def sanitize_l7policy_api_args(l7policy, create=False):
"""Validate and make consistent L7Policy API arguments.
This method is mainly meant to sanitize L7 Policy create and update
API dictionaries, so that we strip 'None' values that don't apply for
our particular update. This method does *not* verify that any
redirect_pool_id exists in the database, but will raise an
error if a redirect_url doesn't look like a URL.
:param l7policy: The L7 Policy dictionary we are santizing / validating
"""
if 'action' in l7policy.keys():
if l7policy['action'] == constants.L7POLICY_ACTION_REJECT:
l7policy.update({'redirect_url': None})
l7policy.update({'redirect_pool_id': None})
l7policy.pop('redirect_pool', None)
elif l7policy['action'] == constants.L7POLICY_ACTION_REDIRECT_TO_URL:
if not l7policy.get('redirect_url'):
raise exceptions.InvalidL7PolicyArgs(
msg='redirect_url must not be None')
l7policy.update({'redirect_pool_id': None})
l7policy.pop('redirect_pool', None)
elif l7policy['action'] == constants.L7POLICY_ACTION_REDIRECT_TO_POOL:
if (not l7policy.get('redirect_pool_id')
and not l7policy.get('redirect_pool')):
raise exceptions.InvalidL7PolicyArgs(
msg='redirect_pool_id or redirect_pool must not be None')
l7policy.update({'redirect_url': None})
else:
raise exceptions.InvalidL7PolicyAction(action=l7policy['action'])
if ((l7policy.get('redirect_pool_id') or l7policy.get('redirect_pool'))
and l7policy.get('redirect_url')):
raise exceptions.InvalidL7PolicyArgs(
msg='Cannot specify redirect_pool_id and redirect_url '
'at the same time')
if l7policy.get('redirect_pool_id'):
l7policy.update({'action': constants.L7POLICY_ACTION_REDIRECT_TO_POOL})
l7policy.update({'redirect_url': None})
l7policy.pop('redirect_pool', None)
if l7policy.get('redirect_pool'):
l7policy.update({'action': constants.L7POLICY_ACTION_REDIRECT_TO_POOL})
l7policy.update({'redirect_url': None})
l7policy.pop('redirect_pool_id', None)
if l7policy.get('redirect_url'):
url(l7policy['redirect_url'])
l7policy.update({'action': constants.L7POLICY_ACTION_REDIRECT_TO_URL})
l7policy.update({'redirect_pool_id': None})
l7policy.pop('redirect_pool', None)
# If we are creating, we need an action at this point
if create and 'action' not in l7policy.keys():
raise exceptions.InvalidL7PolicyAction(action='None')
# See if we have anything left after that...
if len(l7policy.keys()) == 0:
raise exceptions.InvalidL7PolicyArgs(msg='Invalid update options')
return l7policy
def _validate_l7policy_data(self, session, l7policy):
"""Does validations on a given L7 policy."""
if l7policy.redirect_url and l7policy.redirect_pool_id:
raise exceptions.InvalidL7PolicyArgs(
msg='Cannot specify redirect_pool_id and redirect_url '
'at the same time')
if l7policy.action == constants.L7POLICY_ACTION_REJECT:
if l7policy.redirect_pool_id is not None:
raise exceptions.InvalidL7PolicyArg(action=l7policy.action,
arg='redirect_pool_id')
if l7policy.redirect_url is not None:
raise exceptions.InvalidL7PolicyArg(action=l7policy.action,
arg='redirect_url')
elif l7policy.action == constants.L7POLICY_ACTION_REDIRECT_TO_URL:
if l7policy.redirect_pool_id is not None:
raise exceptions.InvalidL7PolicyArg(action=l7policy.action,
arg='redirect_pool_id')
validate.url(l7policy.redirect_url)
elif l7policy.action == constants.L7POLICY_ACTION_REDIRECT_TO_POOL:
if l7policy.redirect_url is not None:
raise exceptions.InvalidL7PolicyArg(action=l7policy.action,
arg='redirect_url')
listener = (session.query(
models.Listener).filter_by(id=l7policy.listener_id).first())
self._pool_check(session, l7policy.redirect_pool_id,
listener.load_balancer_id, listener.project_id)
else:
raise exceptions.InvalidL7PolicyAction(action=l7policy.action)