def _get_tenant_id_for_create(self, context, resource): if context['is_admin'] and 'tenant_id' in resource: tenant_id = resource['tenant_id'] elif ('tenant_id' in resource and resource['tenant_id'] != get_tenant_id(context)): self._raise_contrail_exception( 'AdminRequired', reason='Cannot create resource for another tenant', resource='port') else: tenant_id = get_tenant_id(context) return tenant_id
def resource_list(self, context, filters=None, fields=None): from neutron_plugin_contrail.plugins.opencontrail.vnc_client.sg_res_handler import SecurityGroupHandler ret_list = [] # collect phase all_sgs = [] if filters and 'tenant_id' in filters: project_ids = self._validate_project_ids(context, filters['tenant_id']) for p_id in project_ids: project_sgs = SecurityGroupHandler( self._vnc_lib).resource_list_by_project(p_id) all_sgs.append(project_sgs) else: # no filters p_id = None if context and not context['is_admin']: p_id = self._project_id_neutron_to_vnc( get_tenant_id(context)) project_sgs = SecurityGroupHandler( self._vnc_lib).resource_list_by_project(p_id) all_sgs.append(project_sgs) # prune phase for project_sgs in all_sgs: for sg_obj in project_sgs: # TODO() implement same for name specified in filter sgr_info = self.security_group_rules_read(sg_obj, fields=fields, filters=filters) if sgr_info: ret_list.extend(sgr_info) return ret_list
def resource_list(self, context, filters, fields=None): from neutron_plugin_contrail.plugins.opencontrail.vnc_client.vn_res_handler import VNetworkGetHandler vn_get_handler = VNetworkGetHandler(self._vnc_lib) all_vn_objs = [] if filters and 'id' in filters: # required subnets are specified, # just read in corresponding net_ids net_ids = [] for subnet_id in filters['id']: subnet_key = self._subnet_vnc_read_mapping(id=subnet_id) net_id = subnet_key.split()[0] net_ids.append(net_id) all_vn_objs.extend(vn_get_handler.get_vn_obj_list( obj_uuids=net_ids, detail=True)) else: if not context['is_admin']: proj_id = get_tenant_id(context) else: proj_id = None vn_objs = vn_get_handler.get_vn_list_project(proj_id) all_vn_objs.extend(vn_objs) vn_objs = vn_get_handler.vn_list_shared() all_vn_objs.extend(vn_objs) return self._get_subnet_list_after_apply_filter_(all_vn_objs, filters, fields=fields)
def resource_delete(self, context, sgr_id): project_uuid = None if not context['is_admin']: project_uuid = self._project_id_neutron_to_vnc( get_tenant_id(context)) sg_obj, sg_rule = self._security_group_rule_find(sgr_id, project_uuid) if sg_obj and sg_rule: return self._security_group_rule_delete(sg_obj, sg_rule) self._raise_contrail_exception('SecurityGroupRuleNotFound', id=sgr_id, resource='security_group_rule')
def _validate_project_ids(context, project_ids=None): if context and not context['is_admin']: return [get_tenant_id(context)] ids = [] for project_id in project_ids: try: ids.append( ContrailResourceHandler._project_id_neutron_to_vnc( project_id)) except ValueError: pass return ids
def resource_get(self, context, sgr_id, fields=None): project_uuid = None if not context['is_admin']: project_uuid = self._project_id_neutron_to_vnc( get_tenant_id(context)) sg_obj, sg_rule = self._security_group_rule_find(sgr_id, project_uuid) if sg_obj and sg_rule: sgr_info = self._security_group_rule_vnc_to_neutron(sg_obj.uuid, sg_rule, sg_obj, fields=fields) if sgr_info: return sgr_info self._raise_contrail_exception('SecurityGroupRuleNotFound', id=sgr_id, resource='security_group_rule')
def resource_list(self, context, filters=None, fields=None): ret_list = [] contrail_extensions_enabled = self._kwargs.get( 'contrail_extensions_enabled', False) # collect phase project_id = context.get('tenant') self._ensure_default_security_group_exists(project_id) all_sgs = [] # all sgs in all projects if context and not context['is_admin']: project_sgs = self.resource_list_by_project( self._project_id_neutron_to_vnc(get_tenant_id(context)), filters=filters) all_sgs.append(project_sgs) else: # admin context if filters and 'tenant_id' in filters: project_ids = self._validate_project_ids( context, filters['tenant_id']) for p_id in project_ids: project_sgs = self.resource_list_by_project( p_id, filters=filters) all_sgs.append(project_sgs) else: # no tenant id filter all_sgs.append( self.resource_list_by_project(None, filters=filters)) # prune phase no_rule = SGHandler( self._vnc_lib).get_no_rule_security_group(create=False) for project_sgs in all_sgs: for sg_obj in project_sgs: if no_rule and sg_obj.uuid == no_rule.uuid: continue if not self._filters_is_present( filters, 'name', sg_obj.get_display_name() or sg_obj.name): continue if not self._filters_is_present( filters, 'description', sg_obj.get_id_perms().get_description()): continue sg_info = self._security_group_vnc_to_neutron( sg_obj, contrail_extensions_enabled, fields=fields) ret_list.append(sg_info) return ret_list
def resource_list(self, context, filters=None, fields=None): # Read in floating ips with either # - port(s) as anchor # - project(s) as anchor # - none as anchor (floating-ip collection) ret_list = [] proj_ids = None port_ids = None if filters: if 'tenant_id' in filters: proj_ids = self._validate_project_ids(context, filters['tenant_id']) elif 'port_id' in filters: port_ids = filters['port_id'] else: # no filters if not context['is_admin']: proj_ids = [ self._project_id_neutron_to_vnc(get_tenant_id(context)) ] if port_ids: fip_objs = self._resource_list(back_ref_id=port_ids) elif proj_ids: fip_objs = self._resource_list(back_ref_id=proj_ids) else: fip_objs = self._resource_list() for fip_obj in fip_objs: if 'floating_ip_address' in filters: if (fip_obj.get_floating_ip_address() not in filters['floating_ip_address']): continue ret_list.append( self._fip_obj_to_neutron_dict(fip_obj, fields=fields)) return ret_list
def resource_list(self, context, filters=None, fields=None): ret_list = [] # collect phase all_sis = [] # all sis in all projects if filters and 'tenant_id' in filters: project_ids = self._validate_project_ids(context, filters['tenant_id']) for p_id in project_ids: project_sis = self.resource_list_by_project(p_id) all_sis.append(project_sis) elif filters and 'name' in filters: p_id = self._project_id_neutron_to_vnc(get_tenant_id(context)) project_sis = self.resource_list_by_project(p_id) all_sis.append(project_sis) else: # no filters dom_projects = self._project_list_domain(None) for project in dom_projects: proj_id = project['uuid'] project_sis = self.resource_list_by_project(proj_id) all_sis.append(project_sis) # prune phase for project_sis in all_sis: for proj_si in project_sis: # TODO() implement same for name specified in filter proj_si_id = proj_si['uuid'] if not self._filters_is_present(filters, 'id', proj_si_id): continue si_info = self.resource_get(context, proj_si_id) if not self._filters_is_present(filters, 'name', si_info['name']): continue ret_list.append(si_info) return ret_list
def resource_list(self, context=None, filters=None, fields=None): contrail_extensions_enabled = self._kwargs.get( 'contrail_extensions_enabled', False) contrail_exts_enabled = contrail_extensions_enabled ret_dict = {} def _collect_without_prune(net_ids): for net_id in net_ids: try: net_obj = self._resource_get(id=net_id) net_info = self.vn_to_neutron_dict( net_obj, contrail_extensions_enabled=contrail_exts_enabled, fields=fields) ret_dict[net_id] = net_info except vnc_exc.NoIdError: pass # end _collect_without_prune # collect phase all_net_objs = [] # all n/ws in all projects if context and not context['is_admin']: if filters and 'id' in filters: _collect_without_prune(filters['id']) elif filters and 'name' in filters: net_objs = self._network_list_project(get_tenant_id(context)) all_net_objs.extend(net_objs) all_net_objs.extend(self._network_list_shared()) all_net_objs.extend(self._network_list_router_external()) elif (filters and 'shared' in filters and filters['shared'][0] and 'router:external' not in filters): all_net_objs.extend(self._network_list_shared()) elif (filters and 'router:external' in filters and 'shared' not in filters): all_net_objs.extend(self._network_list_router_external()) elif (filters and 'router:external' in filters and 'shared' in filters): all_net_objs.extend(self._network_list_shared_and_ext()) else: project_uuid = self._project_id_neutron_to_vnc( get_tenant_id(context)) if not filters: all_net_objs.extend(self._network_list_router_external()) all_net_objs.extend(self._network_list_shared()) all_net_objs.extend(self._network_list_project(project_uuid)) # admin role from here on elif filters and 'tenant_id' in filters: # project-id is present if 'id' in filters: # required networks are also specified, # just read and populate ret_dict # prune is skipped because all_net_objs is empty _collect_without_prune(filters['id']) else: # read all networks in project, and prune below proj_ids = self._validate_project_ids(context, filters['tenant_id']) for p_id in proj_ids: all_net_objs.extend(self._network_list_project(p_id)) if 'router:external' in filters: all_net_objs.extend(self._network_list_router_external()) elif filters and 'id' in filters: # required networks are specified, just read and populate ret_dict # prune is skipped because all_net_objs is empty _collect_without_prune(filters['id']) elif filters and 'name' in filters: net_objs = self._network_list_project(None) all_net_objs.extend(net_objs) elif filters and 'shared' in filters: if filters['shared'][0]: nets = self._network_list_shared() for net in nets: net_info = self.vn_to_neutron_dict( net, contrail_extensions_enabled=contrail_exts_enabled, fields=fields) ret_dict[net.uuid] = net_info elif filters and 'router:external' in filters: nets = self._network_list_router_external() if filters['router:external'][0]: for net in nets: net_info = self.vn_to_neutron_dict( net, contrail_extensions_enabled=contrail_exts_enabled, fields=fields) ret_dict[net.uuid] = net_info else: # read all networks in all projects all_net_objs.extend(self._resource_list(detail=True)) # prune phase for net_obj in all_net_objs: if net_obj.uuid in ret_dict: continue net_fq_name = str(net_obj.get_fq_name()) if not self._filters_is_present( filters, 'fq_name', net_fq_name): continue if not self._filters_is_present( filters, 'name', net_obj.get_display_name() or net_obj.name): continue if net_obj.is_shared is None: is_shared = False else: is_shared = net_obj.is_shared if not self._filters_is_present( filters, 'shared', is_shared): continue if net_obj.get_id_perms() is None: admin_state_up = False else: admin_state_up = net_obj.get_id_perms().enable if not self._filters_is_present(filters, 'admin_state_up', admin_state_up): continue try: net_info = self.vn_to_neutron_dict( net_obj, contrail_extensions_enabled=contrail_exts_enabled, fields=fields) except vnc_exc.NoIdError: continue ret_dict[net_obj.uuid] = net_info ret_list = [] for net in ret_dict.values(): ret_list.append(net) return ret_list
def resource_list(self, context=None, filters=None, fields=None): if (filters.get('device_owner') == 'network:dhcp' or 'network:dhcp' in filters.get('device_owner', [])): return [] if not context: context = {'is_admin': True} contrail_extensions_enabled = self._kwargs.get( 'contrail_extensions_enabled', False) if filters is None: filters = {} project_ids = [] tenant_ids = [] if not context['is_admin'] and 'tenant' in context: tenant_ids = [get_tenant_id(context)] project_ids = [ self._project_id_neutron_to_vnc(get_tenant_id(context)) ] elif 'tenant_id' in filters: tenant_ids = filters['tenant_id'] project_ids = self._validate_project_ids(context, filters['tenant_id']) # choose the most appropriate way of retrieving ports # before pruning by other filters if 'device_id' in filters: vmi_objs, vn_objs, iip_objs = self._get_vmi_resources( context, project_ids, device_ids=filters['device_id'], vn_ids=filters.get('network_id')) else: vmi_objs, vn_objs, iip_objs = self._get_vmi_resources( context, project_ids, ids=filters.get('id'), vn_ids=filters.get('network_id')) memo_req = self._get_vmi_memo_req_dict(vn_objs, iip_objs, None) ports = self._get_ports_dict( vmi_objs, memo_req, extensions_enabled=contrail_extensions_enabled) # prune phase ret_ports = [] for port in ports: if tenant_ids and port['tenant_id'] not in tenant_ids: continue # TODO(safchain) revisit these filters if necessary if not self._filters_is_present(filters, 'name', port['name']): continue if not self._filters_is_present(filters, 'device_owner', port['device_owner']): continue if 'fixed_ips' in filters and not self._port_fixed_ips_is_present( filters['fixed_ips'], port['fixed_ips']): continue if fields: port = self._filter_res_dict(port, fields) ret_ports.append(port) return ret_ports
def resource_update(self, context, fip_id, fip_q): fip_q['id'] = fip_id fip_obj = self._neutron_dict_to_fip_obj(fip_q, context['is_admin'], get_tenant_id(context)) self._resource_update(fip_obj) return self._fip_obj_to_neutron_dict(fip_obj)
def resource_list(self, context, filters, fields=None): extensions_enabled = self._kwargs.get('contrail_extensions_enabled', False) ret_list = [] if filters and 'shared' in filters: if filters['shared'][0]: # no support for shared routers return ret_list if not filters: if context['is_admin']: return self._get_router_list_for_project() else: proj_id = self._project_id_neutron_to_vnc( get_tenant_id(context)) return self._get_router_list_for_project(project_id=proj_id) all_rtrs = [] # all n/ws in all projects if 'id' in filters: return self._get_router_list_for_ids(filters['id'], extensions_enabled) if 'tenant_id' in filters: # read all routers in project, and prune below project_ids = self._validate_project_ids( context, project_ids=filters['tenant_id']) for p_id in project_ids: if 'router:external' in filters: all_rtrs.append(self._fip_pool_ref_routers(p_id)) else: project_rtrs = self._router_list_project(p_id) all_rtrs.append(project_rtrs) else: # read all routers in all projects project_rtrs = self._router_list_project() all_rtrs.append(project_rtrs) # prune phase for project_rtrs in all_rtrs: for proj_rtr in project_rtrs: proj_rtr_id = proj_rtr['uuid'] if not self._filters_is_present(filters, 'id', proj_rtr_id): continue proj_rtr_fq_name = str(proj_rtr['fq_name']) if not self._filters_is_present(filters, 'fq_name', proj_rtr_fq_name): continue try: rtr_obj = self._resource_get(id=proj_rtr['uuid']) if not self._filters_is_present( filters, 'name', rtr_obj.get_display_name() or rtr_obj.name): continue rtr_info = self._rtr_obj_to_neutron_dict( rtr_obj, contrail_extensions_enabled=extensions_enabled, fields=fields) ret_list.append(rtr_info) except vnc_exc.NoIdError: continue return ret_list