########################################
# REMOVE REALS - reals_to_rem #
##########################################
if removes:
for i in range(len(reals_to_rem['reals'])):
real, priority, weight, id_ip, port_vip, port_real, new_call = get_variables(
reals_to_rem, i, new_call)
if len(real.get('real_ip').split('.')) <= 1:
ip_type = IP_VERSION.IPv6[1]
if new_call:
command = VIP_REALS_v6_REMOVE % (
vip.id, id_ip, port_real, port_vip)
else:
command = VIP_REAL_v6_REMOVE % (
vip.id, real.get('real_name'),
real.get('real_ip'))
else:
ip_type = IP_VERSION.IPv4[1]
if new_call:
command = VIP_REALS_v4_REMOVE % (
vip.id, id_ip, port_real, port_vip)
else:
command = VIP_REAL_v4_REMOVE % (
vip.id, real.get('real_name'),
real.get('real_ip'))
self.log.info(
'------------------ REMOVE --------------------')
self.log.info('Execute script: %s' % command)
code, stdout, stderr = exec_script(command)
self.log.info(
'script was executed and returned code %s' % code)
if code != 0:
error = True
reals_error.append(real)
reals_final['reals'].append(real)
reals_final['priorities'].append(
reals_to_rem['priorities'][i])
if reals_to_rem['weighted']:
reals_final['weights'].append(
reals_to_rem['weights'][i])
else:
self.log.info(
'Remove ServerPoolMember after execute script')
remove_reals_after_script(port_vip, ip_type, vip,
port_real, priority,
weight, id_ip, user)
self.log.info(
'The remove has completed successfully')
self.log.info(
'---------------- REMOVE END ------------------')
else:
for i in range(len(reals_to_rem['reals'])):
real = reals_to_rem['reals'][i]
reals_final['reals'].append(real)
reals_final['priorities'].append(
reals_to_rem['priorities'][i])
if reals_to_add['weighted']:
reals_final['weights'].append(
reals_to_rem['weights'][i])
variables_map['reals'] = dict()
variables_map['reals_prioritys'] = dict()
variables_map['reals_weights'] = dict()
if len(reals_final['reals']) > 0:
variables_map['reals']['real'] = reals_final['reals']
variables_map['reals_prioritys'][
'reals_priority'] = reals_final['priorities']
if reals_final['weights'] is not None:
variables_map['reals_weights'][
'reals_weight'] = reals_final['weights']
else:
variables_map.pop('reals')
variables_map.pop('reals_prioritys')
variables_map.pop('reals_weights')
# set variables
vip.set_variables(variables_map)
try:
# If Priority changed
if int(alter_priority) != 0:
# gerador_vips -i <ID_REQUISICAO> --priority
command = 'gerador_vips -i %d --priority' % vip.id
# Logging
self.log.info(
'---------------- ALTER PRIORITY ------------------'
)
self.log.info('Command: ' + command)
# Execute script
code, stdout, stderr = exec_script(command)
self.log.info('Code returned: ' + str(code))
self.log.info('Stdout: ' + stdout)
self.log.info(
'-------------- ALTER PRIORITY END ----------------'
)
# Script returned error while executing, rollback the
# changes in database
if code != 0:
self.log.info('Code != 0, rollback changes')
vip_old.save(user, commit=True)
for sp in server_pools_old:
sp.save(user, commit=True)
for spm in server_pools_members_old:
spm.save(user, commit=True)
return self.response_error(2, stdout + stderr)
except Exception, e:
if isinstance(e, IntegrityError):
# Duplicate value for Port Vip, Port Real and IP
self.log.error(u'Failed to update the request vip.')
return self.response_error(353)
else:
self.log.error(u'Failed to update the request vip.')
raise RequisicaoVipsError(
e, u'Failed to update the request vip')
if error:
# build return message
vip_list = ''
ip_list = ''
for real in reals_error:
vip_list = vip_list + real['real_name'] + ', '
ip_list = ip_list + real['real_ip'] + ', '
return self.response_error(333, vip_list[:-2],
ip_list[:-2])
else:
return self.response(dumps_networkapi({}))
except XMLError, x:
self.log.error(u'Error reading the XML request.')
return self.response_error(3, x)
def handle_delete(self, request, user, *args, **kwargs):
"""Handles DELETE requests to remove VLAN by ID.
URLs: /vlan/<id_vlan>/remove/
"""
self.log.info('Remove VLAN by ID')
CODE_MESSAGE_VLAN_ERROR = 369
try:
# Commons Validations
# User permission
if not has_perm(user, AdminPermission.VLAN_MANAGEMENT, AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
# Business Validations
# Load URL param
vlan_id = kwargs.get('id_vlan')
# Valid VLAN ID
if not is_valid_int_greater_zero_param(vlan_id):
self.log.error(
u'Parameter id_vlan is invalid. Value: %s.', vlan_id)
raise InvalidValueError(None, 'id_vlan', vlan_id)
# Existing VLAN ID
vlan = Vlan().get_by_pk(vlan_id)
# Check permission group equipments
equips_from_ipv4 = Equipamento.objects.filter(
ipequipamento__ip__networkipv4__vlan=vlan_id, equipamentoambiente__is_router=1).distinct()
equips_from_ipv6 = Equipamento.objects.filter(
ipv6equipament__ip__networkipv6__vlan=vlan_id, equipamentoambiente__is_router=1).distinct()
for equip in equips_from_ipv4:
# User permission
if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip.id, AdminPermission.EQUIP_WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
for equip in equips_from_ipv6:
# User permission
if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip.id, AdminPermission.EQUIP_WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
with distributedlock(LOCK_VLAN % vlan_id):
# Business Rules
if vlan.ativada:
network_errors = []
for net4 in vlan.networkipv4_set.all():
if net4.active:
try:
command = settings.NETWORKIPV4_REMOVE % int(net4.id)
code, stdout, stderr = exec_script(command)
if code == 0:
net4.deactivate(user, True)
else:
network_errors.append(str(net4.id))
except Exception, e:
network_errors.append(str(net4.id))
pass
for net6 in vlan.networkipv6_set.all():
if net6.active:
try:
command = settings.NETWORKIPV6_REMOVE % int(net6.id)
code, stdout, stderr = exec_script(command)
if code == 0:
net6.deactivate(user, True)
else:
network_errors.append(str(net6.id))
except Exception, e:
network_errors.append(str(net6.id))
pass
if network_errors:
raise VlanNetworkError(
None, message=', '.join(network_errors))
else:
def handle_get(self, request, user, *args, **kwargs):
"""Rollback of the filter
URLs: /vip/l7/<id_vip>/rollback/
"""
self.log.info("Applies the last working filter to VIP")
try:
id_vip = kwargs.get('id_vip')
# User is authorized
if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
# Valid Vip ID
if not is_valid_int_greater_zero_param(id_vip):
self.log.error(
u'The vip_id parameter is not a valid value: %s.', id_vip)
raise InvalidValueError(None)
# Get VIP data
vip = RequisicaoVips.get_by_pk(id_vip)
with distributedlock(LOCK_VIP % id_vip):
# backup do vip
vip_old = clone(vip)
# Vip must be created
if not vip.vip_criado:
self.log.error(
u'Filter can not be applied because VIP has not been created yet.')
raise RequestVipsNotBeenCreatedError(None)
# salva data do rollback, rollback para aplicado, passa o
# aplicado para l7
vip.applied_l7_datetime = datetime.now().strftime(
"%Y-%m-%d %H:%M:%S")
# Set Applied With Rollback
vip.filter_applied = vip_old.filter_rollback
vip.rule_applied = vip_old.rule_rollback
# Set Rollback With Applied
vip.filter_rollback = vip_old.filter_applied
vip.rule_rollback = vip_old.rule_applied
vip.save(user, commit=True)
# roda script
command = 'gerador_vips -i %d --l7_filter_current' % vip.id
code, stdout, stderr = exec_script(command)
# code 0 = executou com sucesso
if code == 0:
success_map = dict()
success_map['codigo'] = '%04d' % code
success_map['descricao'] = {
'stdout': stdout, 'stderr': stderr}
map = dict()
map['sucesso'] = success_map
return self.response(dumps_networkapi(map))
else:
# pega os dados anteriores e os salva no banco
vip_old.save(user, commit=True)
return self.response_error(2, stdout + stderr)
except XMLError, x:
self.log.error(u'Error reading the XML request.')
return self.response_error(3, x)
def __create_vip(self, vip_id, user):
# Valid vip ID
if not is_valid_int_greater_zero_param(vip_id):
self.log.error(u'Parameter id_vip is invalid. Value: %s.', vip_id)
raise InvalidValueError(None, 'id_vip', vip_id)
with distributedlock(LOCK_VIP % vip_id):
# Vip must exists in database
vip = RequisicaoVips.get_by_pk(vip_id)
# Equipment permissions
if vip.ip is not None:
for ip_equipment in vip.ip.ipequipamento_set.all():
if not has_perm(
user, AdminPermission.VIP_CREATE_SCRIPT,
AdminPermission.WRITE_OPERATION, None,
ip_equipment.equipamento_id,
AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION):
return self.not_authorized()
if vip.ipv6 is not None:
for ip_equipment in vip.ipv6.ipv6equipament_set.all():
if not has_perm(
user, AdminPermission.VIP_CREATE_SCRIPT,
AdminPermission.WRITE_OPERATION, None,
ip_equipment.equipamento_id,
AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION):
return self.not_authorized()
# Must be validated
if not vip.validado:
return self.response_error(191, vip_id)
# Must be created
if vip.vip_criado:
return self.response_error(192, vip_id)
# Business Rules
# Make command
command = VIP_CREATE % (vip.id)
# Execute command
code, stdout, stderr = exec_script(command)
if code == 0:
success_map = dict()
success_map['codigo'] = '%04d' % code
success_map['descricao'] = {'stdout': stdout, 'stderr': stderr}
vip.rule_applied = vip.rule
vip.filter_applied = vip.l7_filter
vip.l7_filter = None
vip.rule = None
vip.filter_valid = False
vip.vip_criado = 1
vip.save()
# SYNC_VIP
old_to_new(vip)
server_pools = ServerPool.objects.filter(
vipporttopool__requisicao_vip=vip.id)
for server_pool in server_pools:
if not server_pool.pool_created:
server_pool.pool_created = 1
server_pool.save()
map = dict()
map['sucesso'] = success_map
else:
return self.response_error(2, stdout + stderr)
# Return XML
return self.response(dumps_networkapi(map))
def save_server_pool_member(user, sp, list_server_pool_member):
list_pool_member = list()
old_priorities_list = list()
# Remove empty values from list
id_pool_member_noempty = [x['id_pool_member'] for x in list_server_pool_member if x['id_pool_member'] != '']
#exclue server pool member
del_smp = sp.serverpoolmember_set.exclude(id__in=id_pool_member_noempty)
if del_smp:
for obj in del_smp:
obj.delete(user)
#execute script remove real if pool already created
#commit transaction after each successful script call
if sp.pool_created:
command = settings.POOL_REAL_REMOVE % (obj.server_pool_id, obj.ip_id if obj.ip else obj.ipv6_id, obj.port_real)
code, _, _ = exec_script(command)
if code != 0:
raise exceptions.ScriptCreatePoolException()
transaction.commit()
if list_server_pool_member:
apply_new_priorities = False
for dic in list_server_pool_member:
#
ip_object = None
ipv6_object = None
if len(dic['ip']) <= 15:
ip_object = Ip.get_by_pk(dic['id'])
else:
ipv6_object = Ipv6.get_by_pk(dic['id'])
id_pool = sp.id
id_ip = ip_object and ip_object.id or ipv6_object and ipv6_object.id
port_ip = dic['port_real']
if dic['id_pool_member']:
spm = ServerPoolMember.objects.get(id=dic['id_pool_member'])
spm.server_pool = sp
spm.identifier = dic['nome_equips']
spm.ip = ip_object
spm.ipv6 = ipv6_object
spm.weight = dic['weight']
spm.limit = sp.default_limit
old_spm_priority = spm.priority
old_priorities_list.append(old_spm_priority)
spm.priority = dic['priority']
spm.port_real = dic['port_real']
spm.save(user)
if(old_spm_priority != spm.priority and sp.pool_created):
apply_new_priorities = True
else:
spm = ServerPoolMember(server_pool=sp, identifier=dic['nome_equips'], ip=ip_object, ipv6=ipv6_object,
priority=dic['priority'], weight=dic['weight'], limit=sp.default_limit,
port_real=dic['port_real'])
spm.save(user)
old_priorities_list.append(dic['priority'])
#execute script to create real if pool already created
#commits transaction. Rolls back if script returns error
if sp.pool_created:
transaction.commit()
#def prepare_and_save(self, server_pool, ip, ip_type, priority, weight, port_real, user, commit=False):
#spm.prepare_and_save(sp, ip_object, IP_VERSION.IPv4[1], dic['priority'], dic['weight'], dic['port_real'], user, True)
command = settings.POOL_REAL_CREATE % (id_pool, id_ip, port_ip)
code, _, _ = exec_script(command)
if code != 0:
spm.delete(user)
transaction.commit()
raise exceptions.ScriptCreatePoolException()
#if sp.healthcheck_id:
# spm.healthcheck = sp.healthcheck
list_pool_member.append(spm)
#Applies new priority in pool - only 1 script run for all members
if(apply_new_priorities):
transaction.commit()
command = settings.POOL_MEMBER_PRIORITIES % (sp.id)
code, _, _ = exec_script(command)
if code != 0:
for i in len(old_priorities_list):
list_pool_member[i].priority = old_priorities_list[i]
list_pool_member[i].save(user)
transaction.commit()
raise exceptions.ScriptAlterPriorityPoolMembersException()
return list_pool_member
def handle_post(self, request, user, *args, **kwargs):
'''Treat POST requests to run script creation for vlan and networks
URL: vlan/v4/create/ or vlan/v6/create/
'''
try:
# Generic method for v4 and v6
network_version = kwargs.get('network_version')
# Commons Validations
# User permission
if not has_perm(user, AdminPermission.VLAN_MANAGEMENT, AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
# Business Validations
# Load XML data
xml_map, attrs_map = loads(request.raw_post_data)
# XML data format
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
msg = u'There is no value to the networkapi tag of XML request.'
self.log.error(msg)
return self.response_error(3, msg)
vlan_map = networkapi_map.get('vlan')
if vlan_map is None:
msg = u'There is no value to the vlan tag of XML request.'
self.log.error(msg)
return self.response_error(3, msg)
# Get XML data
network_ip_id = vlan_map.get('id_network_ip')
# Valid network_ip ID
if not is_valid_int_greater_zero_param(network_ip_id):
self.log.error(
u'Parameter id_network_ip is invalid. Value: %s.', network_ip_id)
raise InvalidValueError(None, 'id_network_ip', network_ip_id)
# Network must exists in database
if IP_VERSION.IPv4[0] == network_version:
network_ip = NetworkIPv4().get_by_pk(network_ip_id)
else:
network_ip = NetworkIPv6().get_by_pk(network_ip_id)
# Vlan must be active if Network is
if network_ip.active:
return self.response_error(299)
# Check permission group equipments
equips_from_ipv4 = Equipamento.objects.filter(
ipequipamento__ip__networkipv4__vlan=network_ip.vlan.id, equipamentoambiente__is_router=1)
equips_from_ipv6 = Equipamento.objects.filter(
ipv6equipament__ip__networkipv6__vlan=network_ip.vlan.id, equipamentoambiente__is_router=1)
for equip in equips_from_ipv4:
# User permission
if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip.id, AdminPermission.EQUIP_WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
for equip in equips_from_ipv6:
# User permission
if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip.id, AdminPermission.EQUIP_WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
# Business Rules
success_map = dict()
# If Vlan is not active, need to be created before network
if not network_ip.vlan.ativada:
# Make command
vlan_command = VLAN_CREATE % (network_ip.vlan.id)
# Execute command
code, stdout, stderr = exec_script(vlan_command)
if code == 0:
# After execute script, change to activated
network_ip.vlan.activate(user)
vlan_success = dict()
vlan_success['codigo'] = '%04d' % code
vlan_success['descricao'] = {
'stdout': stdout, 'stderr': stderr}
success_map['vlan'] = vlan_success
else:
return self.response_error(2, stdout + stderr)
# Make command to create Network
if IP_VERSION.IPv4[0] == network_version:
command = NETWORKIPV4_CREATE % (network_ip.id)
description_to_queue = queue_keys.VLAN_CREATE_NETWORK_IPV4
else:
command = NETWORKIPV6_CREATE % (network_ip.id)
description_to_queue = queue_keys.VLAN_CREATE_NETWORK_IPV6
# Execute command
code, stdout, stderr = exec_script(command)
if code == 0:
# After execute script, change the Network to activated
network_ip.activate(user)
network_success = dict()
network_success['codigo'] = '%04d' % code
network_success['descricao'] = {
'stdout': stdout, 'stderr': stderr}
success_map['network'] = network_success
else:
return self.response_error(2, stdout + stderr)
map = dict()
map['sucesso'] = success_map
vlan_obj = network_ip.vlan
# Send to Queue
queue_manager = QueueManager()
serializer = VlanSerializer(vlan_obj)
data_to_queue = serializer.data
data_to_queue.update({'description': description_to_queue})
queue_manager.append({'action': description_to_queue,'kind': queue_keys.VLAN_KEY,'data': data_to_queue})
queue_manager.send()
# Return XML
return self.response(dumps_networkapi(map))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def administrate_real(self,
user,
vip_id,
equip_id,
ip_id,
operation,
network_version,
port_vip=None,
port_real=None):
# Valid VIP ID
if not is_valid_int_greater_zero_param(vip_id):
self.log.error(u'The vip_id parameter is not a valid value: %s.',
vip_id)
raise InvalidValueError(None, 'vip_id', vip_id)
# Valid Equipament ID
if not is_valid_int_greater_zero_param(equip_id):
self.log.error(u'The equip_id parameter is not a valid value: %s.',
equip_id)
raise InvalidValueError(None, 'equip_id', equip_id)
# Valid IP ID
if not is_valid_int_greater_zero_param(ip_id):
self.log.error(u'The ip_id parameter is not a valid value: %s.',
ip_id)
raise InvalidValueError(None, 'ip_id', ip_id)
# Valid operation
if operation not in ['add', 'del', 'ena', 'dis', 'chk']:
self.log.error(
u'The operation parameter is not a valid value: %s.',
operation)
raise InvalidValueError(None, 'operation', operation)
# Valid network version
if network_version not in ['v4', 'v6']:
self.log.error(
u'The network_version parameter is not a valid value: %s.',
network_version)
raise InvalidValueError(None, 'network_version', network_version)
# User permission
if (operation == 'chk'):
if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT,
AdminPermission.READ_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
else:
if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT,
AdminPermission.WRITE_OPERATION, None, equip_id,
AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
# new_call = True - New calls for Add/Del/Enable/Disable/Check with new params (Port Vip and Port Real)
# new_call = False = Old calls for compatibility
new_call = False
if port_vip is not None and port_real is not None:
# Valid ports
if not is_valid_int_greater_zero_param(port_vip):
self.log.error(
u'The port_vip parameter is not a valid value: %s.',
port_vip)
raise InvalidValueError(None, 'port_vip', port_vip)
if not is_valid_int_greater_zero_param(port_real):
self.log.error(
u'The port_vip parameter is not a valid value: %s.',
port_real)
raise InvalidValueError(None, 'port_real', port_real)
new_call = True
# Find Request VIP by ID to check if it exist
vip = RequisicaoVips.get_by_pk(vip_id)
# Get variables
variables_map = vip.variables_to_map()
# Valid variables
# vip.set_variables(variables_map)
evip = EnvironmentVip.get_by_values(variables_map.get('finalidade'),
variables_map.get('cliente'),
variables_map.get('ambiente'))
# Valid network_version - IPv4
if network_version == IP_VERSION.IPv4[0]:
# Find IpEquipamento to check if it exist
IpEquip = IpEquipamento().get_by_ip_equipment(ip_id, equip_id)
real_name = IpEquip.equipamento.nome
end_ip = '%s.%s.%s.%s' % (IpEquip.ip.oct1, IpEquip.ip.oct2,
IpEquip.ip.oct3, IpEquip.ip.oct4)
# Valid Real
RequisicaoVips.valid_real_server(end_ip, IpEquip.equipamento, evip,
False)
# Valid network_version - IPv6
elif network_version == IP_VERSION.IPv6[0]:
# Find Ipv6Equipament to check if it exist
Ipv6Equip = Ipv6Equipament().get_by_ip_equipment(ip_id, equip_id)
real_name = Ipv6Equip.equipamento.nome
end_ip = '%s:%s:%s:%s:%s:%s:%s:%s' % (
Ipv6Equip.ip.block1, Ipv6Equip.ip.block2, Ipv6Equip.ip.block3,
Ipv6Equip.ip.block4, Ipv6Equip.ip.block5, Ipv6Equip.ip.block6,
Ipv6Equip.ip.block7, Ipv6Equip.ip.block8)
# Valid Real
RequisicaoVips.valid_real_server(end_ip, Ipv6Equip.equipamento,
evip, False)
if (operation == 'chk'):
if IP_VERSION.IPv4[0] == network_version:
if new_call:
command = VIP_REALS_v4_CHECK % (vip_id, ip_id, port_real,
port_vip)
else:
command = VIP_REAL_v4_CHECK % (vip_id, real_name, end_ip)
else:
if new_call:
command = VIP_REALS_v6_CHECK % (vip_id, ip_id, port_real,
port_vip)
else:
command = VIP_REAL_v6_CHECK % (vip_id, real_name, end_ip)
else:
with distributedlock(LOCK_VIP_IP_EQUIP %
(vip_id, ip_id, equip_id)):
if (operation == 'add'):
if IP_VERSION.IPv4[0] == network_version:
if new_call:
command = VIP_REALS_v4_CREATE % (
vip_id, ip_id, port_real, port_vip)
ServerPoolMember().save_specified_port(
vip_id, port_vip, IpEquip.ip,
IP_VERSION.IPv4[1], port_real, user)
else:
command = VIP_REAL_v4_CREATE % (vip_id, real_name,
end_ip)
ServerPoolMember().save_with_default_port(
vip_id, IpEquip.ip, IP_VERSION.IPv4[1], user)
else:
if new_call:
command = VIP_REALS_v6_CREATE % (
vip_id, ip_id, port_real, port_vip)
ServerPoolMember().save_specified_port(
vip_id, port_vip, Ipv6Equip.ip,
IP_VERSION.IPv6[1], port_real, user)
else:
command = VIP_REAL_v6_CREATE % (vip_id, real_name,
end_ip)
ServerPoolMember().save_with_default_port(
vip_id, Ipv6Equip.ip, IP_VERSION.IPv6[1], user)
elif (operation == 'del'):
if IP_VERSION.IPv4[0] == network_version:
if new_call:
command = VIP_REALS_v4_REMOVE % (
vip_id, ip_id, port_real, port_vip)
pool_members = ServerPoolMember.objects.filter(
ip=ip_id,
server_pool__vipporttopool__requisicao_vip__id=
vip_id,
server_pool__vipporttopool__port_vip=port_vip,
port_real=port_real)
[
pool_member.delete()
for pool_member in pool_members
]
else:
command = VIP_REAL_v4_REMOVE % (vip_id, real_name,
end_ip)
pool_members = ServerPoolMember.objects.filter(
ip=ip_id,
server_pool__vipporttopool__requisicao_vip__id=
vip_id)
[
pool_member.delete()
for pool_member in pool_members
]
else:
if new_call:
command = VIP_REALS_v6_REMOVE % (
vip_id, ip_id, port_real, port_vip)
pool_members = ServerPoolMember.objects.filter(
ipv6=ip_id,
server_pool__vipporttopool__requisicao_vip__id=
vip_id,
server_pool__vipporttopool__port_vip=port_vip,
port_real=port_real)
[
pool_member.delete()
for pool_member in pool_members
]
else:
command = VIP_REAL_v6_REMOVE % (vip_id, real_name,
end_ip)
pool_members = ServerPoolMember.objects.filter(
ipv6=ip_id,
server_pool__vipporttopool__requisicao_vip__id=
vip_id)
[
pool_member.delete()
for pool_member in pool_members
]
elif (operation == 'ena'):
if IP_VERSION.IPv4[0] == network_version:
if new_call:
command = VIP_REALS_v4_ENABLE % (
vip_id, ip_id, port_real, port_vip)
else:
command = VIP_REAL_v4_ENABLE % (vip_id, real_name,
end_ip)
else:
if new_call:
command = VIP_REALS_v6_ENABLE % (
vip_id, ip_id, port_real, port_vip)
else:
command = VIP_REAL_v6_ENABLE % (vip_id, real_name,
end_ip)
elif (operation == 'dis'):
if IP_VERSION.IPv4[0] == network_version:
if new_call:
command = VIP_REALS_v4_DISABLE % (
vip_id, ip_id, port_real, port_vip)
else:
command = VIP_REAL_v4_DISABLE % (vip_id, real_name,
end_ip)
else:
if new_call:
command = VIP_REALS_v6_DISABLE % (
vip_id, ip_id, port_real, port_vip)
else:
command = VIP_REAL_v6_DISABLE % (vip_id, real_name,
end_ip)
self.log.info(command)
# Execute script
code, stdout, stderr = exec_script(command)
self.log.info(stdout)
map = dict()
success_map = dict()
# Return XML
if code == 0:
success_map['codigo'] = '%04d' % code
success_map['descricao'] = {'stdout': stdout, 'stderr': stderr}
map['sucesso'] = success_map
return self.response(dumps_networkapi(map))
elif code == 12:
success_map['codigo'] = '0'
success_map['descricao'] = {'stdout': '0', 'stderr': ''}
map['sucesso'] = success_map
self.rollback_changes(operation, new_call, network_version, vip_id,
ip_id, port_real, port_vip, real_name,
end_ip, user)
return self.response(dumps_networkapi(map))
else:
self.rollback_changes(operation, new_call, network_version, vip_id,
ip_id, port_real, port_vip, real_name,
end_ip, user)
return self.response_error(2, stdout + stderr)
