def _get_tenant_id_for_create(self, context, resource):
if context['is_admin'] and 'tenant_id' in resource:
tenant_id = resource['tenant_id']
elif ('tenant_id' in resource
and resource['tenant_id'] != get_tenant_id(context)):
self._raise_contrail_exception(
'AdminRequired',
reason='Cannot create resource for another tenant',
resource='port')
else:
tenant_id = get_tenant_id(context)
return tenant_id
def resource_list(self, context, filters=None, fields=None):
from neutron_plugin_contrail.plugins.opencontrail.vnc_client.sg_res_handler import SecurityGroupHandler
ret_list = []
# collect phase
all_sgs = []
if filters and 'tenant_id' in filters:
project_ids = self._validate_project_ids(context,
filters['tenant_id'])
for p_id in project_ids:
project_sgs = SecurityGroupHandler(
self._vnc_lib).resource_list_by_project(p_id)
all_sgs.append(project_sgs)
else: # no filters
p_id = None
if context and not context['is_admin']:
p_id = self._project_id_neutron_to_vnc(
get_tenant_id(context))
project_sgs = SecurityGroupHandler(
self._vnc_lib).resource_list_by_project(p_id)
all_sgs.append(project_sgs)
# prune phase
for project_sgs in all_sgs:
for sg_obj in project_sgs:
# TODO() implement same for name specified in filter
sgr_info = self.security_group_rules_read(sg_obj,
fields=fields,
filters=filters)
if sgr_info:
ret_list.extend(sgr_info)
return ret_list
def resource_list(self, context, filters, fields=None):
from neutron_plugin_contrail.plugins.opencontrail.vnc_client.vn_res_handler import VNetworkGetHandler
vn_get_handler = VNetworkGetHandler(self._vnc_lib)
all_vn_objs = []
if filters and 'id' in filters:
# required subnets are specified,
# just read in corresponding net_ids
net_ids = []
for subnet_id in filters['id']:
subnet_key = self._subnet_vnc_read_mapping(id=subnet_id)
net_id = subnet_key.split()[0]
net_ids.append(net_id)
all_vn_objs.extend(vn_get_handler.get_vn_obj_list(
obj_uuids=net_ids, detail=True))
else:
if not context['is_admin']:
proj_id = get_tenant_id(context)
else:
proj_id = None
vn_objs = vn_get_handler.get_vn_list_project(proj_id)
all_vn_objs.extend(vn_objs)
vn_objs = vn_get_handler.vn_list_shared()
all_vn_objs.extend(vn_objs)
return self._get_subnet_list_after_apply_filter_(all_vn_objs, filters,
fields=fields)
def resource_delete(self, context, sgr_id):
project_uuid = None
if not context['is_admin']:
project_uuid = self._project_id_neutron_to_vnc(
get_tenant_id(context))
sg_obj, sg_rule = self._security_group_rule_find(sgr_id, project_uuid)
if sg_obj and sg_rule:
return self._security_group_rule_delete(sg_obj, sg_rule)
self._raise_contrail_exception('SecurityGroupRuleNotFound', id=sgr_id,
resource='security_group_rule')
def _validate_project_ids(context, project_ids=None):
if context and not context['is_admin']:
return [get_tenant_id(context)]
ids = []
for project_id in project_ids:
try:
ids.append(
ContrailResourceHandler._project_id_neutron_to_vnc(
project_id))
except ValueError:
pass
return ids
def resource_get(self, context, sgr_id, fields=None):
project_uuid = None
if not context['is_admin']:
project_uuid = self._project_id_neutron_to_vnc(
get_tenant_id(context))
sg_obj, sg_rule = self._security_group_rule_find(sgr_id, project_uuid)
if sg_obj and sg_rule:
sgr_info = self._security_group_rule_vnc_to_neutron(sg_obj.uuid,
sg_rule, sg_obj,
fields=fields)
if sgr_info:
return sgr_info
self._raise_contrail_exception('SecurityGroupRuleNotFound', id=sgr_id,
resource='security_group_rule')
def resource_list(self, context, filters=None, fields=None):
ret_list = []
contrail_extensions_enabled = self._kwargs.get(
'contrail_extensions_enabled', False)
# collect phase
project_id = context.get('tenant')
self._ensure_default_security_group_exists(project_id)
all_sgs = [] # all sgs in all projects
if context and not context['is_admin']:
project_sgs = self.resource_list_by_project(
self._project_id_neutron_to_vnc(get_tenant_id(context)),
filters=filters)
all_sgs.append(project_sgs)
else: # admin context
if filters and 'tenant_id' in filters:
project_ids = self._validate_project_ids(
context, filters['tenant_id'])
for p_id in project_ids:
project_sgs = self.resource_list_by_project(
p_id, filters=filters)
all_sgs.append(project_sgs)
else: # no tenant id filter
all_sgs.append(
self.resource_list_by_project(None, filters=filters))
# prune phase
no_rule = SGHandler(
self._vnc_lib).get_no_rule_security_group(create=False)
for project_sgs in all_sgs:
for sg_obj in project_sgs:
if no_rule and sg_obj.uuid == no_rule.uuid:
continue
if not self._filters_is_present(
filters, 'name',
sg_obj.get_display_name() or sg_obj.name):
continue
if not self._filters_is_present(
filters, 'description',
sg_obj.get_id_perms().get_description()):
continue
sg_info = self._security_group_vnc_to_neutron(
sg_obj, contrail_extensions_enabled, fields=fields)
ret_list.append(sg_info)
return ret_list
def resource_list(self, context, filters=None, fields=None):
# Read in floating ips with either
# - port(s) as anchor
# - project(s) as anchor
# - none as anchor (floating-ip collection)
ret_list = []
proj_ids = None
port_ids = None
if filters:
if 'tenant_id' in filters:
proj_ids = self._validate_project_ids(context,
filters['tenant_id'])
elif 'port_id' in filters:
port_ids = filters['port_id']
else: # no filters
if not context['is_admin']:
proj_ids = [
self._project_id_neutron_to_vnc(get_tenant_id(context))
]
if port_ids:
fip_objs = self._resource_list(back_ref_id=port_ids)
elif proj_ids:
fip_objs = self._resource_list(back_ref_id=proj_ids)
else:
fip_objs = self._resource_list()
for fip_obj in fip_objs:
if 'floating_ip_address' in filters:
if (fip_obj.get_floating_ip_address()
not in filters['floating_ip_address']):
continue
ret_list.append(
self._fip_obj_to_neutron_dict(fip_obj, fields=fields))
return ret_list
def resource_list(self, context, filters=None, fields=None):
ret_list = []
# collect phase
all_sis = [] # all sis in all projects
if filters and 'tenant_id' in filters:
project_ids = self._validate_project_ids(context,
filters['tenant_id'])
for p_id in project_ids:
project_sis = self.resource_list_by_project(p_id)
all_sis.append(project_sis)
elif filters and 'name' in filters:
p_id = self._project_id_neutron_to_vnc(get_tenant_id(context))
project_sis = self.resource_list_by_project(p_id)
all_sis.append(project_sis)
else: # no filters
dom_projects = self._project_list_domain(None)
for project in dom_projects:
proj_id = project['uuid']
project_sis = self.resource_list_by_project(proj_id)
all_sis.append(project_sis)
# prune phase
for project_sis in all_sis:
for proj_si in project_sis:
# TODO() implement same for name specified in filter
proj_si_id = proj_si['uuid']
if not self._filters_is_present(filters, 'id', proj_si_id):
continue
si_info = self.resource_get(context, proj_si_id)
if not self._filters_is_present(filters, 'name',
si_info['name']):
continue
ret_list.append(si_info)
return ret_list
def resource_list(self, context=None, filters=None, fields=None):
contrail_extensions_enabled = self._kwargs.get(
'contrail_extensions_enabled', False)
contrail_exts_enabled = contrail_extensions_enabled
ret_dict = {}
def _collect_without_prune(net_ids):
for net_id in net_ids:
try:
net_obj = self._resource_get(id=net_id)
net_info = self.vn_to_neutron_dict(
net_obj,
contrail_extensions_enabled=contrail_exts_enabled,
fields=fields)
ret_dict[net_id] = net_info
except vnc_exc.NoIdError:
pass
# end _collect_without_prune
# collect phase
all_net_objs = [] # all n/ws in all projects
if context and not context['is_admin']:
if filters and 'id' in filters:
_collect_without_prune(filters['id'])
elif filters and 'name' in filters:
net_objs = self._network_list_project(get_tenant_id(context))
all_net_objs.extend(net_objs)
all_net_objs.extend(self._network_list_shared())
all_net_objs.extend(self._network_list_router_external())
elif (filters and 'shared' in filters and filters['shared'][0] and
'router:external' not in filters):
all_net_objs.extend(self._network_list_shared())
elif (filters and 'router:external' in filters and
'shared' not in filters):
all_net_objs.extend(self._network_list_router_external())
elif (filters and 'router:external' in filters and
'shared' in filters):
all_net_objs.extend(self._network_list_shared_and_ext())
else:
project_uuid = self._project_id_neutron_to_vnc(
get_tenant_id(context))
if not filters:
all_net_objs.extend(self._network_list_router_external())
all_net_objs.extend(self._network_list_shared())
all_net_objs.extend(self._network_list_project(project_uuid))
# admin role from here on
elif filters and 'tenant_id' in filters:
# project-id is present
if 'id' in filters:
# required networks are also specified,
# just read and populate ret_dict
# prune is skipped because all_net_objs is empty
_collect_without_prune(filters['id'])
else:
# read all networks in project, and prune below
proj_ids = self._validate_project_ids(context,
filters['tenant_id'])
for p_id in proj_ids:
all_net_objs.extend(self._network_list_project(p_id))
if 'router:external' in filters:
all_net_objs.extend(self._network_list_router_external())
elif filters and 'id' in filters:
# required networks are specified, just read and populate ret_dict
# prune is skipped because all_net_objs is empty
_collect_without_prune(filters['id'])
elif filters and 'name' in filters:
net_objs = self._network_list_project(None)
all_net_objs.extend(net_objs)
elif filters and 'shared' in filters:
if filters['shared'][0]:
nets = self._network_list_shared()
for net in nets:
net_info = self.vn_to_neutron_dict(
net, contrail_extensions_enabled=contrail_exts_enabled,
fields=fields)
ret_dict[net.uuid] = net_info
elif filters and 'router:external' in filters:
nets = self._network_list_router_external()
if filters['router:external'][0]:
for net in nets:
net_info = self.vn_to_neutron_dict(
net, contrail_extensions_enabled=contrail_exts_enabled,
fields=fields)
ret_dict[net.uuid] = net_info
else:
# read all networks in all projects
all_net_objs.extend(self._resource_list(detail=True))
# prune phase
for net_obj in all_net_objs:
if net_obj.uuid in ret_dict:
continue
net_fq_name = str(net_obj.get_fq_name())
if not self._filters_is_present(
filters, 'fq_name', net_fq_name):
continue
if not self._filters_is_present(
filters, 'name',
net_obj.get_display_name() or net_obj.name):
continue
if net_obj.is_shared is None:
is_shared = False
else:
is_shared = net_obj.is_shared
if not self._filters_is_present(
filters, 'shared', is_shared):
continue
if net_obj.get_id_perms() is None:
admin_state_up = False
else:
admin_state_up = net_obj.get_id_perms().enable
if not self._filters_is_present(filters, 'admin_state_up',
admin_state_up):
continue
try:
net_info = self.vn_to_neutron_dict(
net_obj, contrail_extensions_enabled=contrail_exts_enabled,
fields=fields)
except vnc_exc.NoIdError:
continue
ret_dict[net_obj.uuid] = net_info
ret_list = []
for net in ret_dict.values():
ret_list.append(net)
return ret_list
def resource_list(self, context=None, filters=None, fields=None):
if (filters.get('device_owner') == 'network:dhcp'
or 'network:dhcp' in filters.get('device_owner', [])):
return []
if not context:
context = {'is_admin': True}
contrail_extensions_enabled = self._kwargs.get(
'contrail_extensions_enabled', False)
if filters is None:
filters = {}
project_ids = []
tenant_ids = []
if not context['is_admin'] and 'tenant' in context:
tenant_ids = [get_tenant_id(context)]
project_ids = [
self._project_id_neutron_to_vnc(get_tenant_id(context))
]
elif 'tenant_id' in filters:
tenant_ids = filters['tenant_id']
project_ids = self._validate_project_ids(context,
filters['tenant_id'])
# choose the most appropriate way of retrieving ports
# before pruning by other filters
if 'device_id' in filters:
vmi_objs, vn_objs, iip_objs = self._get_vmi_resources(
context,
project_ids,
device_ids=filters['device_id'],
vn_ids=filters.get('network_id'))
else:
vmi_objs, vn_objs, iip_objs = self._get_vmi_resources(
context,
project_ids,
ids=filters.get('id'),
vn_ids=filters.get('network_id'))
memo_req = self._get_vmi_memo_req_dict(vn_objs, iip_objs, None)
ports = self._get_ports_dict(
vmi_objs, memo_req, extensions_enabled=contrail_extensions_enabled)
# prune phase
ret_ports = []
for port in ports:
if tenant_ids and port['tenant_id'] not in tenant_ids:
continue
# TODO(safchain) revisit these filters if necessary
if not self._filters_is_present(filters, 'name', port['name']):
continue
if not self._filters_is_present(filters, 'device_owner',
port['device_owner']):
continue
if 'fixed_ips' in filters and not self._port_fixed_ips_is_present(
filters['fixed_ips'], port['fixed_ips']):
continue
if fields:
port = self._filter_res_dict(port, fields)
ret_ports.append(port)
return ret_ports
def resource_update(self, context, fip_id, fip_q):
fip_q['id'] = fip_id
fip_obj = self._neutron_dict_to_fip_obj(fip_q, context['is_admin'],
get_tenant_id(context))
self._resource_update(fip_obj)
return self._fip_obj_to_neutron_dict(fip_obj)
def resource_list(self, context, filters, fields=None):
extensions_enabled = self._kwargs.get('contrail_extensions_enabled',
False)
ret_list = []
if filters and 'shared' in filters:
if filters['shared'][0]:
# no support for shared routers
return ret_list
if not filters:
if context['is_admin']:
return self._get_router_list_for_project()
else:
proj_id = self._project_id_neutron_to_vnc(
get_tenant_id(context))
return self._get_router_list_for_project(project_id=proj_id)
all_rtrs = [] # all n/ws in all projects
if 'id' in filters:
return self._get_router_list_for_ids(filters['id'],
extensions_enabled)
if 'tenant_id' in filters:
# read all routers in project, and prune below
project_ids = self._validate_project_ids(
context, project_ids=filters['tenant_id'])
for p_id in project_ids:
if 'router:external' in filters:
all_rtrs.append(self._fip_pool_ref_routers(p_id))
else:
project_rtrs = self._router_list_project(p_id)
all_rtrs.append(project_rtrs)
else:
# read all routers in all projects
project_rtrs = self._router_list_project()
all_rtrs.append(project_rtrs)
# prune phase
for project_rtrs in all_rtrs:
for proj_rtr in project_rtrs:
proj_rtr_id = proj_rtr['uuid']
if not self._filters_is_present(filters, 'id', proj_rtr_id):
continue
proj_rtr_fq_name = str(proj_rtr['fq_name'])
if not self._filters_is_present(filters, 'fq_name',
proj_rtr_fq_name):
continue
try:
rtr_obj = self._resource_get(id=proj_rtr['uuid'])
if not self._filters_is_present(
filters, 'name',
rtr_obj.get_display_name() or rtr_obj.name):
continue
rtr_info = self._rtr_obj_to_neutron_dict(
rtr_obj,
contrail_extensions_enabled=extensions_enabled,
fields=fields)
ret_list.append(rtr_info)
except vnc_exc.NoIdError:
continue
return ret_list