Exemplo n.º 1
0
    def remove(self, acl, routers, escalation=False):
        """
        Integrated queue only.

        Mark an ACL and associated devices as "removed" (loaded=0). Intended
        for use when performing manual actions on the load queue when
        troubleshooting or addressing errors with automated loads. This leaves
        the items in the database but removes them from the active queue.

        :param acl:
            ACL name

        :param routers:
            List of device names

        :param escalation:
            Whether this is an escalated task
        """
        if not acl:
            raise exceptions.ACLQueueError('You must specify an ACL to remove from the queue')

        m = self.get_model('integrated')
        loaded = 0
        if settings.DATABASE_ENGINE == 'postgresql':
            loaded = '-infinity' # See: http://bit.ly/15f0J3z
        for router in routers:
            m.update(loaded=loaded).where(m.acl == acl, m.router == router,
                                          m.loaded >> None).execute()

        self.vprint('Marked the following devices as removed for ACL %s: ' % acl)
        self.vprint(', '.join(routers))
Exemplo n.º 2
0
    def delete(self, acl, routers=None, escalation=False):
        """
        Delete an ACL from the firewall database queue.

        Attempts to delete from integrated queue. If ACL test fails
        or if routers are not specified, the item is deleted from manual queue.

        :param acl:
            ACL name

        :param routers:
            List of device names. If this is ommitted, the manual queue is used.

        :param escalation:
            Whether this is an escalated task
        """
        if not acl:
            raise exceptions.ACLQueueError(
                'You must specify an ACL to delete from the queue')

        escalation, acl = self._normalize(acl)
        m = self.get_model('integrated')

        if routers is not None:
            devs = routers
        else:
            self.vprint('Fetching routers from database')
            result = m.select(m.router).distinct().where(
                m.acl == acl, m.loaded >> None).order_by(m.router)
            rows = result.tuples()
            devs = [row[0] for row in rows]

        if devs:
            for dev in devs:
                m.delete().where(m.acl == acl, m.router == dev,
                                 m.loaded >> None).execute()

            self.vprint('ACL %s cleared from integrated load queue for %s' %
                        (acl, ', '.join(dev[:dev.find('.')] for dev in devs)))
            return True

        else:
            m = self.get_model('manual')
            if m.delete().where(m.q_name == acl, m.done == False).execute():
                self.vprint('%r cleared from manual load queue' % acl)
                return True

        self.vprint('%r not found in any queues' % acl)
        return False
Exemplo n.º 3
0
    def insert(self, acl, routers, escalation=False):
        """
        Insert an ACL and associated devices into the ACL load queue.

        Attempts to insert into integrated queue. If ACL test fails, then
        item is inserted into manual queue.

        :param acl:
            ACL name

        :param routers:
            List of device names

        :param escalation:
            Whether this is an escalated task
        """
        if not acl:
            raise exceptions.ACLQueueError(
                'You must specify an ACL to insert into the queue')
        if not routers:
            routers = []

        escalation, acl = self._normalize(acl)
        if routers:
            for router in routers:
                try:
                    dev = self.nd.find(router)
                except KeyError:
                    msg = 'Could not find device %s' % router
                    raise exceptions.TriggerError(msg)

                if acl not in dev.acls:
                    msg = "Could not find %s in ACL list for %s" % (acl,
                                                                    router)
                    raise exceptions.TriggerError(msg)

                self.create_task(queue='integrated',
                                 acl=acl,
                                 router=router,
                                 escalation=escalation)

            self.vprint('ACL %s injected into integrated load queue for %s' %
                        (acl, ', '.join(dev[:dev.find('.')]
                                        for dev in routers)))

        else:
            self.create_task(queue='manual', q_name=acl, login=self.login)
            self.vprint('"%s" injected into manual load queue' % acl)