def create_vlan(self, user, vlan_id):
if not has_perm(user, AdminPermission.VLAN_MANAGEMENT, AdminPermission.WRITE_OPERATION):
return self.not_authorized()
vlan = Vlan().get_by_pk(vlan_id)
# Check permission group equipments
equips_from_ipv4 = Equipamento.objects.filter(
ipequipamento__ip__networkipv4__vlan=vlan_id, equipamentoambiente__is_router=1)
equips_from_ipv6 = Equipamento.objects.filter(
ipv6equipament__ip__networkipv6__vlan=vlan_id, equipamentoambiente__is_router=1)
for equip in equips_from_ipv4:
# User permission
if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip.id, AdminPermission.EQUIP_WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
for equip in equips_from_ipv6:
# User permission
if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip.id, AdminPermission.EQUIP_WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
if vlan.ativada:
return self.response_error(122)
command = settings.VLAN_CREATE % (vlan.id)
code, stdout, stderr = exec_script(command)
if code == 0:
vlan.activate(user)
success_map = dict()
success_map['codigo'] = '%04d' % code
success_map['descricao'] = {'stdout': stdout, 'stderr': stderr}
map = dict()
map['sucesso'] = success_map
# Send to Queue
queue_manager = QueueManager()
serializer = VlanSerializer(vlan)
data_to_queue = serializer.data
data_to_queue.update({'description': queue_keys.VLAN_CREATE})
queue_manager.append({'action': queue_keys.VLAN_CREATE,'kind': queue_keys.VLAN_KEY,'data': data_to_queue})
queue_manager.send()
return self.response(dumps_networkapi(map))
else:
return self.response_error(2, stdout + stderr)
def deploy_sync_copy_script_to_equipment(request, equipment_id):
"""
Deploy configuration on equipment(s)
Default source: TFTP SERVER
Default destination: apply config (running-config)
Default protocol: tftp
Receives script
"""
try:
script = request.DATA["script_data"]
request_identifier = request.DATA["identifier"]
script_file = facade.create_file_from_script(script,
USER_SCRIPTS_REL_PATH)
equipment_id = int(equipment_id)
lockvar = LOCK_EQUIPMENT_DEPLOY_CONFIG_USERSCRIPT % (equipment_id)
data = dict()
if request_identifier is not None:
queue_manager = QueueManager()
data = {'timestamp': int(time.time())}
queue_manager.append({
'action': queue_keys.BEGIN_DEPLOY_SYNC_SCRIPT,
'identifier': request_identifier,
'data': data
})
queue_manager.send()
data["output"] = facade.deploy_config_in_equipment_synchronous(
script_file, equipment_id, lockvar)
data["status"] = "OK"
if request_identifier is not None:
queue_manager = QueueManager()
data = {'timestamp': int(time.time()), 'status': 'OK'}
queue_manager.append({
'action': queue_keys.END_DEPLOY_SYNC_SCRIPT,
'identifier': request_identifier,
'data': data
})
queue_manager.send()
return Response(data)
except KeyError, key:
log.error(key)
raise exceptions.InvalidKeyException(key)
def handle_post(self, request, user, *args, **kwargs):
'''Treat POST requests to Create ACL
URL: vlan/create/acl/
'''
self.log.info('Create ACL Vlan')
try:
is_suggest_acl_name = False
# User permission
if not has_perm(user, AdminPermission.VLAN_MANAGEMENT,
AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
# Load XML data
xml_map, _ = loads(request.raw_post_data,
["searchable_columns", "asorting_cols"])
# XML data format
networkapi_map = xml_map.get('networkapi')
self.validate_networkapi_map(networkapi_map)
vlan_map = networkapi_map.get('vlan')
self.validate_vlan_map(vlan_map)
id_vlan = vlan_map.get('id_vlan')
network_type = vlan_map.get('network_type')
self.validate_id_vlan(id_vlan)
self.validate_ip_version(network_type)
vlan = Vlan().get_by_pk(id_vlan)
environment = get_environment_map(vlan.ambiente)
if network_type == NETWORK_TYPES.v4:
if not vlan.acl_file_name:
is_suggest_acl_name = True
vlan.acl_file_name = self.__create_suggest_acl_name(vlan)
acl_name = vlan.acl_file_name
else:
if not vlan.acl_file_name_v6:
is_suggest_acl_name = True
vlan.acl_file_name_v6 = self.__create_suggest_acl_name(
vlan)
acl_name = vlan.acl_file_name_v6
self.validate_duplicate_acl(acl_name, environment, network_type,
user)
if is_suggest_acl_name:
vlan.save()
createAclCvs(acl_name, environment, network_type, user)
# Send to Queue
queue_manager = QueueManager()
serializer = VlanSerializer(vlan)
data_to_queue = serializer.data
data_to_queue.update({'description': queue_keys.VLAN_CREATE_ACL})
queue_manager.append({
'action': queue_keys.VLAN_CREATE_ACL,
'kind': queue_keys.VLAN_KEY,
'data': data_to_queue
})
queue_manager.send()
return self.response(
dumps_networkapi({'vlan': model_to_dict(vlan)}))
except InvalidValueError, e:
return self.response_error(self.CODE_MESSAGE_INVALID_PARAM,
e.param, e.value)
def handle_post(self, request, user, *args, **kwargs):
'''Treat POST requests to Create ACL
URL: vlan/create/acl/
'''
self.log.info('Create ACL Vlan')
try:
is_suggest_acl_name = False
# User permission
if not has_perm(user, AdminPermission.VLAN_MANAGEMENT, AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
# Load XML data
xml_map, _ = loads(
request.raw_post_data, ["searchable_columns", "asorting_cols"])
# XML data format
networkapi_map = xml_map.get('networkapi')
self.validate_networkapi_map(networkapi_map)
vlan_map = networkapi_map.get('vlan')
self.validate_vlan_map(vlan_map)
id_vlan = vlan_map.get('id_vlan')
network_type = vlan_map.get('network_type')
self.validate_id_vlan(id_vlan)
self.validate_ip_version(network_type)
vlan = Vlan().get_by_pk(id_vlan)
environment = get_environment_map(vlan.ambiente)
if network_type == NETWORK_TYPES.v4:
if not vlan.acl_file_name:
is_suggest_acl_name = True
vlan.acl_file_name = self.__create_suggest_acl_name(vlan)
acl_name = vlan.acl_file_name
else:
if not vlan.acl_file_name_v6:
is_suggest_acl_name = True
vlan.acl_file_name_v6 = self.__create_suggest_acl_name(
vlan)
acl_name = vlan.acl_file_name_v6
self.validate_duplicate_acl(
acl_name, environment, network_type, user)
if is_suggest_acl_name:
vlan.save()
createAclCvs(acl_name, environment, network_type, user)
# Send to Queue
queue_manager = QueueManager()
serializer = VlanSerializer(vlan)
data_to_queue = serializer.data
data_to_queue.update({'description': queue_keys.VLAN_CREATE_ACL})
queue_manager.append({'action': queue_keys.VLAN_CREATE_ACL,'kind': queue_keys.VLAN_KEY,'data': data_to_queue})
queue_manager.send()
return self.response(dumps_networkapi({'vlan': model_to_dict(vlan)}))
except InvalidValueError, e:
return self.response_error(self.CODE_MESSAGE_INVALID_PARAM, e.param, e.value)
def handle_post(self, request, user, *args, **kwargs):
'''Treat POST requests to run script creation for vlan and networks
URL: vlan/v4/create/ or vlan/v6/create/
'''
try:
# Generic method for v4 and v6
network_version = kwargs.get('network_version')
# Commons Validations
# User permission
if not has_perm(user, AdminPermission.VLAN_MANAGEMENT, AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
# Business Validations
# Load XML data
xml_map, attrs_map = loads(request.raw_post_data)
# XML data format
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
msg = u'There is no value to the networkapi tag of XML request.'
self.log.error(msg)
return self.response_error(3, msg)
vlan_map = networkapi_map.get('vlan')
if vlan_map is None:
msg = u'There is no value to the vlan tag of XML request.'
self.log.error(msg)
return self.response_error(3, msg)
# Get XML data
network_ip_id = vlan_map.get('id_network_ip')
# Valid network_ip ID
if not is_valid_int_greater_zero_param(network_ip_id):
self.log.error(
u'Parameter id_network_ip is invalid. Value: %s.', network_ip_id)
raise InvalidValueError(None, 'id_network_ip', network_ip_id)
# Network must exists in database
if IP_VERSION.IPv4[0] == network_version:
network_ip = NetworkIPv4().get_by_pk(network_ip_id)
else:
network_ip = NetworkIPv6().get_by_pk(network_ip_id)
# Vlan must be active if Network is
if network_ip.active:
return self.response_error(299)
# Check permission group equipments
equips_from_ipv4 = Equipamento.objects.filter(
ipequipamento__ip__networkipv4__vlan=network_ip.vlan.id, equipamentoambiente__is_router=1)
equips_from_ipv6 = Equipamento.objects.filter(
ipv6equipament__ip__networkipv6__vlan=network_ip.vlan.id, equipamentoambiente__is_router=1)
for equip in equips_from_ipv4:
# User permission
if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip.id, AdminPermission.EQUIP_WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
for equip in equips_from_ipv6:
# User permission
if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip.id, AdminPermission.EQUIP_WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
# Business Rules
success_map = dict()
# If Vlan is not active, need to be created before network
if not network_ip.vlan.ativada:
# Make command
vlan_command = VLAN_CREATE % (network_ip.vlan.id)
# Execute command
code, stdout, stderr = exec_script(vlan_command)
if code == 0:
# After execute script, change to activated
network_ip.vlan.activate(user)
vlan_success = dict()
vlan_success['codigo'] = '%04d' % code
vlan_success['descricao'] = {
'stdout': stdout, 'stderr': stderr}
success_map['vlan'] = vlan_success
else:
return self.response_error(2, stdout + stderr)
# Make command to create Network
if IP_VERSION.IPv4[0] == network_version:
command = NETWORKIPV4_CREATE % (network_ip.id)
description_to_queue = queue_keys.VLAN_CREATE_NETWORK_IPV4
else:
command = NETWORKIPV6_CREATE % (network_ip.id)
description_to_queue = queue_keys.VLAN_CREATE_NETWORK_IPV6
# Execute command
code, stdout, stderr = exec_script(command)
if code == 0:
# After execute script, change the Network to activated
network_ip.activate(user)
network_success = dict()
network_success['codigo'] = '%04d' % code
network_success['descricao'] = {
'stdout': stdout, 'stderr': stderr}
success_map['network'] = network_success
else:
return self.response_error(2, stdout + stderr)
map = dict()
map['sucesso'] = success_map
vlan_obj = network_ip.vlan
# Send to Queue
queue_manager = QueueManager()
serializer = VlanSerializer(vlan_obj)
data_to_queue = serializer.data
data_to_queue.update({'description': description_to_queue})
queue_manager.append({'action': description_to_queue,'kind': queue_keys.VLAN_KEY,'data': data_to_queue})
queue_manager.send()
# Return XML
return self.response(dumps_networkapi(map))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def handle_post(self, request, user, *args, **kwargs):
'''Treat POST requests to Create Script ACL
URL: vlan/create/script/acl/
'''
self.log.info('Create Script ACL Vlan')
try:
# User permission
if not has_perm(user, AdminPermission.VLAN_MANAGEMENT, AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
# Load XML data
xml_map, _ = loads(
request.raw_post_data, ["searchable_columns", "asorting_cols"])
# XML data format
networkapi_map = xml_map.get('networkapi')
self.validate_networkapi_map(networkapi_map)
vlan_map = networkapi_map.get('vlan')
self.validate_vlan_map(vlan_map)
id_vlan = vlan_map.get('id_vlan')
network_type = vlan_map.get('network_type')
self.validate_id_vlan(id_vlan)
self.validate_ip_version(network_type)
vlan = Vlan().get_by_pk(id_vlan)
network_ipv4 = NetworkIPv4.objects.filter(vlan=vlan).order_by('id')
network_ipv6 = NetworkIPv6.objects.filter(vlan=vlan).order_by('id')
vlan_formated = get_vlan_map(vlan, network_ipv4, network_ipv6)
environment = get_environment_map(vlan.ambiente)
if network_type == NETWORK_TYPES.v4:
template_name = environment['ipv4_template']
acl_name = vlan.acl_file_name
else:
template_name = environment['ipv6_template']
acl_name = vlan.acl_file_name_v6
self.validate_required_acl(acl_name)
scriptAclCvs(
acl_name, vlan_formated, environment, network_type, user, template_name)
# Send to Queue
queue_manager = QueueManager()
serializer = VlanSerializer(vlan)
data_to_queue = serializer.data
data_to_queue.update({'description': queue_keys.VLAN_CREATE_SCRIPT_ACL})
queue_manager.append({'action': queue_keys.VLAN_CREATE_SCRIPT_ACL,'kind': queue_keys.VLAN_KEY,'data': data_to_queue})
queue_manager.send()
return self.response(dumps_networkapi({'vlan': vlan_formated}))
except InvalidValueError, e:
return self.response_error(self.CODE_MESSAGE_INVALID_PARAM, e.param, e.value)
def handle_post(self, request, user, *args, **kwargs):
'''Treat POST requests to Create Script ACL
URL: vlan/create/script/acl/
'''
self.log.info('Create Script ACL Vlan')
try:
# User permission
if not has_perm(user, AdminPermission.VLAN_MANAGEMENT,
AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
# Load XML data
xml_map, _ = loads(request.raw_post_data,
["searchable_columns", "asorting_cols"])
# XML data format
networkapi_map = xml_map.get('networkapi')
self.validate_networkapi_map(networkapi_map)
vlan_map = networkapi_map.get('vlan')
self.validate_vlan_map(vlan_map)
id_vlan = vlan_map.get('id_vlan')
network_type = vlan_map.get('network_type')
self.validate_id_vlan(id_vlan)
self.validate_ip_version(network_type)
vlan = Vlan().get_by_pk(id_vlan)
network_ipv4 = NetworkIPv4.objects.filter(vlan=vlan).order_by('id')
network_ipv6 = NetworkIPv6.objects.filter(vlan=vlan).order_by('id')
vlan_formated = get_vlan_map(vlan, network_ipv4, network_ipv6)
environment = get_environment_map(vlan.ambiente)
if network_type == NETWORK_TYPES.v4:
template_name = environment['ipv4_template']
acl_name = vlan.acl_file_name
else:
template_name = environment['ipv6_template']
acl_name = vlan.acl_file_name_v6
self.validate_required_acl(acl_name)
scriptAclCvs(acl_name, vlan_formated, environment, network_type,
user, template_name)
# Send to Queue
queue_manager = QueueManager()
serializer = VlanSerializer(vlan)
data_to_queue = serializer.data
data_to_queue.update(
{'description': queue_keys.VLAN_CREATE_SCRIPT_ACL})
queue_manager.append({
'action': queue_keys.VLAN_CREATE_SCRIPT_ACL,
'kind': queue_keys.VLAN_KEY,
'data': data_to_queue
})
queue_manager.send()
return self.response(dumps_networkapi({'vlan': vlan_formated}))
except InvalidValueError, e:
return self.response_error(self.CODE_MESSAGE_INVALID_PARAM,
e.param, e.value)
def handle_put(self, request, user, *args, **kwargs):
'''Treat PUT requests to activate a vlan
Set column ativada = 1
URL: vlan/create/
'''
try:
# User permission
if not has_perm(user, AdminPermission.VLAN_MANAGEMENT, AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
# Load XML data
xml_map, attrs_map = loads(request.raw_post_data)
# XML data format
networkapi_map = xml_map.get('networkapi')
vlan_map = networkapi_map.get('vlan')
id_vlan = vlan_map.get('vlan_id')
vlan = Vlan()
vlan = vlan.get_by_pk(id_vlan)
# Check permission group equipments
equips_from_ipv4 = Equipamento.objects.filter(
ipequipamento__ip__networkipv4__vlan=id_vlan, equipamentoambiente__is_router=1)
equips_from_ipv6 = Equipamento.objects.filter(
ipv6equipament__ip__networkipv6__vlan=id_vlan, equipamentoambiente__is_router=1)
for equip in equips_from_ipv4:
# User permission
if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip.id, AdminPermission.EQUIP_WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
for equip in equips_from_ipv6:
# User permission
if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip.id, AdminPermission.EQUIP_WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
if vlan.ativada:
return self.response_error(122)
# Make command
vlan_command = settings.VLAN_CREATE % int(id_vlan)
# Execute command
code, stdout, stderr = exec_script(vlan_command)
# if command was successfully executed
if code == 0:
# After execute script, change to activated
vlan.activate(user)
else:
return self.response_error(2, stdout + stderr)
# Send to Queue
queue_manager = QueueManager()
serializer = VlanSerializer(vlan)
data_to_queue = serializer.data
data_to_queue.update({'description': queue_keys.VLAN_ACTIVATE})
queue_manager.append({'action': queue_keys.VLAN_ACTIVATE,'kind': queue_keys.VLAN_KEY,'data': data_to_queue})
queue_manager.send()
return self.response(dumps_networkapi({}))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
map = dict()
map['sucesso'] = success_map
#Set as deactivate
vlan.remove(user)
# Send to Queue
queue_manager = QueueManager()
serializer = VlanSerializer(vlan)
data_to_queue = serializer.data
data_to_queue.update({'description': queue_keys.VLAN_REMOVE})
queue_manager.append({'action': queue_keys.VLAN_REMOVE,'kind': queue_keys.VLAN_KEY,'data': data_to_queue})
queue_manager.send()
return self.response(dumps_networkapi(map))
else:
return self.response_error(2, stdout + stderr)
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
except XMLError, x:
self.log.error(u'Error reading the XML request.')
return self.response_error(3, x)
except VlanNotFoundError, e:
return self.response_error(116)
except ScriptError, s:
return self.response_error(2, s)
except GrupoError: