def get(self, service_uuid): try: token = request.headers.get('token') token_ret = token_auth(token) except Exception, e: log.error('Token check error, reason=%s' % e) return request_result(201)
def broad_for(cls): try: token = request.headers.get('token') token_ret = token_auth(token) except Exception, e: log.error('Token check error, reason=%s' % e) return json.dumps(request_result(201))
def monitor_for(cls, pod_name, rtype): try: token = request.headers.get('token') token_ret = token_auth(token) except Exception, e: log.error('Token check error, reason=%s' % e) return json.dumps(request_result(201))
def get(self): try: token = request.headers.get('token') token_ret = token_auth(token) log.info('admin token check result is: %s' % token_ret) except Exception, e: log.error('Token check error, reason=%s' % e) return request_result(201)
def put(self, alarm_uuid): log.info('111111111----') try: token = request.headers.get('token') token_ret = token_auth(token) except Exception, e: log.error('Token check error, reason=%s' % e) return request_result(201)
def get(self): parameters = dict() try: token = request.headers.get('token') token_ret = token_auth(token) except Exception, e: log.error('Token check error, reason=%s' % e) return json.dumps(request_result(201))
def put(self, certify_uuid): try: token = request.headers.get('token') token_ret = token_auth(token) source_ip = request.headers.get('X-Real-IP') if source_ip is None: source_ip = request.remote_addr except Exception, e: log.error('Token check error, reason=%s' % e) return request_result(201)
def cloudhost_list(self, context, parameters): try: user_info = token_auth(context['token'])['result'] user_uuid = user_info.get('user_uuid') team_uuid = user_info.get('team_uuid') team_priv = user_info.get('team_priv') project_uuid = user_info.get('project_uuid') project_priv = user_info.get('project_priv') except Exception, e: log.warning('parameters error, context=%s, ' 'parameters=%s, reason=%s' % (context, parameters, e)) return request_result(101)
def _aclauth(*args, **kwargs): func_args = inspect.getcallargs(func, *args, **kwargs) context = func_args.get('context') token = context['token'] resource_uuid = context['resource_uuid'] action = context['action'] user_info = token_auth(token)['result'] user_uuid = user_info['user_uuid'] team_uuid = user_info['team_uuid'] team_priv = user_info['team_priv'] project_uuid = user_info['project_uuid'] project_priv = user_info['project_priv'] context = "%s%s%s%s%s%s%s" % (user_uuid, team_uuid, team_priv, project_uuid, project_priv, resource_uuid, action) log.debug('start ack check, context=%s' % (context)) acl_info = caches.get(context) if (acl_info is LocalCache.notFound): log.debug('Cache acl not hit, context=%s' % (context)) auth_manager = AuthManager() ret = auth_manager.resource_acl_check( user_uuid, team_uuid, team_priv, project_uuid, project_priv, resource_uuid, action) expire = int(time.time()) + 300 caches.set(context, {"acl_check": ret, "expire": expire}) log.debug('Cached acl check, context=%s' % (context)) else: log.debug('Cache acl hit, context=%s' % (context)) ret = acl_info['acl_check'] log.debug('ack check result=%s' % (ret)) if ret == 0: return func(*args, **kwargs) else: log.warning('Resource acl auth denied: user_uuid = %s, \ team_uuid=%s, team_priv=%s, project_uuid=%s, \ project_priv=%s, resource_uuid=%s, action=%s' % (user_uuid, team_uuid, team_priv, project_uuid, project_priv, resource_uuid, action)) return request_result(202)
def __aclauth(*args, **kwargs): func_args = inspect.getcallargs(func, *args, **kwargs) context = func_args.get('context') token = context['token'] resource_uuid = context['resource_uuid'] action = context['action'] user_info = token_auth(token)['result'] user_uuid = user_info['user_uuid'] team_uuid = user_info['team_uuid'] team_priv = user_info['team_priv'] project_uuid = user_info['project_uuid'] project_priv = user_info['project_priv'] context = "%s%s%s%s%s%s%s" % (user_uuid, team_uuid, team_priv, project_uuid, project_priv, resource_uuid, action) log.debug('start ack check, context=%s' % (context)) acl_info = caches.get(context) if (acl_info is LocalCache.notFound): log.debug('Cache acl not hit, context=%s' % (context)) auth_manager = AuthManager(service_name) ret = auth_manager.resource_acl_check( user_uuid, team_uuid, team_priv, project_uuid, project_priv, resource_uuid, action) expire = int(time.time()) + 300 caches.set(context, {"acl_check": ret, "expire": expire}) log.debug('Cached acl check, context=%s' % (context)) else: log.debug('Cache acl hit, context=%s' % (context)) ret = acl_info['acl_check'] log.debug('ack check result=%s' % (ret)) if ret == 0: try: return func(*args, **kwargs) except Exception, e: log.error('function(%s) exec error, reason = %s' % (func.__name__, e)) return request_result(999)
def snapshot_create(self, context, parameters): try: token = context['token'] source_ip = context.get('source_ip') user_info = token_auth(context['token'])['result'] user_uuid = user_info.get('user_uuid') team_uuid = user_info.get('team_uuid') project_uuid = user_info.get('project_uuid') cloudhost_uuid = parameters.get('cloudhost_uuid') snapshot_name = parameters.get('snapshot') comment = parameters.get('comment') cloudhost_uuid = parameter_check(cloudhost_uuid, ptype='pstr') snapshot_name = parameter_check(snapshot_name, ptype='pnam') except Exception, e: log.warning('parameters error, context=%s, ' 'parameters=%s, reason=%s' % (context, parameters, e)) return request_result(101)
def __reslmt(*args, **kwargs): try: func_args = inspect.getcallargs(func, *args, **kwargs) token = func_args.get('token') cost = func_args.get('cost') user_info = token_auth(token)['result'] team_uuid = user_info.get('team_uuid') project_uuid = user_info.get('project_uuid') user_uuid = user_info.get('user_uuid') if user_uuid != 'sysadmin': limit_info = billing_limit_check(token, resource_type, cost) balance_check = limit_info['result']['balance_check'] if int(balance_check) != 0: log.warning('Limit check denied, not enough balance') return request_result(302) limit_check = limit_info['result']['limit_check'] res_db = resources_db.ResourcesDB() resource_count = res_db.resource_count( resource_type, team_uuid, project_uuid, user_uuid) log.debug('billing_limit_check=%s, resource_count=%s' % (limit_check, resource_count)) if int(resource_count) >= int(limit_check): log.warning( 'Limit check denied, Team(%s) resource(%s) ' 'reach upper limit' % (team_uuid, resource_type)) return request_result(303) try: return func(*args, **kwargs) except Exception, e: log.error('function(%s) exec error, reason = %s' % (func.__name__, e)) return request_result(601) except Exception, e: log.error('Limit check error, reason=%s' % (e)) return request_result(303)
def cloudhost_create(self, context, parameters=None): try: token = context['token'] source_ip = context.get('source_ip') user_info = token_auth(context['token'])['result'] user_uuid = user_info.get('user_uuid') team_uuid = user_info.get('team_uuid') project_uuid = user_info.get('project_uuid') availzone_uuid = parameters.get('availzone_uuid') image_uuid = parameters.get('image_uuid') vm_name = parameters.get('vm_name') vm_cpu = parameters.get('vm_cpu') vm_mem = parameters.get('vm_mem') disk_list = parameters.get('disk_list') nic_list = parameters.get('nic_list') password = parameters.get('password') cost = parameters.get('cost') availzone_uuid = parameter_check(availzone_uuid, ptype='pstr') image_uuid = parameter_check(image_uuid, ptype='pstr') vm_name = parameter_check(vm_name, ptype='pnam') vm_cpu = parameter_check(vm_cpu, ptype='pint') vm_mem = parameter_check(vm_mem, ptype='pint') password = parameter_check(password, ptype='ppwd') if self.billing_check is True: cost = parameter_check(cost, ptype='pflt') if float(cost) < 0: raise (Exception('Parameter cost error, ' 'cost must greater than 0')) else: cost = parameter_check(cost, ptype='pflt', exist='no') except Exception, e: log.warning('parameters error, context=%s, ' 'parameters=%s, reason=%s' % (context, parameters, e)) return request_result(101)