def update_cell(self, request, datum, user_id,
cell_name, new_cell_value):
try:
user_obj = datum
setattr(user_obj, cell_name, new_cell_value)
kwargs = {}
attr_to_keyword_map = {
'name': 'name',
'description': 'description',
'email': 'email',
'enabled': 'enabled',
'project_id': 'project'
}
for key in attr_to_keyword_map:
value = getattr(user_obj, key, None)
keyword_name = attr_to_keyword_map[key]
if value is not None:
kwargs[keyword_name] = value
api.keystone.user_update(request, user_obj, **kwargs)
except horizon_exceptions.Conflict:
message = _("This name is already taken.")
messages.warning(request, message)
raise django_exceptions.ValidationError(message)
except Exception:
horizon_exceptions.handle(request, ignore=True)
return False
return True
def get_floating_ips_data(self):
try:
floating_ips = network.tenant_floating_ip_list(self.request)
except:
floating_ips = []
exceptions.handle(self.request,
_('Unable to retrieve floating IP addresses.'))
try:
floating_ip_pools = network.floating_ip_pools_list(self.request)
except:
floating_ip_pools = []
messages.warning(self.request,
_('Unable to retrieve floating IP pools.'))
pool_dict = dict([(obj.id, obj.name) for obj in floating_ip_pools])
instances = []
try:
instances, has_more = nova.server_list(self.request,
all_tenants=True)
except:
exceptions.handle(self.request,
_('Unable to retrieve instance list.'))
instances_dict = dict([(obj.id, obj) for obj in instances])
for ip in floating_ips:
ip.instance_name = instances_dict[ip.instance_id].name \
if ip.instance_id in instances_dict else None
ip.pool_name = pool_dict.get(ip.pool, ip.pool)
return floating_ips
def delete(self, request, obj_id):
try:
# 执行删除前状态检查,当状态为"unverified"或"failed"时直接删除数据库记录
# 否则更新状态为"deleted",保证数据统计时有记录,然后调用网宿api,删除加速记录
domain = Domain.objects.get(pk=obj_id)
cdn = middware.DomainManage()
if domain.status == "unverified" or domain.status == "failed" or domain.status == "addfailed" \
or domain.status == 'verified':
domain.delete()
elif domain.status == 'inProgress':
msg = _("%s status is %s, can not do this action") % (domain.domain_name, _(domain.status))
messages.warning(request, msg)
else:
domain.status = 'deleted'
domain.deleted_at = datetime.now()
domain.save()
cdn.delete(domainId=domain.domain_id)
except Exception:
name = self.table.get_object_display(obj_id)
msg = _('Unable to delete domain %s') % name
LOG.info(msg)
messages.error(request, msg)
exceptions.handle(request, msg)
redirect = reverse(self.redirect_url)
raise exceptions.Http302(redirect, message=msg)
def reset_service_password_view(request, service_name):
if not utils.can_manage_endpoints(request):
return redirect('horizon:user_home')
region = request.session['endpoints_user_region']
password = uuid.uuid4().hex
try:
service_account, isNewAccount = fiware_api.keystone.reset_service_account(request=request,
service=service_name,
region=region,
password=password)
except Exception:
messages.error(request, 'An error occured when resetting the password. Please contact and admin.')
return redirect('horizon:endpoints_management:endpoints_management:service', service_name)
if isNewAccount:
messages.warning(request, 'Account did not exist for service {0}, so a new one was created.'.format(service_name.capitalize()))
else:
messages.success(request, 'Password for service {0} was reset.'.format(service_name.capitalize()))
request.session['new_service_password'] = password
request.session['new_service_name'] = service_name
return redirect('horizon:endpoints_management:endpoints_management:service', service_name)
def form_valid(self, form):
try:
handled = form.handle(self.request, form.cleaned_data)
except Exception:
handled = None
exceptions.handle(self.request)
if handled:
domain_id = self.kwargs["domain_id"]
access_type = form.cleaned_data["type"]
control_type = form.cleaned_data['access_type']
refer = form.cleaned_data["refer"]
white_list = form.cleaned_data["white_list"]
black_list = form.cleaned_data["black_list"]
forbid_ip = form.cleaned_data["forbid_ip"]
domain = Domain.objects.get(pk=domain_id)
if domain.status == 'Deployed':
modify = middware.DomainManage()
if control_type == 'white':
if forbid_ip == u'':
visitControlRule = middware.domainApi.VisitControlRule(pathPattern=str(access_type),
allowNullReferer=refer,
validReferers=str(white_list).strip('\r\n').split('\r\n'))
else:
visitControlRule = middware.domainApi.VisitControlRule(pathPattern=str(access_type),
allowNullReferer=refer,
validReferers=str(white_list).strip('\r\n').split('\r\n'),
forbiddenIps=str(forbid_ip).strip('\r\n').split('\r\n'))
else:
if forbid_ip == u'':
visitControlRule = middware.domainApi.VisitControlRule(pathPattern=str(access_type),
invalidReferers=str(black_list).strip('\r\n').split('\r\n'))
else:
visitControlRule = middware.domainApi.VisitControlRule(pathPattern=str(access_type),
invalidReferers=str(black_list).strip('\r\n').split('\r\n'),
forbiddenIps=str(forbid_ip).strip('\r\n').split('\r\n'))
domain_class = middware.domainApi.Domain(domainId=domain.domain_id,
visitControlRules=[visitControlRule])
ret = modify.modify(domain_class)
if ret.getMsg() == 'success':
msg = _("modify successfully")
messages.success(self.request, msg)
access_id = self.kwargs['access_id']
access = AccessControl.objects.get(pk=access_id)
access.pathPattern = access_type
access.allowNullReffer = refer
access.validRefers = white_list
access.invalidRefers = black_list
access.forbiddenIps = forbid_ip
access.save()
else:
messages.error(self.request, ret.getMsg())
redirect_url = self.get_success_url()
return HttpResponseRedirect(redirect_url)
else:
msg = _("%s status is %s, can not do this action") % (domain.domain_name, _(domain.status))
messages.warning(self.request, msg)
redirect_url = self.get_success_url()
return HttpResponseRedirect(redirect_url)
def get_initial(self, **kwargs):
initial = super(ActionWorkflowView, self).get_initial()
try:
action_id, job_id = self.kwargs['job_id'].split('===')
except ValueError:
job_id = self.kwargs['job_id']
action_id = None
if self.is_update():
initial.update({'original_name': None})
job = self.get_object()[0]
d = job.get_dict()
for action in d['job_actions']:
try:
if action['action_id'] == action_id:
actions = create_dict_action(**action)
rules = {k: v for k, v in action.items()
if not k == 'freezer_action'}
initial.update(**actions['freezer_action'])
initial.update(**rules)
except KeyError:
messages.warning(self.request, _("Cannot edit an action "
"created by the scheduler"))
exceptions.handle(self.request, "")
initial.update({'original_name': job.id})
return initial
def get_context_data(self, **kwargs):
context = super(VerifyView, self).get_context_data(**kwargs)
domain_id = self.kwargs['domain_id']
domain = Domain.objects.get(pk=domain_id)
domain_name = domain.domain_name
check_method = middware.DomainManage()
check_info = check_method.verify_file_check(str(domain_name))
memcached_servers=settings.CACHES.get("default").get("LOCATION")
mc = memcache.Client(memcached_servers)
domain_uuid = mc.get(str(domain_name))
if domain.status == 'unverified' or domain.status == 'failed':
if domain_uuid is not None:
if not check_info:
context["message"] = _("Please create name which name is on below into your web server(%s),"
"and write: ") % domain_name
context["uuid"] = domain_uuid
context["file"] = domain_uuid+'.txt'
msg = _("Not detected verification file")
messages.warning(self.request, msg)
else:
context["message"] = _("Verification file has been detected, please verify")
else:
domain.status = 'failed'
domain.save()
elif domain.status == 'addfailed':
context["message"] = _("The %s status is %s") % (domain.domain_name, _(domain.status))
else:
context["disable"] = 'disabled="disable"'
context["message"] = _("The %s status is %s") % (domain.domain_name, _(domain.status))
args = (self.kwargs['domain_id'],)
context['submit_url'] = reverse(self.submit_url, args=args)
return context
def disable(self, request, obj_id):
try:
# 执行删除前状态检查
domain = Domain.objects.get(pk=obj_id)
if domain.status == 'Deployed':
domain.status = 'inProgress'
domain.save()
a = middware.DomainManage()
a.disable(domainId=domain.domain_id)
# 插入操作日志
Logger(request).create(resource_type='CDN', action_name='Disable Domain Name',
resource_name='CDN', config=_('Domain: %s') %domain.domain_name,
status='Success')
else:
# 插入操作日志
Logger(request).create(resource_type='CDN', action_name='Disable Domain Name',
resource_name='CDN', config=_('Domain: %s') %domain.domain_name,
status='Error')
msg = _("%s status is %s, can not do this action") % (domain.domain_name, _(domain.status))
messages.warning(request, msg)
except Exception:
# 插入操作日志
Logger(request).create(resource_type='CDN', action_name='Disable Domain Name',
resource_name='CDN', config='',
status='Error')
obj = self.table.get_object_by_id(obj_id)
name = self.table.get_object_display(obj)
msg = _('Unable to disable domain %s') % name
LOG.info(msg)
messages.error(request, msg)
exceptions.handle(request, msg)
redirect = reverse(self.redirect_url)
raise exceptions.Http302(redirect, message=msg)
def done(self, form_list, **kwargs):
data = self.get_all_cleaned_data()
app_id = self.storage.get_step_data("upload")["package"].id
# Remove package file from result data
for key in ("package", "import_type", "url", "repo_version", "repo_name"):
del data[key]
dep_pkgs = self.storage.get_step_data("upload").get("dependencies", [])
redirect = reverse("horizon:murano:packages:index")
dep_data = {"enabled": data["enabled"], "is_public": data["is_public"]}
murano_client = api.muranoclient(self.request)
for dep_pkg in dep_pkgs:
try:
murano_client.packages.update(dep_pkg.id, dep_data)
except Exception as e:
msg = _("Couldn't update package {0} parameters. Error: {1}").format(dep_pkg.fully_qualified_name, e)
LOG.warning(msg)
messages.warning(self.request, msg)
try:
data["tags"] = [t.strip() for t in data["tags"].split(",")]
murano_client.packages.update(app_id, data)
except exc.HTTPForbidden:
msg = _("You are not allowed to change" " this properties of the package")
LOG.exception(msg)
exceptions.handle(self.request, msg, redirect=reverse("horizon:murano:packages:index"))
except (exc.HTTPException, Exception):
LOG.exception(_("Modifying package failed"))
exceptions.handle(self.request, _("Unable to modify package"), redirect=redirect)
else:
msg = _("Package parameters successfully updated.")
LOG.info(msg)
messages.success(self.request, msg)
return http.HttpResponseRedirect(redirect)
def _is_removing_self_admin_role(self, request, project_id, user_id,
available_roles, current_role_ids):
is_current_user = user_id == request.user.id
is_current_project = project_id == request.user.tenant_id
available_admin_role_ids = [role.id for role in available_roles
if role.name.lower() == 'admin']
admin_roles = [role for role in current_role_ids
if role in available_admin_role_ids]
if len(admin_roles):
removing_admin = any([role in current_role_ids
for role in admin_roles])
else:
removing_admin = False
if is_current_user and is_current_project and removing_admin:
# Cannot remove "admin" role on current(admin) project
msg = _('You cannot revoke your administrative privileges '
'from the project you are currently logged into. '
'Please switch to another project with '
'administrative privileges or remove the '
'administrative role manually via the CLI.')
messages.warning(request, msg)
return True
else:
return False
def handle(self, request, data):
failed, succeeded = [], []
user_is_editable = api.keystone.keystone_can_edit_user()
user = data.pop('id')
tenant = data.pop('tenant_id')
if user_is_editable:
password = data.pop('password')
data.pop('confirm_password', None)
if user_is_editable:
# Update user details
msg_bits = (_('name'), _('email'))
try:
api.keystone.user_update(request, user, **data)
succeeded.extend(msg_bits)
except:
failed.extend(msg_bits)
exceptions.handle(request, ignore=True)
# Update default tenant
msg_bits = (_('primary project'),)
try:
api.keystone.user_update_tenant(request, user, tenant)
succeeded.extend(msg_bits)
except:
failed.append(msg_bits)
exceptions.handle(request, ignore=True)
# Check for existing roles
# Show a warning if no role exists for the tenant
user_roles = api.keystone.roles_for_user(request, user, tenant)
if not user_roles:
messages.warning(request,
_('The user %s has no role defined for' +
' that project.')
% data.get('name', None))
if user_is_editable:
# If present, update password
# FIXME(gabriel): password change should be its own form and view
if password:
msg_bits = (_('password'),)
try:
api.keystone.user_update_password(request, user, password)
succeeded.extend(msg_bits)
if user == request.user.id:
logout(request)
except:
failed.extend(msg_bits)
exceptions.handle(request, ignore=True)
if succeeded:
messages.success(request, _('User has been updated successfully.'))
if failed:
failed = map(force_unicode, failed)
messages.error(request,
_('Unable to update %(attributes)s for the user.')
% {"attributes": ", ".join(failed)})
return True
def update_cell(self, request, datum, obj_id, cell_name, new_cell_value):
try:
if not new_cell_value or new_cell_value.isspace():
message = _("The environment name field cannot be empty.")
messages.warning(request, message)
raise ValueError(message)
mc = api_utils.muranoclient(request)
mc.environments.update(datum.id, name=new_cell_value)
except exc.HTTPConflict:
message = _("This name is already taken.")
messages.warning(request, message)
LOG.warning(_("Couldn't update environment. Reason: ") + message)
# FIXME(kzaitsev): There is a bug in horizon and inline error
# icons are missing. This means, that if we return 400 here, by
# raising django.core.exceptions.ValidationError(message) the UI
# will break a little. Until the bug is fixed this will raise 500
# bug link: https://bugs.launchpad.net/horizon/+bug/1359399
# Alternatively this could somehow raise 409, which would result
# in the same behaviour.
raise ValueError(message)
except Exception:
exceptions.handle(request, ignore=True)
return False
return True
def handle(self, request, context):
validate_code = context.get('validate_code', None)
if validate_code:
request.session[validate_code] = None
instance_id = context.get('instance_id', None)
instance_name = context.get('name', None)
username = context.get("username", None)
password = context.get("password", None)
image_name = context.get("image_name", None)
is_allow_inject_passwd = context.get("is_allow_inject_passwd", 'False')
is_allow_inject_passwd = True if 'True' == is_allow_inject_passwd else False
is_sync_set_root = context.get("is_sync_set_root", False)
is_reboot = context.get('is_reboot', False)
if not is_allow_inject_passwd:
messages.warning(request, _('Unable to Reset Password for instance %s.') % instance_name)
return False
try:
#instance = api.nova.server_get(request, instance_id)
user_data_script_helper = userdata.UserDataScriptHelper(image_name, is_sync_set_root=is_sync_set_root, is_rebuild=True)
user_data = user_data_script_helper.get_user_data(username, password)
api.nova.server_change_user_data(request, instance_id, user_data)
# operation log
config = _('Instance Name: %s') % instance_name
api.logger.Logger(request).create(resource_type='instance',
action_name='Reset Password',
resource_name='Instance',
config=config,
status='Success')
def hard_reboot():
api.nova.server_reboot(request, instance_id, soft_reboot=True)
# operation log
api.logger.Logger(request).create(resource_type='instance',
action_name='Reboot System',
resource_name='Instance',
config=_('Instance Name: %s') % instance_name,
status='Success')
if is_reboot:
hard_reboot()
return True
except Exception:
exceptions.handle(request)
# operation log
api.logger.Logger(request).create(resource_type='instance', action_name='Reset Password',
resource_name='Instance', config='',
status='Error')
return False
def single(self, table, request, object_id):
try:
api.trove.root_disable(request, object_id)
table.data[0].password = None
messages.success(request, _("Successfully disabled root access."))
except Exception as e:
messages.warning(request,
_("Cannot disable root access: %s") % e.message)
def handle(self, request, data):
superset_id = data['superset_id']
member_step = self.get_step(self.member_slug)
self.relationship = self._load_relationship_api()
try:
object_list = self.relationship._list_all_objects(
request, superset_id)
owners_objects_relationship = \
self.relationship._list_current_assignments(request,
superset_id)
# re-index by object with a owner list for easier processing
# in later steps
current_objects = idm_utils.swap_dict(owners_objects_relationship)
# Parse the form data
modified_objects = {}
for obj in object_list:
field_name = member_step.get_member_field_name(obj.id)
modified_objects[obj.id] = data[field_name]
# Create the delete and add sets
objects_to_add, objects_to_delete = \
self._create_add_and_delete_sets(modified_objects,
current_objects)
# Add the objects
for object_id in objects_to_add:
for owner_id in objects_to_add[object_id]:
if (not self.current_user_editable
and owner_id == request.user.id):
messages.warning(
request, 'You can\'t edit your own roles')
else:
self.relationship._add_object_to_owner(
self.request,
superset=superset_id,
owner=owner_id,
obj=object_id)
# Remove the objects
for object_id in objects_to_delete:
for owner_id in objects_to_delete[object_id]:
if (not self.current_user_editable
and owner_id == request.user.id):
messages.warning(
request, 'You can\'t edit your own roles')
else:
self.relationship._remove_object_from_owner(
self.request,
superset=superset_id,
owner=owner_id,
obj=object_id)
return True
except Exception:
exceptions.handle(request,
('Failed to modify organization\'s members.'))
return False
def allowed(self, request, datum):
try:
if self.table:
quota = api.designate.quota_get(request)
return quota['domains'] > len(self.table.data)
except:
msg = _("The quotas could not be retrieved.")
messages.warning(request, msg)
return True
def form_valid(self, form):
try:
handled = form.handle(self.request, form.cleaned_data)
except Exception:
handled = None
exceptions.handle(self.request)
if handled:
domain_id = self.kwargs['domain_id']
cache_type = form.cleaned_data['type']
ignore = form.cleaned_data["ignore"]
time = form.cleaned_data["time"]
domain = Domain.objects.get(pk=domain_id)
if domain.status == 'Deployed':
modify = middware.DomainManage()
ret = modify.find(domain.domain_id)
domain_result = ret.getDomain()
cacheBehavior = middware.domainApi.CacheBehavior(pathPattern=cache_type, ignoreCacheControl=ignore,
cacheTtl=time)
if domain_result.cacheBehaviors is not None:
domain_class = middware.domainApi.Domain(domainId=domain.domain_id,
cacheBehaviors=domain_result.cacheBehaviors+[cacheBehavior])
else:
domain_class = middware.domainApi.Domain(domainId=domain.domain_id, cacheBehaviors=[cacheBehavior])
ret = modify.modify(domain_class)
if ret.getMsg() == 'success':
msg = _("modify successfully")
messages.success(self.request, msg)
cache_id = self.kwargs["cache_id"]
cache = CacheRule.objects.get(pk=cache_id)
cache.pathPattern = cache_type
cache.ignoreCacheControl = ignore
cache.cacheTtl = time
cache.save()
# 插入操作日志
Logger(self.request).create(resource_type='CDN', action_name='Update Cache',
resource_name='CDN', config=_('Domain: %s') %domain.domain_name,
status='Success')
else:
messages.error(self.request, ret.getMsg())
# 插入操作日志
Logger(self.request).create(resource_type='CDN', action_name='Update Cache',
resource_name='CDN', config=_('Domain: %s') %domain.domain_name,
status='Error')
redirect_url = self.get_success_url()
return HttpResponseRedirect(redirect_url)
else:
# 插入操作日志
Logger(self.request).create(resource_type='CDN', action_name='Update Cache',
resource_name='CDN', config=_('Domain: %s') %domain.domain_name,
status='Error')
msg = _("%s status is %s, can not do this action") % (domain.domain_name, _(domain.status))
messages.warning(self.request, msg)
redirect_url = self.get_success_url()
return HttpResponseRedirect(redirect_url)
def swift_delete_container(request, name):
# It cannot be deleted if it's not empty. The batch remove of objects
# be done in swiftclient instead of Horizon.
objects, more = swift_get_objects(request, name)
if objects:
messages.warning(request,
_("The container cannot be deleted since it's not empty."))
return False
swift_api(request).delete_container(name)
return True
def allowed(self, request, datum):
if policy.check((("dns", "get_quota"),), request):
try:
if self.table:
quota = api.designate.quota_get(request)
return quota['domains'] > len(self.table.data)
except Exception:
msg = _("The quotas could not be retrieved.")
messages.warning(request, msg)
return True
def user_update(request, user,admin=False, **data):
manager = keystoneclient(request, admin=admin).users
error = None
if not keystone_can_edit_user():
raise keystone_exceptions.ClientException(405, _("Identity service "
"does not allow editing user data."))
# The v2 API updates user model, password and default project separately
if VERSIONS.active < 3:
password = data.pop('password')
project = data.pop('project')
# Update user details
try:
user = manager.update(user, **data)
except Exception:
error = exceptions.handle(request, ignore=True)
# Update default tenant
try:
user_update_tenant(request, user, project)
user.tenantId = project
except Exception:
error = exceptions.handle(request, ignore=True)
# Check for existing roles
# Show a warning if no role exists for the project
user_roles = roles_for_user(request, user, project)
if not user_roles:
messages.warning(request,
_('User %s has no role defined for '
'that project.')
% data.get('name', None))
# If present, update password
# FIXME(gabriel): password change should be its own form + view
if password:
try:
user_update_password(request, user, password)
if user == request.user.id:
logout(request)
except Exception:
error = exceptions.handle(request, ignore=True)
if error is not None:
raise error
# v3 API is so much simpler...
else:
if not data['password']:
data.pop('password')
user = manager.update(user, **data)
return VERSIONS.upgrade_v2_user(user)
def get(self, request, *args, **kwargs):
enable_metering_feature = getattr(
self.request, 'enable_metering_feature', False)
if not enable_metering_feature:
response = splash(request)
msg = _('Oops,this feature had been disabled, please go to '
'"Global Settings" page to check the configuration')
messages.warning(request, msg)
else:
response = super(IndexView, self).get(request, *args, **kwargs)
return response
def console(request, instance_id, filename):
tail = request.GET.get('length')
if not tail or (tail and not tail.isdigit()):
msg = _('Log length must be a nonnegative integer.')
messages.warning(request, msg)
data = (_('Unable to load {0} log for instance "{1}".')
.format(filename, instance_id))
return http.HttpResponse(data.encode('utf-8'),
content_type='text/plain')
return build_response(request, instance_id, filename, tail)
def get(self, request, *args, **kwargs):
enable_image_upload_delete = getattr(
self.request, 'enable_image_upload_delete', False)
if not enable_image_upload_delete:
response = splash(request)
msg = _('Sorry,The image upload and delete function is disable, '
'please connect with administrator')
messages.warning(request, msg)
else:
response = super(ContribCreateView, self).get(request,
*args, **kwargs)
return response
def _get_vip(request, pool, vip_dict):
if pool["vip_id"] is not None:
try:
if vip_dict:
vip = vip_dict.get(pool["vip_id"])
else:
vip = _vip_get(request, pool["vip_id"])
except Exception:
messages.warning(request, _("Unable to get VIP for pool " "%(pool)s.") % {"pool": pool["id"]})
vip = Vip({"id": pool["vip_id"], "name": ""})
return vip
else:
return None
def handle(self, request, data):
try:
instance_id = data['instance_id']
metadatas = utils.get_metadata(self.request, instance_id)
if data['name'] not in metadatas.keys():
metadatas.update({data['name']:data['value']})
utils.set_metadata(self.request, instance_id, metadatas)
messages.success(request,_('Metadata was successfully added.'))
return True
else:
messages.warning(request,_('Such metadata key already exists. Please, go to Update Metadata to change it.'))
except Exception:
exceptions.handle(request,_('Unable to add metadata.'))
def user_update(request, user, **data):
manager = keystoneclient(request, admin=True).users
error = None
if not keystone_can_edit_user():
raise keystone_exceptions.ClientException(405, _("Identity service " "does not allow editing user data."))
# The v2 API updates user model, password and default project separately
if VERSIONS.active < 3:
password = data.pop("password")
project = data.pop("project")
# Update user details
try:
user = manager.update(user, **data)
except Exception:
error = exceptions.handle(request, ignore=True)
# Update default tenant
try:
user_update_tenant(request, user, project)
user.tenantId = project
except Exception:
error = exceptions.handle(request, ignore=True)
# Check for existing roles
# Show a warning if no role exists for the project
user_roles = roles_for_user(request, user, project)
if not user_roles:
messages.warning(request, _("User %s has no role defined for " "that project.") % data.get("name", None))
# If present, update password
# FIXME(gabriel): password change should be its own form + view
if password:
try:
user_update_password(request, user, password)
if user.id == request.user.id:
return utils.logout_with_message(request, _("Password changed. Please log in again to continue."))
except Exception:
error = exceptions.handle(request, ignore=True)
if error is not None:
raise error
# v3 API is so much simpler...
else:
if not data["password"]:
data.pop("password")
user = manager.update(user, **data)
if data.get("password") and user.id == request.user.id:
return utils.logout_with_message(request, _("Password changed. Please log in again to continue."))
def _get_network_list(self, request):
search_opts = {"router:external": True}
try:
networks = api.neutron.network_list(request, **search_opts)
except Exception:
msg = _("Failed to get network list.")
LOG.info(msg)
messages.warning(request, msg)
networks = []
choices = [(network.id, network.name or network.id) for network in networks]
if choices:
choices.insert(0, ("", _("Select network")))
return choices
def _pool_get(request, pool_id, expand_resource=False):
try:
pool = neutronclient(request).show_pool(pool_id).get('pool')
except Exception:
messages.warning(request, _("Unable to get pool detail."))
return None
if expand_resource:
# TODO(lyj): The expand resource(subnet, member etc.) attached
# to a pool could be deleted without cleanup pool related database,
# this will cause exceptions if we trying to get the deleted resources.
# so we need to handle the situation by showing a warning message here.
# we can safely remove the try/except once the neutron bug is fixed
# https://bugs.launchpad.net/neutron/+bug/1406854
try:
pool['subnet'] = neutron.subnet_get(request, pool['subnet_id'])
except Exception:
messages.warning(request, _("Unable to get subnet for pool "
"%(pool)s.") % {"pool": pool_id})
pool['vip'] = _get_vip(request, pool, vip_dict=None,
expand_name_only=False)
try:
pool['members'] = _member_list(request, expand_pool=False,
pool_id=pool_id)
except Exception:
messages.warning(request, _("Unable to get members for pool "
"%(pool)s.") % {"pool": pool_id})
try:
pool['health_monitors'] = pool_health_monitor_list(
request, id=pool['health_monitors'])
except Exception:
messages.warning(request,
_("Unable to get health monitors "
"for pool %(pool)s.") % {"pool": pool_id})
return Pool(pool)
def console(request, instance_id):
data = _('Unable to get log for instance "%s".') % instance_id
tail = request.GET.get('length')
if tail and not tail.isdigit():
msg = _('Log length must be a nonnegative integer.')
messages.warning(request, msg)
else:
try:
data = api.nova.server_console_output(request,
instance_id,
tail_length=tail)
except Exception:
exceptions.handle(request, ignore=True)
return http.HttpResponse(data.encode('utf-8'), content_type='text/plain')
def _get_server_list(self, request):
# search_opts = {'router:external': False}
try:
servers,has_more_data = api.nova.server_list(request)
except Exception:
msg = _('Failed to get server list.')
LOG.info(msg)
messages.warning(request, msg)
servers = []
choices = [(server.id, server.name or server.id)
for server in servers]
# if choices:
choices.insert(0, ("", _("Select server")))
return choices
def verify_view(request, domain_id):
redirect_url = reverse_lazy('horizon:cdn:cdn_domain_manager:index')
try:
domain_id = domain_id
domain_list = Domain.objects.get(pk=domain_id)
domain_name = domain_list.domain_name
origin_type = domain_list.source_type
origin_address = domain_list.sourceaddress_set.filter(
domain_id=domain_id)
if origin_type == 'url':
origin_config = middware.domainApi.OriginConfig(
originDomainName=origin_address[0].source_address)
else:
originips = [i.source_address for i in origin_address]
origin_config = middware.domainApi.OriginConfig(
originIps=originips)
domain_class = middware.domainApi.Domain(domainName=domain_name,
comment='syscloud',
originConfig=origin_config,
serviceType='web')
domain = middware.DomainManage()
if domain_list.status == 'unverified' or domain_list.status == 'failed' or domain_list.status == 'addfailed':
if domain.verify_file_check(str(domain_name)):
ret = domain.add(domain_class)
msg = ret.getMsg()
status = ret.getRet()
if status == 202:
domain_ret = ret.location.split('/')
domainId = domain_ret[len(domain_ret) - 1]
domain_list.domain_id = domainId
domain_list.domain_cname = ret.cname
domain_list.xCncRequestId = ret.xCncRequestId
domain_list.status = 'inProgress'
domain_list.save()
messages.success(request, msg)
# 插入操作日志
Logger(request).create(resource_type='CDN',
action_name='Verify Domain',
resource_name='CDN',
config=_('Domain: %s') %
domain_name,
status='Success')
else:
messages.error(request, msg)
logging.warning('CDN:' + domain_name + ':' + msg)
domain_list.error_log = msg
domain_list.status = 'addfailed'
domain_list.save()
# 插入操作日志
Logger(request).create(
resource_type='CDN',
action_name='Verify Domain',
resource_name='CDN',
config=_('Audit Error Log(%s): %s') %
(domain_name, msg),
status='Error')
else:
domain_list.status = 'failed'
domain_list.save()
Logger(request).create(resource_type='CDN',
action_name='Verify Domain',
resource_name='CDN',
config=_('Domain: %s') % domain_name,
status='Error')
else:
msg = _("the %s status is %s") % (domain_list.domain_name,
_(domain_list.status))
messages.warning(request, msg)
return HttpResponseRedirect(redirect_url)
except Exception:
Logger(request).create(resource_type='CDN',
action_name='Verify Domain',
resource_name='CDN',
config='',
status='Error')
msg = _('Failed')
redirect = redirect_url
exceptions.handle(request, msg, redirect=redirect)
return False
def form_valid(self, form):
try:
handled = form.handle(self.request, form.cleaned_data)
except Exception:
handled = None
exceptions.handle(self.request)
if handled:
domain_id = self.kwargs["domain_id"]
access_type = form.cleaned_data["type"]
control_type = form.cleaned_data['access_type']
refer = form.cleaned_data["refer"]
white_list = form.cleaned_data["white_list"]
black_list = form.cleaned_data["black_list"]
forbid_ip = form.cleaned_data["forbid_ip"]
domain = Domain.objects.get(pk=domain_id)
if domain.status == 'Deployed':
modify = middware.DomainManage()
if control_type == 'white':
if forbid_ip == u'':
visitControlRule = middware.domainApi.VisitControlRule(
pathPattern=str(access_type),
allowNullReferer=refer,
validReferers=str(white_list).strip('\r\n').split(
'\r\n'))
else:
visitControlRule = middware.domainApi.VisitControlRule(
pathPattern=str(access_type),
allowNullReferer=refer,
validReferers=str(white_list).strip('\r\n').split(
'\r\n'),
forbiddenIps=str(forbid_ip).strip('\r\n').split(
'\r\n'))
else:
if forbid_ip == u'':
visitControlRule = middware.domainApi.VisitControlRule(
pathPattern=str(access_type),
invalidReferers=str(black_list).strip(
'\r\n').split('\r\n'))
else:
visitControlRule = middware.domainApi.VisitControlRule(
pathPattern=str(access_type),
invalidReferers=str(black_list).strip(
'\r\n').split('\r\n'),
forbiddenIps=str(forbid_ip).strip('\r\n').split(
'\r\n'))
domain_class = middware.domainApi.Domain(
domainId=domain.domain_id,
visitControlRules=[visitControlRule])
ret = modify.modify(domain_class)
if ret.getMsg() == 'success':
msg = _("modify successfully")
messages.success(self.request, msg)
access_id = self.kwargs['access_id']
access = AccessControl.objects.get(pk=access_id)
access.pathPattern = access_type
access.allowNullReffer = refer
access.validRefers = white_list
access.invalidRefers = black_list
access.forbiddenIps = forbid_ip
access.save()
else:
messages.error(self.request, ret.getMsg())
redirect_url = self.get_success_url()
return HttpResponseRedirect(redirect_url)
else:
msg = _("%s status is %s, can not do this action") % (
domain.domain_name, _(domain.status))
messages.warning(self.request, msg)
redirect_url = self.get_success_url()
return HttpResponseRedirect(redirect_url)
def __init__(self, *args, **kwargs):
__method__ = 'tabs.InventoryRacksTabs.__init__'
# This will instantiate the default tab (needed so generic tabs can
# be created for each rack)
super(InventoryRacksTabs, self).__init__(*args, **kwargs)
# to create each generic tab, the tab group and request are needed
tab_group = self
request = self._tabs['default_tab'].request
# objects to hold new list of tabs (classes) and defined_tabs objects
list_tabs = [] # hold list of new tab classes for the tab group
defined_tabs = self._tabs.__class__()
# Retrieve all defined racks (so the list of actual tabs can be
# created)
logging.debug("%s: before retrieving rack all racks", __method__)
(rc, result_dict) = rack_mgr.list_racks()
if rc != 0:
messages.error(
self.request,
_('Unable to retrieve Operational'
' Management inventory information'
' for racks.'))
logging.error(
'%s: Unable to retrieve Operational Management'
' inventory information. A Non-0 return code'
' returned from rack_mgr.list_racks. The'
' return code is: %s', __method__, rc)
return
all_racks = result_dict['racks']
if len(all_racks) <= 0:
# Display this message at the warning-level so that it remains
# visible until dismissed. If sent at the info-level, it will only
# display for a few seconds before disapparing automatically.
messages.warning(
self.request,
_('No racks exist in the '
'Operational Management '
'inventory.'))
# loop through each rack (creating a defined tab for each)
for a_rack in all_racks:
# For each rack, build a defined rack tab
# create a defined rack tab (instantiating a generic tab)
defined_rack_tab = GenericTab(tab_group, request)
# initialize the defined rack tab (with rack information)
defined_rack_tab.initialize(a_rack["label"], a_rack['rackid'])
# Add the defined rack tab class to the list of classes in the
# tab group
list_tabs.append(defined_rack_tab.__class__)
# Add the defined rack tab (the new tab) to the list of defined
# tabs
defined_tabs[a_rack["label"] + "_tab"] = defined_rack_tab
logging.debug("%s: creating a new tab for rack with label: %s",
__method__, a_rack['label'])
# end loop through each rack
# clear out that default tab from the tab group
self._tabs.clear()
# update the tab group with the list of defined tabs
self._tabs.update(defined_tabs)
# update tabs with the list of tab classes
self.tabs = tuple(list_tabs)
# Add the application URLs to the list of attributes of the tab group.
# We need those attributes when launching various applications
self.attrs.update(retrieve_application_links(self, request))
def _update_domain_members(self, request, domain_id, data):
# update domain members
users_to_modify = 0
# Project-user member step
member_step = self.get_step(constants.DOMAIN_USER_MEMBER_SLUG)
try:
# Get our role options
available_roles = api.keystone.role_list(request)
# Get the users currently associated with this project so we
# can diff against it.
domain_members = api.keystone.user_list(request, domain=domain_id)
users_to_modify = len(domain_members)
for user in domain_members:
# Check if there have been any changes in the roles of
# Existing project members.
current_roles = api.keystone.roles_for_user(self.request,
user.id,
domain=domain_id)
current_role_ids = [role.id for role in current_roles]
for role in available_roles:
field_name = member_step.get_member_field_name(role.id)
# Check if the user is in the list of users with this role.
if user.id in data[field_name]:
# Add it if necessary
if role.id not in current_role_ids:
# user role has changed
api.keystone.add_domain_user_role(request,
domain=domain_id,
user=user.id,
role=role.id)
else:
# User role is unchanged, so remove it from the
# remaining roles list to avoid removing it later.
index = current_role_ids.index(role.id)
current_role_ids.pop(index)
# Prevent admins from doing stupid things to themselves.
is_current_user = user.id == request.user.id
# TODO(lcheng) When Horizon moves to Domain scoped token for
# invoking identity operation, replace this with:
# domain_id == request.user.domain_id
is_current_domain = True
admin_roles = [
role for role in current_roles
if role.name.lower() == 'admin'
]
if len(admin_roles):
removing_admin = any(
[role.id in current_role_ids for role in admin_roles])
else:
removing_admin = False
if is_current_user and is_current_domain and removing_admin:
# Cannot remove "admin" role on current(admin) domain
msg = _('You cannot revoke your administrative privileges '
'from the domain you are currently logged into. '
'Please switch to another domain with '
'administrative privileges or remove the '
'administrative role manually via the CLI.')
messages.warning(request, msg)
# Otherwise go through and revoke any removed roles.
else:
for id_to_delete in current_role_ids:
api.keystone.remove_domain_user_role(request,
domain=domain_id,
user=user.id,
role=id_to_delete)
users_to_modify -= 1
# Grant new roles on the project.
for role in available_roles:
field_name = member_step.get_member_field_name(role.id)
# Count how many users may be added for exception handling.
users_to_modify += len(data[field_name])
for role in available_roles:
users_added = 0
field_name = member_step.get_member_field_name(role.id)
for user_id in data[field_name]:
if not filter(lambda x: user_id == x.id, domain_members):
api.keystone.add_tenant_user_role(request,
project=domain_id,
user=user_id,
role=role.id)
users_added += 1
users_to_modify -= users_added
return True
except Exception:
exceptions.handle(
request,
_('Failed to modify %s project '
'members and update domain groups.') % users_to_modify)
return False
def handle(self, request, data):
# FIXME(gabriel): This should be refactored to use Python's built-in
# sets and do this all in a single "roles to add" and "roles to remove"
# pass instead of the multi-pass thing happening now.
domain_context = request.session.get('domain_context', None)
project_id = data['project_id']
# update project info
try:
api.keystone.tenant_update(request,
project_id,
name=data['name'],
description=data['description'],
enabled=data['enabled'])
except Exception:
exceptions.handle(request, ignore=True)
return False
# update project members
users_to_modify = 0
# Project-user member step
member_step = self.get_step(PROJECT_USER_MEMBER_SLUG)
try:
# Get our role options
available_roles = api.keystone.role_list(request)
# Get the users currently associated with this project so we
# can diff against it.
project_members = api.keystone.user_list(request,
project=project_id)
users_to_modify = len(project_members)
for user in project_members:
# Check if there have been any changes in the roles of
# Existing project members.
current_roles = api.keystone.roles_for_user(
self.request, user.id, project_id)
current_role_ids = [role.id for role in current_roles]
for role in available_roles:
field_name = member_step.get_member_field_name(role.id)
# Check if the user is in the list of users with this role.
if user.id in data[field_name]:
# Add it if necessary
if role.id not in current_role_ids:
# user role has changed
api.keystone.add_tenant_user_role(
request,
project=project_id,
user=user.id,
role=role.id)
else:
# User role is unchanged, so remove it from the
# remaining roles list to avoid removing it later.
index = current_role_ids.index(role.id)
current_role_ids.pop(index)
# Prevent admins from doing stupid things to themselves.
is_current_user = user.id == request.user.id
is_current_project = project_id == request.user.tenant_id
admin_roles = [
role for role in current_roles
if role.name.lower() == 'admin'
]
if len(admin_roles):
removing_admin = any(
[role.id in current_role_ids for role in admin_roles])
else:
removing_admin = False
if is_current_user and is_current_project and removing_admin:
# Cannot remove "admin" role on current(admin) project
msg = _('You cannot revoke your administrative privileges '
'from the project you are currently logged into. '
'Please switch to another project with '
'administrative privileges or remove the '
'administrative role manually via the CLI.')
messages.warning(request, msg)
# Otherwise go through and revoke any removed roles.
else:
for id_to_delete in current_role_ids:
api.keystone.remove_tenant_user_role(
request,
project=project_id,
user=user.id,
role=id_to_delete)
users_to_modify -= 1
# Grant new roles on the project.
for role in available_roles:
field_name = member_step.get_member_field_name(role.id)
# Count how many users may be added for exception handling.
users_to_modify += len(data[field_name])
for role in available_roles:
users_added = 0
field_name = member_step.get_member_field_name(role.id)
for user_id in data[field_name]:
if not filter(lambda x: user_id == x.id, project_members):
api.keystone.add_tenant_user_role(request,
project=project_id,
user=user_id,
role=role.id)
users_added += 1
users_to_modify -= users_added
except Exception:
if PROJECT_GROUP_ENABLED:
group_msg = _(", update project groups")
else:
group_msg = ""
exceptions.handle(
request,
_('Failed to modify %(users_to_modify)s'
' project members%(group_msg)s and '
'update project quotas.') % {
'users_to_modify': users_to_modify,
'group_msg': group_msg
})
return True
if PROJECT_GROUP_ENABLED:
# update project groups
groups_to_modify = 0
member_step = self.get_step(PROJECT_GROUP_MEMBER_SLUG)
try:
# Get the groups currently associated with this project so we
# can diff against it.
project_groups = api.keystone.group_list(request,
domain=domain_context,
project=project_id)
groups_to_modify = len(project_groups)
for group in project_groups:
# Check if there have been any changes in the roles of
# Existing project members.
current_roles = api.keystone.roles_for_group(
self.request, group=group.id, project=project_id)
current_role_ids = [role.id for role in current_roles]
for role in available_roles:
# Check if the group is in the list of groups with
# this role.
field_name = member_step.get_member_field_name(role.id)
if group.id in data[field_name]:
# Add it if necessary
if role.id not in current_role_ids:
# group role has changed
api.keystone.add_group_role(request,
role=role.id,
group=group.id,
project=project_id)
else:
# Group role is unchanged, so remove it from
# the remaining roles list to avoid removing it
# later.
index = current_role_ids.index(role.id)
current_role_ids.pop(index)
# Revoke any removed roles.
for id_to_delete in current_role_ids:
api.keystone.remove_group_role(request,
role=id_to_delete,
group=group.id,
project=project_id)
groups_to_modify -= 1
# Grant new roles on the project.
for role in available_roles:
field_name = member_step.get_member_field_name(role.id)
# Count how many groups may be added for error handling.
groups_to_modify += len(data[field_name])
for role in available_roles:
groups_added = 0
field_name = member_step.get_member_field_name(role.id)
for group_id in data[field_name]:
if not filter(lambda x: group_id == x.id,
project_groups):
api.keystone.add_group_role(request,
role=role.id,
group=group_id,
project=project_id)
groups_added += 1
groups_to_modify -= groups_added
except Exception:
exceptions.handle(
request,
_('Failed to modify %s project '
'members, update project groups '
'and update project quotas.' % groups_to_modify))
return True
# update the project quota
nova_data = dict([(key, data[key])
for key in quotas.NOVA_QUOTA_FIELDS])
try:
nova.tenant_quota_update(request, project_id, **nova_data)
if base.is_service_enabled(request, 'volume'):
cinder_data = dict([(key, data[key])
for key in quotas.CINDER_QUOTA_FIELDS])
cinder.tenant_quota_update(request, project_id, **cinder_data)
if api.base.is_service_enabled(request, 'network') and \
api.neutron.is_quotas_extension_supported(request):
neutron_data = dict([(key, data[key])
for key in quotas.NEUTRON_QUOTA_FIELDS])
api.neutron.tenant_quota_update(request, project_id,
**neutron_data)
return True
except Exception:
exceptions.handle(
request,
_('Modified project information and '
'members, but unable to modify '
'project quotas.'))
return True
def handle(self, request, data):
project_id = data['project_id']
# update project info
try:
api.tenant_update(request,
tenant_id=project_id,
tenant_name=data['name'],
description=data['description'],
enabled=data['enabled'])
except:
exceptions.handle(request, ignore=True)
return False
# update project members
users_to_modify = 0
try:
available_roles = api.keystone.role_list(request)
project_members = api.keystone.user_list(request,
tenant_id=project_id)
users_to_modify = len(project_members)
for user in project_members:
current_roles = [
role for role in api.roles_for_user(
self.request, user.id, project_id)
]
effective_roles = []
for role in available_roles:
role_list = data["role_" + role.id]
if user.id in role_list:
effective_roles.append(role)
if role not in current_roles:
# user role has changed
api.add_tenant_user_role(request,
tenant_id=project_id,
user_id=user.id,
role_id=role.id)
else:
# user role is unchanged
current_roles.pop(current_roles.index(role))
if user.id == request.user.id and \
project_id == request.user.tenant_id and \
any(x.name == 'admin' for x in current_roles):
# Cannot remove "admin" role on current(admin) project
msg = _('You cannot remove the "admin" role from the '
'project you are currently logged into. Please '
'switch to another project with admin permissions '
'or remove the role manually via the CLI')
messages.warning(request, msg)
else:
# delete user's removed roles
for to_delete in current_roles:
api.remove_tenant_user_role(request,
tenant_id=project_id,
user_id=user.id,
role_id=to_delete.id)
users_to_modify -= 1
# add new roles to project
for role in available_roles:
# count how many users may be added for exception handling
role_list = data["role_" + role.id]
users_to_modify += len(role_list)
for role in available_roles:
role_list = data["role_" + role.id]
users_added = 0
for user_id in role_list:
if not filter(lambda x: user_id == x.id, project_members):
api.add_tenant_user_role(request,
tenant_id=project_id,
user_id=user_id,
role_id=role.id)
users_added += 1
users_to_modify -= users_added
except:
exceptions.handle(
request,
_('Failed to modify %s project members '
'and update project quotas.' % users_to_modify))
return True
# update the project quota
ifcb = data['injected_file_content_bytes']
try:
# TODO(gabriel): Once nova-volume is fully deprecated the
# "volumes" and "gigabytes" quotas should no longer be sent to
# the nova API to be updated anymore.
nova.tenant_quota_update(request,
project_id,
metadata_items=data['metadata_items'],
injected_file_content_bytes=ifcb,
volumes=data['volumes'],
gigabytes=data['gigabytes'],
ram=data['ram'],
floating_ips=data['floating_ips'],
instances=data['instances'],
injected_files=data['injected_files'],
cores=data['cores'])
if is_service_enabled(request, 'volume'):
cinder.tenant_quota_update(request,
project_id,
volumes=data['volumes'],
gigabytes=data['gigabytes'])
return True
except:
exceptions.handle(
request,
_('Modified project information and '
'members, but unable to modify '
'project quotas.'))
return True
def process_step(self, form):
@catalog_views.update_latest_apps
def _update_latest_apps(request, app_id):
LOG.info('Adding {0} application to the'
' latest apps list'.format(app_id))
step_data = self.get_form_step_data(form)
if self.steps.current == 'upload':
import_type = form.cleaned_data['import_type']
data = {}
f = None
base_url = packages_consts.MURANO_REPO_URL
if import_type == 'by_url':
f = form.cleaned_data['url']
elif import_type == 'by_name':
f = muranoclient_utils.to_url(
form.cleaned_data['name'],
path='bundles/',
base_url=base_url,
extension='.bundle',
)
try:
bundle = muranoclient_utils.Bundle.from_file(f)
except Exception as e:
if '(404)' in e.message:
msg = _("Bundle creation failed."
"Reason: Can't find Bundle name from repository.")
else:
msg = _("Bundle creation failed." "Reason: {0}").format(e)
LOG.exception(msg)
messages.error(self.request, msg)
raise exceptions.Http302(
reverse('horizon:app-catalog:packages:index'))
for package_spec in bundle.package_specs():
try:
package = muranoclient_utils.Package.from_location(
package_spec['Name'],
version=package_spec.get('Version'),
url=package_spec.get('Url'),
base_url=base_url,
path=None,
)
except Exception as e:
msg = _("Error {0} occurred while parsing package {1}")\
.format(e, package_spec.get('Name'))
messages.error(self.request, msg)
LOG.exception(msg)
continue
reqs = package.requirements(base_url=base_url)
for dep_name, dep_package in six.iteritems(reqs):
_ensure_images(dep_name, dep_package, self.request)
try:
files = {dep_name: dep_package.file()}
package = api.muranoclient(
self.request).packages.create(data, files)
messages.success(
self.request,
_('Package {0} uploaded').format(dep_name))
_update_latest_apps(request=self.request,
app_id=package.id)
except exc.HTTPConflict:
msg = _("Package {0} already registered.").format(
dep_name)
messages.warning(self.request, msg)
LOG.exception(msg)
except exc.HTTPException as e:
reason = muranodashboard_utils.parse_api_error(
getattr(e, 'details', ''))
if not reason:
raise
msg = _("Package {0} upload failed. {1}").format(
dep_name, reason)
messages.warning(self.request, msg)
LOG.exception(msg)
except Exception as e:
msg = _("Importing package {0} failed. "
"Reason: {1}").format(dep_name, e)
messages.warning(self.request, msg)
LOG.exception(msg)
continue
return step_data
def done(self, form_list, **kwargs):
data = self.get_all_cleaned_data()
app_id = self.storage.get_step_data('upload')['package'].id
# Remove package file from result data
for key in ('package', 'import_type', 'url', 'repo_version',
'repo_name'):
del data[key]
dep_pkgs = self.storage.get_step_data('upload').get('dependencies', [])
installed_images = self.storage.get_step_data('upload').get(
'images', [])
redirect = reverse('horizon:app-catalog:packages:index')
dep_data = {'enabled': data['enabled'], 'is_public': data['is_public']}
murano_client = api.muranoclient(self.request)
for dep_pkg in dep_pkgs:
try:
murano_client.packages.update(dep_pkg.id, dep_data)
LOG.debug('Success update for package {0}.'.format(dep_pkg.id))
except Exception as e:
msg = _("Couldn't update package {0} parameters. Error: {1}")\
.format(dep_pkg.fully_qualified_name, e)
LOG.warning(msg)
messages.warning(self.request, msg)
# Images have been imported as private images during the 'upload' step
# If the package is public, make the required images public
if data['is_public']:
try:
glance_client = glance.glanceclient(self.request, '1')
except Exception:
glance_client = None
if glance_client:
for img in installed_images:
try:
glance_client.images.update(img['id'], is_public=True)
LOG.debug('Success update for image {0}'.format(
img['id']))
except Exception as e:
msg = _("Error {0} occurred while setting image {1}, "
"{2} public").format(e, img['name'], img['id'])
messages.error(self.request, msg)
LOG.exception(msg)
elif len(installed_images):
msg = _("Couldn't initialise glance v1 client, "
"therefore could not make the following images "
"public: {0}").format(' '.join(
[img['name'] for img in installed_images]))
messages.warning(self.request, msg)
LOG.warning(msg)
try:
data['tags'] = [t.strip() for t in data['tags'].split(',')]
murano_client.packages.update(app_id, data)
except exc.HTTPForbidden:
msg = _("You are not allowed to change"
" this properties of the package")
LOG.exception(msg)
exceptions.handle(
self.request,
msg,
redirect=reverse('horizon:app-catalog:packages:index'))
except (exc.HTTPException, Exception):
LOG.exception(_('Modifying package failed'))
exceptions.handle(self.request,
_('Unable to modify package'),
redirect=redirect)
else:
msg = _('Package parameters successfully updated.')
LOG.info(msg)
messages.success(self.request, msg)
return http.HttpResponseRedirect(redirect)
def process_step(self, form):
@catalog_views.update_latest_apps
def _update_latest_apps(request, app_id):
LOG.info('Adding {0} application to the'
' latest apps list'.format(app_id))
step_data = self.get_form_step_data(form).copy()
if self.steps.current == 'upload':
import_type = form.cleaned_data['import_type']
data = {}
f = None
base_url = packages_consts.MURANO_REPO_URL
if import_type == 'upload':
pkg = form.cleaned_data['package']
f = pkg.file
elif import_type == 'by_url':
f = form.cleaned_data['url']
elif import_type == 'by_name':
name = form.cleaned_data['repo_name']
version = form.cleaned_data['repo_version']
f = muranoclient_utils.to_url(
name,
version=version,
path='apps/',
extension='.zip',
base_url=base_url,
)
try:
package = muranoclient_utils.Package.from_file(f)
name = package.manifest['FullName']
except Exception as e:
if '(404)' in e.message:
msg = _("Package creation failed."
"Reason: Can't find Package name from repository.")
else:
msg = _("Package creation failed." "Reason: {0}").format(e)
LOG.exception(msg)
messages.error(self.request, msg)
raise exceptions.Http302(
reverse('horizon:app-catalog:packages:index'))
reqs = package.requirements(base_url=base_url)
original_package = reqs.pop(name)
step_data['dependencies'] = []
step_data['images'] = []
for dep_name, dep_package in six.iteritems(reqs):
_ensure_images(dep_name, dep_package, self.request, step_data)
try:
files = {dep_name: dep_package.file()}
package = api.muranoclient(self.request).packages.create(
data, files)
messages.success(
self.request,
_('Package {0} uploaded').format(dep_name))
_update_latest_apps(request=self.request,
app_id=package.id)
step_data['dependencies'].append(package)
except exc.HTTPConflict:
msg = _("Package {0} already registered.").format(dep_name)
messages.warning(self.request, msg)
LOG.exception(msg)
except Exception as e:
msg = _("Error {0} occurred while "
"installing package {1}").format(e, dep_name)
messages.error(self.request, msg)
LOG.exception(msg)
continue
# add main packages images
_ensure_images(name, original_package, self.request, step_data)
# import main package itself
try:
files = {name: original_package.file()}
package = api.muranoclient(self.request).packages.create(
data, files)
messages.success(self.request,
_('Package {0} uploaded').format(name))
_update_latest_apps(request=self.request, app_id=package.id)
step_data['package'] = package
except exc.HTTPConflict:
msg = _("Package with specified name already exists")
LOG.exception(msg)
exceptions.handle(
self.request,
msg,
redirect=reverse('horizon:app-catalog:packages:index'))
except exc.HTTPInternalServerError as e:
self._handle_exception(e)
except exc.HTTPException as e:
reason = muranodashboard_utils.parse_api_error(
getattr(e, 'details', ''))
if not reason:
raise
LOG.exception(reason)
exceptions.handle(
self.request,
reason,
redirect=reverse('horizon:app-catalog:packages:index'))
except Exception as original_e:
self._handle_exception(original_e)
return step_data
def user_update(request, user, **data):
manager = keystoneclient(request, admin=True).users
error = None
if not keystone_can_edit_user():
raise keystone_exceptions.ClientException(405, _("Identity service "
"does not allow editing user data."))
# The v2 API updates user model, password and default project separately
if VERSIONS.active < 3:
password = data.pop('password')
project = data.pop('project')
# Update user details
try:
user = manager.update(user, **data)
except Exception:
error = exceptions.handle(request, ignore=True)
# Update default tenant
try:
user_update_tenant(request, user, project)
user.tenantId = project
except Exception:
error = exceptions.handle(request, ignore=True)
# Check for existing roles
# Show a warning if no role exists for the project
user_roles = roles_for_user(request, user, project)
if not user_roles:
messages.warning(request,
_('User %s has no role defined for '
'that project.')
% data.get('name', None))
# If present, update password
# FIXME(gabriel): password change should be its own form + view
if password:
try:
user_update_password(request, user, password)
if user.id == request.user.id:
return utils.logout_with_message(
request,
_("Password changed. Please log in again to continue.")
)
except Exception:
error = exceptions.handle(request, ignore=True)
if error is not None:
raise error
# v3 API is so much simpler...
else:
if not data['password']:
data.pop('password')
user = manager.update(user, **data)
if data.get('password') and user.id == request.user.id:
return utils.logout_with_message(
request,
_("Password changed. Please log in again to continue.")
)
def user_update(request, user, **data):
manager = keystoneclient(request, admin=True).users
error = None
if not keystone_can_edit_user():
raise keystone_exceptions.ClientException(
405, _("Identity service does not allow editing user data."))
# The v2 API updates user model and default project separately
if VERSIONS.active < 3:
# Update user details
try:
user = manager.update(user, **data)
except keystone_exceptions.Conflict:
raise exceptions.Conflict()
except Exception:
error = exceptions.handle(request, ignore=True)
if "project" in data:
project = data.pop('project')
password = data.pop('password')
# Update default tenant
try:
user_update_tenant(request, user, project)
user.tenantId = project
except Exception:
error = exceptions.handle(request, ignore=True)
# Check for existing roles
# Show a warning if no role exists for the project
user_roles = roles_for_user(request, user, project)
if not user_roles:
messages.warning(
request,
_('User %s has no role defined for '
'that project.') % data.get('name', None))
if password:
email = data.pop('email')
LOG.info("v2 password:%s email:%s" % (password, email))
try:
user_update_password(request, user, password)
if user.id == request.user.id:
return utils.logout_with_message(
request,
_("Password changed. Please log in again to continue."
))
if email:
LOG.info("v2 send email")
send_mail(request, email, password)
except Exception:
error = exceptions.handle(request, ignore=True)
if error is not None:
raise error
# v3 API is so much simpler...
else:
try:
user = manager.update(user, **data)
password = data.pop('password')
if password:
email = data.pop('email')
LOG.info("v3 password:%s email:%s" % (password, email))
try:
user_update_password(request, user, password)
if user.id == request.user.id:
return utils.logout_with_message(
request,
_("Password changed. Please log in again to continue."
))
if email:
LOG.info("v3 send email")
send_mail(request, email, password)
except Exception:
error = exceptions.handle(request, ignore=True)
if error is not None:
raise error
except keystone_exceptions.Conflict:
raise exceptions.Conflict()
def form_valid(self, form):
try:
handled = form.handle(self.request, form.cleaned_data)
except Exception:
handled = None
exceptions.handle(self.request)
if handled:
domain_id = self.kwargs['domain_id']
cache_type = form.cleaned_data['type']
ignore = form.cleaned_data["ignore"]
time = form.cleaned_data["time"]
domain = Domain.objects.get(pk=domain_id)
if domain.status == 'Deployed':
modify = middware.DomainManage()
ret = modify.find(domain.domain_id)
domain_result = ret.getDomain()
cacheBehavior = middware.domainApi.CacheBehavior(
pathPattern=cache_type,
ignoreCacheControl=ignore,
cacheTtl=time)
if domain_result.cacheBehaviors is not None:
domain_class = middware.domainApi.Domain(
domainId=domain.domain_id,
cacheBehaviors=domain_result.cacheBehaviors +
[cacheBehavior])
else:
domain_class = middware.domainApi.Domain(
domainId=domain.domain_id,
cacheBehaviors=[cacheBehavior])
ret = modify.modify(domain_class)
if ret.getMsg() == 'success':
msg = _("modify successfully")
messages.success(self.request, msg)
cache_id = self.kwargs["cache_id"]
cache = CacheRule.objects.get(pk=cache_id)
cache.pathPattern = cache_type
cache.ignoreCacheControl = ignore
cache.cacheTtl = time
cache.save()
# 插入操作日志
Logger(self.request).create(resource_type='CDN',
action_name='Update Cache',
resource_name='CDN',
config=_('Domain: %s') %
domain.domain_name,
status='Success')
else:
messages.error(self.request, ret.getMsg())
# 插入操作日志
Logger(self.request).create(resource_type='CDN',
action_name='Update Cache',
resource_name='CDN',
config=_('Domain: %s') %
domain.domain_name,
status='Error')
redirect_url = self.get_success_url()
return HttpResponseRedirect(redirect_url)
else:
# 插入操作日志
Logger(self.request).create(resource_type='CDN',
action_name='Update Cache',
resource_name='CDN',
config=_('Domain: %s') %
domain.domain_name,
status='Error')
msg = _("%s status is %s, can not do this action") % (
domain.domain_name, _(domain.status))
messages.warning(self.request, msg)
redirect_url = self.get_success_url()
return HttpResponseRedirect(redirect_url)
def handle(self, request, data):
image_id = data.get('image_id', '')
flavor_id = data.get('flavor', '')
source_type = 'docker'
sys_type = ''
architecture = ''
LOG.debug('image_id %s flavor_id %s', image_id, flavor_id)
need_points, check_result = self.pre_auth_user(flavor_id)
if not check_result:
messages.warning(request, _("You Do not have enough points"))
return False
try:
image = api.glance.image_get(request, image_id)
source_type = image.properties.get('hypervisor_type', '')
sys_type = image.properties.get('sys_type', '')
architecture = image.properties.get('architecture', '')
except Exception:
pass
check_vm_result = self.recount_vm(source_type)
if not check_vm_result:
return False
self.create_network()
try:
instance = api.nova.server_create(
request,
self.instance_name,
image_id,
flavor_id,
'',
'', [u'default'],
block_device_mapping=None,
block_device_mapping_v2=None,
nics=self.nics,
availability_zone=self.avail_zone,
instance_count=1,
meta={"SPN": "Cloud"},
admin_pass='',
disk_config='AUTO')
portid = "%(port-id)s_%(ip_addr)s" % {
'port-id': self.port.id,
'ip_addr': self.private_ip
}
api.network.floating_ip_associate(self.request,
self.floating_ip.id, portid)
if not self.request.user.is_superuser:
transaction_user_points.delay(self.request.user.username,
"*****@*****.**",
need_points)
self.set_vpn_account()
self.send_email()
dt = {
"image_id": image_id,
"flavor_id": flavor_id,
"instance_id": instance.id,
"image_name": instance.image_name,
"os_type": instance.image_os_type,
"floating_ip": self.floating_ip.ip,
"private_ip": self.private_ip,
"virtual_type": source_type,
"sys_type": sys_type,
"architecture": architecture,
"use_accelerator": False,
}
add_operation.delay(jsonpickle.encode(request),
jsonpickle.encode(dt))
update_custom_image_data.delay(image_id)
reward_user.delay(image_id)
LOG.debug('dt %s', dt)
messages.success(self.request, self.success_message)
return True
except Exception:
exceptions.handle(request)
return False
def handle(self, request, data):
project_id = data['project_id']
# update project info
try:
api.keystone.tenant_update(request,
tenant_id=project_id,
tenant_name=data['name'],
description=data['description'],
enabled=data['enabled'])
except:
exceptions.handle(request, ignore=True)
return False
# update project members
users_to_modify = 0
try:
available_roles = api.keystone.role_list(request)
project_members = api.keystone.user_list(request,
tenant_id=project_id)
users_to_modify = len(project_members)
for user in project_members:
current_roles = [role for role in
api.keystone.roles_for_user(self.request,
user.id,
project_id)]
effective_roles = []
for role in available_roles:
role_list = data["role_" + role.id]
if user.id in role_list:
effective_roles.append(role)
if role not in current_roles:
# user role has changed
api.keystone.add_tenant_user_role(
request,
tenant_id=project_id,
user_id=user.id,
role_id=role.id)
else:
# user role is unchanged
current_roles.pop(current_roles.index(role))
if user.id == request.user.id and \
project_id == request.user.tenant_id and \
any(x.name == 'admin' for x in current_roles):
# Cannot remove "admin" role on current(admin) project
msg = _('You cannot remove the "admin" role from the '
'project you are currently logged into. Please '
'switch to another project with admin permissions '
'or remove the role manually via the CLI')
messages.warning(request, msg)
else:
# delete user's removed roles
for to_delete in current_roles:
api.keystone.remove_tenant_user_role(
request,
tenant_id=project_id,
user_id=user.id,
role_id=to_delete.id)
users_to_modify -= 1
# add new roles to project
for role in available_roles:
# count how many users may be added for exception handling
role_list = data["role_" + role.id]
users_to_modify += len(role_list)
for role in available_roles:
role_list = data["role_" + role.id]
users_added = 0
for user_id in role_list:
if not filter(lambda x: user_id == x.id, project_members):
api.keystone.add_tenant_user_role(request,
tenant_id=project_id,
user_id=user_id,
role_id=role.id)
users_added += 1
users_to_modify -= users_added
except:
exceptions.handle(request, _('Failed to modify %s project members '
'and update project quotas.'
% users_to_modify))
return True
# update the project quota
nova_data = dict([(key, data[key]) for key in NOVA_QUOTA_FIELDS])
try:
nova.tenant_quota_update(request,
project_id,
**nova_data)
if is_service_enabled(request, 'volume'):
cinder_data = dict([(key, data[key]) for key in
CINDER_QUOTA_FIELDS])
cinder.tenant_quota_update(request,
project_id,
**cinder_data)
return True
except:
exceptions.handle(request, _('Modified project information and '
'members, but unable to modify '
'project quotas.'))
return True
def _update_project_members(self, request, data, project_id):
member_ids = set()
prjadm_ids = set()
prjrole_id = None
result = None
for role in self._get_available_roles(request):
tmp_step = self.get_step(baseWorkflows.PROJECT_USER_MEMBER_SLUG)
field_name = tmp_step.get_member_field_name(role.id)
for tmpid in data[field_name]:
member_ids.add(tmpid)
if role.name == TENANTADMIN_ROLE:
prjadm_ids.add(tmpid)
if role.name == TENANTADMIN_ROLE:
prjrole_id = role.id
with transaction.atomic():
ep_qset = Expiration.objects.filter(project=self.this_project)
disposable_exps = ep_qset.exclude(
registration__userid__in=member_ids)
changed_regs = [x.registration for x in disposable_exps]
rm_email_list = EMail.objects.filter(registration__in=changed_regs)
for item in ep_qset:
if item.registration.userid in member_ids:
member_ids.remove(item.registration.userid)
added_regs = Registration.objects.filter(userid__in=member_ids)
add_email_list = EMail.objects.filter(registration__in=added_regs)
#
# Use per-user expiration date as a fall back
# for expiration date per tenant
#
for item in added_regs:
def_expdate = item.expdate if item.expdate else datetime.now(
) + timedelta(365)
c_args = {
'registration': item,
'project': self.this_project,
'expdate': item.expdate
}
Expiration(**c_args).save()
changed_regs.append(item)
#
# Enable reminders to cloud admin for manually added users
#
RegRequest.objects.filter(registration__in=added_regs,
flowstatus=RSTATUS_REMINDER).update(
flowstatus=RSTATUS_REMINDACK)
#
# Delete expiration for manually removed users
#
disposable_exps.delete()
#
# Remove subscription request for manually added or removed members
#
PrjRequest.objects.filter(registration__in=changed_regs,
project=self.this_project).delete()
#
# Delete and re-create the project admin cache
#
PrjRole.objects.filter(project=self.this_project).delete()
for item in Registration.objects.filter(userid__in=prjadm_ids):
new_prjrole = PrjRole()
new_prjrole.registration = item
new_prjrole.project = self.this_project
new_prjrole.roleid = prjrole_id
new_prjrole.save()
LOG.debug("Re-created prj admin: %s" % item.username)
result = super(ExtUpdateProject, self)._update_project_members(
request, data, project_id)
#
# Notify users, both new and removed
#
for e_item in rm_email_list:
noti_params = {
'username': e_item.registration.username,
'project': self.this_project.projectname
}
notifyUser(request=request,
rcpt=e_item.email,
action=MEMBER_FORCED_RM,
context=noti_params,
dst_project_id=self.this_project.projectid,
dst_user_id=e_item.registration.userid)
for e_item in add_email_list:
noti_params = {
'username': e_item.registration.username,
'project': self.this_project.projectname,
'isadmin': e_item.registration.userid in prjadm_ids
}
notifyUser(request=request,
rcpt=e_item.email,
action=MEMBER_FORCED_ADD,
context=noti_params,
dst_project_id=self.this_project.projectid,
dst_user_id=e_item.registration.userid)
if len(prjadm_ids) == 0:
messages.warning(request,
_("Missing project admin for this project"))
return result
def handle(self, request, data):
# FIXME(gabriel): This should be refactored to use Python's built-in
# sets and do this all in a single "roles to add" and "roles to remove"
# pass instead of the multi-pass thing happening now.
project_id = data['project_id']
# update project info
try:
api.keystone.tenant_update(request,
project_id,
name=data['name'],
description=data['description'],
enabled=data['enabled'])
except:
exceptions.handle(request, ignore=True)
return False
# update project members
users_to_modify = 0
try:
# Get our role options
available_roles = api.keystone.role_list(request)
# Get the users currently associated with this project so we
# can diff against it.
project_members = api.keystone.user_list(request,
project=project_id)
users_to_modify = len(project_members)
for user in project_members:
# Check if there have been any changes in the roles of
# Existing project members.
current_roles = api.keystone.roles_for_user(
self.request, user.id, project_id)
current_role_ids = [role.id for role in current_roles]
for role in available_roles:
# Check if the user is in the list of users with this role.
if user.id in data["role_" + role.id]:
# Add it if necessary
if role.id not in current_role_ids:
# user role has changed
api.keystone.add_tenant_user_role(
request,
project=project_id,
user=user.id,
role=role.id)
else:
# User role is unchanged, so remove it from the
# remaining roles list to avoid removing it later.
index = current_role_ids.index(role.id)
current_role_ids.pop(index)
# Prevent admins from doing stupid things to themselves.
is_current_user = user.id == request.user.id
is_current_project = project_id == request.user.tenant_id
admin_roles = [
role for role in current_roles
if role.name.lower() == 'admin'
]
if len(admin_roles):
removing_admin = any(
[role.id in current_role_ids for role in admin_roles])
else:
removing_admin = False
if is_current_user and is_current_project and removing_admin:
# Cannot remove "admin" role on current(admin) project
msg = _('You cannot revoke your administrative privileges '
'from the project you are currently logged into. '
'Please switch to another project with '
'administrative privileges or remove the '
'administrative role manually via the CLI.')
messages.warning(request, msg)
# Otherwise go through and revoke any removed roles.
else:
for id_to_delete in current_role_ids:
api.keystone.remove_tenant_user_role(
request,
project=project_id,
user=user.id,
role=id_to_delete)
users_to_modify -= 1
# Grant new roles on the project.
for role in available_roles:
# Count how many users may be added for exception handling.
users_to_modify += len(data["role_" + role.id])
for role in available_roles:
users_added = 0
for user_id in data["role_" + role.id]:
if not filter(lambda x: user_id == x.id, project_members):
api.keystone.add_tenant_user_role(request,
project=project_id,
user=user_id,
role=role.id)
users_added += 1
users_to_modify -= users_added
except:
exceptions.handle(
request,
_('Failed to modify %s project members '
'and update project quotas.' % users_to_modify))
return True
# update the project quota
nova_data = dict([(key, data[key]) for key in NOVA_QUOTA_FIELDS])
try:
nova.tenant_quota_update(request, project_id, **nova_data)
if is_service_enabled(request, 'volume'):
cinder_data = dict([(key, data[key])
for key in CINDER_QUOTA_FIELDS])
cinder.tenant_quota_update(request, project_id, **cinder_data)
return True
except:
exceptions.handle(
request,
_('Modified project information and '
'members, but unable to modify '
'project quotas.'))
return True
def handle(self, request, data):
try:
tenant_id = self.request.user.tenant_id
user_name = self.request.user.username
project_name = self.request.user.project_name
domain = Domain.objects.filter(domain_name=data['domain_name'])
# 判断域名是否已添加
if domain:
if domain[0].status != 'deleted':
message = _('%s has created') % data['domain_name']
messages.warning(request, message)
return True
if domain[0].status == 'deleted':
domainId = domain[0].domain_id
domain_api = DomainManage()
domain_api.enable(domainId=domainId)
domain[0].status = 'inProgress'
domain[0].save()
message = _(
'%s has been in database,it will be enable for you'
) % data['domain_name']
messages.success(request, message)
return True
else:
# 添加记费类型
billing_type = CdnBillMethod.objects.get(tenant_id=tenant_id)
domain_name = data['domain_name'].strip()
p = Domain(tenant_id=tenant_id,
user_name=user_name,
project_name=project_name,
domain_name=domain_name,
domain_cname='-',
source_type=data['source_type'],
current_type=billing_type.current_type,
update_type=billing_type.update_type,
update_at=billing_type.update_at,
effect_at=billing_type.effect_at)
p.save()
if data['source_type'] == 'ip':
for i in data['origin_config_a'].strip('\r\n').split(
'\r\n'):
o = p.sourceaddress_set.create(source_address=i)
o.save()
else:
o = p.sourceaddress_set.create(
source_address=data['origin_config_b'])
o.save()
# 插入操作日志
api.logger.Logger(self.request).create(
resource_type='CDN',
action_name='Create Domain Name',
resource_name='CDN',
config=_('Domain: %s') % data['domain_name'],
status='Success')
# 将domain_name和随机生成的uuid绑定存储到memcache中,为域名鉴权提供依据
set_memcache_value(str(data['domain_name']), str(uuid.uuid4()))
message = _(
'Domain %s was successfully created') % data['domain_name']
messages.success(request, message)
return data['domain_name']
except exceptions:
# 插入操作日志
api.logger.Logger(self.request).create(
resource_type='CDN',
action_name='Create Domain Name',
resource_name='CDN',
config=_('Domain: %s') % data['domain_name'],
status='Error')
msg = _('Failed to create Domain %s') % data['name']
redirect = self.failure_url
exceptions.handle(request, msg, redirect=redirect)
return False
def __init__(self, request, *args, **kwargs):
super(CreateNetwork, self).__init__(request, *args, **kwargs)
tenant_choices = [('', _("Select a project"))]
tenants, has_more = api.keystone.tenant_list(request)
for tenant in tenants:
if tenant.enabled:
tenant_choices.append((tenant.id, tenant.name))
self.fields['tenant_id'].choices = tenant_choices
try:
is_extension_supported = \
api.neutron.is_extension_supported(request, 'provider')
except Exception:
msg = _("Unable to verify Neutron service providers")
exceptions.handle(self.request, msg)
self._hide_provider_network_type()
is_extension_supported = False
if is_extension_supported:
neutron_settings = getattr(settings, 'OPENSTACK_NEUTRON_NETWORK',
{})
self.seg_id_range = SEGMENTATION_ID_RANGE.copy()
seg_id_range = neutron_settings.get('segmentation_id_range')
if seg_id_range:
self.seg_id_range.update(seg_id_range)
self.provider_types = PROVIDER_TYPES.copy()
extra_provider_types = neutron_settings.get('extra_provider_types')
if extra_provider_types:
self.provider_types.update(extra_provider_types)
self.nettypes_with_seg_id = [
net_type for net_type in self.provider_types
if self.provider_types[net_type]['require_segmentation_id']
]
self.nettypes_with_physnet = [
net_type for net_type in self.provider_types
if self.provider_types[net_type]['require_physical_network']
]
supported_provider_types = neutron_settings.get(
'supported_provider_types', DEFAULT_PROVIDER_TYPES)
if supported_provider_types == ['*']:
supported_provider_types = DEFAULT_PROVIDER_TYPES
undefined_provider_types = [
net_type for net_type in supported_provider_types
if net_type not in self.provider_types
]
if undefined_provider_types:
LOG.error('Undefined provider network types are found: %s',
undefined_provider_types)
seg_id_help = [
_("For %(type)s networks, valid IDs are %(min)s to %(max)s.") %
{
'type': net_type,
'min': self.seg_id_range[net_type][0],
'max': self.seg_id_range[net_type][1]
} for net_type in self.nettypes_with_seg_id
]
self.fields['segmentation_id'].help_text = ' '.join(seg_id_help)
# Register network types which require segmentation ID
attrs = dict(
('data-network_type-%s' % network_type, _('Segmentation ID'))
for network_type in self.nettypes_with_seg_id)
self.fields['segmentation_id'].widget.attrs.update(attrs)
physical_networks = getattr(settings, 'OPENSTACK_NEUTRON_NETWORK',
{}).get('physical_networks', [])
if physical_networks:
self.fields['physical_network'] = forms.ThemableChoiceField(
label=_("Physical Network"),
choices=[(net, net) for net in physical_networks],
widget=forms.ThemableSelectWidget(
attrs={
'class': 'switched',
'data-switch-on': 'network_type',
}),
help_text=_("The name of the physical network over "
"which the virtual network is implemented."),
)
# Register network types which require physical network
attrs = dict(
('data-network_type-%s' % network_type, _('Physical Network'))
for network_type in self.nettypes_with_physnet)
self.fields['physical_network'].widget.attrs.update(attrs)
network_type_choices = [
(net_type, self.provider_types[net_type]['display_name'])
for net_type in supported_provider_types
]
if not network_type_choices:
self._hide_provider_network_type()
else:
self.fields['network_type'].choices = network_type_choices
try:
if api.neutron.is_extension_supported(request,
'network_availability_zone'):
zones = api.neutron.list_availability_zones(
self.request, 'network', 'available')
self.fields['az_hints'].choices = [(zone['name'], zone['name'])
for zone in zones]
else:
del self.fields['az_hints']
except Exception:
msg = _('Failed to get availability zone list.')
messages.warning(request, msg)
del self.fields['az_hints']
