def handle_get(self, request, user, *args, **kwargs):
"""Rollback of the filter
URLs: /vip/l7/<id_vip>/rollback/
"""
self.log.info('Applies the last working filter to VIP')
try:
id_vip = kwargs.get('id_vip')
# User is authorized
if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT,
AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
# Valid Vip ID
if not is_valid_int_greater_zero_param(id_vip):
self.log.error(
u'The vip_id parameter is not a valid value: %s.', id_vip)
raise InvalidValueError(None)
# Get VIP data
vip = RequisicaoVips.get_by_pk(id_vip)
with distributedlock(LOCK_VIP % id_vip):
# backup do vip
vip_old = clone(vip)
# Vip must be created
if not vip.vip_criado:
self.log.error(
u'Filter can not be applied because VIP has not been created yet.'
)
raise RequestVipsNotBeenCreatedError(None)
# salva data do rollback, rollback para aplicado, passa o
# aplicado para l7
vip.applied_l7_datetime = datetime.now().strftime(
'%Y-%m-%d %H:%M:%S')
# Set Applied With Rollback
vip.filter_applied = vip_old.filter_rollback
vip.rule_applied = vip_old.rule_rollback
# Set Rollback With Applied
vip.filter_rollback = vip_old.filter_applied
vip.rule_rollback = vip_old.rule_applied
vip.save(user, commit=True)
# roda script
command = 'gerador_vips -i %d --l7_filter_current' % vip.id
code, stdout, stderr = exec_script(command)
# code 0 = executou com sucesso
if code == 0:
success_map = dict()
success_map['codigo'] = '%04d' % code
success_map['descricao'] = {
'stdout': stdout,
'stderr': stderr
}
map = dict()
map['sucesso'] = success_map
return self.response(dumps_networkapi(map))
else:
# pega os dados anteriores e os salva no banco
vip_old.save(user, commit=True)
return self.response_error(2, stdout + stderr)
except XMLError, x:
self.log.error(u'Error reading the XML request.')
return self.response_error(3, x)
def handle_put(self, request, user, *args, **kwargs):
"""
Handles PUT requests to change the VIP's real server.
URL: vip/real/edit
"""
self.log.info("Change VIP's real server")
try:
# User permission
if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
# Commons Validations
# Load XML data
xml_map, attrs_map = loads(
request.raw_post_data, ['real', 'reals_weight', 'reals_priority'])
# XML data format
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
return self.response_error(3, u'There is no value to the networkapi tag of XML request.')
vip_map = networkapi_map.get('vip')
if vip_map is None:
return self.response_error(3, u'There is no value to the vip tag of XML request.')
# Get XML data
vip_id = vip_map.get('vip_id')
alter_priority = vip_map.get('alter_priority')
# Valid VIP ID
if not is_valid_int_greater_zero_param(vip_id):
self.log.error(
u'The vip_id parameter is not a valid value: %s.', vip_id)
raise InvalidValueError(None, 'vip_id', vip_id)
# Valid Alter Priority
if not is_valid_int_greater_equal_zero_param(alter_priority):
alter_priority = 0
# Existing Vip ID
vip = RequisicaoVips.get_by_pk(vip_id)
# Clone vip
vip_old = clone(vip)
server_pools = ServerPool.objects.filter(vipporttopool__requisicao_vip=vip)
server_pools_old = []
server_pools_members_old = []
for sp in server_pools:
server_pools_old.append(sp)
for spm in sp.serverpoolmember_set.all():
server_pools_members_old.append(spm)
# Get variables
variables_map = vip.variables_to_map()
# Valid variables
vip.set_variables(variables_map)
# Get balancing method
vip_map['metodo_bal'] = str(
variables_map.get('metodo_bal')).upper()
with distributedlock(LOCK_VIP % vip_id):
# Valid real names and real ips of real server
if vip_map.get('reals') is not None:
evip = EnvironmentVip.get_by_values(variables_map.get(
'finalidade'), variables_map.get('cliente'), variables_map.get('ambiente'))
for real in vip_map.get('reals').get('real'):
ip_aux_error = real.get('real_ip')
equip_aux_error = real.get('real_name')
if equip_aux_error is not None:
equip = Equipamento.get_by_name(equip_aux_error)
else:
self.log.error(
u'The real_name parameter is not a valid value: None.')
raise InvalidValueError(None, 'real_name', 'None')
# Valid Real
RequisicaoVips.valid_real_server(
ip_aux_error, equip, evip, False)
# Valid reals_prioritys
vip_map, code = vip.valid_values_reals_priority(vip_map)
if code is not None:
return self.response_error(329)
# Valid reals_weight
vip_map, code = vip.valid_values_reals_weight(vip_map)
if code is not None:
return self.response_error(330)
# Get variables
variables_map = vip.variables_to_map()
vip_port_list, reals_list, reals_priority, reals_weight = vip.get_vips_and_reals(
vip.id)
if reals_list:
variables_map['reals'] = {'real': reals_list}
variables_map['reals_prioritys'] = {
'reals_priority': reals_priority}
variables_map['reals_weights'] = {
'reals_weight': reals_weight}
variables_map['portas_servicos'] = {'porta': vip_port_list}
# clone variables_map
variables_map_old = clone(variables_map)
# Valid ports
variables_map, code = vip.valid_values_ports(variables_map)
if code is not None:
return self.response_error(331)
""" OLD CALLS - Deprecated """
vip_ports_pool = VipPortToPool.objects.filter(
requisicao_vip=vip)
reals = vip_map.get('reals')
new_call = True
if reals and 'port_real' not in reals['real'][0]:
new_call = False
reals_prioritys = vip_map.get('reals_prioritys')
reals_weights = dict()
if 'reals_weights' in vip_map:
reals_weights = vip_map.get('reals_weights')
reals_aux = dict()
reals_prioritys_aux = dict()
reals_weight_aux = dict()
reals_aux['real'] = list()
reals_prioritys_aux['reals_priority'] = list()
reals_weight_aux['reals_weight'] = list()
repeat = (
len(vip_ports_pool) * len(reals['real'])) / len(reals['real'])
execute_list = list()
for x in range(repeat):
execute_list.append((x + 1) * len(reals['real']))
for i in range(len(reals['real'])):
for vippp in vip_ports_pool:
reals_prioritys_aux['reals_priority'].append(
reals_prioritys['reals_priority'][i])
if 'reals_weight' in reals_weights:
reals_weight_aux['reals_weight'].append(
reals_weights['reals_weight'][i])
server_pool = ServerPool.objects.get(
vipporttopool__id=vippp.id, vipporttopool__requisicao_vip=vip)
if 'id_ip' not in reals['real'][i]:
id_ip = get_id_ip(reals['real'][i])
else:
id_ip = reals['real'][i]['id_ip']
reals_aux['real'].append({'id_ip': id_ip, 'port_real': server_pool.default_port, 'real_name': reals[
'real'][i]['real_name'], 'port_vip': vippp.port_vip, u'real_ip': reals['real'][i]['real_ip']})
vip_map['reals_prioritys'] = reals_prioritys_aux
vip_map['reals_weights'] = reals_weight_aux
vip_map['reals'] = reals_aux
""" OLD CALLS - END """
# Check diff reals (reals_to_add, reals_to_rem, reals_to_stay)
reals_to_add, reals_to_rem, reals_to_stay = diff_reals(
variables_map, vip_map)
reals_final = dict()
reals_final['reals'] = list()
reals_final['priorities'] = list()
reals_final['weights'] = list()
reals_error = list()
removes = True
error = False
##############################################
# NOT MODIFIED - reals_to_stay #
##############################################
for i in range(len(reals_to_stay['reals'])):
real, priority, weight, id_ip, port_vip, port_real, new_call = get_variables(
reals_to_stay, i, new_call)
# Check ip type
if is_valid_ipv4(real.get('real_ip')) == True:
ip_type = IP_VERSION.IPv4[1]
ip = Ip().get_by_pk(id_ip)
else:
ip_type = IP_VERSION.IPv6[1]
ip = Ipv6().get_by_pk(id_ip)
reals_final['reals'].append(reals_to_stay['reals'][i])
reals_final['priorities'].append(
reals_to_stay['priorities'][i])
if reals_to_stay['weighted']:
reals_final['weights'].append(
reals_to_stay['weights'][i])
server_pool = ServerPool.objects.get(
vipporttopool__port_vip=port_vip, vipporttopool__requisicao_vip=vip)
if ip_type == IP_VERSION.IPv4[1]:
server_pool_member = ServerPoolMember.objects.get(server_pool=server_pool,
port_real=port_real,
ip=id_ip)
else:
server_pool_member = ServerPoolMember.objects.get(server_pool=server_pool,
port_real=port_real,
ipv6=id_ip)
server_pool_member.priority = priority
server_pool_member.weight = weight
server_pool_member.save(user, commit=True)
#############################################
# ADD REALS - reals_to_add #
#############################################
for i in range(len(reals_to_add['reals'])):
real, priority, weight, id_ip, port_vip, port_real, new_call = get_variables(
reals_to_add, i, new_call)
if len(real.get('real_ip').split('.')) <= 1:
ip_type = IP_VERSION.IPv6[1]
ip = Ipv6().get_by_pk(id_ip)
if new_call:
command = VIP_REALS_v6_CREATE % (
vip.id, id_ip, port_real, port_vip)
else:
command = VIP_REAL_v6_CREATE % (
vip.id, real.get('real_name'), real.get('real_ip'))
else:
ip_type = IP_VERSION.IPv4[1]
ip = Ip().get_by_pk(id_ip)
if new_call:
command = VIP_REALS_v4_CREATE % (
vip.id, id_ip, port_real, port_vip)
else:
command = VIP_REAL_v4_CREATE % (
vip.id, real.get('real_name'), real.get('real_ip'))
self.log.info(
'------------------- ADD ----------------------')
self.log.info(
'Insert ServerPoolMember before execute script')
add_reals_before_script(
port_vip, vip, ip, ip_type, priority, weight, port_real, user)
self.log.info('The insert has completed successfully')
# if new_call or (i + 1) in execute_list:
self.log.info('Execute script: %s' % command)
code, stdout, stderr = exec_script(command)
self.log.info(
'Script was executed and returned code %s' % code)
if code != 0:
removes = False
error = True
reals_error.append(real)
self.log.info(
'Remove ServerPoolMember after execute script if code != 0')
remove_reals_after_script(
port_vip, ip_type, vip, port_real, priority, weight, id_ip, user)
self.log.info('The remove has completed successfully')
else:
reals_final['reals'].append(real)
reals_final['priorities'].append(
reals_to_add['priorities'][i])
if reals_to_add['weighted']:
reals_final['weights'].append(
reals_to_add['weights'][i])
self.log.info(
'----------------- ADD END --------------------')
##########################################
# REMOVE REALS - reals_to_rem #
##########################################
if removes:
for i in range(len(reals_to_rem['reals'])):
real, priority, weight, id_ip, port_vip, port_real, new_call = get_variables(
reals_to_rem, i, new_call)
if len(real.get('real_ip').split('.')) <= 1:
ip_type = IP_VERSION.IPv6[1]
if new_call:
command = VIP_REALS_v6_REMOVE % (
vip.id, id_ip, port_real, port_vip)
else:
command = VIP_REAL_v6_REMOVE % (
vip.id, real.get('real_name'), real.get('real_ip'))
else:
ip_type = IP_VERSION.IPv4[1]
if new_call:
command = VIP_REALS_v4_REMOVE % (
vip.id, id_ip, port_real, port_vip)
else:
command = VIP_REAL_v4_REMOVE % (
vip.id, real.get('real_name'), real.get('real_ip'))
self.log.info(
'------------------ REMOVE --------------------')
self.log.info('Execute script: %s' % command)
code, stdout, stderr = exec_script(command)
self.log.info(
'script was executed and returned code %s' % code)
if code != 0:
error = True
reals_error.append(real)
reals_final['reals'].append(real)
reals_final['priorities'].append(
reals_to_rem['priorities'][i])
if reals_to_rem['weighted']:
reals_final['weights'].append(
reals_to_rem['weights'][i])
else:
self.log.info(
'Remove ServerPoolMember after execute script')
remove_reals_after_script(
port_vip, ip_type, vip, port_real, priority, weight, id_ip, user)
self.log.info(
'The remove has completed successfully')
self.log.info(
'---------------- REMOVE END ------------------')
else:
for i in range(len(reals_to_rem['reals'])):
real = reals_to_rem['reals'][i]
reals_final['reals'].append(real)
reals_final['priorities'].append(
reals_to_rem['priorities'][i])
if reals_to_add['weighted']:
reals_final['weights'].append(
reals_to_rem['weights'][i])
variables_map['reals'] = dict()
variables_map['reals_prioritys'] = dict()
variables_map['reals_weights'] = dict()
if len(reals_final['reals']) > 0:
variables_map['reals']['real'] = reals_final['reals']
variables_map['reals_prioritys'][
'reals_priority'] = reals_final['priorities']
if reals_final['weights'] is not None:
variables_map['reals_weights'][
'reals_weight'] = reals_final['weights']
else:
variables_map.pop('reals')
variables_map.pop('reals_prioritys')
variables_map.pop('reals_weights')
# set variables
vip.set_variables(variables_map)
try:
# If Priority changed
if int(alter_priority) != 0:
# gerador_vips -i <ID_REQUISICAO> --priority
command = 'gerador_vips -i %d --priority' % vip.id
# Logging
self.log.info(
'---------------- ALTER PRIORITY ------------------')
self.log.info('Command: ' + command)
# Execute script
code, stdout, stderr = exec_script(command)
self.log.info('Code returned: ' + str(code))
self.log.info('Stdout: ' + stdout)
self.log.info(
'-------------- ALTER PRIORITY END ----------------')
# Script returned error while executing, rollback the
# changes in database
if code != 0:
self.log.info('Code != 0, rollback changes')
vip_old.save(user, commit=True)
for sp in server_pools_old:
sp.save(user, commit=True)
for spm in server_pools_members_old:
spm.save(user, commit=True)
return self.response_error(2, stdout + stderr)
except Exception, e:
if isinstance(e, IntegrityError):
# Duplicate value for Port Vip, Port Real and IP
self.log.error(u'Failed to update the request vip.')
return self.response_error(353)
else:
self.log.error(u'Failed to update the request vip.')
raise RequisicaoVipsError(
e, u'Failed to update the request vip')
if error:
# build return message
vip_list = ''
ip_list = ''
for real in reals_error:
vip_list = vip_list + real['real_name'] + ', '
ip_list = ip_list + real['real_ip'] + ', '
return self.response_error(333, vip_list[:-2], ip_list[:-2])
else:
return self.response(dumps_networkapi({}))
except XMLError, x:
self.log.error(u'Error reading the XML request.')
return self.response_error(3, x)
def handle_put(self, request, user, *args, **kwargs):
"""Treat requests PUT change limit connections to VIP.
URLs: /vip/<id_vip>/maxcon/<maxcon>/
"""
self.log.info("Change limit connections to VIP")
try:
vip_id = kwargs.get('id_vip')
maxcon = kwargs.get('maxcon')
# User permission
if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
# Valid Vip ID
if not is_valid_int_greater_zero_param(vip_id):
self.log.error(
u'The vip_id parameter is not a valid value: %s.', vip_id)
raise InvalidValueError(None)
# Valid Maxcon
if not is_valid_int_greater_equal_zero_param(maxcon):
self.log.error(
u'The maxcon parameter is not a valid value: %s.', maxcon)
raise InvalidValueError(None)
# Existing Vip ID
vip = RequisicaoVips.get_by_pk(vip_id)
with distributedlock(LOCK_VIP % vip_id):
vip_old = clone(vip)
server_pools = ServerPool.objects.filter(vipporttopool__requisicao_vip=vip)
server_pools_old = []
server_pools_members_old = []
for sp in server_pools:
server_pools_old.append(sp)
for spm in sp.serverpoolmember_set.all():
server_pools_members_old.append(spm)
# Vip must be created
if not vip.vip_criado:
self.log.error(
u'Maxcon can not be changed because VIP has not yet been created.')
raise RequestVipsNotBeenCreatedError(None)
# Vip equipments permission
if vip.ip is not None:
for ip_equipment in vip.ip.ipequipamento_set.all():
if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION, None, ip_equipment.equipamento_id, AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION):
self.log.error(
u'Groups of equipment registered with the IP of the VIP request is not allowed of acess.')
raise EquipmentGroupsNotAuthorizedError(None)
if vip.ipv6 is not None:
for ip_equipment in vip.ipv6.ipv6equipament_set.all():
if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION, None, ip_equipment.equipamento_id, AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION):
self.log.error(
u'Groups of equipment registered with the IP of the VIP request is not allowed of acess.')
raise EquipmentGroupsNotAuthorizedError(None)
# Get variables
variables_map = vip.variables_to_map()
# Valid variables
vip.set_variables(variables_map)
# Valid real names and real ips of real server
if variables_map.get('reals') is not None:
evip = EnvironmentVip.get_by_values(variables_map.get(
'finalidade'), variables_map.get('cliente'), variables_map.get('ambiente'))
for real in variables_map.get('reals').get('real'):
ip_aux_error = real.get('real_ip')
equip_aux_error = real.get('real_name')
equip = Equipamento.get_by_name(equip_aux_error)
# Valid Real
RequisicaoVips.valid_real_server(
ip_aux_error, equip, evip)
# Valid reals_prioritys
variables_map, code = vip.valid_values_reals_priority(
variables_map)
if code is not None:
return self.response_error(329)
# Valid reals_weight
variables_map, code = vip.valid_values_reals_weight(
variables_map)
if code is not None:
return self.response_error(330)
# Valid ports
variables_map, code = vip.valid_values_ports(variables_map)
if code is not None:
return self.response_error(331)
variables_map['maxcon'] = maxcon
vip.set_variables(variables_map)
vip.save(user, commit=True)
#update server pool limits table
#Fix #27
server_pools = ServerPool.objects.filter(vipporttopool__requisicao_vip=vip)
for sp in server_pools:
#If exists pool member, change default maxconn of pool and members
if(len(sp.serverpoolmember_set.all()) > 0):
#if(old_maxconn != sp.default_limit and sp.pool_created):
sp.default_limit = maxcon
sp.save(user, commit=True)
for serverpoolmember in sp.serverpoolmember_set.all():
serverpoolmember.limit = maxcon
serverpoolmember.save(user, commit=True)
# gerador_vips -i <ID_REQUISICAO> --maxconn
command = 'gerador_vips -i %d --maxconn' % vip.id
code, stdout, stderr = exec_script(command)
if code == 0:
success_map = dict()
success_map['codigo'] = '%04d' % code
success_map['descricao'] = {
'stdout': stdout, 'stderr': stderr}
map = dict()
map['sucesso'] = success_map
return self.response(dumps_networkapi(map))
else:
#TODO Check if is needed to update pool members separately
vip_old.save(user, commit=True)
for sp in server_pools_old:
sp.save(user, commit=True)
for spm in server_pools_members_old:
spm.save(user, commit=True)
return self.response_error(2, stdout + stderr)
except XMLError, x:
self.log.error(u'Error reading the XML request.')
return self.response_error(3, x)
def handle_put(self, request, user, *args, **kwargs):
"""
Handles PUT requests to change the VIP's real server.
URL: vip/real/edit
"""
self.log.info("Change VIP's real server")
try:
# User permission
if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT,
AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
# Commons Validations
# Load XML data
xml_map, attrs_map = loads(
request.raw_post_data,
['real', 'reals_weight', 'reals_priority'])
# XML data format
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
return self.response_error(
3,
u'There is no value to the networkapi tag of XML request.'
)
vip_map = networkapi_map.get('vip')
if vip_map is None:
return self.response_error(
3, u'There is no value to the vip tag of XML request.')
# Get XML data
vip_id = vip_map.get('vip_id')
alter_priority = vip_map.get('alter_priority')
# Valid VIP ID
if not is_valid_int_greater_zero_param(vip_id):
self.log.error(
u'The vip_id parameter is not a valid value: %s.', vip_id)
raise InvalidValueError(None, 'vip_id', vip_id)
# Valid Alter Priority
if not is_valid_int_greater_equal_zero_param(alter_priority):
alter_priority = 0
# Existing Vip ID
vip = RequisicaoVips.get_by_pk(vip_id)
# Clone vip
vip_old = clone(vip)
server_pools = ServerPool.objects.filter(
vipporttopool__requisicao_vip=vip)
server_pools_old = []
server_pools_members_old = []
for sp in server_pools:
server_pools_old.append(sp)
for spm in sp.serverpoolmember_set.all():
server_pools_members_old.append(spm)
# Get variables
variables_map = vip.variables_to_map()
# Valid variables
vip.set_variables(variables_map)
# Get balancing method
vip_map['metodo_bal'] = str(
variables_map.get('metodo_bal')).upper()
with distributedlock(LOCK_VIP % vip_id):
# Valid real names and real ips of real server
if vip_map.get('reals') is not None:
evip = EnvironmentVip.get_by_values(
variables_map.get('finalidade'),
variables_map.get('cliente'),
variables_map.get('ambiente'))
for real in vip_map.get('reals').get('real'):
ip_aux_error = real.get('real_ip')
equip_aux_error = real.get('real_name')
if equip_aux_error is not None:
equip = Equipamento.get_by_name(equip_aux_error)
else:
self.log.error(
u'The real_name parameter is not a valid value: None.'
)
raise InvalidValueError(None, 'real_name', 'None')
# Valid Real
RequisicaoVips.valid_real_server(
ip_aux_error, equip, evip, False)
# Valid reals_prioritys
vip_map, code = vip.valid_values_reals_priority(vip_map)
if code is not None:
return self.response_error(329)
# Valid reals_weight
vip_map, code = vip.valid_values_reals_weight(vip_map)
if code is not None:
return self.response_error(330)
# Get variables
variables_map = vip.variables_to_map()
vip_port_list, reals_list, reals_priority, reals_weight = vip.get_vips_and_reals(
vip.id)
if reals_list:
variables_map['reals'] = {'real': reals_list}
variables_map['reals_prioritys'] = {
'reals_priority': reals_priority
}
variables_map['reals_weights'] = {
'reals_weight': reals_weight
}
variables_map['portas_servicos'] = {'porta': vip_port_list}
# clone variables_map
# variables_map_old = clone(variables_map)
# Valid ports
variables_map, code = vip.valid_values_ports(variables_map)
if code is not None:
return self.response_error(331)
""" OLD CALLS - Deprecated """
vip_ports_pool = VipPortToPool.objects.filter(
requisicao_vip=vip)
reals = vip_map.get('reals')
new_call = True
if reals and 'port_real' not in reals['real'][0]:
new_call = False
reals_prioritys = vip_map.get('reals_prioritys')
reals_weights = dict()
if 'reals_weights' in vip_map:
reals_weights = vip_map.get('reals_weights')
reals_aux = dict()
reals_prioritys_aux = dict()
reals_weight_aux = dict()
reals_aux['real'] = list()
reals_prioritys_aux['reals_priority'] = list()
reals_weight_aux['reals_weight'] = list()
repeat = (len(vip_ports_pool) * len(reals['real'])) / len(
reals['real'])
execute_list = list()
for x in range(repeat):
execute_list.append((x + 1) * len(reals['real']))
for i in range(len(reals['real'])):
for vippp in vip_ports_pool:
reals_prioritys_aux['reals_priority'].append(
reals_prioritys['reals_priority'][i])
if 'reals_weight' in reals_weights:
reals_weight_aux['reals_weight'].append(
reals_weights['reals_weight'][i])
server_pool = ServerPool.objects.get(
vipporttopool__id=vippp.id,
vipporttopool__requisicao_vip=vip)
if 'id_ip' not in reals['real'][i]:
id_ip = get_id_ip(reals['real'][i])
else:
id_ip = reals['real'][i]['id_ip']
reals_aux['real'].append({
'id_ip':
id_ip,
'port_real':
server_pool.default_port,
'real_name':
reals['real'][i]['real_name'],
'port_vip':
vippp.port_vip,
u'real_ip':
reals['real'][i]['real_ip']
})
vip_map['reals_prioritys'] = reals_prioritys_aux
vip_map['reals_weights'] = reals_weight_aux
vip_map['reals'] = reals_aux
""" OLD CALLS - END """
# Check diff reals (reals_to_add, reals_to_rem, reals_to_stay)
reals_to_add, reals_to_rem, reals_to_stay = diff_reals(
variables_map, vip_map)
reals_final = dict()
reals_final['reals'] = list()
reals_final['priorities'] = list()
reals_final['weights'] = list()
reals_error = list()
removes = True
error = False
##############################################
# NOT MODIFIED - reals_to_stay #
##############################################
for i in range(len(reals_to_stay['reals'])):
real, priority, weight, id_ip, port_vip, port_real, new_call = get_variables(
reals_to_stay, i, new_call)
# Check ip type
if is_valid_ipv4(real.get('real_ip')) is True:
ip_type = IP_VERSION.IPv4[1]
ip = Ip().get_by_pk(id_ip)
else:
ip_type = IP_VERSION.IPv6[1]
ip = Ipv6().get_by_pk(id_ip)
reals_final['reals'].append(reals_to_stay['reals'][i])
reals_final['priorities'].append(
reals_to_stay['priorities'][i])
if reals_to_stay['weighted']:
reals_final['weights'].append(
reals_to_stay['weights'][i])
server_pool = ServerPool.objects.get(
vipporttopool__port_vip=port_vip,
vipporttopool__requisicao_vip=vip)
if ip_type == IP_VERSION.IPv4[1]:
server_pool_member = ServerPoolMember.objects.get(
server_pool=server_pool,
port_real=port_real,
ip=id_ip)
else:
server_pool_member = ServerPoolMember.objects.get(
server_pool=server_pool,
port_real=port_real,
ipv6=id_ip)
server_pool_member.priority = priority
server_pool_member.weight = weight
server_pool_member.save(user, commit=True)
#############################################
# ADD REALS - reals_to_add #
#############################################
for i in range(len(reals_to_add['reals'])):
real, priority, weight, id_ip, port_vip, port_real, new_call = get_variables(
reals_to_add, i, new_call)
if len(real.get('real_ip').split('.')) <= 1:
ip_type = IP_VERSION.IPv6[1]
ip = Ipv6().get_by_pk(id_ip)
if new_call:
command = VIP_REALS_v6_CREATE % (
vip.id, id_ip, port_real, port_vip)
else:
command = VIP_REAL_v6_CREATE % (
vip.id, real.get('real_name'),
real.get('real_ip'))
else:
ip_type = IP_VERSION.IPv4[1]
ip = Ip().get_by_pk(id_ip)
if new_call:
command = VIP_REALS_v4_CREATE % (
vip.id, id_ip, port_real, port_vip)
else:
command = VIP_REAL_v4_CREATE % (
vip.id, real.get('real_name'),
real.get('real_ip'))
self.log.info(
'------------------- ADD ----------------------')
self.log.info(
'Insert ServerPoolMember before execute script')
add_reals_before_script(port_vip, vip, ip, ip_type,
priority, weight, port_real, user)
self.log.info('The insert has completed successfully')
# if new_call or (i + 1) in execute_list:
self.log.info('Execute script: %s' % command)
code, stdout, stderr = exec_script(command)
self.log.info('Script was executed and returned code %s' %
code)
if code != 0:
removes = False
error = True
reals_error.append(real)
self.log.info(
'Remove ServerPoolMember after execute script if code != 0'
)
remove_reals_after_script(port_vip, ip_type, vip,
port_real, priority, weight,
id_ip, user)
self.log.info('The remove has completed successfully')
else:
reals_final['reals'].append(real)
reals_final['priorities'].append(
reals_to_add['priorities'][i])
if reals_to_add['weighted']:
reals_final['weights'].append(
reals_to_add['weights'][i])
self.log.info(
'----------------- ADD END --------------------')
##########################################
# REMOVE REALS - reals_to_rem #
##########################################
if removes:
for i in range(len(reals_to_rem['reals'])):
real, priority, weight, id_ip, port_vip, port_real, new_call = get_variables(
reals_to_rem, i, new_call)
if len(real.get('real_ip').split('.')) <= 1:
ip_type = IP_VERSION.IPv6[1]
if new_call:
command = VIP_REALS_v6_REMOVE % (
vip.id, id_ip, port_real, port_vip)
else:
command = VIP_REAL_v6_REMOVE % (
vip.id, real.get('real_name'),
real.get('real_ip'))
else:
ip_type = IP_VERSION.IPv4[1]
if new_call:
command = VIP_REALS_v4_REMOVE % (
vip.id, id_ip, port_real, port_vip)
else:
command = VIP_REAL_v4_REMOVE % (
vip.id, real.get('real_name'),
real.get('real_ip'))
self.log.info(
'------------------ REMOVE --------------------')
self.log.info('Execute script: %s' % command)
code, stdout, stderr = exec_script(command)
self.log.info(
'script was executed and returned code %s' % code)
if code != 0:
error = True
reals_error.append(real)
reals_final['reals'].append(real)
reals_final['priorities'].append(
reals_to_rem['priorities'][i])
if reals_to_rem['weighted']:
reals_final['weights'].append(
reals_to_rem['weights'][i])
else:
self.log.info(
'Remove ServerPoolMember after execute script')
remove_reals_after_script(port_vip, ip_type, vip,
port_real, priority,
weight, id_ip, user)
self.log.info(
'The remove has completed successfully')
self.log.info(
'---------------- REMOVE END ------------------')
else:
for i in range(len(reals_to_rem['reals'])):
real = reals_to_rem['reals'][i]
reals_final['reals'].append(real)
reals_final['priorities'].append(
reals_to_rem['priorities'][i])
if reals_to_add['weighted']:
reals_final['weights'].append(
reals_to_rem['weights'][i])
variables_map['reals'] = dict()
variables_map['reals_prioritys'] = dict()
variables_map['reals_weights'] = dict()
if len(reals_final['reals']) > 0:
variables_map['reals']['real'] = reals_final['reals']
variables_map['reals_prioritys'][
'reals_priority'] = reals_final['priorities']
if reals_final['weights'] is not None:
variables_map['reals_weights'][
'reals_weight'] = reals_final['weights']
else:
variables_map.pop('reals')
variables_map.pop('reals_prioritys')
variables_map.pop('reals_weights')
# set variables
vip.set_variables(variables_map)
try:
# If Priority changed
if int(alter_priority) != 0:
# gerador_vips -i <ID_REQUISICAO> --priority
command = 'gerador_vips -i %d --priority' % vip.id
# Logging
self.log.info(
'---------------- ALTER PRIORITY ------------------'
)
self.log.info('Command: ' + command)
# Execute script
code, stdout, stderr = exec_script(command)
self.log.info('Code returned: ' + str(code))
self.log.info('Stdout: ' + stdout)
self.log.info(
'-------------- ALTER PRIORITY END ----------------'
)
# Script returned error while executing, rollback the
# changes in database
if code != 0:
self.log.info('Code != 0, rollback changes')
vip_old.save(user, commit=True)
for sp in server_pools_old:
sp.save(user, commit=True)
for spm in server_pools_members_old:
spm.save(user, commit=True)
return self.response_error(2, stdout + stderr)
except Exception, e:
if isinstance(e, IntegrityError):
# Duplicate value for Port Vip, Port Real and IP
self.log.error(u'Failed to update the request vip.')
return self.response_error(353)
else:
self.log.error(u'Failed to update the request vip.')
raise RequisicaoVipsError(
e, u'Failed to update the request vip')
if error:
# build return message
vip_list = ''
ip_list = ''
for real in reals_error:
vip_list = vip_list + real['real_name'] + ', '
ip_list = ip_list + real['real_ip'] + ', '
return self.response_error(333, vip_list[:-2],
ip_list[:-2])
else:
return self.response(dumps_networkapi({}))
except XMLError, x:
self.log.error(u'Error reading the XML request.')
return self.response_error(3, x)
def handle_get(self, request, user, *args, **kwargs):
"""Rollback of the filter
URLs: /vip/l7/<id_vip>/rollback/
"""
self.log.info("Applies the last working filter to VIP")
try:
id_vip = kwargs.get('id_vip')
# User is authorized
if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
# Valid Vip ID
if not is_valid_int_greater_zero_param(id_vip):
self.log.error(
u'The vip_id parameter is not a valid value: %s.', id_vip)
raise InvalidValueError(None)
# Get VIP data
vip = RequisicaoVips.get_by_pk(id_vip)
with distributedlock(LOCK_VIP % id_vip):
# backup do vip
vip_old = clone(vip)
# Vip must be created
if not vip.vip_criado:
self.log.error(
u'Filter can not be applied because VIP has not been created yet.')
raise RequestVipsNotBeenCreatedError(None)
# salva data do rollback, rollback para aplicado, passa o
# aplicado para l7
vip.applied_l7_datetime = datetime.now().strftime(
"%Y-%m-%d %H:%M:%S")
# Set Applied With Rollback
vip.filter_applied = vip_old.filter_rollback
vip.rule_applied = vip_old.rule_rollback
# Set Rollback With Applied
vip.filter_rollback = vip_old.filter_applied
vip.rule_rollback = vip_old.rule_applied
vip.save(user, commit=True)
# roda script
command = 'gerador_vips -i %d --l7_filter_current' % vip.id
code, stdout, stderr = exec_script(command)
# code 0 = executou com sucesso
if code == 0:
success_map = dict()
success_map['codigo'] = '%04d' % code
success_map['descricao'] = {
'stdout': stdout, 'stderr': stderr}
map = dict()
map['sucesso'] = success_map
return self.response(dumps_networkapi(map))
else:
# pega os dados anteriores e os salva no banco
vip_old.save(user, commit=True)
return self.response_error(2, stdout + stderr)
except XMLError, x:
self.log.error(u'Error reading the XML request.')
return self.response_error(3, x)
def handle_put(self, request, user, *args, **kwargs):
"""
Handles PUT requests to change the VIP's persistence.
URL: vip/<id_vip>/persistence
"""
self.log.info("Change VIP's persistence")
try:
# Commons Validations
# User permission
if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT,
AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
# Valid Vip ID
vip_id = kwargs.get('id_vip')
if not is_valid_int_greater_zero_param(vip_id):
self.log.error(
u'The vip_id parameter is not a valid value: %s.', vip_id)
raise InvalidValueError(None)
# Existing Vip ID
vip = RequisicaoVips.get_by_pk(vip_id)
with distributedlock(LOCK_VIP % vip_id):
vip_old = clone(vip)
# Vip must be created
if not vip.vip_criado:
self.log.error(
u'Persistence can not be changed because VIP has not yet been created.'
)
raise RequestVipsNotBeenCreatedError(None)
# Vip equipments permission
if vip.ip is not None:
for ip_equipment in vip.ip.ipequipamento_set.all():
if not has_perm(
user, AdminPermission.VIP_ALTER_SCRIPT,
AdminPermission.WRITE_OPERATION, None,
ip_equipment.equipamento_id,
AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION):
self.log.error(
u'Groups of equipment registered with the IP of the VIP request is not allowed of acess.'
)
raise EquipmentGroupsNotAuthorizedError(None)
if vip.ipv6 is not None:
for ip_equipment in vip.ipv6.ipv6equipament_set.all():
if not has_perm(
user, AdminPermission.VIP_ALTER_SCRIPT,
AdminPermission.WRITE_OPERATION, None,
ip_equipment.equipamento_id,
AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION):
self.log.error(
u'Groups of equipment registered with the IP of the VIP request is not allowed of acess.'
)
raise EquipmentGroupsNotAuthorizedError(None)
# Business Validations
# Load XML data
xml_map, attrs_map = loads(request.raw_post_data)
# XML data format
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
return self.response_error(
3,
u'There is no value to the networkapi tag of XML request.'
)
vip_map = networkapi_map.get('vip')
if vip_map is None:
return self.response_error(
3, u'There is no value to the vip tag of XML request.')
# Get variables
variables_map = vip.variables_to_map()
# validation of persistence type is doing by set_variables
persistence = vip_map.get('persistencia', None)
variables_map['persistencia'] = persistence
# Set variables
vip.set_variables(variables_map)
# Save VIP
vip.save(user, commit=True)
# SYNC_VIP
old_to_new(vip)
# Executar script
# gerador_vips -i <ID_REQUISICAO> --healthcheck
command = 'gerador_vips -i %d --persistence' % vip.id
code, stdout, stderr = exec_script(command)
if code == 0:
success_map = dict()
success_map['codigo'] = '%04d' % code
success_map['descricao'] = {
'stdout': stdout,
'stderr': stderr
}
map = dict()
map['sucesso'] = success_map
return self.response(dumps_networkapi(map))
else:
vip_old.save(user, commit=True)
return self.response_error(2, stdout + stderr)
except XMLError, x:
self.log.error(u'Error reading the XML request.')
return self.response_error(3, x)
def handle_put(self, request, user, *args, **kwargs):
"""
Handles PUT requests to change the VIP's healthcheck.
URL: vip/<id_vip>/healthcheck
"""
self.log.info("Change VIP's healthcheck")
try:
# Commons Validations
# User permission
if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION):
self.log.error(u"User does not have permission to perform the operation.")
raise UserNotAuthorizedError(None)
# Valid Vip ID
vip_id = kwargs.get("id_vip")
if not is_valid_int_greater_zero_param(vip_id):
self.log.error(u"The vip_id parameter is not a valid value: %s.", vip_id)
raise InvalidValueError(None)
# Existing Vip ID
vip = RequisicaoVips.get_by_pk(vip_id)
with distributedlock(LOCK_VIP % vip_id):
vip_old = clone(vip)
# Vip must be created
if not vip.vip_criado:
self.log.error(u"Healthcheck can not be changed because VIP has not yet been created.")
raise RequestVipsNotBeenCreatedError(None)
# Vip equipments permission
if vip.ip is not None:
for ip_equipment in vip.ip.ipequipamento_set.all():
if not has_perm(
user,
AdminPermission.VIP_ALTER_SCRIPT,
AdminPermission.WRITE_OPERATION,
None,
ip_equipment.equipamento_id,
AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION,
):
self.log.error(
u"Groups of equipment registered with the IP of the VIP request is not allowed of acess."
)
raise EquipmentGroupsNotAuthorizedError(None)
if vip.ipv6 is not None:
for ip_equipment in vip.ipv6.ipv6equipament_set.all():
if not has_perm(
user,
AdminPermission.VIP_ALTER_SCRIPT,
AdminPermission.WRITE_OPERATION,
None,
ip_equipment.equipamento_id,
AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION,
):
self.log.error(
u"Groups of equipment registered with the IP of the VIP request is not allowed of acess."
)
raise EquipmentGroupsNotAuthorizedError(None)
# Business Validations
# Load XML data
xml_map, attrs_map = loads(request.raw_post_data)
# XML data format
networkapi_map = xml_map.get("networkapi")
if networkapi_map is None:
return self.response_error(3, u"There is no value to the networkapi tag of XML request.")
vip_map = networkapi_map.get("vip")
if vip_map is None:
return self.response_error(3, u"There is no value to the vip tag of XML request.")
# Get XML data
healthcheck_type = upper(str(vip_map["healthcheck_type"]))
healthcheck = vip_map["healthcheck"]
id_healthcheck_expect = vip_map["id_healthcheck_expect"]
vars = vip.variables_to_map()
environment_vip = EnvironmentVip.get_by_values(
vars.get("finalidade"), vars.get("cliente"), vars.get("ambiente")
)
healthcheck_is_valid = RequisicaoVips.heathcheck_exist(healthcheck_type, environment_vip.id)
# healthcheck_type exist'
if not healthcheck_is_valid:
self.log.error(u"The healthcheck_type parameter not exist.")
raise InvalidValueError(
u"The healthcheck_type parameter not exist.", "healthcheck_type", healthcheck_type
)
# If healthcheck_type is not HTTP id_healthcheck_expect and
# healthcheck must be None
if healthcheck_type != "HTTP":
if not (id_healthcheck_expect == None and healthcheck == None):
msg = (
u"The healthcheck_type parameter is %s, then healthcheck and id_healthcheck_expect must be None."
% healthcheck_type
)
self.log.error(msg)
raise InvalidValueError(msg)
# return self.response_error(276)
# If healthcheck_type is 'HTTP' id_healthcheck_expect and
# healthcheck must NOT be None
elif healthcheck_type == "HTTP":
if id_healthcheck_expect == None or healthcheck == None:
msg = u"The healthcheck_type parameter is HTTP, then healthcheck and id_healthcheck_expect must NOT be None."
self.log.error(msg)
raise InvalidValueError(msg)
else:
try:
# Valid healthcheck_expect ID
if not is_valid_int_greater_zero_param(id_healthcheck_expect):
self.log.error(
u"The id_healthcheck_expect parameter is not a valid value: %s.",
id_healthcheck_expect,
)
raise InvalidValueError(None, "id_healthcheck_expect", id_healthcheck_expect)
# Find healthcheck_expect by ID to check if it
# exist
healthcheck_expect = HealthcheckExpect.get_by_pk(id_healthcheck_expect)
# Check if healthcheck is a string
if not isinstance(healthcheck, basestring):
msg = u"The healthcheck must be a string."
self.log.error(msg)
raise InvalidValueError(msg, "healthcheck", healthcheck)
except HealthcheckExpectNotFoundError:
msg = u"The id_healthcheck_expect parameter does not exist."
self.log.error(msg)
raise InvalidValueError(msg, "id_healthcheck_expect", id_healthcheck_expect)
# Business Rules
# Get variables
variables_map = vip.variables_to_map()
# Valid variables
vip.set_variables(variables_map)
# Set healthcheck_type
variables_map["healthcheck_type"] = healthcheck_type
# If healthcheck_type is HTTP
if healthcheck_type == "HTTP":
# Set healthcheck
variables_map["healthcheck"] = healthcheck
# Set id_healthcheck_expect
vip.healthcheck_expect = healthcheck_expect
else:
# Set healthcheck to None
variables_map["healthcheck"] = None
# Set id_healthcheck_expect to None
vip.healthcheck_expect = None
# Set variables
vip.set_variables(variables_map)
# Save VIP
vip.save(user, commit=True)
# Executar script
# Put old call to work with new pool features
# This call is deprecated
server_pools = ServerPool.objects.filter(vipporttopool__requisicao_vip=vip)
if healthcheck == None:
healthcheck = ""
if id_healthcheck_expect == None:
healthcheck_expect = ""
else:
healthcheck_expect = healthcheck_expect.expect_string
healthcheck_identifier = ""
healthcheck_destination = "*:*"
hc = get_or_create_healthcheck(
user,
healthcheck_expect,
healthcheck_type,
healthcheck,
healthcheck_destination,
healthcheck_identifier,
)
# Applies new healthcheck in pool
# Todo - new method
old_healthchecks = []
for sp in server_pools:
old_healthchecks.append(sp.healthcheck)
sp.healthcheck = hc
sp.save(user, commit=True)
# gerador_vips -i <ID_REQUISICAO> --healthcheck
command = "gerador_vips -i %d --healthcheck" % vip.id
code, stdout, stderr = exec_script(command)
if code == 0:
success_map = dict()
success_map["codigo"] = "%04d" % code
success_map["descricao"] = {"stdout": stdout, "stderr": stderr}
map = dict()
map["sucesso"] = success_map
return self.response(dumps_networkapi(map))
else:
old_healthchecks.reverse()
for sp in server_pools:
sp.healthcheck = old_healthchecks.pop()
sp.save(user, commit=True)
vip_old.save(user, commit=True)
return self.response_error(2, stdout + stderr)
except XMLError, x:
self.log.error(u"Error reading the XML request.")
return self.response_error(3, x)
def check_filter_use(new_filter_id, env):
from networkapi.equipamento.models import EquipamentoAmbiente
from networkapi.ip.models import NetworkIPv4, NetworkIPv6
from networkapi.vlan.models import Vlan
try:
# Check existence of new filter
new_fil = Filter.objects.get(pk=new_filter_id)
except ObjectDoesNotExist:
new_fil = None
pass
# Filters
old_fil = env.filter
if old_fil is not None:
# Envs using old filter
envs_old_filter = old_fil.ambiente_set.all()
# Vlans in listed envs
vlans = list()
for env_old_filter in envs_old_filter:
for vlan in env_old_filter.vlan_set.all():
vlans.append(vlan)
# Nets in vlan
nets_ipv4 = list()
nets_ipv6 = list()
for vlan in vlans:
for net in vlan.networkipv4_set.all():
nets_ipv4.append({'net': net, 'vlan_env': vlan.ambiente})
for net in vlan.networkipv6_set.all():
nets_ipv6.append({'net': net, 'vlan_env': vlan.ambiente})
# Verify subnet ipv4
for i in range(0, len(nets_ipv4)):
net = nets_ipv4[i].get('net')
ip = "%s.%s.%s.%s/%s" % (net.oct1,
net.oct2, net.oct3, net.oct4, net.block)
network_ip_verify = IPNetwork(ip)
nets_ipv4_aux = clone(nets_ipv4)
nets_ipv4_aux.remove(nets_ipv4[i])
if verify_subnet_and_equip(nets_ipv4_aux, network_ip_verify, 'v4', net, nets_ipv4[i].get('vlan_env')):
env_aux_id = nets_ipv4[i].get('vlan_env').id
if env.id == env_aux_id:
raise CannotDissociateFilterError(
old_fil.name, u'Filter %s cannot be dissociated, its in use.' % old_fil.name)
# Verify subnet ipv6
for i in range(0, len(nets_ipv6)):
net = nets_ipv6[i].get('net')
ip = "%s:%s:%s:%s:%s:%s:%s:%s/%d" % (net.block1, net.block2, net.block3,
net.block4, net.block5, net.block6, net.block7, net.block8, net.block)
network_ip_verify = IPNetwork(ip)
nets_ipv6_aux = clone(nets_ipv6)
nets_ipv6_aux.remove(nets_ipv6[i])
if verify_subnet_and_equip(nets_ipv6_aux, network_ip_verify, 'v6', net, nets_ipv6[i].get('vlan_env')):
env_aux_id = nets_ipv6[i].get('vlan_env').id
if env.id == env_aux_id:
raise CannotDissociateFilterError(
old_fil.name, u'Filter %s cannot be dissociated, its in use.' % old_fil.name)
old_tp_equips = [
fet.equiptype.id for fet in old_fil.filterequiptype_set.all()]
if new_fil is not None:
new_tp_equips = [
fet.equiptype.id for fet in new_fil.filterequiptype_set.all()]
else:
new_tp_equips = []
# EquipTypes being excluded, check for these in environments
diff_tp_equips = list(set(old_tp_equips) - set(new_tp_equips))
# Check equipments with type in diff, associated to this environment
if len(diff_tp_equips) > 0:
# Filter case 1 and 2
# Check for networks with same ip range
nets_same_range = NetworkIPv4.objects.values(
'oct1', 'oct2', 'oct3', 'oct4', 'block').annotate(count=Count('id')).filter(count__gt=1)
if len(nets_same_range) > 0:
for net_gp in nets_same_range:
nets_current_range = NetworkIPv4.objects.filter(oct1=net_gp['oct1'], oct2=net_gp[
'oct2'], oct3=net_gp['oct3'], oct4=net_gp['oct4'], block=net_gp['block'])
envs_of_nets = [
net.vlan.ambiente.id for net in nets_current_range]
if env.id in envs_of_nets:
eqas = EquipamentoAmbiente.objects.filter(
equipamento__tipo_equipamento__in=diff_tp_equips, ambiente=env.id)
equips_in_env = [eqa.equipamento.id for eqa in eqas]
# Get other environments with these equips
other_envs = [eqa.ambiente.id for eqa in EquipamentoAmbiente.objects.filter(
equipamento__in=equips_in_env, ambiente__in=envs_of_nets).exclude(ambiente=env.id)]
if len(other_envs) > 0:
raise CannotDissociateFilterError(
old_fil.name, u'Filter %s cannot be dissociated, its in use.' % old_fil.name)
# Check for networks v6 with same ip range
nets_same_range_v6 = NetworkIPv6.objects.values(
'block1', 'block2', 'block3', 'block4', 'block5', 'block6', 'block7', 'block8', 'block').annotate(count=Count('id')).filter(count__gt=1)
if len(nets_same_range_v6) > 0:
for net_gp in nets_same_range_v6:
nets_current_range = NetworkIPv6.objects.filter(block1=net_gp['block1'], block2=net_gp['block2'], block3=net_gp['block3'], block4=net_gp[
'block4'], block5=net_gp['block5'], block6=net_gp['block6'], block7=net_gp['block7'], block8=net_gp['block8'], block=net_gp['block'])
envs_of_nets = [
net.vlan.ambiente.id for net in nets_current_range]
if env.id in envs_of_nets:
eqas = EquipamentoAmbiente.objects.filter(
equipamento__tipo_equipamento__in=diff_tp_equips, ambiente=env.id)
equips_in_env = [eqa.equipamento.id for eqa in eqas]
# Get other environments with these equips
other_envs = [eqa.ambiente.id for eqa in EquipamentoAmbiente.objects.filter(
equipamento__in=equips_in_env, ambiente__in=envs_of_nets).exclude(ambiente=env.id)]
if len(other_envs) > 0:
raise CannotDissociateFilterError(
old_fil.name, u'Filter %s cannot be dissociated, its in use.' % old_fil.name)
# End of filter case 1 and 2
# Filter case 3
# Get vlans with same number
vlans_same_number = Vlan.objects.values('num_vlan').annotate(
count=Count('id')).filter(count__gt=1)
if len(vlans_same_number) > 0:
for vlan_gp in vlans_same_number:
vlans_current_number = Vlan.objects.filter(
num_vlan=vlan_gp['num_vlan'])
envs_of_vlans = [
vlan.ambiente.id for vlan in vlans_current_number]
if env.id in envs_of_vlans:
eqas = EquipamentoAmbiente.objects.filter(
ambiente=env.id)
equips_in_env = [eqa.equipamento.id for eqa in eqas]
# Get other environments with these equips
other_envs = [eqa.ambiente.id for eqa in EquipamentoAmbiente.objects.filter(
equipamento__in=equips_in_env, ambiente__in=envs_of_vlans).exclude(ambiente=env.id)]
if len(other_envs) > 0:
raise CannotDissociateFilterError(
old_fil.name, u'Filter %s cannot be dissociated, its in use.' % old_fil.name)
env.filter = new_fil
return env
def handle_put(self, request, user, *args, **kwargs):
"""
Handles PUT requests to change the VIP's healthcheck.
URL: vip/<id_vip>/healthcheck
"""
self.log.info("Change VIP's healthcheck")
try:
# Commons Validations
# User permission
if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT,
AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
# Valid Vip ID
vip_id = kwargs.get('id_vip')
if not is_valid_int_greater_zero_param(vip_id):
self.log.error(
u'The vip_id parameter is not a valid value: %s.', vip_id)
raise InvalidValueError(None)
# Existing Vip ID
vip = RequisicaoVips.get_by_pk(vip_id)
with distributedlock(LOCK_VIP % vip_id):
vip_old = clone(vip)
# Vip must be created
if not vip.vip_criado:
self.log.error(
u'Healthcheck can not be changed because VIP has not yet been created.'
)
raise RequestVipsNotBeenCreatedError(None)
# Vip equipments permission
if vip.ip is not None:
for ip_equipment in vip.ip.ipequipamento_set.all():
if not has_perm(
user, AdminPermission.VIP_ALTER_SCRIPT,
AdminPermission.WRITE_OPERATION, None,
ip_equipment.equipamento_id,
AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION):
self.log.error(
u'Groups of equipment registered with the IP of the VIP request is not allowed of acess.'
)
raise EquipmentGroupsNotAuthorizedError(None)
if vip.ipv6 is not None:
for ip_equipment in vip.ipv6.ipv6equipament_set.all():
if not has_perm(
user, AdminPermission.VIP_ALTER_SCRIPT,
AdminPermission.WRITE_OPERATION, None,
ip_equipment.equipamento_id,
AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION):
self.log.error(
u'Groups of equipment registered with the IP of the VIP request is not allowed of acess.'
)
raise EquipmentGroupsNotAuthorizedError(None)
# Business Validations
# Load XML data
xml_map, attrs_map = loads(request.raw_post_data)
# XML data format
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
return self.response_error(
3,
u'There is no value to the networkapi tag of XML request.'
)
vip_map = networkapi_map.get('vip')
if vip_map is None:
return self.response_error(
3, u'There is no value to the vip tag of XML request.')
# Get XML data
healthcheck_type = upper(str(vip_map['healthcheck_type']))
healthcheck = vip_map['healthcheck']
id_healthcheck_expect = vip_map['id_healthcheck_expect']
vars = vip.variables_to_map()
environment_vip = EnvironmentVip.get_by_values(
vars.get('finalidade'), vars.get('cliente'),
vars.get('ambiente'))
healthcheck_is_valid = RequisicaoVips.heathcheck_exist(
healthcheck_type, environment_vip.id)
# healthcheck_type exist'
if not healthcheck_is_valid:
self.log.error(
u'The healthcheck_type parameter not exist.')
raise InvalidValueError(
u'The healthcheck_type parameter not exist.',
'healthcheck_type', healthcheck_type)
# If healthcheck_type is not HTTP id_healthcheck_expect and
# healthcheck must be None
if healthcheck_type != 'HTTP':
if not (id_healthcheck_expect is None
and healthcheck is None):
msg = u'The healthcheck_type parameter is %s, then healthcheck and id_healthcheck_expect must be None.' % healthcheck_type
self.log.error(msg)
raise InvalidValueError(msg)
# return self.response_error(276)
# If healthcheck_type is 'HTTP' id_healthcheck_expect and
# healthcheck must NOT be None
elif healthcheck_type == 'HTTP':
if id_healthcheck_expect is None or healthcheck is None:
msg = u'The healthcheck_type parameter is HTTP, then healthcheck and id_healthcheck_expect must NOT be None.'
self.log.error(msg)
raise InvalidValueError(msg)
else:
try:
# Valid healthcheck_expect ID
if not is_valid_int_greater_zero_param(
id_healthcheck_expect):
self.log.error(
u'The id_healthcheck_expect parameter is not a valid value: %s.',
id_healthcheck_expect)
raise InvalidValueError(
None, 'id_healthcheck_expect',
id_healthcheck_expect)
# Find healthcheck_expect by ID to check if it
# exist
healthcheck_expect = HealthcheckExpect.get_by_pk(
id_healthcheck_expect)
# Check if healthcheck is a string
if not isinstance(healthcheck, basestring):
msg = u'The healthcheck must be a string.'
self.log.error(msg)
raise InvalidValueError(
msg, 'healthcheck', healthcheck)
except HealthcheckExpectNotFoundError:
msg = u'The id_healthcheck_expect parameter does not exist.'
self.log.error(msg)
raise InvalidValueError(msg,
'id_healthcheck_expect',
id_healthcheck_expect)
# Business Rules
# Get variables
variables_map = vip.variables_to_map()
# Valid variables
vip.set_variables(variables_map)
# Set healthcheck_type
variables_map['healthcheck_type'] = healthcheck_type
# If healthcheck_type is HTTP
if healthcheck_type == 'HTTP':
# Set healthcheck
variables_map['healthcheck'] = healthcheck
# Set id_healthcheck_expect
vip.healthcheck_expect = healthcheck_expect
else:
# Set healthcheck to None
variables_map['healthcheck'] = None
# Set id_healthcheck_expect to None
vip.healthcheck_expect = None
# Set variables
vip.set_variables(variables_map)
# Save VIP
vip.save(user, commit=True)
# Executar script
# Put old call to work with new pool features
# This call is deprecated
server_pools = ServerPool.objects.filter(
vipporttopool__requisicao_vip=vip)
if healthcheck is None:
healthcheck = ''
if id_healthcheck_expect is None:
healthcheck_expect = ''
else:
healthcheck_expect = healthcheck_expect.expect_string
healthcheck_identifier = ''
healthcheck_destination = '*:*'
hc = get_or_create_healthcheck(user, healthcheck_expect,
healthcheck_type, healthcheck,
healthcheck_destination,
healthcheck_identifier)
# Applies new healthcheck in pool
# Todo - new method
old_healthchecks = []
for sp in server_pools:
old_healthchecks.append(sp.healthcheck)
sp.healthcheck = hc
sp.save(user, commit=True)
# gerador_vips -i <ID_REQUISICAO> --healthcheck
command = 'gerador_vips -i %d --healthcheck' % vip.id
code, stdout, stderr = exec_script(command)
if code == 0:
success_map = dict()
success_map['codigo'] = '%04d' % code
success_map['descricao'] = {
'stdout': stdout,
'stderr': stderr
}
map = dict()
map['sucesso'] = success_map
return self.response(dumps_networkapi(map))
else:
old_healthchecks.reverse()
for sp in server_pools:
sp.healthcheck = old_healthchecks.pop()
sp.save(user, commit=True)
vip_old.save(user, commit=True)
return self.response_error(2, stdout + stderr)
except XMLError, x:
self.log.error(u'Error reading the XML request.')
return self.response_error(3, x)
def handle_put(self, request, user, *args, **kwargs):
"""Treat PUT requests to change reals_priority list of VIP.
URLs: /vip/<id_vip>/priority/
"""
self.log.info("Change list the reals_priority to VIP")
try:
vip_id = kwargs.get('id_vip')
# Load XML data
xml_map, attrs_map = loads(request.raw_post_data,
['reals_priority'])
# XML data format
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
return self.response_error(
3,
u'There is no value to the networkapi tag of XML request.'
)
vip_map = networkapi_map.get('vip')
if vip_map is None:
return self.response_error(
3, u'There is no value to the vip tag of XML request.')
# User permission
if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT,
AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
# Valid Vip ID
if not is_valid_int_greater_zero_param(vip_id):
self.log.error(
u'The vip_id parameter is not a valid value: %s.', vip_id)
raise InvalidValueError(None, 'vip_id', vip_id)
# Valid reals_prioritys
reals_prioritys_map = vip_map.get('reals_prioritys')
if (reals_prioritys_map is not None):
reals_priority_map = reals_prioritys_map.get('reals_priority')
if (reals_priority_map is not None):
# Valid values of reals_priority
for reals_priority in reals_priority_map:
if not is_valid_int_greater_equal_zero_param(
reals_priority):
self.log.error(
u'The reals_priority parameter is not a valid value: %s.',
reals_priority)
raise InvalidValueError(None, 'reals_priority',
reals_priority)
if len(reals_priority_map) > 0:
vip_map = RequisicaoVips.is_valid_values_reals_priority(
reals_priority_map)
else:
self.log.error(
u'The reals_priority_map parameter is not a valid value: %s.',
reals_priority_map)
raise InvalidValueError(None, 'reals_priority_map',
reals_priority_map)
else:
self.log.error(
u'The reals_priority parameter is not a valid value: %s.',
reals_priority_map)
raise InvalidValueError(None, 'reals_priority',
reals_priority_map)
else:
self.log.error(
u'The reals_prioritys parameter is not a valid value: %s.',
reals_prioritys_map)
raise InvalidValueError(None, 'reals_prioritys',
reals_prioritys_map)
# Existing Vip ID
vip = RequisicaoVips.get_by_pk(vip_id)
with distributedlock(LOCK_VIP % vip_id):
vip_old = clone(vip)
# Vip must be created
if not vip.vip_criado:
self.log.error(
u'Priority can not be changed because VIP has not yet been created.'
)
raise RequestVipsNotBeenCreatedError(None)
# Vip equipments permission
for ip_equipment in vip.ip.ipequipamento_set.all():
if not has_perm(
user, AdminPermission.VIP_CREATE_SCRIPT,
AdminPermission.WRITE_OPERATION, None,
ip_equipment.equipamento_id,
AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION):
self.log.error(
u'Groups of equipment registered with the IP of the VIP request is not allowed of acess.'
)
raise EquipmentGroupsNotAuthorizedError(None)
variables_map = vip.variables_to_map()
# Valid list reals_server
"""if len(variables_map.get('reals').get('real')) != len(vip_map.get('reals_prioritys').get('reals_priority')):
self.log.error(u'List the Reals_priority is higher or lower than list the real_server.')
return self.response_error(272)"""
variables_map['reals_prioritys'] = vip_map.get(
'reals_prioritys')
vip.set_variables(variables_map)
vip.save(user, commit=True)
# gerador_vips -i <ID_REQUISICAO> --priority
command = 'gerador_vips -i %d --priority' % vip.id
code, stdout, stderr = exec_script(command)
if code == 0:
success_map = dict()
success_map['codigo'] = '%04d' % code
success_map['descricao'] = {
'stdout': stdout,
'stderr': stderr
}
map = dict()
map['sucesso'] = success_map
return self.response(dumps_networkapi(map))
else:
vip_old.save(user, commit=True)
return self.response_error(2, stdout + stderr)
except XMLError, x:
self.log.error(u'Error reading the XML request.')
return self.response_error(3, x)
def handle_put(self, request, user, *args, **kwargs):
"""Treat PUT requests to change reals_priority list of VIP.
URLs: /vip/<id_vip>/priority/
"""
self.log.info("Change list the reals_priority to VIP")
try:
vip_id = kwargs.get('id_vip')
# Load XML data
xml_map, attrs_map = loads(
request.raw_post_data, ['reals_priority'])
# XML data format
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
return self.response_error(3, u'There is no value to the networkapi tag of XML request.')
vip_map = networkapi_map.get('vip')
if vip_map is None:
return self.response_error(3, u'There is no value to the vip tag of XML request.')
# User permission
if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
# Valid Vip ID
if not is_valid_int_greater_zero_param(vip_id):
self.log.error(
u'The vip_id parameter is not a valid value: %s.', vip_id)
raise InvalidValueError(None, 'vip_id', vip_id)
# Valid reals_prioritys
reals_prioritys_map = vip_map.get('reals_prioritys')
if (reals_prioritys_map is not None):
reals_priority_map = reals_prioritys_map.get('reals_priority')
if (reals_priority_map is not None):
# Valid values of reals_priority
for reals_priority in reals_priority_map:
if not is_valid_int_greater_equal_zero_param(reals_priority):
self.log.error(
u'The reals_priority parameter is not a valid value: %s.', reals_priority)
raise InvalidValueError(
None, 'reals_priority', reals_priority)
if len(reals_priority_map) > 0:
vip_map = RequisicaoVips.is_valid_values_reals_priority(
reals_priority_map)
else:
self.log.error(
u'The reals_priority_map parameter is not a valid value: %s.', reals_priority_map)
raise InvalidValueError(
None, 'reals_priority_map', reals_priority_map)
else:
self.log.error(
u'The reals_priority parameter is not a valid value: %s.', reals_priority_map)
raise InvalidValueError(
None, 'reals_priority', reals_priority_map)
else:
self.log.error(
u'The reals_prioritys parameter is not a valid value: %s.', reals_prioritys_map)
raise InvalidValueError(
None, 'reals_prioritys', reals_prioritys_map)
# Existing Vip ID
vip = RequisicaoVips.get_by_pk(vip_id)
with distributedlock(LOCK_VIP % vip_id):
vip_old = clone(vip)
# Vip must be created
if not vip.vip_criado:
self.log.error(
u'Priority can not be changed because VIP has not yet been created.')
raise RequestVipsNotBeenCreatedError(None)
# Vip equipments permission
for ip_equipment in vip.ip.ipequipamento_set.all():
if not has_perm(user, AdminPermission.VIP_CREATE_SCRIPT, AdminPermission.WRITE_OPERATION, None, ip_equipment.equipamento_id, AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION):
self.log.error(
u'Groups of equipment registered with the IP of the VIP request is not allowed of acess.')
raise EquipmentGroupsNotAuthorizedError(None)
variables_map = vip.variables_to_map()
# Valid list reals_server
"""if len(variables_map.get('reals').get('real')) != len(vip_map.get('reals_prioritys').get('reals_priority')):
self.log.error(u'List the Reals_priority is higher or lower than list the real_server.')
return self.response_error(272)"""
variables_map['reals_prioritys'] = vip_map.get(
'reals_prioritys')
vip.set_variables(variables_map)
vip.save(user, commit=True)
# gerador_vips -i <ID_REQUISICAO> --priority
command = 'gerador_vips -i %d --priority' % vip.id
code, stdout, stderr = exec_script(command)
if code == 0:
success_map = dict()
success_map['codigo'] = '%04d' % code
success_map['descricao'] = {
'stdout': stdout, 'stderr': stderr}
map = dict()
map['sucesso'] = success_map
return self.response(dumps_networkapi(map))
else:
vip_old.save(user, commit=True)
return self.response_error(2, stdout + stderr)
except XMLError, x:
self.log.error(u'Error reading the XML request.')
return self.response_error(3, x)
def handle_put(self, request, user, *args, **kwargs):
"""Treat requests PUT change limit connections to VIP.
URLs: /vip/<id_vip>/maxcon/<maxcon>/
"""
self.log.info('Change limit connections to VIP')
try:
vip_id = kwargs.get('id_vip')
maxcon = kwargs.get('maxcon')
# User permission
if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
# Valid Vip ID
if not is_valid_int_greater_zero_param(vip_id):
self.log.error(
u'The vip_id parameter is not a valid value: %s.', vip_id)
raise InvalidValueError(None)
# Valid Maxcon
if not is_valid_int_greater_equal_zero_param(maxcon):
self.log.error(
u'The maxcon parameter is not a valid value: %s.', maxcon)
raise InvalidValueError(None)
# Existing Vip ID
vip = RequisicaoVips.get_by_pk(vip_id)
with distributedlock(LOCK_VIP % vip_id):
vip_old = clone(vip)
server_pools = ServerPool.objects.filter(
vipporttopool__requisicao_vip=vip)
server_pools_old = []
server_pools_members_old = []
for sp in server_pools:
server_pools_old.append(sp)
for spm in sp.serverpoolmember_set.all():
server_pools_members_old.append(spm)
# Vip must be created
if not vip.vip_criado:
self.log.error(
u'Maxcon can not be changed because VIP has not yet been created.')
raise RequestVipsNotBeenCreatedError(None)
# Vip equipments permission
if vip.ip is not None:
for ip_equipment in vip.ip.ipequipamento_set.all():
if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION, None, ip_equipment.equipamento_id, AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION):
self.log.error(
u'Groups of equipment registered with the IP of the VIP request is not allowed of acess.')
raise EquipmentGroupsNotAuthorizedError(None)
if vip.ipv6 is not None:
for ip_equipment in vip.ipv6.ipv6equipament_set.all():
if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION, None, ip_equipment.equipamento_id, AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION):
self.log.error(
u'Groups of equipment registered with the IP of the VIP request is not allowed of acess.')
raise EquipmentGroupsNotAuthorizedError(None)
# Get variables
variables_map = vip.variables_to_map()
# Valid variables
vip.set_variables(variables_map)
# Valid real names and real ips of real server
if variables_map.get('reals') is not None:
evip = EnvironmentVip.get_by_values(variables_map.get(
'finalidade'), variables_map.get('cliente'), variables_map.get('ambiente'))
for real in variables_map.get('reals').get('real'):
ip_aux_error = real.get('real_ip')
equip_aux_error = real.get('real_name')
equip = Equipamento.get_by_name(equip_aux_error)
# Valid Real
RequisicaoVips.valid_real_server(
ip_aux_error, equip, evip)
# Valid reals_prioritys
variables_map, code = vip.valid_values_reals_priority(
variables_map)
if code is not None:
return self.response_error(329)
# Valid reals_weight
variables_map, code = vip.valid_values_reals_weight(
variables_map)
if code is not None:
return self.response_error(330)
# Valid ports
variables_map, code = vip.valid_values_ports(variables_map)
if code is not None:
return self.response_error(331)
variables_map['maxcon'] = maxcon
vip.set_variables(variables_map)
vip.save(user, commit=True)
# update server pool limits table
# Fix #27
server_pools = ServerPool.objects.filter(
vipporttopool__requisicao_vip=vip)
for sp in server_pools:
# If exists pool member, change default maxconn of pool and
# members
if(len(sp.serverpoolmember_set.all()) > 0):
# if(old_maxconn != sp.default_limit and
# sp.pool_created):
sp.default_limit = maxcon
sp.save(user, commit=True)
for serverpoolmember in sp.serverpoolmember_set.all():
serverpoolmember.limit = maxcon
serverpoolmember.save(user, commit=True)
# gerador_vips -i <ID_REQUISICAO> --maxconn
command = 'gerador_vips -i %d --maxconn' % vip.id
code, stdout, stderr = exec_script(command)
if code == 0:
success_map = dict()
success_map['codigo'] = '%04d' % code
success_map['descricao'] = {
'stdout': stdout, 'stderr': stderr}
map = dict()
map['sucesso'] = success_map
return self.response(dumps_networkapi(map))
else:
# TODO Check if is needed to update pool members separately
vip_old.save(user, commit=True)
for sp in server_pools_old:
sp.save(user, commit=True)
for spm in server_pools_members_old:
spm.save(user, commit=True)
return self.response_error(2, stdout + stderr)
except XMLError, x:
self.log.error(u'Error reading the XML request.')
return self.response_error(3, x)
def check_filter_use(new_filter_id, env):
from networkapi.equipamento.models import EquipamentoAmbiente
from networkapi.ip.models import NetworkIPv4, NetworkIPv6
from networkapi.vlan.models import Vlan
try:
# Check existence of new filter
new_fil = Filter.objects.get(pk=new_filter_id)
except ObjectDoesNotExist:
new_fil = None
pass
# Filters
old_fil = env.filter
if old_fil is not None:
# Envs using old filter
envs_old_filter = old_fil.ambiente_set.all()
# Vlans in listed envs
vlans = list()
for env_old_filter in envs_old_filter:
for vlan in env_old_filter.vlan_set.all():
vlans.append(vlan)
# Nets in vlan
nets_ipv4 = list()
nets_ipv6 = list()
for vlan in vlans:
for net in vlan.networkipv4_set.all():
nets_ipv4.append({'net': net, 'vlan_env': vlan.ambiente})
for net in vlan.networkipv6_set.all():
nets_ipv6.append({'net': net, 'vlan_env': vlan.ambiente})
# Verify subnet ipv4
for i in range(0, len(nets_ipv4)):
net = nets_ipv4[i].get('net')
ip = '%s.%s.%s.%s/%s' % (net.oct1, net.oct2, net.oct3, net.oct4,
net.block)
network_ip_verify = IPNetwork(ip)
nets_ipv4_aux = clone(nets_ipv4)
nets_ipv4_aux.remove(nets_ipv4[i])
if verify_subnet_and_equip(nets_ipv4_aux, network_ip_verify, 'v4',
net, nets_ipv4[i].get('vlan_env')):
env_aux_id = nets_ipv4[i].get('vlan_env').id
if env.id == env_aux_id:
raise CannotDissociateFilterError(
old_fil.name,
u'Filter %s cannot be dissociated, its in use.' %
old_fil.name)
# Verify subnet ipv6
for i in range(0, len(nets_ipv6)):
net = nets_ipv6[i].get('net')
ip = '%s:%s:%s:%s:%s:%s:%s:%s/%d' % (
net.block1, net.block2, net.block3, net.block4, net.block5,
net.block6, net.block7, net.block8, net.block)
network_ip_verify = IPNetwork(ip)
nets_ipv6_aux = clone(nets_ipv6)
nets_ipv6_aux.remove(nets_ipv6[i])
if verify_subnet_and_equip(nets_ipv6_aux, network_ip_verify, 'v6',
net, nets_ipv6[i].get('vlan_env')):
env_aux_id = nets_ipv6[i].get('vlan_env').id
if env.id == env_aux_id:
raise CannotDissociateFilterError(
old_fil.name,
u'Filter %s cannot be dissociated, its in use.' %
old_fil.name)
old_tp_equips = [
fet.equiptype.id for fet in old_fil.filterequiptype_set.all()
]
if new_fil is not None:
new_tp_equips = [
fet.equiptype.id for fet in new_fil.filterequiptype_set.all()
]
else:
new_tp_equips = []
# EquipTypes being excluded, check for these in environments
diff_tp_equips = list(set(old_tp_equips) - set(new_tp_equips))
# Check equipments with type in diff, associated to this environment
if len(diff_tp_equips) > 0:
# Filter case 1 and 2
# Check for networks with same ip range
nets_same_range = NetworkIPv4.objects.values(
'oct1', 'oct2', 'oct3', 'oct4',
'block').annotate(count=Count('id')).filter(count__gt=1)
if len(nets_same_range) > 0:
for net_gp in nets_same_range:
nets_current_range = NetworkIPv4.objects.filter(
oct1=net_gp['oct1'],
oct2=net_gp['oct2'],
oct3=net_gp['oct3'],
oct4=net_gp['oct4'],
block=net_gp['block'])
envs_of_nets = [
net_crt.vlan.ambiente.id
for net_crt in nets_current_range
]
if env.id in envs_of_nets:
eqas = EquipamentoAmbiente.objects.filter(
equipamento__tipo_equipamento__in=diff_tp_equips,
ambiente=env.id)
equips_in_env = [eqa.equipamento.id for eqa in eqas]
# Get other environments with these equips
other_envs = [
eqa.ambiente.id
for eqa in EquipamentoAmbiente.objects.filter(
equipamento__in=equips_in_env,
ambiente__in=envs_of_nets).exclude(
ambiente=env.id)
]
if len(other_envs) > 0:
raise CannotDissociateFilterError(
old_fil.name,
u'Filter %s cannot be dissociated, its in use.'
% old_fil.name)
# Check for networks v6 with same ip range
nets_same_range_v6 = NetworkIPv6.objects.values(
'block1', 'block2', 'block3', 'block4', 'block5', 'block6',
'block7', 'block8',
'block').annotate(count=Count('id')).filter(count__gt=1)
if len(nets_same_range_v6) > 0:
for net_gp in nets_same_range_v6:
nets_current_range = NetworkIPv6.objects.filter(
block1=net_gp['block1'],
block2=net_gp['block2'],
block3=net_gp['block3'],
block4=net_gp['block4'],
block5=net_gp['block5'],
block6=net_gp['block6'],
block7=net_gp['block7'],
block8=net_gp['block8'],
block=net_gp['block'])
envs_of_nets = [
net_crt.vlan.ambiente.id
for net_crt in nets_current_range
]
if env.id in envs_of_nets:
eqas = EquipamentoAmbiente.objects.filter(
equipamento__tipo_equipamento__in=diff_tp_equips,
ambiente=env.id)
equips_in_env = [eqa.equipamento.id for eqa in eqas]
# Get other environments with these equips
other_envs = [
eqa.ambiente.id
for eqa in EquipamentoAmbiente.objects.filter(
equipamento__in=equips_in_env,
ambiente__in=envs_of_nets).exclude(
ambiente=env.id)
]
if len(other_envs) > 0:
raise CannotDissociateFilterError(
old_fil.name,
u'Filter %s cannot be dissociated, its in use.'
% old_fil.name)
# End of filter case 1 and 2
# Filter case 3
# Get vlans with same number
vlans_same_number = Vlan.objects.values('num_vlan').annotate(
count=Count('id')).filter(count__gt=1)
if len(vlans_same_number) > 0:
for vlan_gp in vlans_same_number:
vlans_current_number = Vlan.objects.filter(
num_vlan=vlan_gp['num_vlan'])
envs_of_vlans = [
vlan.ambiente.id for vlan in vlans_current_number
]
if env.id in envs_of_vlans:
eqas = EquipamentoAmbiente.objects.filter(
ambiente=env.id)
equips_in_env = [eqa.equipamento.id for eqa in eqas]
# Get other environments with these equips
other_envs = [
eqa.ambiente.id
for eqa in EquipamentoAmbiente.objects.filter(
equipamento__in=equips_in_env,
ambiente__in=envs_of_vlans).exclude(
ambiente=env.id)
]
if len(other_envs) > 0:
raise CannotDissociateFilterError(
old_fil.name,
u'Filter %s cannot be dissociated, its in use.'
% old_fil.name)
env.filter = new_fil
return env
def handle_put(self, request, user, *args, **kwargs):
"""
Handles PUT requests to change the VIP's persistence.
URL: vip/<id_vip>/persistence
"""
self.log.info("Change VIP's persistence")
try:
# Commons Validations
# User permission
if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
# Valid Vip ID
vip_id = kwargs.get('id_vip')
if not is_valid_int_greater_zero_param(vip_id):
self.log.error(
u'The vip_id parameter is not a valid value: %s.', vip_id)
raise InvalidValueError(None)
# Existing Vip ID
vip = RequisicaoVips.get_by_pk(vip_id)
with distributedlock(LOCK_VIP % vip_id):
vip_old = clone(vip)
# Vip must be created
if not vip.vip_criado:
self.log.error(
u'Persistence can not be changed because VIP has not yet been created.')
raise RequestVipsNotBeenCreatedError(None)
# Vip equipments permission
if vip.ip is not None:
for ip_equipment in vip.ip.ipequipamento_set.all():
if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION, None, ip_equipment.equipamento_id, AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION):
self.log.error(
u'Groups of equipment registered with the IP of the VIP request is not allowed of acess.')
raise EquipmentGroupsNotAuthorizedError(None)
if vip.ipv6 is not None:
for ip_equipment in vip.ipv6.ipv6equipament_set.all():
if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION, None, ip_equipment.equipamento_id, AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION):
self.log.error(
u'Groups of equipment registered with the IP of the VIP request is not allowed of acess.')
raise EquipmentGroupsNotAuthorizedError(None)
# Business Validations
# Load XML data
xml_map, attrs_map = loads(request.raw_post_data)
# XML data format
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
return self.response_error(3, u'There is no value to the networkapi tag of XML request.')
vip_map = networkapi_map.get('vip')
if vip_map is None:
return self.response_error(3, u'There is no value to the vip tag of XML request.')
# Get variables
variables_map = vip.variables_to_map()
# validation of persistence type is doing by set_variables
persistence = vip_map.get('persistencia', None)
variables_map['persistencia'] = persistence
# Set variables
vip.set_variables(variables_map)
# Save VIP
vip.save(user, commit=True)
# SYNC_VIP
old_to_new(vip)
# Executar script
# gerador_vips -i <ID_REQUISICAO> --healthcheck
command = 'gerador_vips -i %d --persistence' % vip.id
code, stdout, stderr = exec_script(command)
if code == 0:
success_map = dict()
success_map['codigo'] = '%04d' % code
success_map['descricao'] = {
'stdout': stdout, 'stderr': stderr}
map = dict()
map['sucesso'] = success_map
return self.response(dumps_networkapi(map))
else:
vip_old.save(user, commit=True)
return self.response_error(2, stdout + stderr)
except XMLError, x:
self.log.error(u'Error reading the XML request.')
return self.response_error(3, x)
