def valid_option_pool(self, optionpool_map):
"""Validate the values of option pool
@param optionpool_map: Map with the data of the request.
@raise InvalidValueError: Represents an error occurred validating a value.
"""
# Get XML data
type = optionpool_map.get('type')
name = optionpool_map.get('name')
# type can NOT be greater than 50
if not is_valid_string_maxsize(type, 50,
True) or not is_valid_option(type):
self.log.error(u'Parameter type is invalid. Value: %s.', type)
raise InvalidValueError(None, 'type', type)
# name_txt can NOT be greater than 50
if not is_valid_string_maxsize(name, 50,
True) or not is_valid_option(name):
self.log.error(u'Parameter name_txt is invalid. Value: %s.', name)
raise InvalidValueError(None, 'name', name)
# set variables
self.type = type
self.name = name
def handle_put(self, request, user, *args, **kwargs):
'''Trata as requisições de PUT para inserir o relacionamento entre IP e Equipamento.
URL: ip/<id_ip>/equipamento/<id_equipamento>/$
'''
try:
ip_id = kwargs.get('id_ip')
equip_id = kwargs.get('id_equipamento')
if not is_valid_int_greater_zero_param(ip_id):
self.log.error(
u'The ip_id parameter is not a valid value: %s.', ip_id)
raise InvalidValueError(None, 'ip_id', ip_id)
if not is_valid_int_greater_zero_param(equip_id):
self.log.error(
u'The equip_id parameter is not a valid value: %s.',
equip_id)
raise InvalidValueError(None, 'equip_id', equip_id)
Ip.get_by_pk(ip_id)
with distributedlock(LOCK_IP_EQUIPMENT % (ip_id, equip_id)):
ip_equipment = insert_ip_equipment(ip_id, equip_id, user)
ipequipamento_map = dict()
ipequipamento_map['id'] = ip_equipment.id
map = dict()
map['ip_equipamento'] = ipequipamento_map
return self.response(dumps_networkapi(map))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def handle_delete(self, request, user, *args, **kwargs):
"""Trata as requisições de DELETE para remover uma associação entre um Equipamento e um Grupo.
URL: /equipamentogrupo/equipamento/<id_equip>/egrupo/<id_egrupo>/
"""
try:
equip_id = kwargs.get('id_equip')
if not is_valid_int_greater_zero_param(equip_id):
self.log.error(
u'The equip_id parameter is not a valid value: %s.',
equip_id)
raise InvalidValueError(None, 'equip_id', equip_id)
egroup_id = kwargs.get('id_egrupo')
if not is_valid_int_greater_zero_param(egroup_id):
self.log.error(
u'The egroup_id parameter is not a valid value: %s.',
egroup_id)
raise InvalidValueError(None, 'egroup_id', egroup_id)
Equipamento.get_by_pk(equip_id)
EGrupo.get_by_pk(egroup_id)
if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT,
AdminPermission.WRITE_OPERATION, None, equip_id,
AdminPermission.EQUIP_WRITE_OPERATION):
return self.not_authorized()
with distributedlock(LOCK_EQUIPMENT_GROUP % egroup_id):
EquipamentoGrupo.remove(user, equip_id, egroup_id)
return self.response(dumps_networkapi({}))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def __save_rule_contents(self, contents, blocks_id, environment, rule,
user):
blocks_id = [int(id) for id in blocks_id]
if not filter(lambda a: a != 0, blocks_id) == sorted(
filter(lambda a: a != 0, blocks_id)):
raise InvalidValueError(None, 'blocks_id', blocks_id)
if len(blocks_id) > len(contents):
raise InvalidValueError(None, 'contents', contents)
if len(blocks_id) < len(contents):
raise InvalidValueError(None, 'blocks_id', blocks_id)
for i in range(len(contents)):
rule_content = RuleContent()
block = ''
if blocks_id[i] and blocks_id[i] != '0':
block = BlockRules.objects.get(pk=blocks_id[i],
environment=environment)
rule_content.content = block.content if block else contents[i]
rule_content.order = i
rule_content.rule = rule
rule_content.save()
def handle_post(self, request, user, *args, **kwargs):
"""Handles POST requests to save a new Rule
URL: rule/save/
"""
try:
self.log.info("Save rule to an environment")
# User permission
if not has_perm(user, AdminPermission.VIP_VALIDATION, AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
# Load XML data
xml_map, attrs_map = loads(request.raw_post_data)
# XML data format
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
return self.response_error(3, u'There is no value to the networkapi tag of XML request.')
rule_map = networkapi_map.get('map')
if rule_map is None:
return self.response_error(3, u'There is no value to the environment_vip tag of XML request.')
# Get XML data
id_env = rule_map['id_env']
name = rule_map['name']
contents = rule_map['contents'] if type(
rule_map['contents']) is list else [rule_map['contents'], ]
blocks_id = rule_map['blocks_id'] if type(
rule_map['blocks_id']) is list else [rule_map['blocks_id'], ]
if not is_valid_int_greater_zero_param(id_env):
self.log.error(
u'The id_env parameter is not a valid value: %s.', id_env)
raise InvalidValueError(None, 'id_env', id_env)
if not name or len(name) > 80:
self.log.error(
u'The name parameter is not a valid value: %s.', name)
raise InvalidValueError(None, 'name', name)
environment = Ambiente.get_by_pk(id_env)
new_rule = Rule()
new_rule.name = name
new_rule.environment = environment
new_rule.save()
self.__save_rule_contents(
contents, blocks_id, environment, new_rule, user)
return self.response(dumps_networkapi({}))
except AmbienteNotFoundError, e:
self.log.error('Environment not found')
return self.response_error(112)
def handle_get(self, request, user, *args, **kwargs):
'''Trata as requisições de GET para listar os direitos de grupo de usuários em grupo de equipamentos.
URLs: direitosgrupoequipamento/$
direitosgrupoequipamento/ugrupo/<id_grupo_usuario>/$
direitosgrupoequipamento/egrupo/<id_grupo_equipamento>/$
direitosgrupoequipamento/<id_direito>/$
'''
try:
if not has_perm(user, AdminPermission.USER_ADMINISTRATION,
AdminPermission.READ_OPERATION):
return self.not_authorized()
map_list = []
right_id = kwargs.get('id_direito')
if not is_valid_int_greater_zero_param(right_id, False):
self.log.error(
u'The right_id parameter is not a valid value: %s.',
right_id)
raise InvalidValueError(None, 'right_id', right_id)
if right_id is not None:
map_list.append(
self.__get_direito_map(
DireitosGrupoEquipamento.get_by_pk(right_id)))
else:
ugroup = kwargs.get('id_grupo_usuario')
egroup = kwargs.get('id_grupo_equipamento')
if not is_valid_int_greater_zero_param(ugroup, False):
self.log.error(
u'The ugroup_id parameter is not a valid value: %s.',
ugroup)
raise InvalidValueError(None, 'ugroup_id', ugroup)
if not is_valid_int_greater_zero_param(egroup, False):
self.log.error(
u'The egroup_id parameter is not a valid value: %s.',
egroup)
raise InvalidValueError(None, 'egroup_id', egroup)
if ugroup is not None:
UGrupo.get_by_pk(ugroup)
if egroup is not None:
EGrupo.get_by_pk(egroup)
rights = DireitosGrupoEquipamento.search(ugroup, None, egroup)
for right in rights:
map_list.append(self.__get_direito_map(right))
return self.response(
dumps_networkapi({'direito_grupo_equipamento': map_list}))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def handle_post(self, request, user, *args, **kwargs):
"""Treat POST requests to add new network types.
URL: /net_type/
"""
try:
# Check permission
if not has_perm(user, AdminPermission.NETWORK_TYPE_MANAGEMENT, AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
# Get request XML data
xml_map, attrs_map = loads(request.raw_post_data)
# Get networkapi tag map
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
return self.response_error(3, u'There is no networkapi tag from request XML.')
# Get net_type tag map
net_type_map = networkapi_map.get('net_type')
if net_type_map is None:
return self.response_error(3, u'There is no tipo_rede tag from request XML.')
# Valid name attribute
name = net_type_map.get('name')
if not is_valid_string_minsize(name, 3) or not is_valid_string_maxsize(name, 100):
self.log.error(
u'Parameter %s is invalid. Value: %s.', 'name', name)
raise InvalidValueError(None, 'name', name)
net_type = TipoRede(tipo_rede=name)
if not is_valid_vlan_name(name):
self.log.error(
u'Parameter %s is invalid because is using special characters and/or breaklines.', name)
raise InvalidValueError(None, 'name', name)
try:
TipoRede.get_by_name(net_type.tipo_rede)
raise NetworkTypeNameDuplicatedError(
None, u'Network type with name %s already exist' % net_type.tipo_rede)
except NetworkTypeNotFoundError:
pass
try:
net_type.save()
except Exception, e:
self.log.error(u'Failed to insert network type.')
raise VlanError(e, u'Failed to insert network type.')
net_type_map = dict()
net_type_map['id'] = net_type.id
return self.response(dumps_networkapi({'net_type': net_type_map}))
def handle_delete(self, request, user, *args, **kwargs):
"""Treat DELETE requests to dissociate User and Group.
URL: usergroup/user/<id_user>/ugroup/<id_group>/dissociate/
"""
try:
self.log.info('Dissociate User and Group.')
# User permission
if not has_perm(user, AdminPermission.USER_ADMINISTRATION,
AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
id_user = kwargs.get('id_user')
id_group = kwargs.get('id_group')
# Valid ID User
if not is_valid_int_greater_zero_param(id_user):
self.log.error(
u'The id_user parameter is not a valid value: %s.',
id_user)
raise InvalidValueError(None, 'id_user', id_user)
# Valid ID Group
if not is_valid_int_greater_zero_param(id_group):
self.log.error(
u'The id_group parameter is not a valid value: %s.',
id_group)
raise InvalidValueError(None, 'id_group', id_group)
# Find User by ID to check if it exist
Usuario.get_by_pk(id_user)
# Find Group by ID to check if it exist
UGrupo.get_by_pk(id_group)
# Find UserGroup by ID to check if it exist
user_group = UsuarioGrupo.get_by_user_group(id_user, id_group)
with distributedlock(LOCK_USER_GROUP % (id_user, id_group)):
try:
# remove UserGroup
user_group.delete()
except Exception, e:
self.log.error(u'Failed to remove the UserGroup.')
raise GrupoError(e, u'Failed to remove the UserGroup.')
return self.response(dumps_networkapi({}))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def create(self, authenticated_user):
"""Add new port channel"""
# Checks if name is valid
try:
if not is_valid_int_greater_zero_param(self.nome):
raise InvalidValueError(None, 'nome', self.nome)
except Exception, e:
raise InvalidValueError(None, e.param, e.value)
def handle_delete(self, request, user, *args, **kwargs):
"""Trata uma requisição DELETE para excluir uma informação de acesso a equipamento
URL: /equipamentoacesso/id_equipamento/id_tipo_acesso/
"""
# Verifica acesso e obtém dados do request
try:
# Obtém argumentos passados na URL
id_equipamento = kwargs.get('id_equipamento')
# Valid ID Equipment
if not is_valid_int_greater_zero_param(id_equipamento):
self.log.error(
u'The id_equipamento parameter is not a valid value: %s.',
id_equipamento)
raise InvalidValueError(None, 'id_equipamento', id_equipamento)
id_tipo_acesso = kwargs.get('id_tipo_acesso')
# Valid ID Equipment
if not is_valid_int_greater_zero_param(id_tipo_acesso):
self.log.error(
u'The id_tipo_acesso parameter is not a valid value: %s.',
id_tipo_acesso)
raise InvalidValueError(None, 'id_tipo_acesso', id_tipo_acesso)
Equipamento.get_by_pk(id_equipamento)
TipoAcesso.get_by_pk(id_tipo_acesso)
# Após obtenção do id_equipamento podemos verificar a permissão
if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT,
AdminPermission.WRITE_OPERATION, None,
id_equipamento,
AdminPermission.EQUIP_WRITE_OPERATION):
return self.not_authorized()
with distributedlock(LOCK_EQUIPMENT_ACCESS % id_tipo_acesso):
# Remove a informação de acesso a equipamento
EquipamentoAcesso.remove(user, id_equipamento, id_tipo_acesso)
# Retorna response vazio em caso de sucesso
return self.response(dumps_networkapi({}))
except InvalidValueError as e:
return self.response_error(269, e.param, e.value)
except EquipamentoNotFoundError:
return self.response_error(117, id_equipamento)
except AccessTypeNotFoundError:
return self.response_error(171, id_tipo_acesso)
except EquipamentoAcesso.DoesNotExist:
return self.response_error(209, id_equipamento, id_tipo_acesso)
except (EquipamentoError, GrupoError):
return self.response_error(1)
def handle_get(self, request, user, *args, **kwargs):
"""Treat requests GET to verify that the IP belongs to environment.
URLs: /ip/x1.x2.x3.x4/ambiente/<id_amb>
URLs: /ip/<ip>/ambiente/<id_amb>
"""
self.log.info("GET to verify that the IP belongs to environment")
try:
# User permission
if not has_perm(user, AdminPermission.IPS,
AdminPermission.READ_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
environment_id = kwargs.get('id_amb')
# Valid Environment ID
if not is_valid_int_greater_zero_param(environment_id):
self.log.error(
u'The id_environment parameter is not a valid value: %s.',
environment_id)
raise InvalidValueError(None, 'id_environment', environment_id)
ip = kwargs.get('ip')
# Valid IP
if not is_valid_ipv4(ip):
self.log.error(u'Parameter ip is invalid. Value: %s.', ip)
raise InvalidValueError(None, 'ip', ip)
# Find Environment by ID to check if it exist
Ambiente.get_by_pk(environment_id)
# Existing IP
octs = str(IPAddress(ip, 4).exploded).split('.')
ip = Ip.get_by_octs_and_environment(octs[0], octs[1], octs[2],
octs[3], environment_id)
# Build dictionary return
ip_map = dict()
ip_map['id'] = ip.id
ip_map['id_vlan'] = ip.networkipv4.vlan.id
ip_map['oct4'] = ip.oct4
ip_map['oct3'] = ip.oct3
ip_map['oct2'] = ip.oct2
ip_map['oct1'] = ip.oct1
ip_map['descricao'] = ip.descricao
return self.response(dumps_networkapi({'ip': ip_map}))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def verificar_vlan_nativa(vlan_nativa):
if vlan_nativa is not None:
if int(vlan_nativa) < 1 or int(vlan_nativa) > 4096:
raise InvalidValueError(None, 'Vlan Nativa',
'Range valido: 1 - 4096.')
if int(vlan_nativa) < 1 or 3967 < int(vlan_nativa) < 4048 or int(
vlan_nativa) == 4096:
raise InvalidValueError(None, 'Vlan Nativa',
'Range reservado: 3968-4047;4094.')
def handle_put(self, request, user, *args, **kwargs):
"""Trata as requisições de PUT para alterar um grupo de equipamento.
URL: egrupo/<id_grupo>/
"""
try:
egroup_id = kwargs.get('id_grupo')
if not is_valid_int_greater_zero_param(egroup_id):
self.log.error(
u'The egroup_id parameter is not a valid value: %s.',
egroup_id)
raise InvalidValueError(None, 'egroup_id', egroup_id)
egrp = EGrupo.get_by_pk(egroup_id)
if not has_perm(user, AdminPermission.EQUIPMENT_GROUP_MANAGEMENT,
AdminPermission.WRITE_OPERATION):
return self.not_authorized()
xml_map, attrs_map = loads(request.raw_post_data)
self.log.debug('XML_MAP: %s', xml_map)
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
return self.response_error(
3,
u'Não existe valor para a tag networkapi do XML de requisição.'
)
egroup_map = networkapi_map.get('grupo')
if egroup_map is None:
return self.response_error(
3,
u'Não existe valor para a tag grupo do XML de requisição.')
name = egroup_map.get('nome')
if not is_valid_string_maxsize(name, 100):
self.log.error(u'Parameter name is invalid. Value: %s', name)
raise InvalidValueError(None, 'name', name)
with distributedlock(LOCK_GROUP_EQUIPMENT % egroup_id):
# Destroy equipment's cache
equip_id_list = []
for equipament in egrp.equipamento_set.all():
equip_id_list.append(equipament.id)
destroy_cache_function(equip_id_list, True)
EGrupo.update(user, egroup_id, nome=name)
return self.response(dumps_networkapi({}))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def handle_put(self, request, user, *args, **kwargs):
'''Treat PUT requests to Invalidate a vlan
URL: vlan/<id_vlan>/invalidate/<network>
'''
try:
id_vlan = kwargs.get('id_vlan')
network = kwargs.get('network')
# User permission
if not has_perm(user, AdminPermission.ACL_VLAN_VALIDATION,
AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
# Valid Vlan ID
if not is_valid_int_greater_zero_param(id_vlan):
self.log.error(
u'The id_vlan parameter is not a valid value: %s.',
id_vlan)
raise InvalidValueError(None, 'vlan_id', id_vlan)
# Valid Network
if not is_valid_version_ip(network, IP_VERSION):
self.log.error(
u'The network parameter is not a valid value: %s.',
network)
raise InvalidValueError(None, 'network', network)
# Find Vlan by ID to check if it exist
vlan = Vlan().get_by_pk(id_vlan)
with distributedlock(LOCK_VLAN % id_vlan):
# Set Values
if network == IP_VERSION.IPv4[0]:
vlan.acl_valida = 0
vlan.acl_file_name = None
else:
vlan.acl_valida_v6 = 0
vlan.acl_file_name_v6 = None
vlan.save()
return self.response(dumps_networkapi({}))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def handle_put(self, request, user, *args, **kwargs):
"""Treat PUT requests to associate Filter and TipoEquipamento.
URL: filter/<filter_id>/equiptype/<equiptype_id>
"""
try:
self.log.info('')
# Commons Validations
# User permission
if not has_perm(user, AdminPermission.ENVIRONMENT_MANAGEMENT,
AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
if not is_valid_int_greater_zero_param(kwargs['id_filter']):
self.log.error(u'Parameter id_filter is invalid. Value: %s.',
kwargs['id_filter'])
raise InvalidValueError(None, 'id_filter', kwargs['id_filter'])
else:
# Check existence
fil = Filter().get_by_pk(kwargs['id_filter'])
if not is_valid_int_greater_zero_param(kwargs['id_equiptype']):
self.log.error(
u'Parameter id_equiptype is invalid. Value: %s.',
kwargs['id_equiptype'])
raise InvalidValueError(None, 'id_equiptype',
kwargs['id_equiptype'])
else:
# Check existence
tp_equip = TipoEquipamento().get_by_pk(kwargs['id_equiptype'])
association = FilterEquipType()
association.filter = fil
association.equiptype = tp_equip
# Check existence
association.validate()
# Save association
association.save()
fil_et_map = dict()
fil_et_map['id'] = association.id
return self.response(
dumps_networkapi({'equiptype_filter_xref': fil_et_map}))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def _validate_prefix_by_net_type(self, prefix, network_type):
if is_valid_int_param(prefix):
if network_type == IP_VERSION.IPv4[0]:
if int(prefix) not in range(33):
self.log.error(
u'The prefix parameter is invalid value: %s.', prefix)
raise InvalidValueError(None, 'prefix', prefix)
elif network_type == IP_VERSION.IPv6[0]:
if int(prefix) not in range(129):
self.log.error(
u'The prefix parameter is invalid value: %s.', prefix)
raise InvalidValueError(None, 'prefix', prefix)
def break_ip(ip):
"""
Returns array of each octs and string with ip
"""
if '.' in ip and ':' in ip:
raise InvalidValueError(None, 'ip', ip)
if '.' in ip:
# IPv4
blocks = split(ip, '.')
if len(blocks) != 4:
raise InvalidValueError(None, 'ip', ip)
version = IP_VERSION.IPv4[0]
elif ':' in ip:
# IPv6
blocks = split(ip, ':')
if len(blocks) != 8:
raise InvalidValueError(None, 'ip', ip)
version = IP_VERSION.IPv6[0]
else:
raise InvalidValueError(None, 'ip', ip)
# Make copy
unchanged = blocks[:]
for i, block in enumerate(blocks):
if len(block) == 0:
blocks[i] = '0'
ip_str = ''
if version == IP_VERSION.IPv4[0]:
ip_str = blocks[0] + '.' + blocks[1] + \
'.' + blocks[2] + '.' + blocks[3]
else:
# If IPv6, fill with 0 on the left
for i, block in enumerate(unchanged):
if len(block) != 4 and len(block) != 0:
unchanged[i] = block.rjust(4, '0')
ip_str = blocks[0] + ':' + blocks[1] + ':' + blocks[2] + ':' + blocks[3] + \
':' + blocks[4] + ':' + blocks[5] + \
':' + blocks[6] + ':' + blocks[7]
return unchanged, ip_str, version
def handle_get(self, request, user, *args, **kwargs):
"""Trata as requisições de GET para consulta de ambientes.
Permite a consulta de todos os ambientes, ambientes filtrados por divisao_dc,
ambientes filtrados por divisão_dc e por ambiente_logico
URLs: /ambiente/,
/ambiente/divisao_dc/<id_divisao_dc>/,
/ambiente/divisao_dc/<id_divisao_dc>/ambiente_logico/<id_amb_logico>/,
"""
try:
if not has_perm(user, AdminPermission.ENVIRONMENT_MANAGEMENT,
AdminPermission.READ_OPERATION):
return self.not_authorized()
environment_list = []
division_id = kwargs.get('id_divisao_dc')
environment_logical_id = kwargs.get('id_amb_logico')
if division_id is not None:
if not is_valid_int_greater_zero_param(division_id):
self.log.error(
u'The division_id parameter is not a valid value: %s.',
division_id)
raise InvalidValueError(None, 'division_id', division_id)
else:
division_dc = DivisaoDc.get_by_pk(division_id)
if environment_logical_id is not None:
if not is_valid_int_greater_zero_param(environment_logical_id):
self.log.error(
u'The environment_logical_id parameter is not a valid value: %s.',
environment_logical_id)
raise InvalidValueError(None, 'environment_logical_id',
environment_logical_id)
else:
loc_env = AmbienteLogico.get_by_pk(environment_logical_id)
environments = Ambiente().search(
division_id,
environment_logical_id).select_related('grupo_l3',
'ambiente_logico',
'divisao_dc', 'filter')
for environment in environments:
environment_list.append(get_environment_map(environment))
return self.response(
dumps_networkapi({'ambiente': environment_list}))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def handle_put(self, request, user, *args, **kwargs):
"""Treat PUT requests to dissociate Filter and TipoEquipamento.
URL: filter/<id_filter>/dissociate/<id_equip_type>
"""
try:
self.log.info("")
# Commons Validations
# User permission
if not has_perm(user, AdminPermission.ENVIRONMENT_MANAGEMENT,
AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
if not is_valid_int_greater_zero_param(kwargs['id_filter']):
self.log.error(u'Parameter id_filter is invalid. Value: %s.',
kwargs['id_filter'])
raise InvalidValueError(None, 'id_filter', kwargs['id_filter'])
else:
# Check existence
fil = Filter().get_by_pk(kwargs['id_filter'])
if not is_valid_int_greater_zero_param(kwargs['id_equip_type']):
self.log.error(
u'Parameter id_equip_type is invalid. Value: %s.',
kwargs['id_equip_type'])
raise InvalidValueError(None, 'id_equip_type',
kwargs['id_equip_type'])
else:
# Check existence
eq_tp = TipoEquipamento().get_by_pk(kwargs['id_equip_type'])
# Delete association
try:
association = FilterEquipType.objects.get(filter=fil.id,
equiptype=eq_tp.id)
## Only delete if there's no conflicts ##
association.delete()
except ObjectDoesNotExist, e:
# Association doesn't exist, ok
self.log.error(e)
pass
return self.response(dumps_networkapi({}))
def handle_get(self, request, user, *args, **kwargs):
"""Método responsável por tratar as requisições GET para consultar as interfaces.
URL: /interface/<nome_interface>/equipamento/<id_equipamento>
URL: /interface/equipamento/<id_equipamento>
"""
# Get url parameters
equipment_id = kwargs.get('id_equipamento')
interface_name = kwargs.get('nome_interface')
# Temporário, remover. Fazer de outra forma.
if isinstance(interface_name, basestring):
interface_name = interface_name.replace('s2it_replace', '/')
is_new = kwargs.get('new')
try:
# Valid id_equipamento value
if not is_valid_int_greater_zero_param(equipment_id):
self.log.error(u'Parameter equipment_id is invalid. Value: %s',
equipment_id)
raise InvalidValueError(None, 'equipment_id', equipment_id)
# Valid interface_name value
if not is_valid_string_minsize(
interface_name, 1,
required=False) or not is_valid_string_maxsize(
interface_name, 20, required=False):
self.log.error(
u'Parameter interface_name is invalid. Value: %s',
interface_name)
raise InvalidValueError(None, 'interface_name', interface_name)
# Check permission
if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT,
AdminPermission.READ_OPERATION, None, equipment_id,
AdminPermission.EQUIP_READ_OPERATION):
return self.not_authorized()
# Check interface and call search method
if interface_name is None:
return self.search_interface_of_equipment(equipment_id, is_new)
else:
return self.search_interface_by_name_and_equipment(
equipment_id, interface_name, is_new)
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def fix_acl_path(acl_path):
path = acl_path
if path:
if is_valid_regex(path, r'^.*[\\\\:*?"<>|].*$'):
raise InvalidValueError(None, 'acl_path', acl_path)
try:
while path[0] == '/':
path = path[1:]
while path[-1] == '/':
path = path[:-1]
except IndexError:
raise InvalidValueError(None, 'acl_path', acl_path)
return path
def handle_get(self, request, user, *args, **kwargs):
"""Trata as requisições GET para consulta de HealthCheckExpects por id.
Lista as informações de um HealthCheckExpect por id.
URL: /healthcheckexpect/get/<id_healthcheck_expect>/
"""
try:
if not has_perm(user, AdminPermission.HEALTH_CHECK_EXPECT,
AdminPermission.READ_OPERATION):
return self.not_authorized()
id_healthcheck = kwargs.get('id_healthcheck')
if not is_valid_int_greater_zero_param(id_healthcheck):
self.log.error(
u'The id_healthcheck parameter is not a valid value: %s.',
id_healthcheck)
raise InvalidValueError(None, 'id_healthcheck', id_healthcheck)
heal = HealthcheckExpect.get_by_pk(id_healthcheck)
healthcheckexpect_map = model_to_dict(heal)
return self.response(
dumps_networkapi({'healthcheck_expect':
healthcheckexpect_map}))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def _validate_network_type(self, network_type_id):
if not is_valid_int_greater_zero_param(network_type_id):
self.log.error(
u'The network_type_id parameter is invalid value: %s.',
network_type_id)
raise InvalidValueError(None, 'network_type_id', network_type_id)
def handle_get(self, request, user, *args, **kwargs):
"""Treat requests GET to get Group User.
URL: ugroup/get/<id_ugroup>/
"""
try:
self.log.info("Get Group User by ID")
id_ugroup = kwargs.get('id_ugroup')
# User permission
if not has_perm(user, AdminPermission.USER_ADMINISTRATION,
AdminPermission.READ_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
# Valid Group User ID
if not is_valid_int_greater_zero_param(id_ugroup):
self.log.error(
u'The id_ugroup parameter is not a valid value: %s.',
id_ugroup)
raise InvalidValueError(None, 'id_ugroup', id_ugroup)
# Find Group User by ID to check if it exist
ugroup = UGrupo.get_by_pk(id_ugroup)
ugroup_map = dict()
ugroup_map['user_group'] = model_to_dict(ugroup)
return self.response(dumps_networkapi(ugroup_map))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def handle_get(self, request, user, *args, **kwargs):
"""Treat requests GET to get Group Equipment.
URL: egroup/<id_egroup>/
"""
try:
self.log.info('Get Group Equipment by ID')
id_egroup = kwargs.get('id_egroup')
# User permission
if not has_perm(user, AdminPermission.EQUIPMENT_GROUP_MANAGEMENT,
AdminPermission.READ_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
# Valid Group Equipment ID
if not is_valid_int_greater_zero_param(id_egroup):
self.log.error(
u'The id_egroup parameter is not a valid value: %s.',
id_egroup)
raise InvalidValueError(None, 'id_egroup', id_egroup)
# Find Group Equipment by ID to check if it exist
egroup = EGrupo.get_by_pk(id_egroup)
egroup_map = dict()
egroup_map['group_equipament'] = model_to_dict(egroup)
return self.response(dumps_networkapi(egroup_map))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def handle_get(self, request, user, *args, **kwargs):
"""Handle GET requests to get Environment by id.
URLs: /environment/id/<environment_id>/,
"""
try:
if not has_perm(user, AdminPermission.ENVIRONMENT_MANAGEMENT,
AdminPermission.READ_OPERATION):
return self.not_authorized()
environment_list = []
environment_id = kwargs.get('environment_id')
if not is_valid_int_greater_zero_param(environment_id):
self.log.error(
u'Parameter environment_id is invalid. Value: %s.',
environment_id)
raise InvalidValueError(None, 'environment_id', environment_id)
environment_list.append(
get_environment_map(Ambiente().get_by_pk(environment_id)))
return self.response(
dumps_networkapi({'ambiente': environment_list}))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def handle_delete(self, request, user, *args, **kwargs):
"""Treat DELETE requests to remove Filters.
URL: filter/<id_filter>/
"""
try:
self.log.info('Remove Filter')
# Commons Validations
# User permission
if not has_perm(user, AdminPermission.ENVIRONMENT_MANAGEMENT,
AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
if not is_valid_int_greater_zero_param(kwargs['id_filter']):
self.log.error(u'Parameter id_filter is invalid. Value: %s.',
kwargs['id_filter'])
raise InvalidValueError(None, 'id_filter', kwargs['id_filter'])
else:
# Check existence
fil = Filter().get_by_pk(kwargs['id_filter'])
try:
# Remove filter and its relationships
fil.delete()
except Exception, e:
self.log.error(u'Failed to remove the filter.')
raise e
return self.response(dumps_networkapi({}))
def handle_get(self, request, user, *args, **kwargs):
try:
self.log.info("Get rules in Environment")
# User permission
if not has_perm(user, AdminPermission.VIP_VALIDATION, AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
id_env = kwargs.get('id_env')
if not is_valid_int_greater_zero_param(id_env):
self.log.error(
u'The id_env parameter is not a valid value: %s.', id_env)
raise InvalidValueError(None, 'id_env', id_env)
Ambiente.objects.get(pk=id_env)
rules = Rule.objects.filter(environment=id_env, vip=None)
rule_list = []
for rule in rules:
rule_list.append(model_to_dict(rule))
return self.response(dumps_networkapi({'rules': rule_list}))
except InvalidValueError, e:
self.log.error(
u'Parameter %s is invalid. Value: %s.', e.param, e.value)
return self.response_error(269, e.param, e.value)
def handle_get(self, request, user, *args, **kwargs):
"""Treat GET requests to get a Filter by id.
URL: filter/get/<id_filter>/
"""
try:
self.log.info("Get Filter by id")
# Commons Validations
# User permission
if not has_perm(user, AdminPermission.ENVIRONMENT_MANAGEMENT, AdminPermission.READ_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
if not is_valid_int_greater_zero_param(kwargs['id_filter']):
self.log.error(
u'Parameter id_filter is invalid. Value: %s.', kwargs['id_filter'])
raise InvalidValueError(None, 'id_filter', kwargs['id_filter'])
else:
# Check existence
fil = Filter().get_by_pk(kwargs['id_filter'])
filter_dict = model_to_dict(fil)
filter_dict['equip_types'] = list()
for fil_equip_type in fil.filterequiptype_set.all():
filter_dict['equip_types'].append(
model_to_dict(fil_equip_type.equiptype))
return self.response(dumps_networkapi({'filter': filter_dict}))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def handle_delete(self, request, user, *args, **kwargs):
"""Treat requests DELETE to remove Rule.
URL: rule/delete/<id_rule>/
"""
try:
self.log.info('Delete rule from an environment')
# User permission
if not has_perm(user, AdminPermission.VIP_VALIDATION,
AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
id_rule = kwargs.get('id_rule')
if not is_valid_int_greater_zero_param(id_rule):
self.log.error(
u'The id_rule parameter is not a valid value: %s.',
id_rule)
raise InvalidValueError(None, 'id_rule', id_rule)
rule = Rule.objects.get(pk=id_rule)
rule.delete()
return self.response(dumps_networkapi({}))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
