def _validate_resource_type_length(resource_type):
# Add in a validation to ensure that we catch this at build time
if len(resource_type) > MAX_RESOURCE_TYPE_LEN:
raise nsxlib_exceptions.NsxLibInvalidInput(
error_message=(_('Resource type cannot exceed %(max_len)s '
'characters: %(resource_type)s') %
{'max_len': MAX_RESOURCE_TYPE_LEN,
'resource_type': resource_type}))
def validate_cert_params(key_size, valid_for_days, signature_alg, subject):
"""Validate parameters for certificate"""
expected_key_sizes = (2048, 4096)
if key_size not in expected_key_sizes:
raise nsxlib_exceptions.NsxLibInvalidInput(
error_message=_('Invalid key size %(value)d'
'(must be one of %(list)s)') % {
'value': key_size,
'list': expected_key_sizes
})
expected_signature_algs = ('sha256')
if signature_alg not in expected_signature_algs:
raise nsxlib_exceptions.NsxLibInvalidInput(
error_message=_('Invalid signature algorithm %(value)s'
'(must be one of %(list)s)') % {
'value': signature_alg,
'list': expected_signature_algs
})
if (CERT_SUBJECT_COUNTRY in subject
and (len(subject[CERT_SUBJECT_COUNTRY]) != 2)):
raise nsxlib_exceptions.NsxLibInvalidInput(
error_message=_('Invalid country %s: '
'must be exactly 2 characters') %
subject[CERT_SUBJECT_COUNTRY])
# values defined in rfc5280
max_len_constraints = {
CERT_SUBJECT_STATE: 128,
CERT_SUBJECT_ORG: 64,
CERT_SUBJECT_UNIT: 64,
CERT_SUBJECT_HOST: 64
}
for field, max_len in max_len_constraints.items():
if field in subject and (len(subject[field]) > max_len):
raise nsxlib_exceptions.NsxLibInvalidInput(
error_message=_('Invalid %(field)s [%(value)s]: '
'must not exceed %(max)d characters') % {
'field': field,
'value': subject[field],
'max': max_len
})
def validate_tier0(self, tier0_groups_dict, tier0_uuid):
err_msg = None
try:
lrouter = self._router_client.get(tier0_uuid)
except exceptions.ResourceNotFound:
err_msg = (_("Tier0 router %s not found at the backend. Either a "
"valid UUID must be specified or a default tier0 "
"router UUID must be configured in nsx.ini") %
tier0_uuid)
else:
edge_cluster_uuid = lrouter.get('edge_cluster_id')
if not edge_cluster_uuid:
err_msg = _("Failed to get edge cluster uuid from tier0 "
"router %s at the backend") % lrouter
else:
edge_cluster = self.nsxlib.edge_cluster.get(edge_cluster_uuid)
member_index_list = [
member['member_index']
for member in edge_cluster['members']
]
if len(member_index_list) < MIN_EDGE_NODE_NUM:
err_msg = _("%(act_num)s edge members found in "
"edge_cluster %(cluster_id)s, however we "
"require at least %(exp_num)s edge nodes "
"in edge cluster for use") % {
'act_num': len(member_index_list),
'exp_num': MIN_EDGE_NODE_NUM,
'cluster_id': edge_cluster_uuid
}
if err_msg:
raise exceptions.NsxLibInvalidInput(error_message=err_msg)
else:
tier0_groups_dict[tier0_uuid] = {
'edge_cluster_uuid': edge_cluster_uuid,
'member_index_list': member_index_list
}
def func_to_fail(x):
total_count['val'] = total_count['val'] + 1
raise exceptions.NsxLibInvalidInput(error_message='foo')