class BackupSerializer(_HideNodeSerializer): """ vms.models.Backup """ _model_ = Backup _update_fields_ = ('note', ) _default_fields_ = ('hostname', 'vm', 'dc', 'name', 'disk_id') hostname = s.CharField(source='vm_hostname', read_only=True) vm_uuid = s.CharField(source='vm.uuid', read_only=True) vm = s.CharField(source='vm', required=False, read_only=True) dc = s.CharField(source='dc', read_only=True) define = s.CharField(source='define.name', read_only=True) name = s.RegexField(r'^[A-Za-z0-9][A-Za-z0-9\._-]*$', max_length=24, min_length=1) disk_id = s.IntegerField(source='array_disk_id', max_value=DISK_ID_MAX, min_value=DISK_ID_MIN) type = s.IntegerChoiceField(choices=Backup.TYPE, read_only=True) node = s.CharField(source='node.hostname', read_only=True) zpool = s.CharField(source='zpool.zpool', read_only=True) created = s.DateTimeField(read_only=True, required=False) status = s.IntegerChoiceField(choices=Backup.STATUS, read_only=True, required=False) size = s.IntegerField(read_only=True) time = s.IntegerField(read_only=True) file_path = s.CharField(read_only=True) note = s.SafeCharField(max_length=128, required=False) def __init__(self, request, instance, node_view=False, *args, **kwargs): super(BackupSerializer, self).__init__(request, instance, *args, **kwargs) if not node_view: del self.fields['dc']
class DefaultDcSettingsSerializer(DcSettingsSerializer): """ vms.models.DefaultDc.settings """ _global_settings = None default_dc_third_party_modules = [] # Class level storage, updated only with the decorator function default_dc_third_party_settings = [] # Class level storage, updated only with the decorator function ACL_ENABLED = s.BooleanField(label=_('Advanced User Management')) # Global Module API_ENABLED = s.BooleanField(label=_('API access')) # Global Module VMS_DC_ENABLED = s.BooleanField(label=_('Virtual Datacenters')) # Global Module SMS_ENABLED = s.BooleanField(label=_('SMS')) # Global Module VMS_NODE_SSH_KEYS_SYNC = s.BooleanField(label='VMS_NODE_SSH_KEYS_SYNC', help_text=_('WARNING: Do not disable this unless ' 'you know what you are doing!')) VMS_NODE_SSH_KEYS_DEFAULT = s.ArrayField(label='VMS_NODE_SSH_KEYS_DEFAULT', help_text=_('List of SSH keys to be added to compute nodes by default')) VMS_IMAGE_VM = s.SafeCharField(label='VMS_IMAGE_VM', required=False, help_text=_('Global image server (hostname or uuid) - primary IMGAPI source on all ' 'compute nodes. Empty value means that most of the image-related ' 'operations will be performed only in the DB.')) VMS_IMAGE_VM_NIC = s.IntegerField(label='VMS_IMAGE_VM_NIC', min_value=NIC_ID_MIN, max_value=NIC_ID_MAX, help_text=_('Image server\'s NIC ID, which will be used to determine the IP ' 'address for constructing the IMGAPI source set on all compute ' 'nodes.')) VMS_IMAGE_SOURCES = s.ArrayField(label='VMS_IMAGE_SOURCES', required=False, max_items=16, help_text=_('List of additional IMGAPI sources that will be set on all ' 'compute nodes.')) VMS_IMAGE_REPOSITORIES = s.URLDictField(label='VMS_IMAGE_REPOSITORIES', required=False, max_items=16, help_text=_('Object (key=name, value=URL) with remote disk image ' 'repositories available in every virtual datacenter.')) DNS_DOMAIN_TYPE_DEFAULT = s.ChoiceField(label='DNS_DOMAIN_TYPE_DEFAULT', choices=Domain.TYPE_MASTER, help_text='Default PowerDNS replication type of newly created domain.') DNS_HOSTMASTER = s.EmailField(label='DNS_HOSTMASTER', max_length=255, help_text=_('Default hostmaster email address used for SOA records ' 'of newly created domains.')) DNS_NAMESERVERS = s.ArrayField(label='DNS_NAMESERVERS', max_items=8, help_text=_('List of DNS servers used for NS records of newly created domains.' ' Set to an empty list to disable automatic creation of NS records.')) DNS_SOA_DEFAULT = s.CharField(label='DNS_SOA_DEFAULT', max_length=255, min_length=0, required=False, help_text=_('Default value for the SOA record of newly created domains. ' 'Available placeholders are: ' '{nameserver} (replaced by first nameserver in DNS_NAMESERVERS) and ' '{hostmaster} (replaced by DNS_HOSTMASTER). ' 'Set to an empty value to disable automatic creation of SOA records.')) EMAIL_HOST = s.SafeCharField(label='EMAIL_HOST', help_text=_('Hostname or IP address of the SMTP server used for all outgoing emails.')) EMAIL_PORT = s.IntegerField(label='EMAIL_PORT', min_value=1, max_value=65535, help_text=_('Port of the SMTP server.')) EMAIL_USE_TLS = s.BooleanField(label='EMAIL_USE_TLS', help_text=_('Whether to use an explicit TLS (secure) SMTP connection (STARTTLS).')) EMAIL_USE_SSL = s.BooleanField(label='EMAIL_USE_SSL', help_text=_('Whether to use an implicit TLS (secure) SMTP connection.')) EMAIL_HOST_USER = s.CharField(label='EMAIL_HOST_USER', max_length=255, required=False, help_text=_('Username for SMTP authentication.')) EMAIL_HOST_PASSWORD = s.CharField(label='EMAIL_HOST_PASSWORD', max_length=255, required=False, help_text=_('Password for SMTP authentication.')) SHADOW_EMAIL = s.EmailField(label='SHADOW_EMAIL', required=False, help_text=_('Email address to which hidden copies of all outgoing emails are sent.')) PROFILE_SSH_KEY_LIMIT = s.IntegerField(label='PROFILE_SSH_KEY_LIMIT', max_value=64, help_text=_('Maximum number of public SSH keys ' 'that can be stored in one user profile.')) PROFILE_COUNTRY_CODE_DEFAULT = s.ChoiceField(label='PROFILE_COUNTRY_CODE_DEFAULT', choices=UserProfile.COUNTRIES, help_text=_("Default country in user's profile.")) PROFILE_PHONE_PREFIX_DEFAULT = s.ChoiceField(label='PROFILE_PHONE_PREFIX_DEFAULT', choices=UserProfile.PHONE_PREFIXES, help_text=_("Default country phone prefix in user's profile.")) PROFILE_TIME_ZONE_DEFAULT = s.ChoiceField(label='PROFILE_TIME_ZONE_DEFAULT', choices=UserProfile.TIMEZONES, help_text=_("Default time zone in user's profile.")) MON_ZABBIX_NODE_SYNC = s.BooleanField(label='MON_ZABBIX_NODE_SYNC', help_text=_('Whether compute nodes should be automatically ' 'synchronized with the monitoring server.')) MON_ZABBIX_NODE_SLA = s.BooleanField(label='MON_ZABBIX_NODE_SLA', help_text=_('Whether to fetch and display the SLA value of compute nodes.')) MON_ZABBIX_HOSTGROUP_NODE = s.SafeCharField(label='MON_ZABBIX_HOSTGROUP_NODE', max_length=255, help_text=_('Existing Zabbix host group, which will be used for all ' 'monitored compute nodes.')) MON_ZABBIX_HOSTGROUPS_NODE = s.ArrayField(label='MON_ZABBIX_HOSTGROUPS_NODE', max_items=32, required=False, help_text=_('List of other Zabbix host groups, which will be ' 'used for all monitored compute nodes.')) MON_ZABBIX_TEMPLATES_NODE = s.ArrayField(label='MON_ZABBIX_TEMPLATES_NODE', max_items=128, required=False, help_text=_('List of existing Zabbix templates, which will be used for all' ' monitored compute nodes.')) SMS_PREFERRED_SERVICE = s.ChoiceField(label='SMS_PREFERRED_SERVICE', choices=get_services(), help_text=_('Currently used SMS provider.')) SMS_SERVICE_USERNAME = s.CharField(label='SMS_SERVICE_USERNAME', max_length=255, required=False, help_text=_('Username required for the selected SMS provider.')) SMS_SERVICE_PASSWORD = s.CharField(label='SMS_SERVICE_PASSWORD', max_length=255, required=False, help_text=_('Password required for the selected SMS provider.')) SMS_FROM_NUMBER = s.SafeCharField(label='SMS_FROM_NUMBER', max_length=64, required=False, help_text=_('Phone number used as sender for outgoing text messages.')) SMS_REGISTRATION_ENABLED = s.BooleanField(label='SMS_REGISTRATION_ENABLED', help_text=_("Whether to verify user's phone number during registration " "and phone number change")) # noinspection PyMethodMayBeStatic,PyPep8Naming def validate_VMS_NODE_SSH_KEYS_DEFAULT(self, attrs, source): try: value = attrs[source] except KeyError: pass else: for key in value: validate_ssh_key(key) return attrs # noinspection PyPep8Naming def validate_VMS_IMAGE_VM(self, attrs, source): try: value = attrs[source] except KeyError: pass else: if value: try: vm = get_vm(self.request, value, exists_ok=True, noexists_fail=True, dc_bound=False) except ObjectNotFound as exc: raise s.ValidationError(exc.detail) else: if vm.status not in (Vm.RUNNING, Vm.STOPPED): raise s.ValidationError(_('Invalid VM status; VM must be running or stopped.')) if vm.ostype != Vm.SUNOS_ZONE: raise s.ValidationError(_('Invalid OS type; VM must be a SunOS Zone.')) attrs[source] = vm.uuid return attrs # noinspection PyMethodMayBeStatic,PyPep8Naming def validate_DNS_SOA_DEFAULT(self, attrs, source): try: value = attrs[source] except KeyError: return attrs if not value: attrs[source] = '' return attrs testvalue = placeholder_validator(value, nameserver='ns01.example.com', hostmaster='hostmaster.example.com') # {nameserver} {hostmaster} 2013010100 28800 7200 604800 86400 RegexValidator(r'^([A-Za-z0-9\._/-]+)\s+([A-Za-z0-9\._-]+)\s+(\d+)\s+(\d+)\s+(\d+)\s+(\d+)\s+(\d+)$')(testvalue) return attrs def validate(self, attrs): if attrs.get('EMAIL_USE_TLS', None) and attrs.get('EMAIL_USE_SSL', None): self._errors['EMAIL_USE_TLS'] = self._errors['EMAIL_USE_SSL'] = s.ErrorList([ _('Cannot enable EMAIL_USE_TLS and EMAIL_USE_SSL together.') ]) # Do not allow SMS registration without the SMS module if (attrs.get('SMS_REGISTRATION_ENABLED', None) and not attrs.get('SMS_ENABLED', self.request.dc.settings.SMS_ENABLED)): self._errors['SMS_REGISTRATION_ENABLED'] = s.ErrorList([_('SMS support must be enabled first.')]) return super(DefaultDcSettingsSerializer, self).validate(attrs)
class DcSerializer(s.InstanceSerializer): """ vms.models.Dc """ _model_ = Dc _update_fields_ = ('alias', 'owner', 'access', 'desc', 'site', 'groups') _default_fields_ = ('name', 'alias', 'owner', 'site') owner_changed = None groups_changed = None groups_added = None groups_removed = None removed_users = None name = s.RegexField(r'^[A-Za-z0-9][A-Za-z0-9\._-]*$', max_length=16) alias = s.SafeCharField(max_length=32) site = s.RegexField(r'^[a-z0-9][a-z0-9\.:-]+[a-z0-9]$', max_length=260, min_length=1) owner = s.SlugRelatedField(slug_field='username', queryset=User.objects, read_only=False, required=False) access = s.IntegerChoiceField(choices=Dc.ACCESS, default=Dc.PRIVATE) desc = s.SafeCharField(max_length=128, required=False) created = s.DateTimeField(read_only=True, required=False) def __init__(self, request, instance, *args, **kwargs): super(DcSerializer, self).__init__(request, instance, *args, **kwargs) if not kwargs.get('many', False): self.fields['owner'].default = request.user.username # Does not work self.fields['owner'].queryset = get_owners(request, all=True) def validate_alias(self, attrs, source): try: value = attrs[source] except KeyError: pass else: validate_alias(self.object, value) return attrs def validate_site(self, attrs, source): try: value = attrs[source] except KeyError: pass else: if self.object.pk and self.object.site == value: pass elif Dc.objects.filter(site__iexact=value).exists(): raise s.ValidationError(_('This site hostname is already in use. ' 'Please supply a different site hostname.')) return attrs def validate_access(self, attrs, source): try: value = attrs[source] except KeyError: pass else: if self.object.pk and self.object.is_default() and int(value) != Dc.PUBLIC: raise s.ValidationError(_('Default datacenter must be public.')) return attrs def validate_owner(self, attrs, source): try: user = attrs[source] except KeyError: pass else: if user is None: if self.object.pk: del attrs['owner'] else: attrs['owner'] = self.request.user elif self.object.pk: if self.object.is_default() and not user.is_staff: raise s.ValidationError(_('Default datacenter must be owned by user with SuperAdmin rights.')) if user != self.object.owner: self.owner_changed = self.object.owner # Save old owner # Cannot change owner while pending tasks exist validate_owner(self.object, user, _('Datacenter')) return attrs def validate_groups(self, attrs, source): try: value = attrs[source] except KeyError: pass else: if self.object.pk: current_roles = set(self.object.roles.all()) new_roles = set(value) if current_roles != new_roles: self.groups_added = new_roles - current_roles self.groups_removed = current_roles - new_roles self.groups_changed = current_roles.symmetric_difference(new_roles) self.removed_users = User.objects.distinct().filter(roles__in=self.groups_removed) return attrs
class DcSettingsSerializer(s.InstanceSerializer): """ vms.models.Dc.settings """ _global_settings = None _model_ = Dc modules = settings.MODULES # Used in gui forms third_party_modules = [] # Class level storage, updated only with the decorator function third_party_settings = [] # Class level storage, updated only with the decorator function # List of settings which cannot be changed when set to False in (local_)settings.py (booleans only) _override_disabled_ = settings.MODULES _blank_fields_ = frozenset({ 'SITE_LOGO', 'SITE_ICON', 'SHADOW_EMAIL', 'SUPPORT_PHONE', 'VMS_DISK_IMAGE_DEFAULT', 'VMS_DISK_IMAGE_ZONE_DEFAULT', 'VMS_DISK_IMAGE_LX_ZONE_DEFAULT', 'VMS_NET_DEFAULT', 'VMS_STORAGE_DEFAULT', 'MON_ZABBIX_HTTP_USERNAME', 'MON_ZABBIX_HTTP_PASSWORD', 'MON_ZABBIX_HOST_VM_PROXY', 'DNS_SOA_DEFAULT', 'EMAIL_HOST_USER', 'EMAIL_HOST_PASSWORD', 'SMS_FROM_NUMBER', 'SMS_SERVICE_USERNAME', 'SMS_SERVICE_PASSWORD', }) _null_fields_ = frozenset({ 'VMS_VM_DEFINE_LIMIT', 'VMS_VM_SNAPSHOT_DEFINE_LIMIT', 'VMS_VM_SNAPSHOT_LIMIT_AUTO', 'VMS_VM_SNAPSHOT_LIMIT_MANUAL', 'VMS_VM_SNAPSHOT_LIMIT_MANUAL_DEFAULT', 'VMS_VM_SNAPSHOT_SIZE_LIMIT', 'VMS_VM_SNAPSHOT_SIZE_LIMIT_DEFAULT', 'VMS_VM_SNAPSHOT_DC_SIZE_LIMIT', 'VMS_VM_BACKUP_DEFINE_LIMIT', 'VMS_VM_BACKUP_LIMIT', 'VMS_VM_BACKUP_DC_SIZE_LIMIT', 'VMS_NET_LIMIT', 'VMS_IMAGE_VM', 'VMS_IMAGE_LIMIT', 'VMS_ISO_LIMIT' }) dc = s.CharField(label=_('Datacenter'), read_only=True) # Modules VMS_VM_SNAPSHOT_ENABLED = s.BooleanField(label=_('Snapshots')) VMS_VM_BACKUP_ENABLED = s.BooleanField(label=_('Backups')) MON_ZABBIX_ENABLED = s.BooleanField(label=_('Monitoring')) DNS_ENABLED = s.BooleanField(label=_('DNS')) SUPPORT_ENABLED = s.BooleanField(label=_('Support')) REGISTRATION_ENABLED = s.BooleanField(label=_('Registration')) FAQ_ENABLED = s.BooleanField(label=_('FAQ')) # Not part of MODULES (can be overridden even if disabled in settings) # Advanced settings VMS_VM_DOMAIN_DEFAULT = s.RegexField(r'^[A-Za-z0-9][A-Za-z0-9\._/-]*$', label='VMS_VM_DOMAIN_DEFAULT', max_length=255, min_length=3, help_text=_('Default domain part of the hostname of a newly ' 'created virtual server.')) COMPANY_NAME = s.CharField(label='COMPANY_NAME', max_length=255, help_text=_('Name of the company using this virtual datacenter.')) SITE_NAME = s.CharField(label='SITE_NAME', max_length=255, help_text=_('Name of this site used mostly in email and text message templates.')) SITE_LINK = s.CharField(label='SITE_LINK', max_length=255, help_text=_('Link to this site used mostly in email and text message templates.')) SITE_SIGNATURE = s.CharField(label='SITE_SIGNATURE', max_length=255, help_text=_('Signature attached to outgoing emails related ' 'to this virtual datacenter.')) SITE_LOGO = s.URLField(label='SITE_LOGO', max_length=2048, required=False, help_text=_('URL pointing to an image, which will be displayed as a logo on the main page. ' 'If empty the default Danube Cloud logo will be used.')) SITE_ICON = s.URLField(label='SITE_ICON', max_length=2048, required=False, help_text=_('URL pointing to an image, which will be displayed as an icon in the navigation ' 'bar. If empty the default Danube Cloud icon will be used.')) SUPPORT_EMAIL = s.EmailField(label='SUPPORT_EMAIL', max_length=255, help_text=_('Destination email address used for all support tickets ' 'related to this virtual datacenter.')) SUPPORT_PHONE = s.CharField(label='SUPPORT_PHONE', max_length=255, required=False, help_text=_('Phone number displayed in the support contact details.')) SUPPORT_USER_CONFIRMATION = s.BooleanField(label='SUPPORT_USER_CONFIRMATION', help_text=_('Whether to send a confirmation email to the user after ' 'a support ticket has been sent to SUPPORT_EMAIL.')) DEFAULT_FROM_EMAIL = s.EmailField(label='DEFAULT_FROM_EMAIL', max_length=255, help_text=_('Email address used as the "From" address for all outgoing emails ' 'related to this virtual datacenter.')) EMAIL_ENABLED = s.BooleanField(label='EMAIL_ENABLED', help_text=_('Whether to completely disable sending of emails ' 'related to this virtual datacenter.')) API_LOG_USER_CALLBACK = s.BooleanField(label='API_LOG_USER_CALLBACK', help_text=_('Whether to log API user callback requests into the tasklog.')) VMS_ZONE_ENABLED = s.BooleanField(label='VMS_ZONE_ENABLED', # Module help_text=_('Whether to enable support for SunOS and Linux zones in ' 'this virtual datacenter.')) VMS_VM_DEFINE_LIMIT = s.IntegerField(label='VMS_VM_DEFINE_LIMIT', required=False, help_text=_('Maximum number of virtual servers that can be defined in ' 'this virtual datacenter.')) VMS_VM_CPU_CAP_REQUIRED = s.BooleanField(label='VMS_VM_CPU_CAP_REQUIRED', help_text='When disabled, the vCPUs server parameter on SunOS and Linux ' 'Zones can be set to 0, which removes the compute node CPU ' 'limit (cpu_cap) for the virtual server.') VMS_VM_STOP_TIMEOUT_DEFAULT = s.IntegerField(label='VMS_VM_STOP_TIMEOUT_DEFAULT', help_text='Default time period (in seconds) for a graceful VM stop or ' 'reboot, after which a force stop/reboot is send to the VM ' '(KVM only).') VMS_VM_STOP_WIN_TIMEOUT_DEFAULT = s.IntegerField(label='VMS_VM_STOP_WIN_TIMEOUT_DEFAULT', help_text='This is the same setting as VMS_VM_STOP_TIMEOUT_DEFAULT' ' but for a VM with Windows OS type, which usually takes' ' longer to shutdown.') VMS_VM_OSTYPE_DEFAULT = s.IntegerChoiceField(label='VMS_VM_OSTYPE_DEFAULT', choices=Vm.OSTYPE, help_text=_('Default operating system type. One of: 1 - Linux VM, ' '2 - SunOS VM, 3 - BSD VM, 4 - Windows VM, ' '5 - SunOS Zone, 6 - Linux Zone.')) VMS_VM_MONITORED_DEFAULT = s.BooleanField(label='VMS_VM_MONITORED_DEFAULT', help_text=_('Controls whether server synchronization with the monitoring ' 'system is enabled by default.')) VMS_VM_CPU_SHARES_DEFAULT = s.IntegerField(label='VMS_VM_CPU_SHARES_DEFAULT', min_value=0, max_value=1048576, help_text=_("Default value of the server's CPU shares, " "relative to other servers.")) VMS_VM_ZFS_IO_PRIORITY_DEFAULT = s.IntegerField(label='VMS_VM_ZFS_IO_PRIORITY_DEFAULT', min_value=0, max_value=1024, help_text=_("Default value of the server's IO throttling " "priority, relative to other servers.")) VMS_VM_RESOLVERS_DEFAULT = s.IPAddressArrayField(label='VMS_VM_RESOLVERS_DEFAULT', max_items=8, help_text=_('Default DNS resolvers used for newly ' 'created servers.')) VMS_VM_SSH_KEYS_DEFAULT = s.ArrayField(label='VMS_VM_SSH_KEYS_DEFAULT', max_items=32, required=False, help_text=_('List of public SSH keys added to every virtual machine ' 'in this virtual datacenter.')) VMS_VM_MDATA_DEFAULT = s.MetadataField(label='VMS_VM_MDATA_DEFAULT', required=False, validators=(validate_mdata(Vm.RESERVED_MDATA_KEYS),), help_text=_('Default VM metadata (key=value string pairs).')) VMS_DISK_MODEL_DEFAULT = s.ChoiceField(label='VMS_DISK_MODEL_DEFAULT', choices=Vm.DISK_MODEL, help_text=_('Default disk model of newly created server disks. One of: ' 'virtio, ide, scsi.')) VMS_DISK_COMPRESSION_DEFAULT = s.ChoiceField(label='VMS_DISK_COMPRESSION_DEFAULT', choices=Vm.DISK_COMPRESSION, help_text=_('Default disk compression algorithm. ' 'One of: off, lzjb, gzip, gzip-N, zle, lz4.')) VMS_DISK_IMAGE_DEFAULT = s.CharField(label='VMS_DISK_IMAGE_DEFAULT', max_length=64, required=False, help_text=_('Name of the default disk image used for ' 'newly created server disks.')) VMS_DISK_IMAGE_ZONE_DEFAULT = s.CharField(label='VMS_DISK_IMAGE_ZONE_DEFAULT', max_length=64, required=False, help_text=_('Name of the default disk image used for ' 'newly created SunOS zone servers.')) VMS_DISK_IMAGE_LX_ZONE_DEFAULT = s.CharField(label='VMS_DISK_IMAGE_LX_ZONE_DEFAULT', max_length=64, required=False, help_text=_('Name of the default disk image used for ' 'newly created Linux zone servers.')) VMS_NIC_MODEL_DEFAULT = s.ChoiceField(label='VMS_NIC_MODEL_DEFAULT', choices=Vm.NIC_MODEL, help_text=_('Default virtual NIC model of newly created server NICs. ' 'One of: virtio, e1000, rtl8139.')) VMS_NIC_MONITORING_DEFAULT = s.IntegerField(label='VMS_NIC_MONITORING_DEFAULT', min_value=NIC_ID_MIN, max_value=NIC_ID_MAX, help_text=_('Default NIC ID, which will be used for ' 'external monitoring.')) VMS_NET_DEFAULT = s.CharField(label='VMS_NET_DEFAULT', max_length=64, required=False, help_text=_('Name of the default network used for newly created server NICs.')) VMS_NET_LIMIT = s.IntegerField(label='VMS_NET_LIMIT', required=False, help_text=_('Maximum number of DC-bound networks that can be created in ' 'this virtual datacenter.')) VMS_NET_VLAN_RESTRICT = s.BooleanField(label='VMS_NET_VLAN_RESTRICT', help_text=_('Whether to restrict VLAN IDs to the ' 'VMS_NET_VLAN_ALLOWED list.')) VMS_NET_VLAN_ALLOWED = s.IntegerArrayField(label='VMS_NET_VLAN_ALLOWED', required=False, help_text=_('List of VLAN IDs available for newly created DC-bound ' 'networks in this virtual datacenter.')) VMS_NET_VXLAN_RESTRICT = s.BooleanField(label='VMS_NET_VXLAN_RESTRICT', help_text=_('Whether to restrict VXLAN IDs to the ' 'VMS_NET_VXLAN_ALLOWED list.')) VMS_NET_VXLAN_ALLOWED = s.IntegerArrayField(label='VMS_NET_VXLAN_ALLOWED', required=False, help_text=_('List of VXLAN IDs available for newly created DC-bound ' 'networks in this virtual datacenter.')) VMS_IMAGE_LIMIT = s.IntegerField(label='VMS_IMAGE_LIMIT', required=False, help_text=_('Maximum number of DC-bound server images that can be created in ' 'this virtual datacenter.')) VMS_ISO_LIMIT = s.IntegerField(label='VMS_ISO_LIMIT', required=False, help_text=_('Maximum number of DC-bound ISO images that can be created in ' 'this virtual datacenter.')) VMS_STORAGE_DEFAULT = s.CharField(label='VMS_STORAGE_DEFAULT', max_length=64, required=False, help_text=_('Name of the default storage used for newly created servers ' 'and server disks.')) VMS_VGA_MODEL_DEFAULT = s.ChoiceField(label='VMS_VGA_MODEL_DEFAULT', choices=Vm.VGA_MODEL, help_text=_('Default VGA emulation driver of newly created servers. ' 'One of: std, cirrus, vmware.')) VMS_VM_SNAPSHOT_DEFINE_LIMIT = s.IntegerField(label='VMS_VM_SNAPSHOT_DEFINE_LIMIT', required=False, help_text=_('Maximum number of snapshot definitions per server.')) VMS_VM_SNAPSHOT_LIMIT_AUTO = s.IntegerField(label='VMS_VM_SNAPSHOT_LIMIT_AUTO', required=False, help_text=_('Maximum number of automatic snapshots per server.')) VMS_VM_SNAPSHOT_LIMIT_MANUAL = s.IntegerField(label='VMS_VM_SNAPSHOT_LIMIT_MANUAL', required=False, help_text=_('Maximum number of manual snapshots per server.')) VMS_VM_SNAPSHOT_LIMIT_MANUAL_DEFAULT = s.IntegerField(label='VMS_VM_SNAPSHOT_LIMIT_MANUAL_DEFAULT', required=False, help_text=_('Predefined manual snapshot limit ' 'for new servers.')) VMS_VM_SNAPSHOT_SIZE_LIMIT = s.IntegerField(label='VMS_VM_SNAPSHOT_SIZE_LIMIT', required=False, help_text=_('Maximum size (MB) of all snapshots per server.')) VMS_VM_SNAPSHOT_SIZE_LIMIT_DEFAULT = s.IntegerField(label='VMS_VM_SNAPSHOT_SIZE_LIMIT_DEFAULT', required=False, help_text=_('Predefined snapshot size limit (MB) for new ' 'servers.')) VMS_VM_SNAPSHOT_DC_SIZE_LIMIT = s.IntegerField(label='VMS_VM_SNAPSHOT_DC_SIZE_LIMIT', required=False, help_text=_('Maximum size (MB) of all snapshots in this ' 'virtual datacenter.')) VMS_VM_BACKUP_DEFINE_LIMIT = s.IntegerField(label='VMS_VM_BACKUP_DEFINE_LIMIT', required=False, help_text=_('Maximum number of backup definitions per server.')) VMS_VM_BACKUP_LIMIT = s.IntegerField(label='VMS_VM_BACKUP_LIMIT', required=False, help_text=_('Upper retention limit used for new backup definitions.')) VMS_VM_BACKUP_DC_SIZE_LIMIT = s.IntegerField(label='VMS_VM_BACKUP_DC_SIZE_LIMIT', required=False, help_text=_('Maximum size (MB) of all backups in this ' 'virtual datacenter.')) VMS_VM_BACKUP_COMPRESSION_DEFAULT = s.ChoiceField(label='VMS_VM_BACKUP_COMPRESSION_DEFAULT', choices=BackupDefine.COMPRESSION, help_text=_('Predefined compression algorithm for ' 'new file backups.')) DNS_PTR_DEFAULT = s.CharField(label='DNS_PTR_DEFAULT', max_length=255, min_length=4, help_text=_("Default value used for reverse DNS records of virtual server " "NIC's IP addresses. Available placeholders are: " "{ipaddr}, {hostname}, {alias}.")) MON_ZABBIX_SERVER = s.RegexField(r'^https?://.*$', label='MON_ZABBIX_SERVER', max_length=1024, help_text=_('URL address of Zabbix server used for external monitoring of servers ' 'in this virtual datacenter. WARNING: Changing this and other ' 'MON_ZABBIX_* values in default virtual datacenter will ' 'affect the built-in internal monitoring of servers and ' 'compute nodes.')) MON_ZABBIX_SERVER_SSL_VERIFY = s.BooleanField(label='MON_ZABBIX_SERVER_SSL_VERIFY', help_text=_('Whether to perform HTTPS certificate verification when ' 'connecting to the Zabbix API.')) MON_ZABBIX_TIMEOUT = s.IntegerField(label='MON_ZABBIX_TIMEOUT', min_value=1, max_value=180, help_text=_('Timeout in seconds used for connections to the Zabbix API.')) MON_ZABBIX_USERNAME = s.CharField(label='MON_ZABBIX_USERNAME', max_length=255, help_text=_('Username used for connecting to the Zabbix API.')) MON_ZABBIX_PASSWORD = s.CharField(label='MON_ZABBIX_PASSWORD', max_length=255, help_text=_('Password used for connecting to the Zabbix API.')) MON_ZABBIX_HTTP_USERNAME = s.CharField(label='MON_ZABBIX_HTTP_USERNAME', max_length=255, required=False, help_text=_('Username used for the HTTP basic authentication required for ' 'connections to the Zabbix API.')) MON_ZABBIX_HTTP_PASSWORD = s.CharField(label='MON_ZABBIX_HTTP_PASSWORD', max_length=255, required=False, help_text=_('Password used for the HTTP basic authentication required for ' 'connections to the Zabbix API.')) MON_ZABBIX_VM_SLA = s.BooleanField(label='MON_ZABBIX_VM_SLA', help_text=_('Whether to fetch and display the SLA value of virtual servers.')) MON_ZABBIX_VM_SYNC = s.BooleanField(label='MON_ZABBIX_VM_SYNC', help_text=_('Whether newly created virtual servers can be automatically ' 'synchronized with the monitoring server.')) MON_ZABBIX_HOSTGROUP_VM = s.SafeCharField(label='MON_ZABBIX_HOSTGROUP_VM', max_length=255, help_text=_('Existing Zabbix host group, which will be used for all ' 'monitored servers in this virtual datacenter.')) MON_ZABBIX_HOSTGROUPS_VM = s.ArrayField(label='MON_ZABBIX_HOSTGROUPS_VM', max_items=32, required=False, help_text=_('List of Zabbix host groups, which will be used ' 'for all monitored servers in this virtual datacenter. ' 'Available placeholders are: {ostype}, {ostype_text}, ' '{disk_image}, {disk_image_abbr}, {dc_name}.')) MON_ZABBIX_HOSTGROUPS_VM_RESTRICT = s.BooleanField(label='MON_ZABBIX_HOSTGROUPS_VM_RESTRICT', help_text=_('Whether to restrict Zabbix host group names to the ' 'MON_ZABBIX_HOSTGROUPS_VM_ALLOWED list.')) MON_ZABBIX_HOSTGROUPS_VM_ALLOWED = s.ArrayField(label='MON_ZABBIX_HOSTGROUPS_VM_ALLOWED', max_items=32, required=False, help_text=_('List of Zabbix host groups that can be used by servers' ' in this virtual datacenter. Available placeholders' ' are: {ostype}, {ostype_text}, {disk_image},' ' {disk_image_abbr}, {dc_name}.')) MON_ZABBIX_TEMPLATES_VM = s.ArrayField(label='MON_ZABBIX_TEMPLATES_VM', max_items=128, required=False, help_text=_('List of existing Zabbix templates, which will be used for all ' 'monitored servers in this virtual datacenter. ' 'Available placeholders are: {ostype}, {ostype_text}, ' '{disk_image}, {disk_image_abbr}, {dc_name}.')) MON_ZABBIX_TEMPLATES_VM_MAP_TO_TAGS = s.BooleanField(label='MON_ZABBIX_TEMPLATES_VM_MAP_TO_TAGS', help_text=_('Whether to find and use existing Zabbix templates' ' according to tags of a monitored ' 'virtual server.')) MON_ZABBIX_TEMPLATES_VM_RESTRICT = s.BooleanField(label='MON_ZABBIX_TEMPLATES_VM_RESTRICT', help_text=_('Whether to restrict Zabbix template names to the ' 'MON_ZABBIX_TEMPLATES_VM_ALLOWED list.')) MON_ZABBIX_TEMPLATES_VM_ALLOWED = s.ArrayField(label='MON_ZABBIX_TEMPLATES_VM_ALLOWED', max_items=128, required=False, help_text=_('List of Zabbix templates that can be used by servers ' 'in this virtual datacenter. Available placeholders are:' ' {ostype}, {ostype_text}, {disk_image},' ' {disk_image_abbr}, {dc_name}.')) MON_ZABBIX_TEMPLATES_VM_NIC = s.ArrayField(label='MON_ZABBIX_TEMPLATES_VM_NIC', max_items=16, required=False, help_text=_('List of Zabbix templates that will be used for all ' 'monitored servers, for every virtual NIC of a server. ' 'Available placeholders are: {net}, {nic_id} + ' 'MON_ZABBIX_TEMPLATES_VM placeholders.')) MON_ZABBIX_TEMPLATES_VM_DISK = s.ArrayField(label='MON_ZABBIX_TEMPLATES_VM_DISK', max_items=16, required=False, help_text=_('List of Zabbix templates that will be used for all ' 'monitored servers, for every virtual disk of a server. ' 'Available placeholders: {disk}, {disk_id} + ' 'MON_ZABBIX_TEMPLATES_VM placeholders.')) MON_ZABBIX_HOST_VM_PROXY = s.CharField(label='MON_ZABBIX_HOST_VM_PROXY', min_length=1, max_length=128, required=False, help_text=_('Name or ID of the monitoring proxy, which will be used to ' 'monitor all monitored virtual servers.')) def __init__(self, request, dc, *args, **kwargs): # noinspection PyNoneFunctionAssignment global_settings = self.get_global_settings() if global_settings and not dc.is_default(): # Displaying global settings for non default DC dc1_settings = DefaultDc().settings # These setting should be read-only and read from default DC dc_settings = DefAttrDict(dc.custom_settings, defaults=dc1_settings) # instance else: dc1_settings = None dc_settings = dc.settings # instance self.dc_settings = dc_settings dc_settings['dc'] = dc.name super(DcSettingsSerializer, self).__init__(request, dc_settings, *args, **kwargs) self._update_fields_ = self.fields.keys() self._update_fields_.remove('dc') self.settings = {} self.dc = dc if dc1_settings is not None: for i in global_settings: self.fields[i].read_only = True @classmethod def get_global_settings(cls): if cls._global_settings is None: # noinspection PyUnresolvedReferences cls._global_settings = frozenset(set(cls.base_fields.keys()) - set(DcSettingsSerializer.base_fields.keys())) return cls._global_settings @staticmethod def _filter_sensitive_data(dictionary): """Replace sensitive data in input dict with ***""" for key in dictionary.keys(): if any([i in key for i in SENSITIVE_FIELD_NAMES]): dictionary[key] = SENSITIVE_FIELD_VALUE return dictionary def _setattr(self, instance, source, value): # noinspection PyProtectedMember super(DcSettingsSerializer, self)._setattr(instance, source, value) self.settings[source] = value def detail_dict(self, **kwargs): # Remove sensitive data from detail dict return self._filter_sensitive_data(super(DcSettingsSerializer, self).detail_dict(**kwargs)) @property def data(self): if self._data is None: # Remove sensitive data from output self._data = self._filter_sensitive_data(super(DcSettingsSerializer, self).data) return self._data # noinspection PyPep8Naming def validate_VMS_VM_DOMAIN_DEFAULT(self, attrs, source): if self.dc_settings.DNS_ENABLED: try: value = attrs[source] except KeyError: pass else: try: domain = Domain.objects.get(name=value) except Domain.DoesNotExist: raise s.ValidationError(_('Object with name=%s does not exist.') % value) else: if not self.dc.domaindc_set.filter(domain_id=domain.id).exists(): raise s.ValidationError(_('Domain is not available in this datacenter.')) return attrs # noinspection PyMethodMayBeStatic,PyPep8Naming def validate_VMS_VM_SSH_KEYS_DEFAULT(self, attrs, source): try: value = attrs[source] except KeyError: pass else: for key in value: validate_ssh_key(key) return attrs # noinspection PyMethodMayBeStatic,PyPep8Naming def validate_DNS_PTR_DEFAULT(self, attrs, source): try: value = attrs[source] except KeyError: pass else: testvalue = placeholder_validator(value, ipaddr='test', hostname='test', alias='test') RegexValidator(r'^[a-z0-9][a-z0-9\.-]+[a-z0-9]$')(testvalue) return attrs # noinspection PyMethodMayBeStatic,PyPep8Naming def validate_MON_ZABBIX_HOSTGROUPS_VM(self, attrs, source): return validate_array_placeholders(attrs, source, VM_KWARGS) # noinspection PyMethodMayBeStatic,PyPep8Naming def validate_MON_ZABBIX_HOSTGROUPS_VM_ALLOWED(self, attrs, source): return validate_array_placeholders(attrs, source, VM_KWARGS) # noinspection PyMethodMayBeStatic,PyPep8Naming def validate_MON_ZABBIX_TEMPLATES_VM(self, attrs, source): return validate_array_placeholders(attrs, source, VM_KWARGS) # noinspection PyMethodMayBeStatic,PyPep8Naming def validate_MON_ZABBIX_TEMPLATES_VM_ALLOWED(self, attrs, source): return validate_array_placeholders(attrs, source, VM_KWARGS) # noinspection PyMethodMayBeStatic,PyPep8Naming def validate_MON_ZABBIX_TEMPLATES_VM_NIC(self, attrs, source): return validate_array_placeholders(attrs, source, VM_KWARGS_NIC) # noinspection PyMethodMayBeStatic,PyPep8Naming def validate_MON_ZABBIX_TEMPLATES_VM_DISK(self, attrs, source): return validate_array_placeholders(attrs, source, VM_KWARGS_DISK) def validate(self, attrs): # Check if it is possible to override a boolean setting for source, value in attrs.items(): if source in self._override_disabled_ and not getattr(settings, source, False) and value: self._errors[source] = s.ErrorList([_('Cannot override global setting.')]) del attrs[source] return attrs
class ImageSerializer(s.InstanceSerializer): """ vms.models.Image Also used in api.dc.image.serializers. """ _backup_attrs_map_ = { 'owner': 'owner_id', 'dc_bound': 'dc_bound_id', } _model_ = Image _update_fields_ = ('alias', 'version', 'dc_bound', 'owner', 'access', 'desc', 'resize', 'deploy', 'tags') # TODO: 'nic_model', 'disk_model' _default_fields_ = ('name', 'alias', 'owner') name = s.RegexField(r'^[A-Za-z0-9][A-Za-z0-9\._-]*$', max_length=32) uuid = s.CharField(read_only=True) alias = s.SafeCharField(max_length=32) version = s.SafeCharField(max_length=16, default='1.0') owner = s.SlugRelatedField(slug_field='username', queryset=User.objects) access = s.IntegerChoiceField(choices=Image.ACCESS, default=Image.PRIVATE) desc = s.SafeCharField(max_length=128, required=False) ostype = s.IntegerChoiceField(choices=Image.OSTYPE, read_only=True) size = s.IntegerField(read_only=True) resize = s.BooleanField(default=False) deploy = s.BooleanField(default=False) # nic_model = s.ChoiceField(choices=Vm.NIC_MODEL) # KVM only # disk_model = s.ChoiceField(choices=Vm.DISK_MODEL) # KVM only tags = s.TagField(required=False, default=[]) dc_bound = s.BooleanField(source='dc_bound_bool', default=True) status = s.IntegerChoiceField(choices=Image.STATUS, read_only=True, required=False) created = s.DateTimeField(read_only=True, required=False) def __init__(self, request, img, *args, **kwargs): super(ImageSerializer, self).__init__(request, img, *args, **kwargs) if not kwargs.get('many', False): self.update_manifest = True self._dc_bound = img.dc_bound self.fields['owner'].queryset = get_owners(request, all=True) def create_img_backup(self): """Creates a dictionary that maps Image object attributes to its values; this will be used as a backup in case the update should fail""" items = self._backup_attrs_map_ return { items.get(attr, attr): getattr(self.object, items.get(attr, attr)) for attr in self._update_fields_ } def _normalize(self, attr, value): if attr == 'dc_bound': return self._dc_bound # noinspection PyProtectedMember return super(ImageSerializer, self)._normalize(attr, value) def validate_owner(self, attrs, source): """Cannot change owner while pending tasks exist""" validate_owner(self.object, attrs.get(source, None), _('Image')) return attrs def validate_dc_bound(self, attrs, source): try: value = bool(attrs[source]) except KeyError: pass else: if value != self.object.dc_bound_bool: self._dc_bound = validate_dc_bound(self.request, self.object, value, _('Image')) return attrs def validate(self, attrs): db_only_manifest_keys = {'dc_bound', 'dc_bound_bool', 'owner'} if db_only_manifest_keys.issuperset(attrs.keys()): self.update_manifest = False try: alias = attrs['alias'] except KeyError: alias = self.object.alias try: version = attrs['version'] except KeyError: version = self.object.version qs = Image.objects if self.object.pk: qs = qs.exclude(pk=self.object.pk) if qs.filter(alias__iexact=alias, version=version).exists(): self._errors['alias'] = s.ErrorList([ _('This alias is already in use. ' 'Please supply a different alias or version.') ]) if self.request.method == 'POST' and self._dc_bound: limit = self._dc_bound.settings.VMS_IMAGE_LIMIT if limit is not None: if Image.objects.filter( dc_bound=self._dc_bound).count() >= int(limit): raise s.ValidationError( _('Maximum number of server disk images reached')) return attrs
class BackupDefineSerializer(_HideNodeSerializer): """ vms.models.BackupDefine """ _model_ = BackupDefine _update_fields_ = ('type', 'desc', 'node', 'zpool', 'bwlimit', 'active', 'schedule', 'retention', 'compression') _default_fields_ = ('hostname', 'name', 'disk_id') hostname = s.CharField(source='vm.hostname', read_only=True) vm_uuid = s.CharField(source='vm.uuid', read_only=True) name = s.RegexField(r'^[A-Za-z0-9][A-Za-z0-9\._-]*$', max_length=8, min_length=1) disk_id = s.IntegerField(source='array_disk_id', max_value=DISK_ID_MAX, min_value=DISK_ID_MIN) type = s.IntegerChoiceField(choices=BackupDefine.TYPE, default=BackupDefine.DATASET) node = s.SlugRelatedField(slug_field='hostname', queryset=Node.objects) # queryset set below zpool = s.CharField(max_length=64) # validated below desc = s.SafeCharField(max_length=128, required=False) bwlimit = s.IntegerField(required=False, min_value=0, max_value=2147483647) active = s.BooleanField(default=True) schedule = s.CronField() retention = s.IntegerField() # limits set below compression = s.IntegerChoiceField(choices=BackupDefine.COMPRESSION) fsfreeze = s.BooleanField(default=False) def __init__(self, request, instance, *args, **kwargs): vm_template = kwargs.pop('vm_template', False) self._update_fields_ = list(self._update_fields_) super(BackupDefineSerializer, self).__init__(request, instance, *args, **kwargs) if not kwargs.get('many', False): dc_settings = request.dc.settings backup_nodes = get_nodes(request, is_backup=True) self.fields['node'].queryset = backup_nodes self.fields['zpool'].default = dc_settings.VMS_STORAGE_DEFAULT self.fields[ 'compression'].default = dc_settings.VMS_VM_BACKUP_COMPRESSION_DEFAULT # Set first backup node and backup node storage available in DC # (used only when called by VmDefineBackup.create_from_template()) if vm_template: try: self.fields['node'].default = first_node = backup_nodes[0] except IndexError: pass else: first_node_zpools = get_zpools(request).filter( node=first_node).values_list('zpool', flat=True) if first_node_zpools and dc_settings.VMS_STORAGE_DEFAULT not in first_node_zpools: self.fields['zpool'].default = first_node_zpools[0] if request.method != 'POST': self.fields['type'].read_only = True # Limit maximum number of backups - Issue #chili-447 if dc_settings.VMS_VM_BACKUP_LIMIT is None: min_count, max_count = RETENTION_MIN, RETENTION_MAX else: min_count, max_count = 1, int(dc_settings.VMS_VM_BACKUP_LIMIT) self.fields['retention'].validators.append( validators.MinValueValidator(min_count)) self.fields['retention'].validators.append( validators.MaxValueValidator(max_count)) if instance.vm.is_kvm(): self._update_fields_.append('fsfreeze') def validate(self, attrs): try: zpool = attrs['zpool'] except KeyError: zpool = self.object.zpool try: node = attrs['node'] except KeyError: node = self.object.node try: attrs['zpool'] = get_zpools(self.request).get(node=node, zpool=zpool) except NodeStorage.DoesNotExist: self._errors['zpool'] = s.ErrorList( [_('Zpool does not exist on node.')]) # Check total number of existing backup definitions - Issue #chili-447 if self.request.method == 'POST': limit = self.request.dc.settings.VMS_VM_BACKUP_DEFINE_LIMIT if limit is not None: total = self._model_.objects.filter(vm=self.object.vm).count() if int(limit) <= total: raise s.ValidationError( _('Maximum number of backup definitions reached.')) return attrs
class DomainSerializer(s.InstanceSerializer): """ pdns.models.Domain """ _model_ = Domain _update_fields_ = ('owner', 'access', 'desc', 'dc_bound', 'type') _default_fields_ = ('name', 'owner', 'type') _blank_fields_ = frozenset({'desc'}) name_changed = None name = s.RegexField(r'^[A-Za-z0-9][A-Za-z0-9\._/-]*$', max_length=253, min_length=3) type = s.ChoiceField(choices=Domain.TYPE_MASTER, default=Domain.MASTER) owner = s.SlugRelatedField(slug_field='username', queryset=User.objects) access = s.IntegerChoiceField(choices=Domain.ACCESS, default=Domain.PRIVATE) desc = s.SafeCharField(max_length=128, required=False) created = s.DateTimeField(read_only=True, required=False) dc_bound = s.BooleanField(source='dc_bound_bool', default=True) def __init__(self, request, domain, *args, **kwargs): super(DomainSerializer, self).__init__(request, domain, *args, **kwargs) if not kwargs.get('many', False): self._dc_bound = domain.dc_bound def _normalize(self, attr, value): if attr == 'dc_bound': return self._dc_bound # noinspection PyProtectedMember return super(DomainSerializer, self)._normalize(attr, value) def validate_dc_bound(self, attrs, source): try: value = bool(attrs[source]) except KeyError: pass else: if value != self.object.dc_bound_bool: dc = validate_dc_bound(self.request, self.object, value, _('Domain')) if dc: self._dc_bound = dc.id else: self._dc_bound = None return attrs def validate_name(self, attrs, source): try: value = attrs[source].lower( ) # The domain name must be always lowercased (DB requirement) except KeyError: pass else: attrs[source] = value # Save lowercased domain name if self.object.pk: if self.object.name == value: return attrs else: self.name_changed = self.object.name # Save old domain name validate_dns_name(value) return attrs
class UserSerializer(ApiKeysSerializer): """ gui.models.User """ _model_ = User _update_fields_ = ('email', 'first_name', 'last_name', 'is_super_admin', 'is_active', 'api_access', 'api_key', 'callback_key', 'groups', 'dc_bound', 'password') _default_fields_ = ('username', 'is_super_admin', 'is_active', 'api_access', 'password') username = s.RegexField(r'^[A-Za-z0-9@.+_-]*$', max_length=254) current_dc = s.SlugRelatedField(source='default_dc', slug_field='name', read_only=True, required=False) email = s.EmailField(max_length=254) first_name = s.SafeCharField(max_length=30) last_name = s.SafeCharField(max_length=30) is_super_admin = s.BooleanField(source='is_staff') is_active = s.BooleanField() api_access = s.BooleanField() groups = s.ArrayField(required=False, source='roles_api') dc_bound = s.BooleanField(source='dc_bound_bool', default=True) created = s.DateTimeField(source='date_joined', read_only=True) password = s.CharField() old_email = None # variable for value storage on email change is_staff_changed = False old_roles = () def __init__(self, request, user, *args, **kwargs): super(UserSerializer, self).__init__(request, user, *args, **kwargs) if not kwargs.get('many', False): self._dc_bound = user.dc_bound def _normalize(self, attr, value): if attr == 'dc_bound': return self._dc_bound # noinspection PyProtectedMember return super(UserSerializer, self)._normalize(attr, value) # noinspection PyProtectedMember @atomic def save(self, **kwargs): user = self.object new_flag = (not user.pk or getattr(user, 'new', False)) user.save() if user._roles_to_save is not None: self.old_roles = set(user.roles.all()) user.roles = user._roles_to_save # Newly created user via API is automatically marked as verified # Creator has to provide correct email, or in user profile set email as not verified (since email is required)! # Email change by user will trigger email with verification code so he can finish profile! # If admin doesnt set phone user is force to set it and when phone is changed sms verification is send if new_flag: user.userprofile.email_verified = True user.userprofile.phone_verified = True user.userprofile.save() # Changing a user email makes the email not verified # (unless request.user is not part of the staff or registration is disabled) if self.old_email and not self.request.user.is_staff and settings.REGISTRATION_ENABLED: user.userprofile.email_verified = False user.userprofile.email_token = user.userprofile.generate_token(6) user.userprofile.save() sendmail(user, 'accounts/user/base/profile_verify_subject.txt', 'accounts/user/base/profile_verify_email.txt', extra_context={ 'email_token': user.userprofile.email_token, }) def validate_username(self, attrs, source): try: value = attrs[source] except KeyError: pass else: if self.object.id == settings.ADMIN_USER: raise s.NoPermissionToModify elif value in INVALID_USERNAMES: raise s.ValidationError( s.WritableField.default_error_messages['invalid']) return attrs def validate_email(self, attrs, source): try: value = attrs[source] except KeyError: pass else: qs = User.objects if self.object.pk: if self.object.email == value: return attrs else: self.old_email = self.object.email qs = qs.exclude(pk=self.object.pk) # Check if someone does not use this email (or username) already if qs.filter(Q(email__iexact=value) | Q(username__iexact=value)).exists(): raise s.ValidationError( _('This email is already in use. Please supply a different email.' )) return attrs # noinspection PyMethodMayBeStatic def validate_groups(self, attrs, source): try: value = attrs[source] except KeyError: pass else: groups = [] for grp in value: try: group = Role.objects.get(name=grp) except Role.DoesNotExist: raise s.ObjectDoesNotExist(grp) else: if self.request.user.is_staff: groups.append(group) else: if group.dc_bound and self._dc_bound and group.dc_bound == self._dc_bound: groups.append(group) else: raise s.ValidationError( _('You don\'t have permission to use DC-unbound groups.' )) attrs[source] = groups return attrs def validate_dc_bound(self, attrs, source): try: value = bool(attrs[source]) except KeyError: pass else: if value != self.object.dc_bound_bool: if not self.request.user.is_staff: raise s.NoPermissionToModify if value: data = self.init_data or {} self._dc_bound = get_dc( self.request, data.get('dc', self.request.dc.name)) else: self._dc_bound = None return attrs def validate_is_super_admin(self, attrs, source): try: value = attrs[source] except KeyError: pass else: if self.object.is_staff != value: if self.object.id == settings.ADMIN_USER: raise s.NoPermissionToModify if self.request.user.is_staff: self.is_staff_changed = self.object.is_staff != value else: raise s.NoPermissionToModify return attrs def validate_is_active(self, attrs, source): try: value = attrs[source] except KeyError: pass else: if self.object.is_active != value and self.object.id == settings.ADMIN_USER: raise s.NoPermissionToModify return attrs def validate_api_access(self, attrs, source): try: value = attrs[source] except KeyError: pass else: if self.object.api_access != value and self.object.id == settings.ADMIN_USER: raise s.NoPermissionToModify return attrs def validate(self, attrs): # User is or will be bound to this DC dc = self._dc_bound if attrs.get('dc_bound_bool', self.object.dc_bound_bool) and attrs.get( 'is_staff', self.object.is_staff): self._errors['dc_bound'] = _( 'A SuperAdmin user cannot be DC-bound.') if dc: # User is or will be member of these groups try: groups = attrs['roles_api'] except KeyError: if self.object.pk: groups = self.object.roles.all() else: groups = () # A DC-bound user cannot be a member of a group that is assigned to another DC other than user.dc_bound if Dc.objects.filter(roles__in=groups).exclude(id=dc.id).exists(): self._errors['dc_bound'] = s.ErrorList([ _("User's group(s) are attached into another datacenter(s)." ) ]) return attrs def _setattr(self, instance, source, value): """Update user password if parameter was passed from es""" if source == 'password': self.object.set_password(value) else: # noinspection PyProtectedMember super(UserSerializer, self)._setattr(instance, source, value) def detail_dict(self, **kwargs): dd = super(UserSerializer, self).detail_dict(**kwargs) # Remove sensitive data from detail dict if 'password' in dd: dd['password'] = '******' if 'api_key' in dd: dd['api_key'] = '***' if 'callback_key' in dd: dd['callback_key'] = '***' return dd def to_native(self, obj): """Updated so we don't display password hash""" ret = super(UserSerializer, self).to_native(obj) if 'password' in ret: del ret['password'] if 'api_key' in ret: ret['api_key'] = '***' if 'callback_key' in ret: ret['callback_key'] = '***' return ret
class NodeStorageSerializer(s.InstanceSerializer): """ vms.models.NodeStorage """ error_negative_resources = s.ErrorList([_('Value is too low because of existing virtual machines.')]) _model_ = NodeStorage _default_fields_ = ('alias', 'owner', 'size_coef', 'zpool') node = s.Field(source='node.hostname') zpool = s.ChoiceField(source='zpool') alias = s.SafeCharField(source='storage.alias', max_length=32) owner = s.SlugRelatedField(source='storage.owner', slug_field='username', queryset=User.objects, required=False) access = s.IntegerChoiceField(source='storage.access', choices=Storage.ACCESS, default=Storage.PRIVATE) type = s.IntegerChoiceField(source='storage.type', choices=Storage.TYPE, default=Storage.LOCAL) size = s.IntegerField(source='storage.size_total', read_only=True) size_coef = s.DecimalField(source='storage.size_coef', min_value=0, max_digits=4, decimal_places=2) size_free = s.IntegerField(source='storage.size_free', read_only=True) created = s.DateTimeField(source='storage.created', read_only=True, required=False) desc = s.SafeCharField(source='storage.desc', max_length=128, required=False) def __init__(self, request, instance, *args, **kwargs): self._update_fields_ = ['alias', 'owner', 'access', 'desc', 'type', 'size_coef'] super(NodeStorageSerializer, self).__init__(request, instance, *args, **kwargs) if not kwargs.get('many', False): self._size_coef = instance.storage.size_coef self.fields['owner'].queryset = get_owners(request) if request.method == 'POST': self.fields['zpool'].choices = [(i, i) for i in instance.node.zpools.keys()] self._update_fields_.append('zpool') else: self.fields['zpool'].read_only = True def validate_owner(self, attrs, source): """Cannot change owner while pending tasks exist""" validate_owner(self.object, attrs.get(source, None), _('Storage')) return attrs def validate_alias(self, attrs, source): try: value = attrs[source] except KeyError: pass else: validate_alias(self.object, value, field_comparison='storage__alias__iexact') return attrs def validate(self, attrs): # Default owner is request.user, but setting this in __init__ does not work if 'storage.owner' in attrs and attrs['storage.owner'] is None: if self.object.pk: del attrs['storage.owner'] else: attrs['storage.owner'] = self.request.user return attrs @property def update_storage_resources(self): """True if size_coef changed""" return not(self.object.storage.size_coef == self._size_coef)
class GroupSerializer(s.ConditionalDCBoundSerializer): """ gui.models.role """ _model_ = Role _update_fields_ = ('alias', 'permissions', 'users', 'dc_bound') _default_fields_ = ('name', 'alias') name = s.RegexField( r'^[A-Za-z0-9\._-]*$', max_length=32 ) # FIXME post update do check on DB to reduce name length alias = s.SafeCharField(max_length=80) permissions = s.ArrayField(required=False, source='permissions_api') users = s.ArrayField(required=False, source='users_api') dc_bound = s.BooleanField(source='dc_bound_bool', default=True) created = s.DateTimeField(read_only=True, required=False) def __init__(self, request, group, *args, **kwargs): super(GroupSerializer, self).__init__(request, group, *args, **kwargs) if not kwargs.get('many', False): self._dc_bound = group.dc_bound def _normalize(self, attr, value): if attr == 'dc_bound': return self._dc_bound # noinspection PyProtectedMember return super(GroupSerializer, self)._normalize(attr, value) # noinspection PyProtectedMember @atomic def save(self, **kwargs): role = self.object role.save() if role._permissions_to_save is not None: role.permissions = role._permissions_to_save if role._users_to_save is not None: role.user_set = role._users_to_save def validate_alias(self, attrs, source): try: value = attrs[source] except KeyError: pass else: validate_alias(self.object, value) return attrs # noinspection PyMethodMayBeStatic def validate_permissions(self, attrs, source): try: value = attrs[source] except KeyError: pass else: permissions = [] for perm in value: try: permission = Permission.objects.get(name=perm) except Permission.DoesNotExist: raise s.ObjectDoesNotExist(perm) else: permissions.append(permission) attrs[source] = permissions return attrs # noinspection PyMethodMayBeStatic def validate_users(self, attrs, source): try: value = attrs[source] except KeyError: pass else: users = [] for user in value: try: usr = User.objects.filter( ExcludeInternalUsers).select_related('dc_bound').get( username=user) except User.DoesNotExist: raise s.ObjectDoesNotExist(user, field_name=_('username')) else: users.append(usr) attrs[source] = users return attrs
class TemplateSerializer(s.InstanceSerializer): """ vms.models.Template """ _model_ = VmTemplate _update_fields_ = ('alias', 'owner', 'access', 'desc', 'ostype', 'dc_bound', 'vm_define', 'vm_define_disk', 'vm_define_nic', 'vm_define_snapshot', 'vm_define_backup') _default_fields_ = ('name', 'alias', 'owner') _null_fields_ = frozenset({ 'ostype', 'vm_define', 'vm_define_disk', 'vm_define_nic', 'vm_define_snapshot', 'vm_define_backup' }) name = s.RegexField(r'^[A-Za-z0-9][A-Za-z0-9\._-]*$', max_length=32) alias = s.SafeCharField(max_length=32) owner = s.SlugRelatedField(slug_field='username', queryset=User.objects, required=False) access = s.IntegerChoiceField(choices=VmTemplate.ACCESS, default=VmTemplate.PRIVATE) desc = s.SafeCharField(max_length=128, required=False) ostype = s.IntegerChoiceField(choices=VmTemplate.OSTYPE, required=False, default=None) dc_bound = s.BooleanField(source='dc_bound_bool', default=True) vm_define = VmDefineField(default={}, required=False) vm_define_disk = VmDefineDiskField(default=[], required=False, max_items=2) vm_define_nic = VmDefineNicField(default=[], required=False, max_items=4) vm_define_snapshot = VmDefineSnapshotField(default=[], required=False, max_items=16) vm_define_backup = VmDefineBackupField(default=[], required=False, max_items=16) created = s.DateTimeField(read_only=True, required=False) def __init__(self, request, tmp, *args, **kwargs): super(TemplateSerializer, self).__init__(request, tmp, *args, **kwargs) if not kwargs.get('many', False): self._dc_bound = tmp.dc_bound self.fields['owner'].queryset = get_owners(request, all=True) def _normalize(self, attr, value): if attr == 'dc_bound': return self._dc_bound # noinspection PyProtectedMember return super(TemplateSerializer, self)._normalize(attr, value) def validate_dc_bound(self, attrs, source): try: value = bool(attrs[source]) except KeyError: pass else: if value != self.object.dc_bound_bool: self._dc_bound = validate_dc_bound(self.request, self.object, value, _('Template')) return attrs def validate_alias(self, attrs, source): try: value = attrs[source] except KeyError: pass else: validate_alias(self.object, value) return attrs def validate(self, attrs): if self.request.method == 'POST' and self._dc_bound: limit = self._dc_bound.settings.VMS_TEMPLATE_LIMIT if limit is not None: if VmTemplate.objects.filter( dc_bound=self._dc_bound).count() >= int(limit): raise s.ValidationError( _('Maximum number of server templates reached')) return attrs
class NetworkSerializer(s.InstanceSerializer): """ vms.models.Subnet """ _model_ = Subnet _update_fields_ = ('alias', 'owner', 'access', 'desc', 'network', 'netmask', 'gateway', 'resolvers', 'dns_domain', 'ptr_domain', 'nic_tag', 'vlan_id', 'dc_bound', 'dhcp_passthrough') _default_fields_ = ('name', 'alias', 'owner') _blank_fields_ = frozenset({'desc', 'dns_domain', 'ptr_domain'}) _null_fields_ = frozenset({'gateway'}) # min_length because of API URL: /network/ip/ name = s.RegexField(r'^[A-Za-z0-9][A-Za-z0-9\._-]*$', min_length=3, max_length=32) uuid = s.CharField(read_only=True) alias = s.SafeCharField(max_length=32) owner = s.SlugRelatedField(slug_field='username', queryset=User.objects, required=False) access = s.IntegerChoiceField(choices=Subnet.ACCESS, default=Subnet.PRIVATE) desc = s.SafeCharField(max_length=128, required=False) network = s.IPAddressField() netmask = s.IPAddressField() gateway = s.IPAddressField(required=False) # can be null nic_tag = s.ChoiceField() vlan_id = s.IntegerField(min_value=0, max_value=4096) resolvers = s.IPAddressArrayField(source='resolvers_api', required=False, max_items=8) dns_domain = s.RegexField(r'^[A-Za-z0-9][A-Za-z0-9\._-]*$', max_length=250, required=False) # can be blank ptr_domain = s.RegexField(r'^[A-Za-z0-9][A-Za-z0-9\._-]*$', max_length=250, required=False) # can be blank dhcp_passthrough = s.BooleanField(default=False) dc_bound = s.BooleanField(source='dc_bound_bool', default=True) created = s.DateTimeField(read_only=True, required=False) def __init__(self, request, net, *args, **kwargs): super(NetworkSerializer, self).__init__(request, net, *args, **kwargs) if not kwargs.get('many', False): self._dc_bound = net.dc_bound self.fields['owner'].queryset = get_owners(request, all=True) self.fields['nic_tag'].choices = [ (i, i) for i in DefaultDc().settings.VMS_NET_NIC_TAGS ] def _normalize(self, attr, value): if attr == 'dc_bound': return self._dc_bound # noinspection PyProtectedMember return super(NetworkSerializer, self)._normalize(attr, value) def validate_dc_bound(self, attrs, source): try: value = bool(attrs[source]) except KeyError: pass else: if value != self.object.dc_bound_bool: self._dc_bound = validate_dc_bound(self.request, self.object, value, _('Network')) return attrs def validate_alias(self, attrs, source): try: value = attrs[source] except KeyError: pass else: validate_alias(self.object, value) return attrs def validate_vlan_id(self, attrs, source): try: value = attrs[source] except KeyError: pass else: net = self.object if not net.new: # TODO: Cannot use ip__in=net_ips (ProgrammingError) net_ips = set(net.ipaddress_set.all().values_list('ip', flat=True)) other_ips = set( IPAddress.objects.exclude(subnet=net).filter( subnet__vlan_id=int(value)).values_list('ip', flat=True)) if net_ips.intersection(other_ips): raise s.ValidationError( _('Network has IP addresses that already exist in another ' 'network with the same VLAN ID.')) return attrs # noinspection PyMethodMayBeStatic def validate_ptr_domain(self, attrs, source): try: value = attrs[source] except KeyError: pass else: if value: if not value.endswith('in-addr.arpa'): raise s.ValidationError(_('Invalid PTR domain name.')) if settings.DNS_ENABLED: if not Domain.objects.filter(name=value).exists(): raise s.ObjectDoesNotExist(value) return attrs def validate(self, attrs): try: network = attrs['network'] except KeyError: network = self.object.network try: netmask = attrs['netmask'] except KeyError: netmask = self.object.netmask try: ip_network = Subnet.get_ip_network(network, netmask) if ip_network.is_reserved: raise ValueError except ValueError: self._errors['network'] = self._errors['netmask'] = \ s.ErrorList([_('Enter a valid IPv4 network and netmask.')]) if self.request.method == 'POST' and self._dc_bound: limit = self._dc_bound.settings.VMS_NET_LIMIT if limit is not None: if Subnet.objects.filter( dc_bound=self._dc_bound).count() >= int(limit): raise s.ValidationError( _('Maximum number of networks reached')) if self._dc_bound: try: vlan_id = attrs['vlan_id'] except KeyError: vlan_id = self.object.vlan_id dc_settings = self._dc_bound.settings if dc_settings.VMS_NET_VLAN_RESTRICT and vlan_id not in dc_settings.VMS_NET_VLAN_ALLOWED: self._errors['vlan_id'] = s.ErrorList( [_('VLAN ID is not available in datacenter.')]) return attrs # noinspection PyMethodMayBeStatic def update_errors(self, fields, err_msg): errors = {} for i in fields: errors[i] = s.ErrorList([err_msg]) return errors
class NetworkIPSerializer(s.Serializer): """ vms.models.IPAddress """ ip = s.IPAddressField(strict=True) hostname = s.CharField(read_only=True, required=False) vm_uuid = s.CharField(read_only=True, required=False) additional_vm_uuids = s.ArrayField(read_only=True, required=False) additional_vm_hostnames = s.ArrayField(read_only=True, required=False) dc = s.CharField(source='vm.dc', read_only=True, required=False) mac = s.CharField(read_only=True, required=False) nic_id = s.IntegerField(read_only=True, required=False) usage = s.IntegerChoiceField(choices=IPAddress.USAGE, default=IPAddress.VM) note = s.SafeCharField(source='api_note', required=False, max_length=128) def __init__(self, net, *args, **kwargs): self.net = net super(NetworkIPSerializer, self).__init__(*args, **kwargs) def restore_object(self, attrs, instance=None): if instance is None: # POST instance = IPAddress(subnet=self.net, ip=attrs['ip']) if 'api_note' in attrs: note = attrs['api_note'] if note: instance.api_note = note else: instance.api_note = '' usage = attrs.get('usage', None) if usage: instance.usage = usage return instance def validate_ip(self, attrs, source): try: value = attrs[source] except KeyError: return attrs net = self.net # Was already validated by IPAddressField ipaddr = ipaddress.ip_address(text_type(value)) network = net.ip_network if ipaddr not in network: raise s.ValidationError( _('IP address "%(ip)s" does not belong to network %(net)s.') % { 'ip': value, 'net': net.name }) # Check if IP does not exist in another network with same VLAN ID if IPAddress.objects.exclude(subnet=net).filter( ip=value, subnet__vlan_id=net.vlan_id).exists(): raise s.ValidationError( _('IP address "%(ip)s" already exists in another network with the same VLAN ID.' ) % {'ip': value}) return attrs def validate_usage(self, attrs, source): try: value = attrs[source] except KeyError: pass else: if self.object and (self.object.vm or self.object.vms.exists() ) and value != IPAddress.VM: raise s.ValidationError( _('IP address is already used by some VM.')) return attrs def validate(self, attrs): if self.object and self.object.is_node_address(): raise s.ValidationError(_('IP address is used by Compute node.')) return attrs
class IsoSerializer(s.InstanceSerializer): """ vms.models.Iso """ _model_ = Iso _update_fields_ = ('alias', 'owner', 'access', 'desc', 'ostype', 'dc_bound') _default_fields_ = ('name', 'alias', 'owner') _null_fields_ = frozenset({'ostype'}) name = s.RegexField(r'^[A-Za-z0-9][A-Za-z0-9\._-]*$', max_length=32) alias = s.SafeCharField(max_length=32) owner = s.SlugRelatedField(slug_field='username', queryset=User.objects) access = s.IntegerChoiceField(choices=Iso.ACCESS, default=Iso.PRIVATE) desc = s.SafeCharField(max_length=128, required=False) ostype = s.IntegerChoiceField(choices=Iso.OSTYPE, required=False) dc_bound = s.BooleanField(source='dc_bound_bool', default=True) created = s.DateTimeField(read_only=True, required=False) def __init__(self, request, iso, *args, **kwargs): super(IsoSerializer, self).__init__(request, iso, *args, **kwargs) if not kwargs.get('many', False): self._dc_bound = iso.dc_bound self.fields['owner'].queryset = get_owners(request, all=True) def _normalize(self, attr, value): if attr == 'dc_bound': return self._dc_bound # noinspection PyProtectedMember return super(IsoSerializer, self)._normalize(attr, value) def validate_dc_bound(self, attrs, source): try: value = bool(attrs[source]) except KeyError: pass else: if value != self.object.dc_bound_bool: self._dc_bound = validate_dc_bound(self.request, self.object, value, _('ISO image')) return attrs def validate_alias(self, attrs, source): try: value = attrs[source] except KeyError: pass else: validate_alias(self.object, value) return attrs def validate(self, attrs): if self.request.method == 'POST' and self._dc_bound: limit = self._dc_bound.settings.VMS_ISO_LIMIT if limit is not None: if Iso.objects.filter( dc_bound=self._dc_bound).count() >= int(limit): raise s.ValidationError( _('Maximum number of ISO images reached')) return attrs
class NetworkSerializer(s.ConditionalDCBoundSerializer): """ vms.models.Subnet """ _model_ = Subnet _update_fields_ = ('alias', 'owner', 'access', 'desc', 'network', 'netmask', 'gateway', 'resolvers', 'dns_domain', 'ptr_domain', 'nic_tag', 'vlan_id', 'dc_bound', 'dhcp_passthrough', 'vxlan_id', 'mtu') _default_fields_ = ('name', 'alias', 'owner') _blank_fields_ = frozenset({'desc', 'dns_domain', 'ptr_domain'}) _null_fields_ = frozenset({'gateway'}) # min_length because of API URL: /network/ip/ name = s.RegexField(r'^[A-Za-z0-9][A-Za-z0-9\._-]*$', min_length=3, max_length=32) uuid = s.CharField(read_only=True) alias = s.SafeCharField(max_length=32) owner = s.SlugRelatedField(slug_field='username', queryset=User.objects, required=False) access = s.IntegerChoiceField(choices=Subnet.ACCESS, default=Subnet.PRIVATE) desc = s.SafeCharField(max_length=128, required=False) network = s.IPAddressField() netmask = s.IPAddressField() gateway = s.IPAddressField(required=False) # can be null nic_tag = s.ChoiceField() nic_tag_type = s.CharField(read_only=True) vlan_id = s.IntegerField(min_value=0, max_value=4096) vxlan_id = s.IntegerField(min_value=1, max_value=16777215, required=False) # (2**24 - 1) based on RFC 7348 mtu = s.IntegerField(min_value=576, max_value=9000, required=False) # values from man vmadm resolvers = s.IPAddressArrayField(source='resolvers_api', required=False, max_items=8) dns_domain = s.RegexField(r'^[A-Za-z0-9][A-Za-z0-9\._-]*$', max_length=250, required=False) # can be blank ptr_domain = s.RegexField(r'^[A-Za-z0-9][/A-Za-z0-9\._-]*$', max_length=250, required=False) # can be blank dhcp_passthrough = s.BooleanField(default=False) created = s.DateTimeField(read_only=True, required=False) def __init__(self, request, net, *args, **kwargs): super(NetworkSerializer, self).__init__(request, net, *args, **kwargs) if not kwargs.get('many', False): self._dc_bound = net.dc_bound self.fields['owner'].queryset = get_owners(request, all=True) self.fields['nic_tag'].choices = Node.all_nictags_choices() def _normalize(self, attr, value): if attr == 'dc_bound': return self._dc_bound # noinspection PyProtectedMember return super(NetworkSerializer, self)._normalize(attr, value) def validate_alias(self, attrs, source): try: value = attrs[source] except KeyError: pass else: validate_alias(self.object, value) return attrs def validate_vlan_id(self, attrs, source): try: value = attrs[source] except KeyError: pass else: net = self.object if not net.new: # TODO: Cannot use ip__in=net_ips (ProgrammingError) net_ips = set(net.ipaddress_set.all().values_list('ip', flat=True)) other_ips = set( IPAddress.objects.exclude(subnet=net).filter( subnet__vlan_id=int(value)).values_list('ip', flat=True)) if net_ips.intersection(other_ips): raise s.ValidationError( _('Network has IP addresses that already exist in another ' 'network with the same VLAN ID.')) return attrs # noinspection PyMethodMayBeStatic def validate_ptr_domain(self, attrs, source): try: value = attrs[source] except KeyError: pass else: if value: if not value.endswith('in-addr.arpa'): raise s.ValidationError(_('Invalid PTR domain name.')) if settings.DNS_ENABLED: if not Domain.objects.filter(name=value).exists(): raise s.ObjectDoesNotExist(value) return attrs def validate(self, attrs): # noqa: R701 try: network = attrs['network'] except KeyError: network = self.object.network try: netmask = attrs['netmask'] except KeyError: netmask = self.object.netmask try: vxlan_id = attrs['vxlan_id'] except KeyError: vxlan_id = self.object.vxlan_id try: mtu = attrs['mtu'] except KeyError: mtu = self.object.mtu try: nic_tag = attrs['nic_tag'] except KeyError: nic_tag = self.object.nic_tag try: ip_network = Subnet.get_ip_network(network, netmask) if ip_network.is_reserved: raise ValueError except ValueError: self._errors['network'] = self._errors['netmask'] = \ s.ErrorList([_('Enter a valid IPv4 network and netmask.')]) if self.request.method == 'POST' and self._dc_bound: limit = self._dc_bound.settings.VMS_NET_LIMIT if limit is not None: if Subnet.objects.filter( dc_bound=self._dc_bound).count() >= int(limit): raise s.ValidationError( _('Maximum number of networks reached.')) nic_tag_type = Node.all_nictags()[nic_tag] # retrieve all available nictags and see what is the type of the current nic tag # if type is overlay then vxlan is mandatory argument if nic_tag_type == 'overlay rule': if not vxlan_id: self._errors['vxlan_id'] = s.ErrorList([ _('VXLAN ID is required when an ' 'overlay NIC tag is selected.') ]) else: attrs['vxlan_id'] = None # validate MTU for overlays and etherstubs, and physical nics if nic_tag_type == 'overlay rule': # if MTU was not set for the overlay if not mtu: attrs['mtu'] = 1400 if mtu > 8900: self._errors['mtu'] = s.ErrorList([ s.IntegerField.default_error_messages['max_value'] % { 'limit_value': 8900 } ]) if nic_tag_type in ('normal', 'aggr') and mtu and mtu < 1500: self._errors['mtu'] = s.ErrorList([ s.IntegerField.default_error_messages['min_value'] % { 'limit_value': 1500 } ]) if self._dc_bound: try: vlan_id = attrs['vlan_id'] except KeyError: vlan_id = self.object.vlan_id dc_settings = self._dc_bound.settings if dc_settings.VMS_NET_VLAN_RESTRICT and vlan_id not in dc_settings.VMS_NET_VLAN_ALLOWED: self._errors['vlan_id'] = s.ErrorList( [_('VLAN ID is not available in datacenter.')]) if dc_settings.VMS_NET_VXLAN_RESTRICT and vxlan_id not in dc_settings.VMS_NET_VXLAN_ALLOWED: self._errors['vxlan_id'] = s.ErrorList( [_('VXLAN ID is not available in datacenter.')]) return super(NetworkSerializer, self).validate(attrs) # noinspection PyMethodMayBeStatic def update_errors(self, fields, err_msg): errors = {} for i in fields: errors[i] = s.ErrorList([err_msg]) return errors