def first_admin_add(caller_id, new_password, clm_address):
"""
Creates first admin of the cluster. It should be called right after
submiting the form for adding new CM. System will not operate properly
with no CM admin existing.
@note It can be run only if no CM admin exists in the CM database.
@cmview_user
@param_post{new_password,string} first *CM admin password* to set
@param_post{clm_address,string}
"""
user = User.create(1)
user.save()
# creates a new admin, which is the caller
admin = Admin()
admin.user = user
admin.password = new_password
try:
admin.save()
except:
raise CMException('admin_add')
# Update config and setup CLM address
try:
lines = []
config = open('/usr/lib/cc1/cm/config.py', 'r')
for line in config.readlines():
if line.startswith('CLM_ADDRESS') and 'NOT_CONFIGURED' in line:
lines.append('CLM_ADDRESS = "https://%s:8000/"\n' % clm_address)
else:
lines.append(line)
config.close()
config = open('/usr/lib/cc1/cm/config.py', 'w')
config.write(''.join(lines))
config.close()
except:
log.exception(caller_id, 'config_update')
raise CMException('config_update')
def add(caller_id, user_id, new_password):
"""
Creates new admin of the cluster.
@cmview_admin_cm
@param_post{user_id,int} id of the User to gain CM Admin privileges
@param_post{new_password,string} CM Admin password for User
"""
# verify if exists an user with the id given (which will become admin)
try:
user = User.objects.get(pk=user_id)
except:
raise CMException('admin_add')
admin = Admin()
admin.user = user
admin.password = new_password
try:
admin.save()
except:
raise CMException('admin_add')
def first_admin_add(caller_id, new_password, clm_address):
"""
Creates first admin of the cluster. It should be called right after
submiting the form for adding new CM. System will not operate properly
with no CM admin existing.
@note It can be run only if no CM admin exists in the CM database.
@cmview_user
@param_post{new_password,string} first *CM admin password* to set
@param_post{clm_address,string}
"""
user = User.create(1)
user.save()
# creates a new admin, which is the caller
admin = Admin()
admin.user = user
admin.password = new_password
try:
admin.save()
except:
raise CMException('admin_add')
# Update config and setup CLM address
try:
lines = []
config = open('/usr/lib/cc1/cm/config.py', 'r')
for line in config.readlines():
if line.startswith('CLM_ADDRESS') and 'NOT_CONFIGURED' in line:
lines.append('CLM_ADDRESS = "https://%s:8000/"\n' %
clm_address)
else:
lines.append(line)
config.close()
config = open('/usr/lib/cc1/cm/config.py', 'w')
config.write(''.join(lines))
config.close()
except:
log.exception(caller_id, 'config_update')
raise CMException('config_update')
def genericlog(log_enabled, is_user, is_admin_cm, need_ip, fun, args):
"""
Generic log is called by actor decorators defined in src.clm.utils.decorators :
- src.cm.utils.decorators.guest_log
- src.cm.utils.decorators.user_log
- src.cm.utils.decorators.admin_cm_log
It calls decorated functions, additionally performing several tasks.
Genericlog performes:
-# <i>if decorated function requires user or admin privilidges</i>: <b>authorization</b>;
-# <b>execution</b> of the decorated function;
-# <i>if \c log_enabled=TRUE or if return status isn't 'ok'</i>: <b>debug log</b> of the \c user_id, function name and arguments;
-# <i>if exception is thrown</i>: <b>general exception log</b>;
-# <i>if return status isn't 'ok' or \c log_enabled:</i> <b>debug log</b> of the response.
@returns{dict} HttpResponse response with content of JSON-ed tuple
(status, data), where status should be "ok" if everything went fine.
"""
#===========================================================================
# AUTORIZATION
#===========================================================================
name = '%s.%s' % (fun.__module__.replace('cm.views.', ''), fun.__name__)
request = args[0]
data = json.loads(request.body)
lock_name = None
print data
if is_user:
if len(args) < 1:
return response('cm_error', "missing arguments")
caller_id = data['caller_id']
if name in ('user.vm.create', 'user.farm.create', 'admin_cm.vm.create', 'admin_cm.farm.create'):
lock_name = 'vmcreate'
log.debug(caller_id, 'Try acquire lock vmcreate')
locks[lock_name].acquire()
log.debug(caller_id, 'Lock vmcreate acquired')
if is_admin_cm:
cm_password = data.pop('cm_password')
try:
Admin.check_password(caller_id, cm_password)
except Exception:
return HttpResponse(json.dumps(response('user_permission'), default=json_convert))
else:
caller_id = 0
if need_ip:
data['remote_ip'] = request.META.get('REMOTE_ADDR')
#===========================================================================
# LOG AGRUMENTS
#===========================================================================
gen_exception = False
if log_enabled:
log.debug(caller_id, '=' * 100)
log.debug(caller_id, 'Function: %s' % name)
log.debug(caller_id, 'Args:\n%s' % json.dumps(data, indent=4))
with transaction.commit_manually():
try:
# Execute function
resp = response('ok', fun(**data))
transaction.commit()
except CMException, e:
transaction.rollback()
log.exception(caller_id, 'CMException %s' % e)
resp = e.response
except Exception, e:
transaction.rollback()
gen_exception = True
resp = response('cm_error', str(e))
def genericlog(log_enabled, is_user, is_admin_cm, need_ip, fun, args):
"""
Generic log is called by actor decorators defined in src.clm.utils.decorators :
- src.cm.utils.decorators.guest_log
- src.cm.utils.decorators.user_log
- src.cm.utils.decorators.admin_cm_log
It calls decorated functions, additionally performing several tasks.
Genericlog performes:
-# <i>if decorated function requires user or admin privilidges</i>: <b>authorization</b>;
-# <b>execution</b> of the decorated function;
-# <i>if \c log_enabled=TRUE or if return status isn't 'ok'</i>: <b>debug log</b> of the \c user_id, function name and arguments;
-# <i>if exception is thrown</i>: <b>general exception log</b>;
-# <i>if return status isn't 'ok' or \c log_enabled:</i> <b>debug log</b> of the response.
@returns{dict} HttpResponse response with content of JSON-ed tuple
(status, data), where status should be "ok" if everything went fine.
"""
#===========================================================================
# AUTORIZATION
#===========================================================================
name = '%s.%s' % (fun.__module__.replace('cm.views.', ''), fun.__name__)
request = args[0]
data = json.loads(request.body)
lock_name = None
print data
if is_user:
if len(args) < 1:
return response('cm_error', "missing arguments")
caller_id = data['caller_id']
if name in ('user.vm.create', 'user.farm.create', 'admin_cm.vm.create',
'admin_cm.farm.create'):
lock_name = 'vmcreate'
log.debug(caller_id, 'Try acquire lock vmcreate')
locks[lock_name].acquire()
log.debug(caller_id, 'Lock vmcreate acquired')
if is_admin_cm:
cm_password = data.pop('cm_password')
try:
Admin.check_password(caller_id, cm_password)
except Exception:
return HttpResponse(
json.dumps(response('user_permission'),
default=json_convert))
else:
caller_id = 0
if need_ip:
data['remote_ip'] = request.META.get('REMOTE_ADDR')
#===========================================================================
# LOG AGRUMENTS
#===========================================================================
gen_exception = False
if log_enabled:
log.debug(caller_id, '=' * 100)
log.debug(caller_id, 'Function: %s' % name)
log.debug(caller_id, 'Args:\n%s' % json.dumps(data, indent=4))
with transaction.commit_manually():
try:
# Execute function
resp = response('ok', fun(**data))
transaction.commit()
except CMException, e:
transaction.rollback()
log.exception(caller_id, 'CMException %s' % e)
resp = e.response
except Exception, e:
transaction.rollback()
gen_exception = True
resp = response('cm_error', str(e))
