# License for the specific language governing permissions and limitations
# under the License.
"""The instance type extra specs extension."""
import six
from webob import exc
from jacket.api.compute.openstack import common
from jacket.api.compute.openstack import extensions
from jacket.compute.cloud import flavors
from jacket.compute import exception
from jacket.i18n import _
from jacket.compute import utils
authorize = extensions.extension_authorizer('compute', 'flavorextraspecs')
class FlavorExtraSpecsController(object):
"""The flavor extra specs API controller for the OpenStack API."""
def _get_extra_specs(self, context, flavor_id):
flavor = common.get_flavor(context, flavor_id)
return dict(extra_specs=flavor.extra_specs)
def _check_body(self, body):
if body is None or body == "":
expl = _('No Request Body')
raise exc.HTTPBadRequest(explanation=expl)
def _check_extra_specs(self, specs):
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import webob.exc
from jacket.api.compute.openstack import extensions
from jacket.api.compute.openstack import wsgi
from jacket.compute import cloud
from jacket import context as nova_context
from jacket.compute import exception
from jacket.i18n import _
from jacket.compute import servicegroup
from jacket.compute import utils
authorize = extensions.extension_authorizer('cloud', 'services')
class ServiceController(object):
def __init__(self, ext_mgr=None, *args, **kwargs):
self.host_api = cloud.HostAPI()
self.servicegroup_api = servicegroup.API()
self.ext_mgr = ext_mgr
def _get_services(self, req):
api_services = ('cloud-osapi_compute', 'cloud-ec2', 'cloud-metadata')
context = req.environ['compute.context']
authorize(context)
# under the License.
from oslo_utils import strutils
from webob import exc
from jacket.api.compute.openstack import common
from jacket.api.compute.openstack import extensions
from jacket.api.compute.openstack import wsgi
from jacket.compute import cloud
from jacket import context as nova_context
from jacket.compute import exception
from jacket.i18n import _
from jacket.compute import utils
authorize = extensions.extension_authorizer('cloud', 'evacuate')
class Controller(wsgi.Controller):
def __init__(self, ext_mgr, *args, **kwargs):
super(Controller, self).__init__(*args, **kwargs)
self.compute_api = cloud.API()
self.host_api = cloud.HostAPI()
self.ext_mgr = ext_mgr
@wsgi.action('evacuate')
def _evacuate(self, req, id, body):
"""Permit admins to evacuate a server from a failed host
to a new one.
If host is empty, the scheduler will select one.
"""
from oslo_log import log as logging
import webob
from webob import exc
from jacket.api.compute.openstack import common
from jacket.api.compute.openstack import extensions
from jacket.api.compute.openstack import wsgi
from jacket.compute import cloud
from jacket.compute import exception
from jacket.i18n import _
from jacket.i18n import _LE
LOG = logging.getLogger(__name__)
authorize = extensions.extension_authorizer('cloud', 'multinic')
class MultinicController(wsgi.Controller):
def __init__(self, *args, **kwargs):
super(MultinicController, self).__init__(*args, **kwargs)
self.compute_api = cloud.API()
@wsgi.action('addFixedIp')
def _add_fixed_ip(self, req, id, body):
"""Adds an IP on a given network to an instance."""
context = req.environ['compute.context']
authorize(context)
# Validate the input entity
if 'networkId' not in body['addFixedIp']:
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import webob
from webob import exc
from jacket.api.compute.openstack import extensions
from jacket.api.compute.openstack import wsgi
from jacket import context as nova_context
from jacket.compute import exception
from jacket.i18n import _
from jacket.compute import network
authorize = extensions.extension_authorizer('compute', 'networks_associate')
class NetworkAssociateActionController(wsgi.Controller):
"""Network Association API Controller."""
def __init__(self, network_api=None):
self.network_api = network_api or network.API()
@wsgi.action("disassociate_host")
def _disassociate_host_only(self, req, id, body):
context = req.environ['compute.context']
authorize(context)
# NOTE(shaohe-feng): back-compatible with db layer hard-code
# admin permission checks. call db API objects.Network.associate
nova_context.require_admin_context(context)
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from oslo_config import cfg
from jacket.api.compute.openstack import extensions
from jacket.api.compute.openstack import wsgi
from jacket.compute import availability_zones
from jacket import context as nova_context
from jacket.objects import compute as objects
from jacket.compute import servicegroup
CONF = cfg.CONF
authorize_list = extensions.extension_authorizer('compute',
'availability_zone:list')
authorize_detail = extensions.extension_authorizer('compute',
'availability_zone:detail')
class AvailabilityZoneController(wsgi.Controller):
"""The Availability Zone API controller for the OpenStack API."""
def __init__(self):
super(AvailabilityZoneController, self).__init__()
self.servicegroup_api = servicegroup.API()
def _get_filtered_availability_zones(self, zones, is_available):
result = []
for zone in zones:
# Hide internal_service_availability_zone
if zone == CONF.internal_service_availability_zone:
# under the License.
from oslo_log import log as logging
import webob
from jacket.api.compute.openstack import extensions
from jacket.api.compute.openstack import wsgi
from jacket.compute import cloud
from jacket.compute import exception
from jacket.i18n import _
from jacket.i18n import _LI
from jacket.objects import compute as objects
from jacket.objects.compute import external_event as external_event_obj
LOG = logging.getLogger(__name__)
authorize = extensions.extension_authorizer('cloud',
'os-server-external-events')
class ServerExternalEventsController(wsgi.Controller):
def __init__(self):
self.compute_api = cloud.API()
super(ServerExternalEventsController, self).__init__()
def create(self, req, body):
"""Creates a new instance event."""
context = req.environ['compute.context']
authorize(context, action='create')
response_events = []
accepted_events = []
accepted_instances = set()
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import webob.exc
from jacket.api.compute.openstack import extensions
from jacket import context as nova_context
from jacket.compute import exception
from jacket.i18n import _
from jacket.objects import compute as objects
from jacket.compute import utils
authorize = extensions.extension_authorizer('compute', 'agents')
class AgentController(object):
"""The agent is talking about guest agent.The host can use this for
things like accessing files on the disk, configuring networking,
or running other applications/scripts in the guest while it is
running. Typically this uses some hypervisor-specific transport
to avoid being dependent on a working network configuration.
Xen, VMware, and VirtualBox have guest agents,although the Xen
driver is the only one with an implementation for managing them
in openstack. KVM doesn't really have a concept of a guest agent
(although one could be written).
You can find the design of agent update in this link:
http://wiki.openstack.org/AgentUpdate
from oslo_log import log as logging
import six
import webob
from webob import exc
from jacket.api.compute.openstack import common
from jacket.api.compute.openstack import extensions
from jacket.compute import cloud
from jacket.compute import exception
from jacket.i18n import _
from jacket.i18n import _LI
from jacket.compute import network
LOG = logging.getLogger(__name__)
authorize = extensions.extension_authorizer('cloud', 'attach_interfaces')
def _translate_interface_attachment_view(port_info):
"""Maps keys for interface attachment details view."""
return {
'net_id': port_info['network_id'],
'port_id': port_info['id'],
'mac_addr': port_info['mac_address'],
'port_state': port_info['status'],
'fixed_ips': port_info.get('fixed_ips', None),
}
class InterfaceAttachmentController(object):
"""The interface attachment API controller for the OpenStack API."""
# under the License.
import datetime
import iso8601
from oslo_utils import timeutils
import six
import six.moves.urllib.parse as urlparse
from webob import exc
from jacket.api.compute.openstack import extensions
from jacket.compute import exception
from jacket.i18n import _
from jacket.objects import compute as objects
authorize_show = extensions.extension_authorizer('compute',
'simple_tenant_usage:show')
authorize_list = extensions.extension_authorizer('compute',
'simple_tenant_usage:list')
def parse_strtime(dstr, fmt):
try:
return timeutils.parse_strtime(dstr, fmt)
except (TypeError, ValueError) as e:
raise exception.InvalidStrTime(reason=six.text_type(e))
class SimpleTenantUsageController(object):
def _hours_for(self, instance, period_start, period_stop):
launched_at = instance.launched_at
terminated_at = instance.terminated_at
"""The hosts admin extension."""
from oslo_log import log as logging
import six
import webob.exc
from jacket.api.compute.openstack import extensions
from jacket.compute import cloud
from jacket import context as nova_context
from jacket.compute import exception
from jacket.i18n import _
from jacket.i18n import _LI
from jacket.objects import compute as objects
LOG = logging.getLogger(__name__)
authorize = extensions.extension_authorizer('cloud', 'hosts')
class HostController(object):
"""The Hosts API controller for the OpenStack API."""
def __init__(self):
self.api = cloud.HostAPI()
super(HostController, self).__init__()
def index(self, req):
"""Returns a dict in the format:
| {'hosts': [{'host_name': 'some.host.name',
| 'service': 'cells',
| 'zone': 'internal'},
| {'host_name': 'some.other.host.name',
import datetime
from oslo_config import cfg
import webob.exc
from jacket.api.compute.openstack import extensions
from jacket.compute import cloud
from jacket import context as nova_context
from jacket.i18n import _
from jacket.compute import utils
CONF = cfg.CONF
CONF.import_opt('compute_topic', 'jacket.compute.cloud.rpcapi')
authorize = extensions.extension_authorizer('cloud',
'instance_usage_audit_log')
class InstanceUsageAuditLogController(object):
def __init__(self):
self.host_api = cloud.HostAPI()
def index(self, req):
context = req.environ['compute.context']
authorize(context)
task_log = self._get_audit_task_logs(context)
return {'instance_usage_audit_logs': task_log}
def show(self, req, id):
context = req.environ['compute.context']
authorize(context)
# License for the specific language governing permissions and limitations
# under the License.
from oslo_log import log as logging
from oslo_serialization import jsonutils
import six
import webob
from jacket.api.compute.openstack import extensions
from jacket.api.compute.openstack import wsgi
from jacket.compute import cloud
from jacket.compute import exception
from jacket.i18n import _LI
LOG = logging.getLogger(__name__)
authorize = extensions.extension_authorizer('cloud',
'os-assisted-volume-snapshots')
class AssistedVolumeSnapshotsController(wsgi.Controller):
def __init__(self):
self.compute_api = cloud.API()
super(AssistedVolumeSnapshotsController, self).__init__()
def create(self, req, body):
"""Creates a new snapshot."""
context = req.environ['compute.context']
authorize(context, action='create')
if not self.is_valid_body(body, 'snapshot'):
raise webob.exc.HTTPBadRequest()
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from oslo_config import cfg
from jacket.api.compute.openstack import extensions
from jacket.api.compute.openstack import wsgi
from jacket.compute import availability_zones
from jacket import context as nova_context
from jacket.objects import compute as objects
from jacket.compute import servicegroup
CONF = cfg.CONF
authorize_list = extensions.extension_authorizer('compute',
'availability_zone:list')
authorize_detail = extensions.extension_authorizer('compute',
'availability_zone:detail')
class AvailabilityZoneController(wsgi.Controller):
"""The Availability Zone API controller for the OpenStack API."""
def __init__(self):
super(AvailabilityZoneController, self).__init__()
self.servicegroup_api = servicegroup.API()
def _get_filtered_availability_zones(self, zones, is_available):
result = []
for zone in zones:
# Hide internal_service_availability_zone
# License for the specific language governing permissions and limitations
# under the License.
"""The shelved mode extension."""
import webob
from webob import exc
from jacket.api.compute.openstack import common
from jacket.api.compute.openstack import extensions as exts
from jacket.api.compute.openstack import wsgi
from jacket.compute import cloud
from jacket.compute import exception
auth_shelve = exts.extension_authorizer('cloud', 'shelve')
auth_shelve_offload = exts.extension_authorizer('cloud', 'shelveOffload')
auth_unshelve = exts.extension_authorizer('cloud', 'unshelve')
class ShelveController(wsgi.Controller):
def __init__(self, *args, **kwargs):
super(ShelveController, self).__init__(*args, **kwargs)
self.compute_api = cloud.API()
@wsgi.action('shelve')
def _shelve(self, req, id, body):
"""Move an instance into shelved mode."""
context = req.environ["compute.context"]
auth_shelve(context)
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
"""The server password extension."""
from jacket.api.compute.metadata import password
from jacket.api.compute.openstack import common
from jacket.api.compute.openstack import extensions
from jacket.api.compute.openstack import wsgi
from jacket.compute import cloud
authorize = extensions.extension_authorizer('cloud', 'server_password')
class ServerPasswordController(object):
"""The Server Password API controller for the OpenStack API."""
def __init__(self):
self.compute_api = cloud.API()
def index(self, req, server_id):
context = req.environ['compute.context']
authorize(context)
instance = common.get_instance(self.compute_api, context, server_id)
passw = password.extract_password(instance)
return {'password': passw or ''}
# under the License.
"""The rescue mode extension."""
from oslo_utils import uuidutils
import webob
from webob import exc
from jacket.api.compute.openstack import common
from jacket.api.compute.openstack import extensions as exts
from jacket.api.compute.openstack import wsgi
from jacket.compute import cloud
from jacket.compute import exception
from jacket.i18n import _
from jacket.compute import utils
authorize = exts.extension_authorizer('cloud', 'rescue')
class RescueController(wsgi.Controller):
def __init__(self, ext_mgr, *args, **kwargs):
super(RescueController, self).__init__(*args, **kwargs)
self.compute_api = cloud.API()
self.ext_mgr = ext_mgr
def _rescue_image_validation(self, image_ref):
image_uuid = image_ref.split('/').pop()
if not uuidutils.is_uuid_like(image_uuid):
msg = _("Invalid rescue_image_ref provided.")
raise exc.HTTPBadRequest(explanation=msg)
cfg.StrOpt('use_neutron_default_nets',
default="False",
help='Control for checking for default networks'),
cfg.StrOpt('neutron_default_tenant_id',
default="default",
help='Default tenant id when creating neutron '
'networks'),
cfg.IntOpt('quota_networks',
default=3,
help='Number of private networks allowed per project'),
]
CONF.register_opts(os_network_opts)
QUOTAS = quota.QUOTAS
LOG = logging.getLogger(__name__)
authorize = extensions.extension_authorizer('compute', 'os-tenant-networks')
def network_dict(network):
# NOTE(danms): Here, network should be an object, which could have come
# from neutron and thus be missing most of the attributes. Providing a
# default to get() avoids trying to lazy-load missing attributes.
return {
"id": network.get("uuid", None) or network.get("id", None),
"cidr": str(network.get("cidr", None)),
"label": network.get("label", None)
}
class NetworkController(object):
def __init__(self, network_api=None):
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
"""The virtual interfaces extension."""
import webob
from jacket.api.compute.openstack import common
from jacket.api.compute.openstack import extensions
from jacket.compute import cloud
from jacket.i18n import _
from jacket.compute import network
authorize = extensions.extension_authorizer('cloud', 'virtual_interfaces')
def _translate_vif_summary_view(vif):
"""Maps keys for VIF summary view."""
d = {}
d['id'] = vif.uuid
d['mac_address'] = vif.address
return d
class ServerVirtualInterfaceController(object):
"""The instance VIF API controller for the OpenStack API.
"""
def __init__(self):
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import webob
from jacket.api.compute.openstack import common
from jacket.api.compute.openstack import extensions
from jacket.api.compute.openstack import wsgi
from jacket.compute import cloud
from jacket.compute import exception
from jacket.i18n import _
authorize = extensions.extension_authorizer('cloud', 'consoles')
class ConsolesController(wsgi.Controller):
def __init__(self, *args, **kwargs):
self.compute_api = cloud.API()
super(ConsolesController, self).__init__(*args, **kwargs)
@wsgi.action('os-getVNCConsole')
def get_vnc_console(self, req, id, body):
"""Get vnc connection information to access a server."""
context = req.environ['compute.context']
authorize(context)
# If type is not supplied or unknown, get_vnc_console below will cope
console_type = body['os-getVNCConsole'].get('type')
from jacket.db import compute as db
from jacket.compute import exception
from jacket.i18n import _
from jacket.objects import compute as objects
from jacket.compute import quota
from jacket.compute import utils
QUOTAS = quota.QUOTAS
NON_QUOTA_KEYS = ['tenant_id', 'id', 'force']
# Quotas that are only enabled by specific extensions
EXTENDED_QUOTAS = {'server_groups': 'os-server-group-quotas',
'server_group_members': 'os-server-group-quotas'}
authorize_update = extensions.extension_authorizer('compute', 'quotas:update')
authorize_show = extensions.extension_authorizer('compute', 'quotas:show')
authorize_delete = extensions.extension_authorizer('compute', 'quotas:delete')
class QuotaSetsController(wsgi.Controller):
supported_quotas = []
def __init__(self, ext_mgr):
self.ext_mgr = ext_mgr
self.supported_quotas = QUOTAS.resources
for resource, extension in EXTENDED_QUOTAS.items():
if not self.ext_mgr.is_loaded(extension):
self.supported_quotas.remove(resource)
from jacket.compute import exception
from jacket.i18n import _
from jacket.objects import compute as objects
from jacket.compute import quota
from jacket.compute import utils
QUOTAS = quota.QUOTAS
NON_QUOTA_KEYS = ['tenant_id', 'id', 'force']
# Quotas that are only enabled by specific extensions
EXTENDED_QUOTAS = {
'server_groups': 'os-server-group-quotas',
'server_group_members': 'os-server-group-quotas'
}
authorize_update = extensions.extension_authorizer('compute', 'quotas:update')
authorize_show = extensions.extension_authorizer('compute', 'quotas:show')
authorize_delete = extensions.extension_authorizer('compute', 'quotas:delete')
class QuotaSetsController(wsgi.Controller):
supported_quotas = []
def __init__(self, ext_mgr):
self.ext_mgr = ext_mgr
self.supported_quotas = QUOTAS.resources
for resource, extension in EXTENDED_QUOTAS.items():
if not self.ext_mgr.is_loaded(extension):
self.supported_quotas.remove(resource)
from oslo_utils import uuidutils
import webob
from jacket.api.compute.openstack import common
from jacket.api.compute.openstack import extensions
from jacket.api.compute.openstack import wsgi
from jacket.compute import cloud
from jacket.compute.cloud import utils as compute_utils
from jacket.compute import exception
from jacket.i18n import _
from jacket.i18n import _LW
from jacket.compute import network
LOG = logging.getLogger(__name__)
authorize = extensions.extension_authorizer('cloud', 'floating_ips')
def _translate_floating_ip_view(floating_ip):
result = {
'id': floating_ip['id'],
'ip': floating_ip['address'],
'pool': floating_ip['pool'],
}
try:
result['fixed_ip'] = floating_ip['fixed_ip']['address']
except (TypeError, KeyError, AttributeError):
result['fixed_ip'] = None
try:
result['instance_id'] = floating_ip['fixed_ip']['instance_uuid']
except (TypeError, KeyError, AttributeError):
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from jacket.api.compute.openstack import extensions
from jacket.compute import network
authorize = extensions.extension_authorizer('compute', 'floating_ip_pools')
def _translate_floating_ip_view(pool_name):
return {
'name': pool_name,
}
def _translate_floating_ip_pools_view(pools):
return {
'floating_ip_pools':
[_translate_floating_ip_view(pool_name) for pool_name in pools]
}
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import webob.exc
from jacket.api.compute.openstack import extensions
from jacket import context as nova_context
from jacket.compute import exception
from jacket.i18n import _
from jacket.objects import compute as objects
from jacket.compute import utils
authorize = extensions.extension_authorizer('compute', 'agents')
class AgentController(object):
"""The agent is talking about guest agent.The host can use this for
things like accessing files on the disk, configuring networking,
or running other applications/scripts in the guest while it is
running. Typically this uses some hypervisor-specific transport
to avoid being dependent on a working network configuration.
Xen, VMware, and VirtualBox have guest agents,although the Xen
driver is the only one with an implementation for managing them
in openstack. KVM doesn't really have a concept of a guest agent
(although one could be written).
You can find the design of agent update in this link:
http://wiki.openstack.org/AgentUpdate
from oslo_utils import uuidutils
import webob
from webob import exc
from jacket.api.compute.openstack import common
from jacket.api.compute.openstack import extensions
from jacket.api.compute.openstack import wsgi
from jacket.compute import cloud
from jacket.compute import exception
from jacket.i18n import _
from jacket.i18n import _LI
from jacket.objects import compute as objects
from jacket.compute import volume
LOG = logging.getLogger(__name__)
authorize = extensions.extension_authorizer('cloud', 'volumes')
authorize_attach = extensions.extension_authorizer('cloud',
'volume_attachments')
def _translate_volume_detail_view(context, vol):
"""Maps keys for volumes details view."""
d = _translate_volume_summary_view(context, vol)
# No additional data / lookups at the moment
return d
"""The rescue mode extension."""
from oslo_utils import uuidutils
import webob
from webob import exc
from jacket.api.compute.openstack import common
from jacket.api.compute.openstack import extensions as exts
from jacket.api.compute.openstack import wsgi
from jacket.compute import cloud
from jacket.compute import exception
from jacket.i18n import _
from jacket.compute import utils
authorize = exts.extension_authorizer('cloud', 'rescue')
class RescueController(wsgi.Controller):
def __init__(self, ext_mgr, *args, **kwargs):
super(RescueController, self).__init__(*args, **kwargs)
self.compute_api = cloud.API()
self.ext_mgr = ext_mgr
def _rescue_image_validation(self, image_ref):
image_uuid = image_ref.split('/').pop()
if not uuidutils.is_uuid_like(image_uuid):
msg = _("Invalid rescue_image_ref provided.")
raise exc.HTTPBadRequest(explanation=msg)
"""The Aggregate admin API extension."""
import datetime
import six
from webob import exc
from jacket.api.compute.openstack import extensions
from jacket.compute.cloud import api as compute_api
from jacket import context as nova_context
from jacket.compute import exception
from jacket.i18n import _
from jacket.compute import utils
authorize = extensions.extension_authorizer('compute', 'aggregates')
def _get_context(req):
return req.environ['compute.context']
def get_host_from_body(fn):
"""Makes sure that the host exists."""
def wrapped(self, req, id, body, *args, **kwargs):
if len(body) != 1:
msg = _('Only host parameter can be specified')
raise exc.HTTPBadRequest(explanation=msg)
elif 'host' not in body:
msg = _('Host parameter must be specified')
raise exc.HTTPBadRequest(explanation=msg)
from webob import exc
from jacket.api.compute.openstack import extensions
from jacket.compute.cloudpipe import pipelib
from jacket.compute import cloud
from jacket.compute.cloud import utils as compute_utils
from jacket.compute.cloud import vm_states
from jacket.compute import exception
from jacket.i18n import _
from jacket.compute import network
from jacket.compute import utils
CONF = cfg.CONF
CONF.import_opt('keys_path', 'cloud.crypto')
authorize = extensions.extension_authorizer('cloud', 'cloudpipe')
class CloudpipeController(object):
"""Handle creating and listing cloudpipe instances."""
def __init__(self):
self.compute_api = cloud.API()
self.network_api = network.API()
self.cloudpipe = pipelib.CloudPipe()
self.setup()
def setup(self):
"""Ensure the keychains and folders exist."""
# NOTE(vish): One of the drawbacks of doing this in the api is
# the keys will only be on the api node that launched
# under the License.
import six
from jacket.api.compute.openstack import extensions
from jacket.api.compute.openstack import wsgi
from jacket.compute import quota
QUOTAS = quota.QUOTAS
XMLNS = "http://docs.openstack.org/compute/ext/used_limits/api/v1.1"
ALIAS = "os-used-limits"
authorize = extensions.soft_extension_authorizer('compute', 'used_limits')
authorize_for_admin = extensions.extension_authorizer('compute',
'used_limits_for_admin')
class UsedLimitsController(wsgi.Controller):
def __init__(self, ext_mgr):
self.ext_mgr = ext_mgr
@staticmethod
def _reserved(req):
try:
return int(req.GET['reserved'])
except (ValueError, KeyError):
return False
@wsgi.extends
import six
import webob
from webob import exc
from jacket.api.compute.openstack import common
from jacket.api.compute.openstack import extensions
from jacket.api.compute.openstack import wsgi
from jacket.compute import cloud
from jacket.compute import exception
from jacket.i18n import _
from jacket.compute.network.security_group import openstack_driver
from jacket.compute.virt import netutils
LOG = logging.getLogger(__name__)
authorize = extensions.extension_authorizer('cloud', 'security_groups')
softauth = extensions.soft_extension_authorizer('cloud', 'security_groups')
def _authorize_context(req):
context = req.environ['compute.context']
authorize(context)
return context
@contextlib.contextmanager
def translate_exceptions():
"""Translate cloud exceptions to http exceptions."""
try:
yield
except exception.Invalid as exp:
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import six
import webob
from webob import exc
from jacket.api.compute.openstack.compute.legacy_v2.contrib import security_groups as sg
from jacket.api.compute.openstack import extensions
from jacket import context as nova_context
from jacket.compute import exception
from jacket.i18n import _
from jacket.compute.network.security_group import openstack_driver
authorize = extensions.extension_authorizer('compute',
'security_group_default_rules')
class SecurityGroupDefaultRulesController(sg.SecurityGroupControllerBase):
def __init__(self):
self.security_group_api = (
openstack_driver.get_openstack_security_group_driver())
def create(self, req, body):
context = sg._authorize_context(req)
authorize(context)
# NOTE(shaohe-feng): back-compatible with db layer hard-code
# admin permission checks.
nova_context.require_admin_context(context)
sg_rule = self._from_body(body, 'security_group_default_rule')
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import webob.exc
from jacket.api.compute.openstack import common
from jacket.api.compute.openstack import extensions
from jacket.compute import cloud
from jacket.compute import exception
from jacket.i18n import _
authorize = extensions.extension_authorizer('cloud', 'server_diagnostics')
class ServerDiagnosticsController(object):
def __init__(self):
self.compute_api = cloud.API()
def index(self, req, server_id):
context = req.environ["compute.context"]
authorize(context)
instance = common.get_instance(self.compute_api, context, server_id)
try:
return self.compute_api.get_diagnostics(context, instance)
except exception.InstanceInvalidState as state_error:
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import webob.exc
from jacket.api.compute.openstack import extensions
import jacket.compute.cert.rpcapi
from jacket.compute import exception
from jacket.i18n import _
authorize = extensions.extension_authorizer('compute', 'certificates')
def _translate_certificate_view(certificate, private_key=None):
return {
'data': certificate,
'private_key': private_key,
}
class CertificatesController(object):
"""The x509 Certificates API controller for the OpenStack API."""
def __init__(self):
self.cert_rpcapi = jacket.compute.cert.rpcapi.CertAPI()
super(CertificatesController, self).__init__()
def test_extension_authorizer_throws_exception_if_policy_fails(self):
authorize = base_extensions.extension_authorizer(
'compute', 'used_limits_for_admin')
self._test_extension_authorizer_throws_exception_if_policy_fails(
"compute_extension:used_limits_for_admin",
authorize)
from oslo_utils import timeutils
import six
from webob import exc
from jacket.api.compute.openstack import common
from jacket.api.compute.openstack import extensions
from jacket.compute.cells import rpcapi as cells_rpcapi
import jacket.compute.conf
from jacket import context as nova_context
from jacket.compute import exception
from jacket.i18n import _
from jacket import rpc
CONF = jacket.compute.conf.CONF
authorize = extensions.extension_authorizer('compute', 'cells')
def _filter_keys(item, keys):
"""Filters all model attributes except for keys
item is a dict
"""
return {k: v for k, v in six.iteritems(item) if k in keys}
def _fixup_cell_info(cell_info, keys):
"""If the transport_url is present in the cell, derive username,
rpc_host, and rpc_port from it.
"""
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
"""The virtual interfaces extension."""
import webob
from jacket.api.compute.openstack import common
from jacket.api.compute.openstack import extensions
from jacket.compute import cloud
from jacket.i18n import _
from jacket.compute import network
authorize = extensions.extension_authorizer('cloud', 'virtual_interfaces')
def _translate_vif_summary_view(vif):
"""Maps keys for VIF summary view."""
d = {}
d['id'] = vif.uuid
d['mac_address'] = vif.address
return d
class ServerVirtualInterfaceController(object):
"""The instance VIF API controller for the OpenStack API.
"""
def __init__(self):
self.compute_api = cloud.API()
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
"""The server password extension."""
from jacket.api.compute.metadata import password
from jacket.api.compute.openstack import common
from jacket.api.compute.openstack import extensions
from jacket.api.compute.openstack import wsgi
from jacket.compute import cloud
authorize = extensions.extension_authorizer('cloud', 'server_password')
class ServerPasswordController(object):
"""The Server Password API controller for the OpenStack API."""
def __init__(self):
self.compute_api = cloud.API()
def index(self, req, server_id):
context = req.environ['compute.context']
authorize(context)
instance = common.get_instance(self.compute_api, context, server_id)
passw = password.extract_password(instance)
return {'password': passw or ''}
import six
from webob import exc
from jacket.api.compute.openstack import common
from jacket.api.compute.openstack import extensions
from jacket.compute.cells import rpcapi as cells_rpcapi
import jacket.compute.conf
from jacket import context as nova_context
from jacket.compute import exception
from jacket.i18n import _
from jacket import rpc
CONF = jacket.compute.conf.CONF
authorize = extensions.extension_authorizer('compute', 'cells')
def _filter_keys(item, keys):
"""Filters all model attributes except for keys
item is a dict
"""
return {k: v for k, v in six.iteritems(item) if k in keys}
def _fixup_cell_info(cell_info, keys):
"""If the transport_url is present in the cell, derive username,
rpc_host, and rpc_port from it.
"""
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import webob
import webob.exc
from jacket.api.compute.openstack import extensions
from jacket.compute import exception
from jacket.i18n import _
from jacket.objects import compute as objects
authorize = extensions.extension_authorizer('compute', 'fixed_ips')
class FixedIPController(object):
def show(self, req, id):
"""Return data about the given fixed IP."""
context = req.environ['compute.context']
authorize(context)
attrs = ['network', 'instance']
try:
fixed_ip = objects.FixedIP.get_by_address(context, id,
expected_attrs=attrs)
except exception.FixedIpNotFoundForAddress as ex:
raise webob.exc.HTTPNotFound(explanation=ex.format_message())
except exception.FixedIpInvalid as ex:
# under the License.
"""The flavor access extension."""
import webob
from jacket.api.compute.openstack import common
from jacket.api.compute.openstack import extensions
from jacket.api.compute.openstack import wsgi
from jacket import context as nova_context
from jacket.compute import exception
from jacket.i18n import _
from jacket.objects import compute as objects
soft_authorize = extensions.soft_extension_authorizer('compute',
'flavor_access')
authorize = extensions.extension_authorizer('compute', 'flavor_access')
def _marshall_flavor_access(flavor):
rval = []
for project_id in flavor.projects:
rval.append({'flavor_id': flavor.flavorid, 'tenant_id': project_id})
return {'flavor_access': rval}
class FlavorAccessController(object):
"""The flavor access API controller for the OpenStack API."""
def __init__(self):
super(FlavorAccessController, self).__init__()
from oslo_log import log as logging
from oslo_utils import uuidutils
import webob
from jacket.api.compute.openstack import common
from jacket.api.compute.openstack import extensions
from jacket.api.compute.openstack import wsgi
from jacket.compute import cloud
from jacket.compute.cloud import utils as compute_utils
from jacket.compute import exception
from jacket.i18n import _
from jacket.i18n import _LW
from jacket.compute import network
LOG = logging.getLogger(__name__)
authorize = extensions.extension_authorizer('cloud', 'floating_ips')
def _translate_floating_ip_view(floating_ip):
result = {
'id': floating_ip['id'],
'ip': floating_ip['address'],
'pool': floating_ip['pool'],
}
try:
result['fixed_ip'] = floating_ip['fixed_ip']['address']
except (TypeError, KeyError, AttributeError):
result['fixed_ip'] = None
try:
result['instance_id'] = floating_ip['fixed_ip']['instance_uuid']
except (TypeError, KeyError, AttributeError):
# under the License.
import datetime
import iso8601
from oslo_utils import timeutils
import six
import six.moves.urllib.parse as urlparse
from webob import exc
from jacket.api.compute.openstack import extensions
from jacket.compute import exception
from jacket.i18n import _
from jacket.objects import compute as objects
authorize_show = extensions.extension_authorizer('compute',
'simple_tenant_usage:show')
authorize_list = extensions.extension_authorizer('compute',
'simple_tenant_usage:list')
def parse_strtime(dstr, fmt):
try:
return timeutils.parse_strtime(dstr, fmt)
except (TypeError, ValueError) as e:
raise exception.InvalidStrTime(reason=six.text_type(e))
class SimpleTenantUsageController(object):
def _hours_for(self, instance, period_start, period_stop):
launched_at = instance.launched_at
terminated_at = instance.terminated_at
from oslo_config import cfg
import six
import webob.exc
from jacket.api.compute.openstack import extensions
from jacket import context as nova_context
from jacket.compute import exception
from jacket.i18n import _
from jacket.objects import compute as objects
CONF = cfg.CONF
CONF.import_opt('default_floating_pool', 'jacket.compute.network.floating_ips')
CONF.import_opt('public_interface', 'jacket.compute.network.linux_net')
authorize = extensions.extension_authorizer('compute', 'floating_ips_bulk')
class FloatingIPBulkController(object):
def index(self, req):
"""Return a list of all floating IPs."""
context = req.environ['compute.context']
authorize(context)
return self._get_floating_ip_info(context)
def show(self, req, id):
"""Return a list of all floating IPs for a given host."""
context = req.environ['compute.context']
authorize(context)
"""The multinic extension."""
from oslo_log import log as logging
import webob
from webob import exc
from jacket.api.compute.openstack import common
from jacket.api.compute.openstack import extensions
from jacket.api.compute.openstack import wsgi
from jacket.compute import cloud
from jacket.compute import exception
from jacket.i18n import _
from jacket.i18n import _LE
LOG = logging.getLogger(__name__)
authorize = extensions.extension_authorizer('cloud', 'multinic')
class MultinicController(wsgi.Controller):
def __init__(self, *args, **kwargs):
super(MultinicController, self).__init__(*args, **kwargs)
self.compute_api = cloud.API()
@wsgi.action('addFixedIp')
def _add_fixed_ip(self, req, id, body):
"""Adds an IP on a given network to an instance."""
context = req.environ['compute.context']
authorize(context)
# Validate the input entity
if 'networkId' not in body['addFixedIp']:
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import webob
from jacket.api.compute.openstack.compute.views import flavors as flavors_view
from jacket.api.compute.openstack import extensions
from jacket.api.compute.openstack import wsgi
from jacket.compute.cloud import flavors
from jacket.compute import exception
from jacket.i18n import _
authorize = extensions.extension_authorizer('compute', 'flavormanage')
class FlavorManageController(wsgi.Controller):
"""The Flavor Lifecycle API controller for the OpenStack API."""
_view_builder_class = flavors_view.ViewBuilder
def __init__(self):
super(FlavorManageController, self).__init__()
@wsgi.action("delete")
def _delete(self, req, id):
context = req.environ['compute.context']
authorize(context)
try:
flavor = flavors.get_flavor_by_flavor_id(
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import webob
from jacket.api.compute.openstack import common
from jacket.api.compute.openstack import extensions
from jacket.api.compute.openstack import wsgi
from jacket.compute import cloud
from jacket.compute import exception
from jacket.i18n import _
authorize = extensions.extension_authorizer('cloud', 'consoles')
class ConsolesController(wsgi.Controller):
def __init__(self, *args, **kwargs):
self.compute_api = cloud.API()
super(ConsolesController, self).__init__(*args, **kwargs)
@wsgi.action('os-getVNCConsole')
def get_vnc_console(self, req, id, body):
"""Get vnc connection information to access a server."""
context = req.environ['compute.context']
authorize(context)
# If type is not supplied or unknown, get_vnc_console below will cope
console_type = body['os-getVNCConsole'].get('type')
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from webob import exc
from jacket.api.compute.openstack import common
from jacket.api.compute.openstack import extensions
from jacket.api.compute.openstack import wsgi
from jacket.compute import cloud
authorize_actions = extensions.extension_authorizer('cloud',
'instance_actions')
authorize_events = extensions.soft_extension_authorizer(
'cloud', 'instance_actions:events')
ACTION_KEYS = [
'action', 'instance_uuid', 'request_id', 'user_id', 'project_id',
'start_time', 'message'
]
EVENT_KEYS = ['event', 'start_time', 'finish_time', 'result', 'traceback']
class InstanceActionsController(wsgi.Controller):
def __init__(self):
super(InstanceActionsController, self).__init__()
self.compute_api = cloud.API()
self.action_api = cloud.InstanceActionAPI()
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
"""Keypair management extension."""
import webob
import webob.exc
from jacket.api.compute.openstack.compute.legacy_v2 import servers
from jacket.api.compute.openstack import extensions
from jacket.api.compute.openstack import wsgi
from jacket.compute.cloud import api as compute_api
from jacket.compute import exception
from jacket.i18n import _
authorize = extensions.extension_authorizer('compute', 'keypairs')
soft_authorize = extensions.soft_extension_authorizer('compute', 'keypairs')
class KeypairController(object):
"""Keypair API controller for the OpenStack API."""
def __init__(self):
self.api = compute_api.KeypairAPI()
def _filter_keypair(self, keypair, **attrs):
clean = {
'name': keypair.name,
'public_key': keypair.public_key,
'fingerprint': keypair.fingerprint,
}
for attr in attrs:
from jacket.api.compute.openstack import wsgi
import jacket.context
from jacket.db import compute as db
from jacket.compute import exception
from jacket.i18n import _
from jacket.compute import quota
from jacket.compute import utils
QUOTAS = quota.QUOTAS
# Quotas that are only enabled by specific extensions
EXTENDED_QUOTAS = {'server_groups': 'os-server-group-quotas',
'server_group_members': 'os-server-group-quotas'}
authorize = extensions.extension_authorizer('compute', 'quota_classes')
class QuotaClassSetsController(wsgi.Controller):
supported_quotas = []
def __init__(self, ext_mgr):
self.ext_mgr = ext_mgr
self.supported_quotas = QUOTAS.resources
for resource, extension in EXTENDED_QUOTAS.items():
if not self.ext_mgr.is_loaded(extension):
self.supported_quotas.remove(resource)
def _format_quota_set(self, quota_class, quota_set):
"""Convert the quota object to a result dict."""
# License for the specific language governing permissions and limitations
# under the License.
import six
import webob
from webob import exc
from jacket.api.compute.openstack.compute.legacy_v2.contrib import security_groups as sg
from jacket.api.compute.openstack import extensions
from jacket import context as nova_context
from jacket.compute import exception
from jacket.i18n import _
from jacket.compute.network.security_group import openstack_driver
authorize = extensions.extension_authorizer('compute',
'security_group_default_rules')
class SecurityGroupDefaultRulesController(sg.SecurityGroupControllerBase):
def __init__(self):
self.security_group_api = (
openstack_driver.get_openstack_security_group_driver())
def create(self, req, body):
context = sg._authorize_context(req)
authorize(context)
# NOTE(shaohe-feng): back-compatible with db layer hard-code
# admin permission checks.
nova_context.require_admin_context(context)
def authorize(context, action_name):
action = 'admin_actions:%s' % action_name
extensions.extension_authorizer('cloud', action)(context)
