def get_enabled_user(self, username, password):
"""
Busca o usuário de acordo com o login e a senha.
Retorna apenas usuário ativo.
"""
bypass = 0
try:
try:
use_ldap = convert_string_or_int_to_boolean(
get_value('use_ldap'))
if use_ldap:
ldap_param = get_value('ldap_config')
ldap_server = get_value('ldap_server')
return_user = self.get_by_ldap_user(username, True)
else:
bypass = 1
except exceptions.VariableDoesNotExistException, e:
self.log.error(
'Error getting LDAP config variables (use_ldap). Trying local authentication')
bypass = 1
except UsuarioNotFoundError, e:
self.log.debug(
"Using local authentication for user \'%s\'" % username)
bypass = 1
def get_enabled_user(self, username, password):
"""
Busca o usuário de acordo com o login e a senha.
Retorna apenas usuário ativo.
"""
bypass = 0
try:
try:
use_ldap = convert_string_or_int_to_boolean(
get_value('use_ldap'))
if use_ldap:
ldap_param = get_value('ldap_config')
ldap_server = get_value('ldap_server')
return_user = self.get_by_ldap_user(username, True)
else:
bypass = 1
except exceptions.VariableDoesNotExistException, e:
self.log.error(
'Error getting LDAP config variables (use_ldap). Trying local authentication'
)
bypass = 1
except UsuarioNotFoundError, e:
self.log.debug("Using local authentication for user \'%s\'" %
username)
bypass = 1
def update(self, data):
try:
id_channel = data.get('id_channel')
nome = data.get('nome')
if not is_valid_int_greater_zero_param(nome):
raise InvalidValueError(None, 'Channel number',
'must be integer.')
lacp = data.get('lacp')
int_type = data.get('int_type')
vlan_nativa = data.get('vlan')
envs_vlans = data.get('envs')
ids_interface = data.get('ids_interface')
if ids_interface is None:
raise InterfaceError('No interfaces selected')
if type(ids_interface) == list:
interfaces_list = ids_interface
else:
interfaces_list = str(ids_interface).split('-')
api_interface_facade.verificar_vlan_nativa(vlan_nativa)
# verifica se o nome do port channel já existe no equipamento
self.channel = PortChannel.get_by_pk(int(id_channel))
if not nome == self.channel.nome:
api_interface_facade.verificar_nome_channel(
nome, interfaces_list)
# buscar interfaces do channel
interfaces = Interface.objects.all().filter(channel__id=id_channel)
ids_list = []
for i in interfaces:
ids_list.append(i.id)
self._dissociate_interfaces_from_channel(ids_list, ids_interface)
# update channel
self.channel.nome = str(nome)
self.channel.lacp = convert_string_or_int_to_boolean(lacp)
self.channel.save()
int_type = TipoInterface.get_by_name(str(int_type))
self._update_interfaces_from_http_put(ids_interface, int_type,
vlan_nativa, envs_vlans)
except Exception as err:
return {"error": str(err)}
return {"port_channel": self.channel}
def create(self, data):
""" Creates a new Port Channel """
log.info("Create Channel")
log.debug(data)
interfaces = data.get('interfaces')
nome = data.get('name')
lacp = data.get('lacp')
int_type = data.get('int_type')
vlan_nativa = data.get('vlan')
envs_vlans = data.get('envs_vlans')
api_interface_facade.verificar_vlan_nativa(vlan_nativa)
# Checks if Port Channel name already exists on equipment
api_interface_facade.check_channel_name_on_equipment(nome, interfaces)
self.channel = PortChannel()
self.channel.nome = str(nome)
self.channel.lacp = convert_string_or_int_to_boolean(lacp, True)
self.channel.create()
ifaces_on_channel = []
for interface in interfaces:
iface = Interface.objects.get(id=interface)
type_obj = TipoInterface.objects.get(tipo=int_type)
if iface.channel:
raise InterfaceError(
'Interface %s is already a Channel' % iface.interface
)
if iface.equipamento.id not in ifaces_on_channel:
ifaces_on_channel.append(int(iface.equipamento.id))
if len(ifaces_on_channel) > 2:
raise InterfaceError('More than one equipment selected')
iface.channel = self.channel
iface.int_type = type_obj
iface.vlan_nativa = vlan_nativa
iface.save()
log.debug("interface updated %s" % iface.id)
self._dissociate_ifaces_envs(iface)
if 'trunk' in int_type.lower():
self._create_ifaces_on_trunks(iface, envs_vlans)
return {'channels': self.channel.id}
def create(self, data):
""" Creates a new Port Channel """
try:
interfaces = data.get('interfaces')
nome = data.get('nome')
lacp = data.get('lacp')
int_type = data.get('int_type')
vlan_nativa = data.get('vlan')
envs_vlans = data.get('envs')
api_interface_facade.verificar_vlan_nativa(vlan_nativa)
# Checks if Port Channel name already exists on equipment
interfaces = str(interfaces).split('-')
api_interface_facade.check_channel_name_on_equipment(
nome, interfaces)
self.channel = PortChannel()
self.channel.nome = str(nome)
self.channel.lacp = convert_string_or_int_to_boolean(lacp)
self.channel.create(user)
int_type = TipoInterface.get_by_name(str(int_type))
ifaces_on_channel = []
for interface in interfaces:
if interface:
iface = Interface.get_by_pk(int(interface))
self._update_interfaces_from_a_channel(
iface, vlan_nativa, ifaces_on_channel, int_type)
if 'trunk' in int_type.tipo:
self._create_ifaces_on_trunks(sw_router, envs_vlans)
except Exception as err:
return {"error": str(err)}
return {'port_channel': self.channel}
def handle_post(self, request, user, *args, **kwargs):
"""Trata as requisições de POST para criar uma nova interface para o equipamento
URL: /interface/
"""
# Obtém dados do request e verifica acesso
try:
# Obtém os dados do xml do request
xml_map, attrs_map = loads(request.raw_post_data)
# Obtém o mapa correspondente ao root node do mapa do XML
# (networkapi)
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
return self.response_error(
3,
u'Não existe valor para a tag networkapi do XML de requisição.'
)
# Verifica a existência do node "interface"
interface_map = networkapi_map.get('interface')
if interface_map is None:
return self.response_error(
3,
u'Não existe valor para a tag interface do XML de requisição.'
)
# Valid id_equipamento value
id_equipamento = interface_map.get('id_equipamento')
if not is_valid_int_greater_zero_param(id_equipamento):
self.log.error(
u'Parameter id_equipamento is invalid. Value: %s',
id_equipamento)
raise InvalidValueError(None, 'id_equipamento', id_equipamento)
else:
id_equipamento = int(id_equipamento)
# Check existence
Equipamento.get_by_pk(id_equipamento)
# Verify permission
if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT,
AdminPermission.WRITE_OPERATION, None,
id_equipamento,
AdminPermission.EQUIP_WRITE_OPERATION):
return self.not_authorized()
# Valid name value
nome = interface_map.get('nome')
if not is_valid_string_minsize(
nome, 1) or not is_valid_string_maxsize(nome, 20):
self.log.error(u'Parameter nome is invalid. Value: %s', nome)
raise InvalidValueError(None, 'nome', nome)
# Valid protegida value
protegida = interface_map.get('protegida')
if not is_valid_boolean_param(protegida):
self.log.error(u'Parameter protegida is invalid. Value: %s',
protegida)
raise InvalidValueError(None, 'protegida', protegida)
else:
protegida = convert_string_or_int_to_boolean(protegida)
# Valid descricao value
descricao = interface_map.get('descricao')
if descricao is not None:
if not is_valid_string_minsize(
descricao, 3) or not is_valid_string_maxsize(
descricao, 200):
self.log.error(
u'Parameter descricao is invalid. Value: %s',
descricao)
raise InvalidValueError(None, 'descricao', descricao)
# Valid "id_ligacao_front" value
id_ligacao_front = interface_map.get('id_ligacao_front')
if id_ligacao_front is not None:
if not is_valid_int_greater_zero_param(id_ligacao_front):
self.log.error(
u'The id_ligacao_front parameter is not a valid value: %s.',
id_ligacao_front)
raise InvalidValueError(None, 'id_ligacao_front',
id_ligacao_front)
else:
id_ligacao_front = int(id_ligacao_front)
ligacao_front = Interface(id=id_ligacao_front)
else:
ligacao_front = None
# Valid "id_ligacao_back" value
id_ligacao_back = interface_map.get('id_ligacao_back')
if id_ligacao_back is not None:
if not is_valid_int_greater_zero_param(id_ligacao_back):
self.log.error(
u'The id_ligacao_back parameter is not a valid value: %s.',
id_ligacao_back)
raise InvalidValueError(None, 'id_ligacao_back',
id_ligacao_back)
else:
id_ligacao_back = int(id_ligacao_back)
ligacao_back = Interface(id=id_ligacao_back)
else:
ligacao_back = None
tipo_interface = interface_map.get('tipo')
if tipo_interface is None:
tipo_interface = 'Access'
tipo_interface = TipoInterface.get_by_name(tipo_interface)
vlan = interface_map.get('vlan')
# Cria a interface conforme dados recebidos no XML
interface = Interface(interface=nome,
protegida=protegida,
descricao=descricao,
ligacao_front=ligacao_front,
ligacao_back=ligacao_back,
equipamento=Equipamento(id=id_equipamento),
tipo=tipo_interface,
vlan_nativa=vlan)
interface.create(user)
networkapi_map = dict()
interface_map = dict()
interface_map['id'] = interface.id
networkapi_map['interface'] = interface_map
return self.response(dumps_networkapi(networkapi_map))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def handle_put(self, request, user, *args, **kwargs):
"""Treat requests POST to add Rack.
URL: channel/editar/
"""
try:
self.log.info("Editar Channel")
# User permission
if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
# Load XML data
xml_map, attrs_map = loads(request.raw_post_data)
# XML data format
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
return self.response_error(3, u'There is no value to the networkapi tag of XML request.')
channel_map = networkapi_map.get('channel')
if channel_map is None:
return self.response_error(3, u'There is no value to the channel tag of XML request.')
# Get XML data
id_channel = channel_map.get('id_channel')
nome = channel_map.get('nome')
lacp = channel_map.get('lacp')
int_type = channel_map.get('int_type')
vlan = channel_map.get('vlan')
envs = channel_map.get('envs')
ids_interface = channel_map.get('ids_interface')
if ids_interface is None:
raise InterfaceError("Nenhuma interface selecionada")
if vlan is not None:
if int(vlan) < 1 or int(vlan) > 4096:
raise InvalidValueError(None, "Vlan" , vlan)
if int(vlan) < 1 or 3967 < int(vlan) < 4048 or int(vlan)==4096:
raise InvalidValueError(None, "Vlan Nativa" ,"Range reservado: 3968-4047;4094.")
port_channel = PortChannel()
interface = Interface()
amb = Ambiente()
cont = []
#buscar interfaces do channel
interfaces = Interface.objects.all().filter(channel__id=id_channel)
ids_list = []
for i in interfaces:
ids_list.append(i.id)
ids_list = [ int(y) for y in ids_list ]
if type(ids_interface) is list:
ids_interface = [ int(x) for x in ids_interface ]
desassociar = set(ids_list) - set(ids_interface)
for item in desassociar:
item = interface.get_by_pk(int(item))
item.channel = None
item.save(user)
else:
if ids_interface is not None:
ids_interface = int(ids_interface)
if ids_interface is not None:
for item in ids_list:
item = interface.get_by_pk(int(item))
item.channel = None
item.save(user)
else:
for item in ids_list:
if not item== ids_interface:
item = interface.get_by_pk(int(item))
item.channel = None
item.save(user)
#update channel
port_channel = port_channel.get_by_pk(id_channel)
port_channel.nome = str(nome)
port_channel.lacp = convert_string_or_int_to_boolean(lacp)
port_channel.save(user)
int_type = TipoInterface.get_by_name(str(int_type))
#update interfaces
if type(ids_interface) is list:
for var in ids_interface:
alterar_interface(var, interface, port_channel, int_type, vlan, user, envs, amb)
else:
var = ids_interface
alterar_interface(var, interface, port_channel, int_type, vlan, user, envs, amb)
port_channel_map = dict()
port_channel_map['port_channel'] = port_channel
return self.response(dumps_networkapi({'port_channel': port_channel_map}))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def handle_post(self, request, user, *args, **kwargs):
"""Trata as requisições de POST para criar uma nova interface para o equipamento
URL: /interface/
"""
# Obtém dados do request e verifica acesso
try:
# Obtém os dados do xml do request
xml_map, attrs_map = loads(request.raw_post_data)
# Obtém o mapa correspondente ao root node do mapa do XML
# (networkapi)
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
return self.response_error(3, u'Não existe valor para a tag networkapi do XML de requisição.')
# Verifica a existência do node "interface"
interface_map = networkapi_map.get('interface')
if interface_map is None:
return self.response_error(3, u'Não existe valor para a tag interface do XML de requisição.')
# Valid id_equipamento value
id_equipamento = interface_map.get('id_equipamento')
if not is_valid_int_greater_zero_param(id_equipamento):
self.log.error(
u'Parameter id_equipamento is invalid. Value: %s', id_equipamento)
raise InvalidValueError(None, 'id_equipamento', id_equipamento)
else:
id_equipamento = int(id_equipamento)
# Check existence
Equipamento.get_by_pk(id_equipamento)
# Verify permission
if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None,
id_equipamento, AdminPermission.EQUIP_WRITE_OPERATION):
return self.not_authorized()
# Valid name value
nome = interface_map.get('nome')
if not is_valid_string_minsize(nome, 1) or not is_valid_string_maxsize(nome, 20):
self.log.error(u'Parameter nome is invalid. Value: %s', nome)
raise InvalidValueError(None, 'nome', nome)
# Valid protegida value
protegida = interface_map.get('protegida')
if not is_valid_boolean_param(protegida):
self.log.error(
u'Parameter protegida is invalid. Value: %s', protegida)
raise InvalidValueError(None, 'protegida', protegida)
else:
protegida = convert_string_or_int_to_boolean(protegida)
# Valid descricao value
descricao = interface_map.get('descricao')
if descricao is not None:
if not is_valid_string_minsize(descricao, 3) or not is_valid_string_maxsize(descricao, 200):
self.log.error(
u'Parameter descricao is invalid. Value: %s', descricao)
raise InvalidValueError(None, 'descricao', descricao)
# Valid "id_ligacao_front" value
id_ligacao_front = interface_map.get('id_ligacao_front')
if id_ligacao_front is not None:
if not is_valid_int_greater_zero_param(id_ligacao_front):
self.log.error(
u'The id_ligacao_front parameter is not a valid value: %s.', id_ligacao_front)
raise InvalidValueError(
None, 'id_ligacao_front', id_ligacao_front)
else:
id_ligacao_front = int(id_ligacao_front)
ligacao_front = Interface(id=id_ligacao_front)
else:
ligacao_front = None
# Valid "id_ligacao_back" value
id_ligacao_back = interface_map.get('id_ligacao_back')
if id_ligacao_back is not None:
if not is_valid_int_greater_zero_param(id_ligacao_back):
self.log.error(
u'The id_ligacao_back parameter is not a valid value: %s.', id_ligacao_back)
raise InvalidValueError(
None, 'id_ligacao_back', id_ligacao_back)
else:
id_ligacao_back = int(id_ligacao_back)
ligacao_back = Interface(id=id_ligacao_back)
else:
ligacao_back = None
tipo_interface = interface_map.get('tipo')
if tipo_interface == None:
tipo_interface = "Access"
tipo_interface = TipoInterface.get_by_name(tipo_interface)
vlan = interface_map.get('vlan')
# Cria a interface conforme dados recebidos no XML
interface = Interface(
interface=nome,
protegida=protegida,
descricao=descricao,
ligacao_front=ligacao_front,
ligacao_back=ligacao_back,
equipamento=Equipamento(id=id_equipamento),
tipo=tipo_interface,
vlan_nativa=vlan
)
interface.create(user)
networkapi_map = dict()
interface_map = dict()
interface_map['id'] = interface.id
networkapi_map['interface'] = interface_map
return self.response(dumps_networkapi(networkapi_map))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def handle_post(self, request, user, *args, **kwargs):
"""Treat requests POST to authenticate to user.
URL: authenticate/
"""
try:
self.log.info("Authenticate user")
# User permission
if not has_perm(user, AdminPermission.AUTHENTICATE, AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
# Load XML data
xml_map, attrs_map = loads(request.raw_post_data)
# XML data format
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
return self.response_error(3, u'There is no value to the networkapi tag of XML request.')
user_map = networkapi_map.get('user')
if user_map is None:
return self.response_error(3, u'There is no value to the user tag of XML request.')
# Get XML data
username = user_map.get('username')
password = user_map.get('password')
is_ldap_user = user_map.get('is_ldap_user')
# Username can NOT be less 3 and greater than 45
if not is_valid_string_minsize(username, 3) or not is_valid_string_maxsize(username, 45):
self.log.error(
u'Parameter username is invalid. Value: %s.', username)
raise InvalidValueError(None, 'username', username)
if not is_valid_boolean_param(is_ldap_user):
self.log.error(
u'Parameter is_ldap_user is invalid. Value: %s.', is_ldap_user)
raise InvalidValueError(None, 'is_ldap_user', is_ldap_user)
else:
is_ldap_user = convert_string_or_int_to_boolean(is_ldap_user)
if is_ldap_user:
user = Usuario().get_by_ldap_user(username, True)
password = user.pwd
else:
# Password can NOT be less 3 and greater than 45
if not is_valid_string_minsize(password, 3) or not is_valid_string_maxsize(password, 45):
self.log.error(
u'Parameter password is invalid. Value: %s.', '****')
raise InvalidValueError(None, 'password', '****')
# Find user by username, password to check if it exist
user = Usuario().get_enabled_user(username.upper(), password)
# Valid user
if user is None:
return self.response(dumps_networkapi({}))
perms = {}
for ugroup in user.grupos.all():
for perm in ugroup.permissaoadministrativa_set.all():
function = perm.permission.function
if perms.has_key(function):
write = False
read = False
if perms.get(function).get('write') == True or perm.escrita == True:
write = True
if perms.get(function).get('read') == True or perm.leitura == True:
read = True
perms[function] = {'write': write, 'read': read}
else:
perms[function] = {
'write': perm.escrita, 'read': perm.leitura}
user_map = {}
user_dict = model_to_dict(
user, fields=['id', 'user', 'nome', 'email', 'ativo', 'user_ldap'])
user_dict['pwd'] = password
user_dict['permission'] = perms
user_map['user'] = user_dict
return self.response(dumps_networkapi(user_map))
except UsuarioNotFoundError:
return self.response(dumps_networkapi({}))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def handle_put(self, request, user, *args, **kwargs):
"""Treat requests POST to add Rack.
URL: channel/editar/
"""
try:
self.log.info('Editar Channel')
# User permission
if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
# Load XML data
xml_map, attrs_map = loads(request.raw_post_data)
# XML data format
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
return self.response_error(3, u'There is no value to the networkapi tag of XML request.')
channel_map = networkapi_map.get('channel')
if channel_map is None:
return self.response_error(3, u'There is no value to the channel tag of XML request.')
# Get XML data
id_channel = channel_map.get('id_channel')
nome = channel_map.get('nome')
if not is_valid_int_greater_zero_param(nome):
raise InvalidValueError(
None, 'Numero do Channel', 'Deve ser um numero inteiro.')
lacp = channel_map.get('lacp')
int_type = channel_map.get('int_type')
vlan_nativa = channel_map.get('vlan')
envs_vlans = channel_map.get('envs')
ids_interface = channel_map.get('ids_interface')
if ids_interface is None:
raise InterfaceError('Nenhuma interface selecionada')
if type(ids_interface) == list:
interfaces_list = ids_interface
else:
interfaces_list = str(ids_interface).split('-')
port_channel = PortChannel()
interface = Interface()
amb = Ambiente()
api_interface_facade.verificar_vlan_nativa(vlan_nativa)
# verifica se o nome do port channel já existe no equipamento
channel = port_channel.get_by_pk(int(id_channel))
if not nome == channel.nome:
api_interface_facade.verificar_nome_channel(
nome, interfaces_list)
# buscar interfaces do channel
interfaces = Interface.objects.all().filter(channel__id=id_channel)
ids_list = []
for i in interfaces:
ids_list.append(i.id)
ids_list = [int(y) for y in ids_list]
if type(ids_interface) is list:
ids_interface = [int(x) for x in ids_interface]
desassociar = set(ids_list) - set(ids_interface)
for item in desassociar:
item = interface.get_by_pk(int(item))
item.channel = None
item.save()
else:
if ids_interface is not None:
ids_interface = int(ids_interface)
if ids_interface is not None:
for item in ids_list:
item = interface.get_by_pk(int(item))
item.channel = None
item.save()
else:
for item in ids_list:
if not item == ids_interface:
item = interface.get_by_pk(int(item))
item.channel = None
item.save()
# update channel
channel.nome = str(nome)
channel.lacp = convert_string_or_int_to_boolean(lacp)
channel.save()
int_type = TipoInterface.get_by_name(str(int_type))
# update interfaces
if type(ids_interface) is not list:
i = ids_interface
ids_interface = []
ids_interface.append(i)
for var in ids_interface:
alterar_interface(var, interface, channel,
int_type, vlan_nativa, user, envs_vlans, amb)
interface = Interface()
server_obj = Interface()
interface_sw = interface.get_by_pk(int(var))
interface_server = server_obj.get_by_pk(
interface_sw.ligacao_front.id)
try:
front = interface_server.ligacao_front.id
except:
front = None
pass
try:
back = interface_server.ligacao_back.id
except:
back = None
pass
server_obj.update(user,
interface_server.id,
interface=interface_server.interface,
protegida=interface_server.protegida,
descricao=interface_server.descricao,
ligacao_front_id=front,
ligacao_back_id=back,
tipo=int_type,
vlan_nativa=int(vlan_nativa))
port_channel_map = dict()
port_channel_map['port_channel'] = port_channel
return self.response(dumps_networkapi({'port_channel': port_channel_map}))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def insert_equipment(equipment_map, user):
"""
Insere um equipamento e o relacionamento entre equipamento e o grupo.
@param equipment_map: Map com as chaves: id_grupo, id_tipo_equipamento, id_modelo e nome
@param user: Usuário autenticado na API.
@return Em caso de erro retorna a tupla: (código da mensagem de erro, argumento01, argumento02, ...)
Em caso de sucesso retorna a tupla: (0, <identificador do equipamento_grupo>, <equipamento>)
@raise InvalidGroupToEquipmentTypeError: Equipamento do grupo “Equipamentos Orquestração” somente poderá ser criado com tipo igual a “Servidor Virtual”.
@raise EGrupoNotFoundError: Grupo não cadastrado.
@raise GrupoError: Falha ao pesquisar o Grupo.
@raise TipoEquipamentoNotFoundError: Tipo de equipamento nao cadastrado.
@raise ModeloNotFoundError: Modelo nao cadastrado.
@raise EquipamentoNameDuplicatedError: Nome do equipamento duplicado.
@raise EquipamentoError: Falha ou inserir o equipamento.
@raise UserNotAuthorizedError: Usuário sem autorização para executar a operação.
"""
log = logging.getLogger('insert_equipment')
log.debug('EQUIPAMENTO_MAP: %s', equipment_map)
equipment = Equipamento()
equipment.tipo_equipamento = TipoEquipamento()
equipment.modelo = Modelo()
group_id = equipment_map.get('id_grupo')
if not is_valid_int_greater_zero_param(group_id):
log.error(u'The group_id parameter is not a valid value: %s.',
group_id)
raise InvalidValueError(None, 'group_id', group_id)
else:
group_id = int(group_id)
if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT,
AdminPermission.WRITE_OPERATION, group_id, None,
AdminPermission.EQUIP_WRITE_OPERATION):
raise UserNotAuthorizedError(
None, u'Usuário não tem permissão para executar a operação.')
equipment_type_id = equipment_map.get('id_tipo_equipamento')
if not is_valid_int_greater_zero_param(equipment_type_id):
log.error(u'The equipment_type_id parameter is not a valid value: %s.',
equipment_type_id)
raise InvalidValueError(None, 'equipment_type_id', equipment_type_id)
else:
equipment.tipo_equipamento.id = int(equipment_type_id)
model_id = equipment_map.get('id_modelo')
if not is_valid_int_greater_zero_param(model_id):
log.error(u'The model_id parameter is not a valid value: %s.',
model_id)
raise InvalidValueError(None, 'model_id', model_id)
else:
equipment.modelo.id = int(model_id)
name = equipment_map.get('nome')
if not is_valid_string_minsize(name, 3) or not is_valid_string_maxsize(
name, 50):
log.error(u'The name parameter is not a valid value: %s.', name)
raise InvalidValueError(None, 'name', name)
else:
equipment.nome = name
# maintenance is a new feature. Check existing value if not defined in request
# Old calls does not send this field
maintenance = equipment_map.get('maintenance')
if maintenance is None:
maintenance = False
if not is_valid_boolean_param(maintenance):
log.error(u'The maintenance parameter is not a valid value: %s.',
maintenance)
raise InvalidValueError(None, 'maintenance', maintenance)
else:
equipment.maintenance = convert_string_or_int_to_boolean(maintenance)
equipment_group_id = equipment.create(user, group_id)
return 0, equipment_group_id, equipment
def handle_put(self, request, user, *args, **kwargs):
"""Treat requests PUT to edit Administrative Permission.
URL: perms/<id_perm>/
"""
try:
self.log.info("Edit Administrative Permission")
# User permission
if not has_perm(user, AdminPermission.USER_ADMINISTRATION, AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
id_perm = kwargs.get('id_perm')
# Load XML data
xml_map, attrs_map = loads(request.raw_post_data)
# XML data format
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
return self.response_error(3, u'There is no value to the networkapi tag of XML request.')
perm_map = networkapi_map.get('administrative_permission')
if perm_map is None:
return self.response_error(3, u'There is no value to the administrative_permission tag of XML request.')
# Get XML data
id_permission = perm_map.get('id_permission')
id_group = perm_map.get('id_group')
read = perm_map.get('read')
write = perm_map.get('write')
# Valid ID Administrative Permission
if not is_valid_int_greater_zero_param(id_perm):
self.log.error(
u'The id_perm parameter is not a valid value: %s.', id_perm)
raise InvalidValueError(None, 'id_perm', id_perm)
# Valid ID Permission
if not is_valid_int_greater_zero_param(id_permission):
self.log.error(
u'The id_permission parameter is not a valid value: %s.', id_permission)
raise InvalidValueError(None, 'id_permission', id_permission)
# Valid ID Group
if not is_valid_int_greater_zero_param(id_group):
self.log.error(
u'The id_group parameter is not a valid value: %s.', id_group)
raise InvalidValueError(None, 'id_group', id_group)
# Valid Read
if not is_valid_boolean_param(read):
self.log.error(
u'The read parameter is not a valid value: %s.', read)
raise InvalidValueError(None, 'read', read)
# Valid Read
if not is_valid_boolean_param(write):
self.log.error(
u'The write parameter is not a valid value: %s.', write)
raise InvalidValueError(None, 'write', write)
# Find Permission by ID to check if it exist
adm_perm = PermissaoAdministrativa.get_by_pk(id_perm)
with distributedlock(LOCK_PERM % id_perm):
# Find Permission by ID to check if it exist
permission = Permission.get_by_pk(id_permission)
# Find UGroup by ID to check if it exist
ugroup = UGrupo.get_by_pk(id_group)
try:
perm = PermissaoAdministrativa.get_permission_by_permission_ugroup(
id_permission, id_group)
if perm.id != int(id_perm):
raise PermissaoAdministrativaDuplicatedError(
None, permission.function)
except PermissaoAdministrativaNotFoundError:
pass
# set variables
adm_perm.permission = permission
adm_perm.ugrupo = ugroup
adm_perm.leitura = convert_string_or_int_to_boolean(read)
adm_perm.escrita = convert_string_or_int_to_boolean(write)
try:
# update Administrative Permission
adm_perm.save()
except Exception, e:
self.log.error(
u'Failed to update the administrative permission.')
raise PermissionError(
e, u'Failed to update the administrative permission.')
return self.response(dumps_networkapi({}))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def get_enabled_user(self, username, password):
"""
Busca o usuário de acordo com o login e a senha.
Retorna apenas usuário ativo.
"""
bypass = 0
try:
try:
use_cache_user = convert_string_or_int_to_boolean(
get_value('use_cache_user'))
if use_cache_user:
salt = get_cache('salt_key')
if salt:
self.log.debug(
'The encrypt key was taken successfully!')
hash_text = str(username + password)
encrypted_hash_text = encrypt_key(hash_text, salt)
cached_hash_text = get_cache(
b64encode(encrypted_hash_text))
if cached_hash_text:
self.log.debug(
'This authentication is using cached user')
pswd = Usuario.encode_password(password)
return Usuario.objects.prefetch_related(
'grupos').get(user=username, pwd=pswd, ativo=1)
else:
set_cache(b64encode(encrypted_hash_text), True,
int(get_value('time_cache_user')))
self.log.debug('The user was cached successfully!')
else:
salt_key = generate_key()
set_cache('salt_key', salt_key,
int(get_value('time_cache_salt_key')))
self.log.debug(
'The encrypt token was generated and cached successfully!'
)
except Exception as ERROR:
self.log.error(ERROR)
try:
use_ldap = convert_string_or_int_to_boolean(
get_value('use_ldap'))
if use_ldap:
ldap_param = get_value('ldap_config')
ldap_server = get_value('ldap_server')
return_user = self.get_by_ldap_user(username, True)
else:
bypass = 1
except exceptions.VariableDoesNotExistException, e:
self.log.error(
'Error getting LDAP config variables (use_ldap). Trying local authentication'
)
bypass = 1
except UsuarioNotFoundError, e:
self.log.debug("Using local authentication for user \'%s\'" %
username)
bypass = 1
def handle_put(self, request, user, *args, **kwargs):
"""Treat requests PUT to edit User.
URL: user/<id_user>/
"""
try:
self.log.info('Edit User')
# User permission
if not has_perm(user, AdminPermission.USER_ADMINISTRATION,
AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
id_user = kwargs.get('id_user')
# Load XML data
xml_map, attrs_map = loads(request.raw_post_data)
# XML data format
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
return self.response_error(
3,
u'There is no value to the networkapi tag of XML request.'
)
user_map = networkapi_map.get('user')
if user_map is None:
return self.response_error(
3, u'There is no value to the user tag of XML request.')
# Get XML data
username = user_map.get('user')
password = user_map.get('password')
name = user_map.get('name')
email = user_map.get('email')
active = user_map.get('active')
user_ldap = user_map.get('user_ldap')
# Valid ID User
if not is_valid_int_greater_zero_param(id_user):
self.log.error(
u'The id_user parameter is not a valid value: %s.',
id_user)
raise InvalidValueError(None, 'id_user', id_user)
# Valid username
if not is_valid_string_minsize(
username, 3) or not is_valid_string_maxsize(username, 45):
self.log.error(u'Parameter user is invalid. Value: %s',
username)
raise InvalidValueError(None, 'user', username)
# Valid pwd
if not is_valid_string_minsize(
password, 3) or not is_valid_string_maxsize(password, 45):
self.log.error(u'Parameter password is invalid. Value: ****')
raise InvalidValueError(None, 'password', '****')
# Valid name
if not is_valid_string_minsize(
name, 3) or not is_valid_string_maxsize(name, 200):
self.log.error(u'Parameter name is invalid. Value: %s', name)
raise InvalidValueError(None, 'name', name)
# Valid email
if not is_valid_string_minsize(
email, 3) or not is_valid_string_maxsize(
email, 200) or not is_valid_email(email):
self.log.error(u'Parameter email is invalid. Value: %s', email)
raise InvalidValueError(None, 'email', email)
# Valid active
if not is_valid_boolean_param(active):
self.log.error(
u'The active parameter is not a valid value: %s.', active)
raise InvalidValueError(None, 'active', active)
# Valid LDAP username
if not is_valid_string_minsize(
user_ldap, 3, False) or not is_valid_string_maxsize(
user_ldap, 45, False):
self.log.error(u'Parameter user_ldap is invalid. Value: %s',
user_ldap)
raise InvalidValueError(None, 'user_ldap', user_ldap)
# Find User by ID to check if it exist
usr = Usuario.get_by_pk(id_user)
with distributedlock(LOCK_USER % id_user):
try:
if usr.user.lower() != username.lower():
Usuario.get_by_user(username)
raise UsuarioNameDuplicatedError(
None,
u'Já existe um usuário com o valor user %s.' %
username)
except UsuarioNotFoundError:
pass
# set variables
usr.user = username
usr.pwd = password
usr.nome = name
usr.email = email
usr.ativo = convert_string_or_int_to_boolean(active)
usr.user_ldap = user_ldap
try:
# update User
usr.save()
except Exception, e:
self.log.error(u'Failed to update the user.')
raise UsuarioError(e, u'Failed to update the user.')
return self.response(dumps_networkapi({}))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def handle_post(self, request, user, *args, **kwargs):
"""Treat requests POST to add Rack.
URL: channel/inserir/
"""
try:
self.log.info("Inserir novo Channel")
# User permission
if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
# Load XML data
xml_map, attrs_map = loads(request.raw_post_data)
# XML data format
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
return self.response_error(3, u'There is no value to the networkapi tag of XML request.')
channel_map = networkapi_map.get('channel')
if channel_map is None:
return self.response_error(3, u'There is no value to the channel tag of XML request.')
# Get XML data
interfaces = channel_map.get('interfaces')
nome = channel_map.get('nome')
lacp = channel_map.get('lacp')
int_type = channel_map.get('int_type')
vlan = channel_map.get('vlan')
envs = channel_map.get('envs')
port_channel = PortChannel()
interface = Interface()
amb = Ambiente()
cont = []
port_channel.nome = str(nome)
port_channel.lacp = convert_string_or_int_to_boolean(lacp)
port_channel.create(user)
interfaces = str(interfaces).split('-')
int_type = TipoInterface.get_by_name(str(int_type))
for var in interfaces:
if not var=="" and not var==None:
interf = interface.get_by_pk(int(var))
try:
sw_router = interf.get_switch_and_router_interface_from_host_interface(interf.protegida)
except:
raise InterfaceError("Interface não conectada")
if sw_router.channel is not None:
raise InterfaceError("Interface %s já está em um Channel" % sw_router.interface)
for i in interface.search(sw_router.equipamento.id):
if i.channel is not None:
raise InterfaceError("Equipamento %s já possui um Channel" % sw_router.equipamento.nome)
if cont is []:
cont.append(int(sw_router.equipamento.id))
elif not sw_router.equipamento.id in cont:
cont.append(int(sw_router.equipamento.id))
if len(cont) > 2:
raise InterfaceError("Mais de dois equipamentos foram selecionados")
if sw_router.ligacao_front is not None:
ligacao_front_id = sw_router.ligacao_front.id
else:
ligacao_front_id = None
if sw_router.ligacao_back is not None:
ligacao_back_id = sw_router.ligacao_back.id
else:
ligacao_back_id = None
Interface.update(user,
sw_router.id,
interface=sw_router.interface,
protegida=sw_router.protegida,
descricao=sw_router.descricao,
ligacao_front_id=ligacao_front_id,
ligacao_back_id=ligacao_back_id,
tipo=int_type,
vlan_nativa=vlan,
channel=port_channel)
if "trunk" in int_type.tipo:
interface_list = EnvironmentInterface.objects.all().filter(interface=sw_router.id)
for int_env in interface_list:
int_env.delete(user)
if envs is not None:
if not type(envs)==unicode:
for env in envs:
amb_int = EnvironmentInterface()
amb_int.interface = sw_router
amb_int.ambiente = amb.get_by_pk(int(env))
amb_int.create(user)
else:
amb_int = EnvironmentInterface()
amb_int.interface = sw_router
amb_int.ambiente = amb.get_by_pk(int(envs))
amb_int.create(user)
port_channel_map = dict()
port_channel_map['port_channel'] = port_channel
return self.response(dumps_networkapi({'port_channel': port_channel_map}))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def handle_put(self, request, user, *args, **kwargs):
"""Trata uma requisição PUT para alterar informações de uma interface.
URL: /interface/<id_interface>/
"""
# Get request data and check permission
try:
# Valid Interface ID
id_interface = kwargs.get('id_interface')
if not is_valid_int_greater_zero_param(id_interface):
self.log.error(
u'The id_interface parameter is not a valid value: %s.',
id_interface)
raise InvalidValueError(None, 'id_interface', id_interface)
# Get interface and equipment to check permission
interface = Interface.get_by_pk(id_interface)
id_equipamento = interface.equipamento_id
# Check permission
if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT,
AdminPermission.WRITE_OPERATION, None,
id_equipamento,
AdminPermission.EQUIP_WRITE_OPERATION):
return self.not_authorized()
# Get XML data
xml_map, attrs_map = loads(request.raw_post_data)
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
return self.response_error(
3, u'There is no networkapi tag in XML request.')
interface_map = networkapi_map.get('interface')
if interface_map is None:
return self.response_error(
3, u'There is no interface tag in XML request.')
# Valid name value
nome = interface_map.get('nome')
if not is_valid_string_minsize(
nome, 1) or not is_valid_string_maxsize(nome, 20):
self.log.error(u'Parameter nome is invalid. Value: %s', nome)
raise InvalidValueError(None, 'nome', nome)
# Valid protegida value
protegida = interface_map.get('protegida')
if not is_valid_boolean_param(protegida):
self.log.error(u'Parameter protegida is invalid. Value: %s',
protegida)
raise InvalidValueError(None, 'protegida', protegida)
else:
protegida = convert_string_or_int_to_boolean(protegida)
# Valid descricao value
descricao = interface_map.get('descricao')
if descricao is not None:
if not is_valid_string_minsize(
descricao, 3) or not is_valid_string_maxsize(
descricao, 200):
self.log.error(
u'Parameter descricao is invalid. Value: %s',
descricao)
raise InvalidValueError(None, 'descricao', descricao)
# Valid "id_ligacao_front" value
id_ligacao_front = interface_map.get('id_ligacao_front')
if id_ligacao_front is not None:
if not is_valid_int_greater_zero_param(id_ligacao_front):
self.log.error(
u'The id_ligacao_front parameter is not a valid value: %s.',
id_ligacao_front)
raise InvalidValueError(None, 'id_ligacao_front',
id_ligacao_front)
else:
id_ligacao_front = int(id_ligacao_front)
# Valid "id_ligacao_back" value
id_ligacao_back = interface_map.get('id_ligacao_back')
if id_ligacao_back is not None:
if not is_valid_int_greater_zero_param(id_ligacao_back):
self.log.error(
u'The id_ligacao_back parameter is not a valid value: %s.',
id_ligacao_back)
raise InvalidValueError(None, 'id_ligacao_back',
id_ligacao_back)
else:
id_ligacao_back = int(id_ligacao_back)
tipo = interface_map.get('tipo')
if tipo is not None:
tipo = TipoInterface.get_by_name(tipo)
vlan = interface_map.get('vlan')
with distributedlock(LOCK_INTERFACE % id_interface):
# Update interface
Interface.update(user,
id_interface,
interface=nome,
protegida=protegida,
descricao=descricao,
ligacao_front_id=id_ligacao_front,
ligacao_back_id=id_ligacao_back,
tipo=tipo,
vlan_nativa=vlan)
return self.response(dumps_networkapi({}))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def handle_post(self, request, user, *args, **kwargs):
"""Treat requests POST to add Rack.
URL: channel/inserir/
"""
try:
self.log.info('Inserir novo Channel')
# User permission
if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
# Load XML data
xml_map, attrs_map = loads(request.raw_post_data)
# XML data format
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
return self.response_error(3, u'There is no value to the networkapi tag of XML request.')
channel_map = networkapi_map.get('channel')
if channel_map is None:
return self.response_error(3, u'There is no value to the channel tag of XML request.')
# Get XML data
interfaces = channel_map.get('interfaces')
nome = channel_map.get('nome')
lacp = channel_map.get('lacp')
int_type = channel_map.get('int_type')
vlan_nativa = channel_map.get('vlan')
envs_vlans = channel_map.get('envs')
port_channel = PortChannel()
interface = Interface()
amb = Ambiente()
cont = []
api_interface_facade.verificar_vlan_nativa(vlan_nativa)
# verifica se o nome do port channel já existe no equipamento
interfaces = str(interfaces).split('-')
api_interface_facade.verificar_nome_channel(nome, interfaces)
# cria o port channel
port_channel.nome = str(nome)
port_channel.lacp = convert_string_or_int_to_boolean(lacp)
port_channel.create(user)
int_type = TipoInterface.get_by_name(str(int_type))
for var in interfaces:
if not var == '' and not var is None:
interf = interface.get_by_pk(int(var))
try:
sw_router = interf.get_switch_and_router_interface_from_host_interface(
interf.protegida)
except:
raise InterfaceError('Interface não conectada')
if sw_router.channel is not None:
raise InterfaceError(
'Interface %s já está em um Channel' % sw_router.interface)
if cont is []:
cont.append(int(sw_router.equipamento.id))
elif not sw_router.equipamento.id in cont:
cont.append(int(sw_router.equipamento.id))
if len(cont) > 2:
raise InterfaceError(
'Mais de dois equipamentos foram selecionados')
if sw_router.ligacao_front is not None:
ligacao_front_id = sw_router.ligacao_front.id
else:
ligacao_front_id = None
if sw_router.ligacao_back is not None:
ligacao_back_id = sw_router.ligacao_back.id
else:
ligacao_back_id = None
Interface.update(user,
sw_router.id,
interface=sw_router.interface,
protegida=sw_router.protegida,
descricao=sw_router.descricao,
ligacao_front_id=ligacao_front_id,
ligacao_back_id=ligacao_back_id,
tipo=int_type,
vlan_nativa=vlan_nativa,
channel=port_channel)
if 'trunk' in int_type.tipo:
interface_list = EnvironmentInterface.objects.all().filter(interface=sw_router.id)
for int_env in interface_list:
int_env.delete()
if type(envs_vlans) is not list:
d = envs_vlans
envs_vlans = []
envs_vlans.append(d)
for i in envs_vlans:
amb = amb.get_by_pk(int(i.get('env')))
amb_int = EnvironmentInterface()
amb_int.interface = sw_router
amb_int.ambiente = amb
try:
range_vlans = i.get('vlans')
except:
range_vlans = None
pass
if range_vlans:
api_interface_facade.verificar_vlan_range(
amb, range_vlans)
amb_int.vlans = range_vlans
amb_int.create(user)
port_channel_map = dict()
port_channel_map['port_channel'] = port_channel
return self.response(dumps_networkapi({'port_channel': port_channel_map}))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def handle_post(self, request, user, *args, **kwargs):
"""Treat requests POST to authenticate to user.
URL: authenticate/
"""
try:
self.log.info('Authenticate user')
# User permission
if not has_perm(user, AdminPermission.AUTHENTICATE, AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
# Load XML data
xml_map, attrs_map = loads(request.raw_post_data)
# XML data format
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
return self.response_error(3, u'There is no value to the networkapi tag of XML request.')
user_map = networkapi_map.get('user')
if user_map is None:
return self.response_error(3, u'There is no value to the user tag of XML request.')
# Get XML data
username = user_map.get('username')
password = user_map.get('password')
is_ldap_user = user_map.get('is_ldap_user')
# Username can NOT be less 3 and greater than 45
if not is_valid_string_minsize(username, 3) or not is_valid_string_maxsize(username, 45):
self.log.error(
u'Parameter username is invalid. Value: %s.', username)
raise InvalidValueError(None, 'username', username)
if not is_valid_boolean_param(is_ldap_user):
self.log.error(
u'Parameter is_ldap_user is invalid. Value: %s.', is_ldap_user)
raise InvalidValueError(None, 'is_ldap_user', is_ldap_user)
else:
is_ldap_user = convert_string_or_int_to_boolean(is_ldap_user)
if is_ldap_user:
user = Usuario().get_by_ldap_user(username, True)
password = user.pwd
else:
# Password can NOT be less 3 and greater than 45
if not is_valid_string_minsize(password, 3) or not is_valid_string_maxsize(password, 45):
self.log.error(
u'Parameter password is invalid. Value: %s.', '****')
raise InvalidValueError(None, 'password', '****')
# Find user by username, password to check if it exist
user = Usuario().get_enabled_user(username.upper(), password)
# Valid user
if user is None:
return self.response(dumps_networkapi({}))
perms = {}
for ugroup in user.grupos.all():
for perm in ugroup.permissaoadministrativa_set.all():
function = perm.permission.function
if function in perms:
write = False
read = False
if perms.get(function).get('write') is True or perm.escrita is True:
write = True
if perms.get(function).get('read') is True or perm.leitura is True:
read = True
perms[function] = {'write': write, 'read': read}
else:
perms[function] = {
'write': perm.escrita, 'read': perm.leitura}
user_map = {}
user_dict = model_to_dict(
user, fields=['id', 'user', 'nome', 'email', 'ativo', 'user_ldap'])
user_dict['pwd'] = password
user_dict['permission'] = perms
user_map['user'] = user_dict
return self.response(dumps_networkapi(user_map))
except UsuarioNotFoundError:
return self.response(dumps_networkapi({}))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def handle_get(self, request, user, *args, **kwargs):
"""Handles GET requests to add block in vip rule.
URLs: /vip/add_block/<id_vip>/<id_block>/<override>
"""
self.log.info('Add block in rule vip')
try:
# Commons Validations
# User permission
if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT,
AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
# Business Validations
id_vip = kwargs.get('id_vip')
id_block = kwargs.get('id_block')
override = kwargs.get('override')
if not is_valid_int_greater_zero_param(id_vip):
self.log.error(u'Parameter id_vip is invalid. Value: %s.',
id_vip)
raise InvalidValueError(None, 'id_vip', id_vip)
if not is_valid_int_greater_zero_param(id_block):
self.log.error(u'Parameter id_block is invalid. Value: %s.',
id_block)
raise InvalidValueError(None, 'id_block', id_block)
if not is_valid_boolean_param(override, False):
self.log.error(u'Parameter override is invalid. Value: %s.',
override)
raise InvalidValueError(None, 'override', override)
else:
override = convert_string_or_int_to_boolean(override)
vip = RequisicaoVips.get_by_pk(id_vip)
vip_map = vip.variables_to_map()
host = vip_map['host']
rule_applied = vip.rule_applied
# Vip must be created
if not vip.vip_criado:
self.log.error(
u'Block can not added because VIP has not been created yet.'
)
raise RequestVipsNotBeenCreatedError(None)
###################################################
# Vip Request has a rule applied #
###################################################
if rule_applied:
block_in_rules = self.insert_block_in_rule(
id_block, rule_applied)
# create new rule
# make a copy
new_rule_content = copy.copy(rule_applied)
# remove the rule if is a vip rule and this rule is not applied
if vip.rule:
if rule_applied != vip.rule and vip.rule.vip:
vip.rule.delete()
# duplicate rule with new block
new_rule_content.id = None
new_rule_content.vip = vip
count_rule_vip = Rule.objects.filter(vip=vip).count()
diff_name = '(' + str(count_rule_vip) + \
')' if count_rule_vip else ''
new_rule_content.name = 'regra_' + host + diff_name
new_rule_content.save(user, force_insert=True)
###################################################
# Vip Request hasn't a rule applied #
###################################################
else:
block_in_rules, environment = self.generate_rule_contents(
vip, id_block)
# create new rule
new_rule_content = Rule()
count_rule_vip = Rule.objects.filter(vip=vip).count()
diff_name = '(' + str(count_rule_vip) + \
')' if count_rule_vip else ''
new_rule_content.name = 'regra_' + host + diff_name
new_rule_content.vip = vip
new_rule_content.environment = environment
new_rule_content.save()
new_content = '\n'.join(d['content'] for d in block_in_rules)
# save contents with new rule
for i in range(len(block_in_rules)):
rule_content = RuleContent()
rule_content.content = block_in_rules[i]['content']
rule_content.order = i
rule_content.rule = new_rule_content
rule_content.save()
if override or not vip.l7_filter:
# update filter and rule with new block
vip.l7_filter = new_content
vip.rule = new_rule_content
vip.filter_valid = True
vip.save()
else:
self.log.error(
u'Block can not be added because there is already a rule to apply, and the value of zero is overwritten.'
)
raise AddBlockOverrideNotDefined(None)
success_map = dict()
success_map['codigo'] = 0
success_map['descricao'] = u'Bloco incluído com sucesso'
return self.response(dumps_networkapi({'sucesso': success_map}))
except VipRequestBlockAlreadyInRule, e:
self.log.error(e.message)
return self.response_error(361)
def handle_get(self, request, user, *args, **kwargs):
"""Handles GET requests to add block in vip rule.
URLs: /vip/add_block/<id_vip>/<id_block>/<override>
"""
self.log.info('Add block in rule vip')
try:
# Commons Validations
# User permission
if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
return self.not_authorized()
# Business Validations
id_vip = kwargs.get('id_vip')
id_block = kwargs.get('id_block')
override = kwargs.get('override')
if not is_valid_int_greater_zero_param(id_vip):
self.log.error(
u'Parameter id_vip is invalid. Value: %s.', id_vip)
raise InvalidValueError(None, 'id_vip', id_vip)
if not is_valid_int_greater_zero_param(id_block):
self.log.error(
u'Parameter id_block is invalid. Value: %s.', id_block)
raise InvalidValueError(None, 'id_block', id_block)
if not is_valid_boolean_param(override, False):
self.log.error(
u'Parameter override is invalid. Value: %s.', override)
raise InvalidValueError(None, 'override', override)
else:
override = convert_string_or_int_to_boolean(override)
vip = RequisicaoVips.get_by_pk(id_vip)
vip_map = vip.variables_to_map()
host = vip_map['host']
rule_applied = vip.rule_applied
# Vip must be created
if not vip.vip_criado:
self.log.error(
u'Block can not added because VIP has not been created yet.')
raise RequestVipsNotBeenCreatedError(None)
###################################################
# Vip Request has a rule applied #
###################################################
if rule_applied:
block_in_rules = self.insert_block_in_rule(
id_block, rule_applied)
# create new rule
# make a copy
new_rule_content = copy.copy(rule_applied)
# remove the rule if is a vip rule and this rule is not applied
if vip.rule:
if rule_applied != vip.rule and vip.rule.vip:
vip.rule.delete()
# duplicate rule with new block
new_rule_content.id = None
new_rule_content.vip = vip
count_rule_vip = Rule.objects.filter(vip=vip).count()
diff_name = '(' + str(count_rule_vip) + \
')' if count_rule_vip else ''
new_rule_content.name = 'regra_' + host + diff_name
new_rule_content.save(user, force_insert=True)
###################################################
# Vip Request hasn't a rule applied #
###################################################
else:
block_in_rules, environment = self.generate_rule_contents(
vip, id_block)
# create new rule
new_rule_content = Rule()
count_rule_vip = Rule.objects.filter(vip=vip).count()
diff_name = '(' + str(count_rule_vip) + \
')' if count_rule_vip else ''
new_rule_content.name = 'regra_' + host + diff_name
new_rule_content.vip = vip
new_rule_content.environment = environment
new_rule_content.save()
new_content = '\n'.join(d['content'] for d in block_in_rules)
# save contents with new rule
for i in range(len(block_in_rules)):
rule_content = RuleContent()
rule_content.content = block_in_rules[i]['content']
rule_content.order = i
rule_content.rule = new_rule_content
rule_content.save()
if override or not vip.l7_filter:
# update filter and rule with new block
vip.l7_filter = new_content
vip.rule = new_rule_content
vip.filter_valid = True
vip.save()
else:
self.log.error(
u'Block can not be added because there is already a rule to apply, and the value of zero is overwritten.')
raise AddBlockOverrideNotDefined(None)
success_map = dict()
success_map['codigo'] = 0
success_map['descricao'] = u'Bloco incluído com sucesso'
return self.response(dumps_networkapi({'sucesso': success_map}))
except VipRequestBlockAlreadyInRule, e:
self.log.error(e.message)
return self.response_error(361)
def update(self, data):
try:
id_channel = data.get('id')
name = data.get('name')
lacp = data.get('lacp')
int_type = data.get('int_type')
vlan_nativa = data.get('vlan')
envs_vlans = data.get('envs_vlans')
interfaces = data.get('interfaces')
protected = data.get('protected')
self.channel = PortChannel.get_by_pk(int(id_channel))
if not interfaces:
raise InterfaceError('No interfaces selected')
if not is_valid_int_greater_zero_param(name):
raise InvalidValueError(None, 'Channel number',
'must be integer.')
api_interface_facade.verificar_vlan_nativa(vlan_nativa)
# Dissociate old interfaces
interfaces_old = Interface.objects.filter(
channel__id=int(id_channel)
)
log.debug(interfaces_old)
server = None
for i in interfaces_old:
server = i.ligacao_front.equipamento.id
i.channel = None
i.save()
log.debug(i.id)
api_interface_facade.check_channel_name_on_equipment(name,
interfaces)
# update channel
self.channel.nome = str(name)
self.channel.lacp = convert_string_or_int_to_boolean(lacp, True)
self.channel.save()
type_obj = TipoInterface.objects.get(tipo=int_type)
ifaces_on_channel = list()
for interface in interfaces:
iface = Interface.objects.get(id=int(interface))
if server:
if not int(iface.ligacao_front.equipamento.id) == int(server):
raise Exception('Interface is connected to another server. Ids: %s %s ' %
(iface.ligacao_front.equipamento.id, server))
if iface.channel:
raise InterfaceError(
'Interface %s is already in a Channel'
% iface.interface
)
if iface.equipamento.id not in ifaces_on_channel:
ifaces_on_channel.append(int(iface.equipamento.id))
if len(ifaces_on_channel) > 2:
raise InterfaceError(
'More than one equipment selected.'
)
iface.channel = self.channel
iface.tipo = type_obj
iface.vlan_nativa = vlan_nativa
iface.protegida = convert_string_or_int_to_boolean(protected,
True)
iface.save()
log.debug("interface updated %s" % iface.id)
self._dissociate_ifaces_envs(iface)
# associate the new envs
if 'trunk' in int_type.lower():
self._create_ifaces_on_trunks(iface, envs_vlans)
except Exception as err:
log.error(str(err))
raise Exception({"error": str(err)})
return {'channels': self.channel.id}
def handle_put(self, request, user, *args, **kwargs):
"""Treat requests POST to add Rack.
URL: channel/editar/
"""
try:
self.log.info("Editar Channel")
# User permission
if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION):
self.log.error(u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
# Load XML data
xml_map, attrs_map = loads(request.raw_post_data)
# XML data format
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
return self.response_error(3, u'There is no value to the networkapi tag of XML request.')
channel_map = networkapi_map.get('channel')
if channel_map is None:
return self.response_error(3, u'There is no value to the channel tag of XML request.')
# Get XML data
id_channel = channel_map.get('id_channel')
nome = channel_map.get('nome')
if not is_valid_int_greater_zero_param(nome):
raise InvalidValueError(None, "Numero do Channel", "Deve ser um numero inteiro.")
lacp = channel_map.get('lacp')
int_type = channel_map.get('int_type')
vlans = channel_map.get('vlan')
envs = channel_map.get('envs')
ids_interface = channel_map.get('ids_interface')
if ids_interface is None:
raise InterfaceError("Nenhuma interface selecionada")
# verifica a vlan_nativa
vlan = vlans.get('vlan_nativa')
if vlan is not None:
if int(vlan) < 1 or int(vlan) > 4096:
raise InvalidValueError(None, "Vlan Nativa", "Range valido: 1 - 4096.")
if int(vlan) < 1 or 3967 < int(vlan) < 4048 or int(vlan)==4096:
raise InvalidValueError(None, "Vlan Nativa" ,"Range reservado: 3968-4047;4094.")
port_channel = PortChannel()
interface = Interface()
amb = Ambiente()
# verifica se o nome do port channel está sendo usado no equipamento
channels = PortChannel.objects.filter(nome=nome)
channels_id = []
for ch in channels:
channels_id.append(int(ch.id))
if len(channels_id)>1:
if type(ids_interface) is list:
for var in ids_interface:
if not var=="" and not var==None:
interface_id = int(var)
else:
interface_id = int(ids_interface)
interface_id = interface.get_by_pk(interface_id)
equip_id = interface_id.equipamento.id
equip_interfaces = interface.search(equip_id)
for i in equip_interfaces:
try:
sw = i.get_switch_and_router_interface_from_host_interface(i.protegida)
except:
sw = None
pass
if sw is not None:
if sw.channel is not None:
if sw.channel.id in channels_id and sw.channel.id is not id_channel:
raise InterfaceError("O nome do port channel ja foi utilizado no equipamento")
#buscar interfaces do channel
interfaces = Interface.objects.all().filter(channel__id=id_channel)
ids_list = []
for i in interfaces:
ids_list.append(i.id)
ids_list = [ int(y) for y in ids_list ]
if type(ids_interface) is list:
ids_interface = [ int(x) for x in ids_interface ]
desassociar = set(ids_list) - set(ids_interface)
for item in desassociar:
item = interface.get_by_pk(int(item))
item.channel = None
item.save()
else:
if ids_interface is not None:
ids_interface = int(ids_interface)
if ids_interface is not None:
for item in ids_list:
item = interface.get_by_pk(int(item))
item.channel = None
item.save()
else:
for item in ids_list:
if not item== ids_interface:
item = interface.get_by_pk(int(item))
item.channel = None
item.save()
#update channel
port_channel = port_channel.get_by_pk(id_channel)
port_channel.nome = str(nome)
port_channel.lacp = convert_string_or_int_to_boolean(lacp)
port_channel.save()
int_type = TipoInterface.get_by_name(str(int_type))
#update interfaces
if type(ids_interface) is not list:
i = ids_interface
ids_interface = []
ids_interface.append(i)
for var in ids_interface:
alterar_interface(var, interface, port_channel, int_type, vlans, user, envs, amb)
interface = Interface()
server_obj = Interface()
interface_sw = interface.get_by_pk(int(var))
interface_server = server_obj.get_by_pk(interface_sw.ligacao_front.id)
try:
front = interface_server.ligacao_front.id
except:
front = None
pass
try:
back = interface_server.ligacao_back.id
except:
back = None
pass
server_obj.update(user,
interface_server.id,
interface=interface_server.interface,
protegida=interface_server.protegida,
descricao=interface_server.descricao,
ligacao_front_id=front,
ligacao_back_id=back,
tipo=int_type,
vlan_nativa=int(vlan))
port_channel_map = dict()
port_channel_map['port_channel'] = port_channel
return self.response(dumps_networkapi({'port_channel': port_channel_map}))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def handle_post(self, request, user, *args, **kwargs):
"""Treat requests POST to add Administrative Permission.
URL: aperms/
"""
try:
self.log.info('Add Administrative Permission')
# User permission
if not has_perm(user, AdminPermission.USER_ADMINISTRATION, AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
# Load XML data
xml_map, attrs_map = loads(request.raw_post_data)
# XML data format
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
return self.response_error(3, u'There is no value to the networkapi tag of XML request.')
perm_map = networkapi_map.get('administrative_permission')
if perm_map is None:
return self.response_error(3, u'There is no value to the administrative_permission tag of XML request.')
# Get XML data
id_permission = perm_map.get('id_permission')
id_group = perm_map.get('id_group')
read = perm_map.get('read')
write = perm_map.get('write')
# Valid ID Permission
if not is_valid_int_greater_zero_param(id_permission):
self.log.error(
u'The id_permission parameter is not a valid value: %s.', id_permission)
raise InvalidValueError(None, 'id_permission', id_permission)
# Valid ID Group
if not is_valid_int_greater_zero_param(id_group):
self.log.error(
u'The id_group parameter is not a valid value: %s.', id_group)
raise InvalidValueError(None, 'id_group', id_group)
# Valid Read
if not is_valid_boolean_param(read):
self.log.error(
u'The read parameter is not a valid value: %s.', read)
raise InvalidValueError(None, 'read', read)
# Valid Read
if not is_valid_boolean_param(write):
self.log.error(
u'The write parameter is not a valid value: %s.', write)
raise InvalidValueError(None, 'write', write)
# Find Permission by ID to check if it exist
permission = Permission.get_by_pk(id_permission)
# Find UGroup by ID to check if it exist
ugroup = UGrupo.get_by_pk(id_group)
try:
PermissaoAdministrativa.get_permission_by_permission_ugroup(
id_permission, id_group)
raise PermissaoAdministrativaDuplicatedError(
None, permission.function)
except PermissaoAdministrativaNotFoundError:
pass
adm_perm = PermissaoAdministrativa()
# set variables
adm_perm.permission = permission
adm_perm.ugrupo = ugroup
adm_perm.leitura = convert_string_or_int_to_boolean(read)
adm_perm.escrita = convert_string_or_int_to_boolean(write)
try:
# save Administrative Permission
adm_perm.save()
except Exception, e:
self.log.error(
u'Failed to save the administrative permission.')
raise GrupoError(
e, u'Failed to save the administrative permission.')
perm_map = dict()
perm_map['perm'] = model_to_dict(
adm_perm, exclude=['permission', 'leitura', 'escrita', 'ugrupo'])
return self.response(dumps_networkapi(perm_map))
def handle_post(self, request, user, *args, **kwargs):
"""Treat requests POST to add Rack.
URL: channel/inserir/
"""
try:
self.log.info("Inserir novo Channel")
# User permission
if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION):
self.log.error(u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
# Load XML data
xml_map, attrs_map = loads(request.raw_post_data)
# XML data format
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
return self.response_error(3, u'There is no value to the networkapi tag of XML request.')
channel_map = networkapi_map.get('channel')
if channel_map is None:
return self.response_error(3, u'There is no value to the channel tag of XML request.')
# Get XML data
interfaces = channel_map.get('interfaces')
nome = channel_map.get('nome')
lacp = channel_map.get('lacp')
int_type = channel_map.get('int_type')
vlans = channel_map.get('vlan')
envs = channel_map.get('envs')
port_channel = PortChannel()
interface = Interface()
amb = Ambiente()
cont = []
interfaces = str(interfaces).split('-')
interface_id = None
# verifica a vlan_nativa
vlan = vlans.get('vlan_nativa')
if vlan is not None:
if int(vlan) < 1 or int(vlan) > 4096:
raise InvalidValueError(None, "Vlan Nativa", "Range valido: 1 - 4096.")
if int(vlan) < 1 or 3967 < int(vlan) < 4048 or int(vlan)==4096:
raise InvalidValueError(None, "Vlan Nativa" ,"Range reservado: 3968-4047;4094.")
# verifica se o nome do port channel já existe no equipamento
channels = PortChannel.objects.filter(nome=nome)
channels_id = []
for ch in channels:
channels_id.append(int(ch.id))
if channels_id:
for var in interfaces:
if not var=="" and not var==None:
interface_id = int(var)
interface_id = interface.get_by_pk(interface_id)
equip_id = interface_id.equipamento.id
equip_interfaces = interface.search(equip_id)
for i in equip_interfaces:
try:
sw = i.get_switch_and_router_interface_from_host_interface(i.protegida)
except:
sw = None
pass
if sw.channel is not None:
if sw.channel.id in channels_id:
raise InterfaceError("O nome do port channel ja foi utilizado no equipamento")
#cria o port channel
port_channel.nome = str(nome)
port_channel.lacp = convert_string_or_int_to_boolean(lacp)
port_channel.create(user)
int_type = TipoInterface.get_by_name(str(int_type))
for var in interfaces:
if not var=="" and not var==None:
interf = interface.get_by_pk(int(var))
try:
sw_router = interf.get_switch_and_router_interface_from_host_interface(interf.protegida)
except:
raise InterfaceError("Interface não conectada")
if sw_router.channel is not None:
raise InterfaceError("Interface %s já está em um Channel" % sw_router.interface)
if cont is []:
cont.append(int(sw_router.equipamento.id))
elif not sw_router.equipamento.id in cont:
cont.append(int(sw_router.equipamento.id))
if len(cont) > 2:
raise InterfaceError("Mais de dois equipamentos foram selecionados")
if sw_router.ligacao_front is not None:
ligacao_front_id = sw_router.ligacao_front.id
else:
ligacao_front_id = None
if sw_router.ligacao_back is not None:
ligacao_back_id = sw_router.ligacao_back.id
else:
ligacao_back_id = None
Interface.update(user,
sw_router.id,
interface=sw_router.interface,
protegida=sw_router.protegida,
descricao=sw_router.descricao,
ligacao_front_id=ligacao_front_id,
ligacao_back_id=ligacao_back_id,
tipo=int_type,
vlan_nativa=vlans.get('vlan_nativa'),
channel=port_channel)
if "trunk" in int_type.tipo:
interface_list = EnvironmentInterface.objects.all().filter(interface=sw_router.id)
for int_env in interface_list:
int_env.delete()
if envs is not None:
amb = amb.get_by_pk(int(envs))
amb_int = EnvironmentInterface()
amb_int.interface = sw_router
amb_int.ambiente = amb
try:
range_vlans = vlans.get('range')
except:
range_vlans = None
pass
if range_vlans:
api_interface_facade.verificar_vlan_range(amb, range_vlans)
amb_int.vlans = range_vlans
amb_int.create(user)
port_channel_map = dict()
port_channel_map['port_channel'] = port_channel
return self.response(dumps_networkapi({'port_channel': port_channel_map}))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def handle_put(self, request, user, *args, **kwargs):
"""Trata uma requisição PUT para alterar informações de uma interface.
URL: /interface/<id_interface>/
"""
# Get request data and check permission
try:
# Valid Interface ID
id_interface = kwargs.get('id_interface')
if not is_valid_int_greater_zero_param(id_interface):
self.log.error(
u'The id_interface parameter is not a valid value: %s.', id_interface)
raise InvalidValueError(None, 'id_interface', id_interface)
# Get interface and equipment to check permission
interface = Interface.get_by_pk(id_interface)
id_equipamento = interface.equipamento_id
# Check permission
if not has_perm(user,
AdminPermission.EQUIPMENT_MANAGEMENT,
AdminPermission.WRITE_OPERATION,
None,
id_equipamento,
AdminPermission.EQUIP_WRITE_OPERATION):
return self.not_authorized()
# Get XML data
xml_map, attrs_map = loads(request.raw_post_data)
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
return self.response_error(3, u'There is no networkapi tag in XML request.')
interface_map = networkapi_map.get('interface')
if interface_map is None:
return self.response_error(3, u'There is no interface tag in XML request.')
# Valid name value
nome = interface_map.get('nome')
if not is_valid_string_minsize(nome, 1) or not is_valid_string_maxsize(nome, 20):
self.log.error(u'Parameter nome is invalid. Value: %s', nome)
raise InvalidValueError(None, 'nome', nome)
# Valid protegida value
protegida = interface_map.get('protegida')
if not is_valid_boolean_param(protegida):
self.log.error(
u'Parameter protegida is invalid. Value: %s', protegida)
raise InvalidValueError(None, 'protegida', protegida)
else:
protegida = convert_string_or_int_to_boolean(protegida)
# Valid descricao value
descricao = interface_map.get('descricao')
if descricao is not None:
if not is_valid_string_minsize(descricao, 3) or not is_valid_string_maxsize(descricao, 200):
self.log.error(
u'Parameter descricao is invalid. Value: %s', descricao)
raise InvalidValueError(None, 'descricao', descricao)
# Valid "id_ligacao_front" value
id_ligacao_front = interface_map.get('id_ligacao_front')
if id_ligacao_front is not None:
if not is_valid_int_greater_zero_param(id_ligacao_front):
self.log.error(
u'The id_ligacao_front parameter is not a valid value: %s.', id_ligacao_front)
raise InvalidValueError(
None, 'id_ligacao_front', id_ligacao_front)
else:
id_ligacao_front = int(id_ligacao_front)
# Valid "id_ligacao_back" value
id_ligacao_back = interface_map.get('id_ligacao_back')
if id_ligacao_back is not None:
if not is_valid_int_greater_zero_param(id_ligacao_back):
self.log.error(
u'The id_ligacao_back parameter is not a valid value: %s.', id_ligacao_back)
raise InvalidValueError(
None, 'id_ligacao_back', id_ligacao_back)
else:
id_ligacao_back = int(id_ligacao_back)
tipo = interface_map.get('tipo')
tipo = TipoInterface.get_by_name(tipo)
vlan = interface_map.get('vlan')
with distributedlock(LOCK_INTERFACE % id_interface):
# Update interface
Interface.update(user,
id_interface,
interface=nome,
protegida=protegida,
descricao=descricao,
ligacao_front_id=id_ligacao_front,
ligacao_back_id=id_ligacao_back,
tipo=tipo,
vlan_nativa=vlan)
return self.response(dumps_networkapi({}))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def handle_put(self, request, user, *args, **kwargs):
"""Treat requests PUT to edit User.
URL: user/<id_user>/
"""
try:
self.log.info('Edit User')
# User permission
if not has_perm(user, AdminPermission.USER_ADMINISTRATION, AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
id_user = kwargs.get('id_user')
# Load XML data
xml_map, attrs_map = loads(request.raw_post_data)
# XML data format
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
return self.response_error(3, u'There is no value to the networkapi tag of XML request.')
user_map = networkapi_map.get('user')
if user_map is None:
return self.response_error(3, u'There is no value to the user tag of XML request.')
# Get XML data
username = user_map.get('user')
password = user_map.get('password')
name = user_map.get('name')
email = user_map.get('email')
active = user_map.get('active')
user_ldap = user_map.get('user_ldap')
# Valid ID User
if not is_valid_int_greater_zero_param(id_user):
self.log.error(
u'The id_user parameter is not a valid value: %s.', id_user)
raise InvalidValueError(None, 'id_user', id_user)
# Valid username
if not is_valid_string_minsize(username, 3) or not is_valid_string_maxsize(username, 45):
self.log.error(
u'Parameter user is invalid. Value: %s', username)
raise InvalidValueError(None, 'user', username)
# Valid pwd
if not is_valid_string_minsize(password, 3) or not is_valid_string_maxsize(password, 45):
self.log.error(u'Parameter password is invalid. Value: ****')
raise InvalidValueError(None, 'password', '****')
# Valid name
if not is_valid_string_minsize(name, 3) or not is_valid_string_maxsize(name, 200):
self.log.error(u'Parameter name is invalid. Value: %s', name)
raise InvalidValueError(None, 'name', name)
# Valid email
if not is_valid_string_minsize(email, 3) or not is_valid_string_maxsize(email, 200) or not is_valid_email(email):
self.log.error(u'Parameter email is invalid. Value: %s', email)
raise InvalidValueError(None, 'email', email)
# Valid active
if not is_valid_boolean_param(active):
self.log.error(
u'The active parameter is not a valid value: %s.', active)
raise InvalidValueError(None, 'active', active)
# Valid LDAP username
if not is_valid_string_minsize(user_ldap, 3, False) or not is_valid_string_maxsize(user_ldap, 45, False):
self.log.error(
u'Parameter user_ldap is invalid. Value: %s', user_ldap)
raise InvalidValueError(None, 'user_ldap', user_ldap)
# Find User by ID to check if it exist
usr = Usuario.get_by_pk(id_user)
with distributedlock(LOCK_USER % id_user):
try:
if usr.user.lower() != username.lower():
Usuario.get_by_user(username)
raise UsuarioNameDuplicatedError(
None, u'Já existe um usuário com o valor user %s.' % username)
except UsuarioNotFoundError:
pass
# set variables
usr.user = username
usr.pwd = password
usr.nome = name
usr.email = email
usr.ativo = convert_string_or_int_to_boolean(active)
usr.user_ldap = user_ldap
try:
# update User
usr.save()
except Exception, e:
self.log.error(u'Failed to update the user.')
raise UsuarioError(e, u'Failed to update the user.')
return self.response(dumps_networkapi({}))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def handle_put(self, request, user, *args, **kwargs):
"""Treat requests PUT to edit Administrative Permission.
URL: perms/<id_perm>/
"""
try:
self.log.info("Edit Administrative Permission")
# User permission
if not has_perm(user, AdminPermission.USER_ADMINISTRATION,
AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
id_perm = kwargs.get('id_perm')
# Load XML data
xml_map, attrs_map = loads(request.raw_post_data)
# XML data format
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
return self.response_error(
3,
u'There is no value to the networkapi tag of XML request.'
)
perm_map = networkapi_map.get('administrative_permission')
if perm_map is None:
return self.response_error(
3,
u'There is no value to the administrative_permission tag of XML request.'
)
# Get XML data
id_permission = perm_map.get('id_permission')
id_group = perm_map.get('id_group')
read = perm_map.get('read')
write = perm_map.get('write')
# Valid ID Administrative Permission
if not is_valid_int_greater_zero_param(id_perm):
self.log.error(
u'The id_perm parameter is not a valid value: %s.',
id_perm)
raise InvalidValueError(None, 'id_perm', id_perm)
# Valid ID Permission
if not is_valid_int_greater_zero_param(id_permission):
self.log.error(
u'The id_permission parameter is not a valid value: %s.',
id_permission)
raise InvalidValueError(None, 'id_permission', id_permission)
# Valid ID Group
if not is_valid_int_greater_zero_param(id_group):
self.log.error(
u'The id_group parameter is not a valid value: %s.',
id_group)
raise InvalidValueError(None, 'id_group', id_group)
# Valid Read
if not is_valid_boolean_param(read):
self.log.error(u'The read parameter is not a valid value: %s.',
read)
raise InvalidValueError(None, 'read', read)
# Valid Read
if not is_valid_boolean_param(write):
self.log.error(
u'The write parameter is not a valid value: %s.', write)
raise InvalidValueError(None, 'write', write)
# Find Permission by ID to check if it exist
adm_perm = PermissaoAdministrativa.get_by_pk(id_perm)
with distributedlock(LOCK_PERM % id_perm):
# Find Permission by ID to check if it exist
permission = Permission.get_by_pk(id_permission)
# Find UGroup by ID to check if it exist
ugroup = UGrupo.get_by_pk(id_group)
try:
perm = PermissaoAdministrativa.get_permission_by_permission_ugroup(
id_permission, id_group)
if perm.id != int(id_perm):
raise PermissaoAdministrativaDuplicatedError(
None, permission.function)
except PermissaoAdministrativaNotFoundError:
pass
# set variables
adm_perm.permission = permission
adm_perm.ugrupo = ugroup
adm_perm.leitura = convert_string_or_int_to_boolean(read)
adm_perm.escrita = convert_string_or_int_to_boolean(write)
try:
# update Administrative Permission
adm_perm.save()
except Exception, e:
self.log.error(
u'Failed to update the administrative permission.')
raise PermissionError(
e, u'Failed to update the administrative permission.')
return self.response(dumps_networkapi({}))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def insert_equipment(equipment_map, user):
'''
Insere um equipamento e o relacionamento entre equipamento e o grupo.
@param equipment_map: Map com as chaves: id_grupo, id_tipo_equipamento, id_modelo e nome
@param user: Usuário autenticado na API.
@return Em caso de erro retorna a tupla: (código da mensagem de erro, argumento01, argumento02, ...)
Em caso de sucesso retorna a tupla: (0, <identificador do equipamento_grupo>, <equipamento>)
@raise InvalidGroupToEquipmentTypeError: Equipamento do grupo “Equipamentos Orquestração” somente poderá ser criado com tipo igual a “Servidor Virtual”.
@raise EGrupoNotFoundError: Grupo não cadastrado.
@raise GrupoError: Falha ao pesquisar o Grupo.
@raise TipoEquipamentoNotFoundError: Tipo de equipamento nao cadastrado.
@raise ModeloNotFoundError: Modelo nao cadastrado.
@raise EquipamentoNameDuplicatedError: Nome do equipamento duplicado.
@raise EquipamentoError: Falha ou inserir o equipamento.
@raise UserNotAuthorizedError: Usuário sem autorização para executar a operação.
'''
log = logging.getLogger('insert_equipment')
log.debug('EQUIPAMENTO_MAP: %s', equipment_map)
equipment = Equipamento()
equipment.tipo_equipamento = TipoEquipamento()
equipment.modelo = Modelo()
group_id = equipment_map.get('id_grupo')
if not is_valid_int_greater_zero_param(group_id):
log.error(
u'The group_id parameter is not a valid value: %s.', group_id)
raise InvalidValueError(None, 'group_id', group_id)
else:
group_id = int(group_id)
if not has_perm(user,
AdminPermission.EQUIPMENT_MANAGEMENT,
AdminPermission.WRITE_OPERATION,
group_id,
None,
AdminPermission.EQUIP_WRITE_OPERATION):
raise UserNotAuthorizedError(
None, u'Usuário não tem permissão para executar a operação.')
equipment_type_id = equipment_map.get('id_tipo_equipamento')
if not is_valid_int_greater_zero_param(equipment_type_id):
log.error(
u'The equipment_type_id parameter is not a valid value: %s.', equipment_type_id)
raise InvalidValueError(None, 'equipment_type_id', equipment_type_id)
else:
equipment.tipo_equipamento.id = int(equipment_type_id)
model_id = equipment_map.get('id_modelo')
if not is_valid_int_greater_zero_param(model_id):
log.error(
u'The model_id parameter is not a valid value: %s.', model_id)
raise InvalidValueError(None, 'model_id', model_id)
else:
equipment.modelo.id = int(model_id)
name = equipment_map.get('nome')
if not is_valid_string_minsize(name, 3) or not is_valid_string_maxsize(name, 50):
log.error(u'The name parameter is not a valid value: %s.', name)
raise InvalidValueError(None, 'name', name)
else:
equipment.nome = name
#maintenance is a new feature. Check existing value if not defined in request
#Old calls does not send this field
maintenance = equipment_map.get('maintenance')
if maintenance is None:
maintenance = False
if not is_valid_boolean_param(maintenance):
log.error(u'The maintenance parameter is not a valid value: %s.', maintenance)
raise InvalidValueError(None, 'maintenance', maintenance)
else:
equipment.maintenance = convert_string_or_int_to_boolean(maintenance)
equipment_group_id = equipment.create(user, group_id)
return 0, equipment_group_id, equipment
