def create(context, name, module_type, contents, description, tenant_id, datastore, datastore_version, auto_apply, visible, live_update, priority_apply, apply_order, full_access): if (module_type.lower() not in Modules.VALID_MODULE_TYPES and Modules.ANY_MODULE not in Modules.VALID_MODULE_TYPES): LOG.error(_("Valid module types: %s") % Modules.VALID_MODULE_TYPES) raise exception.ModuleTypeNotFound(module_type=module_type) Module.validate_action( context, 'create', tenant_id, auto_apply, visible, priority_apply, full_access) datastore_id, datastore_version_id = ( datastore_models.get_datastore_or_version( datastore, datastore_version)) if Module.key_exists( name, module_type, tenant_id, datastore_id, datastore_version_id): datastore_str = datastore_id or Modules.MATCH_ALL_NAME ds_version_str = datastore_version_id or Modules.MATCH_ALL_NAME raise exception.ModuleAlreadyExists( name=name, datastore=datastore_str, ds_version=ds_version_str) md5, processed_contents = Module.process_contents(contents) is_admin = context.is_admin if full_access: is_admin = 0 module = DBModule.create( name=name, type=module_type.lower(), contents=processed_contents, description=description, tenant_id=tenant_id, datastore_id=datastore_id, datastore_version_id=datastore_version_id, auto_apply=auto_apply, visible=visible, live_update=live_update, priority_apply=priority_apply, apply_order=apply_order, is_admin=is_admin, md5=md5) return module
def create(context, name, module_type, contents, description, tenant_id, datastore, datastore_version, auto_apply, visible, live_update, priority_apply, apply_order, full_access): if module_type.lower() not in Modules.VALID_MODULE_TYPES: LOG.error(_("Valid module types: %s"), Modules.VALID_MODULE_TYPES) raise exception.ModuleTypeNotFound(module_type=module_type) Module.validate_action( context, 'create', tenant_id, auto_apply, visible, priority_apply, full_access) datastore_id, datastore_version_id = ( datastore_models.get_datastore_or_version( datastore, datastore_version)) if Module.key_exists( name, module_type, tenant_id, datastore_id, datastore_version_id): datastore_str = datastore_id or Modules.MATCH_ALL_NAME ds_version_str = datastore_version_id or Modules.MATCH_ALL_NAME raise exception.ModuleAlreadyExists( name=name, datastore=datastore_str, ds_version=ds_version_str) md5, processed_contents = Module.process_contents(contents) is_admin = context.is_admin if full_access: is_admin = 0 module = DBModule.create( name=name, type=module_type.lower(), contents=processed_contents, description=description, tenant_id=tenant_id, datastore_id=datastore_id, datastore_version_id=datastore_version_id, auto_apply=auto_apply, visible=visible, live_update=live_update, priority_apply=priority_apply, apply_order=apply_order, is_admin=is_admin, md5=md5) return module
def test_get_datastore_or_version(self): # datastore, datastore_version, valid, exception data = [ [None, None, True], ['ds', None, True], ['ds', 'ds_ver', True], [None, 'ds_ver', False, exception.DatastoreNoVersion], ] for datum in data: ds_id = datum[0] ds_ver_id = datum[1] valid = datum[2] expected_exception = None if not valid: expected_exception = datum[3] ds = Mock() ds.id = ds_id ds.name = ds_id ds_ver = Mock() ds_ver.id = ds_ver_id ds_ver.name = ds_ver_id ds_ver.datastore_id = ds_id with patch.object(datastore_models.Datastore, 'load', return_value=ds): with patch.object(datastore_models.DatastoreVersion, 'load', return_value=ds_ver): if valid: (get_ds_id, get_ds_ver_id) = ( datastore_models.get_datastore_or_version( ds_id, ds_ver_id)) self.assertEqual(ds_id, get_ds_id) self.assertEqual(ds_ver_id, get_ds_ver_id) else: self.assertRaises( expected_exception, datastore_models.get_datastore_or_version, ds_id, ds_ver_id)
def update(context, module, original_module, full_access): Module.enforce_live_update( original_module.id, original_module.live_update, original_module.md5) # we don't allow any changes to 'is_admin' modules by non-admin if original_module.is_admin and not context.is_admin: raise exception.ModuleAccessForbidden( action='update', options='(Module is an admin module)') # we don't allow any changes to admin-only attributes by non-admin admin_options = Module.validate_action( context, 'update', module.tenant_id, module.auto_apply, module.visible, module.priority_apply, full_access) # make sure we set the is_admin flag, but only if it was # originally is_admin or we changed an admin option module.is_admin = original_module.is_admin or ( 1 if admin_options else 0) # but we turn it on/off if full_access is specified if full_access is not None: module.is_admin = 0 if full_access else 1 ds_id, ds_ver_id = datastore_models.get_datastore_or_version( module.datastore_id, module.datastore_version_id) if module.contents != original_module.contents: md5, processed_contents = Module.process_contents(module.contents) module.md5 = md5 module.contents = processed_contents elif hasattr(original_module, 'encrypted_contents'): # on load the contents may have been decrypted, so # we need to put the encrypted contents back before we update module.contents = original_module.encrypted_contents if module.datastore_id: module.datastore_id = ds_id if module.datastore_version_id: module.datastore_version_id = ds_ver_id module.updated = timeutils.utcnow() DBModule.save(module)
def update(context, module, original_module, full_access): Module.enforce_live_update( original_module.id, original_module.live_update, original_module.md5) # we don't allow any changes to 'is_admin' modules by non-admin if original_module.is_admin and not context.is_admin: raise exception.ModuleAccessForbidden( action='update', options='(Module is an admin module)') # we don't allow any changes to admin-only attributes by non-admin admin_options = Module.validate_action( context, 'update', module.tenant_id, module.auto_apply, module.visible, module.priority_apply, full_access) # make sure we set the is_admin flag, but only if it was # originally is_admin or we changed an admin option module.is_admin = original_module.is_admin or ( 1 if admin_options else 0) # but we turn it on/off if full_access is specified if full_access is not None: module.is_admin = 0 if full_access else 1 ds_id, ds_ver_id = datastore_models.get_datastore_or_version( module.datastore_id, module.datastore_version_id) if module.contents != original_module.contents: md5, processed_contents = Module.process_contents(module.contents) module.md5 = md5 module.contents = processed_contents elif hasattr(original_module, 'encrypted_contents'): # on load the contents may have been decrypted, so # we need to put the encrypted contents back before we update module.contents = original_module.encrypted_contents if module.datastore_id: module.datastore_id = ds_id if module.datastore_version_id: module.datastore_version_id = ds_ver_id module.updated = datetime.utcnow() DBModule.save(module)