def get_enabled_user(self, username, password): """ Busca o usuário de acordo com o login e a senha. Retorna apenas usuário ativo. """ bypass = 0 try: try: use_ldap = convert_string_or_int_to_boolean( get_value('use_ldap')) if use_ldap: ldap_param = get_value('ldap_config') ldap_server = get_value('ldap_server') return_user = self.get_by_ldap_user(username, True) else: bypass = 1 except exceptions.VariableDoesNotExistException, e: self.log.error( 'Error getting LDAP config variables (use_ldap). Trying local authentication') bypass = 1 except UsuarioNotFoundError, e: self.log.debug( "Using local authentication for user \'%s\'" % username) bypass = 1
def get_enabled_user(self, username, password): """ Busca o usuário de acordo com o login e a senha. Retorna apenas usuário ativo. """ bypass = 0 try: try: use_ldap = convert_string_or_int_to_boolean( get_value('use_ldap')) if use_ldap: ldap_param = get_value('ldap_config') ldap_server = get_value('ldap_server') return_user = self.get_by_ldap_user(username, True) else: bypass = 1 except exceptions.VariableDoesNotExistException, e: self.log.error( 'Error getting LDAP config variables (use_ldap). Trying local authentication' ) bypass = 1 except UsuarioNotFoundError, e: self.log.debug("Using local authentication for user \'%s\'" % username) bypass = 1
def update(self, data): try: id_channel = data.get('id_channel') nome = data.get('nome') if not is_valid_int_greater_zero_param(nome): raise InvalidValueError(None, 'Channel number', 'must be integer.') lacp = data.get('lacp') int_type = data.get('int_type') vlan_nativa = data.get('vlan') envs_vlans = data.get('envs') ids_interface = data.get('ids_interface') if ids_interface is None: raise InterfaceError('No interfaces selected') if type(ids_interface) == list: interfaces_list = ids_interface else: interfaces_list = str(ids_interface).split('-') api_interface_facade.verificar_vlan_nativa(vlan_nativa) # verifica se o nome do port channel já existe no equipamento self.channel = PortChannel.get_by_pk(int(id_channel)) if not nome == self.channel.nome: api_interface_facade.verificar_nome_channel( nome, interfaces_list) # buscar interfaces do channel interfaces = Interface.objects.all().filter(channel__id=id_channel) ids_list = [] for i in interfaces: ids_list.append(i.id) self._dissociate_interfaces_from_channel(ids_list, ids_interface) # update channel self.channel.nome = str(nome) self.channel.lacp = convert_string_or_int_to_boolean(lacp) self.channel.save() int_type = TipoInterface.get_by_name(str(int_type)) self._update_interfaces_from_http_put(ids_interface, int_type, vlan_nativa, envs_vlans) except Exception as err: return {"error": str(err)} return {"port_channel": self.channel}
def create(self, data): """ Creates a new Port Channel """ log.info("Create Channel") log.debug(data) interfaces = data.get('interfaces') nome = data.get('name') lacp = data.get('lacp') int_type = data.get('int_type') vlan_nativa = data.get('vlan') envs_vlans = data.get('envs_vlans') api_interface_facade.verificar_vlan_nativa(vlan_nativa) # Checks if Port Channel name already exists on equipment api_interface_facade.check_channel_name_on_equipment(nome, interfaces) self.channel = PortChannel() self.channel.nome = str(nome) self.channel.lacp = convert_string_or_int_to_boolean(lacp, True) self.channel.create() ifaces_on_channel = [] for interface in interfaces: iface = Interface.objects.get(id=interface) type_obj = TipoInterface.objects.get(tipo=int_type) if iface.channel: raise InterfaceError( 'Interface %s is already a Channel' % iface.interface ) if iface.equipamento.id not in ifaces_on_channel: ifaces_on_channel.append(int(iface.equipamento.id)) if len(ifaces_on_channel) > 2: raise InterfaceError('More than one equipment selected') iface.channel = self.channel iface.int_type = type_obj iface.vlan_nativa = vlan_nativa iface.save() log.debug("interface updated %s" % iface.id) self._dissociate_ifaces_envs(iface) if 'trunk' in int_type.lower(): self._create_ifaces_on_trunks(iface, envs_vlans) return {'channels': self.channel.id}
def create(self, data): """ Creates a new Port Channel """ try: interfaces = data.get('interfaces') nome = data.get('nome') lacp = data.get('lacp') int_type = data.get('int_type') vlan_nativa = data.get('vlan') envs_vlans = data.get('envs') api_interface_facade.verificar_vlan_nativa(vlan_nativa) # Checks if Port Channel name already exists on equipment interfaces = str(interfaces).split('-') api_interface_facade.check_channel_name_on_equipment( nome, interfaces) self.channel = PortChannel() self.channel.nome = str(nome) self.channel.lacp = convert_string_or_int_to_boolean(lacp) self.channel.create(user) int_type = TipoInterface.get_by_name(str(int_type)) ifaces_on_channel = [] for interface in interfaces: if interface: iface = Interface.get_by_pk(int(interface)) self._update_interfaces_from_a_channel( iface, vlan_nativa, ifaces_on_channel, int_type) if 'trunk' in int_type.tipo: self._create_ifaces_on_trunks(sw_router, envs_vlans) except Exception as err: return {"error": str(err)} return {'port_channel': self.channel}
def handle_post(self, request, user, *args, **kwargs): """Trata as requisições de POST para criar uma nova interface para o equipamento URL: /interface/ """ # Obtém dados do request e verifica acesso try: # Obtém os dados do xml do request xml_map, attrs_map = loads(request.raw_post_data) # Obtém o mapa correspondente ao root node do mapa do XML # (networkapi) networkapi_map = xml_map.get('networkapi') if networkapi_map is None: return self.response_error( 3, u'Não existe valor para a tag networkapi do XML de requisição.' ) # Verifica a existência do node "interface" interface_map = networkapi_map.get('interface') if interface_map is None: return self.response_error( 3, u'Não existe valor para a tag interface do XML de requisição.' ) # Valid id_equipamento value id_equipamento = interface_map.get('id_equipamento') if not is_valid_int_greater_zero_param(id_equipamento): self.log.error( u'Parameter id_equipamento is invalid. Value: %s', id_equipamento) raise InvalidValueError(None, 'id_equipamento', id_equipamento) else: id_equipamento = int(id_equipamento) # Check existence Equipamento.get_by_pk(id_equipamento) # Verify permission if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, id_equipamento, AdminPermission.EQUIP_WRITE_OPERATION): return self.not_authorized() # Valid name value nome = interface_map.get('nome') if not is_valid_string_minsize( nome, 1) or not is_valid_string_maxsize(nome, 20): self.log.error(u'Parameter nome is invalid. Value: %s', nome) raise InvalidValueError(None, 'nome', nome) # Valid protegida value protegida = interface_map.get('protegida') if not is_valid_boolean_param(protegida): self.log.error(u'Parameter protegida is invalid. Value: %s', protegida) raise InvalidValueError(None, 'protegida', protegida) else: protegida = convert_string_or_int_to_boolean(protegida) # Valid descricao value descricao = interface_map.get('descricao') if descricao is not None: if not is_valid_string_minsize( descricao, 3) or not is_valid_string_maxsize( descricao, 200): self.log.error( u'Parameter descricao is invalid. Value: %s', descricao) raise InvalidValueError(None, 'descricao', descricao) # Valid "id_ligacao_front" value id_ligacao_front = interface_map.get('id_ligacao_front') if id_ligacao_front is not None: if not is_valid_int_greater_zero_param(id_ligacao_front): self.log.error( u'The id_ligacao_front parameter is not a valid value: %s.', id_ligacao_front) raise InvalidValueError(None, 'id_ligacao_front', id_ligacao_front) else: id_ligacao_front = int(id_ligacao_front) ligacao_front = Interface(id=id_ligacao_front) else: ligacao_front = None # Valid "id_ligacao_back" value id_ligacao_back = interface_map.get('id_ligacao_back') if id_ligacao_back is not None: if not is_valid_int_greater_zero_param(id_ligacao_back): self.log.error( u'The id_ligacao_back parameter is not a valid value: %s.', id_ligacao_back) raise InvalidValueError(None, 'id_ligacao_back', id_ligacao_back) else: id_ligacao_back = int(id_ligacao_back) ligacao_back = Interface(id=id_ligacao_back) else: ligacao_back = None tipo_interface = interface_map.get('tipo') if tipo_interface is None: tipo_interface = 'Access' tipo_interface = TipoInterface.get_by_name(tipo_interface) vlan = interface_map.get('vlan') # Cria a interface conforme dados recebidos no XML interface = Interface(interface=nome, protegida=protegida, descricao=descricao, ligacao_front=ligacao_front, ligacao_back=ligacao_back, equipamento=Equipamento(id=id_equipamento), tipo=tipo_interface, vlan_nativa=vlan) interface.create(user) networkapi_map = dict() interface_map = dict() interface_map['id'] = interface.id networkapi_map['interface'] = interface_map return self.response(dumps_networkapi(networkapi_map)) except InvalidValueError, e: return self.response_error(269, e.param, e.value)
def handle_put(self, request, user, *args, **kwargs): """Treat requests POST to add Rack. URL: channel/editar/ """ try: self.log.info("Editar Channel") # User permission if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION): self.log.error( u'User does not have permission to perform the operation.') raise UserNotAuthorizedError(None) # Load XML data xml_map, attrs_map = loads(request.raw_post_data) # XML data format networkapi_map = xml_map.get('networkapi') if networkapi_map is None: return self.response_error(3, u'There is no value to the networkapi tag of XML request.') channel_map = networkapi_map.get('channel') if channel_map is None: return self.response_error(3, u'There is no value to the channel tag of XML request.') # Get XML data id_channel = channel_map.get('id_channel') nome = channel_map.get('nome') lacp = channel_map.get('lacp') int_type = channel_map.get('int_type') vlan = channel_map.get('vlan') envs = channel_map.get('envs') ids_interface = channel_map.get('ids_interface') if ids_interface is None: raise InterfaceError("Nenhuma interface selecionada") if vlan is not None: if int(vlan) < 1 or int(vlan) > 4096: raise InvalidValueError(None, "Vlan" , vlan) if int(vlan) < 1 or 3967 < int(vlan) < 4048 or int(vlan)==4096: raise InvalidValueError(None, "Vlan Nativa" ,"Range reservado: 3968-4047;4094.") port_channel = PortChannel() interface = Interface() amb = Ambiente() cont = [] #buscar interfaces do channel interfaces = Interface.objects.all().filter(channel__id=id_channel) ids_list = [] for i in interfaces: ids_list.append(i.id) ids_list = [ int(y) for y in ids_list ] if type(ids_interface) is list: ids_interface = [ int(x) for x in ids_interface ] desassociar = set(ids_list) - set(ids_interface) for item in desassociar: item = interface.get_by_pk(int(item)) item.channel = None item.save(user) else: if ids_interface is not None: ids_interface = int(ids_interface) if ids_interface is not None: for item in ids_list: item = interface.get_by_pk(int(item)) item.channel = None item.save(user) else: for item in ids_list: if not item== ids_interface: item = interface.get_by_pk(int(item)) item.channel = None item.save(user) #update channel port_channel = port_channel.get_by_pk(id_channel) port_channel.nome = str(nome) port_channel.lacp = convert_string_or_int_to_boolean(lacp) port_channel.save(user) int_type = TipoInterface.get_by_name(str(int_type)) #update interfaces if type(ids_interface) is list: for var in ids_interface: alterar_interface(var, interface, port_channel, int_type, vlan, user, envs, amb) else: var = ids_interface alterar_interface(var, interface, port_channel, int_type, vlan, user, envs, amb) port_channel_map = dict() port_channel_map['port_channel'] = port_channel return self.response(dumps_networkapi({'port_channel': port_channel_map})) except InvalidValueError, e: return self.response_error(269, e.param, e.value)
def handle_post(self, request, user, *args, **kwargs): """Trata as requisições de POST para criar uma nova interface para o equipamento URL: /interface/ """ # Obtém dados do request e verifica acesso try: # Obtém os dados do xml do request xml_map, attrs_map = loads(request.raw_post_data) # Obtém o mapa correspondente ao root node do mapa do XML # (networkapi) networkapi_map = xml_map.get('networkapi') if networkapi_map is None: return self.response_error(3, u'Não existe valor para a tag networkapi do XML de requisição.') # Verifica a existência do node "interface" interface_map = networkapi_map.get('interface') if interface_map is None: return self.response_error(3, u'Não existe valor para a tag interface do XML de requisição.') # Valid id_equipamento value id_equipamento = interface_map.get('id_equipamento') if not is_valid_int_greater_zero_param(id_equipamento): self.log.error( u'Parameter id_equipamento is invalid. Value: %s', id_equipamento) raise InvalidValueError(None, 'id_equipamento', id_equipamento) else: id_equipamento = int(id_equipamento) # Check existence Equipamento.get_by_pk(id_equipamento) # Verify permission if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, id_equipamento, AdminPermission.EQUIP_WRITE_OPERATION): return self.not_authorized() # Valid name value nome = interface_map.get('nome') if not is_valid_string_minsize(nome, 1) or not is_valid_string_maxsize(nome, 20): self.log.error(u'Parameter nome is invalid. Value: %s', nome) raise InvalidValueError(None, 'nome', nome) # Valid protegida value protegida = interface_map.get('protegida') if not is_valid_boolean_param(protegida): self.log.error( u'Parameter protegida is invalid. Value: %s', protegida) raise InvalidValueError(None, 'protegida', protegida) else: protegida = convert_string_or_int_to_boolean(protegida) # Valid descricao value descricao = interface_map.get('descricao') if descricao is not None: if not is_valid_string_minsize(descricao, 3) or not is_valid_string_maxsize(descricao, 200): self.log.error( u'Parameter descricao is invalid. Value: %s', descricao) raise InvalidValueError(None, 'descricao', descricao) # Valid "id_ligacao_front" value id_ligacao_front = interface_map.get('id_ligacao_front') if id_ligacao_front is not None: if not is_valid_int_greater_zero_param(id_ligacao_front): self.log.error( u'The id_ligacao_front parameter is not a valid value: %s.', id_ligacao_front) raise InvalidValueError( None, 'id_ligacao_front', id_ligacao_front) else: id_ligacao_front = int(id_ligacao_front) ligacao_front = Interface(id=id_ligacao_front) else: ligacao_front = None # Valid "id_ligacao_back" value id_ligacao_back = interface_map.get('id_ligacao_back') if id_ligacao_back is not None: if not is_valid_int_greater_zero_param(id_ligacao_back): self.log.error( u'The id_ligacao_back parameter is not a valid value: %s.', id_ligacao_back) raise InvalidValueError( None, 'id_ligacao_back', id_ligacao_back) else: id_ligacao_back = int(id_ligacao_back) ligacao_back = Interface(id=id_ligacao_back) else: ligacao_back = None tipo_interface = interface_map.get('tipo') if tipo_interface == None: tipo_interface = "Access" tipo_interface = TipoInterface.get_by_name(tipo_interface) vlan = interface_map.get('vlan') # Cria a interface conforme dados recebidos no XML interface = Interface( interface=nome, protegida=protegida, descricao=descricao, ligacao_front=ligacao_front, ligacao_back=ligacao_back, equipamento=Equipamento(id=id_equipamento), tipo=tipo_interface, vlan_nativa=vlan ) interface.create(user) networkapi_map = dict() interface_map = dict() interface_map['id'] = interface.id networkapi_map['interface'] = interface_map return self.response(dumps_networkapi(networkapi_map)) except InvalidValueError, e: return self.response_error(269, e.param, e.value)
def handle_post(self, request, user, *args, **kwargs): """Treat requests POST to authenticate to user. URL: authenticate/ """ try: self.log.info("Authenticate user") # User permission if not has_perm(user, AdminPermission.AUTHENTICATE, AdminPermission.WRITE_OPERATION): self.log.error( u'User does not have permission to perform the operation.') raise UserNotAuthorizedError(None) # Load XML data xml_map, attrs_map = loads(request.raw_post_data) # XML data format networkapi_map = xml_map.get('networkapi') if networkapi_map is None: return self.response_error(3, u'There is no value to the networkapi tag of XML request.') user_map = networkapi_map.get('user') if user_map is None: return self.response_error(3, u'There is no value to the user tag of XML request.') # Get XML data username = user_map.get('username') password = user_map.get('password') is_ldap_user = user_map.get('is_ldap_user') # Username can NOT be less 3 and greater than 45 if not is_valid_string_minsize(username, 3) or not is_valid_string_maxsize(username, 45): self.log.error( u'Parameter username is invalid. Value: %s.', username) raise InvalidValueError(None, 'username', username) if not is_valid_boolean_param(is_ldap_user): self.log.error( u'Parameter is_ldap_user is invalid. Value: %s.', is_ldap_user) raise InvalidValueError(None, 'is_ldap_user', is_ldap_user) else: is_ldap_user = convert_string_or_int_to_boolean(is_ldap_user) if is_ldap_user: user = Usuario().get_by_ldap_user(username, True) password = user.pwd else: # Password can NOT be less 3 and greater than 45 if not is_valid_string_minsize(password, 3) or not is_valid_string_maxsize(password, 45): self.log.error( u'Parameter password is invalid. Value: %s.', '****') raise InvalidValueError(None, 'password', '****') # Find user by username, password to check if it exist user = Usuario().get_enabled_user(username.upper(), password) # Valid user if user is None: return self.response(dumps_networkapi({})) perms = {} for ugroup in user.grupos.all(): for perm in ugroup.permissaoadministrativa_set.all(): function = perm.permission.function if perms.has_key(function): write = False read = False if perms.get(function).get('write') == True or perm.escrita == True: write = True if perms.get(function).get('read') == True or perm.leitura == True: read = True perms[function] = {'write': write, 'read': read} else: perms[function] = { 'write': perm.escrita, 'read': perm.leitura} user_map = {} user_dict = model_to_dict( user, fields=['id', 'user', 'nome', 'email', 'ativo', 'user_ldap']) user_dict['pwd'] = password user_dict['permission'] = perms user_map['user'] = user_dict return self.response(dumps_networkapi(user_map)) except UsuarioNotFoundError: return self.response(dumps_networkapi({})) except InvalidValueError, e: return self.response_error(269, e.param, e.value)
def handle_put(self, request, user, *args, **kwargs): """Treat requests POST to add Rack. URL: channel/editar/ """ try: self.log.info('Editar Channel') # User permission if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION): self.log.error( u'User does not have permission to perform the operation.') raise UserNotAuthorizedError(None) # Load XML data xml_map, attrs_map = loads(request.raw_post_data) # XML data format networkapi_map = xml_map.get('networkapi') if networkapi_map is None: return self.response_error(3, u'There is no value to the networkapi tag of XML request.') channel_map = networkapi_map.get('channel') if channel_map is None: return self.response_error(3, u'There is no value to the channel tag of XML request.') # Get XML data id_channel = channel_map.get('id_channel') nome = channel_map.get('nome') if not is_valid_int_greater_zero_param(nome): raise InvalidValueError( None, 'Numero do Channel', 'Deve ser um numero inteiro.') lacp = channel_map.get('lacp') int_type = channel_map.get('int_type') vlan_nativa = channel_map.get('vlan') envs_vlans = channel_map.get('envs') ids_interface = channel_map.get('ids_interface') if ids_interface is None: raise InterfaceError('Nenhuma interface selecionada') if type(ids_interface) == list: interfaces_list = ids_interface else: interfaces_list = str(ids_interface).split('-') port_channel = PortChannel() interface = Interface() amb = Ambiente() api_interface_facade.verificar_vlan_nativa(vlan_nativa) # verifica se o nome do port channel já existe no equipamento channel = port_channel.get_by_pk(int(id_channel)) if not nome == channel.nome: api_interface_facade.verificar_nome_channel( nome, interfaces_list) # buscar interfaces do channel interfaces = Interface.objects.all().filter(channel__id=id_channel) ids_list = [] for i in interfaces: ids_list.append(i.id) ids_list = [int(y) for y in ids_list] if type(ids_interface) is list: ids_interface = [int(x) for x in ids_interface] desassociar = set(ids_list) - set(ids_interface) for item in desassociar: item = interface.get_by_pk(int(item)) item.channel = None item.save() else: if ids_interface is not None: ids_interface = int(ids_interface) if ids_interface is not None: for item in ids_list: item = interface.get_by_pk(int(item)) item.channel = None item.save() else: for item in ids_list: if not item == ids_interface: item = interface.get_by_pk(int(item)) item.channel = None item.save() # update channel channel.nome = str(nome) channel.lacp = convert_string_or_int_to_boolean(lacp) channel.save() int_type = TipoInterface.get_by_name(str(int_type)) # update interfaces if type(ids_interface) is not list: i = ids_interface ids_interface = [] ids_interface.append(i) for var in ids_interface: alterar_interface(var, interface, channel, int_type, vlan_nativa, user, envs_vlans, amb) interface = Interface() server_obj = Interface() interface_sw = interface.get_by_pk(int(var)) interface_server = server_obj.get_by_pk( interface_sw.ligacao_front.id) try: front = interface_server.ligacao_front.id except: front = None pass try: back = interface_server.ligacao_back.id except: back = None pass server_obj.update(user, interface_server.id, interface=interface_server.interface, protegida=interface_server.protegida, descricao=interface_server.descricao, ligacao_front_id=front, ligacao_back_id=back, tipo=int_type, vlan_nativa=int(vlan_nativa)) port_channel_map = dict() port_channel_map['port_channel'] = port_channel return self.response(dumps_networkapi({'port_channel': port_channel_map})) except InvalidValueError, e: return self.response_error(269, e.param, e.value)
def insert_equipment(equipment_map, user): """ Insere um equipamento e o relacionamento entre equipamento e o grupo. @param equipment_map: Map com as chaves: id_grupo, id_tipo_equipamento, id_modelo e nome @param user: Usuário autenticado na API. @return Em caso de erro retorna a tupla: (código da mensagem de erro, argumento01, argumento02, ...) Em caso de sucesso retorna a tupla: (0, <identificador do equipamento_grupo>, <equipamento>) @raise InvalidGroupToEquipmentTypeError: Equipamento do grupo “Equipamentos Orquestração” somente poderá ser criado com tipo igual a “Servidor Virtual”. @raise EGrupoNotFoundError: Grupo não cadastrado. @raise GrupoError: Falha ao pesquisar o Grupo. @raise TipoEquipamentoNotFoundError: Tipo de equipamento nao cadastrado. @raise ModeloNotFoundError: Modelo nao cadastrado. @raise EquipamentoNameDuplicatedError: Nome do equipamento duplicado. @raise EquipamentoError: Falha ou inserir o equipamento. @raise UserNotAuthorizedError: Usuário sem autorização para executar a operação. """ log = logging.getLogger('insert_equipment') log.debug('EQUIPAMENTO_MAP: %s', equipment_map) equipment = Equipamento() equipment.tipo_equipamento = TipoEquipamento() equipment.modelo = Modelo() group_id = equipment_map.get('id_grupo') if not is_valid_int_greater_zero_param(group_id): log.error(u'The group_id parameter is not a valid value: %s.', group_id) raise InvalidValueError(None, 'group_id', group_id) else: group_id = int(group_id) if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, group_id, None, AdminPermission.EQUIP_WRITE_OPERATION): raise UserNotAuthorizedError( None, u'Usuário não tem permissão para executar a operação.') equipment_type_id = equipment_map.get('id_tipo_equipamento') if not is_valid_int_greater_zero_param(equipment_type_id): log.error(u'The equipment_type_id parameter is not a valid value: %s.', equipment_type_id) raise InvalidValueError(None, 'equipment_type_id', equipment_type_id) else: equipment.tipo_equipamento.id = int(equipment_type_id) model_id = equipment_map.get('id_modelo') if not is_valid_int_greater_zero_param(model_id): log.error(u'The model_id parameter is not a valid value: %s.', model_id) raise InvalidValueError(None, 'model_id', model_id) else: equipment.modelo.id = int(model_id) name = equipment_map.get('nome') if not is_valid_string_minsize(name, 3) or not is_valid_string_maxsize( name, 50): log.error(u'The name parameter is not a valid value: %s.', name) raise InvalidValueError(None, 'name', name) else: equipment.nome = name # maintenance is a new feature. Check existing value if not defined in request # Old calls does not send this field maintenance = equipment_map.get('maintenance') if maintenance is None: maintenance = False if not is_valid_boolean_param(maintenance): log.error(u'The maintenance parameter is not a valid value: %s.', maintenance) raise InvalidValueError(None, 'maintenance', maintenance) else: equipment.maintenance = convert_string_or_int_to_boolean(maintenance) equipment_group_id = equipment.create(user, group_id) return 0, equipment_group_id, equipment
def handle_put(self, request, user, *args, **kwargs): """Treat requests PUT to edit Administrative Permission. URL: perms/<id_perm>/ """ try: self.log.info("Edit Administrative Permission") # User permission if not has_perm(user, AdminPermission.USER_ADMINISTRATION, AdminPermission.WRITE_OPERATION): self.log.error( u'User does not have permission to perform the operation.') raise UserNotAuthorizedError(None) id_perm = kwargs.get('id_perm') # Load XML data xml_map, attrs_map = loads(request.raw_post_data) # XML data format networkapi_map = xml_map.get('networkapi') if networkapi_map is None: return self.response_error(3, u'There is no value to the networkapi tag of XML request.') perm_map = networkapi_map.get('administrative_permission') if perm_map is None: return self.response_error(3, u'There is no value to the administrative_permission tag of XML request.') # Get XML data id_permission = perm_map.get('id_permission') id_group = perm_map.get('id_group') read = perm_map.get('read') write = perm_map.get('write') # Valid ID Administrative Permission if not is_valid_int_greater_zero_param(id_perm): self.log.error( u'The id_perm parameter is not a valid value: %s.', id_perm) raise InvalidValueError(None, 'id_perm', id_perm) # Valid ID Permission if not is_valid_int_greater_zero_param(id_permission): self.log.error( u'The id_permission parameter is not a valid value: %s.', id_permission) raise InvalidValueError(None, 'id_permission', id_permission) # Valid ID Group if not is_valid_int_greater_zero_param(id_group): self.log.error( u'The id_group parameter is not a valid value: %s.', id_group) raise InvalidValueError(None, 'id_group', id_group) # Valid Read if not is_valid_boolean_param(read): self.log.error( u'The read parameter is not a valid value: %s.', read) raise InvalidValueError(None, 'read', read) # Valid Read if not is_valid_boolean_param(write): self.log.error( u'The write parameter is not a valid value: %s.', write) raise InvalidValueError(None, 'write', write) # Find Permission by ID to check if it exist adm_perm = PermissaoAdministrativa.get_by_pk(id_perm) with distributedlock(LOCK_PERM % id_perm): # Find Permission by ID to check if it exist permission = Permission.get_by_pk(id_permission) # Find UGroup by ID to check if it exist ugroup = UGrupo.get_by_pk(id_group) try: perm = PermissaoAdministrativa.get_permission_by_permission_ugroup( id_permission, id_group) if perm.id != int(id_perm): raise PermissaoAdministrativaDuplicatedError( None, permission.function) except PermissaoAdministrativaNotFoundError: pass # set variables adm_perm.permission = permission adm_perm.ugrupo = ugroup adm_perm.leitura = convert_string_or_int_to_boolean(read) adm_perm.escrita = convert_string_or_int_to_boolean(write) try: # update Administrative Permission adm_perm.save() except Exception, e: self.log.error( u'Failed to update the administrative permission.') raise PermissionError( e, u'Failed to update the administrative permission.') return self.response(dumps_networkapi({})) except InvalidValueError, e: return self.response_error(269, e.param, e.value)
def get_enabled_user(self, username, password): """ Busca o usuário de acordo com o login e a senha. Retorna apenas usuário ativo. """ bypass = 0 try: try: use_cache_user = convert_string_or_int_to_boolean( get_value('use_cache_user')) if use_cache_user: salt = get_cache('salt_key') if salt: self.log.debug( 'The encrypt key was taken successfully!') hash_text = str(username + password) encrypted_hash_text = encrypt_key(hash_text, salt) cached_hash_text = get_cache( b64encode(encrypted_hash_text)) if cached_hash_text: self.log.debug( 'This authentication is using cached user') pswd = Usuario.encode_password(password) return Usuario.objects.prefetch_related( 'grupos').get(user=username, pwd=pswd, ativo=1) else: set_cache(b64encode(encrypted_hash_text), True, int(get_value('time_cache_user'))) self.log.debug('The user was cached successfully!') else: salt_key = generate_key() set_cache('salt_key', salt_key, int(get_value('time_cache_salt_key'))) self.log.debug( 'The encrypt token was generated and cached successfully!' ) except Exception as ERROR: self.log.error(ERROR) try: use_ldap = convert_string_or_int_to_boolean( get_value('use_ldap')) if use_ldap: ldap_param = get_value('ldap_config') ldap_server = get_value('ldap_server') return_user = self.get_by_ldap_user(username, True) else: bypass = 1 except exceptions.VariableDoesNotExistException, e: self.log.error( 'Error getting LDAP config variables (use_ldap). Trying local authentication' ) bypass = 1 except UsuarioNotFoundError, e: self.log.debug("Using local authentication for user \'%s\'" % username) bypass = 1
def handle_put(self, request, user, *args, **kwargs): """Treat requests PUT to edit User. URL: user/<id_user>/ """ try: self.log.info('Edit User') # User permission if not has_perm(user, AdminPermission.USER_ADMINISTRATION, AdminPermission.WRITE_OPERATION): self.log.error( u'User does not have permission to perform the operation.') raise UserNotAuthorizedError(None) id_user = kwargs.get('id_user') # Load XML data xml_map, attrs_map = loads(request.raw_post_data) # XML data format networkapi_map = xml_map.get('networkapi') if networkapi_map is None: return self.response_error( 3, u'There is no value to the networkapi tag of XML request.' ) user_map = networkapi_map.get('user') if user_map is None: return self.response_error( 3, u'There is no value to the user tag of XML request.') # Get XML data username = user_map.get('user') password = user_map.get('password') name = user_map.get('name') email = user_map.get('email') active = user_map.get('active') user_ldap = user_map.get('user_ldap') # Valid ID User if not is_valid_int_greater_zero_param(id_user): self.log.error( u'The id_user parameter is not a valid value: %s.', id_user) raise InvalidValueError(None, 'id_user', id_user) # Valid username if not is_valid_string_minsize( username, 3) or not is_valid_string_maxsize(username, 45): self.log.error(u'Parameter user is invalid. Value: %s', username) raise InvalidValueError(None, 'user', username) # Valid pwd if not is_valid_string_minsize( password, 3) or not is_valid_string_maxsize(password, 45): self.log.error(u'Parameter password is invalid. Value: ****') raise InvalidValueError(None, 'password', '****') # Valid name if not is_valid_string_minsize( name, 3) or not is_valid_string_maxsize(name, 200): self.log.error(u'Parameter name is invalid. Value: %s', name) raise InvalidValueError(None, 'name', name) # Valid email if not is_valid_string_minsize( email, 3) or not is_valid_string_maxsize( email, 200) or not is_valid_email(email): self.log.error(u'Parameter email is invalid. Value: %s', email) raise InvalidValueError(None, 'email', email) # Valid active if not is_valid_boolean_param(active): self.log.error( u'The active parameter is not a valid value: %s.', active) raise InvalidValueError(None, 'active', active) # Valid LDAP username if not is_valid_string_minsize( user_ldap, 3, False) or not is_valid_string_maxsize( user_ldap, 45, False): self.log.error(u'Parameter user_ldap is invalid. Value: %s', user_ldap) raise InvalidValueError(None, 'user_ldap', user_ldap) # Find User by ID to check if it exist usr = Usuario.get_by_pk(id_user) with distributedlock(LOCK_USER % id_user): try: if usr.user.lower() != username.lower(): Usuario.get_by_user(username) raise UsuarioNameDuplicatedError( None, u'Já existe um usuário com o valor user %s.' % username) except UsuarioNotFoundError: pass # set variables usr.user = username usr.pwd = password usr.nome = name usr.email = email usr.ativo = convert_string_or_int_to_boolean(active) usr.user_ldap = user_ldap try: # update User usr.save() except Exception, e: self.log.error(u'Failed to update the user.') raise UsuarioError(e, u'Failed to update the user.') return self.response(dumps_networkapi({})) except InvalidValueError, e: return self.response_error(269, e.param, e.value)
def handle_post(self, request, user, *args, **kwargs): """Treat requests POST to add Rack. URL: channel/inserir/ """ try: self.log.info("Inserir novo Channel") # User permission if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION): self.log.error( u'User does not have permission to perform the operation.') raise UserNotAuthorizedError(None) # Load XML data xml_map, attrs_map = loads(request.raw_post_data) # XML data format networkapi_map = xml_map.get('networkapi') if networkapi_map is None: return self.response_error(3, u'There is no value to the networkapi tag of XML request.') channel_map = networkapi_map.get('channel') if channel_map is None: return self.response_error(3, u'There is no value to the channel tag of XML request.') # Get XML data interfaces = channel_map.get('interfaces') nome = channel_map.get('nome') lacp = channel_map.get('lacp') int_type = channel_map.get('int_type') vlan = channel_map.get('vlan') envs = channel_map.get('envs') port_channel = PortChannel() interface = Interface() amb = Ambiente() cont = [] port_channel.nome = str(nome) port_channel.lacp = convert_string_or_int_to_boolean(lacp) port_channel.create(user) interfaces = str(interfaces).split('-') int_type = TipoInterface.get_by_name(str(int_type)) for var in interfaces: if not var=="" and not var==None: interf = interface.get_by_pk(int(var)) try: sw_router = interf.get_switch_and_router_interface_from_host_interface(interf.protegida) except: raise InterfaceError("Interface não conectada") if sw_router.channel is not None: raise InterfaceError("Interface %s já está em um Channel" % sw_router.interface) for i in interface.search(sw_router.equipamento.id): if i.channel is not None: raise InterfaceError("Equipamento %s já possui um Channel" % sw_router.equipamento.nome) if cont is []: cont.append(int(sw_router.equipamento.id)) elif not sw_router.equipamento.id in cont: cont.append(int(sw_router.equipamento.id)) if len(cont) > 2: raise InterfaceError("Mais de dois equipamentos foram selecionados") if sw_router.ligacao_front is not None: ligacao_front_id = sw_router.ligacao_front.id else: ligacao_front_id = None if sw_router.ligacao_back is not None: ligacao_back_id = sw_router.ligacao_back.id else: ligacao_back_id = None Interface.update(user, sw_router.id, interface=sw_router.interface, protegida=sw_router.protegida, descricao=sw_router.descricao, ligacao_front_id=ligacao_front_id, ligacao_back_id=ligacao_back_id, tipo=int_type, vlan_nativa=vlan, channel=port_channel) if "trunk" in int_type.tipo: interface_list = EnvironmentInterface.objects.all().filter(interface=sw_router.id) for int_env in interface_list: int_env.delete(user) if envs is not None: if not type(envs)==unicode: for env in envs: amb_int = EnvironmentInterface() amb_int.interface = sw_router amb_int.ambiente = amb.get_by_pk(int(env)) amb_int.create(user) else: amb_int = EnvironmentInterface() amb_int.interface = sw_router amb_int.ambiente = amb.get_by_pk(int(envs)) amb_int.create(user) port_channel_map = dict() port_channel_map['port_channel'] = port_channel return self.response(dumps_networkapi({'port_channel': port_channel_map})) except InvalidValueError, e: return self.response_error(269, e.param, e.value)
def handle_put(self, request, user, *args, **kwargs): """Trata uma requisição PUT para alterar informações de uma interface. URL: /interface/<id_interface>/ """ # Get request data and check permission try: # Valid Interface ID id_interface = kwargs.get('id_interface') if not is_valid_int_greater_zero_param(id_interface): self.log.error( u'The id_interface parameter is not a valid value: %s.', id_interface) raise InvalidValueError(None, 'id_interface', id_interface) # Get interface and equipment to check permission interface = Interface.get_by_pk(id_interface) id_equipamento = interface.equipamento_id # Check permission if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, id_equipamento, AdminPermission.EQUIP_WRITE_OPERATION): return self.not_authorized() # Get XML data xml_map, attrs_map = loads(request.raw_post_data) networkapi_map = xml_map.get('networkapi') if networkapi_map is None: return self.response_error( 3, u'There is no networkapi tag in XML request.') interface_map = networkapi_map.get('interface') if interface_map is None: return self.response_error( 3, u'There is no interface tag in XML request.') # Valid name value nome = interface_map.get('nome') if not is_valid_string_minsize( nome, 1) or not is_valid_string_maxsize(nome, 20): self.log.error(u'Parameter nome is invalid. Value: %s', nome) raise InvalidValueError(None, 'nome', nome) # Valid protegida value protegida = interface_map.get('protegida') if not is_valid_boolean_param(protegida): self.log.error(u'Parameter protegida is invalid. Value: %s', protegida) raise InvalidValueError(None, 'protegida', protegida) else: protegida = convert_string_or_int_to_boolean(protegida) # Valid descricao value descricao = interface_map.get('descricao') if descricao is not None: if not is_valid_string_minsize( descricao, 3) or not is_valid_string_maxsize( descricao, 200): self.log.error( u'Parameter descricao is invalid. Value: %s', descricao) raise InvalidValueError(None, 'descricao', descricao) # Valid "id_ligacao_front" value id_ligacao_front = interface_map.get('id_ligacao_front') if id_ligacao_front is not None: if not is_valid_int_greater_zero_param(id_ligacao_front): self.log.error( u'The id_ligacao_front parameter is not a valid value: %s.', id_ligacao_front) raise InvalidValueError(None, 'id_ligacao_front', id_ligacao_front) else: id_ligacao_front = int(id_ligacao_front) # Valid "id_ligacao_back" value id_ligacao_back = interface_map.get('id_ligacao_back') if id_ligacao_back is not None: if not is_valid_int_greater_zero_param(id_ligacao_back): self.log.error( u'The id_ligacao_back parameter is not a valid value: %s.', id_ligacao_back) raise InvalidValueError(None, 'id_ligacao_back', id_ligacao_back) else: id_ligacao_back = int(id_ligacao_back) tipo = interface_map.get('tipo') if tipo is not None: tipo = TipoInterface.get_by_name(tipo) vlan = interface_map.get('vlan') with distributedlock(LOCK_INTERFACE % id_interface): # Update interface Interface.update(user, id_interface, interface=nome, protegida=protegida, descricao=descricao, ligacao_front_id=id_ligacao_front, ligacao_back_id=id_ligacao_back, tipo=tipo, vlan_nativa=vlan) return self.response(dumps_networkapi({})) except InvalidValueError, e: return self.response_error(269, e.param, e.value)
def handle_post(self, request, user, *args, **kwargs): """Treat requests POST to add Rack. URL: channel/inserir/ """ try: self.log.info('Inserir novo Channel') # User permission if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION): self.log.error( u'User does not have permission to perform the operation.') raise UserNotAuthorizedError(None) # Load XML data xml_map, attrs_map = loads(request.raw_post_data) # XML data format networkapi_map = xml_map.get('networkapi') if networkapi_map is None: return self.response_error(3, u'There is no value to the networkapi tag of XML request.') channel_map = networkapi_map.get('channel') if channel_map is None: return self.response_error(3, u'There is no value to the channel tag of XML request.') # Get XML data interfaces = channel_map.get('interfaces') nome = channel_map.get('nome') lacp = channel_map.get('lacp') int_type = channel_map.get('int_type') vlan_nativa = channel_map.get('vlan') envs_vlans = channel_map.get('envs') port_channel = PortChannel() interface = Interface() amb = Ambiente() cont = [] api_interface_facade.verificar_vlan_nativa(vlan_nativa) # verifica se o nome do port channel já existe no equipamento interfaces = str(interfaces).split('-') api_interface_facade.verificar_nome_channel(nome, interfaces) # cria o port channel port_channel.nome = str(nome) port_channel.lacp = convert_string_or_int_to_boolean(lacp) port_channel.create(user) int_type = TipoInterface.get_by_name(str(int_type)) for var in interfaces: if not var == '' and not var is None: interf = interface.get_by_pk(int(var)) try: sw_router = interf.get_switch_and_router_interface_from_host_interface( interf.protegida) except: raise InterfaceError('Interface não conectada') if sw_router.channel is not None: raise InterfaceError( 'Interface %s já está em um Channel' % sw_router.interface) if cont is []: cont.append(int(sw_router.equipamento.id)) elif not sw_router.equipamento.id in cont: cont.append(int(sw_router.equipamento.id)) if len(cont) > 2: raise InterfaceError( 'Mais de dois equipamentos foram selecionados') if sw_router.ligacao_front is not None: ligacao_front_id = sw_router.ligacao_front.id else: ligacao_front_id = None if sw_router.ligacao_back is not None: ligacao_back_id = sw_router.ligacao_back.id else: ligacao_back_id = None Interface.update(user, sw_router.id, interface=sw_router.interface, protegida=sw_router.protegida, descricao=sw_router.descricao, ligacao_front_id=ligacao_front_id, ligacao_back_id=ligacao_back_id, tipo=int_type, vlan_nativa=vlan_nativa, channel=port_channel) if 'trunk' in int_type.tipo: interface_list = EnvironmentInterface.objects.all().filter(interface=sw_router.id) for int_env in interface_list: int_env.delete() if type(envs_vlans) is not list: d = envs_vlans envs_vlans = [] envs_vlans.append(d) for i in envs_vlans: amb = amb.get_by_pk(int(i.get('env'))) amb_int = EnvironmentInterface() amb_int.interface = sw_router amb_int.ambiente = amb try: range_vlans = i.get('vlans') except: range_vlans = None pass if range_vlans: api_interface_facade.verificar_vlan_range( amb, range_vlans) amb_int.vlans = range_vlans amb_int.create(user) port_channel_map = dict() port_channel_map['port_channel'] = port_channel return self.response(dumps_networkapi({'port_channel': port_channel_map})) except InvalidValueError, e: return self.response_error(269, e.param, e.value)
def handle_post(self, request, user, *args, **kwargs): """Treat requests POST to authenticate to user. URL: authenticate/ """ try: self.log.info('Authenticate user') # User permission if not has_perm(user, AdminPermission.AUTHENTICATE, AdminPermission.WRITE_OPERATION): self.log.error( u'User does not have permission to perform the operation.') raise UserNotAuthorizedError(None) # Load XML data xml_map, attrs_map = loads(request.raw_post_data) # XML data format networkapi_map = xml_map.get('networkapi') if networkapi_map is None: return self.response_error(3, u'There is no value to the networkapi tag of XML request.') user_map = networkapi_map.get('user') if user_map is None: return self.response_error(3, u'There is no value to the user tag of XML request.') # Get XML data username = user_map.get('username') password = user_map.get('password') is_ldap_user = user_map.get('is_ldap_user') # Username can NOT be less 3 and greater than 45 if not is_valid_string_minsize(username, 3) or not is_valid_string_maxsize(username, 45): self.log.error( u'Parameter username is invalid. Value: %s.', username) raise InvalidValueError(None, 'username', username) if not is_valid_boolean_param(is_ldap_user): self.log.error( u'Parameter is_ldap_user is invalid. Value: %s.', is_ldap_user) raise InvalidValueError(None, 'is_ldap_user', is_ldap_user) else: is_ldap_user = convert_string_or_int_to_boolean(is_ldap_user) if is_ldap_user: user = Usuario().get_by_ldap_user(username, True) password = user.pwd else: # Password can NOT be less 3 and greater than 45 if not is_valid_string_minsize(password, 3) or not is_valid_string_maxsize(password, 45): self.log.error( u'Parameter password is invalid. Value: %s.', '****') raise InvalidValueError(None, 'password', '****') # Find user by username, password to check if it exist user = Usuario().get_enabled_user(username.upper(), password) # Valid user if user is None: return self.response(dumps_networkapi({})) perms = {} for ugroup in user.grupos.all(): for perm in ugroup.permissaoadministrativa_set.all(): function = perm.permission.function if function in perms: write = False read = False if perms.get(function).get('write') is True or perm.escrita is True: write = True if perms.get(function).get('read') is True or perm.leitura is True: read = True perms[function] = {'write': write, 'read': read} else: perms[function] = { 'write': perm.escrita, 'read': perm.leitura} user_map = {} user_dict = model_to_dict( user, fields=['id', 'user', 'nome', 'email', 'ativo', 'user_ldap']) user_dict['pwd'] = password user_dict['permission'] = perms user_map['user'] = user_dict return self.response(dumps_networkapi(user_map)) except UsuarioNotFoundError: return self.response(dumps_networkapi({})) except InvalidValueError, e: return self.response_error(269, e.param, e.value)
def handle_get(self, request, user, *args, **kwargs): """Handles GET requests to add block in vip rule. URLs: /vip/add_block/<id_vip>/<id_block>/<override> """ self.log.info('Add block in rule vip') try: # Commons Validations # User permission if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION): self.log.error( u'User does not have permission to perform the operation.') return self.not_authorized() # Business Validations id_vip = kwargs.get('id_vip') id_block = kwargs.get('id_block') override = kwargs.get('override') if not is_valid_int_greater_zero_param(id_vip): self.log.error(u'Parameter id_vip is invalid. Value: %s.', id_vip) raise InvalidValueError(None, 'id_vip', id_vip) if not is_valid_int_greater_zero_param(id_block): self.log.error(u'Parameter id_block is invalid. Value: %s.', id_block) raise InvalidValueError(None, 'id_block', id_block) if not is_valid_boolean_param(override, False): self.log.error(u'Parameter override is invalid. Value: %s.', override) raise InvalidValueError(None, 'override', override) else: override = convert_string_or_int_to_boolean(override) vip = RequisicaoVips.get_by_pk(id_vip) vip_map = vip.variables_to_map() host = vip_map['host'] rule_applied = vip.rule_applied # Vip must be created if not vip.vip_criado: self.log.error( u'Block can not added because VIP has not been created yet.' ) raise RequestVipsNotBeenCreatedError(None) ################################################### # Vip Request has a rule applied # ################################################### if rule_applied: block_in_rules = self.insert_block_in_rule( id_block, rule_applied) # create new rule # make a copy new_rule_content = copy.copy(rule_applied) # remove the rule if is a vip rule and this rule is not applied if vip.rule: if rule_applied != vip.rule and vip.rule.vip: vip.rule.delete() # duplicate rule with new block new_rule_content.id = None new_rule_content.vip = vip count_rule_vip = Rule.objects.filter(vip=vip).count() diff_name = '(' + str(count_rule_vip) + \ ')' if count_rule_vip else '' new_rule_content.name = 'regra_' + host + diff_name new_rule_content.save(user, force_insert=True) ################################################### # Vip Request hasn't a rule applied # ################################################### else: block_in_rules, environment = self.generate_rule_contents( vip, id_block) # create new rule new_rule_content = Rule() count_rule_vip = Rule.objects.filter(vip=vip).count() diff_name = '(' + str(count_rule_vip) + \ ')' if count_rule_vip else '' new_rule_content.name = 'regra_' + host + diff_name new_rule_content.vip = vip new_rule_content.environment = environment new_rule_content.save() new_content = '\n'.join(d['content'] for d in block_in_rules) # save contents with new rule for i in range(len(block_in_rules)): rule_content = RuleContent() rule_content.content = block_in_rules[i]['content'] rule_content.order = i rule_content.rule = new_rule_content rule_content.save() if override or not vip.l7_filter: # update filter and rule with new block vip.l7_filter = new_content vip.rule = new_rule_content vip.filter_valid = True vip.save() else: self.log.error( u'Block can not be added because there is already a rule to apply, and the value of zero is overwritten.' ) raise AddBlockOverrideNotDefined(None) success_map = dict() success_map['codigo'] = 0 success_map['descricao'] = u'Bloco incluído com sucesso' return self.response(dumps_networkapi({'sucesso': success_map})) except VipRequestBlockAlreadyInRule, e: self.log.error(e.message) return self.response_error(361)
def handle_get(self, request, user, *args, **kwargs): """Handles GET requests to add block in vip rule. URLs: /vip/add_block/<id_vip>/<id_block>/<override> """ self.log.info('Add block in rule vip') try: # Commons Validations # User permission if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION): self.log.error( u'User does not have permission to perform the operation.') return self.not_authorized() # Business Validations id_vip = kwargs.get('id_vip') id_block = kwargs.get('id_block') override = kwargs.get('override') if not is_valid_int_greater_zero_param(id_vip): self.log.error( u'Parameter id_vip is invalid. Value: %s.', id_vip) raise InvalidValueError(None, 'id_vip', id_vip) if not is_valid_int_greater_zero_param(id_block): self.log.error( u'Parameter id_block is invalid. Value: %s.', id_block) raise InvalidValueError(None, 'id_block', id_block) if not is_valid_boolean_param(override, False): self.log.error( u'Parameter override is invalid. Value: %s.', override) raise InvalidValueError(None, 'override', override) else: override = convert_string_or_int_to_boolean(override) vip = RequisicaoVips.get_by_pk(id_vip) vip_map = vip.variables_to_map() host = vip_map['host'] rule_applied = vip.rule_applied # Vip must be created if not vip.vip_criado: self.log.error( u'Block can not added because VIP has not been created yet.') raise RequestVipsNotBeenCreatedError(None) ################################################### # Vip Request has a rule applied # ################################################### if rule_applied: block_in_rules = self.insert_block_in_rule( id_block, rule_applied) # create new rule # make a copy new_rule_content = copy.copy(rule_applied) # remove the rule if is a vip rule and this rule is not applied if vip.rule: if rule_applied != vip.rule and vip.rule.vip: vip.rule.delete() # duplicate rule with new block new_rule_content.id = None new_rule_content.vip = vip count_rule_vip = Rule.objects.filter(vip=vip).count() diff_name = '(' + str(count_rule_vip) + \ ')' if count_rule_vip else '' new_rule_content.name = 'regra_' + host + diff_name new_rule_content.save(user, force_insert=True) ################################################### # Vip Request hasn't a rule applied # ################################################### else: block_in_rules, environment = self.generate_rule_contents( vip, id_block) # create new rule new_rule_content = Rule() count_rule_vip = Rule.objects.filter(vip=vip).count() diff_name = '(' + str(count_rule_vip) + \ ')' if count_rule_vip else '' new_rule_content.name = 'regra_' + host + diff_name new_rule_content.vip = vip new_rule_content.environment = environment new_rule_content.save() new_content = '\n'.join(d['content'] for d in block_in_rules) # save contents with new rule for i in range(len(block_in_rules)): rule_content = RuleContent() rule_content.content = block_in_rules[i]['content'] rule_content.order = i rule_content.rule = new_rule_content rule_content.save() if override or not vip.l7_filter: # update filter and rule with new block vip.l7_filter = new_content vip.rule = new_rule_content vip.filter_valid = True vip.save() else: self.log.error( u'Block can not be added because there is already a rule to apply, and the value of zero is overwritten.') raise AddBlockOverrideNotDefined(None) success_map = dict() success_map['codigo'] = 0 success_map['descricao'] = u'Bloco incluído com sucesso' return self.response(dumps_networkapi({'sucesso': success_map})) except VipRequestBlockAlreadyInRule, e: self.log.error(e.message) return self.response_error(361)
def update(self, data): try: id_channel = data.get('id') name = data.get('name') lacp = data.get('lacp') int_type = data.get('int_type') vlan_nativa = data.get('vlan') envs_vlans = data.get('envs_vlans') interfaces = data.get('interfaces') protected = data.get('protected') self.channel = PortChannel.get_by_pk(int(id_channel)) if not interfaces: raise InterfaceError('No interfaces selected') if not is_valid_int_greater_zero_param(name): raise InvalidValueError(None, 'Channel number', 'must be integer.') api_interface_facade.verificar_vlan_nativa(vlan_nativa) # Dissociate old interfaces interfaces_old = Interface.objects.filter( channel__id=int(id_channel) ) log.debug(interfaces_old) server = None for i in interfaces_old: server = i.ligacao_front.equipamento.id i.channel = None i.save() log.debug(i.id) api_interface_facade.check_channel_name_on_equipment(name, interfaces) # update channel self.channel.nome = str(name) self.channel.lacp = convert_string_or_int_to_boolean(lacp, True) self.channel.save() type_obj = TipoInterface.objects.get(tipo=int_type) ifaces_on_channel = list() for interface in interfaces: iface = Interface.objects.get(id=int(interface)) if server: if not int(iface.ligacao_front.equipamento.id) == int(server): raise Exception('Interface is connected to another server. Ids: %s %s ' % (iface.ligacao_front.equipamento.id, server)) if iface.channel: raise InterfaceError( 'Interface %s is already in a Channel' % iface.interface ) if iface.equipamento.id not in ifaces_on_channel: ifaces_on_channel.append(int(iface.equipamento.id)) if len(ifaces_on_channel) > 2: raise InterfaceError( 'More than one equipment selected.' ) iface.channel = self.channel iface.tipo = type_obj iface.vlan_nativa = vlan_nativa iface.protegida = convert_string_or_int_to_boolean(protected, True) iface.save() log.debug("interface updated %s" % iface.id) self._dissociate_ifaces_envs(iface) # associate the new envs if 'trunk' in int_type.lower(): self._create_ifaces_on_trunks(iface, envs_vlans) except Exception as err: log.error(str(err)) raise Exception({"error": str(err)}) return {'channels': self.channel.id}
def handle_put(self, request, user, *args, **kwargs): """Treat requests POST to add Rack. URL: channel/editar/ """ try: self.log.info("Editar Channel") # User permission if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION): self.log.error(u'User does not have permission to perform the operation.') raise UserNotAuthorizedError(None) # Load XML data xml_map, attrs_map = loads(request.raw_post_data) # XML data format networkapi_map = xml_map.get('networkapi') if networkapi_map is None: return self.response_error(3, u'There is no value to the networkapi tag of XML request.') channel_map = networkapi_map.get('channel') if channel_map is None: return self.response_error(3, u'There is no value to the channel tag of XML request.') # Get XML data id_channel = channel_map.get('id_channel') nome = channel_map.get('nome') if not is_valid_int_greater_zero_param(nome): raise InvalidValueError(None, "Numero do Channel", "Deve ser um numero inteiro.") lacp = channel_map.get('lacp') int_type = channel_map.get('int_type') vlans = channel_map.get('vlan') envs = channel_map.get('envs') ids_interface = channel_map.get('ids_interface') if ids_interface is None: raise InterfaceError("Nenhuma interface selecionada") # verifica a vlan_nativa vlan = vlans.get('vlan_nativa') if vlan is not None: if int(vlan) < 1 or int(vlan) > 4096: raise InvalidValueError(None, "Vlan Nativa", "Range valido: 1 - 4096.") if int(vlan) < 1 or 3967 < int(vlan) < 4048 or int(vlan)==4096: raise InvalidValueError(None, "Vlan Nativa" ,"Range reservado: 3968-4047;4094.") port_channel = PortChannel() interface = Interface() amb = Ambiente() # verifica se o nome do port channel está sendo usado no equipamento channels = PortChannel.objects.filter(nome=nome) channels_id = [] for ch in channels: channels_id.append(int(ch.id)) if len(channels_id)>1: if type(ids_interface) is list: for var in ids_interface: if not var=="" and not var==None: interface_id = int(var) else: interface_id = int(ids_interface) interface_id = interface.get_by_pk(interface_id) equip_id = interface_id.equipamento.id equip_interfaces = interface.search(equip_id) for i in equip_interfaces: try: sw = i.get_switch_and_router_interface_from_host_interface(i.protegida) except: sw = None pass if sw is not None: if sw.channel is not None: if sw.channel.id in channels_id and sw.channel.id is not id_channel: raise InterfaceError("O nome do port channel ja foi utilizado no equipamento") #buscar interfaces do channel interfaces = Interface.objects.all().filter(channel__id=id_channel) ids_list = [] for i in interfaces: ids_list.append(i.id) ids_list = [ int(y) for y in ids_list ] if type(ids_interface) is list: ids_interface = [ int(x) for x in ids_interface ] desassociar = set(ids_list) - set(ids_interface) for item in desassociar: item = interface.get_by_pk(int(item)) item.channel = None item.save() else: if ids_interface is not None: ids_interface = int(ids_interface) if ids_interface is not None: for item in ids_list: item = interface.get_by_pk(int(item)) item.channel = None item.save() else: for item in ids_list: if not item== ids_interface: item = interface.get_by_pk(int(item)) item.channel = None item.save() #update channel port_channel = port_channel.get_by_pk(id_channel) port_channel.nome = str(nome) port_channel.lacp = convert_string_or_int_to_boolean(lacp) port_channel.save() int_type = TipoInterface.get_by_name(str(int_type)) #update interfaces if type(ids_interface) is not list: i = ids_interface ids_interface = [] ids_interface.append(i) for var in ids_interface: alterar_interface(var, interface, port_channel, int_type, vlans, user, envs, amb) interface = Interface() server_obj = Interface() interface_sw = interface.get_by_pk(int(var)) interface_server = server_obj.get_by_pk(interface_sw.ligacao_front.id) try: front = interface_server.ligacao_front.id except: front = None pass try: back = interface_server.ligacao_back.id except: back = None pass server_obj.update(user, interface_server.id, interface=interface_server.interface, protegida=interface_server.protegida, descricao=interface_server.descricao, ligacao_front_id=front, ligacao_back_id=back, tipo=int_type, vlan_nativa=int(vlan)) port_channel_map = dict() port_channel_map['port_channel'] = port_channel return self.response(dumps_networkapi({'port_channel': port_channel_map})) except InvalidValueError, e: return self.response_error(269, e.param, e.value)
def handle_post(self, request, user, *args, **kwargs): """Treat requests POST to add Administrative Permission. URL: aperms/ """ try: self.log.info('Add Administrative Permission') # User permission if not has_perm(user, AdminPermission.USER_ADMINISTRATION, AdminPermission.WRITE_OPERATION): self.log.error( u'User does not have permission to perform the operation.') raise UserNotAuthorizedError(None) # Load XML data xml_map, attrs_map = loads(request.raw_post_data) # XML data format networkapi_map = xml_map.get('networkapi') if networkapi_map is None: return self.response_error(3, u'There is no value to the networkapi tag of XML request.') perm_map = networkapi_map.get('administrative_permission') if perm_map is None: return self.response_error(3, u'There is no value to the administrative_permission tag of XML request.') # Get XML data id_permission = perm_map.get('id_permission') id_group = perm_map.get('id_group') read = perm_map.get('read') write = perm_map.get('write') # Valid ID Permission if not is_valid_int_greater_zero_param(id_permission): self.log.error( u'The id_permission parameter is not a valid value: %s.', id_permission) raise InvalidValueError(None, 'id_permission', id_permission) # Valid ID Group if not is_valid_int_greater_zero_param(id_group): self.log.error( u'The id_group parameter is not a valid value: %s.', id_group) raise InvalidValueError(None, 'id_group', id_group) # Valid Read if not is_valid_boolean_param(read): self.log.error( u'The read parameter is not a valid value: %s.', read) raise InvalidValueError(None, 'read', read) # Valid Read if not is_valid_boolean_param(write): self.log.error( u'The write parameter is not a valid value: %s.', write) raise InvalidValueError(None, 'write', write) # Find Permission by ID to check if it exist permission = Permission.get_by_pk(id_permission) # Find UGroup by ID to check if it exist ugroup = UGrupo.get_by_pk(id_group) try: PermissaoAdministrativa.get_permission_by_permission_ugroup( id_permission, id_group) raise PermissaoAdministrativaDuplicatedError( None, permission.function) except PermissaoAdministrativaNotFoundError: pass adm_perm = PermissaoAdministrativa() # set variables adm_perm.permission = permission adm_perm.ugrupo = ugroup adm_perm.leitura = convert_string_or_int_to_boolean(read) adm_perm.escrita = convert_string_or_int_to_boolean(write) try: # save Administrative Permission adm_perm.save() except Exception, e: self.log.error( u'Failed to save the administrative permission.') raise GrupoError( e, u'Failed to save the administrative permission.') perm_map = dict() perm_map['perm'] = model_to_dict( adm_perm, exclude=['permission', 'leitura', 'escrita', 'ugrupo']) return self.response(dumps_networkapi(perm_map))
def handle_post(self, request, user, *args, **kwargs): """Treat requests POST to add Rack. URL: channel/inserir/ """ try: self.log.info("Inserir novo Channel") # User permission if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION): self.log.error(u'User does not have permission to perform the operation.') raise UserNotAuthorizedError(None) # Load XML data xml_map, attrs_map = loads(request.raw_post_data) # XML data format networkapi_map = xml_map.get('networkapi') if networkapi_map is None: return self.response_error(3, u'There is no value to the networkapi tag of XML request.') channel_map = networkapi_map.get('channel') if channel_map is None: return self.response_error(3, u'There is no value to the channel tag of XML request.') # Get XML data interfaces = channel_map.get('interfaces') nome = channel_map.get('nome') lacp = channel_map.get('lacp') int_type = channel_map.get('int_type') vlans = channel_map.get('vlan') envs = channel_map.get('envs') port_channel = PortChannel() interface = Interface() amb = Ambiente() cont = [] interfaces = str(interfaces).split('-') interface_id = None # verifica a vlan_nativa vlan = vlans.get('vlan_nativa') if vlan is not None: if int(vlan) < 1 or int(vlan) > 4096: raise InvalidValueError(None, "Vlan Nativa", "Range valido: 1 - 4096.") if int(vlan) < 1 or 3967 < int(vlan) < 4048 or int(vlan)==4096: raise InvalidValueError(None, "Vlan Nativa" ,"Range reservado: 3968-4047;4094.") # verifica se o nome do port channel já existe no equipamento channels = PortChannel.objects.filter(nome=nome) channels_id = [] for ch in channels: channels_id.append(int(ch.id)) if channels_id: for var in interfaces: if not var=="" and not var==None: interface_id = int(var) interface_id = interface.get_by_pk(interface_id) equip_id = interface_id.equipamento.id equip_interfaces = interface.search(equip_id) for i in equip_interfaces: try: sw = i.get_switch_and_router_interface_from_host_interface(i.protegida) except: sw = None pass if sw.channel is not None: if sw.channel.id in channels_id: raise InterfaceError("O nome do port channel ja foi utilizado no equipamento") #cria o port channel port_channel.nome = str(nome) port_channel.lacp = convert_string_or_int_to_boolean(lacp) port_channel.create(user) int_type = TipoInterface.get_by_name(str(int_type)) for var in interfaces: if not var=="" and not var==None: interf = interface.get_by_pk(int(var)) try: sw_router = interf.get_switch_and_router_interface_from_host_interface(interf.protegida) except: raise InterfaceError("Interface não conectada") if sw_router.channel is not None: raise InterfaceError("Interface %s já está em um Channel" % sw_router.interface) if cont is []: cont.append(int(sw_router.equipamento.id)) elif not sw_router.equipamento.id in cont: cont.append(int(sw_router.equipamento.id)) if len(cont) > 2: raise InterfaceError("Mais de dois equipamentos foram selecionados") if sw_router.ligacao_front is not None: ligacao_front_id = sw_router.ligacao_front.id else: ligacao_front_id = None if sw_router.ligacao_back is not None: ligacao_back_id = sw_router.ligacao_back.id else: ligacao_back_id = None Interface.update(user, sw_router.id, interface=sw_router.interface, protegida=sw_router.protegida, descricao=sw_router.descricao, ligacao_front_id=ligacao_front_id, ligacao_back_id=ligacao_back_id, tipo=int_type, vlan_nativa=vlans.get('vlan_nativa'), channel=port_channel) if "trunk" in int_type.tipo: interface_list = EnvironmentInterface.objects.all().filter(interface=sw_router.id) for int_env in interface_list: int_env.delete() if envs is not None: amb = amb.get_by_pk(int(envs)) amb_int = EnvironmentInterface() amb_int.interface = sw_router amb_int.ambiente = amb try: range_vlans = vlans.get('range') except: range_vlans = None pass if range_vlans: api_interface_facade.verificar_vlan_range(amb, range_vlans) amb_int.vlans = range_vlans amb_int.create(user) port_channel_map = dict() port_channel_map['port_channel'] = port_channel return self.response(dumps_networkapi({'port_channel': port_channel_map})) except InvalidValueError, e: return self.response_error(269, e.param, e.value)
def handle_put(self, request, user, *args, **kwargs): """Trata uma requisição PUT para alterar informações de uma interface. URL: /interface/<id_interface>/ """ # Get request data and check permission try: # Valid Interface ID id_interface = kwargs.get('id_interface') if not is_valid_int_greater_zero_param(id_interface): self.log.error( u'The id_interface parameter is not a valid value: %s.', id_interface) raise InvalidValueError(None, 'id_interface', id_interface) # Get interface and equipment to check permission interface = Interface.get_by_pk(id_interface) id_equipamento = interface.equipamento_id # Check permission if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, id_equipamento, AdminPermission.EQUIP_WRITE_OPERATION): return self.not_authorized() # Get XML data xml_map, attrs_map = loads(request.raw_post_data) networkapi_map = xml_map.get('networkapi') if networkapi_map is None: return self.response_error(3, u'There is no networkapi tag in XML request.') interface_map = networkapi_map.get('interface') if interface_map is None: return self.response_error(3, u'There is no interface tag in XML request.') # Valid name value nome = interface_map.get('nome') if not is_valid_string_minsize(nome, 1) or not is_valid_string_maxsize(nome, 20): self.log.error(u'Parameter nome is invalid. Value: %s', nome) raise InvalidValueError(None, 'nome', nome) # Valid protegida value protegida = interface_map.get('protegida') if not is_valid_boolean_param(protegida): self.log.error( u'Parameter protegida is invalid. Value: %s', protegida) raise InvalidValueError(None, 'protegida', protegida) else: protegida = convert_string_or_int_to_boolean(protegida) # Valid descricao value descricao = interface_map.get('descricao') if descricao is not None: if not is_valid_string_minsize(descricao, 3) or not is_valid_string_maxsize(descricao, 200): self.log.error( u'Parameter descricao is invalid. Value: %s', descricao) raise InvalidValueError(None, 'descricao', descricao) # Valid "id_ligacao_front" value id_ligacao_front = interface_map.get('id_ligacao_front') if id_ligacao_front is not None: if not is_valid_int_greater_zero_param(id_ligacao_front): self.log.error( u'The id_ligacao_front parameter is not a valid value: %s.', id_ligacao_front) raise InvalidValueError( None, 'id_ligacao_front', id_ligacao_front) else: id_ligacao_front = int(id_ligacao_front) # Valid "id_ligacao_back" value id_ligacao_back = interface_map.get('id_ligacao_back') if id_ligacao_back is not None: if not is_valid_int_greater_zero_param(id_ligacao_back): self.log.error( u'The id_ligacao_back parameter is not a valid value: %s.', id_ligacao_back) raise InvalidValueError( None, 'id_ligacao_back', id_ligacao_back) else: id_ligacao_back = int(id_ligacao_back) tipo = interface_map.get('tipo') tipo = TipoInterface.get_by_name(tipo) vlan = interface_map.get('vlan') with distributedlock(LOCK_INTERFACE % id_interface): # Update interface Interface.update(user, id_interface, interface=nome, protegida=protegida, descricao=descricao, ligacao_front_id=id_ligacao_front, ligacao_back_id=id_ligacao_back, tipo=tipo, vlan_nativa=vlan) return self.response(dumps_networkapi({})) except InvalidValueError, e: return self.response_error(269, e.param, e.value)
def handle_put(self, request, user, *args, **kwargs): """Treat requests PUT to edit User. URL: user/<id_user>/ """ try: self.log.info('Edit User') # User permission if not has_perm(user, AdminPermission.USER_ADMINISTRATION, AdminPermission.WRITE_OPERATION): self.log.error( u'User does not have permission to perform the operation.') raise UserNotAuthorizedError(None) id_user = kwargs.get('id_user') # Load XML data xml_map, attrs_map = loads(request.raw_post_data) # XML data format networkapi_map = xml_map.get('networkapi') if networkapi_map is None: return self.response_error(3, u'There is no value to the networkapi tag of XML request.') user_map = networkapi_map.get('user') if user_map is None: return self.response_error(3, u'There is no value to the user tag of XML request.') # Get XML data username = user_map.get('user') password = user_map.get('password') name = user_map.get('name') email = user_map.get('email') active = user_map.get('active') user_ldap = user_map.get('user_ldap') # Valid ID User if not is_valid_int_greater_zero_param(id_user): self.log.error( u'The id_user parameter is not a valid value: %s.', id_user) raise InvalidValueError(None, 'id_user', id_user) # Valid username if not is_valid_string_minsize(username, 3) or not is_valid_string_maxsize(username, 45): self.log.error( u'Parameter user is invalid. Value: %s', username) raise InvalidValueError(None, 'user', username) # Valid pwd if not is_valid_string_minsize(password, 3) or not is_valid_string_maxsize(password, 45): self.log.error(u'Parameter password is invalid. Value: ****') raise InvalidValueError(None, 'password', '****') # Valid name if not is_valid_string_minsize(name, 3) or not is_valid_string_maxsize(name, 200): self.log.error(u'Parameter name is invalid. Value: %s', name) raise InvalidValueError(None, 'name', name) # Valid email if not is_valid_string_minsize(email, 3) or not is_valid_string_maxsize(email, 200) or not is_valid_email(email): self.log.error(u'Parameter email is invalid. Value: %s', email) raise InvalidValueError(None, 'email', email) # Valid active if not is_valid_boolean_param(active): self.log.error( u'The active parameter is not a valid value: %s.', active) raise InvalidValueError(None, 'active', active) # Valid LDAP username if not is_valid_string_minsize(user_ldap, 3, False) or not is_valid_string_maxsize(user_ldap, 45, False): self.log.error( u'Parameter user_ldap is invalid. Value: %s', user_ldap) raise InvalidValueError(None, 'user_ldap', user_ldap) # Find User by ID to check if it exist usr = Usuario.get_by_pk(id_user) with distributedlock(LOCK_USER % id_user): try: if usr.user.lower() != username.lower(): Usuario.get_by_user(username) raise UsuarioNameDuplicatedError( None, u'Já existe um usuário com o valor user %s.' % username) except UsuarioNotFoundError: pass # set variables usr.user = username usr.pwd = password usr.nome = name usr.email = email usr.ativo = convert_string_or_int_to_boolean(active) usr.user_ldap = user_ldap try: # update User usr.save() except Exception, e: self.log.error(u'Failed to update the user.') raise UsuarioError(e, u'Failed to update the user.') return self.response(dumps_networkapi({})) except InvalidValueError, e: return self.response_error(269, e.param, e.value)
def handle_put(self, request, user, *args, **kwargs): """Treat requests PUT to edit Administrative Permission. URL: perms/<id_perm>/ """ try: self.log.info("Edit Administrative Permission") # User permission if not has_perm(user, AdminPermission.USER_ADMINISTRATION, AdminPermission.WRITE_OPERATION): self.log.error( u'User does not have permission to perform the operation.') raise UserNotAuthorizedError(None) id_perm = kwargs.get('id_perm') # Load XML data xml_map, attrs_map = loads(request.raw_post_data) # XML data format networkapi_map = xml_map.get('networkapi') if networkapi_map is None: return self.response_error( 3, u'There is no value to the networkapi tag of XML request.' ) perm_map = networkapi_map.get('administrative_permission') if perm_map is None: return self.response_error( 3, u'There is no value to the administrative_permission tag of XML request.' ) # Get XML data id_permission = perm_map.get('id_permission') id_group = perm_map.get('id_group') read = perm_map.get('read') write = perm_map.get('write') # Valid ID Administrative Permission if not is_valid_int_greater_zero_param(id_perm): self.log.error( u'The id_perm parameter is not a valid value: %s.', id_perm) raise InvalidValueError(None, 'id_perm', id_perm) # Valid ID Permission if not is_valid_int_greater_zero_param(id_permission): self.log.error( u'The id_permission parameter is not a valid value: %s.', id_permission) raise InvalidValueError(None, 'id_permission', id_permission) # Valid ID Group if not is_valid_int_greater_zero_param(id_group): self.log.error( u'The id_group parameter is not a valid value: %s.', id_group) raise InvalidValueError(None, 'id_group', id_group) # Valid Read if not is_valid_boolean_param(read): self.log.error(u'The read parameter is not a valid value: %s.', read) raise InvalidValueError(None, 'read', read) # Valid Read if not is_valid_boolean_param(write): self.log.error( u'The write parameter is not a valid value: %s.', write) raise InvalidValueError(None, 'write', write) # Find Permission by ID to check if it exist adm_perm = PermissaoAdministrativa.get_by_pk(id_perm) with distributedlock(LOCK_PERM % id_perm): # Find Permission by ID to check if it exist permission = Permission.get_by_pk(id_permission) # Find UGroup by ID to check if it exist ugroup = UGrupo.get_by_pk(id_group) try: perm = PermissaoAdministrativa.get_permission_by_permission_ugroup( id_permission, id_group) if perm.id != int(id_perm): raise PermissaoAdministrativaDuplicatedError( None, permission.function) except PermissaoAdministrativaNotFoundError: pass # set variables adm_perm.permission = permission adm_perm.ugrupo = ugroup adm_perm.leitura = convert_string_or_int_to_boolean(read) adm_perm.escrita = convert_string_or_int_to_boolean(write) try: # update Administrative Permission adm_perm.save() except Exception, e: self.log.error( u'Failed to update the administrative permission.') raise PermissionError( e, u'Failed to update the administrative permission.') return self.response(dumps_networkapi({})) except InvalidValueError, e: return self.response_error(269, e.param, e.value)
def insert_equipment(equipment_map, user): ''' Insere um equipamento e o relacionamento entre equipamento e o grupo. @param equipment_map: Map com as chaves: id_grupo, id_tipo_equipamento, id_modelo e nome @param user: Usuário autenticado na API. @return Em caso de erro retorna a tupla: (código da mensagem de erro, argumento01, argumento02, ...) Em caso de sucesso retorna a tupla: (0, <identificador do equipamento_grupo>, <equipamento>) @raise InvalidGroupToEquipmentTypeError: Equipamento do grupo “Equipamentos Orquestração” somente poderá ser criado com tipo igual a “Servidor Virtual”. @raise EGrupoNotFoundError: Grupo não cadastrado. @raise GrupoError: Falha ao pesquisar o Grupo. @raise TipoEquipamentoNotFoundError: Tipo de equipamento nao cadastrado. @raise ModeloNotFoundError: Modelo nao cadastrado. @raise EquipamentoNameDuplicatedError: Nome do equipamento duplicado. @raise EquipamentoError: Falha ou inserir o equipamento. @raise UserNotAuthorizedError: Usuário sem autorização para executar a operação. ''' log = logging.getLogger('insert_equipment') log.debug('EQUIPAMENTO_MAP: %s', equipment_map) equipment = Equipamento() equipment.tipo_equipamento = TipoEquipamento() equipment.modelo = Modelo() group_id = equipment_map.get('id_grupo') if not is_valid_int_greater_zero_param(group_id): log.error( u'The group_id parameter is not a valid value: %s.', group_id) raise InvalidValueError(None, 'group_id', group_id) else: group_id = int(group_id) if not has_perm(user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, group_id, None, AdminPermission.EQUIP_WRITE_OPERATION): raise UserNotAuthorizedError( None, u'Usuário não tem permissão para executar a operação.') equipment_type_id = equipment_map.get('id_tipo_equipamento') if not is_valid_int_greater_zero_param(equipment_type_id): log.error( u'The equipment_type_id parameter is not a valid value: %s.', equipment_type_id) raise InvalidValueError(None, 'equipment_type_id', equipment_type_id) else: equipment.tipo_equipamento.id = int(equipment_type_id) model_id = equipment_map.get('id_modelo') if not is_valid_int_greater_zero_param(model_id): log.error( u'The model_id parameter is not a valid value: %s.', model_id) raise InvalidValueError(None, 'model_id', model_id) else: equipment.modelo.id = int(model_id) name = equipment_map.get('nome') if not is_valid_string_minsize(name, 3) or not is_valid_string_maxsize(name, 50): log.error(u'The name parameter is not a valid value: %s.', name) raise InvalidValueError(None, 'name', name) else: equipment.nome = name #maintenance is a new feature. Check existing value if not defined in request #Old calls does not send this field maintenance = equipment_map.get('maintenance') if maintenance is None: maintenance = False if not is_valid_boolean_param(maintenance): log.error(u'The maintenance parameter is not a valid value: %s.', maintenance) raise InvalidValueError(None, 'maintenance', maintenance) else: equipment.maintenance = convert_string_or_int_to_boolean(maintenance) equipment_group_id = equipment.create(user, group_id) return 0, equipment_group_id, equipment