def test_ignored_filtering_options(self): LOG = logging.getLogger('glance.common.utils') with mock.patch.object(LOG, 'debug') as mock_run: self.config(allowed_schemes=['https', 'ftp'], group='import_filtering_opts') self.config(disallowed_schemes=['ftp'], group='import_filtering_opts') self.assertTrue(utils.validate_import_uri("ftp://foo.com")) mock_run.assert_called_once() with mock.patch.object(LOG, 'debug') as mock_run: self.config(allowed_schemes=[], group='import_filtering_opts') self.config(disallowed_schemes=[], group='import_filtering_opts') self.config(allowed_hosts=['example.com', 'foo.com'], group='import_filtering_opts') self.config(disallowed_hosts=['foo.com'], group='import_filtering_opts') self.assertTrue(utils.validate_import_uri("ftp://foo.com")) mock_run.assert_called_once() with mock.patch.object(LOG, 'debug') as mock_run: self.config(allowed_hosts=[], group='import_filtering_opts') self.config(disallowed_hosts=[], group='import_filtering_opts') self.config(allowed_ports=[8080, 8484], group='import_filtering_opts') self.config(disallowed_ports=[8484], group='import_filtering_opts') self.assertTrue(utils.validate_import_uri("ftp://foo.com:8484")) mock_run.assert_called_once()
def test_ignored_filtering_options(self): LOG = logging.getLogger('glance.common.utils') with mock.patch.object(LOG, 'debug') as mock_run: self.config(allowed_schemes=['https', 'ftp'], group='import_filtering_opts') self.config(disallowed_schemes=['ftp'], group='import_filtering_opts') self.assertTrue(utils.validate_import_uri("ftp://foo.com")) mock_run.assert_called_once() with mock.patch.object(LOG, 'debug') as mock_run: self.config(allowed_schemes=[], group='import_filtering_opts') self.config(disallowed_schemes=[], group='import_filtering_opts') self.config(allowed_hosts=['example.com', 'foo.com'], group='import_filtering_opts') self.config(disallowed_hosts=['foo.com'], group='import_filtering_opts') self.assertTrue(utils.validate_import_uri("ftp://foo.com")) mock_run.assert_called_once() with mock.patch.object(LOG, 'debug') as mock_run: self.config(allowed_hosts=[], group='import_filtering_opts') self.config(disallowed_hosts=[], group='import_filtering_opts') self.config(allowed_ports=[8080, 8484], group='import_filtering_opts') self.config(disallowed_ports=[8484], group='import_filtering_opts') self.assertTrue(utils.validate_import_uri("ftp://foo.com:8484")) mock_run.assert_called_once()
def test_validate_import_uri(self): self.assertTrue(utils.validate_import_uri("http://foo.com")) self.config(allowed_schemes=['http'], group='import_filtering_opts') self.config(allowed_hosts=['example.com'], group='import_filtering_opts') self.assertTrue(utils.validate_import_uri("http://example.com")) self.config(allowed_ports=['8080'], group='import_filtering_opts') self.assertTrue(utils.validate_import_uri("http://example.com:8080"))
def test_validate_import_uri(self): self.assertTrue(utils.validate_import_uri("http://foo.com")) self.config(allowed_schemes=['http'], group='import_filtering_opts') self.config(allowed_hosts=['example.com'], group='import_filtering_opts') self.assertTrue(utils.validate_import_uri("http://example.com")) self.config(allowed_ports=['8080'], group='import_filtering_opts') self.assertTrue(utils.validate_import_uri("http://example.com:8080"))
def test_invalid_import_uri(self): self.assertFalse(utils.validate_import_uri("")) self.assertFalse(utils.validate_import_uri("fake_uri")) self.config(disallowed_schemes=['ftp'], group='import_filtering_opts') self.assertFalse(utils.validate_import_uri("ftp://example.com")) self.config(disallowed_hosts=['foo.com'], group='import_filtering_opts') self.assertFalse(utils.validate_import_uri("ftp://foo.com")) self.config(disallowed_ports=['8484'], group='import_filtering_opts') self.assertFalse(utils.validate_import_uri("http://localhost:8484"))
def test_invalid_import_uri(self): self.assertFalse(utils.validate_import_uri("")) self.assertFalse(utils.validate_import_uri("fake_uri")) self.config(disallowed_schemes=['ftp'], group='import_filtering_opts') self.assertFalse(utils.validate_import_uri("ftp://example.com")) self.config(disallowed_hosts=['foo.com'], group='import_filtering_opts') self.assertFalse(utils.validate_import_uri("ftp://foo.com")) self.config(disallowed_ports=['8484'], group='import_filtering_opts') self.assertFalse(utils.validate_import_uri("http://localhost:8484"))
def import_image(self, req, image_id, body): task_factory = self.gateway.get_task_factory(req.context) executor_factory = self.gateway.get_task_executor_factory(req.context) task_repo = self.gateway.get_task_repo(req.context) task_input = {'image_id': image_id, 'import_req': body} import_method = body.get('method').get('name') uri = body.get('method').get('uri') if (import_method == 'web-download' and not utils.validate_import_uri(uri)): LOG.debug("URI for web-download does not pass filtering: %s", uri) msg = (_("URI for web-download does not pass filtering: %s") % uri) raise webob.exc.HTTPBadRequest(explanation=msg) try: import_task = task_factory.new_task(task_type='api_image_import', owner=req.context.owner, task_input=task_input) task_repo.add(import_task) task_executor = executor_factory.new_task_executor(req.context) pool = common.get_thread_pool("tasks_eventlet_pool") pool.spawn_n(import_task.run, task_executor) except exception.Forbidden as e: LOG.debug("User not permitted to create image import task.") raise webob.exc.HTTPForbidden(explanation=e.msg) except exception.Conflict as e: raise webob.exc.HTTPConflict(explanation=e.msg) except exception.InvalidImageStatusTransition as e: raise webob.exc.HTTPConflict(explanation=e.msg) except ValueError as e: LOG.debug("Cannot import data for image %(id)s: %(e)s", {'id': image_id, 'e': encodeutils.exception_to_unicode(e)}) raise webob.exc.HTTPBadRequest( explanation=encodeutils.exception_to_unicode(e)) return image_id
def import_image(self, req, image_id, body): image_repo = self.gateway.get_repo(req.context) task_factory = self.gateway.get_task_factory(req.context) executor_factory = self.gateway.get_task_executor_factory(req.context) task_repo = self.gateway.get_task_repo(req.context) import_method = body.get('method').get('name') uri = body.get('method').get('uri') try: image = image_repo.get(image_id) if image.status == 'active': msg = _("Image with status active cannot be target for import") raise exception.Conflict(msg) if image.status != 'queued' and import_method == 'web-download': msg = _("Image needs to be in 'queued' state to use " "'web-download' method") raise exception.Conflict(msg) if (image.status != 'uploading' and import_method == 'glance-direct'): msg = _("Image needs to be staged before 'glance-direct' " "method can be used") raise exception.Conflict(msg) if not getattr(image, 'container_format', None): msg = _("'container_format' needs to be set before import") raise exception.Conflict(msg) if not getattr(image, 'disk_format', None): msg = _("'disk_format' needs to be set before import") raise exception.Conflict(msg) backend = None if CONF.enabled_backends: backend = req.headers.get('x-image-meta-store', CONF.glance_store.default_backend) try: glance_store.get_store_from_store_identifier(backend) except glance_store.UnknownScheme: msg = _("Store for scheme %s not found") % backend LOG.warn(msg) raise exception.Conflict(msg) except exception.Conflict as e: raise webob.exc.HTTPConflict(explanation=e.msg) except exception.NotFound as e: raise webob.exc.HTTPNotFound(explanation=e.msg) task_input = { 'image_id': image_id, 'import_req': body, 'backend': backend } if (import_method == 'web-download' and not utils.validate_import_uri(uri)): LOG.debug("URI for web-download does not pass filtering: %s", uri) msg = (_("URI for web-download does not pass filtering: %s") % uri) raise webob.exc.HTTPBadRequest(explanation=msg) try: import_task = task_factory.new_task(task_type='api_image_import', owner=req.context.owner, task_input=task_input) task_repo.add(import_task) task_executor = executor_factory.new_task_executor(req.context) pool = common.get_thread_pool("tasks_eventlet_pool") pool.spawn_n(import_task.run, task_executor) except exception.Forbidden as e: LOG.debug("User not permitted to create image import task.") raise webob.exc.HTTPForbidden(explanation=e.msg) except exception.Conflict as e: raise webob.exc.HTTPConflict(explanation=e.msg) except exception.InvalidImageStatusTransition as e: raise webob.exc.HTTPConflict(explanation=e.msg) except ValueError as e: LOG.debug("Cannot import data for image %(id)s: %(e)s", { 'id': image_id, 'e': encodeutils.exception_to_unicode(e) }) raise webob.exc.HTTPBadRequest( explanation=encodeutils.exception_to_unicode(e)) return image_id