def _process(self):
form = IPNetworkGroupForm()
if form.validate_on_submit():
network_group = IPNetworkGroup()
form.populate_obj(network_group)
db.session.add(network_group)
db.session.flush()
logger.info('Network group %s created by %s', network_group, session.user)
return jsonify_data(flash=False)
return jsonify_form(form)
def migrate_networks(self):
self.print_step('migrating networks')
for domain in committing_iterator(self._iter_domains()):
ip_networks = filter(None, map(self._to_network, set(domain.filterList)))
if not ip_networks:
self.print_warning(cformat('%{yellow}Domain has no valid IPs: {}')
.format(convert_to_unicode(domain.name)))
network = IPNetworkGroup(name=convert_to_unicode(domain.name),
description=convert_to_unicode(domain.description), networks=ip_networks)
db.session.add(network)
self.print_success(repr(network))
db.session.flush()
def test_iter_acl():
user = User()
user_p = MagicMock(principal=user, spec=['principal'])
ipn = IPNetworkGroup()
ipn_p = MagicMock(principal=ipn, spec=['principal'])
local_group = GroupProxy(123, _group=MagicMock())
local_group_p = MagicMock(principal=local_group, spec=['principal'])
remote_group = GroupProxy('foo', 'bar')
remote_group_p = MagicMock(principal=remote_group, spec=['principal'])
acl = [
ipn, user_p, remote_group, local_group_p, user, local_group,
remote_group_p, ipn_p
]
assert list(iter_acl(iter(acl))) == [
user_p, user, ipn, ipn_p, local_group_p, local_group, remote_group,
remote_group_p
]
def migrate_networks(self):
for domain in self._iter_domains():
ip_networks = filter(None,
map(self._to_network, set(domain.filterList)))
if not ip_networks:
self.print_warning(
'%[yellow]Domain has no valid IPs: {}'.format(
convert_to_unicode(domain.name)))
network = IPNetworkGroup(name=convert_to_unicode(domain.name),
description=convert_to_unicode(
domain.description),
networks=ip_networks)
db.session.add(network)
self.global_ns.ip_domains[convert_to_unicode(
domain.name).lower()] = network
self.print_success(repr(network))
db.session.flush()
def migrate_global_ip_acl(self):
ip_networks = filter(
None,
map(self._to_network,
self.makac_info._ip_based_acl_mgr._full_access_acl))
if not ip_networks:
self.print_error('%[red]No valid IPs found')
return
network = IPNetworkGroup(
name='Full Attachment Access',
hidden=True,
attachment_access_override=True,
description=
'IPs that can access all attachments without authentication',
networks=ip_networks)
db.session.add(network)
db.session.flush()
self.print_success(repr(network))
def migrate_global_ip_acl(self):
self.print_step('migrating global ip acl')
minfo = self.zodb_root['MaKaCInfo']['main']
ip_networks = filter(
None,
map(self._to_network, minfo._ip_based_acl_mgr._full_access_acl))
if not ip_networks:
self.print_error(cformat('%{red}No valid IPs found'))
return
network = IPNetworkGroup(
name='Full Attachment Access',
hidden=True,
attachment_access_override=True,
description=
'IPs that can access all attachments without authentication',
networks=ip_networks)
db.session.add(network)
db.session.flush()
self.print_success(repr(network), always=True)
db.session.commit()
