def _get_tenant_volume_usages(request, usages, disabled_quotas, tenant_id): if 'volumes' not in disabled_quotas: try: if tenant_id: opts = {'all_tenants': 1, 'project_id': tenant_id} #volumes = cinder.volume_list(request, opts) #snapshots = cinder.volume_snapshot_list(request, opts) if is_m1_user_admin(request): volumes = get_volume_list(request, opts) snapshots = get_volume_snapshot_list(request, opts) else: volumes = cinder.volume_list(request, opts) snapshots = cinder.volume_snapshot_list(request, opts) else: #volumes = cinder.volume_list(request) #snapshots = cinder.volume_snapshot_list(request) if is_m1_user_admin(request): volumes = get_volume_list(request) snapshots = get_volume_snapshot_list(request) else: volumes = cinder.volume_list(request) snapshots = cinder.volume_snapshot_list(request) usages.tally('gigabytes', sum([int(v.size) for v in volumes])) usages.tally('volumes', len(volumes)) usages.tally('snapshots', len(snapshots)) except cinder.ClientException: msg = _("Unable to retrieve volume limit information.") exceptions.handle(request, msg)
def _get_quota_data(request, method_name, disabled_quotas=None, tenant_id=None): quotasets = [] if not tenant_id: tenant_id = request.user.tenant_id #quotasets.append(getattr(nova, method_name)(request, tenant_id)) if is_m1_user_admin(request): quotasets.append(tenant_quota_get_nova(request, tenant_id)) else: quotasets.append(getattr(nova, method_name)(request, tenant_id)) qs = base.QuotaSet() if disabled_quotas is None: disabled_quotas = get_disabled_quotas(request) if 'volumes' not in disabled_quotas: try: #quotasets.append(getattr(cinder, method_name)(request, tenant_id)) if is_m1_user_admin(request): quotasets.append(tenant_quota_get_cinder(request, tenant_id)) else: quotasets.append( getattr(cinder, method_name)(request, tenant_id)) except cinder.ClientException: disabled_quotas.extend(CINDER_QUOTA_FIELDS) msg = _("Unable to retrieve volume limit information.") exceptions.handle(request, msg) for quota in itertools.chain(*quotasets): if quota.name not in disabled_quotas: qs[quota.name] = quota.limit return qs
def _update_project_quota(self, request, data, project_id): # Update the project quota. nova_data = dict([(key, data[key]) for key in quotas.NOVA_QUOTA_FIELDS]) if is_m1_user_admin(self.request): tenant_quota_update_nova(request, project_id, **nova_data) else: nova.tenant_quota_update(request, project_id, **nova_data) if base.is_service_enabled(request, 'volume'): cinder_data = dict([(key, data[key]) for key in quotas.CINDER_QUOTA_FIELDS]) if is_m1_user_admin(self.request): tenant_quota_update_cinder(request, project_id, **cinder_data) else: cinder.tenant_quota_update(request, project_id, **cinder_data) if api.base.is_service_enabled(request, 'network') and \ api.neutron.is_quotas_extension_supported(request): neutron_data = {} disabled_quotas = quotas.get_disabled_quotas(request) for key in quotas.NEUTRON_QUOTA_FIELDS: if key not in disabled_quotas: neutron_data[key] = data[key] if is_m1_user_admin(self.request): tenant_quota_update_neutron(request, project_id, **neutron_data) else: api.neutron.tenant_quota_update(request, project_id, **neutron_data)
def get_data(self): tenants = [] marker = self.request.GET.get( project_tables.TenantsTable._meta.pagination_param, None) domain_context = self.request.session.get('domain_context', None) self._more = False if policy.check((("identity", "identity:list_projects"), ), self.request): try: if is_m1_user_admin(self.request): tenants, self._more = get_tenants(self.request, domain=domain_context, paginate=True, marker=marker) else: tenants, self._more = api.keystone.tenant_list( self.request, domain=domain_context, paginate=True, marker=marker) except Exception: exceptions.handle(self.request, _("Unable to retrieve project list.")) elif policy.check((("identity", "identity:list_user_projects"), ), self.request): try: if is_m1_user_admin(self.request): tenants, self._more = get_tenants( self.request, user=self.request.user.id, paginate=True, marker=marker, admin=False) else: tenants, self._more = api.keystone.tenant_list( self.request, user=self.request.user.id, paginate=True, marker=marker, admin=False) except Exception: exceptions.handle(self.request, _("Unable to retrieve project information.")) else: msg = \ _("Insufficient privilege level to view project information.") messages.info(self.request, msg) return tenants
def get_initial(self): initial = super(UpdateProjectView, self).get_initial() project_id = self.kwargs['tenant_id'] initial['project_id'] = project_id try: # get initial project info if is_m1_user_admin(self.request): project_info = get_project(self.request, project_id) else: project_info = api.keystone.tenant_get(self.request, project_id, admin=True) for field in PROJECT_INFO_FIELDS: initial[field] = getattr(project_info, field, None) # Retrieve the domain name where the project belong if keystone.VERSIONS.active >= 3: try: if is_m1_user_admin(self.request): domain = get_domain(self.request, initial["domain_id"]) else: domain = api.keystone.domain_get( self.request, initial["domain_id"]) initial["domain_name"] = domain.name except Exception: exceptions.handle(self.request, _('Unable to retrieve project domain.'), redirect=reverse(INDEX_URL)) # get initial project quota quota_data = quotas.get_tenant_quota_data(self.request, tenant_id=project_id) if api.base.is_service_enabled(self.request, 'network') and \ api.neutron.is_quotas_extension_supported(self.request): if is_m1_user_admin(self.request): quota_data += get_tenant_quota_neutron( self.request, tenant_id=project_id) else: quota_data += api.neutron.tenant_quota_get( self.request, tenant_id=project_id) for field in quotas.QUOTA_FIELDS: initial[field] = quota_data.get(field).limit except Exception: exceptions.handle(self.request, _('Unable to retrieve project details.'), redirect=reverse(INDEX_URL)) return initial
def update_cell(self, request, datum, project_id, cell_name, new_cell_value): # inline update project info try: project_obj = datum # updating changed value by new value setattr(project_obj, cell_name, new_cell_value) if is_m1_user_admin(request): update_tenant(request, project_id, name=project_obj.name, description=project_obj.description, enabled=project_obj.enabled) else: api.keystone.tenant_update(request, project_id, name=project_obj.name, description=project_obj.description, enabled=project_obj.enabled) except Conflict: # Returning a nice error message about name conflict. The message # from exception is not that clear for the users. message = _("This name is already taken.") raise ValidationError(message) except Exception: exceptions.handle(request, ignore=True) return False return True
def _add_roles_to_users(self, request, data, project_id, user_id, role_ids, available_roles): member_step = self.get_step(PROJECT_USER_MEMBER_SLUG) current_role_ids = list(role_ids) for role in available_roles: field_name = member_step.get_member_field_name(role.id) # Check if the user is in the list of users with this role. if user_id in data[field_name]: # Add it if necessary if role.id not in current_role_ids: # user role has changed if is_m1_user_admin(request): add_user_role_to_tenant(request, project=project_id, user=user_id, role=role.id) else: api.keystone.add_tenant_user_role(request, project=project_id, user=user_id, role=role.id) else: # User role is unchanged, so remove it from the # remaining roles list to avoid removing it later. index = current_role_ids.index(role.id) current_role_ids.pop(index) return current_role_ids
def _update_project(self, request, data): # update project info try: project_id = data['project_id'] if is_m1_user_admin(request): return update_tenant(request, project_id, name=data['name'], description=data['description'], enabled=data['enabled']) else: return api.keystone.tenant_update( request, project_id, name=data['name'], description=data['description'], enabled=data['enabled']) except exceptions.Conflict: msg = _('Project name "%s" is already used.') % data['name'] self.failure_message = msg return except Exception: exceptions.handle(request, ignore=True) return
def _create_project(self, request, data): # create the project domain_id = data['domain_id'] try: desc = data['description'] if is_m1_user_admin(request): self.object = create_tenant(request, name=data['name'], description=desc, enabled=data['enabled'], domain=domain_id) else: self.object = api.keystone.tenant_create( request, name=data['name'], description=desc, enabled=data['enabled'], domain=domain_id) return self.object except exceptions.Conflict: msg = _('Project name "%s" is already used.') % data['name'] self.failure_message = msg return except Exception: exceptions.handle(request, ignore=True) return
def _update_project_members(self, request, data, project_id): # update project members users_to_add = 0 try: if is_m1_user_admin(request): available_roles = list_roles(request) else: available_roles = api.keystone.role_list(request) member_step = self.get_step(PROJECT_USER_MEMBER_SLUG) # count how many users are to be added for role in available_roles: field_name = member_step.get_member_field_name(role.id) role_list = data[field_name] users_to_add += len(role_list) # add new users to project for role in available_roles: field_name = member_step.get_member_field_name(role.id) role_list = data[field_name] users_added = 0 for user in role_list: if is_m1_user_admin(request): add_user_role_to_tenant(request, project=project_id, user=user, role=role.id) else: api.keystone.add_tenant_user_role(request, project=project_id, user=user, role=role.id) users_added += 1 users_to_add -= users_added except Exception: if PROJECT_GROUP_ENABLED: group_msg = _(", add project groups") else: group_msg = "" exceptions.handle( request, _('Failed to add %(users_to_add)s project ' 'members%(group_msg)s and set project quotas.') % { 'users_to_add': users_to_add, 'group_msg': group_msg })
def get_data(self, request, project_id): if is_m1_user_admin(request): project_info = get_project(request, project_id) else: project_info = api.keystone.tenant_get(request, project_id, admin=True) return project_info
def _get_tenant_network_usages(request, usages, disabled_quotas, tenant_id): floating_ips = [] try: if network.floating_ip_supported(request): floating_ips = network.tenant_floating_ip_list(request) except Exception: pass usages.tally('floating_ips', len(floating_ips)) if 'security_group' not in disabled_quotas: security_groups = [] security_groups = network.security_group_list(request) usages.tally('security_groups', len(security_groups)) if 'network' not in disabled_quotas: networks = [] #networks = neutron.network_list(request, shared=False) if is_m1_user_admin(request): networks = network_list_neutron(request, shared=False) else: networks = neutron.network_list(request, shared=False) if tenant_id: networks = filter(lambda net: net.tenant_id == tenant_id, networks) usages.tally('networks', len(networks)) if 'subnet' not in disabled_quotas: subnets = [] #subnets = neutron.subnet_list(request) if is_m1_user_admin(request): subnets = subnet_list_neutron(request) else: subnets = neutron.subnet_list(request) usages.tally('subnets', len(subnets)) if 'router' not in disabled_quotas: routers = [] #routers = neutron.router_list(request) if is_m1_user_admin(request): routers = router_list_neutron(request) else: routers = neutron.router_list(request) if tenant_id: routers = filter(lambda rou: rou.tenant_id == tenant_id, routers) usages.tally('routers', len(routers))
def get_data(self): try: project_id = self.kwargs['project_id'] if is_m1_user_admin(self.request): project = get_project(self.request, project_id) else: project = api.keystone.tenant_get(self.request, project_id) except Exception: exceptions.handle(self.request, _('Unable to retrieve project details.'), redirect=reverse(INDEX_URL)) return project
def tenant_limit_usages(request): # TODO(licostan): This method shall be removed from Quota module. # ProjectUsage/BaseUsage maybe used instead on volume/image dashboards. limits = {} try: #limits.update(nova.tenant_absolute_limits(request)) if is_m1_user_admin(request): limits.update(tenant_absolute_limits_nova(request)) else: limits.update(nova.tenant_absolute_limits(request)) except Exception: msg = _("Unable to retrieve compute limit information.") exceptions.handle(request, msg) if base.is_service_enabled(request, 'volume'): try: #limits.update(cinder.tenant_absolute_limits(request)) #volumes = cinder.volume_list(request) #snapshots = cinder.volume_snapshot_list(request) if is_m1_user_admin(request): limits.update(tenant_absolute_limits_cinder(request)) volumes = get_volume_list(request) snapshots = get_volume_snapshot_list(request) else: limits.update(cinder.tenant_absolute_limits(request)) volumes = cinder.volume_list(request) snapshots = cinder.volume_snapshot_list(request) # gigabytesUsed should be a total of volumes and snapshots vol_size = sum([getattr(volume, 'size', 0) for volume in volumes]) snap_size = sum([getattr(snap, 'size', 0) for snap in snapshots]) limits['gigabytesUsed'] = vol_size + snap_size limits['volumesUsed'] = len(volumes) limits['snapshotsUsed'] = len(snapshots) except cinder.ClientException: msg = _("Unable to retrieve volume limit information.") exceptions.handle(request, msg) return limits
def _remove_roles_from_user(self, request, project_id, user_id, current_role_ids): for id_to_delete in current_role_ids: if is_m1_user_admin(request): remove_user_role_frm_tenant(request, project=project_id, user=user_id, role=id_to_delete) else: api.keystone.remove_tenant_user_role(request, project=project_id, user=user_id, role=id_to_delete)
def get_object(self): tenant_id = self.kwargs['tenant_id'] try: if is_m1_user_admin(self.request): return get_project(self.request, tenant_id) else: return api.keystone.tenant_get(self.request, tenant_id, admin=True) except Exception: exceptions.handle(self.request, _('Unable to retrieve project information.'), redirect=reverse(INDEX_URL))
def _update_project_groups(self, request, data, project_id): # update project groups groups_to_add = 0 try: if is_m1_user_admin(request): available_roles = list_roles(request) else: available_roles = api.keystone.role_list(request) member_step = self.get_step(PROJECT_GROUP_MEMBER_SLUG) # count how many groups are to be added for role in available_roles: field_name = member_step.get_member_field_name(role.id) role_list = data[field_name] groups_to_add += len(role_list) # add new groups to project for role in available_roles: field_name = member_step.get_member_field_name(role.id) role_list = data[field_name] groups_added = 0 for group in role_list: if is_m1_user_admin(request): add_gp_role(request, role=role.id, group=group, project=project_id) else: api.keystone.add_group_role(request, role=role.id, group=group, project=project_id) groups_added += 1 groups_to_add -= groups_added except Exception: exceptions.handle( request, _('Failed to add %s project groups ' 'and update project quotas.') % groups_to_add)
def contribute(self, data, context): if data: try: if is_m1_user_admin(self.workflow.request): roles = list_roles(self.workflow.request) else: roles = api.keystone.role_list(self.workflow.request) except Exception: exceptions.handle(self.workflow.request, _('Unable to retrieve role list.')) post = self.workflow.request.POST for role in roles: field = self.get_member_field_name(role.id) context[field] = post.getlist(field) return context
def get_initial(self): initial = super(CreateProjectView, self).get_initial() # Set the domain of the project domain = api.keystone.get_default_domain(self.request) initial["domain_id"] = domain.id initial["domain_name"] = domain.name # get initial quota defaults try: quota_defaults = quotas.get_default_quota_data(self.request) try: if api.base.is_service_enabled(self.request, 'network') and \ api.neutron.is_quotas_extension_supported( self.request): # TODO(jpichon): There is no API to access the Neutron # default quotas (LP#1204956). For now, use the values # from the current project. project_id = self.request.user.project_id if is_m1_user_admin(self.request): quota_defaults += get_tenant_quota_neutron( self.request, tenant_id=project_id) else: quota_defaults += api.neutron.tenant_quota_get( self.request, tenant_id=project_id) except Exception: error_msg = _('Unable to retrieve default Neutron quota ' 'values.') self.add_error_to_step(error_msg, 'create_quotas') for field in quotas.QUOTA_FIELDS: initial[field] = quota_defaults.get(field).limit except Exception: error_msg = _('Unable to retrieve default quota values.') self.add_error_to_step(error_msg, 'create_quotas') return initial
def __init__(self, request, *args, **kwargs): super(UpdateProjectGroupsAction, self).__init__(request, *args, **kwargs) err_msg = _('Unable to retrieve group list. Please try again later.') # Use the domain_id from the project domain_id = self.initial.get("domain_id", None) project_id = '' if 'project_id' in self.initial: project_id = self.initial['project_id'] # Get the default role try: if is_m1_user_admin(request): default_role = gt_default_role(self.request) else: default_role = api.keystone.get_default_role(self.request) # Default role is necessary to add members to a project if default_role is None: default = getattr(settings, "OPENSTACK_KEYSTONE_DEFAULT_ROLE", None) msg = (_('Could not find default role "%s" in Keystone') % default) raise exceptions.NotFound(msg) except Exception: exceptions.handle(self.request, err_msg, redirect=reverse(INDEX_URL)) default_role_name = self.get_default_role_field_name() self.fields[default_role_name] = forms.CharField(required=False) self.fields[default_role_name].initial = default_role.id # Get list of available groups all_groups = [] try: if is_m1_user_admin(request): all_groups = list_groups(request, domain=domain_id) else: all_groups = api.keystone.group_list(request, domain=domain_id) except Exception: exceptions.handle(request, err_msg) groups_list = [(group.id, group.name) for group in all_groups] # Get list of roles role_list = [] try: if is_m1_user_admin(request): role_list = list_roles(request) else: role_list = api.keystone.role_list(request) except Exception: exceptions.handle(request, err_msg, redirect=reverse(INDEX_URL)) for role in role_list: field_name = self.get_member_field_name(role.id) label = role.name self.fields[field_name] = forms.MultipleChoiceField(required=False, label=label) self.fields[field_name].choices = groups_list self.fields[field_name].initial = [] # Figure out groups & roles if project_id: try: if is_m1_user_admin(request): groups_roles = gt_pjct_groups_roles(request, project_id) else: groups_roles = api.keystone.get_project_groups_roles( request, project_id) except Exception: exceptions.handle(request, err_msg, redirect=reverse(INDEX_URL)) for group_id in groups_roles: roles_ids = groups_roles[group_id] for role_id in roles_ids: field_name = self.get_member_field_name(role_id) self.fields[field_name].initial.append(group_id)
def get_tenant_quota_data(request, disabled_quotas=None, tenant_id=None): qs = _get_quota_data(request, "tenant_quota_get", disabled_quotas=disabled_quotas, tenant_id=tenant_id) # TODO(jpichon): There is no API to get the default system quotas # in Neutron (cf. LP#1204956), so for now handle tenant quotas here. # This should be handled in _get_quota_data() eventually. if not disabled_quotas: return qs # Check if neutron is enabled by looking for network and router if 'network' and 'router' not in disabled_quotas: tenant_id = tenant_id or request.user.tenant_id #neutron_quotas = neutron.tenant_quota_get(request, tenant_id) if is_m1_user_admin(request): neutron_quotas = get_tenant_quota_neutron(request, tenant_id) else: neutron_quotas = neutron.tenant_quota_get(request, tenant_id) if 'floating_ips' in disabled_quotas: # Neutron with quota extension disabled if 'floatingip' in disabled_quotas: qs.add(base.QuotaSet({'floating_ips': -1})) # Neutron with quota extension enabled else: # Rename floatingip to floating_ips since that's how it's # expected in some places (e.g. Security & Access' Floating IPs) fips_quota = neutron_quotas.get('floatingip').limit qs.add(base.QuotaSet({'floating_ips': fips_quota})) if 'security_groups' in disabled_quotas: if 'security_group' in disabled_quotas: qs.add(base.QuotaSet({'security_groups': -1})) # Neutron with quota extension enabled else: # Rename security_group to security_groups since that's how it's # expected in some places (e.g. Security & Access' Security Groups) sec_quota = neutron_quotas.get('security_group').limit qs.add(base.QuotaSet({'security_groups': sec_quota})) if 'network' in disabled_quotas: for item in qs.items: if item.name == 'networks': qs.items.remove(item) break else: net_quota = neutron_quotas.get('network').limit qs.add(base.QuotaSet({'networks': net_quota})) if 'subnet' in disabled_quotas: for item in qs.items: if item.name == 'subnets': qs.items.remove(item) break else: net_quota = neutron_quotas.get('subnet').limit qs.add(base.QuotaSet({'subnets': net_quota})) if 'router' in disabled_quotas: for item in qs.items: if item.name == 'routers': qs.items.remove(item) break else: router_quota = neutron_quotas.get('router').limit qs.add(base.QuotaSet({'routers': router_quota})) return qs
def delete(self, request, obj_id): if is_m1_user_admin(request): delete_tenant(request, obj_id) else: api.keystone.tenant_delete(request, obj_id)
def _update_project_groups(self, request, data, project_id, domain_id): # update project groups groups_to_modify = 0 member_step = self.get_step(PROJECT_GROUP_MEMBER_SLUG) try: available_roles = self._get_available_roles(request) # Get the groups currently associated with this project so we # can diff against it. if is_m1_user_admin(request): project_groups = list_groups(request, domain=domain_id, project=project_id) else: project_groups = api.keystone.group_list(request, domain=domain_id, project=project_id) groups_to_modify = len(project_groups) for group in project_groups: # Check if there have been any changes in the roles of # Existing project members. if is_m1_user_admin(self.request): current_roles = roles_for_gp(self.request, group=group.id, project=project_id) else: current_roles = api.keystone.roles_for_group( self.request, group=group.id, project=project_id) current_role_ids = [role.id for role in current_roles] for role in available_roles: # Check if the group is in the list of groups with # this role. field_name = member_step.get_member_field_name(role.id) if group.id in data[field_name]: # Add it if necessary if role.id not in current_role_ids: # group role has changed if is_m1_user_admin(request): add_gp_role(request, role=role.id, group=group.id, project=project_id) else: api.keystone.add_group_role(request, role=role.id, group=group.id, project=project_id) else: # Group role is unchanged, so remove it from # the remaining roles list to avoid removing it # later. index = current_role_ids.index(role.id) current_role_ids.pop(index) # Revoke any removed roles. for id_to_delete in current_role_ids: if is_m1_user_admin(request): remove_group_role(request, role=id_to_delete, group=group.id, project=project_id) else: api.keystone.remove_group_role(request, role=id_to_delete, group=group.id, project=project_id) groups_to_modify -= 1 # Grant new roles on the project. for role in available_roles: field_name = member_step.get_member_field_name(role.id) # Count how many groups may be added for error handling. groups_to_modify += len(data[field_name]) for role in available_roles: groups_added = 0 field_name = member_step.get_member_field_name(role.id) for group_id in data[field_name]: if not filter(lambda x: group_id == x.id, project_groups): if is_m1_user_admin(request): add_gp_role(request, role=role.id, group=group_id, project=project_id) else: api.keystone.add_group_role(request, role=role.id, group=group_id, project=project_id) groups_added += 1 groups_to_modify -= groups_added return True except Exception: exceptions.handle( request, _('Failed to modify %s project ' 'members, update project groups ' 'and update project quotas.') % groups_to_modify) return False
def _update_project_members(self, request, data, project_id): # update project members users_to_modify = 0 # Project-user member step member_step = self.get_step(PROJECT_USER_MEMBER_SLUG) try: # Get our role options available_roles = self._get_available_roles(request) # Get the users currently associated with this project so we # can diff against it. if is_m1_user_admin(request): users_roles = gt_pjct_users_roles(request, project=project_id) else: users_roles = api.keystone.get_project_users_roles( request, project=project_id) users_to_modify = len(users_roles) for user_id in users_roles.keys(): # Check if there have been any changes in the roles of # Existing project members. current_role_ids = list(users_roles[user_id]) modified_role_ids = self._add_roles_to_users( request, data, project_id, user_id, current_role_ids, available_roles) # Prevent admins from doing stupid things to themselves. removing_admin = self._is_removing_self_admin_role( request, project_id, user_id, available_roles, modified_role_ids) # Otherwise go through and revoke any removed roles. if not removing_admin: self._remove_roles_from_user(request, project_id, user_id, modified_role_ids) users_to_modify -= 1 # Grant new roles on the project. for role in available_roles: field_name = member_step.get_member_field_name(role.id) # Count how many users may be added for exception handling. users_to_modify += len(data[field_name]) for role in available_roles: users_added = 0 field_name = member_step.get_member_field_name(role.id) for user_id in data[field_name]: if user_id not in users_roles: if is_m1_user_admin(request): add_user_role_to_tenant(request, project=project_id, user=user_id, role=role.id) else: api.keystone.add_tenant_user_role( request, project=project_id, user=user_id, role=role.id) users_added += 1 users_to_modify -= users_added return True except Exception: if PROJECT_GROUP_ENABLED: group_msg = _(", update project groups") else: group_msg = "" exceptions.handle( request, _('Failed to modify %(users_to_modify)s' ' project members%(group_msg)s and ' 'update project quotas.') % { 'users_to_modify': users_to_modify, 'group_msg': group_msg }) return False
def _get_tenant_compute_usages(request, usages, disabled_quotas, tenant_id): if tenant_id: # determine if the user has permission to view across projects # there are cases where an administrator wants to check the quotas # on a project they are not scoped to all_tenants = policy.check((("compute", "compute:get_all_tenants"), ), request) ''' instances, has_more = nova.server_list( request, search_opts={'tenant_id': tenant_id}, all_tenants=all_tenants) ''' if is_m1_user_admin(request): instances, has_more = server_list_nova( request, search_opts={'tenant_id': tenant_id}, all_tenants=all_tenants) else: instances, has_more = nova.server_list( request, search_opts={'tenant_id': tenant_id}, all_tenants=all_tenants) else: #instances, has_more = nova.server_list(request) if is_m1_user_admin(request): instances, has_more = server_list_nova(request) else: instances, has_more = nova.server_list(request) # Fetch deleted flavors if necessary. #flavors = dict([(f.id, f) for f in nova.flavor_list(request)]) if is_m1_user_admin(request): flavors = dict([(f.id, f) for f in flavor_list_nova(request)]) else: flavors = dict([(f.id, f) for f in nova.flavor_list(request)]) missing_flavors = [ instance.flavor['id'] for instance in instances if instance.flavor['id'] not in flavors ] for missing in missing_flavors: if missing not in flavors: try: #flavors[missing] = nova.flavor_get(request, missing) if is_m1_user_admin(request): flavors[missing] = flavor_get_nova(request, missing) else: flavors[missing] = nova.flavor_get(request, missing) except Exception: flavors[missing] = {} exceptions.handle(request, ignore=True) usages.tally('instances', len(instances)) # Sum our usage based on the flavors of the instances. for flavor in [flavors[instance.flavor['id']] for instance in instances]: usages.tally('cores', getattr(flavor, 'vcpus', None)) usages.tally('ram', getattr(flavor, 'ram', None)) # Initialise the tally if no instances have been launched yet if len(instances) == 0: usages.tally('cores', 0) usages.tally('ram', 0)
def _get_available_roles(self, request): if is_m1_user_admin(request): return list_roles(request) else: return api.keystone.role_list(request)