예제 #1
0
def set_default_temp_time(request):
    """For the given account, set the default-temp-time. """
    storage_url = request.session.get('storage_url', '')
    auth_token = request.session.get('auth_token', '')
    tempurl_form = TimeForm(request.POST)

    if tempurl_form.is_valid():

        days_to_expiry = float(tempurl_form.cleaned_data['days'])
        hours_to_expiry = float(tempurl_form.cleaned_data['hours'])

        seconds_to_expiry = int(
            days_to_expiry * 24 * 3600
            + hours_to_expiry * 60 * 60)

        try:
            client.post_account(
                storage_url,
                auth_token,
                {"x-account-meta-default-temp-time": seconds_to_expiry})
            messages.add_message(
                request,
                messages.INFO,
                _("Default Temp Url Time updated!"))
        except Exception, e:
            messages.error(request, "Error updating default temp url time")
예제 #2
0
def swift_cloud_removal(request):
    if request.method != 'POST':
        return JsonResponse({"error": "Method not allowed"}, status=405)

    params = json.loads(request.body)
    project_id = params.get('project_id')
    undo_removal = params.get('undo_removal')

    if not project_id:
        return JsonResponse({"error": "Missing project_id parameter"},
                            status=400)

    http_conn, storage_url = get_conn_and_storage_url(request, project_id)
    auth_token = request.session.get('auth_token')
    headers = {"x-account-meta-cloud-remove": "true"}

    if undo_removal:
        headers["x-account-meta-cloud-remove"] = ""

    try:
        client.post_account(storage_url,
                            auth_token,
                            headers,
                            http_conn=http_conn)
    except Exception as err:
        log.exception(f'Exception: {err}')
        return JsonResponse({"error": "Project update error"}, status=500)

    return JsonResponse({"message": "Success"}, status=200)
예제 #3
0
파일: utils.py 프로젝트: globocom/vault 
def get_temp_key(storage_url, auth_token, http_conn):
    """ Tries to get meta-temp-url key from account.
    If not set, generate tempurl and save it to account.
    This requires at least account owner rights. """

    try:
        account = client.get_account(storage_url,
                                     auth_token,
                                     http_conn=http_conn)
    except client.ClientException:
        return None

    key = account[0].get('x-account-meta-temp-url-key')

    if not key:
        chars = string.ascii_lowercase + string.digits
        key = ''.join(random.choice(chars) for x in range(32))
        headers = {'x-account-meta-temp-url-key': key}

        try:
            client.post_account(storage_url,
                                token=auth_token,
                                headers=headers,
                                http_conn=http_conn)
        except client.ClientException:
            return None
    return key
예제 #4
0
def get_temp_key(storage_url, auth_token, container):
    """ Tries to get meta-temp-url key from account.
    If not set, generate tempurl and save it to acocunt.
    This requires at least account owner rights. """

    try:
        account = client.get_account(storage_url, auth_token)
    except client.ClientException:

        #Try to get the container temp url key instead
        try:
            container = client.get_container(
                storage_url, auth_token, container)
            return container[0].get('x-container-meta-temp-url-key')
        except client.ClientException:
            return None
        return None

    key = account[0].get('x-account-meta-temp-url-key')

    if not key:
        chars = string.ascii_lowercase + string.digits
        key = ''.join(random.choice(chars) for x in range(32))
        headers = {'x-account-meta-temp-url-key': key}
        try:
            client.post_account(storage_url, auth_token, headers)
        except client.ClientException:
            return None
    return key
예제 #5
0
def get_temp_key(storage_url, auth_token):
    """ Tries to get meta-temp-url key from account.
    If not set, generate tempurl and save it to acocunt.
    This requires at least account owner rights. """

    logging.debug('  in get_temp_key:  '  )

    try:
        account = client.head_account(storage_url, auth_token)
    except client.ClientException:
        return None
    logging.debug(' account in get_temp_key: %s ' % account)

    key = account.get('x-account-meta-temp-url-key')
    logging.debug(' key in get_temp_key: %s ' % key)

    if not key:
        chars = string.ascii_lowercase + string.digits
        key = ''.join(random.choice(chars) for x in range(32))
        headers = {'x-account-meta-temp-url-key': key}
        try:
            client.post_account(storage_url, auth_token, headers)
        except client.ClientException:
            return None
    return key
예제 #6
0
def create_swift_account(sc, tenant_id, quota_bytes):
    url, token = sc.get_auth()
    base_url = url.split('_')[0] + '_'
    tenant_url = base_url + tenant_id

    client.post_account(url=tenant_url,
                        token=token,
                        headers={'X-Account-Meta-Quota-Bytes': quota_bytes})
예제 #7
0
def get_tempurl_key():
    (storage_url, auth_token) = client.get_auth(settings.SWIFT_AUTH_URL, settings.SWIFT_USER, settings.SWIFT_PASSWORD)

    meta = client.head_account(storage_url, auth_token)
    key = meta.get("x-account-meta-temp-url-key")
    if not key:
        key = random_key()
        headers = {"x-account-meta-temp-url-key": key}
        client.post_account(storage_url, auth_token, headers)

    return storage_url, key
예제 #8
0
def set_swift_quota(sc, tenant_id, quota):
    tenant_url, token = get_swift_tenant_connection(sc, tenant_id)
    try:
        print 'Setting quota for project %s to %s bytes' % \
            (tenant_id, quota)
        swiftclient.post_account(url=tenant_url,
                                 token=token,
                                 headers={SWIFT_QUOTA_KEY: quota})
    except:
        print 'Failed to set quota for project %s to %s bytes' % \
            (tenant_id, quota)
예제 #9
0
def get_fine_grained_temp_key(storage_url, auth_token, container_name=None):
    """ 
    Tries to get meta-temp-url key from account or container.
    If not set, generate tempurl and save it.
    """

    logging.debug('  in get_fine_grained_temp_key: container_name:%s, \
        storage_url:%s ' % 
        (container_name, storage_url) )

    try:
        if container_name:
            container = client.head_container(storage_url, auth_token, 
                container_name)
            key = container.get('x-container-meta-temp-url-key')
            logging.debug(' key in get_fine_grained_temp_key container: %s ' % key)
        else:
            account = client.head_account(storage_url, auth_token)
            key = account.get('x-account-meta-temp-url-key')
            logging.debug(' key in get_fine_grained_temp_key account: %s ' % key)
    except client.ClientException:
        return None
    # logging.debug(' account or container in get_temp_key: %s ' 
    #     % account or container)

    if not key:
        chars = string.ascii_lowercase + string.digits
        key = ''.join(random.choice(chars) for x in range(32))
        if container_name:
            headers = {'x-container-meta-temp-url-key': key}
            try:
                client.post_container(storage_url, auth_token, container_name, 
                    headers)
                logging.debug(' post_container')

            except client.ClientException:
                return None
            raise ValueError('cannot get key, have no account rights to \
                get account key!')
        else:
            
            headers = {'x-account-meta-temp-url-key': key}
            try:
                client.post_account(storage_url, auth_token, headers)
                logging.debug(' post_account')

            except client.ClientException:
                return None
    return key
예제 #10
0
파일: utils.py 프로젝트: globocom/vault 
def update_swift_account(user, password, project_name, headers):
    keystone = KeystoneNoRequest(user, password, project_name)
    endpoints = keystone.get_endpoints()
    storage_url = endpoints.get("object_store").get("adminURL")
    http_conn = client.http_connection(storage_url,
                                       insecure=settings.SWIFT_INSECURE)

    try:
        client.post_account(storage_url,
                            keystone.conn.auth_token,
                            headers,
                            http_conn=http_conn)
    except client.ClientException as err:
        log.exception('Exception: {}'.format(err))
        return False

    return True
예제 #11
0
def set_quota(tenant_id, quota):
    """Set the swift quota for a tenant.

    :param str quota: A number in bytes or None for unlimited.
    """
    if quota.lower() == "none":
        quota = ''
    else:
        quota = size_to_bytes(quota)
    sc = client()
    url, token = sc.get_auth()
    base_url = url.split('_')[0] + '_'
    tenant_url = base_url + tenant_id

    swift_client.post_account(url=tenant_url,
                              token=token,
                              headers={'X-Account-Meta-Quota-Bytes': quota})
예제 #12
0
def set_quota(tenant_id, quota):
    """Set the swift quota for a tenant.

    :param str quota: A number in bytes or None for unlimited.
    """
    if quota.lower() == "none":
        quota = ''
    else:
        quota = size_to_bytes(quota)
    sc = client()
    url, token = sc.get_auth()
    base_url = url.split('_')[0] + '_'
    tenant_url = base_url + tenant_id

    swift_client.post_account(url=tenant_url,
                              token=token,
                              headers={'X-Account-Meta-Quota-Bytes': quota})
예제 #13
0
def add_swift_quota(sc, tenant, gigabytes):
    tenant_url, token = get_swift_tenant_connection(sc, tenant.id)
    quota_bytes = int(gigabytes) * 1024 * 1024 * 1024
    attempt = 1
    max_attempts = 3
    while attempt <= max_attempts:
        try:
            swift_client.post_account(url=tenant_url,
                                      token=token,
                                      headers={SWIFT_QUOTA_KEY: quota_bytes})
            # return
            break
        except swift_client.ClientException as ex:
            print(ex)
            print("Failed to set swift quota, retying, attempt %s" % attempt)
            time.sleep(attempt * 2)
            attempt += 1
            if attempt == max_attempts:
                raise ProvisionException('Failed to set swift quota, '
                                         '{}'.format(ex))
    # for testing return quota bytes and number of attemps
    return quota_bytes, attempt
예제 #14
0
def enable_account_for_storlets(url, token):
    headers = dict()
    headers['X-Account-Meta-storlet-enabled'] = 'True'
    c.post_account(url, token, headers)
예제 #15
0
 def post_account(self, account_id, token, s_type, headers):
     cnx = self.get_cnx(account_id, s_type)
     sclient.post_account("", token, headers, http_conn=cnx)
예제 #16
0
def projects(request, project_id=None):
    """
    GET: List all projects ordered by name
    PUT: Save a project (enable)
    DELETE: Delete a project (disable)
    POST: Check if a project exist or is enabled
    """
    try:
        r = get_redis_connection()
    except RedisError:
        return JSONResponse('Error connecting with DB',
                            status=status.HTTP_500_INTERNAL_SERVER_ERROR)

    if request.method == 'GET':
        enabled_projects = r.lrange('projects_crystal_enabled', 0, -1)
        return JSONResponse(enabled_projects, status=status.HTTP_200_OK)

    if request.method == 'PUT':
        project_list = get_project_list()
        project_name = project_list[project_id]
        if project_name == settings.MANAGEMENT_ACCOUNT:
            return JSONResponse(
                "Management project could not be set as Crystal project",
                status=status.HTTP_400_BAD_REQUEST)

        try:
            # Set Manager as admin of the Crystal Project
            keystone_client = get_keystone_admin_auth()
            admin_role_id, reseller_admin_role_id, admin_user_id = get_admin_role_user_ids(
                keystone_client)
            keystone_client.roles.grant(role=admin_role_id,
                                        user=admin_user_id,
                                        project=project_id)
            keystone_client.roles.grant(role=reseller_admin_role_id,
                                        user=admin_user_id,
                                        project=project_id)

            # Post Storlet and Dependency containers
            url, token = get_swift_url_and_token(project_name)
            swift_client.put_container(url, token, ".storlet")
            swift_client.put_container(url, token, ".dependency")
            headers = {
                'X-Account-Meta-Crystal-Enabled': True,
                'X-Account-Meta-Storlet-Enabled': True
            }
            swift_client.post_account(url, token, headers)

            # Create project docker image
            create_docker_image(r, project_id)
            r.lpush('projects_crystal_enabled', project_id)
            return JSONResponse("Crystal Project correctly enabled",
                                status=status.HTTP_201_CREATED)
        except:
            return JSONResponse("Error Enabling Crystal Project",
                                status=status.HTTP_400_BAD_REQUEST)

    if request.method == 'DELETE':
        try:
            project_list = get_project_list()
            project_name = project_list[project_id]

            # Delete Storlet and Dependency containers
            try:
                url, token = get_swift_url_and_token(project_name)
                headers = {
                    'X-Account-Meta-Crystal-Enabled': '',
                    'X-Account-Meta-Storlet-Enabled': ''
                }
                swift_client.post_account(url, token, headers)
                swift_client.delete_container(url, token, ".storlet")
                swift_client.delete_container(url, token, ".dependency")
            except:
                pass

            # Delete Manager as admin of the Crystal Project
            keystone_client = get_keystone_admin_auth()
            admin_role_id, reseller_admin_role_id, admin_user_id = get_admin_role_user_ids(
                keystone_client)
            try:
                keystone_client.roles.revoke(role=admin_role_id,
                                             user=admin_user_id,
                                             project=project_id)
                keystone_client.roles.revoke(role=reseller_admin_role_id,
                                             user=admin_user_id,
                                             project=project_id)
            except:
                pass

            # Delete project docker image
            delete_docker_image(r, project_id)

            r.lrem('projects_crystal_enabled', project_id)
            return JSONResponse("Crystal project correctly disabled.",
                                status=status.HTTP_201_CREATED)
        except RedisError:
            return JSONResponse("Error inserting data",
                                status=status.HTTP_400_BAD_REQUEST)

    if request.method == 'POST':
        enabled_projects = r.lrange('projects_crystal_enabled', 0, -1)
        if project_id in enabled_projects:
            return JSONResponse(project_id, status=status.HTTP_200_OK)
        return JSONResponse('The project with id:  ' + str(project_id) +
                            ' does not exist.',
                            status=status.HTTP_404_NOT_FOUND)

    return JSONResponse('Method ' + str(request.method) + ' not allowed.',
                        status=status.HTTP_405_METHOD_NOT_ALLOWED)
예제 #17
0
from swiftclient.client import get_account, head_account, post_account
from swiftclient.exceptions import ClientException

auth_url = 'http://10.111.1.123:5000/v2.0'
account = 'test'
user = '******'
key = 'testing'

try:
    acuser = "******" % (account, user)
    (storage_url, token) = get_auth(auth_url, acuser, key, auth_version='2.0')
    conn = http_connection(storage_url)
    req_headers = {'X-Account-Meta-Test1': 'aaabbbccc',
                   'X-Account-Meta-Test2': '0123456789'}
    resp_headers = {}

    post_account(storage_url, token, req_headers,
                 response_dict=resp_headers, http_conn=conn)

    print "[Response headers of post_account()]"
    pp = pprint.PrettyPrinter(indent=2)
    pp.pprint(resp_headers)
    print ""

    headers = head_account(storage_url, token, http_conn=conn)
    print "[Response headers of head_account()]"
    pp.pprint(headers)

except ClientException, e:
    print e
예제 #18
0
 def post_account(self, account_id, token, s_type, headers):
     cnx = self.get_cnx(account_id, s_type)
     sclient.post_account("", token, headers, http_conn=cnx)
예제 #19
0
def projects(request, project_id=None):
    """
    GET: List all projects ordered by name
    PUT: Save a project (enable)
    DELETE: Delete a project (disable)
    POST: Check if a project exist or is enabled
    """
    try:
        r = get_redis_connection()
    except RedisError:
        return JSONResponse('Error connecting with DB', status=status.HTTP_500_INTERNAL_SERVER_ERROR)

    if request.method == 'GET':
        enabled_projects = r.lrange('projects_crystal_enabled', 0, -1)
        return JSONResponse(enabled_projects, status=status.HTTP_200_OK)

    if request.method == 'PUT':
        project_list = get_project_list()
        project_name = project_list[project_id]
        if project_name == settings.MANAGEMENT_ACCOUNT:
            return JSONResponse("Management project could not be set as Crystal project",
                                status=status.HTTP_400_BAD_REQUEST)

        try:
            # Set Manager as admin of the Crystal Project
            keystone_client = get_keystone_admin_auth()
            admin_role_id, reseller_admin_role_id, admin_user_id = get_admin_role_user_ids(keystone_client)
            keystone_client.roles.grant(role=admin_role_id, user=admin_user_id, project=project_id)
            keystone_client.roles.grant(role=reseller_admin_role_id, user=admin_user_id, project=project_id)

            # Post Storlet and Dependency containers
            url, token = get_swift_url_and_token(project_name)
            swift_client.put_container(url, token, ".storlet")
            swift_client.put_container(url, token, ".dependency")
            headers = {'X-Account-Meta-Crystal-Enabled': True, 'X-Account-Meta-Storlet-Enabled': True}
            swift_client.post_account(url, token, headers)

            # Create project docker image
            create_docker_image(r, project_id)
            r.lpush('projects_crystal_enabled', project_id)
            return JSONResponse("Crystal Project correctly enabled", status=status.HTTP_201_CREATED)
        except:
            return JSONResponse("Error Enabling Crystal Project", status=status.HTTP_400_BAD_REQUEST)

    if request.method == 'DELETE':
        try:
            project_list = get_project_list()
            project_name = project_list[project_id]

            # Delete Storlet and Dependency containers
            try:
                url, token = get_swift_url_and_token(project_name)
                headers = {'X-Account-Meta-Crystal-Enabled': '', 'X-Account-Meta-Storlet-Enabled': ''}
                swift_client.post_account(url, token, headers)
                swift_client.delete_container(url, token, ".storlet")
                swift_client.delete_container(url, token, ".dependency")
            except:
                pass

            # Delete Manager as admin of the Crystal Project
            keystone_client = get_keystone_admin_auth()
            admin_role_id, reseller_admin_role_id, admin_user_id = get_admin_role_user_ids(keystone_client)
            try:
                keystone_client.roles.revoke(role=admin_role_id, user=admin_user_id, project=project_id)
                keystone_client.roles.revoke(role=reseller_admin_role_id, user=admin_user_id, project=project_id)
            except:
                pass

            # Delete project docker image
            delete_docker_image(r, project_id)

            r.lrem('projects_crystal_enabled', project_id)
            return JSONResponse("Crystal project correctly disabled.", status=status.HTTP_201_CREATED)
        except RedisError:
            return JSONResponse("Error inserting data", status=status.HTTP_400_BAD_REQUEST)

    if request.method == 'POST':
        enabled_projects = r.lrange('projects_crystal_enabled', 0, -1)
        if project_id in enabled_projects:
            return JSONResponse(project_id, status=status.HTTP_200_OK)
        return JSONResponse('The project with id:  ' + str(project_id) + ' does not exist.',
                            status=status.HTTP_404_NOT_FOUND)

    return JSONResponse('Method ' + str(request.method) + ' not allowed.', status=status.HTTP_405_METHOD_NOT_ALLOWED)
예제 #20
0
def enable_account_for_storlets(url, token):
    headers = dict()
    headers['X-Account-Meta-storlet-enabled'] = 'True'
    c.post_account(url, token, headers)
예제 #21
0
def enable_account_for_storlets(url, token):
    headers = dict()
    headers["X-Account-Meta-storlet-enabled"] = "True"
    c.post_account(url, token, headers)