def test_ignored_filtering_options(self):
LOG = logging.getLogger('glance.common.utils')
with mock.patch.object(LOG, 'debug') as mock_run:
self.config(allowed_schemes=['https', 'ftp'],
group='import_filtering_opts')
self.config(disallowed_schemes=['ftp'],
group='import_filtering_opts')
self.assertTrue(utils.validate_import_uri("ftp://foo.com"))
mock_run.assert_called_once()
with mock.patch.object(LOG, 'debug') as mock_run:
self.config(allowed_schemes=[], group='import_filtering_opts')
self.config(disallowed_schemes=[], group='import_filtering_opts')
self.config(allowed_hosts=['example.com', 'foo.com'],
group='import_filtering_opts')
self.config(disallowed_hosts=['foo.com'],
group='import_filtering_opts')
self.assertTrue(utils.validate_import_uri("ftp://foo.com"))
mock_run.assert_called_once()
with mock.patch.object(LOG, 'debug') as mock_run:
self.config(allowed_hosts=[], group='import_filtering_opts')
self.config(disallowed_hosts=[], group='import_filtering_opts')
self.config(allowed_ports=[8080, 8484],
group='import_filtering_opts')
self.config(disallowed_ports=[8484], group='import_filtering_opts')
self.assertTrue(utils.validate_import_uri("ftp://foo.com:8484"))
mock_run.assert_called_once()
def test_ignored_filtering_options(self):
LOG = logging.getLogger('glance.common.utils')
with mock.patch.object(LOG, 'debug') as mock_run:
self.config(allowed_schemes=['https', 'ftp'],
group='import_filtering_opts')
self.config(disallowed_schemes=['ftp'],
group='import_filtering_opts')
self.assertTrue(utils.validate_import_uri("ftp://foo.com"))
mock_run.assert_called_once()
with mock.patch.object(LOG, 'debug') as mock_run:
self.config(allowed_schemes=[],
group='import_filtering_opts')
self.config(disallowed_schemes=[],
group='import_filtering_opts')
self.config(allowed_hosts=['example.com', 'foo.com'],
group='import_filtering_opts')
self.config(disallowed_hosts=['foo.com'],
group='import_filtering_opts')
self.assertTrue(utils.validate_import_uri("ftp://foo.com"))
mock_run.assert_called_once()
with mock.patch.object(LOG, 'debug') as mock_run:
self.config(allowed_hosts=[],
group='import_filtering_opts')
self.config(disallowed_hosts=[],
group='import_filtering_opts')
self.config(allowed_ports=[8080, 8484],
group='import_filtering_opts')
self.config(disallowed_ports=[8484],
group='import_filtering_opts')
self.assertTrue(utils.validate_import_uri("ftp://foo.com:8484"))
mock_run.assert_called_once()
def test_validate_import_uri(self):
self.assertTrue(utils.validate_import_uri("http://foo.com"))
self.config(allowed_schemes=['http'], group='import_filtering_opts')
self.config(allowed_hosts=['example.com'],
group='import_filtering_opts')
self.assertTrue(utils.validate_import_uri("http://example.com"))
self.config(allowed_ports=['8080'], group='import_filtering_opts')
self.assertTrue(utils.validate_import_uri("http://example.com:8080"))
def test_validate_import_uri(self):
self.assertTrue(utils.validate_import_uri("http://foo.com"))
self.config(allowed_schemes=['http'],
group='import_filtering_opts')
self.config(allowed_hosts=['example.com'],
group='import_filtering_opts')
self.assertTrue(utils.validate_import_uri("http://example.com"))
self.config(allowed_ports=['8080'],
group='import_filtering_opts')
self.assertTrue(utils.validate_import_uri("http://example.com:8080"))
def test_invalid_import_uri(self):
self.assertFalse(utils.validate_import_uri(""))
self.assertFalse(utils.validate_import_uri("fake_uri"))
self.config(disallowed_schemes=['ftp'], group='import_filtering_opts')
self.assertFalse(utils.validate_import_uri("ftp://example.com"))
self.config(disallowed_hosts=['foo.com'],
group='import_filtering_opts')
self.assertFalse(utils.validate_import_uri("ftp://foo.com"))
self.config(disallowed_ports=['8484'], group='import_filtering_opts')
self.assertFalse(utils.validate_import_uri("http://localhost:8484"))
def test_invalid_import_uri(self):
self.assertFalse(utils.validate_import_uri(""))
self.assertFalse(utils.validate_import_uri("fake_uri"))
self.config(disallowed_schemes=['ftp'],
group='import_filtering_opts')
self.assertFalse(utils.validate_import_uri("ftp://example.com"))
self.config(disallowed_hosts=['foo.com'],
group='import_filtering_opts')
self.assertFalse(utils.validate_import_uri("ftp://foo.com"))
self.config(disallowed_ports=['8484'],
group='import_filtering_opts')
self.assertFalse(utils.validate_import_uri("http://localhost:8484"))
def import_image(self, req, image_id, body):
task_factory = self.gateway.get_task_factory(req.context)
executor_factory = self.gateway.get_task_executor_factory(req.context)
task_repo = self.gateway.get_task_repo(req.context)
task_input = {'image_id': image_id,
'import_req': body}
import_method = body.get('method').get('name')
uri = body.get('method').get('uri')
if (import_method == 'web-download' and
not utils.validate_import_uri(uri)):
LOG.debug("URI for web-download does not pass filtering: %s",
uri)
msg = (_("URI for web-download does not pass filtering: %s") %
uri)
raise webob.exc.HTTPBadRequest(explanation=msg)
try:
import_task = task_factory.new_task(task_type='api_image_import',
owner=req.context.owner,
task_input=task_input)
task_repo.add(import_task)
task_executor = executor_factory.new_task_executor(req.context)
pool = common.get_thread_pool("tasks_eventlet_pool")
pool.spawn_n(import_task.run, task_executor)
except exception.Forbidden as e:
LOG.debug("User not permitted to create image import task.")
raise webob.exc.HTTPForbidden(explanation=e.msg)
except exception.Conflict as e:
raise webob.exc.HTTPConflict(explanation=e.msg)
except exception.InvalidImageStatusTransition as e:
raise webob.exc.HTTPConflict(explanation=e.msg)
except ValueError as e:
LOG.debug("Cannot import data for image %(id)s: %(e)s",
{'id': image_id,
'e': encodeutils.exception_to_unicode(e)})
raise webob.exc.HTTPBadRequest(
explanation=encodeutils.exception_to_unicode(e))
return image_id
def import_image(self, req, image_id, body):
image_repo = self.gateway.get_repo(req.context)
task_factory = self.gateway.get_task_factory(req.context)
executor_factory = self.gateway.get_task_executor_factory(req.context)
task_repo = self.gateway.get_task_repo(req.context)
import_method = body.get('method').get('name')
uri = body.get('method').get('uri')
try:
image = image_repo.get(image_id)
if image.status == 'active':
msg = _("Image with status active cannot be target for import")
raise exception.Conflict(msg)
if image.status != 'queued' and import_method == 'web-download':
msg = _("Image needs to be in 'queued' state to use "
"'web-download' method")
raise exception.Conflict(msg)
if (image.status != 'uploading'
and import_method == 'glance-direct'):
msg = _("Image needs to be staged before 'glance-direct' "
"method can be used")
raise exception.Conflict(msg)
if not getattr(image, 'container_format', None):
msg = _("'container_format' needs to be set before import")
raise exception.Conflict(msg)
if not getattr(image, 'disk_format', None):
msg = _("'disk_format' needs to be set before import")
raise exception.Conflict(msg)
backend = None
if CONF.enabled_backends:
backend = req.headers.get('x-image-meta-store',
CONF.glance_store.default_backend)
try:
glance_store.get_store_from_store_identifier(backend)
except glance_store.UnknownScheme:
msg = _("Store for scheme %s not found") % backend
LOG.warn(msg)
raise exception.Conflict(msg)
except exception.Conflict as e:
raise webob.exc.HTTPConflict(explanation=e.msg)
except exception.NotFound as e:
raise webob.exc.HTTPNotFound(explanation=e.msg)
task_input = {
'image_id': image_id,
'import_req': body,
'backend': backend
}
if (import_method == 'web-download'
and not utils.validate_import_uri(uri)):
LOG.debug("URI for web-download does not pass filtering: %s", uri)
msg = (_("URI for web-download does not pass filtering: %s") % uri)
raise webob.exc.HTTPBadRequest(explanation=msg)
try:
import_task = task_factory.new_task(task_type='api_image_import',
owner=req.context.owner,
task_input=task_input)
task_repo.add(import_task)
task_executor = executor_factory.new_task_executor(req.context)
pool = common.get_thread_pool("tasks_eventlet_pool")
pool.spawn_n(import_task.run, task_executor)
except exception.Forbidden as e:
LOG.debug("User not permitted to create image import task.")
raise webob.exc.HTTPForbidden(explanation=e.msg)
except exception.Conflict as e:
raise webob.exc.HTTPConflict(explanation=e.msg)
except exception.InvalidImageStatusTransition as e:
raise webob.exc.HTTPConflict(explanation=e.msg)
except ValueError as e:
LOG.debug("Cannot import data for image %(id)s: %(e)s", {
'id': image_id,
'e': encodeutils.exception_to_unicode(e)
})
raise webob.exc.HTTPBadRequest(
explanation=encodeutils.exception_to_unicode(e))
return image_id
