def o_callback_authorize(request): logger.info(request.__dict__) if 'code' not in request.GET: logger.info(request.__dict__) #TODO - Maybe: Redirect into a login return HttpResponse("") oauth_client = get_cas_oauth_client() oauth_code = request.GET['code'] #Exchange code for ticket access_token, expiry_date = oauth_client.get_access_token(oauth_code) if not access_token: logger.info( "The Code %s is invalid/expired. Attempting another login." % oauth_code) return o_login_redirect(request) #Exchange token for profile user_profile = oauth_client.get_profile(access_token) if not user_profile or "id" not in user_profile: logger.error("AccessToken is producing an INVALID profile!" " Check the CAS server and caslib.py for more" " information.") #NOTE: Make sure this redirects the user OUT of the loop! return login(request) #ASSERT: A valid OAuth token gave us the Users Profile. # Now create an AuthToken and return it username = user_profile["id"] auth_token = obtainOAuthToken(username, access_token, expiry_date) #Set the username to the user to be emulated #to whom the token also belongs request.session['username'] = username request.session['token'] = auth_token.key logger.info("Returning user - %s - to application " % username) logger.info(request.session.__dict__) logger.info(request.user) return HttpResponseRedirect(settings.REDIRECT_URL + "/application/")
def _get_cached(key, data_method, scrub_method, force=False): try: r = redis_connection() if force: _invalidate(key) data = r.get(key) except redis.exceptions.ConnectionError: logger.error( "EXTERNAL SERVICE redis-server IS NOT RUNNING! " "Somebody should turn it on!" ) data = None if not data: data = data_method() scrub_method(data) logger.debug( "Updated redis({0}) using {1} and {2}".format( key, data_method, scrub_method ) ) r.set(key, pickle.dumps(data)) r.expire(key, 30) return data logger.debug("Actual type {0}".format(type(data))) return pickle.loads(data)
def put(self, request, provider_id, identity_id, machine_id): """ TODO: Determine who is allowed to edit machines besides core_machine.owner """ user = request.user data = request.DATA esh_driver = prepare_driver(request, provider_id, identity_id) if not esh_driver: return invalid_creds(provider_id, identity_id) esh_machine = esh_driver.get_machine(machine_id) core_machine = convert_esh_machine(esh_driver, esh_machine, provider_id) if not user.is_staff\ and user is not core_machine.application.created_by: logger.error('Non-staff/non-owner trying to update a machine') return failure_response( status.HTTP_401_UNAUTHORIZED, 'Only Staff and the machine Owner ' + 'are allowed to change machine info.') core_machine.application.update(data) serializer = ProviderMachineSerializer(core_machine, data=data, partial=True) if serializer.is_valid(): logger.info('metadata = %s' % data) update_machine_metadata(esh_driver, esh_machine, data) serializer.save() logger.info(serializer.data) return Response(serializer.data) return failure_response(status.HTTP_400_BAD_REQUEST, serializer.errors)
def deploy_failed(task_uuid, driverCls, provider, identity, instance_id, **celery_task_args): from core.models.instance import Instance from core.email import send_deploy_failed_email try: logger.debug("deploy_failed task started at %s." % datetime.now()) logger.info("task_uuid=%s" % task_uuid) result = app.AsyncResult(task_uuid) with allow_join_result(): exc = result.get(propagate=False) err_str = "DEPLOYERROR::%s" % (result.traceback, ) logger.error(err_str) driver = get_driver(driverCls, provider, identity) instance = driver.get_instance(instance_id) update_instance_metadata(driver, instance, data={'tmp_status': 'deploy_error'}, replace=False) #Send deploy email core_instance = Instance.objects.get(provider_alias=instance_id) send_deploy_failed_email(core_instance, err_str) logger.debug("deploy_failed task finished at %s." % datetime.now()) except Exception as exc: logger.warn(exc) deploy_failed.retry(exc=exc)
def get_default_identity(username, provider=None): """ Return the default identity given to the user-group for provider. """ try: filter_query = {} if provider: filter_query['provider'] = provider from core.models.group import GroupMembership memberships = GroupMembership.objects.filter( user__username=username).prefetch_related('group') for membership in memberships: group = membership.group identities = group.current_identities.filter(**filter_query) if group and identities.count() > 0: default_identity = identities.first() logger.debug("default_identity set to %s " % default_identity) return default_identity # No identities found for any group if settings.AUTO_CREATE_NEW_ACCOUNTS: new_identities = create_new_accounts(username, selected_provider=provider) if new_identities: return new_identities[0] logger.error( "%s has no identities. Functionality will be severely limited." % username) return None except Exception as e: logger.exception(e) return None
def o_callback_authorize(request): logger.info(request.__dict__) if 'code' not in request.GET: logger.info(request.__dict__) #TODO - Maybe: Redirect into a login return HttpResponse("") oauth_client = get_cas_oauth_client() oauth_code = request.GET['code'] #Exchange code for ticket access_token, expiry_date = oauth_client.get_access_token(oauth_code) if not access_token: logger.info("The Code %s is invalid/expired. Attempting another login." % oauth_code) return o_login_redirect(request) #Exchange token for profile user_profile = oauth_client.get_profile(access_token) if not user_profile or "id" not in user_profile: logger.error("AccessToken is producing an INVALID profile!" " Check the CAS server and caslib.py for more" " information.") #NOTE: Make sure this redirects the user OUT of the loop! return login(request) #ASSERT: A valid OAuth token gave us the Users Profile. # Now create an AuthToken and return it username = user_profile["id"] auth_token = obtainOAuthToken(username, access_token, expiry_date) #Set the username to the user to be emulated #to whom the token also belongs request.session['username'] = username request.session['token'] = auth_token.key logger.info("Returning user - %s - to application " % username) logger.info(request.session.__dict__) logger.info(request.user) return HttpResponseRedirect(settings.REDIRECT_URL+"/application/")
def get_default_provider(username): """ Return default provider given """ try: from core.models.group import get_user_group group = get_user_group(username) provider = group.providers.filter(Q(end_date=None) | Q(end_date__gt=timezone.now()), active=True, type__name="OpenStack") if provider: provider = provider[0] else: logger.error("get_default_provider could not find " "a valid Provider") return None logger.debug("default provider is %s " % provider) return provider except IndexError: logger.info("No provider found for %s" % username) return None except Exception, e: logger.exception(e) return None
def get_default_provider(username): """ Return default provider given """ try: from core.models.group import get_user_group from core.models.provider import Provider group = get_user_group(username) provider_ids = group.current_identities.values_list( 'provider', flat=True) provider = Provider.objects.filter( id__in=provider_ids, type__name="OpenStack") if provider: logger.debug("get_default_provider selected a new " "Provider for %s: %s" % (username, provider)) provider = provider[0] else: logger.error("get_default_provider could not find a new " "Provider for %s" % (username,)) return None return provider except Exception as e: logger.exception("get_default_provider encountered an error " "for %s" % (username,)) return None
def put(self, request, provider_id, identity_id, machine_id): """ TODO: Determine who is allowed to edit machines besides core_machine.owner """ user = request.user data = request.DATA esh_driver = prepare_driver(request, provider_id, identity_id) if not esh_driver: return invalid_creds(provider_id, identity_id) esh_machine = esh_driver.get_machine(machine_id) core_machine = convert_esh_machine(esh_driver, esh_machine, provider_id) if not user.is_staff\ and user is not core_machine.application.created_by: logger.error('Non-staff/non-owner trying to update a machine') return failure_response( status.HTTP_401_UNAUTHORIZED, 'Only Staff and the machine Owner ' + 'are allowed to change machine info.') core_machine.application.update(data) serializer = ProviderMachineSerializer(core_machine, data=data, partial=True) if serializer.is_valid(): logger.info('metadata = %s' % data) update_machine_metadata(esh_driver, esh_machine, data) serializer.save() logger.info(serializer.data) return Response(serializer.data) return failure_response( status.HTTP_400_BAD_REQUEST, serializer.errors)
def get_default_identity(username, provider=None): """ Return the default identity given to the user-group for provider. """ try: from core.models.group import get_user_group group = get_user_group(username) identities = group.identities.all() if provider: if provider.is_active(): identities = identities.filter(provider=provider) return identities[0] else: logger.error("Provider provided for " "get_default_identity is inactive.") raise "Inactive Provider provided for get_default_identity " else: default_provider = get_default_provider(username) default_identity = group.identities.filter( provider=default_provider) if not default_identity: logger.error("User %s has no identities on Provider %s" % (username, default_provider)) raise "No Identities on Provider %s for %s" % (default_provider,username) #Passing default_identity = default_identity[0] logger.debug( "default_identity set to %s " % default_identity) return default_identity except Exception as e: logger.exception(e) return None
def get(self, request, username): """ Create a new token in the database on behalf of 'username' Returns success 201 Created - Body is JSON and contains """ user = request.user if not username: return Response("Username was not provided", status=status.HTTP_400_BAD_REQUEST) if user.username is not 'admin' and not user.is_superuser: logger.error("URGENT! User: %s is attempting to emulate a user!" % user.username) return Response("Only admin and superusers can emulate accounts. " "This offense has been reported", status=status.HTTP_401_UNAUTHORIZED) if not AtmosphereUser.objects.filter(username=username): return Response("Username %s does not exist as an AtmosphereUser" % username, status=status.HTTP_404_NOT_FOUND) # User is authenticated, username exists. Make a token for them. user_to_emulate = AtmosphereUser.objects.get_by_natural_key(username) token = get_or_create_token(user_to_emulate, issuer="DRF-EmulatedUser") expireTime = token.issuedTime + secrets.TOKEN_EXPIRY_TIME auth_json = { # Extra data passed only on emulation.. "emulator": request.user.username, # Normal token data.. "token": token.key, "username": token.user.username, "expires": expireTime.strftime("%b %d, %Y %H:%M:%S") } return Response(auth_json, status=status.HTTP_201_CREATED)
def deploy_init_to(driverCls, provider, identity, instance_id, username=None, password=None, redeploy=False, *args, **kwargs): try: logger.debug("deploy_init_to task started at %s." % datetime.now()) driver = get_driver(driverCls, provider, identity) instance = driver.get_instance(instance_id) if not instance: logger.debug("Instance has been teminated: %s." % instance_id) return image_metadata = driver._connection\ .ex_get_image_metadata(instance.machine) deploy_chain = get_deploy_chain(driverCls, provider, identity, instance, username, password, redeploy) deploy_chain.apply_async() #Can be really useful when testing. #if kwargs.get('delay'): # async.get() logger.debug("deploy_init_to task finished at %s." % datetime.now()) except SystemExit: logger.exception("System Exits are BAD! Find this and get rid of it!") raise Exception("System Exit called") except NonZeroDeploymentException as non_zero: logger.error(str(non_zero)) logger.error(non_zero.__dict__) raise except Exception as exc: logger.warn(exc) deploy_init_to.retry(exc=exc)
def get_default_identity(username, provider=None): """ Return the default identity given to the user-group for provider. """ try: from core.models.group import get_user_group group = get_user_group(username) identities = group.identities.all() if provider: if provider.is_active(): identities = identities.filter(provider=provider) return identities[0] else: logger.error("Provider provided for " "get_default_identity is inactive.") raise("Provider provided for get_default_identity " "is inactive.") else: default_provider = get_default_provider(username) default_identity = group.identities.filter( provider=default_provider)[0] logger.debug( "default_identity set to %s " % default_identity) return default_identity except Exception, e: logger.exception(e) return None
def delete(self, request, provider_id, identity_id, group_name, format=None): """ Unshare the identity """ try: identity = Identity.objects.get(id=identity_id) except Identity.DoesNotExist: return failure_response(status.HTTP_404_NOT_FOUND, "Identity does not exist.") if not identity.can_share(user): logger.error("User %s cannot remove sharing from identity %s. " + "This incident will be reported" % (user, identity_id)) return failure_response( status.HTTP_401_UNAUTHORIZED, "User %s cannot remove sharing from identity %s. " + "This incident will be reported" % (user, identity_id)) group = Group.objects.get(name=group_name) id_member = identity.unshare(group) serializer = IdentitySerializer(id_member.identity) serialized_data = serializer.data return Response(serialized_data)
def get_default_provider(username): """ Return default provider given """ try: from core.models.group import get_user_group from core.models.provider import Provider group = get_user_group(username) provider_ids = group.current_identities.values_list('provider', flat=True) provider = Provider.objects.filter(id__in=provider_ids, type__name="OpenStack") if provider: logger.debug("get_default_provider selected a new " "Provider for %s: %s" % (username, provider)) provider = provider[0] else: logger.error("get_default_provider could not find a new " "Provider for %s" % (username, )) return None return provider except Exception as e: logger.exception("get_default_provider encountered an error " "for %s" % (username, )) return None
def validate_input(self, user, data): error_map = {} name = data.get('name') identity_uuid = data.get('identity') source_alias = data.get('source_alias') size_alias = data.get('size_alias') if not name: error_map['name'] = "This field is required." if not identity_uuid: error_map['identity'] = "This field is required." if not source_alias: error_map['source_alias'] = "This field is required." if not size_alias: error_map['size_alias'] = "This field is required." if error_map: raise Exception(error_map) try: identity = Identity.objects.get(uuid=identity_uuid) # Staff or owner ONLY if not user.is_staff and identity.created_by != user: logger.error( "User %s does not have permission to use identity %s" % (user, identity)) raise Identity.DoesNotExist("You are not the owner") except Identity.DoesNotExist: error_map["identity"] = "The uuid (%s) is invalid." % identity_uuid raise Exception(error_map) return
def send_email(subject, body, from_email, to, cc=None, fail_silently=False, html=False): """ Use django.core.mail.EmailMessage to send and log an Atmosphere email. """ try: msg = EmailMessage(subject=subject, body=body, from_email=from_email, to=to, cc=cc) if html: msg.content_subtype = 'html' msg.send(fail_silently=fail_silently) email_logger.info("Email Sent." + "From:%s\nTo:%sCc:%s\nSubject:%s\nBody:\n%s" % (from_email, to, cc, subject, body)) return True except Exception as e: logger.error(e) return False
def delete(self, request, provider_id, identity_id, group_name, format=None): """ Unshare the identity """ try: identity = Identity.objects.get(id=identity_id) except Identity.DoesNotExist: return failure_response( status.HTTP_404_NOT_FOUND, "Identity does not exist.") if not identity.can_share(user): logger.error("User %s cannot remove sharing from identity %s. " + "This incident will be reported" % (user, identity_id)) return failure_response( status.HTTP_401_UNAUTHORIZED, "User %s cannot remove sharing from identity %s. " + "This incident will be reported" % (user, identity_id)) group = Group.objects.get(name=group_name) id_member = identity.unshare(group) serializer = IdentitySerializer(id_member.identity) serialized_data = serializer.data return Response(serialized_data)
def post(self, request, provider_id, identity_id, format=None): """ Create a new identity member (ADMINS & OWNERS GROUP LEADERS ONLY) """ user = request.user data = request.DATA try: identity = Identity.objects.get(id=identity_id) group_name = data['group'] group = Group.objects.get(name=group_name) prov_member = identity.provider.share(group) id_member = identity.share(group) except ObjectDoesNotExist as odne: return failure_response( status.HTTP_404_NOT_FOUND, '%s does not exist.' % odne.message.split()[0]) if not identity.can_share(user): logger.error("User %s cannot share identity %s. " + "This incident will be reported") return failure_response( status.HTTP_401_UNAUTHORIZED, "User %s cannot remove sharing from identity %s. " + "This incident will be reported" % (user, identity_id)) serializer = IdentitySerializer(id_member.identity) serialized_data = serializer.data return Response(serialized_data)
def get(self, request, username): """ Create a new token in the database on behalf of 'username' Returns success 201 Created - Body is JSON and contains """ params = request.DATA user = request.user if user.username is not 'admin' and not user.is_superuser: logger.error("URGENT! User: %s is attempting to emulate a user!" % user.username) return Response('Only admin and superusers can emulate accounts. ' 'This offense has been reported', status=status.HTTP_401_UNAUTHORIZED) if not AtmosphereUser.objects.filter(username=username): return Response("Username %s does not exist as an AtmosphereUser" % username, status=status.HTTP_404_NOT_FOUND) #User is authenticated, username exists. Make a token for them. token = createAuthToken(username) expireTime = token.issuedTime + secrets.TOKEN_EXPIRY_TIME auth_json = { #Extra data passed only on emulation.. 'emulated_by': request.user.username, #Normal token data.. 'token': token.key, 'username': token.user.username, 'expires': expireTime.strftime("%b %d, %Y %H:%M:%S") } return Response(auth_json, status=status.HTTP_201_CREATED)
def get_default_provider(username): """ Return default provider given """ try: from core.models.group import get_user_group group = get_user_group(username) provider = group.providers.filter( Q(end_date=None) | Q(end_date__gt=timezone.now()), active=True, type__name="OpenStack") if provider: provider = provider[0] else: logger.error("get_default_provider could not find " "a valid Provider") return None logger.debug( "default provider is %s " % provider) return provider except IndexError: logger.info("No provider found for %s" % username) return None except Exception, e: logger.exception(e) return None
def validate_input(self, user, data): error_map = {} name = data.get('name') identity_uuid = data.get('identity') source_alias = data.get('source_alias') size_alias = data.get('size_alias') if not name: error_map['name'] = "This field is required." if not identity_uuid: error_map['identity'] = "This field is required." if not source_alias: error_map['source_alias'] = "This field is required." if not size_alias: error_map['size_alias'] = "This field is required." if error_map: raise Exception(error_map) try: identity = Identity.objects.get(uuid=identity_uuid) # Staff or owner ONLY if not user.is_staff and identity.created_by != user: logger.error("User %s does not have permission to use identity %s" % (user, identity)) raise Identity.DoesNotExist("You are not the owner") except Identity.DoesNotExist: error_map["identity"] = "The uuid (%s) is invalid." % identity_uuid raise Exception(error_map) return
def deploy_init_to(driverCls, provider, identity, instance_id, username=None, password=None, redeploy=False, *args, **kwargs): try: logger.debug("deploy_init_to task started at %s." % datetime.now()) driver = get_driver(driverCls, provider, identity) instance = driver.get_instance(instance_id) if not instance: logger.debug("Instance has been teminated: %s." % instance_id) return image_metadata = driver._connection\ .ex_get_image_metadata(instance.machine) deploy_chain = get_deploy_chain(driverCls, provider, identity, instance, password, redeploy) logger.debug("Starting deploy chain for: %s." % instance_id) deploy_chain.apply_async() #Can be really useful when testing. #if kwargs.get('delay'): # async.get() logger.debug("deploy_init_to task finished at %s." % datetime.now()) except SystemExit: logger.exception("System Exits are BAD! Find this and get rid of it!") raise Exception("System Exit called") except NonZeroDeploymentException as non_zero: logger.error(str(non_zero)) logger.error(non_zero.__dict__) raise except Exception as exc: logger.warn(exc) deploy_init_to.retry(exc=exc)
def lookupEmail(userid): """ Grabs email for the user based on LDAP attrs """ try: logger.debug(type(userid)) if isinstance(userid, WSGIRequest): raise Exception("WSGIRequest invalid.") attr = _search_ldap(userid) emailaddr = attr[0][1]["mail"][0] return emailaddr except Exception as e: logger.warn("Error occurred looking up email for user: %s" % userid) logger.exception(e) import traceback import sys import inspect s = inspect.stack() for i in range(0, 4): logger.debug(s[i]) etype, value, tb = sys.exc_info() logger.error("TB = %s" % traceback.format_tb(tb)) return None
def mount_failed(task_uuid, driverCls, provider, identity, volume_id, unmount=False, **celery_task_args): try: logger.debug("mount_failed task started at %s." % datetime.now()) logger.info("task_uuid=%s" % task_uuid) result = app.AsyncResult(task_uuid) with allow_join_result(): exc = result.get(propagate=False) err_str = "Mount Error Traceback:%s" % (result.traceback, ) logger.error(err_str) driver = get_driver(driverCls, provider, identity) volume = driver.get_volume(volume_id) if unmount: tmp_status = 'umount_error' else: tmp_status = 'mount_error' return volume_service.update_volume_metadata( driver, volume, metadata={'tmp_status': tmp_status}) logger.debug("mount_failed task finished at %s." % datetime.now()) except Exception as exc: logger.warn(exc) mount_failed.retry(exc=exc)
def get(self, request, username): """ Create a new token in the database on behalf of 'username' Returns success 201 Created - Body is JSON and contains """ params = request.data user = request.user if not username: return Response("Username was not provided", status=status.HTTP_400_BAD_REQUEST) if user.username is not 'admin' and not user.is_superuser: logger.error("URGENT! User: %s is attempting to emulate a user!" % user.username) return Response( "Only admin and superusers can emulate accounts. " "This offense has been reported", status=status.HTTP_401_UNAUTHORIZED) if not AtmosphereUser.objects.filter(username=username): return Response("Username %s does not exist as an AtmosphereUser" % username, status=status.HTTP_404_NOT_FOUND) # User is authenticated, username exists. Make a token for them. token = create_token(username, issuer="DRF-EmulatedUser") expireTime = token.issuedTime + secrets.TOKEN_EXPIRY_TIME auth_json = { # Extra data passed only on emulation.. "emulator": request.user.username, # Normal token data.. "token": token.key, "username": token.user.username, "expires": expireTime.strftime("%b %d, %Y %H:%M:%S") } return Response(auth_json, status=status.HTTP_201_CREATED)
def get_default_identity(username, provider=None): """ Return the default identity given to the user-group for provider. """ try: from core.models.group import get_user_group group = get_user_group(username) identities = group.identities.all() if provider: if provider.is_active(): identities = identities.filter(provider=provider) return identities[0] else: logger.error("Provider provided for " "get_default_identity is inactive.") raise ("Provider provided for get_default_identity " "is inactive.") else: default_provider = get_default_provider(username) default_identity = group.identities.filter( provider=default_provider)[0] logger.debug("default_identity set to %s " % default_identity) return default_identity except Exception, e: logger.exception(e) return None
def build_host_name(ip): """ Build host name from the configuration in settings See: * INSTANCE_HOSTNAMING_FORMAT * INSTANCE_HOSTNAMING_DOMAIN (Required if you use `%(domain)s`) """ # NOTE: This is a hack until we address 'provider specific' hostnaming if "114.5" in ip: return raw_hostname(ip) if not hasattr(settings, "INSTANCE_HOSTNAMING_FORMAT"): return raw_hostname(ip) if all((str_val not in settings.INSTANCE_HOSTNAMING_FORMAT) for str_val in ["one", "two", "three", "four"]): logger.error( "Invalid INSTANCE_HOSTNAMING_FORMAT: Expected string containing " "at least one of the IP octets. " "(ex:'vm%(three)s-%(four)s.%(domain)s')" ) # IP --> octet_tuple (127,0,0,1) hostnaming_format_map = create_hostnaming_map(ip) try: return settings.INSTANCE_HOSTNAMING_FORMAT % hostnaming_format_map except (KeyError, TypeError) as exc: logger.error("Invalid INSTANCE_HOSTNAMING_FORMAT: %s" % exc)
def delete_subnet(self, neutron, subnet_name): subnet_id = self.get_subnet_id(neutron, subnet_name) if subnet_id: try: return neutron.delete_subnet(subnet_id) except: logger.error("Problem deleting subnet: %s" % subnet_id) raise
def delete_network(self, neutron, network_name): network_id = self.get_network_id(neutron, network_name) if network_id: try: return neutron.delete_network(network_id) except: logger.error("Problem deleting network: %s" % network_id) raise
def delete_router(self, neutron, router_name): router_id = self.get_router_id(neutron, router_name) if router_id: try: return neutron.delete_router(router_id) except: logger.error("Problem deleting router: %s" % router_id) raise
def get_project(self, project_id): filtered_list = [ p for p in self.get_all_projects() if str(p['id']) == str(project_id)] if len(filtered_list) > 1: logger.error(">1 value found for project %s" % project_id) if filtered_list: return filtered_list[0] return None
def get_config(self, section, config_key, default_value=None, raise_exc=True): try: value = self.cloud_config[section][config_key] except (KeyError, TypeError): logger.error("Cloud config ['%s']['%s'] is missing -- using default value (%s)" % (section, config_key, default_value)) if not default_value and raise_exc: raise Exception("Cloud config ['%s']['%s'] is missing -- no default value provided" % (section, config_key)) value = default_value return value
def get_allocation(self, allocation_name): filtered_list = [ a for a in self.get_all_allocations() if str(a['project']) == str(allocation_name)] if len(filtered_list) > 1: logger.error(">1 value found for allocation %s" % allocation_name) if filtered_list: return filtered_list[0] return None
def get_allocation(self, allocation_name): filtered_list = [ a for a in self.get_all_allocations() if str(a['project']) == str(allocation_name) ] if len(filtered_list) > 1: logger.error(">1 value found for allocation %s" % allocation_name) if filtered_list: return filtered_list[0] return None
def get_project(self, project_id): filtered_list = [ p for p in self.get_all_projects() if str(p['id']) == str(project_id) ] if len(filtered_list) > 1: logger.error(">1 value found for project %s" % project_id) if filtered_list: return filtered_list[0] return None
def find_allocations_for(self, tacc_username): api_projects = self.find_projects_for(tacc_username) allocations = [] for api_project in api_projects: api_allocation = select_valid_allocation(api_project['allocations']) if not api_allocation: logger.error("API shows no valid allocation exists for project %s" % api_project) continue allocations.append(api_allocation) return allocations
def export_request_error(task_uuid, export_request_id): logger.info("export_request_id=%s" % export_request_id) logger.info("task_uuid=%s" % task_uuid) result = app.AsyncResult(task_uuid) with allow_join_result(): exc = result.get(propagate=False) err_str = "ERROR - %r Exception:%r" % (result.result, result.traceback,) logger.error(err_str) export_request = ExportRequest.objects.get(id=export_request_id) export_request.status = err_str export_request.save()
def get_application(identifier, app_uuid=None): if not app_uuid: app_uuid = uuid5(settings.ATMOSPHERE_NAMESPACE_UUID, str(identifier)) app_uuid = str(app_uuid) try: app = Application.objects.get(uuid=app_uuid) return app except Application.DoesNotExist: return None except Exception, e: logger.error(e) logger.error(type(e))
def find_allocations_for(self, tacc_username): api_projects = self.find_projects_for(tacc_username) allocations = [] for api_project in api_projects: api_allocation = select_valid_allocation(api_project['allocations']) if not api_allocation: logger.error( "API shows no valid allocation exists for project %s" % api_project ) continue allocations.append(api_allocation) return allocations
def machine_request_error(task_uuid, machine_request_id): logger.info("machine_request_id=%s" % machine_request_id) logger.info("task_uuid=%s" % task_uuid) result = app.AsyncResult(task_uuid) with allow_join_result(): exc = result.get(propagate=False) err_str = "ERROR - %r Exception:%r" % (result.result, result.traceback) logger.error(err_str) send_image_request_failed_email(machine_request, err_str) machine_request = MachineRequest.objects.get(id=machine_request_id) machine_request.status = err_str machine_request.save()
def machine_request_error(task_uuid, machine_request_id): logger.info("machine_request_id=%s" % machine_request_id) logger.info("task_uuid=%s" % task_uuid) result = app.AsyncResult(task_uuid) exc = result.get(propagate=False) err_str = "ERROR - Exception:%r" % (result.traceback,) logger.error(err_str) max_len = MachineRequest._meta.get_field("status").max_length if len(err_str) > max_len: err_str = err_str[: max_len - 3] + "..." machine_request = MachineRequest.objects.get(id=machine_request_id) machine_request.status = err_str machine_request.save()
def _multi_create( self, user, identity_uuid, size_alias, source_alias, name, deploy, allocation_source, project, boot_scripts, extra ): """ 1. Launch multiple instances 2. Serialize the launched instances 3. Return a list of serialized instances """ core_instances = launch_instance( user, identity_uuid, size_alias, source_alias, name, deploy, allocation_source=allocation_source, **extra ) serialized_data = [] # Serialize all instances launched for core_instance in core_instances: # Faking a 'partial update of nothing' to allow call to 'is_valid' serialized_instance = InstanceSerializer( core_instance, context={'request': self.request}, data={}, partial=True ) if not serialized_instance.is_valid(): logger.error( "multi-instance-launch, serialized instance is invalid, {}". format(serialized_instance) ) instance = serialized_instance.save() instance.project = project instance.save() if boot_scripts: _save_scripts_to_instance(instance, boot_scripts) instance.change_allocation_source(allocation_source) # append to result serialized_data.append(serialized_instance.data) # return a list of instances in the response return Response(serialized_data, status=status.HTTP_201_CREATED)
def export_request_error(task_uuid, export_request_id): logger.info("export_request_id=%s" % export_request_id) logger.info("task_uuid=%s" % task_uuid) result = app.AsyncResult(task_uuid) with allow_join_result(): exc = result.get(propagate=False) err_str = "ERROR - %r Exception:%r" % ( result.result, result.traceback, ) logger.error(err_str) export_request = ExportRequest.objects.get(id=export_request_id) export_request.status = err_str export_request.save()
def machine_request_error(task_uuid, machine_request_id): logger.info("machine_request_id=%s" % machine_request_id) logger.info("task_uuid=%s" % task_uuid) result = app.AsyncResult(task_uuid) with allow_join_result(): exc = result.get(propagate=False) err_str = "ERROR - %r Exception:%r" % ( result.result, result.traceback, ) logger.error(err_str) machine_request = MachineRequest.objects.get(id=machine_request_id) machine_request.status = err_str machine_request.save()
def is_expired(self, user): ldap_user = lookupUser(user.username) if not ldap_user: logger.warn("Cannot contact LDAP -- Assume user is expired?") return True expiry_dict = ldap_user.get('expiry') if not expiry_dict: logger.error("LDAP password expiration map is missing --" " check django_cyverse_auth: %s" % ldap_user) return True expiry_date = expiry_dict.get('expires_on') if not expiry_date: logger.error("LDAP password expiration date is missing -- " "check django_cyverse_auth: %s" % ldap_user) return True _is_expired = expiry_date.replace(tzinfo=pytz.UTC) < timezone.now() return _is_expired
def updateUserProxy(user, pgtIou, max_try=3): attempts = 0 while attempts < max_try: try: # If PGTIOU exists, a UserProxy object was created # match the user to this ticket. userProxy = UserProxy.objects.get(proxyIOU=pgtIou) userProxy.username = user userProxy.expiresOn = timezone.now() + PROXY_TICKET_EXPIRY logger.debug("Found a matching proxy IOU for %s" % userProxy.username) userProxy.save() return True except UserProxy.DoesNotExist: logger.error("Could not find UserProxy object!" "ProxyIOU & ID was not saved " "at proxy url endpoint.") time.sleep(min(2 ** attempts, 8)) attempts += 1 return False
def get_euca_node_info(self, euca_managerCls, euca_creds): node_dict = {'hostname': '', 'port': '', 'private_key': ''} instance_id = self.instance.provider_alias # Prepare and use the manager euca_manager = euca_managerCls(**euca_creds) node_ip = euca_manager.get_instance_node(instance_id) # Find the matching node try: core_node = NodeController.objects.get(alias=node_ip) node_dict['hostname'] = core_node.hostname node_dict['port'] = core_node.port node_dict['private_key'] = core_node.private_ssh_key except NodeController.DoesNotExist: logger.error("Must create a nodecontroller for IP: %s" % node_ip) # Return a dict containing information on how to SCP to the node return node_dict
def create_new_accounts(username, selected_provider=None): user = AtmosphereUser.objects.get(username=username) if not user.is_valid(): raise InvalidUser("The account %s is not yet valid." % username) providers = get_available_providers() identities = [] if not providers: logger.error("No currently active providers") return identities if selected_provider and selected_provider not in providers: logger.error("The provider %s is NOT in the list of currently active providers. Account will not be created" % selected_provider) return identities for provider in providers: new_identity = create_new_account_for(provider, user) if new_identity: identities.append(new_identity) return identities
def deploy_failed(task_uuid, driverCls, provider, identity, instance_id, **celery_task_args): from core.models.instance import Instance from core.email import send_deploy_failed_email try: logger.debug("deploy_failed task started at %s." % datetime.now()) logger.info("task_uuid=%s" % task_uuid) result = app.AsyncResult(task_uuid) with allow_join_result(): exc = result.get(propagate=False) err_str = "DEPLOYERROR::%s" % (result.traceback,) logger.error(err_str) driver = get_driver(driverCls, provider, identity) instance = driver.get_instance(instance_id) update_instance_metadata(driver, instance, data={"tmp_status": "deploy_error"}, replace=False) logger.debug("deploy_failed task finished at %s." % datetime.now()) except Exception as exc: logger.warn(exc) deploy_failed.retry(exc=exc)
def validate_input(self, user, data): error_map = {} name = data.get('name') identity_uuid = data.get('identity') source_alias = data.get('source_alias') size_alias = data.get('size_alias') allocation_source_id = data.get('allocation_source_id') project_uuid = data.get('project') if not name: error_map['name'] = "This field is required." if not project_uuid: error_map['project'] = "This field is required." try: user.all_projects().filter(uuid=project_uuid) except ValueError: error_map['project' ] = "Properly formed hexadecimal UUID string required." if not identity_uuid: error_map['identity'] = "This field is required." if not source_alias: error_map['source_alias'] = "This field is required." if not size_alias: error_map['size_alias'] = "This field is required." if not allocation_source_id: error_map['allocation_source_id'] = "This field is required." if error_map: raise Exception(error_map) try: identity = Identity.objects.get(uuid=identity_uuid) # Staff or owner ONLY if not user.is_staff and identity.created_by != user: logger.error( "User %s does not have permission to use identity %s" % (user, identity) ) raise Identity.DoesNotExist("You are not the owner") except Identity.DoesNotExist: error_map["identity"] = "The uuid (%s) is invalid." % identity_uuid raise Exception(error_map) return
def _get_providers(username, selected_provider=None): from core.models import Provider user = AtmosphereUser.objects.get(username=username) public_providers = Provider.objects.filter(only_current(), active=True, public=True) providers = user.current_providers.filter(only_current(), active=True) if not providers: providers = public_providers else: providers |= public_providers if selected_provider and providers and selected_provider not in providers: logger.error( "The provider %s is NOT in the list of currently active providers. Account will not be created" % selected_provider) return (user, providers.none()) return (user, providers)