def give_test_permissions(test):
create_test_users(test)
# give permissions
give_permission_to("can_add_aggregate", Aggregate, test.u1)
give_permission_to("can_create_project", Project, test.u2)
def give_test_permissions(test):
create_test_users(test)
# give permissions
give_permission_to("can_add_aggregate", Aggregate, test.u1)
give_permission_to("can_create_project", Project, test.u2)
def create_test_aggregates(test):
from expedient.clearinghouse.aggregate.tests.models import DummyAggregate
give_test_permissions(test)
test.client.login(username=test.u1.username, password="******")
threadlocals.push_frame(user=test.u1)
test.agg1 = DummyAggregate.objects.create(
name="Agg1",
)
test.agg1.create_resources()
test.agg2 = DummyAggregate.objects.create(
name="Agg2",
)
test.agg2.create_resources()
# give permissions to use aggregates
give_permission_to("can_use_aggregate", test.agg1, test.u2)
give_permission_to("can_use_aggregate", test.agg2, test.u2)
test.client.logout()
threadlocals.pop_frame()
def test_get_aggregates(self):
proj = self.test_allowed_create()
self.assertEqual(proj.aggregates.count(), 0)
give_permission_to("can_use_aggregate", self.agg1, proj)
self.assertTrue(has_permission(proj, self.agg1, "can_use_aggregate"))
self.assertEqual(proj.aggregates.count(), 1)
self.assertTrue(self.agg1.aggregate_ptr in proj.aggregates)
def post_save(instance, created):
instance.update_resources()
give_permission_to("can_use_aggregate",
instance,
request.user,
can_delegate=True)
give_permission_to("can_edit_aggregate",
instance,
request.user,
can_delegate=True)
def setUp(self):
"""
Create some permissions and users.
"""
self.u1 = User.objects.create_user("user1", "*****@*****.**", "password")
self.u2 = User.objects.create_user("user2", "*****@*****.**", "password")
create_permission("permission1", description="Permission 1 description.")
give_permission_to("permission1", self.u1, self.u1, can_delegate=True)
give_permission_to("permission1", self.u2, self.u1, can_delegate=True)
def handle_add_to_slice(request, aggregate, slice):
"""Perform that actual add_to_slice request."""
must_have_permission(request.user, aggregate, "can_use_aggregate")
must_have_permission(slice.project, aggregate, "can_use_aggregate")
next = request.GET.get("next", None)
give_permission_to("can_use_aggregate", aggregate, slice)
#success_msg=lambda instance: "Successfully added OpenFlow aggregate %s to slice %s" % (aggregate.name, slice.name)
return HttpResponseRedirect(next if next else reverse("slice_detail", args=[slice.id]))
def add_to_user(self, user, next):
"""
Works exactly the same as L{add_to_project} but for a user.
"""
prefix = self.__class__.get_url_name_prefix()
try:
return reverse("%s_aggregate_user_add" % prefix,
kwargs={'agg_id': self.id,
'user_id': user.id})+"?next=%s" % next
except NoReverseMatch:
give_permission_to("can_use_aggregate", self.as_leaf_class(), user)
return next
def other_perms_view(request, permission, user, target, redirect_to=None):
if request.method == "POST":
give_permission_to(permission, target, user)
redirect_to = redirect_to or reverse("test_view_crud")
return HttpResponseRedirect(redirect_to)
else:
return HttpResponse("""
Do you want to get %s permission for obj %s?
<form action="" method="POST">
<input type="submit" value="Yes" />
<input type="button" value="No" onclick="document.location='%s'" />
</form>
""" % (permission.name, target, reverse("test_view_crud")))
def setUp(self):
"""
Create some permissions and users.
"""
self.u1 = User.objects.create_user("user1", "*****@*****.**",
"password")
self.u2 = User.objects.create_user("user2", "*****@*****.**",
"password")
create_permission("permission1",
description="Permission 1 description.")
give_permission_to("permission1", self.u1, self.u1, can_delegate=True)
give_permission_to("permission1", self.u2, self.u1, can_delegate=True)
def handle_add_to_slice(request, aggregate, slice):
"""Perform that actual add_to_slice request."""
must_have_permission(request.user, aggregate, "can_use_aggregate")
must_have_permission(slice.project, aggregate, "can_use_aggregate")
next = request.GET.get("next", None)
give_permission_to("can_use_aggregate", aggregate, slice)
#success_msg=lambda instance: "Successfully added OpenFlow aggregate %s to slice %s" % (aggregate.name, slice.name)
return HttpResponseRedirect(
next if next else reverse("slice_detail", args=[slice.id]))
def post_save(instance, created):
give_permission_to("can_use_aggregate", aggregate, slice)
# Leo added this. Probably due to issue #121 (allow updating
# (the slice controller without having to start/update it)
if not created:
try:
#aggregate.change_slice_controller(slice)
for agg in Aggregate.objects.all():
agg = agg.as_leaf_class()
if agg.leaf_name == "OpenFlowAggregate":
agg.change_slice_controller(slice)
except Exception, e:
error_msg = str(e)
print e
def other_perms_view(request, permission, user, target, redirect_to=None):
if request.method == "POST":
give_permission_to(permission, target, user)
redirect_to = redirect_to or reverse("test_view_crud")
return HttpResponseRedirect(redirect_to)
else:
return HttpResponse(
"""
Do you want to get %s permission for obj %s?
<form action="" method="POST">
<input type="submit" value="Yes" />
<input type="button" value="No" onclick="document.location='%s'" />
</form>
""" % (permission.name, target, reverse("test_view_crud")))
def post_save(instance, created):
give_permission_to("can_use_aggregate", aggregate, slice)
# Leo added this. Probably due to issue #121 (allow updating
# (the slice controller without having to start/update it)
if not created:
try:
#aggregate.change_slice_controller(slice)
for agg in Aggregate.objects.all():
agg = agg.as_leaf_class()
if agg.leaf_name == "OpenFlowAggregate":
agg.change_slice_controller(slice)
except Exception,e:
error_msg = str(e)
print e
def post_save(instance, created):
instance.update_resources()
give_permission_to(
"can_use_aggregate",
instance,
request.user,
can_delegate=True
)
give_permission_to(
"can_edit_aggregate",
instance,
request.user,
can_delegate=True
)
def add_aggregate(request, proj_id):
'''Add/remove aggregates to/from a project'''
project = get_object_or_404(Project, id=proj_id)
aggregate_list = Aggregate.objects.exclude(
id__in=project.aggregates.all().values_list("id", flat=True))
if request.method == "GET":
return simple.direct_to_template(
request,
template=TEMPLATE_PATH + "/add_aggregates.html",
extra_context={
"aggregate_list":
aggregate_list,
"project":
project,
"breadcrumbs": (
("Home", reverse("home")),
("Project %s" % project.name,
reverse("project_detail", args=[project.id])),
("Add Project Aggregates", request.path),
),
})
elif request.method == "POST":
# check which submit button was pressed
try:
agg_id = int(request.POST.get("id", 0))
except ValueError:
raise Http404
if agg_id not in aggregate_list.values_list("id", flat=True):
raise Http404
aggregate = get_object_or_404(Aggregate, id=agg_id).as_leaf_class()
#Look for the users in the project and give them permission to use the new AM.
for member in project.members.exclude(is_superuser=True):
#if not has_permission(member, project, "can_delete_slices"):
give_permission_to("can_use_aggregate",
aggregate,
member,
giver=None,
can_delegate=False)
return HttpResponseRedirect(
aggregate.add_to_project(
project, reverse("project_add_agg", args=[proj_id])))
else:
return HttpResponseNotAllowed("GET", "POST")
def activate(request, activation_key):
template_name = 'registration/activate.html'
activation_key = activation_key.lower() # Normalize before trying anything with it.
account = RegistrationProfile.objects.activate_user(activation_key)
if account:
give_permission_to(
"can_edit_user", account, account, can_delegate=True)
return simple.direct_to_template(
request,
template=template_name,
extra_context={
'account': account,
'expiration_days': settings.ACCOUNT_ACTIVATION_DAYS,
},
)
def test_allowed_create(self):
"""
Test that we can create an aggregate.
"""
give_permission_to("can_add_aggregate", Aggregate, self.u)
response = self.client.post(reverse("tests_aggregate_create"),
data=dict(
name="dummy agg",
description="aggregate description",
location="Stanford, CA",
))
self.assertRedirects(response,
"/",
msg_prefix="response was %s" % response)
self.assertEqual(DummyAggregate.objects.all().count(), 1)
def add_controller_to_slice(self, slice, next):
"""
Works exactly the same as L{add_to_project} but for a slice.
"""
must_have_permission("user", self.as_leaf_class(), "can_use_aggregate")
must_have_permission("project", self.as_leaf_class(), "can_use_aggregate")
prefix = self.__class__.get_url_name_prefix()
try:
return reverse("%s_aggregate_slice_controller_add" % prefix,
kwargs={'agg_id': self.id,
'slice_id': slice.id})+"?next=%s" % next
except NoReverseMatch:
give_permission_to("can_use_aggregate", self.as_leaf_class(), slice)
return next
def test_allowed_create(self):
"""
Test that we can create an aggregate.
"""
give_permission_to("can_add_aggregate", Aggregate, self.u)
response = self.client.post(
reverse("tests_aggregate_create"),
data=dict(
name="dummy agg",
description="aggregate description",
location="Stanford, CA",
)
)
self.assertRedirects(response, "/",
msg_prefix="response was %s" % response)
self.assertEqual(DummyAggregate.objects.all().count(), 1)
def test_allowed_delete(self):
"""
Tests that delete works when given permission.
"""
give_permission_to("can_add_aggregate", Aggregate, self.u)
agg = DummyAggregate.objects.create(
name="dummy agg",
description="aggregate description",
location="Stanford, CA",
)
response = test_get_and_post_form(
client=self.client,
url=agg.get_delete_url(next="/"),
params={},
)
self.assertRedirects(response, "/")
def test_allowed_delete(self):
"""
Tests that delete works when given permission.
"""
give_permission_to("can_add_aggregate", Aggregate, self.u)
agg = DummyAggregate.objects.create(
name="dummy agg",
description="aggregate description",
location="Stanford, CA",
)
response = test_get_and_post_form(
client=self.client,
url=agg.get_delete_url(next="/"),
params={},
)
self.assertRedirects(response, "/")
def activate(request, activation_key):
template_name = 'registration/activate.html'
activation_key = activation_key.lower() # Normalize before trying anything with it.
# Import only here to avoid every time warning 'DeprecationWarning:
# the sha module is deprecated; use the hashlib module instead'
from registration.models import RegistrationProfile
account = RegistrationProfile.objects.activate_user(activation_key)
if account:
give_permission_to(
"can_edit_user", account, account, can_delegate=True)
return simple.direct_to_template(
request,
template=template_name,
extra_context={
'account': account,
'expiration_days': settings.ACCOUNT_ACTIVATION_DAYS,
},
)
def add_to_project(self, project, next):
"""
Gives the aggregate a chance to request additional information for a
project. This method should return a URL to redirect to where the
user can create or update the additional information the aggregate
needs. When done, the view at that URL should use the
C{give_permission} function to give the project
the "can_use_aggregate" permission::
from expedient.common.permissions.shortcuts import \
give_permission_to
give_permission_to("can_use_aggregate", self.as_leaf_class(), project)
and then it should redirect to C{next}.
If no extra information is needed, this function can return C{next},
instead of a custom URL, but it still needs to give the project the
"can_use_aggregate" permission.
Unless overridden in a subclass, this function will look for a url
with name <app_name>_aggregate_project_add by reversing the name with
it parameters 'agg_id' and 'proj_id'. It will append '?next=<next>' to
the URL if found. Otherwise, it simply gives the permission to the
project and returns C{next}.
"""
logger.debug("adding aggregate to project")
must_have_permission("user", self.as_leaf_class(), "can_use_aggregate")
prefix = self.__class__.get_url_name_prefix()
try:
return reverse("%s_aggregate_project_add" % prefix,
kwargs={
'agg_id': self.id,
'proj_id': project.id
}) + "?next=%s" % next
except NoReverseMatch:
logger.debug("Giving permission to use aggregate to %s" % project)
give_permission_to("can_use_aggregate", self.as_leaf_class(),
project)
return next
def add_aggregate(request, proj_id):
'''Add/remove aggregates to/from a project'''
project = get_object_or_404(Project, id=proj_id)
aggregate_list = Aggregate.objects.exclude(
id__in=project.aggregates.all().values_list("id", flat=True))
if request.method == "GET":
return simple.direct_to_template(
request, template=TEMPLATE_PATH+"/add_aggregates.html",
extra_context={
"aggregate_list": aggregate_list,
"project": project,
"breadcrumbs": (
("Home", reverse("home")),
("Project %s" % project.name, reverse("project_detail", args=[project.id])),
("Add Project Aggregates", request.path),
),
}
)
elif request.method == "POST":
# check which submit button was pressed
try:
agg_id = int(request.POST.get("id", 0))
except ValueError:
raise Http404
if agg_id not in aggregate_list.values_list("id", flat=True):
raise Http404
aggregate = get_object_or_404(Aggregate, id=agg_id).as_leaf_class()
#Look for the users in the project and give them permission to use the new AM.
for member in project.members.exclude(is_superuser=True):
#if not has_permission(member, project, "can_delete_slices"):
give_permission_to("can_use_aggregate", aggregate, member, giver=None, can_delegate=False)
return HttpResponseRedirect(aggregate.add_to_project(
project, reverse("project_add_agg", args=[proj_id])))
else:
return HttpResponseNotAllowed("GET", "POST")
def test_allowed_edit(self):
"""
Tests that we can edit an existing aggregate.
"""
give_permission_to("can_add_aggregate", Aggregate, self.u)
agg = DummyAggregate.objects.create(
name="dummy agg",
description="aggregate description",
location="Stanford, CA",
)
response = self.client.post(
reverse("tests_aggregate_edit", kwargs={"agg_id": 1}),
data=dict(
name="Edited dummy agg",
description="Edited aggregate description",
location="Stanford, CA",
))
self.assertRedirects(response,
"/",
msg_prefix="response was %s" % response)
def save(self, *args, **kwargs):
"""
Override the default save method to enforce permissions.
"""
pk = getattr(self, "pk", None)
if not pk:
# it's a new instance being created
must_have_permission(permittee_kw, model_func(), create_perm)
else:
must_have_permission(permittee_kw, self, edit_perm)
super(model_func(), self).save(*args, **kwargs)
if not pk:
# it was just created so give creator edit permissions
d = threadlocals.get_thread_locals()
give_permission_to(
edit_perm, self, d[permittee_kw], can_delegate=True)
give_permission_to(
delete_perm, self, d[permittee_kw], can_delegate=True)
def activate(request, activation_key):
template_name = 'registration/activate.html'
activation_key = activation_key.lower(
) # Normalize before trying anything with it.
# Import only here to avoid every time warning 'DeprecationWarning:
# the sha module is deprecated; use the hashlib module instead'
from registration.models import RegistrationProfile
account = RegistrationProfile.objects.activate_user(activation_key)
if account:
give_permission_to("can_edit_user",
account,
account,
can_delegate=True)
return simple.direct_to_template(
request,
template=template_name,
extra_context={
'account': account,
'expiration_days': settings.ACCOUNT_ACTIVATION_DAYS,
},
)
def create_test_aggregates(test):
from expedient.clearinghouse.aggregate.tests.models import DummyAggregate
give_test_permissions(test)
test.client.login(username=test.u1.username, password="******")
threadlocals.push_frame(user=test.u1)
test.agg1 = DummyAggregate.objects.create(name="Agg1", )
test.agg1.create_resources()
test.agg2 = DummyAggregate.objects.create(name="Agg2", )
test.agg2.create_resources()
# give permissions to use aggregates
give_permission_to("can_use_aggregate", test.agg1, test.u2)
give_permission_to("can_use_aggregate", test.agg2, test.u2)
test.client.logout()
threadlocals.pop_frame()
def test_allowed_edit(self):
"""
Tests that we can edit an existing aggregate.
"""
give_permission_to("can_add_aggregate", Aggregate, self.u)
agg = DummyAggregate.objects.create(
name="dummy agg",
description="aggregate description",
location="Stanford, CA",
)
response = self.client.post(
reverse("tests_aggregate_edit", kwargs={"agg_id": 1}),
data=dict(
name="Edited dummy agg",
description="Edited aggregate description",
location="Stanford, CA",
)
)
self.assertRedirects(response, "/",
msg_prefix="response was %s" % response)
def add_to_project(self, project, next):
"""
Gives the aggregate a chance to request additional information for a
project. This method should return a URL to redirect to where the
user can create or update the additional information the aggregate
needs. When done, the view at that URL should use the
C{give_permission} function to give the project
the "can_use_aggregate" permission::
from expedient.common.permissions.shortcuts import \
give_permission_to
give_permission_to("can_use_aggregate", self.as_leaf_class(), project)
and then it should redirect to C{next}.
If no extra information is needed, this function can return C{next},
instead of a custom URL, but it still needs to give the project the
"can_use_aggregate" permission.
Unless overridden in a subclass, this function will look for a url
with name <app_name>_aggregate_project_add by reversing the name with
it parameters 'agg_id' and 'proj_id'. It will append '?next=<next>' to
the URL if found. Otherwise, it simply gives the permission to the
project and returns C{next}.
"""
logger.debug("adding aggregate to project")
must_have_permission("user", self.as_leaf_class(), "can_use_aggregate")
prefix = self.__class__.get_url_name_prefix()
try:
return reverse("%s_aggregate_project_add" % prefix,
kwargs={'agg_id': self.id,
'proj_id': project.id})+"?next=%s" % next
except NoReverseMatch:
logger.debug("Giving permission to use aggregate to %s" % project)
give_permission_to("can_use_aggregate", self.as_leaf_class(), project)
return next
def aggregate_crud(request, agg_id=None):
'''
Create/update a AlienResource Aggregate.
'''
if agg_id != None:
aggregate = get_object_or_404(AlienResourceAggregateModel, pk=agg_id)
client = aggregate.client
else:
aggregate = None
client = None
extra_context_dict = {}
errors = ""
if request.method == "GET":
agg_form = AlienResourceAggregateForm(instance=aggregate)
client_form = xmlrpcServerProxyForm(instance=client)
#client_form = PasswordXMLRPCServerProxyForm(instance=client)
elif request.method == "POST":
agg_form = AlienResourceAggregateForm(
data=request.POST, instance=aggregate)
client_form = xmlrpcServerProxyForm(
data=request.POST, instance=client)
'''
client_form = PasswordXMLRPCServerProxyForm(
data=request.POST, instance=client)
'''
if client_form.is_valid() and agg_form.is_valid():
# Ping is tried after every field check
client = client_form.save(commit=False)
aggregate = agg_form.save(commit=False)
aggregate.client = client
#s = xmlrpclib.Server('https://'+client.username+':'+client.password+'@'+client.url[8:])
local_path = os.path.normpath(os.path.join(os.path.dirname(__file__), '..', 'certs'))
key_path = os.path.join(local_path, "alice-key.pem") # make sure the CA of the AM is the same which issued this certificate (e.g. copy certificates from omni)
cert_path = os.path.join(local_path, "alice-cert.pem")
# instanciate the client
#client2 = GENI3Client('192.168.61.164', 8001, key_path, cert_path)
# load test credential (look into the `test/creds/TODO.md` to generate these certs)
with open(os.path.join(local_path, "alice-cred.xml"), 'r') as f:
TEST_CREDENTIAL = {'geni_value': f.read(), 'geni_version': '3', 'geni_type': 'geni_sfa'}
with open(os.path.join(local_path, "pizzaslice_cred.xml"), 'r') as f:
TEST_SLICE_CREDENTIAL = {'geni_value': f.read(), 'geni_version': '3', 'geni_type': 'geni_sfa'}
#res=client2.listResources([TEST_CREDENTIAL], True, False)
#s = xmlrpclib.Server('https://'+client.url[8:])
try:
#s.ping('ping')
client2 = GENI3Client(aggregate.get_client_IP(), aggregate.get_client_port(), key_path, cert_path)
except Exception as e:
errors = "Could not connect to server: username, password or url are not correct"
DatedMessage.objects.post_message_to_user(
errors, user=request.user, msg_type=DatedMessage.TYPE_ERROR,
)
extra_context_dict['errors'] = errors
writeToLog("Exception: %s" %str(e))
if not errors:
client = client_form.save()
aggregate = agg_form.save(commit=False)
aggregate.client = client
aggregate.save()
agg_form.save_m2m()
aggregate.save()
# Update agg_id to sync its resources
agg_id = aggregate.pk
# Get resources from AlienResource AM's xmlrpc server every time the AM is updated
try:
do_sync = True
'''
if agg_form.is_bound:
do_sync = agg_form.data.get("sync_resources")
else:
do_sync = agg_form.initial.get("sync_resources")
'''
if do_sync:
failed_resources = sync_am_resources(agg_id, client2)
if failed_resources:
DatedMessage.objects.post_message_to_user(
"Could not synchronize resources %s within Expedient" % str(failed_resources),
user=request.user, msg_type=DatedMessage.TYPE_WARNING,
)
except:
warning = "Could not synchronize AM resources within Expedient"
DatedMessage.objects.post_message_to_user(
errors, user=request.user, msg_type=DatedMessage.TYPE_WARNING,
)
extra_context_dict['errors'] = warning
give_permission_to(
"can_use_aggregate",
aggregate,
request.user,
can_delegate=True
)
give_permission_to(
"can_edit_aggregate",
aggregate,
request.user,
can_delegate=True
)
DatedMessage.objects.post_message_to_user(
"Successfully created/updated aggregate %s" % aggregate.name,
user=request.user, msg_type=DatedMessage.TYPE_SUCCESS,
)
return HttpResponseRedirect("/")
else:
return HttpResponseNotAllowed("GET", "POST")
if not errors:
extra_context_dict['available'] = aggregate.check_status() if agg_id else False
# Updates the dictionary with the common fields
extra_context_dict.update({
"agg_form": agg_form,
"client_form": client_form,
"create": not agg_id,
"aggregate": aggregate,
"breadcrumbs": (
('Home', reverse("home")),
("%s AlienResource Aggregate" % ("Update" if agg_id else "Create"),
request.path),
)
})
return simple.direct_to_template(
request,
template="alien_plugin_aggregate_crud.html",
extra_context=extra_context_dict
)
def aggregate_crud(request, agg_id=None):
'''
Create/update a SampleResource Aggregate.
'''
if agg_id != None:
aggregate = get_object_or_404(SampleResourceAggregateModel, pk=agg_id)
client = aggregate.client
else:
aggregate = None
client = None
extra_context_dict = {}
errors = ""
if request.method == "GET":
agg_form = SampleResourceAggregateForm(instance=aggregate)
client_form = xmlrpcServerProxyForm(instance=client)
elif request.method == "POST":
agg_form = SampleResourceAggregateForm(data=request.POST,
instance=aggregate)
client_form = xmlrpcServerProxyForm(data=request.POST, instance=client)
if client_form.is_valid() and agg_form.is_valid():
# Ping is tried after every field check
client = client_form.save(commit=False)
s = xmlrpclib.Server('https://' + client.username + ':' +
client.password + '@' + client.url[8:])
try:
s.ping('ping')
except:
errors = "Could not connect to server: username, password or url are not correct"
DatedMessage.objects.post_message_to_user(
errors,
user=request.user,
msg_type=DatedMessage.TYPE_ERROR,
)
extra_context_dict['errors'] = errors
if not errors:
client = client_form.save()
aggregate = agg_form.save(commit=False)
aggregate.client = client
aggregate.save()
agg_form.save_m2m()
aggregate.save()
# Update agg_id to sync its resources
agg_id = aggregate.pk
# Get resources from SampleResource AM's xmlrpc server every time the AM is updated
try:
do_sync = True
if agg_form.is_bound:
do_sync = agg_form.data.get("sync_resources")
else:
do_sync = agg_form.initial.get("sync_resources")
if do_sync:
failed_resources = sync_am_resources(agg_id, s)
if failed_resources:
DatedMessage.objects.post_message_to_user(
"Could not synchronize resources %s within Expedient"
% str(failed_resources),
user=request.user,
msg_type=DatedMessage.TYPE_WARNING,
)
except:
warning = "Could not synchronize AM resources within Expedient"
DatedMessage.objects.post_message_to_user(
errors,
user=request.user,
msg_type=DatedMessage.TYPE_WARNING,
)
extra_context_dict['errors'] = warning
give_permission_to("can_use_aggregate",
aggregate,
request.user,
can_delegate=True)
give_permission_to("can_edit_aggregate",
aggregate,
request.user,
can_delegate=True)
DatedMessage.objects.post_message_to_user(
"Successfully created/updated aggregate %s" %
aggregate.name,
user=request.user,
msg_type=DatedMessage.TYPE_SUCCESS,
)
return HttpResponseRedirect("/")
else:
return HttpResponseNotAllowed("GET", "POST")
if not errors:
extra_context_dict['available'] = aggregate.check_status(
) if agg_id else False
# Updates the dictionary with the common fields
extra_context_dict.update({
"agg_form":
agg_form,
"client_form":
client_form,
"create":
not agg_id,
"aggregate":
aggregate,
"breadcrumbs": (
('Home', reverse("home")),
("%s SampleResource Aggregate" %
("Update" if agg_id else "Create"), request.path),
)
})
return simple.direct_to_template(
request,
template="sample_resource_aggregate_crud.html",
extra_context=extra_context_dict)
def post_save(instance, created):
give_permission_to("can_delete_slices",
instance,
instance.owner,
giver=None,
can_delegate=False)
def post_save(instance, created):
give_permission_to("can_use_aggregate", aggregate, slice)
def aggregate_crud(request, agg_id=None):
'''
Create/update an OpenFlow Aggregate.
'''
if agg_id != None:
aggregate = get_object_or_404(OpenFlowAggregate, pk=agg_id)
client = aggregate.client
else:
aggregate = None
client = None
if request.method == "GET":
agg_form = OpenFlowAggregateForm(instance=aggregate)
client_form = PasswordXMLRPCServerProxyForm(instance=client)
elif request.method == "POST":
logger.debug("aggregate_crud got post")
agg_form = OpenFlowAggregateForm(
data=request.POST, instance=aggregate)
client_form = PasswordXMLRPCServerProxyForm(
data=request.POST, instance=client)
logger.debug("Validating")
if client_form.is_valid() and agg_form.is_valid():
logger.debug("Forms are valid")
logger.debug("Got logo %s" % request.POST.get("logo", ""))
# Save the client first
client = client_form.save()
# Then save the aggregate and add the client
aggregate = agg_form.save(commit=False)
aggregate.client = client
aggregate.save()
agg_form.save_m2m()
try:
info = aggregate.client.proxy.get_am_info()
aggregate.vlan_auto_assignment = info["vlan_auto_assignment"]
aggregate.flowspace_auto_approval = info["flowspace_auto_approval"]
except Exception as e:
# logger.debug("Aggregate %s: could not check automatic resource assignment" % str(aggregate.name))
pass
try:
err = ' '
aggregate.client.proxy.checkFlowVisor()
aggregate.setup_new_aggregate(request.build_absolute_uri("/"))
except Exception as e:
err = str(e)
if err is not ' ':
#transaction.rollback()
if "check_fv_set" in err:
msg_type = DatedMessage.TYPE_WARNING
if agg_id:
flowvisor_msg = "Topology could not be updated because could not connect to FlowVisor."
else:
flowvisor_msg = "New Aggregate set, but there is no FlowVisor connected to it."
else:
flowvisor_msg = err
msg_type = DatedMessage.TYPE_ERROR
DatedMessage.objects.post_message_to_user(
flowvisor_msg, user=request.user, msg_type=msg_type,
)
return HttpResponseRedirect("/")
aggregate.save()
give_permission_to(
"can_use_aggregate",
aggregate,
request.user,
can_delegate=True
)
give_permission_to(
"can_edit_aggregate",
aggregate,
request.user,
can_delegate=True
)
DatedMessage.objects.post_message_to_user(
"Successfully created/updated aggregate %s. %s" % (aggregate.name,err),
user=request.user, msg_type=DatedMessage.TYPE_SUCCESS,
)
return HttpResponseRedirect(reverse("openflow_aggregate_add_links", args=[aggregate.id]))
logger.debug("Validation failed")
else:
return HttpResponseNotAllowed("GET", "POST")
available = aggregate.check_status() if agg_id else False
return simple.direct_to_template(
request,
template="openflow_aggregate_crud.html",
extra_context={
"agg_form": agg_form,
"client_form": client_form,
"create": not agg_id,
"aggregate": aggregate,
"available": available,
"breadcrumbs": (
('Home', reverse("home")),
("%s OpenFlow Aggregate" % ("Update" if agg_id else "Add"),
request.path),
)
},
)
def handle_noargs(self, **options):
username = options.get("username")
password = options.get("password")
filename = options.get("filename")
do_aggs = options.get("load_aggs")
do_slices = options.get("load_slices")
start_slices = options.get("start_slices")
append = options.get("append")
f = open(filename)
data = load(f)
f.close()
client = Client()
client.login(username=username, password=password)
user = User.objects.get(username=username)
threadlocals.get_thread_locals()["user"] = user
if do_aggs:
for agg_dict in data["aggregates"]:
resp = test_get_and_post_form(
client,
reverse("openflow_aggregate_create"),
agg_dict,
)
assert (resp.status_code == 302)
assert (re.search(r"/openflow/aggregate/\d+/links/$",
resp["Location"]))
if do_slices:
for project_dict in data["projects"]:
project, _ = Project.objects.get_or_create(
name=project_dict["name"],
description=project_dict["description"],
)
create_project_roles(project, user)
threadlocals.get_thread_locals()["project"] = project
# add aggregates to project
for aggregate in OpenFlowAggregate.objects.all():
give_permission_to("can_use_aggregate", aggregate, user)
give_permission_to("can_use_aggregate", aggregate, project)
for aggregate in GCFOpenFlowAggregate.objects.all():
give_permission_to("can_use_aggregate", aggregate, user)
give_permission_to("can_use_aggregate", aggregate, project)
# add slices to project
for slice_dict in project_dict["slices"]:
slice = Slice.objects.create(
name=slice_dict["name"],
description=slice_dict["description"],
project=project,
owner=user,
)
OpenFlowSliceInfo.objects.create(
slice=slice,
controller_url=slice_dict["controller_url"],
password=slice_dict["password"],
)
info, _ = GENISliceInfo.objects.get_or_create(
slice=slice, )
if not info.ssh_private_key or not info.ssh_public_key:
info.generate_ssh_keys()
info.save()
# add aggregates to slices
for aggregate in OpenFlowAggregate.objects.all():
give_permission_to("can_use_aggregate", aggregate,
slice)
for aggregate in GCFOpenFlowAggregate.objects.all():
give_permission_to("can_use_aggregate", aggregate,
slice)
# add slivers
slivers = []
for dpid, port in slice_dict["ifaces"]:
try:
sliver, _ = OpenFlowInterfaceSliver.objects.get_or_create(
slice=slice,
resource=OpenFlowInterface.objects.get(
port_num=port, switch__datapath_id=dpid),
)
slivers.append(sliver)
except OpenFlowInterface.DoesNotExist:
continue
# add flowspace
for sfs_dict in slice_dict["sfs"]:
fs_dict = {}
for attr in "dl_src", "dl_dst", "dl_type", "vlan_id", \
"nw_src", "nw_dst", "nw_proto", "tp_dst", "tp_src":
fs_dict[attr + "_start"] = sfs_dict[attr]
fs_dict[attr + "_end"] = sfs_dict[attr]
fs = FlowSpaceRule.objects.create(**fs_dict)
for sliver in slivers:
fs.slivers.add(sliver)
if start_slices:
tl = threadlocals.get_thread_locals()
tl["project"] = project
tl["slice"] = slice
slice.start(user)
def aggregate_crud(request, agg_id=None):
'''
Create/update a ResourceOrchestrator Aggregate.
'''
if agg_id != None:
aggregate = get_object_or_404(ResourceOrchestratorAggregateModel, pk=agg_id)
client = aggregate.client
else:
aggregate = None
client = None
extra_context_dict = {}
errors = ""
if request.method == "GET":
agg_form = ResourceOrchestratorAggregateForm(instance=aggregate)
client_form = xmlrpcServerProxyForm(instance=client)
elif request.method == "POST":
agg_form = ResourceOrchestratorAggregateForm(
data=request.POST, instance=aggregate)
client_form = xmlrpcServerProxyForm(
data=request.POST, instance=client)
if client_form.is_valid() and agg_form.is_valid():
# Ping is tried after every field check
client = client_form.save(commit=False)
print "client.certificate.name: ", client.certificate.name
print "client.certificate dir>> ", client.certificate.__dict__
print "client.certificate.instance dir>> ", client.certificate.instance.__dict__
print "client.key.name: ", client.key.name
print "client.key.name dir>> ", client.key.__dict__
print "client.key.instance.name dir>> ", client.key.instance.__dict__
# Retrieve contents of client.key and client.cert, not the whole object
s = xmlrpc_secure.make_client(client.url, client.key.name, client.certificate.name)
try:
# s.GetVersion()
sync_ro_resources(s)
# TODO Check what happens when certificates are incorrect! (untrusted)
# TODO Check what hapens when certificates are not signed by CH!
except Exception as e:
print "----------------- Expedient ---> RO connection FAILED! Details: ", e
if isinstance(e, socket.error):
errors = "Could not connect to server: URL is not correct or remote RO is down"
else:
errors = "Could not connect to server: either certificate or URL is not correct"
DatedMessage.objects.post_message_to_user(
errors, user=request.user, msg_type=DatedMessage.TYPE_ERROR,
)
extra_context_dict['errors'] = errors
if not errors:
client = client_form.save()
print "\n\n\n\n\nrequest FILES!!!!!!!!!!!! dict ", request.FILES.__dict__
print "\n\n\n\n\nrequest POST!!!!!!!!!!!! dict ", request.POST.__dict__
print "\n\n\n\n\nclient 1!!!!!!!!!!!! ", client.__dict__
print "\n\n\n\n\nclient 1 cert!!!!!!!!!!!! ", dir(client.certificate.storage)
print "\n\n\n\n\nclient 1 cert location!!!!!!!!!!!! ", client.certificate.storage.base_location, client.certificate.storage.path, client.certificate.storage.base_url, dir(client.certificate.storage.url), client.certificate.storage.listdir
print "\n\n\n\n\nclient 1 key!!!!!!!!!!!! ", dir(client.key.storage)
client_xmplrc_secure = xmlrpcServerProxyModel(request.POST, request.FILES)
print "\n\n\n\n\nclient 2!!!!!!!!!!!! ", dir(client_xmplrc_secure)
print "\n\n\n\n\nclient 2 certificate!!!!!!!!!!!! ", client_xmplrc_secure.__dict__["certificate"]
print "\n\n\n\n\nclient 2 certificate!!!!!!!!!!!! 1", dir(client_xmplrc_secure.__dict__["certificate"])
print "\n\n\n\n\nclient 2 certificate!!!!!!!!!!!! 2", client_xmplrc_secure.__dict__["certificate"].keys()
for v in client_xmplrc_secure.__dict__["certificate"].values():
print "\n\n\n\n\nclient 2 certificate!!!!!!!!!!!! 3", v
aggregate = agg_form.save(commit=False)
#if "certificate" in request.FILES:
# certificate_contents = request.FILES["certificate"]
try:
certificate_contents = client_xmplrc_secure.__dict__["certificate"].values()[0]
certificate_default_storage = client.certificate.storage
# from django.core.files.storage import default_storage
certificate_name = get_file_name(aggregate)
print "certificate_name: ", certificate_name
# "certificate_default_storage.location" not good
path = certificate_default_storage.save( \
os.path.join(DEFAULT_UPLOAD_PATH, "%s.crt" % certificate_name), \
ContentFile(certificate_contents.read()))
print "path...............", path
print "dir(certificate_default_storage): ", dir(certificate_default_storage)
print "location(certificate_default_storage): ", certificate_default_storage.location
certificate_file = open(path,"wb")
for line in certificate_contents.readlines():
certificate_file.write(line)
certificate_file.close()
# Update path of certificate
certificate.key.name = path
certificate.save()
except Exception as e:
print "certificate.e: ", e
try:
#if "key" in request.FILES:
# key_contents = request.FILES["key"]
key_contents = client_xmplrc_secure.__dict__["key"].values()[0]
print "key_contents: ", key_contents
key_default_storage = client.key.storage
key_name = get_file_name(aggregate)
print "key_name: ", key_name
path = certificate_default_storage.save( \
os.path.join(DEFAULT_UPLOAD_PATH, "%s.key" % certificate_name), \
ContentFile(certificate_contents.read()))
print "path...............", path
print "dir(key_default_storage): ", key_default_storage["path"]
key_file = open("/opt/felix/%s" % key_name,"wb")
for line in key_contents.readlines():
key_file.write(line)
key_file.close()
# Update path of key
client.key.name = path
client.save()
except Exception as e:
print "key.e: ", e
aggregate.client = client
# Set to available
#aggregate.available = True
aggregate.save()
agg_form.save_m2m()
aggregate.save()
# Update agg_id to sync its resources
# agg_id = aggregate.pk
# # Get resources from ResourceOrchestrator AM's xmlrpc server every time the AM is updated
# try:
# # TODO Process output of GetVersion for more info on associated RMs?
# do_sync = True
# if agg_form.is_bound:
# do_sync = agg_form.data.get("sync_resources")
# else:
# do_sync = agg_form.initial.get("sync_resources")
#
# if do_sync:
# failed_resources = sync_ro_resources(agg_id, s)
#
# if failed_resources:
# DatedMessage.objects.post_message_to_user(
# "Could not synchronize resources %s within Expedient" % str(failed_resources),
# user=request.user, msg_type=DatedMessage.TYPE_WARNING,
# )
# except:
# warning = "Could not synchronize RO resources within Expedient"
# DatedMessage.objects.post_message_to_user(
# errors, user=request.user, msg_type=DatedMessage.TYPE_WARNING,
# )
# extra_context_dict['errors'] = warning
give_permission_to(
"can_use_aggregate",
aggregate,
request.user,
can_delegate=True
)
give_permission_to(
"can_edit_aggregate",
aggregate,
request.user,
can_delegate=True
)
DatedMessage.objects.post_message_to_user(
"Successfully created/updated aggregate %s" % aggregate.name,
user=request.user, msg_type=DatedMessage.TYPE_SUCCESS,
)
return HttpResponseRedirect("/")
else:
return HttpResponseNotAllowed("GET", "POST")
if not errors:
extra_context_dict['available'] = aggregate.check_status() if agg_id else False
# Updates the dictionary with the common fields
extra_context_dict.update({
"agg_form": agg_form,
"client_form": client_form,
"create": not agg_id,
"aggregate": aggregate,
"breadcrumbs": (
('Home', reverse("home")),
("%s ResourceOrchestrator Aggregate" % ("Update" if agg_id else "Create"),
request.path),
)
})
return simple.direct_to_template(
request,
template="resource_orchestrator_aggregate_crud.html",
extra_context=extra_context_dict
)
def handle_noargs(self, **options):
username = options.get("username")
password = options.get("password")
filename = options.get("filename")
do_aggs = options.get("load_aggs")
do_slices = options.get("load_slices")
start_slices = options.get("start_slices")
append = options.get("append")
f = open(filename)
data = load(f)
f.close()
client = Client()
client.login(username=username, password=password)
user = User.objects.get(username=username)
threadlocals.get_thread_locals()["user"] = user
if do_aggs:
for agg_dict in data["aggregates"]:
resp = test_get_and_post_form(
client, reverse("openflow_aggregate_create"),
agg_dict,
)
assert(resp.status_code == 302)
assert(
re.search(
r"/openflow/aggregate/\d+/links/$",
resp["Location"]))
if do_slices:
for project_dict in data["projects"]:
project, _ = Project.objects.get_or_create(
name=project_dict["name"],
description=project_dict["description"],
)
create_project_roles(project, user)
threadlocals.get_thread_locals()["project"] = project
# add aggregates to project
for aggregate in OpenFlowAggregate.objects.all():
give_permission_to("can_use_aggregate", aggregate, user)
give_permission_to("can_use_aggregate", aggregate, project)
for aggregate in GCFOpenFlowAggregate.objects.all():
give_permission_to("can_use_aggregate", aggregate, user)
give_permission_to("can_use_aggregate", aggregate, project)
# add slices to project
for slice_dict in project_dict["slices"]:
slice = Slice.objects.create(
name=slice_dict["name"],
description=slice_dict["description"],
project=project,
owner=user,
)
OpenFlowSliceInfo.objects.create(
slice=slice,
controller_url=slice_dict["controller_url"],
password=slice_dict["password"],
)
info, _ = GENISliceInfo.objects.get_or_create(
slice=slice,
)
if not info.ssh_private_key or not info.ssh_public_key:
info.generate_ssh_keys()
info.save()
# add aggregates to slices
for aggregate in OpenFlowAggregate.objects.all():
give_permission_to("can_use_aggregate", aggregate, slice)
for aggregate in GCFOpenFlowAggregate.objects.all():
give_permission_to("can_use_aggregate", aggregate, slice)
# add slivers
slivers = []
for dpid, port in slice_dict["ifaces"]:
try:
sliver, _ = OpenFlowInterfaceSliver.objects.get_or_create(
slice=slice,
resource=OpenFlowInterface.objects.get(
port_num=port, switch__datapath_id=dpid),
)
slivers.append(sliver)
except OpenFlowInterface.DoesNotExist:
continue
# add flowspace
for sfs_dict in slice_dict["sfs"]:
fs_dict = {}
for attr in "dl_src", "dl_dst", "dl_type", "vlan_id", \
"nw_src", "nw_dst", "nw_proto", "tp_dst", "tp_src":
fs_dict[attr+"_start"] = sfs_dict[attr]
fs_dict[attr+"_end"] = sfs_dict[attr]
fs = FlowSpaceRule.objects.create(**fs_dict)
for sliver in slivers:
fs.slivers.add(sliver)
if start_slices:
tl = threadlocals.get_thread_locals()
tl["project"] = project
tl["slice"] = slice
slice.start(user)
def aggregate_crud(request, agg_id=None):
'''
Create/update an Virtualization Aggregate.
'''
if agg_id != None:
aggregate = get_object_or_404(VtPlugin, pk=agg_id)
client = aggregate.client
else:
aggregate = None
client = None
extra_context_dict = {}
errors = ""
if request.method == "GET":
agg_form = VTAggregateForm(instance=aggregate)
client_form = xmlrpcServerProxyForm(instance=client)
elif request.method == "POST":
agg_form = VTAggregateForm(
data=request.POST, instance=aggregate)
client_form = xmlrpcServerProxyForm(
data=request.POST, instance=client)
if client_form.is_valid() and agg_form.is_valid():
# Ping is tried after every field check
client = client_form.save(commit=False)
s = xmlrpclib.Server('https://'+client.username+':'+client.password+'@'+client.url[8:])
try:
s.ping('ping')
except:
errors = "Could not connect to server: username, password or url are not correct"
DatedMessage.objects.post_message_to_user(
errors, user=request.user, msg_type=DatedMessage.TYPE_ERROR,
)
extra_context_dict['errors'] = errors
# return HttpResponseRedirect(request.path)
if not errors:
client = client_form.save()
aggregate = agg_form.save(commit=False)
aggregate.client = client
aggregate.save()
agg_form.save_m2m()
aggregate.save()
give_permission_to(
"can_use_aggregate",
aggregate,
request.user,
can_delegate=True
)
give_permission_to(
"can_edit_aggregate",
aggregate,
request.user,
can_delegate=True
)
DatedMessage.objects.post_message_to_user(
"Successfully created/updated aggregate %s" % aggregate.name,
user=request.user, msg_type=DatedMessage.TYPE_SUCCESS,
)
return HttpResponseRedirect("/")
else:
return HttpResponseNotAllowed("GET", "POST")
if not errors:
extra_context_dict['available'] = aggregate.check_status() if agg_id else False
# Updates the dictionary with the common fields
extra_context_dict.update({
"agg_form": agg_form,
"client_form": client_form,
"create": not agg_id,
"aggregate": aggregate,
# Previously commented
# "available": available,
"breadcrumbs": (
('Home', reverse("home")),
("%s Virtualization Aggregate" % ("Update" if agg_id else "Add"),
request.path),
)
})
return simple.direct_to_template(
request,
template="vt_plugin_aggregate_crud.html",
extra_context=extra_context_dict
)
def aggregate_crud(request, agg_id=None):
'''
Create/update a SampleResource Aggregate.
'''
if agg_id != None:
aggregate = get_object_or_404(SampleResourceAggregateModel, pk=agg_id)
client = aggregate.client
else:
aggregate = None
client = None
extra_context_dict = {}
errors = ""
if request.method == "GET":
agg_form = SampleResourceAggregateForm(instance=aggregate)
client_form = xmlrpcServerProxyForm(instance=client)
elif request.method == "POST":
agg_form = SampleResourceAggregateForm(
data=request.POST, instance=aggregate)
client_form = xmlrpcServerProxyForm(
data=request.POST, instance=client)
if client_form.is_valid() and agg_form.is_valid():
# Ping is tried after every field check
client = client_form.save(commit=False)
s = xmlrpclib.Server('https://'+client.username+':'+client.password+'@'+client.url[8:])
try:
s.ping('ping')
except:
errors = "Could not connect to server: username, password or url are not correct"
DatedMessage.objects.post_message_to_user(
errors, user=request.user, msg_type=DatedMessage.TYPE_ERROR,
)
extra_context_dict['errors'] = errors
if not errors:
client = client_form.save()
aggregate = agg_form.save(commit=False)
aggregate.client = client
aggregate.save()
agg_form.save_m2m()
aggregate.save()
# Update agg_id to sync its resources
agg_id = aggregate.pk
# Get resources from SampleResource AM's xmlrpc server every time the AM is updated
try:
do_sync = True
if agg_form.is_bound:
do_sync = agg_form.data.get("sync_resources")
else:
do_sync = agg_form.initial.get("sync_resources")
if do_sync:
failed_resources = sync_am_resources(agg_id, s)
if failed_resources:
DatedMessage.objects.post_message_to_user(
"Could not synchronize resources %s within Expedient" % str(failed_resources),
user=request.user, msg_type=DatedMessage.TYPE_WARNING,
)
except:
warning = "Could not synchronize AM resources within Expedient"
DatedMessage.objects.post_message_to_user(
errors, user=request.user, msg_type=DatedMessage.TYPE_WARNING,
)
extra_context_dict['errors'] = warning
give_permission_to(
"can_use_aggregate",
aggregate,
request.user,
can_delegate=True
)
give_permission_to(
"can_edit_aggregate",
aggregate,
request.user,
can_delegate=True
)
DatedMessage.objects.post_message_to_user(
"Successfully created/updated aggregate %s" % aggregate.name,
user=request.user, msg_type=DatedMessage.TYPE_SUCCESS,
)
return HttpResponseRedirect("/")
else:
return HttpResponseNotAllowed("GET", "POST")
if not errors:
extra_context_dict['available'] = aggregate.check_status() if agg_id else False
# Updates the dictionary with the common fields
extra_context_dict.update({
"agg_form": agg_form,
"client_form": client_form,
"create": not agg_id,
"aggregate": aggregate,
"breadcrumbs": (
('Home', reverse("home")),
("%s SampleResource Aggregate" % ("Update" if agg_id else "Create"),
request.path),
)
})
return simple.direct_to_template(
request,
template="sample_resource_aggregate_crud.html",
extra_context=extra_context_dict
)
def CreateSliver(slice_urn, rspec, user):
(project_name, project_desc, slice_name, slice_desc, slice_expiry,
controller_url, firstname, lastname, affiliation, email, password,
slivers) = rspec_mod.parse_slice(rspec)
logger.debug("Parsed Rspec")
slice_expiry = datetime.fromtimestamp(slice_expiry)
give_permission_to("can_create_project", Project, user)
user.first_name = firstname
user.last_name = lastname
user.email = email
profile = UserProfile.get_or_create_profile(user)
profile.affiliation = affiliation
user.save()
profile.save()
# Check if the slice exists
try:
slice = get_slice(slice_urn)
# update the slice info
slice.description = slice_desc
slice.name = slice_name
slice.expiration_date = slice_expiry
slice.save()
# update the project info
slice.project.name = project_name
slice.project.description = project_desc
slice.project.save()
project = slice.project
except Slice.DoesNotExist:
# Check if the project exists
try:
project = Project.objects.get(name=project_name)
# update the project info
logger.debug("Updating project")
project.description = project_desc
project.save()
except Project.DoesNotExist:
# create the project
logger.debug("Creating project")
project = Project.objects.create(
name=project_name,
description=project_desc,
)
create_project_roles(project, user)
# create the slice
logger.debug("Creating slice")
try:
slice = Slice.objects.create(
name=slice_name,
description=slice_desc,
project=project,
owner=user,
expiration_date=slice_expiry,
)
except IntegrityError:
raise DuplicateSliceNameException(slice_name)
logger.debug("Creating/updating slice info")
# create openflow slice info for the slice
create_or_update(
OpenFlowSliceInfo,
filter_attrs={"slice": slice},
new_attrs={
"controller_url": controller_url,
"password": password,
},
)
logger.debug("creating gapislice")
# store a pointer to this slice using the slice_urn
create_or_update(
GENISliceInfo,
filter_attrs={
"slice": slice,
},
new_attrs={
"slice_urn": slice_urn,
},
)
logger.debug("adding resources")
sliver_ids = []
# delete all flowspace in the slice
FlowSpaceRule.objects.filter(slivers__slice=slice).delete()
# add the new flowspace
for fs_dict, iface_qs in slivers:
# give the user, project, slice permission to use the aggregate
aggregate_ids = list(iface_qs.values_list("aggregate", flat=True))
for agg_id in aggregate_ids:
aggregate = Aggregate.objects.get(id=agg_id).as_leaf_class()
give_permission_to("can_use_aggregate", aggregate, user)
give_permission_to("can_use_aggregate", aggregate, project)
give_permission_to("can_use_aggregate", aggregate, slice)
# Create flowspace
logger.debug("Creating flowspace %s" % fs_dict)
fs = FlowSpaceRule.objects.create(**fs_dict)
# make sure all the selected interfaces are added
for iface in iface_qs:
sliver, _ = OpenFlowInterfaceSliver.objects.get_or_create(
slice=slice, resource=iface)
sliver_ids.append(sliver.id)
fs.slivers.add(sliver)
logger.debug("Deleting old resources")
# Delete all removed interfaces
OpenFlowInterfaceSliver.objects.exclude(id__in=sliver_ids).delete()
logger.debug("Starting the slice %s %s" % (slice, slice.name))
# make the reservation
tl = threadlocals.get_thread_locals()
tl["project"] = project
tl["slice"] = slice
slice.start(user)
logger.debug("Done creating sliver")
return rspec_mod.create_resv_rspec(user, slice)
def CreateSliver(slice_urn, rspec, user):
(project_name, project_desc, slice_name, slice_desc, slice_expiry,
controller_url, firstname, lastname, affiliation,
email, password, slivers) = rspec_mod.parse_slice(rspec)
logger.debug("Parsed Rspec")
slice_expiry = datetime.fromtimestamp(slice_expiry)
give_permission_to("can_create_project", Project, user)
user.first_name = firstname
user.last_name = lastname
user.email = email
profile = UserProfile.get_or_create_profile(user)
profile.affiliation = affiliation
user.save()
profile.save()
# Check if the slice exists
try:
slice = get_slice(slice_urn)
# update the slice info
slice.description = slice_desc
slice.name = slice_name
slice.expiration_date = slice_expiry
slice.save()
# update the project info
slice.project.name = project_name
slice.project.description = project_desc
slice.project.save()
project = slice.project
except Slice.DoesNotExist:
# Check if the project exists
try:
project = Project.objects.get(name=project_name)
# update the project info
logger.debug("Updating project")
project.description = project_desc
project.save()
except Project.DoesNotExist:
# create the project
logger.debug("Creating project")
project = Project.objects.create(
name=project_name,
description=project_desc,
)
create_project_roles(project, user)
# create the slice
logger.debug("Creating slice")
try:
slice = Slice.objects.create(
name=slice_name,
description=slice_desc,
project=project,
owner=user,
expiration_date = slice_expiry,
)
except IntegrityError:
raise DuplicateSliceNameException(slice_name)
logger.debug("Creating/updating slice info")
# create openflow slice info for the slice
create_or_update(
OpenFlowSliceInfo,
filter_attrs={"slice": slice},
new_attrs={
"controller_url": controller_url,
"password": password,
},
)
logger.debug("creating gapislice")
# store a pointer to this slice using the slice_urn
create_or_update(
GENISliceInfo,
filter_attrs={
"slice": slice,
},
new_attrs={
"slice_urn": slice_urn,
},
)
logger.debug("adding resources")
sliver_ids = []
# delete all flowspace in the slice
FlowSpaceRule.objects.filter(slivers__slice=slice).delete()
# add the new flowspace
for fs_dict, iface_qs in slivers:
# give the user, project, slice permission to use the aggregate
aggregate_ids = list(iface_qs.values_list("aggregate", flat=True))
for agg_id in aggregate_ids:
aggregate = Aggregate.objects.get(id=agg_id).as_leaf_class()
give_permission_to("can_use_aggregate", aggregate, user)
give_permission_to("can_use_aggregate", aggregate, project)
give_permission_to("can_use_aggregate", aggregate, slice)
# Create flowspace
logger.debug("Creating flowspace %s" % fs_dict)
fs = FlowSpaceRule.objects.create(**fs_dict)
# make sure all the selected interfaces are added
for iface in iface_qs:
sliver, _ = OpenFlowInterfaceSliver.objects.get_or_create(
slice=slice, resource=iface)
sliver_ids.append(sliver.id)
fs.slivers.add(sliver)
logger.debug("Deleting old resources")
# Delete all removed interfaces
OpenFlowInterfaceSliver.objects.exclude(id__in=sliver_ids).delete()
logger.debug("Starting the slice %s %s" % (slice, slice.name))
# make the reservation
tl = threadlocals.get_thread_locals()
tl["project"] = project
tl["slice"] = slice
slice.start(user)
logger.debug("Done creating sliver")
return rspec_mod.create_resv_rspec(user, slice)
def post_save(instance, created):
give_permission_to("can_delete_slices", instance, instance.owner, giver=None, can_delegate=False)
def aggregate_crud(request, agg_id=None):
'''
Create/update an OpenFlow Aggregate.
'''
if agg_id != None:
aggregate = get_object_or_404(OpenFlowAggregate, pk=agg_id)
client = aggregate.client
else:
aggregate = None
client = None
if request.method == "GET":
agg_form = OpenFlowAggregateForm(instance=aggregate)
client_form = PasswordXMLRPCServerProxyForm(instance=client)
elif request.method == "POST":
logger.debug("aggregate_crud got post")
agg_form = OpenFlowAggregateForm(data=request.POST, instance=aggregate)
client_form = PasswordXMLRPCServerProxyForm(data=request.POST,
instance=client)
logger.debug("Validating")
if client_form.is_valid() and agg_form.is_valid():
logger.debug("Forms are valid")
logger.debug("Got logo %s" % request.POST.get("logo", ""))
# Save the client first
client = client_form.save()
# Then save the aggregate and add the client
aggregate = agg_form.save(commit=False)
aggregate.client = client
aggregate.save()
agg_form.save_m2m()
try:
info = aggregate.client.proxy.get_am_info()
aggregate.vlan_auto_assignment = info["vlan_auto_assignment"]
aggregate.flowspace_auto_approval = info[
"flowspace_auto_approval"]
except:
# logger.debug("Aggregate %s: could not check automatic resource assignment" % str(aggregate.name))
pass
try:
err = ' '
aggregate.client.proxy.checkFlowVisor()
aggregate.setup_new_aggregate(request.build_absolute_uri("/"))
except Exception as e:
err = str(e)
if err is not ' ':
#transaction.rollback()
if "check_fv_set" in err:
msg_type = DatedMessage.TYPE_WARNING
if agg_id:
flowvisor_msg = "Topology could not be updated because could not connect to FlowVisor."
else:
flowvisor_msg = "New Aggregate set, but there is no FlowVisor connected to it."
else:
flowvisor_msg = err
msg_type = DatedMessage.TYPE_ERROR
DatedMessage.objects.post_message_to_user(
flowvisor_msg,
user=request.user,
msg_type=msg_type,
)
return HttpResponseRedirect("/")
aggregate.save()
give_permission_to("can_use_aggregate",
aggregate,
request.user,
can_delegate=True)
give_permission_to("can_edit_aggregate",
aggregate,
request.user,
can_delegate=True)
DatedMessage.objects.post_message_to_user(
"Successfully created/updated aggregate %s. %s" %
(aggregate.name, err),
user=request.user,
msg_type=DatedMessage.TYPE_SUCCESS,
)
return HttpResponseRedirect(
reverse("openflow_aggregate_add_links", args=[aggregate.id]))
logger.debug("Validation failed")
else:
return HttpResponseNotAllowed("GET", "POST")
available = aggregate.check_status() if agg_id else False
return simple.direct_to_template(
request,
template="openflow_aggregate_crud.html",
extra_context={
"agg_form":
agg_form,
"client_form":
client_form,
"create":
not agg_id,
"aggregate":
aggregate,
"available":
available,
"breadcrumbs": (
('Home', reverse("home")),
("%s OpenFlow Aggregate" % ("Update" if agg_id else "Add"),
request.path),
)
},
)
def setUp(self):
"""
Update settings, create DummyOMs and test models and login.
"""
# add the test application
self.settings_manager.set(
OPENFLOW_OTHER_RESOURCES=(
("expedient.clearinghouse.resources", "Resource"),
),
DEBUG_PROPAGATE_EXCEPTIONS=True,
)
self.su = User.objects.create_superuser(
"superuser", "*****@*****.**", "password")
self.test_user_password = "******"
self.test_user = User.objects.create_user(
"test_user", "*****@*****.**", self.test_user_password)
give_permission_to("can_add_aggregate", Aggregate, self.test_user)
give_permission_to("can_create_project", Project, self.test_user)
for i in range(NUM_DUMMY_OMS):
om = DummyOM.objects.create()
om.populate_links(NUM_SWITCHES_PER_AGG,
NUM_LINKS_PER_AGG/2)
username = "******" % i
password = "******"
u = User.objects.create_user(username, "*****@*****.**", password)
# Add the aggregate to the CH
url = SCHEME + "://%s/dummyom/%s/xmlrpc/" % (HOST, om.id)
proxy = PasswordXMLRPCServerProxy.objects.create(
username=username, password=password,
url=url, verify_certs=False,
)
# test availability
if not proxy.is_available():
raise Exception("Problem: Proxy not available")
proxy.delete()
# create user cert/keys
self.user_urn = get_user_urn(self.test_user.username)
self.user_cert, self.user_key = create_x509_cert(self.user_urn)
# get slice creds
self.slice_cred = geni_clearinghouse.CreateSlice(
self.user_cert.save_to_string())
self.slice_gid = credential.Credential(
string=self.slice_cred).get_gid_object()
# xmlrpc client
self.rpc = xmlrpclib.ServerProxy(
"http://testserver" + reverse("openflow_gapi"),
transport=TestClientTransport(
defaults={
"REMOTE_USER": self.user_cert.save_to_string(),
"SSL_CLIENT_CERT": self.user_cert.save_to_string(),
},
),
)
def aggregate_crud(request, agg_id=None):
'''
Create/update an Virtualization Aggregate.
'''
if agg_id != None:
aggregate = get_object_or_404(VtPlugin, pk=agg_id)
client = aggregate.client
else:
aggregate = None
client = None
if request.method == "GET":
agg_form = VTAggregateForm(instance=aggregate)
client_form = xmlrpcServerProxyForm(instance=client)
elif request.method == "POST":
agg_form = VTAggregateForm(data=request.POST, instance=aggregate)
client_form = xmlrpcServerProxyForm(data=request.POST, instance=client)
if client_form.is_valid() and agg_form.is_valid():
client = client_form.save(commit=False)
s = xmlrpclib.Server('https://' + client.username + ':' +
client.password + '@' + client.url[8:])
try:
s.ping('ping')
except:
DatedMessage.objects.post_message_to_user(
'Could not connect to server: username, password or url are not correct',
user=request.user,
msg_type=DatedMessage.TYPE_ERROR,
)
return HttpResponseRedirect(request.path)
client = client_form.save()
aggregate = agg_form.save(commit=False)
aggregate.client = client
aggregate.save()
agg_form.save_m2m()
aggregate.save()
give_permission_to("can_use_aggregate",
aggregate,
request.user,
can_delegate=True)
give_permission_to("can_edit_aggregate",
aggregate,
request.user,
can_delegate=True)
DatedMessage.objects.post_message_to_user(
"Successfully created/updated aggregate %s" % aggregate.name,
user=request.user,
msg_type=DatedMessage.TYPE_SUCCESS,
)
return HttpResponseRedirect("/")
else:
return HttpResponseNotAllowed("GET", "POST")
available = aggregate.check_status() if agg_id else False
return simple.direct_to_template(
request,
template="openflow/plugin/aggregate_crud.html",
extra_context={
"agg_form":
agg_form,
"client_form":
client_form,
"create":
not agg_id,
"aggregate":
aggregate,
#"available": available,
"breadcrumbs": (
('Home', reverse("home")),
("%s Virtualization Aggregate" %
("Update" if agg_id else "Add"), request.path),
)
},
)
def setUp(self):
"""
Update settings, create DummyOMs and test models and login.
"""
# add the test application
self.settings_manager.set(
OPENFLOW_OTHER_RESOURCES=(("expedient.clearinghouse.resources",
"Resource"), ),
DEBUG_PROPAGATE_EXCEPTIONS=True,
)
self.su = User.objects.create_superuser("superuser", "*****@*****.**",
"password")
self.test_user_password = "******"
self.test_user = User.objects.create_user("test_user", "*****@*****.**",
self.test_user_password)
give_permission_to("can_add_aggregate", Aggregate, self.test_user)
give_permission_to("can_create_project", Project, self.test_user)
for i in range(NUM_DUMMY_OMS):
om = DummyOM.objects.create()
om.populate_links(NUM_SWITCHES_PER_AGG, NUM_LINKS_PER_AGG / 2)
username = "******" % i
password = "******"
u = User.objects.create_user(username, "*****@*****.**", password)
# Add the aggregate to the CH
url = SCHEME + "://%s/dummyom/%s/xmlrpc/" % (HOST, om.id)
proxy = PasswordXMLRPCServerProxy.objects.create(
username=username,
password=password,
url=url,
verify_certs=False,
)
# test availability
if not proxy.is_available():
raise Exception("Problem: Proxy not available")
proxy.delete()
# create user cert/keys
self.user_urn = get_user_urn(self.test_user.username)
self.user_cert, self.user_key = create_x509_cert(self.user_urn)
# get slice creds
self.slice_cred = clearinghouse.CreateSlice(
self.user_cert.save_to_string())
self.slice_gid = credential.Credential(
string=self.slice_cred).get_gid_object()
# xmlrpc client
self.rpc = xmlrpclib.ServerProxy(
"http://testserver" + reverse("openflow_gapi"),
transport=TestClientTransport(defaults={
"REMOTE_USER":
self.user_cert.save_to_string(),
"SSL_CLIENT_CERT":
self.user_cert.save_to_string(),
}, ),
)
