def test_put_v2_config_success(self, mock_alert_source_get,
mock_alert_source_update):
req = fakes.HTTPRequest.blank('/storages/fake_id/snmp-config')
fake_storage_id = 'abcd-1234-5678'
return_v2_alert_source = fakes.fake_v2_alert_source()
return_v2_alert_source['community_string'] = cryptor.encode(
return_v2_alert_source['community_string'])
mock_alert_source_update.return_value = return_v2_alert_source
mock_alert_source_get.return_value = return_v2_alert_source
expected_alert_source = {'storage_id': 'abcd-1234-5678',
'host': '127.0.0.1',
'community_string': 'public',
'version': 'snmpv2c',
'port': 161,
"retry_num": 1,
"expiration": 1,
"created_at": '2020-06-15T09:50:31.698956',
"updated_at": '2020-06-15T09:50:31.698956'
}
alert_controller_inst = self._get_alert_controller()
body = fakes.fake_v2_alert_source_config()
output_alert_source = alert_controller_inst.put(req, fake_storage_id,
body=body)
self.assertDictEqual(expected_alert_source, output_alert_source)
def login(self):
"""Login dell_emc unity storage array."""
try:
with self.session_lock:
data = {}
if self.session is None:
self.init_http_head()
self.session.headers.update({"X-EMC-REST-CLIENT": "true"})
self.session.auth = requests.auth.HTTPBasicAuth(
self.rest_username, cryptor.decode(self.rest_password))
res = self.call_with_token(RestHandler.REST_AUTH_URL, data,
'GET')
if res.status_code == 200:
self.session.headers[RestHandler.AUTH_KEY] = \
cryptor.encode(res.headers[RestHandler.AUTH_KEY])
else:
LOG.error("Login error.URL: %s,Reason: %s.",
RestHandler.REST_AUTH_URL, res.text)
if 'Unauthorized' in res.text:
raise exception.InvalidUsernameOrPassword()
elif 'Forbidden' in res.text:
raise exception.InvalidIpOrPort()
else:
raise exception.BadResponse(res.text)
except Exception as e:
LOG.error("Login error: %s", six.text_type(e))
raise e
def login(self):
try:
data = {
'request': {
'params': {
"username": self.rest_username,
"password": cryptor.decode(self.rest_password)
}
}
}
with self.session_lock:
if self.session is None:
self.init_http_head()
res = self.call_with_token(
RestHandler.REST_TOKEN_URL, data, 'POST')
if res.status_code == 200:
result = res.json()
self.session.headers['X-Auth-Token'] = \
cryptor.encode(result.get('token').get('token'))
else:
LOG.error("Login error. URL: %(url)s,Reason: %(reason)s.",
{"url": RestHandler.REST_TOKEN_URL,
"reason": res.text})
if 'Authentication has failed' in res.text:
raise exception.InvalidUsernameOrPassword()
else:
raise exception.StorageBackendException(res.text)
except Exception as e:
LOG.error("Login error: %s", six.text_type(e))
raise e
finally:
data = None
def get_token(self):
try:
succeed = False
if self.san_address:
url = '%s/%s/sessions' % \
(RestHandler.COMM_URL,
self.storage_device_id)
data = {}
with self.session_lock:
if self.session is None:
self.init_http_head()
self.session.auth = \
requests.auth.HTTPBasicAuth(
self.rest_username,
cryptor.decode(self.rest_password))
res = self.call_with_token(url, data, 'POST', 30)
if res.status_code == 200:
succeed = True
result = res.json()
self.session_id = cryptor.encode(
result.get('sessionId'))
access_session = 'Session %s' % result.get('token')
self.session.headers[
RestHandler.AUTH_KEY] = cryptor.encode(
access_session)
else:
LOG.error(
"Login error. URL: %(url)s\n"
"Reason: %(reason)s.", {
"url": url,
"reason": res.text
})
if 'authentication failed' in res.text:
raise exception.InvalidUsernameOrPassword()
elif 'KART30005-E' in res.text:
raise exception.StorageBackendException(
six.text_type(res.text))
else:
raise exception.BadResponse(res.text)
else:
LOG.error('Token Parameter error')
return succeed
except Exception as e:
LOG.error("Get token error: %s", six.text_type(e))
raise e
def encrypt_password(context, access_info):
for access in constants.ACCESS_TYPE:
if access_info.get(access):
access_info[access]['password'] = cryptor.encode(
access_info[access]['password'])
def _input_check(self, alert_source):
version = alert_source.get('version')
if version.lower() == 'snmpv3':
user_name = alert_source.get('username')
security_level = alert_source.get('security_level')
engine_id = alert_source.get('engine_id')
# Validate engine_id, check octet string can be formed from it
if engine_id:
try:
OctetString.fromHexString(engine_id)
except (TypeError, ValueError):
msg = "engine_id should be a set of octets in " \
"hexadecimal format."
raise exception.InvalidInput(msg)
if not user_name or not security_level:
msg = "If snmp version is SNMPv3, then username, " \
"security_level are required."
raise exception.InvalidInput(msg)
if security_level == constants.SecurityLevel.AUTHNOPRIV\
or security_level == constants.SecurityLevel.AUTHPRIV:
auth_protocol = alert_source.get('auth_protocol')
auth_key = alert_source.get('auth_key')
if not auth_protocol or not auth_key:
msg = "If snmp version is SNMPv3 and security_level is " \
"authPriv or authNoPriv, auth_protocol and " \
"auth_key are required."
raise exception.InvalidInput(msg)
alert_source['auth_key'] = cryptor.encode(
alert_source['auth_key'])
if security_level == constants.SecurityLevel.AUTHPRIV:
privacy_protocol = alert_source.get('privacy_protocol')
privacy_key = alert_source.get('privacy_key')
if not privacy_protocol or not privacy_key:
msg = "If snmp version is SNMPv3 and security_level" \
" is authPriv, privacy_protocol and " \
"privacy_key are required."
raise exception.InvalidInput(msg)
alert_source['privacy_key'] = cryptor.encode(
alert_source['privacy_key'])
else:
alert_source['privacy_key'] = None
alert_source['privacy_protocol'] = None
else:
alert_source['auth_key'] = None
alert_source['auth_protocol'] = None
alert_source['privacy_key'] = None
alert_source['privacy_protocol'] = None
# Clear keys for other versions.
alert_source['community_string'] = None
else:
community_string = alert_source.get('community_string')
if not community_string:
msg = "If snmp version is SNMPv1 or SNMPv2c, " \
"community_string is required."
raise exception.InvalidInput(msg)
alert_source['community_string'] = cryptor.encode(
alert_source['community_string'])
# Clear keys for SNMPv3
for k in SNMPv3_keys:
alert_source[k] = None
return alert_source
def _input_check(self, alert_source):
version = alert_source.get('version')
plain_auth_key = None
plain_priv_key = None
if version.lower() == 'snmpv3':
user_name = alert_source.get('username')
security_level = alert_source.get('security_level')
engine_id = alert_source.get('engine_id')
# Validate engine_id
snmp_validator.validate_engine_id(engine_id)
if not user_name or not security_level or not engine_id:
msg = "If snmp version is SNMPv3, then username, " \
"security_level and engine_id are required."
raise exception.InvalidInput(msg)
if security_level == "AuthNoPriv" or security_level == "AuthPriv":
auth_protocol = alert_source.get('auth_protocol')
auth_key = alert_source.get('auth_key')
if not auth_protocol or not auth_key:
msg = "If snmp version is SNMPv3 and security_level is " \
"AuthPriv or AuthNoPriv, auth_protocol and " \
"auth_key are required."
raise exception.InvalidInput(msg)
plain_auth_key = alert_source['auth_key']
alert_source['auth_key'] = cryptor.encode(
alert_source['auth_key'])
if security_level == "AuthPriv":
privacy_protocol = alert_source.get('privacy_protocol')
privacy_key = alert_source.get('privacy_key')
if not privacy_protocol or not privacy_key:
msg = "If snmp version is SNMPv3 and security_level" \
" is AuthPriv, privacy_protocol and " \
"privacy_key are required."
raise exception.InvalidInput(msg)
plain_priv_key = alert_source['privacy_key']
alert_source['privacy_key'] = cryptor.encode(
alert_source['privacy_key'])
else:
alert_source['privacy_key'] = None
alert_source['privacy_protocol'] = None
else:
alert_source['auth_key'] = None
alert_source['auth_protocol'] = None
alert_source['privacy_key'] = None
alert_source['privacy_protocol'] = None
# Clear keys for other versions.
alert_source['community_string'] = None
else:
community_string = alert_source.get('community_string', None)
if not community_string:
msg = "If snmp version is SNMPv1 or SNMPv2c, " \
"community_string is required."
raise exception.InvalidInput(msg)
# Clear keys for SNMPv3
for k in SNMPv3_keys:
alert_source[k] = None
# Validate configuration with alert source using snmp connectivity and
# update if valid
alert_source = snmp_validator.validate_connectivity(
alert_source, plain_auth_key, plain_priv_key)
return alert_source