def invalid_request(message):
"""
Invalid Request.
@raise Ec2stackError: Defining a bad request and message.
"""
raise Ec2stackError('400', 'InvalidRequest', message)
def _valid_signature_method():
signature_method = get('SignatureMethod')
if signature_method not in ['HmacSHA1', 'HmacSHA256']:
raise Ec2stackError(
'400', 'InvalidParameterValue',
'Value (%s) for parameter SignatureMethod is invalid. '
'Unknown signature method.' % signature_method)
def remove_secret_key():
"""
Remove a user's API key and secret key
@return: Response.
@raise Ec2stackError: API key doesn't exist.
"""
require_parameters({'AWSAccessKeyId', 'AWSSecretKey'})
accesskey = get('AWSAccessKeyId')
secretkey = get('AWSSecretKey')
found_user = USERS.get(accesskey)
if found_user is not None and found_user.secretkey == secretkey:
USERS.delete(found_user)
return {
'template_name_or_list': 'secretkey.xml',
'response_type': 'RemoveSecretKeyResponse',
'AWSAccessKeyId': get('AWSAccessKeyId'),
'AWSSecretKey': get('AWSSecretKey'),
'Message': 'Successfully removed!'
}
else:
raise Ec2stackError(
'400', 'NoSuchUser',
'The no matching AWSAccessKeyId and AWSSecretKey was not found')
def _valid_signature_version():
signature_version = get('SignatureVersion')
if signature_version != '2':
raise Ec2stackError(
'400', 'InvalidParameterValue',
'Value (%s) for parameter SignatureVersion is invalid.'
'Valid Signature versions are 2.' % signature_version)
def _authenticate_security_group_response(response, rule_type):
"""
Generate a response for authenticate security group request.
@param response: Cloudstack response.
@param rule_type: The type of rule to add.
@raise Ec2stackError: If authorize security group fails.
@return: Response
"""
if 'errortext' in response:
if 'Failed to authorize security group' in response['errortext']:
cidrlist = str(helpers.get('CidrIp'))
protocol = str(helpers.get('IpProtocol'))
from_port = str(helpers.get('FromPort'))
to_port = str(helpers.get('toPort'))
raise Ec2stackError(
'400', 'InvalidPermission.Duplicate',
'the specified rule "peer: ' + cidrlist + ', ' + protocol +
', from port: ' + from_port + ', to port: ' + to_port +
', ALLOW" already exists')
elif 'Unable to find security group' in response['errortext']:
errors.invalid_security_group()
else:
errors.invalid_request(response['errortext'])
else:
if rule_type == 'ingress':
rule_type = 'AuthorizeSecurityGroupIngressResponse'
elif rule_type == 'egress':
rule_type = 'AuthorizeSecurityGroupEgressResponse'
return {
'template_name_or_list': 'status.xml',
'response_type': rule_type,
'return': 'true'
}
def _get_action(action):
"""
Finds the associated function for each action.
@param action: Action to be looked up.
@return: Function associated with specified action.
@raise Ec2stackError: Action is not found.
"""
actions = {
'AttachVolume': volumes.attach_volume,
'AuthorizeSecurityGroupEgress':
security_groups.authenticate_security_group_egress,
'AuthorizeSecurityGroupIngress':
security_groups.authenticate_security_group_ingress,
'CreateKeyPair': keypairs.create_keypair,
'CreateSecurityGroup': security_groups.create_security_group,
'CreateSnapshot': snapshots.create_snapshot,
'CreateTags': tags.create_tags,
'CreateVolume': volumes.create_volume,
'CreateVpc': vpcs.create_vpc,
'DeleteKeyPair': keypairs.delete_keypair,
'DeleteSecurityGroup': security_groups.delete_security_group,
'DeleteSnapshot': snapshots.delete_snapshot,
'DeleteTags': tags.delete_tags,
'DeleteVolume': volumes.delete_volume,
'DeleteVpc': vpcs.delete_vpc,
'DescribeAvailabilityZones': zones.describe_zones,
'DescribeImageAttribute': images.describe_image_attribute,
'DescribeImages': images.describe_images,
'DescribeInstanceAttribute': instances.describe_instance_attribute,
'DescribeInstances': instances.describe_instances,
'DescribeKeyPairs': keypairs.describe_keypairs,
'DescribeSecurityGroups': security_groups.describe_security_groups,
'DescribeSnapshots': snapshots.describe_snapshots,
'DescribeTags': tags.describe_tags,
'DescribeVolumes': volumes.describe_volumes,
'DescribeVpcs': vpcs.describe_vpcs,
'DetachVolume': volumes.detach_volume,
'GetPasswordData': passwords.get_password_data,
'ImportKeyPair': keypairs.import_keypair,
'RebootInstances': instances.reboot_instance,
'RegisterSecretKey': register_secret_key,
'RemoveSecretKey': remove_secret_key,
'RevokeSecurityGroupEgress':
security_groups.revoke_security_group_egress,
'RevokeSecurityGroupIngress':
security_groups.revoke_security_group_ingress,
'RunInstances': instances.run_instance,
'StartInstances': instances.start_instance,
'StopInstances': instances.stop_instance,
'TerminateInstances': instances.terminate_instance,
}
if action in actions:
return actions[action]
else:
raise Ec2stackError(
'400', 'InvalidAction',
'The action %s is not valid for this web service' % action)
def invalid_snapshot_id():
"""
Invalid snapshot Id.
@raise Ec2stackError: Defining a bad request and message.
"""
raise Ec2stackError('400', 'InvalidSnapshot.NotFound',
'The specified Snapshot Id does not exist.')
def invalid_parameter_value(message):
"""
Invalid Paramater Value.
@param message: Error message to use.
@raise Ec2stackError: Defining a bad request and message.
"""
raise Ec2stackError('400', 'InvalidParameterValue', message)
def invalid_disk_offering_name():
"""
Invalid disk offering id.
@raise Ec2stackError: Defining a bad request and message.
"""
raise Ec2stackError('400', 'InvalidDiskOffering.NotFound',
'The specified Disk offering does not exist.')
def invalid_volume_id():
"""
Invalid volume Id.
@raise Ec2stackError: Defining a bad request and message.
"""
raise Ec2stackError('400', 'InvalidVolume.NotFound',
'The specified Volume Id does not exist.')
def invalid_vpc_id():
"""
VPC with this ID does not exist.
@raise Ec2stackError: Defining a bad request and message.
"""
raise Ec2stackError('400', 'InvalidVpcID.NotFound',
'The specified VPC does not exist.')
def invalid_vpc_range():
"""
Invalid cidr block.
@raise Ec2stackError: Defining a bad request and message.
"""
raise Ec2stackError('400', 'InvalidVpcRange',
'The specified CIDR block range is not valid.')
def duplicate_keypair_name():
"""
Duplicate key pair name.
@raise Ec2stackError: Defining a bad request and message.
"""
raise Ec2stackError('400', 'InvalidKeyPair.Duplicate',
'The keypair already exists.')
def invalid_keypair_name():
"""
Invalid key pair name.
@raise Ec2stackError: Defining a bad request and message.
"""
raise Ec2stackError('400', 'InvalidKeyPair.NotFound',
'The specified KeyPair does not exist')
def invalid_service_offering_name():
"""
Invalid Service Offering name.
@raise Ec2stackError: Defining a bad request and message.
"""
raise Ec2stackError('400', 'InvalidServiceOffering.NotFound',
'The specified Service offering does not exist.')
def invalid_zone():
"""
Invalid Zone.
@raise Ec2stackError: Defining a bad request and message.
"""
raise Ec2stackError('400', 'InvalidZone.NotFound',
'The specified Availability Zone does not exist.')
def duplicate_security_group():
"""
Duplicate Security Group.
@raise Ec2stackError: Defining a bad request and message.
"""
raise Ec2stackError('400', 'InvalidGroup.Duplicate',
'The security group already exists.')
def invalid_volume_detached():
"""
Invalid volume, volume is already detached.
@raise Ec2stackError: Defining a bad request and message.
"""
raise Ec2stackError('400', 'InvalidVolume.Detached',
'The specified Volume isn\'t attached.')
def invalid_security_group():
"""
Invalid Security Group.
@raise Ec2stackError: Defining a bad request and message.
"""
raise Ec2stackError('400', 'InvalidGroup.NotFound',
'The specified security group does not exist.')
def invalid_image_id():
"""
Invalid Image Id Error.
@raise Ec2stackError: Defining a bad request and message.
"""
raise Ec2stackError('400', 'InvalidAMIID.NotFound',
'The specified AMI Id does not exist.')
def _valid_signature():
signature = get('Signature')
generated_signature = generate_signature()
if signature != generated_signature:
raise Ec2stackError(
'401', 'AuthFailure',
'AWS was not able to validate the provided access credentials.')
def invalid_permission():
"""
Invalid Permission.
@raise Ec2stackError: Defining a bad request and message.
"""
raise Ec2stackError(
'400', 'InvalidPermission.NotFound',
'The specified permission does not exist in specified security group')
def invalid_resource_id():
"""
Resource with this ID does not exist.
@raise Ec2stackError: Defining a bad request and message.
"""
raise Ec2stackError(
'400', 'InvalidID',
'The specified ID for the resource you are trying to tag is not valid.'
)
def missing_parameter(parameter):
"""
Missing Parameter.
@param parameter: Parameter that is missing.
@raise Ec2stackError: Defining a bad request and message.
"""
raise Ec2stackError(
'400', 'MissingParameter',
'The request must contain the parameter %s' % parameter)
def get_secretkey(data=None):
if data is None:
data = request.form
apikey = get('AWSAccessKeyId', data)
user = USERS.get(apikey)
if user is None:
raise Ec2stackError(
'401', 'AuthFailure',
'Unable to find a secret key for %s, please insure you registered'
% apikey)
return user.secretkey.encode('utf-8')
def _get_password_data_format_response(response):
instanceid = helpers.get('InstanceId')
if 'errortext' in response:
raise Ec2stackError(
'400',
'InvalidInstanceID.NotFound',
'The instance ID \'%s\' does not exist.' % instanceid
)
else:
response = response['password']
return {
'template_name_or_list': 'password.xml',
'response_type': 'GetPasswordDataResponse',
'response': response
}
def register_secret_key():
require_parameters({'AWSAccessKeyId', 'AWSSecretKey'})
found_user = USERS.get(get('AWSAccessKeyId'))
if found_user is None:
USERS.create(apikey=get('AWSAccessKeyId'),
secretkey=get('AWSSecretKey'))
return {
'template_name_or_list': 'secretkey.xml',
'response_type': 'RegisterSecretKeyResponse',
'AWSAccessKeyId': get('AWSAccessKeyId'),
'AWSSecretKey': get('AWSSecretKey'),
'Message': 'Successfully Registered!'
}
else:
raise Ec2stackError('400', 'DuplicateUser',
'The given AWSAccessKeyId is already registered')
def _get_action(action):
actions = {
'AttachVolume': volumes.attach_volume,
'AuthorizeSecurityGroupEgress':
security_groups.authenticate_security_group_egress,
'AuthorizeSecurityGroupIngress':
security_groups.authenticate_security_group_ingress,
'CreateKeyPair': keypairs.create_keypair,
'CreateSecurityGroup': security_groups.create_security_group,
'CreateVolume': volumes.create_volume,
'DeleteKeyPair': keypairs.delete_keypair,
'DeleteSecurityGroup': security_groups.delete_security_group,
'DeleteVolume': volumes.delete_volume,
'DescribeAvailabilityZones': zones.describe_zones,
'DescribeImageAttribute': images.describe_image_attribute,
'DescribeImages': images.describe_images,
'DescribeInstanceAttribute': instances.describe_instance_attribute,
'DescribeInstances': instances.describe_instances,
'DescribeKeyPairs': keypairs.describe_keypairs,
'DescribeSecurityGroups': security_groups.describe_security_groups,
'DescribeVolumes': volumes.describe_volumes,
'DetachVolume': volumes.detach_volume,
'GetPasswordData': passwords.get_password_data,
'ImportKeyPair': keypairs.import_keypair,
'RebootInstances': instances.reboot_instance,
'RegisterSecretKey': register_secret_key,
'RemoveSecretKey': remove_secret_key,
'RevokeSecurityGroupEgress':
security_groups.revoke_security_group_egress,
'RevokeSecurityGroupIngress':
security_groups.revoke_security_group_ingress,
'RunInstances': instances.run_instance,
'StartInstances': instances.start_instance,
'StopInstances': instances.stop_instance,
'TerminateInstances': instances.terminate_instance,
}
if action in actions:
return actions[action]
else:
raise Ec2stackError(
'400', 'InvalidAction',
'The action %s is not valid for this web service' % action)
def invalid_paramater_value(message):
raise Ec2stackError('400', 'InvalidParameterValue', message)
def missing_paramater(parameter):
raise Ec2stackError(
'400', 'MissingParameter',
'The request must contain the parameter %s' % parameter)
