def show(self, request, environment_id, session_id):
LOG.debug(_('Session:Show <SessionId: {0}>').format(session_id))
unit = db_session.get_session()
session = unit.query(models.Session).get(session_id)
if session is None:
LOG.error(_('Session <SessionId {0}> '
'is not found').format(session_id))
raise exc.HTTPNotFound()
if session.environment_id != environment_id:
LOG.error(_('Session <SessionId {0}> is not tied with Environment '
'<EnvId {1}>').format(session_id, environment_id))
raise exc.HTTPNotFound()
user_id = request.context.user
if session.user_id != user_id:
LOG.error(_('User <UserId {0}> is not authorized to access session'
'<SessionId {1}>.').format(user_id, session_id))
raise exc.HTTPUnauthorized()
if not sessions.SessionServices.validate(session):
LOG.error(_('Session <SessionId {0}> '
'is invalid').format(session_id))
raise exc.HTTPForbidden()
return session.to_dict()
def configure(self, request, environment_id):
LOG.debug(_('Session:Configure <EnvId: {0}>').format(environment_id))
unit = db_session.get_session()
environment = unit.query(models.Environment).get(environment_id)
if environment is None:
LOG.info(_('Environment <EnvId {0}> '
'is not found').format(environment_id))
raise exc.HTTPNotFound
if environment.tenant_id != request.context.tenant:
LOG.info(_('User is not authorized to access '
'this tenant resources.'))
raise exc.HTTPUnauthorized
# no new session can be opened if environment has deploying status
env_status = envs.EnvironmentServices.get_status(environment_id)
if env_status == envs.EnvironmentStatus.deploying:
LOG.info(_('Could not open session for environment <EnvId: {0}>,'
'environment has deploying '
'status.').format(environment_id))
raise exc.HTTPForbidden()
user_id = request.context.user
session = sessions.SessionServices.create(environment_id, user_id)
return session.to_dict()
def deploy(self, request, environment_id, session_id):
LOG.debug(_('Session:Deploy <SessionId: {0}>').format(session_id))
unit = db_session.get_session()
session = unit.query(models.Session).get(session_id)
if session is None:
LOG.error(
_('Session <SessionId {0}> '
'is not found').format(session_id))
raise exc.HTTPNotFound()
if session.environment_id != environment_id:
LOG.error(
_('Session <SessionId {0}> is not tied with Environment '
'<EnvId {1}>').format(session_id, environment_id))
raise exc.HTTPNotFound()
if not sessions.SessionServices.validate(session):
LOG.error(
_('Session <SessionId {0}> '
'is invalid').format(session_id))
raise exc.HTTPForbidden()
if session.state != sessions.SessionState.open:
LOG.error(
_('Session <SessionId {0}> is already deployed or '
'deployment is in progress').format(session_id))
raise exc.HTTPForbidden()
sessions.SessionServices.deploy(session, unit,
request.context.auth_token)
def delete(self, request, environment_id, session_id):
LOG.debug(_('Session:Delete <SessionId: {0}>').format(session_id))
unit = db_session.get_session()
session = unit.query(models.Session).get(session_id)
if session is None:
LOG.error(_('Session <SessionId {0}> '
'is not found').format(session_id))
raise exc.HTTPNotFound()
if session.environment_id != environment_id:
LOG.error(_('Session <SessionId {0}> is not tied with Environment '
'<EnvId {1}>').format(session_id, environment_id))
raise exc.HTTPNotFound()
user_id = request.context.user
if session.user_id != user_id:
LOG.error(_('User <UserId {0}> is not authorized to access session'
'<SessionId {1}>.').format(user_id, session_id))
raise exc.HTTPUnauthorized()
if session.state == sessions.SessionState.deploying:
LOG.error(_('Session <SessionId: {0}> is in deploying state and '
'could not be deleted').format(session_id))
raise exc.HTTPForbidden()
with unit.begin():
unit.delete(session)
return None
def _validate_change(self, change):
change_path = change['path'][0]
change_op = change['op']
allowed_methods = self.allowed_operations.get(change_path)
if not allowed_methods:
msg = _("Attribute '{0}' is invalid").format(change_path)
raise webob.exc.HTTPForbidden(explanation=unicode(msg))
if change_op not in allowed_methods:
msg = _("Method '{method}' is not allowed for a path with name "
"'{name}'. Allowed operations are: '{ops}'").format(
method=change_op,
name=change_path,
ops=', '.join(allowed_methods))
raise webob.exc.HTTPForbidden(explanation=unicode(msg))
property_to_update = {change_path: change['value']}
try:
jsonschema.validate(property_to_update, schemas.PKG_UPDATE_SCHEMA)
except jsonschema.ValidationError as e:
LOG.exception(e)
raise webob.exc.HTTPBadRequest(explanation=e.message)
def show(self, request, environment_id):
LOG.debug(_('Environments:Show <Id: {0}>').format(environment_id))
session = db_session.get_session()
environment = session.query(models.Environment).get(environment_id)
if environment is None:
LOG.info(_('Environment <EnvId {0}> is not found').format(
environment_id))
raise exc.HTTPNotFound
if environment.tenant_id != request.context.tenant:
LOG.info(_('User is not authorized to access '
'this tenant resources.'))
raise exc.HTTPUnauthorized
env = environment.to_dict()
env['status'] = envs.EnvironmentServices.get_status(env['id'])
session_id = None
if hasattr(request, 'context') and request.context.session:
session_id = request.context.session
#add services to env
get_data = core_services.CoreServices.get_data
env['services'] = get_data(environment_id, '/services', session_id)
return env
def show(self, request, environment_id, session_id):
LOG.debug(_('Session:Show <SessionId: {0}>').format(session_id))
unit = db_session.get_session()
session = unit.query(models.Session).get(session_id)
if session is None:
LOG.error(
_('Session <SessionId {0}> '
'is not found').format(session_id))
raise exc.HTTPNotFound()
if session.environment_id != environment_id:
LOG.error(
_('Session <SessionId {0}> is not tied with Environment '
'<EnvId {1}>').format(session_id, environment_id))
raise exc.HTTPNotFound()
user_id = request.context.user
if session.user_id != user_id:
LOG.error(
_('User <UserId {0}> is not authorized to access session'
'<SessionId {1}>.').format(user_id, session_id))
raise exc.HTTPUnauthorized()
if not sessions.SessionServices.validate(session):
LOG.error(
_('Session <SessionId {0}> '
'is invalid').format(session_id))
raise exc.HTTPForbidden()
return session.to_dict()
def configure(self, request, environment_id):
LOG.debug(_('Session:Configure <EnvId: {0}>').format(environment_id))
unit = db_session.get_session()
environment = unit.query(models.Environment).get(environment_id)
if environment is None:
LOG.info(
_('Environment <EnvId {0}> '
'is not found').format(environment_id))
raise exc.HTTPNotFound
if environment.tenant_id != request.context.tenant:
LOG.info(
_('User is not authorized to access '
'this tenant resources.'))
raise exc.HTTPUnauthorized
# no new session can be opened if environment has deploying status
env_status = envs.EnvironmentServices.get_status(environment_id)
if env_status == envs.EnvironmentStatus.deploying:
LOG.info(
_('Could not open session for environment <EnvId: {0}>,'
'environment has deploying '
'status.').format(environment_id))
raise exc.HTTPForbidden()
user_id = request.context.user
session = sessions.SessionServices.create(environment_id, user_id)
return session.to_dict()
def delete(self, request, environment_id, session_id):
LOG.debug(_('Session:Delete <SessionId: {0}>').format(session_id))
unit = db_session.get_session()
session = unit.query(models.Session).get(session_id)
if session is None:
LOG.error(
_('Session <SessionId {0}> '
'is not found').format(session_id))
raise exc.HTTPNotFound()
if session.environment_id != environment_id:
LOG.error(
_('Session <SessionId {0}> is not tied with Environment '
'<EnvId {1}>').format(session_id, environment_id))
raise exc.HTTPNotFound()
user_id = request.context.user
if session.user_id != user_id:
LOG.error(
_('User <UserId {0}> is not authorized to access session'
'<SessionId {1}>.').format(user_id, session_id))
raise exc.HTTPUnauthorized()
if session.state == sessions.SessionState.deploying:
LOG.error(
_('Session <SessionId: {0}> is in deploying state and '
'could not be deleted').format(session_id))
raise exc.HTTPForbidden()
with unit.begin():
unit.delete(session)
return None
def __inner(self, request, *args, **kwargs):
if hasattr(request, 'context') and not request.context.session:
LOG.info(_('Session is required for this call'))
raise exc.HTTPForbidden()
session_id = request.context.session
unit = db_session.get_session()
session = unit.query(models.Session).get(session_id)
if session is None:
LOG.info(_('Session <SessionId {0}> '
'is not found').format(session_id))
raise exc.HTTPForbidden()
if not sessions.SessionServices.validate(session):
LOG.info(_('Session <SessionId {0}> '
'is invalid').format(session_id))
raise exc.HTTPForbidden()
if session.state == sessions.SessionState.deploying:
LOG.info(_('Session <SessionId {0}> is already in '
'deployment state').format(session_id))
raise exc.HTTPForbidden()
return func(self, request, *args, **kwargs)
def show(self, request, environment_id):
LOG.debug(_('Environments:Show <Id: {0}>').format(environment_id))
session = db_session.get_session()
environment = session.query(models.Environment).get(environment_id)
if environment is None:
LOG.info(
_('Environment <EnvId {0}> is not found').format(
environment_id))
raise exc.HTTPNotFound
if environment.tenant_id != request.context.tenant:
LOG.info(
_('User is not authorized to access '
'this tenant resources.'))
raise exc.HTTPUnauthorized
env = environment.to_dict()
env['status'] = envs.EnvironmentServices.get_status(env['id'])
session_id = None
if hasattr(request, 'context') and request.context.session:
session_id = request.context.session
#add services to env
get_data = core_services.CoreServices.get_data
env['services'] = get_data(environment_id, '/services', session_id)
return env
def deploy(self, request, environment_id, session_id):
LOG.debug(_('Session:Deploy <SessionId: {0}>').format(session_id))
unit = db_session.get_session()
session = unit.query(models.Session).get(session_id)
if session is None:
LOG.error(_('Session <SessionId {0}> '
'is not found').format(session_id))
raise exc.HTTPNotFound()
if session.environment_id != environment_id:
LOG.error(_('Session <SessionId {0}> is not tied with Environment '
'<EnvId {1}>').format(session_id, environment_id))
raise exc.HTTPNotFound()
if not sessions.SessionServices.validate(session):
LOG.error(_('Session <SessionId {0}> '
'is invalid').format(session_id))
raise exc.HTTPForbidden()
if session.state != sessions.SessionState.open:
LOG.error(_('Session <SessionId {0}> is already deployed or '
'deployment is in progress').format(session_id))
raise exc.HTTPForbidden()
sessions.SessionServices.deploy(session,
unit,
request.context.auth_token)
def _from_json(self, datastring):
value = datastring
try:
LOG.debug(_("Trying deserialize '{0}' to json".format(datastring)))
value = jsonutils.loads(datastring)
except ValueError:
LOG.debug(_("Unable deserialize to json, using raw text"))
return value
def process_result(context, result):
secure_result = token_sanitizer.TokenSanitizer().sanitize(result)
LOG.debug(_('Got result from orchestration '
'engine:\n{0}').format(secure_result))
result_id = result['Objects']['?']['id']
if 'deleted' in result:
LOG.debug(_('Result for environment {0} is dropped. Environment '
'is deleted').format(result_id))
return
unit = session.get_session()
environment = unit.query(models.Environment).get(result_id)
if not environment:
LOG.warning(_('Environment result could not be handled, specified '
'environment was not found in database'))
return
environment.description = result
environment.description['Objects']['services'] = \
environment.description['Objects'].get('applications', [])
del environment.description['Objects']['applications']
environment.networking = result.get('networking', {})
environment.version += 1
environment.save(unit)
#close session
conf_session = unit.query(models.Session).filter_by(
**{'environment_id': environment.id, 'state': 'deploying'}).first()
conf_session.state = 'deployed'
conf_session.save(unit)
#close deployment
deployment = get_last_deployment(unit, environment.id)
deployment.finished = timeutils.utcnow()
num_errors = unit.query(models.Status)\
.filter_by(level='error', deployment_id=deployment.id).count()
num_warnings = unit.query(models.Status)\
.filter_by(level='warning', deployment_id=deployment.id).count()
final_status_text = "Deployment finished"
if num_errors:
final_status_text += " with errors"
elif num_warnings:
final_status_text += " with warnings"
status = models.Status()
status.deployment_id = deployment.id
status.text = final_status_text
status.level = 'info'
deployment.statuses.append(status)
deployment.save(unit)
def verify_and_get_env(db_session, environment_id, request):
environment = db_session.query(models.Environment).get(environment_id)
if not environment:
LOG.info(_('Environment with id {0} not found').format(environment_id))
raise exc.HTTPNotFound
if environment.tenant_id != request.context.tenant:
LOG.info(_('User is not authorized to access this tenant resources.'))
raise exc.HTTPUnauthorized
return environment
def verify_and_get_deployment(db_session, environment_id, deployment_id):
deployment = db_session.query(models.Deployment).get(deployment_id)
if not deployment:
LOG.info(_('Deployment with id {0} not found').format(deployment_id))
raise exc.HTTPNotFound
if deployment.environment_id != environment_id:
LOG.info(
_('Deployment with id {0} not found'
' in environment {1}').format(deployment_id, environment_id))
raise exc.HTTPBadRequest
_patch_description(deployment.description)
return deployment
def _get_not_supported_column(col_name_col_instance, column_name):
try:
column = col_name_col_instance[column_name]
except KeyError:
msg = _("Please specify column %s in col_name_col_instance "
"param. It is required because column has unsupported "
"type by sqlite).")
raise ColumnError(msg % column_name)
if not isinstance(column, Column):
msg = _("col_name_col_instance param has wrong type of "
"column instance for column %s It should be instance "
"of sqlalchemy.Column.")
raise ColumnError(msg % column_name)
return column
def _get_not_supported_column(col_name_col_instance, column_name):
try:
column = col_name_col_instance[column_name]
except KeyError:
msg = _("Please specify column %s in col_name_col_instance "
"param. It is required because column has unsupported "
"type by sqlite).")
raise ColumnError(msg % column_name)
if not isinstance(column, Column):
msg = _("col_name_col_instance param has wrong type of "
"column instance for column %s It should be instance "
"of sqlalchemy.Column.")
raise ColumnError(msg % column_name)
return column
def __inner(self, request, environment_id, *args, **kwargs):
unit = db_session.get_session()
environment = unit.query(models.Environment).get(environment_id)
if environment is None:
LOG.info(_("Environment with id '{0}'"
" not found").format(environment_id))
raise exc.HTTPNotFound()
if hasattr(request, 'context'):
if environment.tenant_id != request.context.tenant:
LOG.info(_('User is not authorized to access'
' this tenant resources'))
raise exc.HTTPUnauthorized()
return func(self, request, environment_id, *args, **kwargs)
def _authorize_package(package, context, allow_public=False):
if context.is_admin:
return
if package.owner_id != context.tenant:
if not allow_public:
msg = _("Package '{0}' is not owned by "
"tenant '{1}'").format(package.id, context.tenant)
LOG.error(msg)
raise exc.HTTPForbidden(msg)
if not package.is_public:
msg = _("Package '{0}' is not public and not owned by "
"tenant '{1}' ").format(package.id, context.tenant)
LOG.error(msg)
raise exc.HTTPForbidden(msg)
def _validate_limit(value):
if value is None:
return
try:
value = int(value)
except ValueError:
msg = _("limit param must be an integer")
LOG.error(msg)
raise exc.HTTPBadRequest(explanation=msg)
if value < 0:
msg = _("limit param must be positive")
LOG.error(msg)
raise exc.HTTPBadRequest(explanation=msg)
return value
def deprecated(self, msg, *args, **kwargs):
"""Call this method when a deprecated feature is used.
If the system is configured for fatal deprecations then the message
is logged at the 'critical' level and :class:`DeprecatedConfig` will
be raised.
Otherwise, the message will be logged (once) at the 'warn' level.
:raises: :class:`DeprecatedConfig` if the system is configured for
fatal deprecations.
"""
stdmsg = _("Deprecated: %s") % msg
if CONF.fatal_deprecations:
self.critical(stdmsg, *args, **kwargs)
raise DeprecatedConfig(msg=stdmsg)
# Using a list because a tuple with dict can't be stored in a set.
sent_args = self._deprecated_messages_sent.setdefault(msg, list())
if args in sent_args:
# Already logged this message, so don't log it again.
return
sent_args.append(args)
self.warn(stdmsg, *args, **kwargs)
def db_sync(engine, abs_path, version=None, init_version=0):
"""Upgrade or downgrade a database.
Function runs the upgrade() or downgrade() functions in change scripts.
:param engine: SQLAlchemy engine instance for a given database
:param abs_path: Absolute path to migrate repository.
:param version: Database will upgrade/downgrade until this version.
If None - database will update to the latest
available version.
:param init_version: Initial database version
"""
if version is not None:
try:
version = int(version)
except ValueError:
raise exception.DbMigrationError(
message=_("version should be an integer"))
current_version = db_version(engine, abs_path, init_version)
repository = _find_migrate_repo(abs_path)
_db_schema_sanity_check(engine)
if version is None or version > current_version:
return versioning_api.upgrade(engine, repository, version)
else:
return versioning_api.downgrade(engine, repository, version)
def db_sync(engine, abs_path, version=None, init_version=0):
"""Upgrade or downgrade a database.
Function runs the upgrade() or downgrade() functions in change scripts.
:param engine: SQLAlchemy engine instance for a given database
:param abs_path: Absolute path to migrate repository.
:param version: Database will upgrade/downgrade until this version.
If None - database will update to the latest
available version.
:param init_version: Initial database version
"""
if version is not None:
try:
version = int(version)
except ValueError:
raise exception.DbMigrationError(
message=_("version should be an integer"))
current_version = db_version(engine, abs_path, init_version)
repository = _find_migrate_repo(abs_path)
_db_schema_sanity_check(engine)
if version is None or version > current_version:
return versioning_api.upgrade(engine, repository, version)
else:
return versioning_api.downgrade(engine, repository,
version)
def create(self, request, body):
LOG.debug(_('Environments:Create <Body {0}>').format(body))
environment = envs.EnvironmentServices.create(body.copy(),
request.context.tenant)
return environment.to_dict()
def _check_content_type(req, content_type):
try:
req.get_content_type((content_type,))
except exception.InvalidContentType:
msg = _("Content-Type must be '{0}'").format(content_type)
LOG.error(msg)
raise exc.HTTPBadRequest(explanation=msg)
def create(self, request, body):
LOG.debug(_('Environments:Create <Body {0}>').format(body))
environment = envs.EnvironmentServices.create(body.copy(),
request.context.tenant)
return environment.to_dict()
def acquire(self):
basedir = os.path.dirname(self.fname)
if not os.path.exists(basedir):
fileutils.ensure_tree(basedir)
LOG.info(_LI('Created lock path: %s'), basedir)
self.lockfile = open(self.fname, 'w')
while True:
try:
# Using non-blocking locks since green threads are not
# patched to deal with blocking locking calls.
# Also upon reading the MSDN docs for locking(), it seems
# to have a laughable 10 attempts "blocking" mechanism.
self.trylock()
LOG.debug('Got file lock "%s"', self.fname)
return True
except IOError as e:
if e.errno in (errno.EACCES, errno.EAGAIN):
# external locks synchronise things like iptables
# updates - give it some time to prevent busy spinning
time.sleep(0.01)
else:
raise threading.ThreadError(_("Unable to acquire lock on"
" `%(filename)s` due to"
" %(exception)s") %
{
'filename': self.fname,
'exception': e,
})
def acquire(self):
basedir = os.path.dirname(self.fname)
if not os.path.exists(basedir):
fileutils.ensure_tree(basedir)
LOG.info(_LI('Created lock path: %s'), basedir)
self.lockfile = open(self.fname, 'w')
while True:
try:
# Using non-blocking locks since green threads are not
# patched to deal with blocking locking calls.
# Also upon reading the MSDN docs for locking(), it seems
# to have a laughable 10 attempts "blocking" mechanism.
self.trylock()
LOG.debug('Got file lock "%s"', self.fname)
return True
except IOError as e:
if e.errno in (errno.EACCES, errno.EAGAIN):
# external locks synchronise things like iptables
# updates - give it some time to prevent busy spinning
time.sleep(0.01)
else:
raise threading.ThreadError(
_("Unable to acquire lock on"
" `%(filename)s` due to"
" %(exception)s") % {
'filename': self.fname,
'exception': e,
})
def untrack_instance(payload):
LOG.debug(_('Got untrack instance request from orchestration '
'engine:\n{0}').format(payload))
instance_id = payload['instance']
environment_id = payload['environment']
instances.InstanceStatsServices.destroy_instance(
instance_id, environment_id)
def untrack_instance(payload):
LOG.debug(
_('Got untrack instance request from orchestration '
'engine:\n{0}').format(payload))
instance_id = payload['instance']
environment_id = payload['environment']
instances.InstanceStatsServices.destroy_instance(instance_id,
environment_id)
def _wrap(*args, **kw):
try:
return f(*args, **kw)
except Exception as e:
if not isinstance(e, Error):
logging.exception(_('Uncaught exception'))
raise Error(str(e))
raise
def _read_deleted_filter(query, db_model, read_deleted):
if 'deleted' not in db_model.__table__.columns:
raise ValueError(
_("There is no `deleted` column in `%s` table. "
"Project doesn't use soft-deleted feature.") % db_model.__name__)
default_deleted_value = db_model.__table__.c.deleted.default.arg
if read_deleted == 'no':
query = query.filter(db_model.deleted == default_deleted_value)
elif read_deleted == 'yes':
pass # omit the filter to include deleted and active
elif read_deleted == 'only':
query = query.filter(db_model.deleted != default_deleted_value)
else:
raise ValueError(
_("Unrecognized read_deleted value '%s'") % read_deleted)
return query
def _package_get(package_id, session):
package = session.query(models.Package).get(package_id)
if not package:
msg = _("Package id '{0}' is not found").format(package_id)
LOG.error(msg)
raise exc.HTTPNotFound(msg)
return package
def _wrap(*args, **kw):
try:
return f(*args, **kw)
except Exception as e:
if not isinstance(e, Error):
logging.exception(_('Uncaught exception'))
raise Error(str(e))
raise
def _read_deleted_filter(query, db_model, read_deleted):
if 'deleted' not in db_model.__table__.columns:
raise ValueError(_("There is no `deleted` column in `%s` table. "
"Project doesn't use soft-deleted feature.")
% db_model.__name__)
default_deleted_value = db_model.__table__.c.deleted.default.arg
if read_deleted == 'no':
query = query.filter(db_model.deleted == default_deleted_value)
elif read_deleted == 'yes':
pass # omit the filter to include deleted and active
elif read_deleted == 'only':
query = query.filter(db_model.deleted != default_deleted_value)
else:
raise ValueError(_("Unrecognized read_deleted value '%s'")
% read_deleted)
return query
def get_for_environment(self, request, environment_id):
LOG.debug(_('EnvironmentStatistics:GetForEnvironment'))
# TODO (stanlagun): Check that caller is authorized to access
# tenant's statistics
return instances.InstanceStatsServices.get_raw_environment_stats(
environment_id)
def get_for_environment(self, request, environment_id):
LOG.debug(_('EnvironmentStatistics:GetForEnvironment'))
# TODO (stanlagun): Check that caller is authorized to access
# tenant's statistics
return instances.InstanceStatsServices.get_raw_environment_stats(
environment_id)
def index(self, request):
LOG.debug(_('Environments:List'))
#Only environments from same tenant as user should be returned
filters = {'tenant_id': request.context.tenant}
environments = envs.EnvironmentServices.get_environments_by(filters)
environments = [env.to_dict() for env in environments]
return {"environments": environments}
def __call__(self, request):
"""WSGI method that controls (de)serialization and method dispatch."""
try:
action, action_args, accept = self.deserialize_request(request)
except exception.InvalidContentType:
msg = _("Unsupported Content-Type")
return webob.exc.HTTPUnsupportedMediaType(explanation=msg)
except exception.MalformedRequestBody:
msg = _("Malformed request body")
return webob.exc.HTTPBadRequest(explanation=msg)
action_result = self.execute_action(action, request, **action_args)
try:
return self.serialize_response(action, action_result, accept)
# return unserializable result (typically a webob exc)
except Exception:
return action_result
def delete(self, request, environment_id):
LOG.debug(_('Environments:Delete <Id: {0}>').format(environment_id))
unit = db_session.get_session()
environment = unit.query(models.Environment).get(environment_id)
if environment is None:
LOG.info(_('Environment <EnvId {0}> '
'is not found').format(environment_id))
raise exc.HTTPNotFound
if environment.tenant_id != request.context.tenant:
LOG.info(_('User is not authorized to access '
'this tenant resources.'))
raise exc.HTTPUnauthorized
envs.EnvironmentServices.delete(environment_id,
request.context.auth_token)
def index(self, request):
LOG.debug(_('Environments:List'))
#Only environments from same tenant as user should be returned
filters = {'tenant_id': request.context.tenant}
environments = envs.EnvironmentServices.get_environments_by(filters)
environments = [env.to_dict() for env in environments]
return {"environments": environments}
def setup_logging():
"""
Sets up the logging options for a log with supplied name
"""
if CONF.log_config:
# Use a logging configuration file for all settings...
if os.path.exists(CONF.log_config):
logging.config.fileConfig(CONF.log_config)
return
else:
raise RuntimeError(
_("Unable to locate specified logging "
"config file: %s" % CONF.log_config))
root_logger = logging.root
if CONF.debug:
root_logger.setLevel(logging.DEBUG)
elif CONF.verbose:
root_logger.setLevel(logging.INFO)
else:
root_logger.setLevel(logging.WARNING)
formatter = logging.Formatter(CONF.log_format, CONF.log_date_format)
if CONF.use_syslog:
try:
facility = getattr(logging.handlers.SysLogHandler,
CONF.syslog_log_facility)
except AttributeError:
raise ValueError(_("Invalid syslog facility"))
handler = logging.handlers.SysLogHandler(address='/dev/log',
facility=facility)
elif CONF.log_file:
logfile = CONF.log_file
if CONF.log_dir:
logfile = os.path.join(CONF.log_dir, logfile)
handler = logging.handlers.WatchedFileHandler(logfile)
else:
handler = logging.StreamHandler(sys.stdout)
handler.setFormatter(formatter)
root_logger.addHandler(handler)
def upload(self, req, body=None):
"""
Upload new file archive for the new package
together with package metadata
"""
_check_content_type(req, 'multipart/form-data')
file_obj, package_meta = _validate_body(body)
try:
jsonschema.validate(package_meta, schemas.PKG_UPLOAD_SCHEMA)
except jsonschema.ValidationError as e:
LOG.exception(e)
raise exc.HTTPBadRequest(explanation=e.message)
with tempfile.NamedTemporaryFile(delete=False) as tempf:
LOG.debug("Storing package archive in a temporary file")
content = file_obj.file.read()
if not content:
msg = _("Uploading file can't be empty")
LOG.error(msg)
raise exc.HTTPBadRequest(msg)
tempf.write(content)
package_meta['archive'] = content
try:
LOG.debug("Deleting package archive temporary file")
pkg_to_upload = app_pkg.load_from_file(tempf.name,
target_dir=None,
drop_dir=True)
except pkg_exc.PackageLoadError as e:
LOG.exception(e)
raise exc.HTTPBadRequest(e)
finally:
os.remove(tempf.name)
# extend dictionary for update db
for k, v in PKG_PARAMS_MAP.iteritems():
if hasattr(pkg_to_upload, k):
package_meta[v] = getattr(pkg_to_upload, k)
try:
package = db_api.package_upload(package_meta, req.context.tenant)
except db_exc.DBDuplicateEntry:
msg = _('Package with specified full name is already registered')
LOG.exception(msg)
raise exc.HTTPServerError(msg)
return package.to_dict()
class Service(service.Service):
"""
Provides a Service API for wsgi servers.
This gives us the ability to launch wsgi servers with the
Launcher classes in service.py.
"""
def __init__(self, application, port,
host='0.0.0.0', backlog=4096, threads=1000):
self.application = application
self._port = port
self._host = host
self._backlog = backlog if backlog else CONF.backlog
super(Service, self).__init__(threads)
def _get_socket(self, host, port, backlog):
# TODO(dims): eventlet's green dns/socket module does not actually
# support IPv6 in getaddrinfo(). We need to get around this in the
# future or monitor upstream for a fix
info = socket.getaddrinfo(host,
port,
socket.AF_UNSPEC,
socket.SOCK_STREAM)[0]
family = info[0]
bind_addr = info[-1]
sock = None
retry_until = time.time() + 30
while not sock and time.time() < retry_until:
try:
sock = eventlet.listen(bind_addr,
backlog=backlog,
family=family)
if sslutils.is_enabled():
sock = sslutils.wrap(sock)
except socket.error, err:
if err.args[0] != errno.EADDRINUSE:
raise
eventlet.sleep(0.1)
if not sock:
raise RuntimeError(_("Could not bind to %(host)s:%(port)s "
"after trying for 30 seconds") %
{'host': host, 'port': port})
sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
# sockets can hang around forever without keepalive
sock.setsockopt(socket.SOL_SOCKET, socket.SO_KEEPALIVE, 1)
# This option isn't available in the OS X version of eventlet
if hasattr(socket, 'TCP_KEEPIDLE'):
sock.setsockopt(socket.IPPROTO_TCP,
socket.TCP_KEEPIDLE,
CONF.tcp_keepidle)
return sock
def _from_xml(self, request):
datastring = request.body
plurals = set(self.metadata.get('plurals', {}))
try:
node = xmlutils.safe_minidom_parse_string(datastring).childNodes[0]
return {node.nodeName: self._from_xml_node(node, plurals)}
except expat.ExpatError:
msg = _("cannot understand XML")
raise exception.MalformedRequestBody(reason=msg)
def setup_logging():
"""
Sets up the logging options for a log with supplied name
"""
if CONF.log_config:
# Use a logging configuration file for all settings...
if os.path.exists(CONF.log_config):
logging.config.fileConfig(CONF.log_config)
return
else:
raise RuntimeError(_("Unable to locate specified logging "
"config file: %s" % CONF.log_config))
root_logger = logging.root
if CONF.debug:
root_logger.setLevel(logging.DEBUG)
elif CONF.verbose:
root_logger.setLevel(logging.INFO)
else:
root_logger.setLevel(logging.WARNING)
formatter = logging.Formatter(CONF.log_format, CONF.log_date_format)
if CONF.use_syslog:
try:
facility = getattr(logging.handlers.SysLogHandler,
CONF.syslog_log_facility)
except AttributeError:
raise ValueError(_("Invalid syslog facility"))
handler = logging.handlers.SysLogHandler(address='/dev/log',
facility=facility)
elif CONF.log_file:
logfile = CONF.log_file
if CONF.log_dir:
logfile = os.path.join(CONF.log_dir, logfile)
handler = logging.handlers.WatchedFileHandler(logfile)
else:
handler = logging.StreamHandler(sys.stdout)
handler.setFormatter(formatter)
root_logger.addHandler(handler)
def model_query(context,
model,
session,
args=None,
project_only=False,
read_deleted=None):
"""Query helper that accounts for context's `read_deleted` field.
:param context: context to query under
:param model: Model to query. Must be a subclass of ModelBase.
:type model: models.ModelBase
:param session: The session to use.
:type session: sqlalchemy.orm.session.Session
:param args: Arguments to query. If None - model is used.
:type args: tuple
:param project_only: If present and context is user-type, then restrict
query to match the context's project_id. If set to
'allow_none', restriction includes project_id = None.
:type project_only: bool
:param read_deleted: If present, overrides context's read_deleted field.
:type read_deleted: bool
Usage:
result = (utils.model_query(context, models.Instance, session=session)
.filter_by(uuid=instance_uuid)
.all())
query = utils.model_query(
context, Node,
session=session,
args=(func.count(Node.id), func.sum(Node.ram))
).filter_by(project_id=project_id)
"""
if not read_deleted:
if hasattr(context, 'read_deleted'):
# NOTE(viktors): some projects use `read_deleted` attribute in
# their contexts instead of `show_deleted`.
read_deleted = context.read_deleted
else:
read_deleted = context.show_deleted
if not issubclass(model, models.ModelBase):
raise TypeError(_("model should be a subclass of ModelBase"))
query = session.query(model) if not args else session.query(*args)
query = _read_deleted_filter(query, model, read_deleted)
query = _project_filter(query, model, context, project_only)
return query
def _validate_body(body):
"""
Check multipart/form-data has two parts: text (which is json string and
should parsed into dictionary in serializer) and file, which stores as
cgi.FieldStorage instance. Also validate file size doesn't exceed
the limit: seek to the end of the file, get the position of EOF and
reset the file position to the beginning
"""
def check_file_size(f):
pkg_size_limit = CONF.package_size_limit * 1024 * 1024
f.seek(0, 2)
size = f.tell()
f.seek(0)
if size > pkg_size_limit:
raise exc.HTTPBadRequest('Uploading file is too large.'
' The limit is {0}'
' Mb'.format(CONF.package_size_limit))
if len(body.keys()) != 2:
msg = _("'multipart/form-data' request body should contain "
"2 parts: json string and zip archive. Current body consist "
"of {0} part(s)").format(len(body.keys()))
LOG.error(msg)
raise exc.HTTPBadRequest(msg)
file_obj = None
package_meta = None
for part in body.values():
if isinstance(part, cgi.FieldStorage):
file_obj = part
check_file_size(file_obj.file)
if isinstance(part, dict):
package_meta = part
if file_obj is None:
msg = _('There is no file package with application description')
LOG.error(msg)
raise exc.HTTPBadRequest(msg)
if package_meta is None:
msg = _('There is no json with meta information about package')
LOG.error(msg)
raise exc.HTTPBadRequest(msg)
return file_obj, package_meta
class LogConfigError(Exception):
message = _('Error loading logging config %(log_config)s: %(err_msg)s')
def __init__(self, log_config, err_msg):
self.log_config = log_config
self.err_msg = err_msg
def __str__(self):
return self.message % dict(log_config=self.log_config,
err_msg=self.err_msg)
