def put_raw_by_user(self, user, image, format='json'):
#return request.environ.get('STORAGE_MIDDLEWARE_EXTRACTED_FILE')
image_q = meta.Session.query(Image)
image = image_q.filter(Image.name==image)\
.filter(Image.owner.has(User.user_name==user)).first()
if image:
inline_auth(OwnsImage(image), auth_403)
image_file = request.environ.get(
'STORAGE_MIDDLEWARE_EXTRACTED_FILE')
if image_file:
try:
file_name = user + '_' + image.name
final_path = path.join(app_globals.image_storage,
file_name)
shutil.move(image_file, final_path)
except Exception, e:
remove(image_file)
abort(500,
'500 Internal Error - Error uploading file %s' % e)
image.checksum.ctype = request.environ.get(
'STORAGE_MIDDLEWARE_EXTRACTED_FILE_HASH_TYPE')
image.checksum.cvalue = request.environ.get(
'STORAGE_MIDDLEWARE_EXTRACTED_FILE_HASH')
image.size = request.environ.get(
'STORAGE_MIDDLEWARE_EXTRACTED_FILE_LENGTH')
image.raw_uploaded = True
image.path = file_name
image.version += 1
image.modified = datetime.utcfromtimestamp(time())
meta.Session.commit()
def upload_raw_by_user(self, user, image, format='json'):
image_q = meta.Session.query(Image)
image = image_q.filter(Image.name==image)\
.filter(Image.owner.has(User.user_name==user)).first()
if image:
inline_auth(OwnsImage(image), auth_403)
try:
temp_file = request.params['file']
file_name = user + '_' + image.name
temp_storage = file_name + '.tmp'
final_path = path.join(app_globals.image_storage, file_name)
temp_path = path.join(app_globals.image_storage, temp_storage)
permanent_file = open(temp_path, 'w')
shutil.copyfileobj(temp_file.file, permanent_file)
permanent_file.close()
temp_file.file.close()
rename(temp_path, final_path)
except Exception, e:
remove(temp_path)
remove(final_path)
abort(500, '500 Internal Error - Error uploading file %s' %e)
image.raw_uploaded = True
image.path = file_name
image.version += 1
image.modified = datetime.utcfromtimestamp(time())
meta.Session.commit()
def put_raw_by_user(self, user, image, format='json'):
#return request.environ.get('STORAGE_MIDDLEWARE_EXTRACTED_FILE')
image_q = meta.Session.query(Image)
image = image_q.filter(Image.name==image)\
.filter(Image.owner.has(User.user_name==user)).first()
if image:
inline_auth(OwnsImage(image), auth_403)
image_file = request.environ.get('STORAGE_MIDDLEWARE_EXTRACTED_FILE')
if image_file:
try:
file_name = user + '_' + image.name
final_path = path.join(app_globals.image_storage, file_name)
shutil.move(image_file, final_path)
except Exception, e:
remove(image_file)
abort(500, '500 Internal Error - Error uploading file %s' %e)
image.checksum.ctype = request.environ.get('STORAGE_MIDDLEWARE_EXTRACTED_FILE_HASH_TYPE')
image.checksum.cvalue = request.environ.get('STORAGE_MIDDLEWARE_EXTRACTED_FILE_HASH')
image.size = request.environ.get('STORAGE_MIDDLEWARE_EXTRACTED_FILE_LENGTH')
image.raw_uploaded = True
image.path = file_name
image.version += 1
image.modified = datetime.utcfromtimestamp(time())
meta.Session.commit()
def get_raw_by_user(self, user, image, format='json'):
image_q = meta.Session.query(Image)
image = image_q.filter(Image.name==image)\
.filter(Image.owner.has(User.user_name==user))\
.first()
if not image:
abort(404, '404 Not Found')
else:
if not image.raw_uploaded:
abort(404, '404 Not Found')
#pass through http requests and unauthenticated https requests
if not image.unauthenticated_access:
inline_auth(AnyOf(AllOf(OwnsImage(image), IsAthuenticated()),
AllOf(SharedWith(image), IsAthuenticated())),
auth_403)
file_path = path.join(app_globals.image_storage, image.path)
try:
content_length = path.getsize(file_path)
response.headers['X-content-length'] = str(content_length)
except:
abort(500, '500 Internal Error')
etag_cache(str(image.path) + '_' + str(image.version))
image_file = open(file_path, 'rb')
try:
return h.stream_img(image_file)
except:
abort(500, '500 Internal Error')
def upload_raw_by_user(self, user, image, format='json'):
image_q = meta.Session.query(Image)
image = image_q.filter(Image.name==image)\
.filter(Image.owner.has(User.user_name==user)).first()
if image:
inline_auth(OwnsImage(image), auth_403)
try:
temp_file = request.params['file']
file_name = user + '_' + image.name
temp_storage = file_name + '.tmp'
final_path = path.join(app_globals.image_storage, file_name)
temp_path = path.join(app_globals.image_storage, temp_storage)
permanent_file = open(temp_path, 'w')
shutil.copyfileobj(temp_file.file, permanent_file)
permanent_file.close()
temp_file.file.close()
rename(temp_path, final_path)
except Exception, e:
remove(temp_path)
remove(final_path)
abort(500, '500 Internal Error - Error uploading file %s' % e)
image.raw_uploaded = True
image.path = file_name
image.version += 1
image.modified = datetime.utcfromtimestamp(time())
meta.Session.commit()
def get_raw_by_user(self, user, image, hypervisor=None, format='json'):
image_q = meta.Session.query(Image)
image = image_q.filter(Image.name==image)\
.filter(Image.owner.has(User.user_name==user))\
.first()
if not image:
abort(404, '404 Not Found')
else:
if not image.raw_uploaded:
abort(404, '404 Not Found')
#pass through http requests and unauthenticated https requests
if not image.unauthenticated_access:
inline_auth(AnyOf(AllOf(OwnsImage(image), IsAthuenticated()),
AllOf(SharedWith(image), IsAthuenticated())),
auth_403)
# If no hypervisor is given, and the image has the hypervisor
# metadata variable set to something, then lets set the
# hypervisor to the metadata variable.
if (hypervisor == None) and (image.hypervisor != None):
hypervisor = image.hypervisor.split(',')[0]
# If hypervisor is still None, then let's default to 'xen'.
# This is mostly to support images that do not have the hypervisor variable
# set. (pre multi-hypervisor support)
if hypervisor == None:
hypervisor = 'xen'
file_path = path.join(app_globals.image_storage, '%s_%s_%s' % (user, image.name, hypervisor))
# Check if file actually exists
if not path.exists(file_path):
abort(404, '404 Not Found')
try:
content_length = path.getsize(file_path)
response.headers['X-content-length'] = str(content_length)
except Exception, e:
abort(500, '500 Internal Error')
# Set the filename
#response.headers['Content-Disposition'] = str('attachment; filename="%s"' % (image.name))
etag_cache(str(('%s_%s_%s' % (user, image.name, hypervisor)) + '_' + str(image.version)))
image_file = open(file_path, 'rb')
try:
return h.stream_img(image_file)
except Exception, e:
abort(500, '500 Internal Error')
def show_meta_by_user(self, user, image, format="json"):
image_q = meta.Session.query(Image)
image = image_q.filter(Image.name == image).filter(Image.owner.has(User.user_name == user)).first()
if image:
inline_auth(AnyOf(OwnsImage(image), SharedWith(image)), auth_403)
if format == "json":
response.headers["content-type"] = app_globals.json_content_type
return h.render_json(beautify.image(image))
else:
abort(501, "501 Not Implemented")
else:
abort(404, "404 Not Found")
def modify_meta_by_user(self, user, image, format="json"):
params = validate_modify_image(request.params)
image_q = meta.Session.query(Image)
image = image_q.filter(Image.name == image).filter(Image.owner.has(User.user_name == user)).first()
if image:
inline_auth(AnyOf(OwnsImage(image), HasPermission("image_modify")), auth_403)
for k, v in params.iteritems():
if v:
setattr(image, k, v)
image.modified = datetime.utcfromtimestamp(time())
meta.Session.commit()
else:
abort(404, "404 Not Found")
def delete_by_user(self, user, image, format="json"):
image_q = meta.Session.query(Image)
image = image_q.filter(Image.name == image).filter(Image.owner.has(User.user_name == user)).first()
if image:
inline_auth(AnyOf(OwnsImage(image), HasPermission("image_delete")), auth_403)
if image.raw_uploaded:
try:
storage.delete_image(image)
except Exception, e:
abort(500, "Unable to remove image file from storage")
meta.Session.delete(image.checksum)
meta.Session.delete(image.shared)
meta.Session.delete(image)
meta.Session.commit()
def show_meta_by_user(self, user, image, format='json'):
image_q = meta.Session.query(Image)
image = image_q.filter(Image.name==image)\
.filter(Image.owner.has(User.user_name==user))\
.first()
if image:
inline_auth(AnyOf(OwnsImage(image), SharedWith(image)), auth_403)
if format == 'json':
response.headers[
'content-type'] = app_globals.json_content_type
return h.render_json(beautify.image(image))
else:
abort(501, '501 Not Implemented')
else:
abort(404, '404 Not Found')
def user_unshare_by_user(self, user, image, share_with, format='json'):
image = meta.Session.query(Image)\
.filter(Image.name==image)\
.filter(Image.owner.has(User.user_name==user))\
.first()
if image:
inline_auth(OwnsImage(image), auth_403)
user = meta.Session.query(User)\
.filter(User.user_name==share_with).first()
if not user:
abort(400, '400 Bad Request')
if user in image.shared.users:
image.shared.users.remove(user)
meta.Session.commit()
else:
abort(404, '404 Not Found')
def user_unshare_by_user(self, user, image, share_with, format='json'):
image = meta.Session.query(Image)\
.filter(Image.name==image)\
.filter(Image.owner.has(User.user_name==user))\
.first()
if image:
inline_auth(OwnsImage(image), auth_403)
user = meta.Session.query(User)\
.filter(User.user_name==share_with).first()
if not user:
abort(400, '400 Bad Request')
if user in image.shared.users:
image.shared.users.remove(user)
meta.Session.commit()
else:
abort(404, '404 Not Found')
def modify_user(self, user, format='json'):
inline_auth(AnyOf(AllOf(HasPermission('user_modify_self'), IsUser(user)),
HasPermission('user_modify')),
auth_403)
params = validate_modify_user(request.params)
user_q = meta.Session.query(User)
user = user_q.filter(User.user_name==user).first()
if user:
for k,v in params.iteritems():
if v:
setattr(user, k, v)
meta.Session.commit()
else:
abort(404, '404 Not Found')
def modify_user(self, user, format='json'):
inline_auth(HasPermission('user_modify'), auth_403)
params = validate_modify_user(request.params)
user_q = meta.Session.query(User)
user = user_q.filter(User.user_name==user).first()
if user:
for k,v in params.iteritems():
if v:
setattr(user, k, v)
if k == 'cert_dn':
user.certificate.client_dn = v
meta.Session.commit()
else:
abort(404, '404 Not Found')
def group_unshare_by_user(self, user, image, share_with, format='json'):
image = meta.Session.query(Image)\
.filter(Image.name==image)\
.filter(Image.owner.has(User.user_name==user))\
.first()
if image:
inline_auth(OwnsImage(image), auth_403)
group = meta.Session.query(Group)\
.filter(Group.name==share_with).first()
if not group:
abort(400, '400 Bad Request')
if group in image.shared.groups:
image.shared.groups.remove(group)
meta.Session.commit()
else:
abort(404, '404 Not Found')
def group_unshare_by_user(self, user, image, share_with, format='json'):
image = meta.Session.query(Image)\
.filter(Image.name==image)\
.filter(Image.owner.has(User.user_name==user))\
.first()
if image:
inline_auth(OwnsImage(image), auth_403)
group = meta.Session.query(Group)\
.filter(Group.name==share_with).first()
if not group:
abort(400, '400 Bad Request')
if group in image.shared.groups:
image.shared.groups.remove(group)
meta.Session.commit()
else:
abort(404, '404 Not Found')
def modify_user(self, user, format='json'):
inline_auth(HasPermission('user_modify'), auth_403)
params = validate_modify_user(request.params)
user_q = meta.Session.query(User)
user = user_q.filter(User.user_name == user).first()
if user:
for k, v in params.iteritems():
if v:
setattr(user, k, v)
if k == 'cert_dn':
user.certificate.client_dn = v
meta.Session.commit()
else:
abort(404, '404 Not Found')
def delete_by_user(self, user, image, format='json'):
image_q = meta.Session.query(Image)
image = image_q.filter(Image.name==image)\
.filter(Image.owner.has(User.user_name==user))\
.first()
if image:
inline_auth(AnyOf(OwnsImage(image), HasPermission('image_delete')),
auth_403)
if image.raw_uploaded:
try:
storage.delete_image(image)
except Exception, e:
abort(500, 'Unable to remove image file from storage')
meta.Session.delete(image.checksum)
meta.Session.delete(image.shared)
meta.Session.delete(image)
meta.Session.commit()
def modify_meta_by_user(self, user, image, format='json'):
params = validate_modify_image(request.params)
image_q = meta.Session.query(Image)
image = image_q.filter(Image.name==image)\
.filter(Image.owner.has(User.user_name==user))\
.first()
if image:
inline_auth(AnyOf(OwnsImage(image), HasPermission('image_modify')),
auth_403)
for k, v in params.iteritems():
if v:
setattr(image, k, v)
image.modified = datetime.utcfromtimestamp(time())
meta.Session.commit()
else:
abort(404, '404 Not Found')
def upload_raw_by_user(self, user, image, format='json'):
log.debug('upload_raw_by_user')
image_q = meta.Session.query(Image)
image = image_q.filter(Image.name==image)\
.filter(Image.owner.has(User.user_name==user)).first()
if image:
inline_auth(OwnsImage(image), auth_403)
file_names = []
hypervisors = image.hypervisor.split(',')
# Check if we are in multi-hypervisor mode and if the image is zipped.
# We currently don't support multi-hypervisor on zipped images.
if (len(hypervisors) > 1) and self.is_gzip(request.params['file'].filename):
abort(501, 'Multi-hypervisor support with compressed images is not implemented yet.')
for hypervisor in hypervisors:
try:
temp_file = request.params['file']
file_name = '%s_%s_%s' % (user, image.name, hypervisor)
file_names.append(file_name)
temp_storage = file_name + '.tmp'
final_path = path.join(app_globals.image_storage, file_name)
temp_path = path.join(app_globals.image_storage, temp_storage)
permanent_file = open(temp_path, 'w')
shutil.copyfileobj(temp_file.file, permanent_file)
permanent_file.close()
temp_file.file.close()
rename(temp_path, final_path)
except Exception, e:
remove(temp_path)
remove(final_path)
abort(500, '500 Internal Error - Error uploading file %s' %e)
# If image supports multiple hypervisors, mount each of the images and
# set the grub.conf symlink accordingly.
#
if len(hypervisors) > 1:
for hypervisor in hypervisors:
try:
image_path = path.join(app_globals.image_storage, '%s_%s_%s' % (user, image.name, hypervisor))
self.create_grub_symlink(image_path, hypervisor)
except Exception, e:
abort(500, '500 Internal Error - Error creating grub symlinks for image %s\n%s' % (image.name, e))
def group_share_by_user(self, user, image, share_with, format='json'):
image = meta.Session.query(Image)\
.filter(Image.name==image)\
.filter(Image.owner.has(User.user_name==user))\
.first()
if image:
group = meta.Session.query(Group)\
.filter(Group.name==share_with).first()
if not group:
abort(400, 'The group you are trying to share the image with does not exist.')
inline_auth(AllOf(OwnsImage(image), MemberOf(share_with)), auth_403)
if group in image.shared.groups:
return
else:
image.shared.groups.append(group)
meta.Session.commit()
else:
abort(404, '404 Not Found')
def user_share_by_user(self, user, image, share_with, format='json'):
image = meta.Session.query(Image)\
.filter(Image.name==image)\
.filter(Image.owner.has(User.user_name==user))\
.first()
if image:
inline_auth(OwnsImage(image), auth_403)
user = meta.Session.query(User)\
.filter(User.user_name==share_with)\
.first()
if not user:
abort(400, 'The user you are trying to share the image with does not exist.')
if user in image.shared.users:
return
else:
image.shared.users.append(user)
meta.Session.commit()
else:
abort(404, '404 Not Found')
def user_share_by_user(self, user, image, share_with, format="json"):
image = (
meta.Session.query(Image)
.filter(Image.name == image)
.filter(Image.owner.has(User.user_name == user))
.first()
)
if image:
inline_auth(OwnsImage(image), auth_403)
user = meta.Session.query(User).filter(User.user_name == share_with).first()
if not user:
abort(400, "400 Bad Request")
if user in image.shared.users:
return
else:
image.shared.users.append(user)
meta.Session.commit()
else:
abort(404, "404 Not Found")
def group_share_by_user(self, user, image, share_with, format="json"):
image = (
meta.Session.query(Image)
.filter(Image.name == image)
.filter(Image.owner.has(User.user_name == user))
.first()
)
if image:
inline_auth(AllOf(OwnsImage(image), MemberOf(share_with)), auth_403)
group = meta.Session.query(Group).filter(Group.name == share_with).first()
if not group:
abort(400, "400 Bad Request")
if group in image.shared.groups:
return
else:
image.shared.groups.append(group)
meta.Session.commit()
else:
abort(404, "404 Not Found")
def put_raw_by_user(self, user, image, hypervisor, format='json'):
log.debug('put_raw_by_user')
image_q = meta.Session.query(Image)
image = image_q.filter(Image.name==image)\
.filter(Image.owner.has(User.user_name==user)).first()
if image:
inline_auth(OwnsImage(image), auth_403)
image_file = request.environ.get('STORAGE_MIDDLEWARE_EXTRACTED_FILE')
if image_file:
final_path = None
try:
file_name = '%s_%s_%s' % (user, image.name, hypervisor)
final_path = path.join(app_globals.image_storage, file_name)
log.debug("Moving %s to %s" % (image_file, final_path))
shutil.move(image_file, final_path)
except Exception, e:
abort(500, '500 Internal Error - Error uploading file %s' %e)
finally:
pass
def __before__(self):
inline_auth(IsAthuenticated(), auth_403)
def __before__(self):
inline_auth(IsAthuenticated(), auth_403)
def modify_meta_by_user(self, user, image, format='json'):
params = validate_modify_image(request.params)
image_q = meta.Session.query(Image)
image = image_q.filter(Image.name==image)\
.filter(Image.owner.has(User.user_name==user))\
.first()
if image:
inline_auth(AnyOf(OwnsImage(image), HasPermission('image_modify')), auth_403)
# Make sure all given attributes exist in the image object.
for k,v in request.params.iteritems():
if not hasattr(image, k):
abort(400, 'The "%s" image metadata does not exist. Please check your syntax and try again.' % (k))
# Do a check here to make sure we do not overwrite
# any existing image. (Andre)
if ('name' in params) and (params['name'] != image.name):
image2 = image_q.filter(Image.name==params['name'])\
.filter(Image.owner.has(User.user_name==user))\
.first()
if image2:
log.debug('Conflict detected in image renaming: %s -> %s. Operation aborted.' % (image.name, params['name']))
abort(409, 'Cannot rename an image to an existing image. Operation aborted.')
# Here we must have some smarts to check if the new metadata has less hypervisors
# than the previous one. If this is true, then we must cleanup the images for the
# hypervisors that are not listed anymore, else we will end up with stale image
# files on the server.
if image.hypervisor != None and params['hypervisor'] and params['hypervisor'] != None:
previous_hypervisors = image.hypervisor.split(',')
new_hypervisors = params['hypervisor'].split(',')
for previous_hypervisor in previous_hypervisors:
if previous_hypervisor not in new_hypervisors:
# Cleanup
image.delete_image_file_for_hypervisor(previous_hypervisor)
# Check to see if the user wants to assign the image to a new owner.
# If that is the case, then we need to rename the image file because
# it has the owner's username hardcoded in its filename.
if ('owner' in params) and (params['owner'] != None) and (params['owner'] != image.owner):
# Verify if target user exist
user_q = meta.Session.query(User)
target_user = user_q.filter(User.user_name==params['owner']).first()
if not target_user:
abort(400, 'The new image owner %s does not exist.' % (params['owner']))
log.debug('Changing ownership of image %s from user %s to user %s.' %
(image.name, image.owner.user_name, target_user.user_name))
if not image.change_image_files_to_new_owner(target_user):
# Could not change owner because of conflict. Abort operation.
abort(409, 'Could not change ownership of the image because it conflicts with an image already owned by the target user. Operation aborted.')
# Don't forget to delete the 'owner' parameter (it is a special case)
# else the setattr call below will not like it.
del params['owner']
# If we rename the image slot, don't forget to rename the associated image files accordingly.
# Calling the image.rename() method will take care of this.
if ('name' in params) and (params['name'] != image.name):
if not image.rename(params['name']):
abort(409, 'Could not rename the image because it conflicts with an image already owned by the target user. Operation aborted.')
for k,v in params.iteritems():
if v != None:
setattr(image, k, v)
image.modified = datetime.utcfromtimestamp(time())
meta.Session.commit()
else:
abort(404, '404 Not Found')
