def validate_arguments(arguments):
"""
Validate argument values:
<IP>
Arguments not validated:
<CONTAINER>
<INTERFACE>
:param arguments: Docopt processed arguments
"""
# Validate IP
requested_ip = arguments.get("<IP>")
if not (requested_ip is None or validate_ip(requested_ip, 4)
or validate_ip(requested_ip, 6) or validate_cidr(requested_ip)
or requested_ip.lower() in ('ipv4', 'ipv6')):
print_paragraph("Invalid IP address specified. Argument must be a "
"valid IP or CIDR.")
sys.exit(1)
# Validate POOL
if requested_ip is not None and '/' in requested_ip:
requested_pool = IPNetwork(requested_ip)
try:
client.get_ip_pool_config(requested_pool.version, requested_pool)
except KeyError:
print_paragraph("Invalid CIDR specified for desired pool. "
"No pool found for {0}.".format(requested_pool))
sys.exit(1)
# Validate PROFILE
endpoint.validate_arguments(arguments)
def validate_arguments(arguments):
"""
Validate argument values:
<CIDRS>
:param arguments: Docopt processed arguments
"""
# Validate CIDR
cidrs = arguments.get("<CIDRS>")
start_ip = arguments.get("<START_IP>")
end_ip = arguments.get("<END_IP>")
if cidrs:
for cidr in cidrs:
if not validate_cidr(cidr):
print "Invalid CIDR specified %s" % cidr
sys.exit(1)
elif start_ip or end_ip:
if not (validate_ip(start_ip, 4) or validate_ip(start_ip, 6)):
print "Invalid START_IP specified."
sys.exit(1)
elif not (validate_ip(end_ip, 4) or validate_ip(end_ip, 6)):
print "Invalid END_IP specified."
sys.exit(1)
elif IPAddress(start_ip).version != IPAddress(end_ip).version:
print "START_IP and END_IP must be the same ip version"
sys.exit(1)
elif not IPAddress(start_ip) < IPAddress(end_ip):
print "START_IP must be a smaller ip address than END_IP"
sys.exit(1)
def validate_arguments(arguments):
"""
Validate argument values:
<CIDRS>
:param arguments: Docopt processed arguments
"""
# Validate CIDR
cidrs = arguments.get("<CIDRS>")
start_ip = arguments.get("<START_IP>")
end_ip = arguments.get("<END_IP>")
if cidrs:
for cidr in cidrs:
if not validate_cidr(cidr):
print "Invalid CIDR specified %s" % cidr
sys.exit(1)
elif start_ip or end_ip:
if not (validate_ip(start_ip, 4) or validate_ip(start_ip, 6)):
print "Invalid START_IP specified."
sys.exit(1)
elif not (validate_ip(end_ip, 4) or validate_ip(end_ip, 6)):
print "Invalid END_IP specified."
sys.exit(1)
elif IPAddress(start_ip).version != IPAddress(end_ip).version:
print "START_IP and END_IP must be the same ip version"
sys.exit(1)
elif not IPAddress(start_ip) < IPAddress(end_ip):
print "START_IP must be a smaller ip address than END_IP"
sys.exit(1)
def test_validate_cidr(self, cidr, expected_result):
"""
Test validate_cidr function in calico_ctl utils
"""
# Call method under test
test_result = validate_cidr(cidr)
# Assert
self.assertEqual(expected_result, test_result)
def test_validate_cidr(self, cidr, expected_result):
"""
Test validate_cidr function in calico_ctl utils
"""
# Call method under test
test_result = validate_cidr(cidr)
# Assert
self.assertEqual(expected_result, test_result)
def validate_arguments(arguments):
"""
Validate argument values:
<IP>
Arguments not validated:
<CONTAINER>
<INTERFACE>
:param arguments: Docopt processed arguments
"""
# Validate IP
requested_ip = arguments.get("<IP>")
if not (requested_ip is None or
validate_ip(requested_ip, 4) or
validate_ip(requested_ip, 6) or
validate_cidr(requested_ip) or
requested_ip.lower() in ('ipv4', 'ipv6')):
print_paragraph("Invalid IP address specified. Argument must be a "
"valid IP or CIDR.")
sys.exit(1)
# Validate POOL
if requested_ip is not None and '/' in requested_ip:
requested_pool = IPNetwork(requested_ip)
try:
client.get_ip_pool_config(requested_pool.version, requested_pool)
except KeyError:
print_paragraph("Invalid CIDR specified for desired pool. "
"No pool found for {0}.".format(requested_pool))
sys.exit(1)
# Validate PROFILE
endpoint.validate_arguments(arguments)
def validate_arguments(arguments):
"""
Validate argument values:
<PROFILE>
<SRCTAG>
<SRCCIDR>
<DSTTAG>
<DSTCIDR>
<ICMPTYPE>
<ICMPCODE>
<SRCPORTS>
<DSTPORTS>
Arguments not validated:
<POSITION>
:param arguments: Docopt processed arguments
"""
# Validate Profiles
profile_ok = True
if arguments.get("<PROFILE>") is not None:
profile = arguments.get("<PROFILE>")
profile_ok = validate_characters(profile)
# Validate tags
tag_src_ok = (arguments.get("<SRCTAG>") is None
or validate_characters(arguments["<SRCTAG>"]))
tag_dst_ok = (arguments.get("<DSTTAG>") is None
or validate_characters(arguments["<DSTTAG>"]))
# Validate IPs
cidr_ok = True
cidr_list = []
for arg in ["<SRCCIDR>", "<DSTCIDR>"]:
if arguments.get(arg) is not None:
cidr_list.append(arguments[arg])
cidr_ok = validate_cidr(arguments[arg])
if not cidr_ok:
break
icmp_ok = True
for arg in ["<ICMPCODE>", "<ICMPTYPE>"]:
if arguments.get(arg) is not None:
icmp_ok = validate_icmp_type(arguments[arg])
if not icmp_ok:
break
ports_ok = True
for arg in ["<SRCPORTS>", "<DSTPORTS>"]:
if arguments.get(arg) is not None:
ports_ok = validate_ports(arguments[arg])
if not ports_ok:
break
cidr_versions_ok = True
if cidr_list:
ip_version = None
if arguments.get("icmp"):
ip_version = 4
elif arguments.get("icmpv6"):
ip_version = 6
cidr_versions_ok = validate_cidr_versions(cidr_list,
ip_version=ip_version)
# Print error message
if not profile_ok:
print_paragraph("Profile names must be < 40 character long and can "
"only contain numbers, letters, dots, dashes and "
"underscores.")
if not (tag_src_ok and tag_dst_ok):
print_paragraph("Tags names can only contain numbers, letters, dots, "
"dashes and underscores.")
if not cidr_ok:
print "Invalid CIDR specified."
if not icmp_ok:
print "Invalid ICMP type or ICMP code specified."
if not ports_ok:
print "Invalid SRCPORTS or DSTPORTS specified."
if not cidr_versions_ok:
print "Invalid or unmatching IP versions for SRCCIDR/DSTCIDR."
# Exit if not valid
if not (profile_ok and tag_src_ok and tag_dst_ok and cidr_ok and icmp_ok
and ports_ok and cidr_versions_ok):
sys.exit(1)
def validate_arguments(arguments):
"""
Validate argument values:
<PROFILE>
<SRCTAG>
<SRCCIDR>
<DSTTAG>
<DSTCIDR>
<ICMPTYPE>
<ICMPCODE>
<SRCPORTS>
<DSTPORTS>
Arguments not validated:
<POSITION>
:param arguments: Docopt processed arguments
"""
# Validate Profiles
profile_ok = True
if arguments.get("<PROFILE>") is not None:
profile = arguments.get("<PROFILE>")
profile_ok = validate_characters(profile)
# Validate tags
tag_src_ok = (arguments.get("<SRCTAG>") is None or
validate_characters(arguments["<SRCTAG>"]))
tag_dst_ok = (arguments.get("<DSTTAG>") is None or
validate_characters(arguments["<DSTTAG>"]))
# Validate IPs
cidr_ok = True
cidr_list = []
for arg in ["<SRCCIDR>", "<DSTCIDR>"]:
if arguments.get(arg) is not None:
cidr_list.append(arguments[arg])
cidr_ok = validate_cidr(arguments[arg])
if not cidr_ok:
break
icmp_ok = True
for arg in ["<ICMPCODE>", "<ICMPTYPE>"]:
if arguments.get(arg) is not None:
icmp_ok = validate_icmp_type(arguments[arg])
if not icmp_ok:
break
ports_ok = True
for arg in ["<SRCPORTS>", "<DSTPORTS>"]:
if arguments.get(arg) is not None:
ports_ok = validate_port_str(arguments[arg])
if not ports_ok:
break
cidr_versions_ok = True
if cidr_list:
ip_version = None
if arguments.get("icmp"):
ip_version = 4
elif arguments.get("icmpv6"):
ip_version = 6
cidr_versions_ok = validate_cidr_versions(cidr_list,
ip_version=ip_version)
# Print error message
if not profile_ok:
print_paragraph("Profile names must be < 40 character long and can "
"only contain numbers, letters, dots, dashes and "
"underscores.")
if not (tag_src_ok and tag_dst_ok):
print_paragraph("Tags names can only contain numbers, letters, dots, "
"dashes and underscores.")
if not cidr_ok:
print "Invalid CIDR specified."
if not icmp_ok:
print "Invalid ICMP type or ICMP code specified."
if not ports_ok:
print "Invalid SRCPORTS or DSTPORTS specified."
if not cidr_versions_ok:
print "Invalid or unmatching IP versions for SRCCIDR/DSTCIDR."
# Exit if not valid
if not (profile_ok and tag_src_ok and tag_dst_ok
and cidr_ok and icmp_ok and ports_ok and cidr_versions_ok):
sys.exit(1)
