def check_security_group_rule_quota( cls, proj_dict, db_conn, rule_count): quota_counter = cls.server.quota_counter obj_type = 'security_group_rule' quota_limit = QuotaHelper.get_quota_limit(proj_dict, obj_type) if (rule_count and quota_limit >= 0): path_prefix = _DEFAULT_ZK_COUNTER_PATH_PREFIX + proj_dict['uuid'] path = path_prefix + "/" + obj_type if not quota_counter.get(path): # Init quota counter for security group rule QuotaHelper._zk_quota_counter_init( path_prefix, {obj_type: quota_limit}, proj_dict['uuid'], db_conn, quota_counter) ok, result = QuotaHelper.verify_quota( obj_type, quota_limit, quota_counter[path], count=rule_count) if not ok: msg = "security_group_entries: %d" % quota_limit return False, (QUOTA_OVER_ERROR_CODE, msg) def undo(): # Revert back quota count quota_counter[path] -= rule_count get_context().push_undo(undo) return True, ""
def pre_dbe_delete(cls, id, obj_dict, db_conn): ok, result = cls.dbe_read(db_conn, 'security_group', id) if not ok: return ok, result, None sg_dict = result if sg_dict['id_perms'].get('user_visible', True) is not False: ok, result = QuotaHelper.get_project_dict_for_quota( sg_dict['parent_uuid'], db_conn) if not ok: return False, result, None proj_dict = result obj_type = 'security_group_rule' quota_limit = QuotaHelper.get_quota_limit(proj_dict, obj_type) if 'security_group_entries' in obj_dict and quota_limit >= 0: rule_count = len( obj_dict['security_group_entries']['policy_rule']) path_prefix = (_DEFAULT_ZK_COUNTER_PATH_PREFIX + proj_dict['uuid']) path = path_prefix + "/" + obj_type quota_counter = cls.server.quota_counter # If the SG has been created before R3, there is no # path in ZK. It is created on next update and we # can ignore it for now if quota_counter.get(path): quota_counter[path] -= rule_count def undo(): # Revert back quota count quota_counter[path] += rule_count get_context().push_undo(undo) return True, "", None
def check_security_group_rule_quota(cls, proj_dict, db_conn, rule_count): quota_counter = cls.server.quota_counter obj_type = 'security_group_rule' quota_limit = QuotaHelper.get_quota_limit(proj_dict, obj_type) if (rule_count and quota_limit >= 0): path_prefix = _DEFAULT_ZK_COUNTER_PATH_PREFIX + proj_dict['uuid'] path = path_prefix + "/" + obj_type if not quota_counter.get(path): # Init quota counter for security group rule QuotaHelper._zk_quota_counter_init(path_prefix, {obj_type: quota_limit}, proj_dict['uuid'], db_conn, quota_counter) ok, result = QuotaHelper.verify_quota(obj_type, quota_limit, quota_counter[path], count=rule_count) if not ok: msg = "security_group_entries: %d" % quota_limit return False, (QUOTA_OVER_ERROR_CODE, msg) def undo(): # Revert back quota count quota_counter[path] -= rule_count get_context().push_undo(undo) return True, ""
def get_quota_for_resource(cls, obj_type, obj_dict, db_conn): user_visible = obj_dict['id_perms'].get('user_visible', True) if not user_visible or obj_type not in QuotaType.attr_fields: return True, -1, None proj_uuid = cls.get_project_id_for_resource(obj_dict, obj_type, db_conn) if proj_uuid is None: return True, -1, None ok, result = QuotaHelper.get_project_dict_for_quota(proj_uuid, db_conn) if not ok: return False, result proj_dict = result quota_limit = QuotaHelper.get_quota_limit(proj_dict, obj_type) return True, quota_limit, proj_uuid
def check_openstack_firewall_group_quota(cls, obj_dict, deleted=False): obj_type = 'firewall_group' if (not obj_dict['id_perms'].get('user_visible', True) or obj_dict.get('parent_type') != Project.object_type): return True, '' ok, result = QuotaHelper.get_project_dict_for_quota( obj_dict['parent_uuid'], cls.db_conn) if not ok: return False, result project = result quota_limit = QuotaHelper.get_quota_limit(project, obj_type) if quota_limit < 0: return True, '' quota_count = 1 if deleted: quota_count = -1 path_prefix = _DEFAULT_ZK_COUNTER_PATH_PREFIX + project['uuid'] path = path_prefix + "/" + obj_type if not cls.server.quota_counter.get(path): QuotaHelper._zk_quota_counter_init( path_prefix, {obj_type: quota_limit}, project['uuid'], cls.db_conn, cls.server.quota_counter) return QuotaHelper.verify_quota( obj_type, quota_limit, cls.server.quota_counter[path], quota_count) def undo(): # revert back counter in case of any failure during creation if not deleted: cls.server.quota_counter[path] -= 1 else: cls.server.quota_counter[path] += 1 get_context().push_undo(undo) return True, ''