def add_user_permission_group(self,
permission_group,
user_object,
vm_object=None,
ignore_duplicate=False):
"""Add a user to a permissions group on a VM object."""
assert permission_group in PERMISSION_GROUPS.keys()
assert isinstance(
self._convert_remote_object(user_object),
self._get_registered_object('user_factory').USER_CLASS)
assert isinstance(
self._convert_remote_object(vm_object),
self._get_registered_object(
'virtual_machine_factory').VIRTUAL_MACHINE_CLASS)
ArgumentValidator.validate_boolean(ignore_duplicate)
# Check if user running script is able to add users to permission group
if not (self.is_superuser() or (vm_object and self.assert_permission(
PERMISSIONS.MANAGE_VM_USERS, vm_object)
and permission_group == 'user')):
raise InsufficientPermissionsException(
'VM owners cannot add manager other owners')
user_object = self._convert_remote_object(user_object)
vm_object = self._convert_remote_object(
vm_object) if vm_object is not None else None
username = user_object.get_username()
# Check if user is already in the group
if (vm_object):
config_object = vm_object.get_config_object()
else:
config_object = MCVirtConfig()
if (username not in self.get_users_in_permission_group(
permission_group, vm_object)):
# Add user to permission configuration for VM
def add_user_to_config(config):
config['permissions'][permission_group].append(username)
config_object.update_config(
add_user_to_config, 'Added user \'%s\' to group \'%s\'' %
(username, permission_group))
# @TODO FIX ME
if self._is_cluster_master:
cluster_object = self._get_registered_object('cluster')
vm_name = vm_object.get_name() if vm_object else None
cluster_object.run_remote_command(
'auth-add_user_permission_group', {
'permission_group': permission_group,
'username': username,
'vm_name': vm_name
})
elif not ignore_duplicate:
raise DuplicatePermissionException(
'User \'%s\' already in group \'%s\'' %
(username, permission_group))
def set_shared(self, shared):
"""Set the shared status of the storage backend"""
# Check permissions
self._get_registered_object('auth').assert_permission(PERMISSIONS.MANAGE_STORAGE_BACKEND)
ArgumentValidator.validate_boolean(shared)
# Check if there's no change to configuration
if self.shared == shared:
raise NoConfigurationChangeError('Storage backend is already set to %s' % str(shared))
if self.shared and self.in_use():
raise CannotUnshareInUseStorageBackendError(
'Storage backend is in use, so cannot unshare')
def update_shared_config(config):
"""Set sared parameter to new value"""
config['shared'] = shared
self.update_config(update_shared_config, 'Update shared status to %s' % shared)
if self._is_cluster_master:
def update_shared_remote_nodes(connection):
"""Update shared status of remote nodes"""
remote_storage_backend = self.get_remote_object(node_object=connection)
remote_storage_backend.set_shared(shared)
self._get_registered_object('cluster').run_remote_command(
update_shared_remote_nodes)
def add_user(self, user, virtual_machine=None, ignore_duplicate=False):
"""Add uesr to group"""
assert isinstance(self._convert_remote_object(user),
self._get_registered_object('user_factory').USER_CLASS)
if virtual_machine:
assert isinstance(self._convert_remote_object(virtual_machine),
self._get_registered_object(
'virtual_machine_factory').VIRTUAL_MACHINE_CLASS)
ArgumentValidator.validate_boolean(ignore_duplicate)
if virtual_machine is not None:
virtual_machine = self._convert_remote_object(virtual_machine)
# Check if user running script is able to add users to permission group
self._get_registered_object('auth').assert_permission(PERMISSIONS.MANAGE_GROUP_MEMBERS,
vm_object=virtual_machine)
# Convert remote objects
user = self._convert_remote_object(user)
# Ensure that the user is not already in the group
if (user in self.get_users(virtual_machine=virtual_machine) and
not ignore_duplicate):
raise DuplicatePermissionException('User %s already in group %s' %
(user.get_username(), self.name))
cluster = self._get_registered_object('cluster')
if virtual_machine:
# Convert remote objects
self.add_user_to_vm_config(
user, virtual_machine,
nodes=cluster.get_nodes(include_local=True))
else:
self.add_user_to_config(user, nodes=cluster.get_nodes(include_local=True))
def get_logs(self, start_log=None, back=0, newer=False):
"""Return a dict containing log information"""
if start_log is not None:
ArgumentValidator.validate_integer(start_log)
ArgumentValidator.validate_integer(back)
ArgumentValidator.validate_boolean(newer)
if start_log is None:
start_log = len(Logger.LOGS) - 1
if start_log < 0:
start_log = 0
if start_log > (len(Logger.LOGS) - 1):
start_log = len(Logger.LOGS) - 1
if back:
start = 0 if (start_log - back) < 0 else (len(Logger.LOGS) - back)
finish = start_log + 1
elif newer:
start = start_log + 1
# Length would provide an indicy out of the range,
# since len(['a']) = 1, but ['a'][1] == error
# However, this is made up for the fact that range(0, 2) = [0, 1]
finish = len(Logger.LOGS)
else:
# Start at the current log, to return it
# Finish at current log + 1 as range(1, 2) = [1]
start = start_log
finish = start_log + 1
return_logs = {}
for itx in range(start, finish):
if itx < 0:
continue
if len(Logger.LOGS) < itx:
break
log = Logger.LOGS[itx]
return_logs[itx] = {
'start_date':
str(log.start_time),
'status':
log.status['status'],
'status_name':
log.status['name'],
'user':
log.user,
'method':
log.method_name,
'object_name':
log.object_name,
'object_type':
log.object_type,
'description':
'%s %s %s' % (log.method_name.capitalize(), log.object_name,
log.object_type),
'exception_message':
log.exception_message
}
return return_logs
def get_logs(self, start_log=None, back=0, newer=False):
"""Return a dict containing log information"""
if start_log is not None:
ArgumentValidator.validate_integer(start_log)
ArgumentValidator.validate_integer(back)
ArgumentValidator.validate_boolean(newer)
if start_log is None:
start_log = len(Logger.LOGS) - 1
if start_log < 0:
start_log = 0
if start_log > (len(Logger.LOGS) - 1):
start_log = len(Logger.LOGS) - 1
if back:
start = 0 if (start_log - back) < 0 else (len(Logger.LOGS) - back)
finish = start_log + 1
elif newer:
start = start_log + 1
# Length would provide an indicy out of the range,
# since len(['a']) = 1, but ['a'][1] == error
# However, this is made up for the fact that range(0, 2) = [0, 1]
finish = len(Logger.LOGS)
else:
# Start at the current log, to return it
# Finish at current log + 1 as range(1, 2) = [1]
start = start_log
finish = start_log + 1
return_logs = {}
for itx in range(start, finish):
if itx < 0:
continue
if len(Logger.LOGS) < itx:
break
log = Logger.LOGS[itx]
return_logs[itx] = {
'start_date': str(log.start_time),
'status': log.status['status'],
'status_name': log.status['name'],
'user': log.user,
'method': log.method_name,
'object_name': log.object_name,
'object_type': log.object_type,
'description': '%s %s %s' % (log.method_name.capitalize(),
log.object_name,
log.object_type),
'exception_message': log.exception_message
}
return return_logs
def add_user_permission_group(self, permission_group, user_object,
vm_object=None, ignore_duplicate=False):
"""Add a user to a permissions group on a VM object."""
assert permission_group in PERMISSION_GROUPS.keys()
assert isinstance(self._convert_remote_object(user_object),
self._get_registered_object('user_factory').USER_CLASS)
assert isinstance(self._convert_remote_object(vm_object),
self._get_registered_object(
'virtual_machine_factory').VIRTUAL_MACHINE_CLASS)
ArgumentValidator.validate_boolean(ignore_duplicate)
# Check if user running script is able to add users to permission group
if not (self.is_superuser() or
(vm_object and self.assert_permission(PERMISSIONS.MANAGE_VM_USERS,
vm_object) and
permission_group == 'user')):
raise InsufficientPermissionsException('VM owners cannot add manager other owners')
user_object = self._convert_remote_object(user_object)
vm_object = self._convert_remote_object(vm_object) if vm_object is not None else None
username = user_object.get_username()
# Check if user is already in the group
if (vm_object):
config_object = vm_object.get_config_object()
else:
config_object = MCVirtConfig()
if (username not in self.get_users_in_permission_group(permission_group, vm_object)):
# Add user to permission configuration for VM
def add_user_to_config(config):
config['permissions'][permission_group].append(username)
config_object.update_config(add_user_to_config, 'Added user \'%s\' to group \'%s\'' %
(username, permission_group))
# @TODO FIX ME
if self._is_cluster_master:
cluster_object = self._get_registered_object('cluster')
vm_name = vm_object.get_name() if vm_object else None
cluster_object.run_remote_command('auth-add_user_permission_group',
{'permission_group': permission_group,
'username': username,
'vm_name': vm_name})
elif not ignore_duplicate:
raise DuplicatePermissionException(
'User \'%s\' already in group \'%s\'' % (username, permission_group)
)
def add_superuser(self, user_object, ignore_duplicate=False):
"""Add a new superuser."""
assert isinstance(
self._convert_remote_object(user_object),
self._get_registered_object('user_factory').USER_CLASS)
ArgumentValidator.validate_boolean(ignore_duplicate)
# Ensure the user is a superuser
if not self.is_superuser():
raise InsufficientPermissionsException(
'User must be a superuser to manage superusers')
user_object = self._convert_remote_object(user_object)
username = user_object.get_username()
mcvirt_config = MCVirtConfig()
# Ensure user is not already a superuser
if username not in self.get_superusers():
def update_config(config):
config['superusers'].append(username)
mcvirt_config.update_config(update_config,
'Added superuser \'%s\'' % username)
elif not ignore_duplicate:
raise DuplicatePermissionException(
'User \'%s\' is already a superuser' % username)
if self._is_cluster_master:
def remote_command(connection):
remote_user_factory = connection.get_connection('user_factory')
remote_user = remote_user_factory.get_user_by_username(
user_object.get_username())
remote_auth = connection.get_connection('auth')
remote_auth.add_superuser(remote_user,
ignore_duplicate=ignore_duplicate)
cluster = self._get_registered_object('cluster')
cluster.run_remote_command(remote_command)
def add_superuser(self, user_object, ignore_duplicate=False):
"""Add a new superuser."""
assert isinstance(self._convert_remote_object(user_object),
self._get_registered_object('user_factory').USER_CLASS)
ArgumentValidator.validate_boolean(ignore_duplicate)
# Ensure the user is a superuser
if not self.is_superuser():
raise InsufficientPermissionsException(
'User must be a superuser to manage superusers'
)
user_object = self._convert_remote_object(user_object)
username = user_object.get_username()
mcvirt_config = MCVirtConfig()
# Ensure user is not already a superuser
if username not in self.get_superusers():
def update_config(config):
config['superusers'].append(username)
mcvirt_config.update_config(update_config, 'Added superuser \'%s\'' % username)
elif not ignore_duplicate:
raise DuplicatePermissionException(
'User \'%s\' is already a superuser' % username
)
if self._is_cluster_master:
def remote_command(connection):
remote_user_factory = connection.get_connection('user_factory')
remote_user = remote_user_factory.get_user_by_username(user_object.get_username())
remote_auth = connection.get_connection('auth')
remote_auth.add_superuser(remote_user, ignore_duplicate=ignore_duplicate)
cluster = self._get_registered_object('cluster')
cluster.run_remote_command(remote_command)