def create_project(): data = parse_request_data(_SCHEMA.allowed, _SCHEMA.create_required) # first, check network networks = g.client_set.compute.networks network_id = data['network'] try: net = networks.get(data['network']) except osc_exc.NotFound: raise exc.InvalidElementValue('network', 'link object', network_id, 'Network does not exist.') if net.project_id is not None: raise exc.InvalidElementValue('network', 'link object', network_id, 'Network is already used.') tenant = g.client_set.identity_admin.tenants.create( data['name'], data.get('description', '')) set_audit_resource_id(tenant) try: networks.associate(net.id, tenant.id) except osc_exc.BadRequest: tenant.delete() raise exc.InvalidRequest('Failed to associate network %r ' 'with created project' % data['network']) _set_quota(tenant.id, data) result = _project_to_view(tenant, networks.get(net.id), _quotaset_for_project(tenant.id)) return make_json_response(result)
def create_fw_rule(fw_rule_set_id): data = parse_request_data(_SCHEMA.allowed, _SCHEMA.required) protocol = data['protocol'] if protocol not in ('TCP', 'UDP', 'ICMP'): raise exc.InvalidElementValue( 'protocol', 'string', protocol, 'Protocol must be one of ' '"TCP", "UDP" or "ICMP"') sg = _get_security_group(fw_rule_set_id) from_port = data.get('port-range-first', -1) to_port = data.get('port-range-last', from_port) client = auth.client_set_for_tenant(sg.tenant_id, fallback_to_api=g.is_admin, eperm_status=404) try: rule = client.compute.security_group_rules.create( parent_group_id=fw_rule_set_id, ip_protocol=protocol.lower(), from_port=from_port, to_port=to_port, cidr=data['source']) except osc_exc.NotFound: abort(404) set_audit_resource_id(rule) return make_json_response(_fw_rule_object_to_view(rule))
def _get_user(user_id): try: return g.client_set.identity_admin.users.get(user_id) except osc_exc.NotFound: raise exc.InvalidElementValue( 'id', 'link object', user_id, 'User with id %r does not exist' % user_id)
def _render_link_template(template, code): link = template.replace('{{code}}', code) if '{{' in link or '{%' in link: # any other template construction are not allowed raise exc.InvalidElementValue('link-template', 'string', template, 'Unsupported template construction') return link
def _add_user_to_projects(user, projects): if not projects: return auth.assert_admin() role_id = member_role_id() for project in projects: try: g.client_set.identity_admin.roles.add_user_role(user=user, role=role_id, tenant=project) except osc_exc.NotFound: raise exc.InvalidElementValue('projects', 'link object', project, 'Project does not exist')
def add_instance_fw_rule_set(instance_id): server = fetch_instance(instance_id) set_id = parse_request_data(required=_SCHEMA.required)['id'] set_audit_resource_id(set_id) try: sg = admin_client_set().compute.security_groups.get(set_id) except osc_exc.NotFound: raise exc.InvalidElementValue('id', 'string', set_id, 'Security group does not exist') tcs = client_set_for_tenant(server.tenant_id, fallback_to_api=g.is_admin) try: tcs.compute.servers.add_security_group(server, sg.name) except osc_exc.BadRequest, e: raise exc.InvalidRequest(str(e))
def _illegal_element(self, value, reason=None): raise exc.InvalidElementValue(self.name, self.typename, value, reason)