def _tenant_access_set(name,
datastore,
allow_create=None,
volume_maxsize_in_MB=None,
volume_totalsize_in_MB=None):
""" API to modify datastore access for a tenant """
logging.debug(
"_tenant_access_set: name=%s datastore=%s, allow_create=%s "
"volume_maxsize(MB)=%s volume_totalsize(MB)=%s", name, datastore,
allow_create, volume_maxsize_in_MB, volume_totalsize_in_MB)
error_info, tenant = get_tenant_from_db(name)
if error_info:
return error_info
if not tenant:
error_info = generate_error_info(ErrorCode.TENANT_NOT_EXIST, name)
return error_info
error_info = check_datastore(datastore)
if error_info:
return error_info
error_info = check_usage_quota(datastore, volume_totalsize_in_MB)
if error_info:
return error_info
datastore_url = vmdk_utils.get_datastore_url(datastore)
error_info, existing_privileges = _tenant_access_ls(name)
if error_info:
return error_info
if not privilege_exist(existing_privileges, datastore_url):
error_info = generate_error_info(ErrorCode.PRIVILEGE_NOT_FOUND, name,
datastore)
return error_info
logging.debug("_tenant_access_set: datastore_url=%s", datastore_url)
privileges = [
d for d in tenant.privileges if d.datastore_url == datastore_url
]
if not privileges:
err_code = ErrorCode.PRIVILEGE_NOT_FOUND
err_msg = error_code_to_message[err_code].format(name, datastore)
error_info = ErrorInfo(err_code, err_msg)
return error_info
if allow_create is not None:
allow_create_val, valid = validate_string_to_bool(allow_create)
if not valid:
err_code = ErrorCode.PRIVILEGE_INVALID_ALLOW_CREATE_VALUE
err_msg = error_code_to_message[err_code].format(allow_create)
logging.error(err_msg)
return ErrorInfo(err_code, err_msg)
allow_create = allow_create_val
privileges_dict = generate_privileges_dict(privileges[0])
logging.debug("_tenant_access_set: originial privileges_dict=%s",
privileges_dict)
privileges_dict = modify_privileges(
privileges=privileges_dict,
allow_create=allow_create,
volume_maxsize_in_MB=volume_maxsize_in_MB,
volume_totalsize_in_MB=volume_totalsize_in_MB)
logging.debug("_tenant_access_set: modified privileges_dict=%s",
privileges_dict)
error_info = check_privilege_parameters(privilege=privileges_dict)
if error_info:
return error_info
error_info, auth_mgr = get_auth_mgr_object()
if error_info:
return error_info
error_msg = tenant.set_datastore_access_privileges(auth_mgr.conn,
[privileges_dict])
if error_msg:
error_info = generate_error_info(ErrorCode.INTERNAL_ERROR, error_msg)
return error_info
def _tenant_access_add(name,
datastore,
allow_create=None,
volume_maxsize_in_MB=None,
volume_totalsize_in_MB=None):
""" API to add datastore access for a tenant """
logging.debug(
"_tenant_access_add: name=%s datastore=%s, allow_create=%s "
"volume_maxsize(MB)=%s volume_totalsize(MB)=%s", name, datastore,
allow_create, volume_maxsize_in_MB, volume_totalsize_in_MB)
error_info, tenant = get_tenant_from_db(name)
if error_info:
return error_info
if not tenant:
error_info = generate_error_info(ErrorCode.TENANT_NOT_EXIST, name)
return error_info
error_info = check_datastore(datastore)
if error_info:
return error_info
error_info = check_usage_quota(datastore, volume_totalsize_in_MB)
if error_info:
return error_info
datastore_url = vmdk_utils.get_datastore_url(datastore)
error_info, existing_privileges = _tenant_access_ls(name)
if error_info:
return error_info
if privilege_exist(existing_privileges, datastore_url):
error_info = generate_error_info(ErrorCode.PRIVILEGE_ALREADY_EXIST,
name, datastore)
return error_info
# Possible value:
# None - no change required
# True/False (boolean or string) - change to corresponding True/False
if allow_create is not None:
# validate to boolean value if it is a string
allow_create_val, valid = validate_string_to_bool(allow_create)
if not valid:
err_code = ErrorCode.PRIVILEGE_INVALID_ALLOW_CREATE_VALUE
err_msg = error_code_to_message[err_code].format(allow_create)
logging.error(err_msg)
return ErrorInfo(err_code, err_msg)
allow_create = allow_create_val
privileges = generate_privileges(
datastore_url=datastore_url,
allow_create=allow_create,
volume_maxsize_in_MB=volume_maxsize_in_MB,
volume_totalsize_in_MB=volume_totalsize_in_MB)
logging.debug("_tenant_access_add: privileges=%s", privileges)
error_info = check_privilege_parameters(privilege=privileges)
if error_info:
return error_info
error_info, auth_mgr = get_auth_mgr_object()
if error_info:
return error_info
error_msg = tenant.set_datastore_access_privileges(auth_mgr.conn,
[privileges])
if error_msg:
error_info = generate_error_info(ErrorCode.INTERNAL_ERROR, error_msg)
return error_info
return error_info
def _tenant_access_add(name, datastore, allow_create=None, default_datastore=False,
volume_maxsize_in_MB=None, volume_totalsize_in_MB=None):
""" API to add datastore access for a tenant """
logging.debug("_tenant_access_add: name=%s datastore=%s, allow_create=%s "
"volume_maxsize_in_MB=%s volume_totalsize_in_MB=%s", name, datastore, allow_create,
volume_maxsize_in_MB, volume_totalsize_in_MB)
error_info, tenant = get_tenant_from_db(name)
if error_info:
return error_info
if not tenant:
error_info = error_code.generate_error_info(ErrorCode.TENANT_NOT_EXIST, name)
return error_info
error_info = check_datastore(datastore)
if error_info:
return error_info
datastore_url = vmdk_utils.get_datastore_url(datastore)
error_info, existing_privileges = _tenant_access_ls(name)
if error_info:
return error_info
if privilege_exist(existing_privileges, datastore_url):
error_info = error_code.generate_error_info(ErrorCode.PRIVILEGE_ALREADY_EXIST, name, datastore)
return error_info
# Possible value:
# None - no change required
# True/False (boolean or string) - change to corresponding True/False
if allow_create is not None:
# validate to boolean value if it is a string
allow_create_val, valid = validate_string_to_bool(allow_create)
if not valid:
err_code = ErrorCode.PRIVILEGE_INVALID_ALLOW_CREATE_VALUE
err_msg = error_code.error_code_to_message[err_code].format(allow_create)
logging.error(err_msg)
return ErrorInfo(err_code, err_msg)
allow_create = allow_create_val
privileges = generate_privileges(datastore_url=datastore_url,
allow_create=allow_create,
volume_maxsize_in_MB=volume_maxsize_in_MB,
volume_totalsize_in_MB=volume_totalsize_in_MB)
logging.debug("_tenant_access_add: privileges=%s", privileges)
error_info = check_privilege_parameters(privilege=privileges)
if error_info:
return error_info
error_info, auth_mgr = get_auth_mgr_object()
if error_info:
return error_info
error_msg = tenant.set_datastore_access_privileges(auth_mgr.conn, [privileges])
if error_msg:
error_info = error_code.generate_error_info(ErrorCode.INTERNAL_ERROR, error_msg)
return error_info
error_msg, result = auth.get_row_from_privileges_table(auth_mgr.conn, tenant.id)
# if len(result) == 1, which means "datastore"" is the first datastore for this tenant,
# and should set this datastore to the "default_datastore" for this tenant
if error_msg:
error_info = error_code.generate_error_info(ErrorCode.INTERNAL_ERROR, error_msg)
return error_info
logging.debug("_tenant_access_add: get_row_from_privileges_table for tenant id=%s return %s",
tenant.id, result)
if len(result) == 1 or default_datastore:
if datastore_url == auth_data_const.DEFAULT_DS_URL:
# Create DEFAULT privilege for DEFAULT tenant, should not set the default_datastore in DB
error_msg = tenant.set_default_datastore(auth_mgr.conn, "")
else:
error_msg = tenant.set_default_datastore(auth_mgr.conn, datastore_url)
if error_msg:
error_info = error_code.generate_error_info(ErrorCode.INTERNAL_ERROR, error_msg)
return error_info