def setUp(self):
super(SchemaTestCase, self).setUp()
self.schema = Schema((
st.String('name'),
st.LinkObject('project'),
st.Int('intval')
))
def test_utf8_explicit(self):
schema = Schema((st.String('morning'), ))
with self.app.test_request_context(
data=u'{"morning": "утро"}'.encode('utf-8'),
content_type='application/json; charset=UTF-8'):
data = parse_request_data(schema)
self.assertEquals({'morning': u'утро'}, data)
def test_supports_latin1(self):
schema = Schema((st.String('morning'), ))
with self.app.test_request_context(
data=u'{"morning": "mañana"}'.encode('latin-1'),
content_type='application/json; charset=ISO-8859-1'):
data = parse_request_data(schema)
self.assertEquals({'morning': u'mañana'}, data)
class SchemaTestCase(unittest.TestCase):
def setUp(self):
super(SchemaTestCase, self).setUp()
self.schema = Schema((
st.String('name'),
st.LinkObject('project'),
st.Int('intval')
))
def test_info(self):
self.assertEquals(len(self.schema.info), 3)
self.assertEquals(self.schema.info[1].name, 'project')
def test_sortby_names(self):
self.assertEquals(self.schema.sortby_names,
set(['name', 'intval',
'project.name', 'project.id']))
def test_argument_matcher(self):
eq = self.schema.argument_matcher('name', 'eq')
self.assertTrue(eq('a', 'a'))
self.assertFalse(eq('a', 'b'))
def test_argument_matcher_bad_type(self):
self.assertRaises(exc.InvalidRequest,
self.schema.argument_matcher, 'name', 'qwe')
def test_argument_matcher_bad_name(self):
self.assertRaises(KeyError,
self.schema.argument_matcher, 'stuff', 'eq')
def test_parse_argument_parses(self):
self.assertEquals(42, self.schema.parse_argument('intval', 'eq', '42'))
def test_stuff_works(self):
m = self.schema.argument_matcher('project', 'eq')
v = self.schema.parse_argument('project', 'eq', 'PID')
self.assertTrue(m({ 'id': 'PID' }, v))
def test_doesnt_replace_methods(self):
self.assertRaises(ValueError, Schema,
(st.Int('test'),), argument_matcher=('test',))
class SchemaTestCase(unittest.TestCase):
def setUp(self):
super(SchemaTestCase, self).setUp()
self.schema = Schema(
(st.String('name'), st.LinkObject('project'), st.Int('intval')))
def test_info(self):
self.assertEquals(len(self.schema.info), 3)
self.assertEquals(self.schema.info[1].name, 'project')
def test_sortby_names(self):
self.assertEquals(
self.schema.sortby_names,
set(['name', 'intval', 'project.name', 'project.id']))
def test_argument_matcher(self):
eq = self.schema.argument_matcher('name', 'eq')
self.assertTrue(eq('a', 'a'))
self.assertFalse(eq('a', 'b'))
def test_argument_matcher_bad_type(self):
self.assertRaises(exc.InvalidRequest, self.schema.argument_matcher,
'name', 'qwe')
def test_argument_matcher_bad_name(self):
self.assertRaises(KeyError, self.schema.argument_matcher, 'stuff',
'eq')
def test_parse_argument_parses(self):
self.assertEquals(42, self.schema.parse_argument('intval', 'eq', '42'))
def test_stuff_works(self):
m = self.schema.argument_matcher('project', 'eq')
v = self.schema.parse_argument('project', 'eq', 'PID')
self.assertTrue(m({'id': 'PID'}, v))
def test_doesnt_replace_methods(self):
self.assertRaises(ValueError,
Schema, (st.Int('test'), ),
argument_matcher=('test', ))
def setUp(self):
super(MakeCollectionResponseTestCase, self).setUp()
flask.g.limit = None
flask.g.offset = None
flask.g.unused_args = set([])
flask.g.collection_schema = Schema((st.Int('test'), ))
self.result = [{
'test': 1
}, {
'test': 2
}, {
'test': 3
}, {
'test': 4
}, {
'test': 5
}, {
'test': 6
}, {
'test': 7
}]
def test_required_ok(self):
schema = Schema((st.Int('req'), ))
params = {'req': 42}
with self.request_context(params):
self.assertEquals(params, parse_request_data(None, schema))
def test_required_missing(self):
schema = Schema((st.Int('req'), ))
with self.request_context({}):
self.assertRaises(exc.MissingElement, parse_request_data, None,
schema)
}
def _get_security_group(sg_id):
try:
sg = auth.admin_client_set().compute.security_groups.get(sg_id)
except osc_exc.NotFound:
abort(404)
auth.assert_admin_or_project_user(sg.tenant_id, eperm_status=404)
# TODO(imelnikov): do we need to check if group belongs to systenant?
return sg
_SCHEMA = Schema((st.String('id'), st.String('protocol'), st.Cidr('source'),
st.Int('port-range-first', min_val=-1, max_val=65535),
st.Int('port-range-last', min_val=-1, max_val=65535)),
required=('protocol', 'source'),
allowed=('port-range-first', 'port-range-last'))
@BP.route('/', methods=('GET', ))
@user_endpoint
def list_fw_rules(fw_rule_set_id):
parse_collection_request(_SCHEMA)
result = [
_fw_rule_dict_to_view(rule)
for rule in _get_security_group(fw_rule_set_id).rules
]
parent_href = url_for('fw_rule_sets.get_fw_rule_set',
fw_rule_set_id=fw_rule_set_id)
return make_collection_response(u'rules', result, parent_href=parent_href)
@BP.route('/<project_id>', methods=('GET', ))
@user_endpoint
def get_project(project_id):
tenant = get_tenant(project_id) # checks permissions
net = _network_for_project(project_id)
quotaset = _quotaset_for_project(project_id)
result = _project_to_view(tenant, net, quotaset)
return make_json_response(result)
_SCHEMA = Schema(
(st.String('id'), st.String('name'),
st.String('description', allow_empty=True), st.LinkObject('network'),
st.Int('cpus-limit'), st.Int('ram-limit'), st.Int('instances-limit')),
create_required=('name', 'network'),
allowed=( # both on creation and update
'description', 'cpus-limit', 'ram-limit', 'instances-limit'))
@BP.route('/', methods=('GET', ))
@root_endpoint('projects')
@user_endpoint
def list_projects():
parse_collection_request(_SCHEMA)
if g.my_projects:
client = g.client_set.identity_public
else:
client = admin_client_set().identity_admin
def setUp(self):
super(ParseFiltersTestCase, self).setUp()
self.schema = Schema([st.String('name'), st.Int('size')])
def test_allowed_ok(self):
schema = Schema((st.Int('test'), ))
params = {'test': 42}
with self.request_context(params):
self.assertEquals(params, parse_request_data(schema))
except osc_exc.NotFound:
pass
if record.project_id is not None and project_name is None:
try:
project_name = iadm.tenants.get(record.project_id).name
except osc_exc.NotFound:
pass
return _record_to_dict(record, user_name, project_name)
_SCHEMA = Schema((
st.String('id'),
st.String('message'),
st.String('method'),
st.String('resource'),
st.Ipv4('remote_address'),
st.Int('response_status'),
st.Timestamp('timestamp'),
st.LinkObject('user'),
st.LinkObject('project'),
))
@BP.route('/')
@root_endpoint('audit-log')
def list_all_records():
parse_collection_request(_SCHEMA)
result = [record_to_view(record)
for record in AuditDAO.list_all()]
return make_collection_response(u'audit-log', result)
from flask import url_for, abort, Blueprint, g
from altai_api.schema import Schema
from altai_api.schema import types as st
from altai_api.utils import *
from altai_api.utils.decorators import root_endpoint, user_endpoint
from altai_api.db.config import ConfigDAO
BP = Blueprint('config', __name__)
SCHEMAS = {
'general':
Schema((st.String('installation-name'), )),
'mail':
Schema((
st.String('sender-name'),
st.String('sender-mail'),
st.String('footer'),
)),
'invitations':
Schema((
st.Boolean('enabled'),
st.List(st.String('domains-allowed')),
)),
'password-reset':
Schema((st.Boolean('enabled'), )),
}
len(tenants) - 1, # not counting systenant
'instances':
len(servers),
'users':
len(users),
'total-images':
len(images),
'global-images':
len(global_images),
'by-project-stats-href':
url_for('stats.list_stats_by_project')
})
_SCHEMA = Schema(
(st.LinkObject('project'), st.Int('members'), st.Int('instances'),
st.Int('local-images'), st.Int('total-images')))
@BP.route('/by-project/', methods=('GET', ))
@user_endpoint
def list_stats_by_project():
parse_collection_request(_SCHEMA)
cs = auth.admin_client_set()
if g.my_projects:
tenants = g.client_set.identity_public.tenants.list()
else:
tenants = cs.identity_admin.tenants.list()
result = {}
d["href"] = flask.url_for('networks.get_network', net_id=net.id)
d["name"] = net.label
d["vlan"] = int(net.vlan)
d["cidr"] = net.cidr
if net.project_id:
d["used"] = True
d["project"] = link_for_project(net.project_id)
else:
d["used"] = False
return d
_SCHEMA = Schema(
(st.String('id'), st.String('name'), st.Int('vlan'), st.Cidr('cidr'),
st.Boolean('used'), st.LinkObject('project')),
required=('name', 'vlan', 'cidr'))
@BP.route('/', methods=('GET', ))
@root_endpoint('networks')
@user_endpoint
def list_networks():
parse_collection_request(_SCHEMA)
nets = admin_client_set().compute.networks.list()
return make_collection_response(u'networks',
[_net_to_dict(net) for net in nets])
@BP.route('/<net_id>', methods=('GET', ))
@user_endpoint
def _node_to_view(name, hosts):
result = link_for_node(name)
for h in hosts:
if h.project == '(total)':
result['memory'] = from_mb(h.memory_mb)
result['cpus'] = h.cpu
elif h.project == '(used_now)':
result['memory-used'] = from_mb(h.memory_mb)
result['cpus-used'] = h.cpu
return result
_SCHEMA = Schema((
st.String('name'),
st.Int('memory'),
st.Int('cpus'),
st.Int('memory-used'),
st.Int('cpus-used'),
))
@BP.route('/', methods=('GET', ))
@root_endpoint('nodes')
def list_nodes():
parse_collection_request(_SCHEMA)
host_mgr = g.client_set.compute.hosts
names = [
h._info['host_name'] for h in host_mgr.list_all()
if h._info['service'] == 'compute'
]
from openstackclient_base import exceptions as osc_exc
from altai_api import exceptions as exc
from altai_api import auth
from altai_api.utils import *
from altai_api.utils.decorators import user_endpoint
from altai_api.schema import Schema
from altai_api.schema import types as st
from altai_api.blueprints.my_ssh_keys import keypair_to_view
from altai_api.blueprints.users import fetch_user
BP = Blueprint('users_ssh_keys', __name__)
_SCHEMA = Schema(
(st.String('name'), st.String('public-key'), st.String('fingerprint')),
required=('name', 'public-key'),
)
@BP.route('/', methods=('GET', ))
@user_endpoint
def list_users_ssh_keys(user_id):
parse_collection_request(_SCHEMA)
fetch_user(user_id, g.is_admin) # check that user exists and is visible
mgr = auth.admin_client_set().compute_ext.user_keypairs
result = [keypair_to_view(keypair) for keypair in mgr.list(user_id)]
parent_href = url_for('users.get_user', user_id=user_id)
return make_collection_response('ssh-keys',
result,
def setUp(self):
super(ApplyFiltersTestCase, self).setUp()
self.schema = Schema([st.String('name'), st.Int('size')])
self.filters = {'name': {'eq': 'test'}, 'size': {'gt': 28, 'lt': 32}}
def test_allowed_missing(self):
schema = Schema((st.Int('req'), ))
params = {}
with self.request_context({}):
self.assertEquals(params, parse_request_data(schema))
def test_allowed_wrong(self):
schema = Schema((st.Int('test'), ))
with self.request_context({'test': '42'}):
self.assertRaises(exc.InvalidElementValue, parse_request_data,
schema)
def setUp(self):
super(SchemaTestCase, self).setUp()
self.schema = Schema(
(st.String('name'), st.LinkObject('project'), st.Int('intval')))
def test_date_is_parsed(self):
timestamp = datetime(2012, 5, 11, 17, 42, 53)
schema = Schema((st.Timestamp('test'), ))
params = {'test': '2012-05-11T17:42:53Z'}
with self.request_context(params):
self.assertEquals({'test': timestamp}, parse_request_data(schema))
@root_endpoint('invites')
def list_invites():
# just a stub to mark with root_endpoint
abort(404)
@BP.route('/<code>', methods=('GET', ))
@no_auth_endpoint
def get_user_by_code(code):
invite, user = _invite_and_user(code)
return make_json_response(user_to_view(user, invite))
_ACCEPT_SCHEMA = Schema((
st.String('name'),
st.String('fullname', allow_empty=True),
st.String('email'),
))
_ACCEPT_REQUIRES = Schema((st.String('password'), ))
@BP.route('/<code>', methods=('PUT', ))
@no_auth_endpoint
def accept_invite(code):
data = parse_request_data(_ACCEPT_SCHEMA, _ACCEPT_REQUIRES)
invite, user = _invite_and_user(code)
data['enabled'] = True
try:
update_user_data(user, data)
try:
g.client_set.identity_admin.roles.add_user_role(user=user,
role=role_id,
tenant=project)
except osc_exc.NotFound:
raise exc.InvalidElementValue('projects', 'link object', project,
'Project does not exist')
_SCHEMA = Schema(
(st.String('id'), st.String('name'), st.String(
'fullname', allow_empty=True), st.String('email'), st.Boolean('admin'),
st.Boolean('completed-registration'), st.Timestamp('invited-at'),
st.List(st.LinkObject('projects')), st.Boolean('invite'),
st.String('password'), st.Boolean('send-invite-mail'),
st.String('link-template')),
create_required=('email', ),
create_allowed=('name', 'fullname', 'admin', 'projects', 'invite',
'link-template', 'send-invite-mail', 'password'),
updatable=('name', 'email', 'fullname', 'admin', 'password'),
list_args=('id', 'name', 'fullname', 'email', 'projects', 'admin',
'completed-registration', 'invited-at'))
@BP.route('/', methods=('GET', ))
@root_endpoint('users')
@user_endpoint
def list_users():
parse_collection_request(_SCHEMA.list_args)
user_mgr = auth.admin_client_set().identity_admin.users
return make_collection_response(u'users', [
u'name': secgroup.name
}
def _sg_to_view(secgroup, project_name=None):
result = link_for_security_group(secgroup)
result.update(
(('description', secgroup.description),
('project', link_for_project(secgroup.tenant_id, project_name)),
('rules-href',
url_for('fw_rules.list_fw_rules', fw_rule_set_id=secgroup.id))))
return result
_SCHEMA = Schema((st.String('id'), st.String('name'), st.String('description'),
st.LinkObject('project')),
required=('name', 'project'),
allowed=('description', ))
@BP.route('/', methods=('GET', ))
@root_endpoint('fw-rule-sets')
@user_endpoint
def list_fw_rule_sets():
parse_collection_request(_SCHEMA)
if g.my_projects:
tenants = g.client_set.identity_public.tenants.list()
else:
tenants = admin_client_set().identity_admin.tenants.list()
result = []
for tenant in tenants:
def list_all_images(client):
"""Get list of all images from all tenants"""
# NOTE(imelnikov): When is_public is True (the default), images
# available for current tenant are returned (public images and
# images from current tenant). When is_public is set to None
# explicitly, current tenant is ignored.
return client.list(filters={'is_public': None})
_SCHEMA = Schema(
(st.String('id'), st.String('name'), st.String('status'),
st.String('disk-format'), st.String('container-format'),
st.String('md5sum'), st.Int('size'), st.Timestamp('created'),
st.Boolean('global'),
st.LinkObject('project',
add_search_matchers={'for': st.not_implemented_matcher}),
st.LinkObject('kernel'), st.LinkObject('ramdisk')),
create_required=('name', 'container-format', 'disk-format'),
create_allowed=('project', 'global', 'kernel', 'ramdisk'),
updatable=('name'))
def _images_for_tenant(tenant_id, is_public):
try:
tenant = auth.admin_client_set().identity_admin \
.tenants.get(tenant_id)
except osc_exc.NotFound:
return [] # consistent with project:eq
client = auth.client_set_for_tenant(tenant_id, fallback_to_api=g.is_admin)
1 if 'email' in data else 0)):
raise exc.InvalidRequest('Exactly one element of id, name or email'
' must be present')
user_mgr = g.client_set.identity_admin.users
try:
if 'id' in data:
return user_mgr.get(data['id'])
elif 'email' in data:
return user_mgr.find(email=data['email'])
elif 'name' in data:
return user_mgr.find(name=data['name'])
except osc_exc.NotFound:
return None
_RESET_SCHEMA = Schema((st.String('id'), st.String('name'), st.String('email'),
st.String('link-template')))
@BP.route('/reset-password', methods=('POST', ))
@no_auth_endpoint
@root_endpoint('reset-password')
def reset_password():
if not g.config('password-reset', 'enabled'):
abort(404)
data = parse_request_data(allowed=_RESET_SCHEMA)
user = _find_user(data)
if user is None:
return make_json_response(None, status_code=204)
token = ResetTokensDAO.create(user.id, user.email)
send_reset_password(user.email,
token.code,
fetch_instance(instance_id) # check that server exists and is visible
else:
assert_admin_or_project_user(result[0].tenant_id, eperm_status=404)
return result
def _find_sg_on_server(instance_id, set_id):
# ids are (sic!) ints
sg_id = int_from_string(set_id, on_error=lambda value_: abort(404))
for sg in _security_groups_for_server(instance_id):
if sg.id == sg_id:
return sg
abort(404)
_SCHEMA = Schema((st.String('id'), st.String('name')), required=('id', ))
@BP.route('/', methods=('GET', ))
@user_endpoint
def list_instance_fw_rule_sets(instance_id):
parse_collection_request(_SCHEMA)
result = [
link_for_security_group(sg)
for sg in _security_groups_for_server(instance_id)
]
parent_href = url_for('instances.get_instance', instance_id=instance_id)
return make_collection_response(u'fw-rule-sets',
result,
parent_href=parent_href)
def _instance_type_for_nova(data):
return {
u'name': data['name'],
u'ram': to_mb(data['ram']),
u'vcpus': data['cpus'],
u'disk': to_gb(data['root-size']),
u'ephemeral': to_gb(data['ephemeral-size'])
}
_SCHEMA = Schema((
st.String('id'),
st.String('name'),
st.Int('cpus'),
st.Int('ram'),
st.Int('root-size'),
st.Int('ephemeral-size')),
required=('name', 'cpus', 'ram', 'root-size', 'ephemeral-size')
)
@BP.route('/', methods=('GET',))
@root_endpoint('instance-types')
@user_endpoint
def list_instance_types():
parse_collection_request(_SCHEMA)
all_flavors = bound_client_set().compute.flavors.list()
result = [_instance_type_to_view(flavor)
for flavor in all_flavors]
return make_collection_response(u'instance-types', result)
