def create(context, name, module_type, contents,
description, tenant_id, datastore,
datastore_version, auto_apply, visible, live_update,
priority_apply, apply_order, full_access):
if (module_type.lower() not in Modules.VALID_MODULE_TYPES and
Modules.ANY_MODULE not in Modules.VALID_MODULE_TYPES):
LOG.error(_("Valid module types: %s") % Modules.VALID_MODULE_TYPES)
raise exception.ModuleTypeNotFound(module_type=module_type)
Module.validate_action(
context, 'create', tenant_id, auto_apply, visible, priority_apply,
full_access)
datastore_id, datastore_version_id = (
datastore_models.get_datastore_or_version(
datastore, datastore_version))
if Module.key_exists(
name, module_type, tenant_id,
datastore_id, datastore_version_id):
datastore_str = datastore_id or Modules.MATCH_ALL_NAME
ds_version_str = datastore_version_id or Modules.MATCH_ALL_NAME
raise exception.ModuleAlreadyExists(
name=name, datastore=datastore_str, ds_version=ds_version_str)
md5, processed_contents = Module.process_contents(contents)
is_admin = context.is_admin
if full_access:
is_admin = 0
module = DBModule.create(
name=name,
type=module_type.lower(),
contents=processed_contents,
description=description,
tenant_id=tenant_id,
datastore_id=datastore_id,
datastore_version_id=datastore_version_id,
auto_apply=auto_apply,
visible=visible,
live_update=live_update,
priority_apply=priority_apply,
apply_order=apply_order,
is_admin=is_admin,
md5=md5)
return module
def create(context, name, module_type, contents,
description, tenant_id, datastore,
datastore_version, auto_apply, visible, live_update,
priority_apply, apply_order, full_access):
if module_type.lower() not in Modules.VALID_MODULE_TYPES:
LOG.error(_("Valid module types: %s"), Modules.VALID_MODULE_TYPES)
raise exception.ModuleTypeNotFound(module_type=module_type)
Module.validate_action(
context, 'create', tenant_id, auto_apply, visible, priority_apply,
full_access)
datastore_id, datastore_version_id = (
datastore_models.get_datastore_or_version(
datastore, datastore_version))
if Module.key_exists(
name, module_type, tenant_id,
datastore_id, datastore_version_id):
datastore_str = datastore_id or Modules.MATCH_ALL_NAME
ds_version_str = datastore_version_id or Modules.MATCH_ALL_NAME
raise exception.ModuleAlreadyExists(
name=name, datastore=datastore_str, ds_version=ds_version_str)
md5, processed_contents = Module.process_contents(contents)
is_admin = context.is_admin
if full_access:
is_admin = 0
module = DBModule.create(
name=name,
type=module_type.lower(),
contents=processed_contents,
description=description,
tenant_id=tenant_id,
datastore_id=datastore_id,
datastore_version_id=datastore_version_id,
auto_apply=auto_apply,
visible=visible,
live_update=live_update,
priority_apply=priority_apply,
apply_order=apply_order,
is_admin=is_admin,
md5=md5)
return module
def test_get_datastore_or_version(self):
# datastore, datastore_version, valid, exception
data = [
[None, None, True],
['ds', None, True],
['ds', 'ds_ver', True],
[None, 'ds_ver', False, exception.DatastoreNoVersion],
]
for datum in data:
ds_id = datum[0]
ds_ver_id = datum[1]
valid = datum[2]
expected_exception = None
if not valid:
expected_exception = datum[3]
ds = Mock()
ds.id = ds_id
ds.name = ds_id
ds_ver = Mock()
ds_ver.id = ds_ver_id
ds_ver.name = ds_ver_id
ds_ver.datastore_id = ds_id
with patch.object(datastore_models.Datastore,
'load',
return_value=ds):
with patch.object(datastore_models.DatastoreVersion,
'load',
return_value=ds_ver):
if valid:
(get_ds_id, get_ds_ver_id) = (
datastore_models.get_datastore_or_version(
ds_id, ds_ver_id))
self.assertEqual(ds_id, get_ds_id)
self.assertEqual(ds_ver_id, get_ds_ver_id)
else:
self.assertRaises(
expected_exception,
datastore_models.get_datastore_or_version, ds_id,
ds_ver_id)
def update(context, module, original_module, full_access):
Module.enforce_live_update(
original_module.id, original_module.live_update,
original_module.md5)
# we don't allow any changes to 'is_admin' modules by non-admin
if original_module.is_admin and not context.is_admin:
raise exception.ModuleAccessForbidden(
action='update', options='(Module is an admin module)')
# we don't allow any changes to admin-only attributes by non-admin
admin_options = Module.validate_action(
context, 'update', module.tenant_id, module.auto_apply,
module.visible, module.priority_apply, full_access)
# make sure we set the is_admin flag, but only if it was
# originally is_admin or we changed an admin option
module.is_admin = original_module.is_admin or (
1 if admin_options else 0)
# but we turn it on/off if full_access is specified
if full_access is not None:
module.is_admin = 0 if full_access else 1
ds_id, ds_ver_id = datastore_models.get_datastore_or_version(
module.datastore_id, module.datastore_version_id)
if module.contents != original_module.contents:
md5, processed_contents = Module.process_contents(module.contents)
module.md5 = md5
module.contents = processed_contents
elif hasattr(original_module, 'encrypted_contents'):
# on load the contents may have been decrypted, so
# we need to put the encrypted contents back before we update
module.contents = original_module.encrypted_contents
if module.datastore_id:
module.datastore_id = ds_id
if module.datastore_version_id:
module.datastore_version_id = ds_ver_id
module.updated = timeutils.utcnow()
DBModule.save(module)
def update(context, module, original_module, full_access):
Module.enforce_live_update(
original_module.id, original_module.live_update,
original_module.md5)
# we don't allow any changes to 'is_admin' modules by non-admin
if original_module.is_admin and not context.is_admin:
raise exception.ModuleAccessForbidden(
action='update', options='(Module is an admin module)')
# we don't allow any changes to admin-only attributes by non-admin
admin_options = Module.validate_action(
context, 'update', module.tenant_id, module.auto_apply,
module.visible, module.priority_apply, full_access)
# make sure we set the is_admin flag, but only if it was
# originally is_admin or we changed an admin option
module.is_admin = original_module.is_admin or (
1 if admin_options else 0)
# but we turn it on/off if full_access is specified
if full_access is not None:
module.is_admin = 0 if full_access else 1
ds_id, ds_ver_id = datastore_models.get_datastore_or_version(
module.datastore_id, module.datastore_version_id)
if module.contents != original_module.contents:
md5, processed_contents = Module.process_contents(module.contents)
module.md5 = md5
module.contents = processed_contents
elif hasattr(original_module, 'encrypted_contents'):
# on load the contents may have been decrypted, so
# we need to put the encrypted contents back before we update
module.contents = original_module.encrypted_contents
if module.datastore_id:
module.datastore_id = ds_id
if module.datastore_version_id:
module.datastore_version_id = ds_ver_id
module.updated = datetime.utcnow()
DBModule.save(module)
