def handle_get(self, request, user, *args, **kwargs): """Rollback of the filter URLs: /vip/l7/<id_vip>/rollback/ """ self.log.info('Applies the last working filter to VIP') try: id_vip = kwargs.get('id_vip') # User is authorized if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION): self.log.error( u'User does not have permission to perform the operation.') raise UserNotAuthorizedError(None) # Valid Vip ID if not is_valid_int_greater_zero_param(id_vip): self.log.error( u'The vip_id parameter is not a valid value: %s.', id_vip) raise InvalidValueError(None) # Get VIP data vip = RequisicaoVips.get_by_pk(id_vip) with distributedlock(LOCK_VIP % id_vip): # backup do vip vip_old = clone(vip) # Vip must be created if not vip.vip_criado: self.log.error( u'Filter can not be applied because VIP has not been created yet.' ) raise RequestVipsNotBeenCreatedError(None) # salva data do rollback, rollback para aplicado, passa o # aplicado para l7 vip.applied_l7_datetime = datetime.now().strftime( '%Y-%m-%d %H:%M:%S') # Set Applied With Rollback vip.filter_applied = vip_old.filter_rollback vip.rule_applied = vip_old.rule_rollback # Set Rollback With Applied vip.filter_rollback = vip_old.filter_applied vip.rule_rollback = vip_old.rule_applied vip.save(user, commit=True) # roda script command = 'gerador_vips -i %d --l7_filter_current' % vip.id code, stdout, stderr = exec_script(command) # code 0 = executou com sucesso if code == 0: success_map = dict() success_map['codigo'] = '%04d' % code success_map['descricao'] = { 'stdout': stdout, 'stderr': stderr } map = dict() map['sucesso'] = success_map return self.response(dumps_networkapi(map)) else: # pega os dados anteriores e os salva no banco vip_old.save(user, commit=True) return self.response_error(2, stdout + stderr) except XMLError, x: self.log.error(u'Error reading the XML request.') return self.response_error(3, x)
def handle_put(self, request, user, *args, **kwargs): """ Handles PUT requests to change the VIP's real server. URL: vip/real/edit """ self.log.info("Change VIP's real server") try: # User permission if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION): self.log.error( u'User does not have permission to perform the operation.') raise UserNotAuthorizedError(None) # Commons Validations # Load XML data xml_map, attrs_map = loads( request.raw_post_data, ['real', 'reals_weight', 'reals_priority']) # XML data format networkapi_map = xml_map.get('networkapi') if networkapi_map is None: return self.response_error(3, u'There is no value to the networkapi tag of XML request.') vip_map = networkapi_map.get('vip') if vip_map is None: return self.response_error(3, u'There is no value to the vip tag of XML request.') # Get XML data vip_id = vip_map.get('vip_id') alter_priority = vip_map.get('alter_priority') # Valid VIP ID if not is_valid_int_greater_zero_param(vip_id): self.log.error( u'The vip_id parameter is not a valid value: %s.', vip_id) raise InvalidValueError(None, 'vip_id', vip_id) # Valid Alter Priority if not is_valid_int_greater_equal_zero_param(alter_priority): alter_priority = 0 # Existing Vip ID vip = RequisicaoVips.get_by_pk(vip_id) # Clone vip vip_old = clone(vip) server_pools = ServerPool.objects.filter(vipporttopool__requisicao_vip=vip) server_pools_old = [] server_pools_members_old = [] for sp in server_pools: server_pools_old.append(sp) for spm in sp.serverpoolmember_set.all(): server_pools_members_old.append(spm) # Get variables variables_map = vip.variables_to_map() # Valid variables vip.set_variables(variables_map) # Get balancing method vip_map['metodo_bal'] = str( variables_map.get('metodo_bal')).upper() with distributedlock(LOCK_VIP % vip_id): # Valid real names and real ips of real server if vip_map.get('reals') is not None: evip = EnvironmentVip.get_by_values(variables_map.get( 'finalidade'), variables_map.get('cliente'), variables_map.get('ambiente')) for real in vip_map.get('reals').get('real'): ip_aux_error = real.get('real_ip') equip_aux_error = real.get('real_name') if equip_aux_error is not None: equip = Equipamento.get_by_name(equip_aux_error) else: self.log.error( u'The real_name parameter is not a valid value: None.') raise InvalidValueError(None, 'real_name', 'None') # Valid Real RequisicaoVips.valid_real_server( ip_aux_error, equip, evip, False) # Valid reals_prioritys vip_map, code = vip.valid_values_reals_priority(vip_map) if code is not None: return self.response_error(329) # Valid reals_weight vip_map, code = vip.valid_values_reals_weight(vip_map) if code is not None: return self.response_error(330) # Get variables variables_map = vip.variables_to_map() vip_port_list, reals_list, reals_priority, reals_weight = vip.get_vips_and_reals( vip.id) if reals_list: variables_map['reals'] = {'real': reals_list} variables_map['reals_prioritys'] = { 'reals_priority': reals_priority} variables_map['reals_weights'] = { 'reals_weight': reals_weight} variables_map['portas_servicos'] = {'porta': vip_port_list} # clone variables_map variables_map_old = clone(variables_map) # Valid ports variables_map, code = vip.valid_values_ports(variables_map) if code is not None: return self.response_error(331) """ OLD CALLS - Deprecated """ vip_ports_pool = VipPortToPool.objects.filter( requisicao_vip=vip) reals = vip_map.get('reals') new_call = True if reals and 'port_real' not in reals['real'][0]: new_call = False reals_prioritys = vip_map.get('reals_prioritys') reals_weights = dict() if 'reals_weights' in vip_map: reals_weights = vip_map.get('reals_weights') reals_aux = dict() reals_prioritys_aux = dict() reals_weight_aux = dict() reals_aux['real'] = list() reals_prioritys_aux['reals_priority'] = list() reals_weight_aux['reals_weight'] = list() repeat = ( len(vip_ports_pool) * len(reals['real'])) / len(reals['real']) execute_list = list() for x in range(repeat): execute_list.append((x + 1) * len(reals['real'])) for i in range(len(reals['real'])): for vippp in vip_ports_pool: reals_prioritys_aux['reals_priority'].append( reals_prioritys['reals_priority'][i]) if 'reals_weight' in reals_weights: reals_weight_aux['reals_weight'].append( reals_weights['reals_weight'][i]) server_pool = ServerPool.objects.get( vipporttopool__id=vippp.id, vipporttopool__requisicao_vip=vip) if 'id_ip' not in reals['real'][i]: id_ip = get_id_ip(reals['real'][i]) else: id_ip = reals['real'][i]['id_ip'] reals_aux['real'].append({'id_ip': id_ip, 'port_real': server_pool.default_port, 'real_name': reals[ 'real'][i]['real_name'], 'port_vip': vippp.port_vip, u'real_ip': reals['real'][i]['real_ip']}) vip_map['reals_prioritys'] = reals_prioritys_aux vip_map['reals_weights'] = reals_weight_aux vip_map['reals'] = reals_aux """ OLD CALLS - END """ # Check diff reals (reals_to_add, reals_to_rem, reals_to_stay) reals_to_add, reals_to_rem, reals_to_stay = diff_reals( variables_map, vip_map) reals_final = dict() reals_final['reals'] = list() reals_final['priorities'] = list() reals_final['weights'] = list() reals_error = list() removes = True error = False ############################################## # NOT MODIFIED - reals_to_stay # ############################################## for i in range(len(reals_to_stay['reals'])): real, priority, weight, id_ip, port_vip, port_real, new_call = get_variables( reals_to_stay, i, new_call) # Check ip type if is_valid_ipv4(real.get('real_ip')) == True: ip_type = IP_VERSION.IPv4[1] ip = Ip().get_by_pk(id_ip) else: ip_type = IP_VERSION.IPv6[1] ip = Ipv6().get_by_pk(id_ip) reals_final['reals'].append(reals_to_stay['reals'][i]) reals_final['priorities'].append( reals_to_stay['priorities'][i]) if reals_to_stay['weighted']: reals_final['weights'].append( reals_to_stay['weights'][i]) server_pool = ServerPool.objects.get( vipporttopool__port_vip=port_vip, vipporttopool__requisicao_vip=vip) if ip_type == IP_VERSION.IPv4[1]: server_pool_member = ServerPoolMember.objects.get(server_pool=server_pool, port_real=port_real, ip=id_ip) else: server_pool_member = ServerPoolMember.objects.get(server_pool=server_pool, port_real=port_real, ipv6=id_ip) server_pool_member.priority = priority server_pool_member.weight = weight server_pool_member.save(user, commit=True) ############################################# # ADD REALS - reals_to_add # ############################################# for i in range(len(reals_to_add['reals'])): real, priority, weight, id_ip, port_vip, port_real, new_call = get_variables( reals_to_add, i, new_call) if len(real.get('real_ip').split('.')) <= 1: ip_type = IP_VERSION.IPv6[1] ip = Ipv6().get_by_pk(id_ip) if new_call: command = VIP_REALS_v6_CREATE % ( vip.id, id_ip, port_real, port_vip) else: command = VIP_REAL_v6_CREATE % ( vip.id, real.get('real_name'), real.get('real_ip')) else: ip_type = IP_VERSION.IPv4[1] ip = Ip().get_by_pk(id_ip) if new_call: command = VIP_REALS_v4_CREATE % ( vip.id, id_ip, port_real, port_vip) else: command = VIP_REAL_v4_CREATE % ( vip.id, real.get('real_name'), real.get('real_ip')) self.log.info( '------------------- ADD ----------------------') self.log.info( 'Insert ServerPoolMember before execute script') add_reals_before_script( port_vip, vip, ip, ip_type, priority, weight, port_real, user) self.log.info('The insert has completed successfully') # if new_call or (i + 1) in execute_list: self.log.info('Execute script: %s' % command) code, stdout, stderr = exec_script(command) self.log.info( 'Script was executed and returned code %s' % code) if code != 0: removes = False error = True reals_error.append(real) self.log.info( 'Remove ServerPoolMember after execute script if code != 0') remove_reals_after_script( port_vip, ip_type, vip, port_real, priority, weight, id_ip, user) self.log.info('The remove has completed successfully') else: reals_final['reals'].append(real) reals_final['priorities'].append( reals_to_add['priorities'][i]) if reals_to_add['weighted']: reals_final['weights'].append( reals_to_add['weights'][i]) self.log.info( '----------------- ADD END --------------------') ########################################## # REMOVE REALS - reals_to_rem # ########################################## if removes: for i in range(len(reals_to_rem['reals'])): real, priority, weight, id_ip, port_vip, port_real, new_call = get_variables( reals_to_rem, i, new_call) if len(real.get('real_ip').split('.')) <= 1: ip_type = IP_VERSION.IPv6[1] if new_call: command = VIP_REALS_v6_REMOVE % ( vip.id, id_ip, port_real, port_vip) else: command = VIP_REAL_v6_REMOVE % ( vip.id, real.get('real_name'), real.get('real_ip')) else: ip_type = IP_VERSION.IPv4[1] if new_call: command = VIP_REALS_v4_REMOVE % ( vip.id, id_ip, port_real, port_vip) else: command = VIP_REAL_v4_REMOVE % ( vip.id, real.get('real_name'), real.get('real_ip')) self.log.info( '------------------ REMOVE --------------------') self.log.info('Execute script: %s' % command) code, stdout, stderr = exec_script(command) self.log.info( 'script was executed and returned code %s' % code) if code != 0: error = True reals_error.append(real) reals_final['reals'].append(real) reals_final['priorities'].append( reals_to_rem['priorities'][i]) if reals_to_rem['weighted']: reals_final['weights'].append( reals_to_rem['weights'][i]) else: self.log.info( 'Remove ServerPoolMember after execute script') remove_reals_after_script( port_vip, ip_type, vip, port_real, priority, weight, id_ip, user) self.log.info( 'The remove has completed successfully') self.log.info( '---------------- REMOVE END ------------------') else: for i in range(len(reals_to_rem['reals'])): real = reals_to_rem['reals'][i] reals_final['reals'].append(real) reals_final['priorities'].append( reals_to_rem['priorities'][i]) if reals_to_add['weighted']: reals_final['weights'].append( reals_to_rem['weights'][i]) variables_map['reals'] = dict() variables_map['reals_prioritys'] = dict() variables_map['reals_weights'] = dict() if len(reals_final['reals']) > 0: variables_map['reals']['real'] = reals_final['reals'] variables_map['reals_prioritys'][ 'reals_priority'] = reals_final['priorities'] if reals_final['weights'] is not None: variables_map['reals_weights'][ 'reals_weight'] = reals_final['weights'] else: variables_map.pop('reals') variables_map.pop('reals_prioritys') variables_map.pop('reals_weights') # set variables vip.set_variables(variables_map) try: # If Priority changed if int(alter_priority) != 0: # gerador_vips -i <ID_REQUISICAO> --priority command = 'gerador_vips -i %d --priority' % vip.id # Logging self.log.info( '---------------- ALTER PRIORITY ------------------') self.log.info('Command: ' + command) # Execute script code, stdout, stderr = exec_script(command) self.log.info('Code returned: ' + str(code)) self.log.info('Stdout: ' + stdout) self.log.info( '-------------- ALTER PRIORITY END ----------------') # Script returned error while executing, rollback the # changes in database if code != 0: self.log.info('Code != 0, rollback changes') vip_old.save(user, commit=True) for sp in server_pools_old: sp.save(user, commit=True) for spm in server_pools_members_old: spm.save(user, commit=True) return self.response_error(2, stdout + stderr) except Exception, e: if isinstance(e, IntegrityError): # Duplicate value for Port Vip, Port Real and IP self.log.error(u'Failed to update the request vip.') return self.response_error(353) else: self.log.error(u'Failed to update the request vip.') raise RequisicaoVipsError( e, u'Failed to update the request vip') if error: # build return message vip_list = '' ip_list = '' for real in reals_error: vip_list = vip_list + real['real_name'] + ', ' ip_list = ip_list + real['real_ip'] + ', ' return self.response_error(333, vip_list[:-2], ip_list[:-2]) else: return self.response(dumps_networkapi({})) except XMLError, x: self.log.error(u'Error reading the XML request.') return self.response_error(3, x)
def handle_put(self, request, user, *args, **kwargs): """Treat requests PUT change limit connections to VIP. URLs: /vip/<id_vip>/maxcon/<maxcon>/ """ self.log.info("Change limit connections to VIP") try: vip_id = kwargs.get('id_vip') maxcon = kwargs.get('maxcon') # User permission if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION): self.log.error( u'User does not have permission to perform the operation.') raise UserNotAuthorizedError(None) # Valid Vip ID if not is_valid_int_greater_zero_param(vip_id): self.log.error( u'The vip_id parameter is not a valid value: %s.', vip_id) raise InvalidValueError(None) # Valid Maxcon if not is_valid_int_greater_equal_zero_param(maxcon): self.log.error( u'The maxcon parameter is not a valid value: %s.', maxcon) raise InvalidValueError(None) # Existing Vip ID vip = RequisicaoVips.get_by_pk(vip_id) with distributedlock(LOCK_VIP % vip_id): vip_old = clone(vip) server_pools = ServerPool.objects.filter(vipporttopool__requisicao_vip=vip) server_pools_old = [] server_pools_members_old = [] for sp in server_pools: server_pools_old.append(sp) for spm in sp.serverpoolmember_set.all(): server_pools_members_old.append(spm) # Vip must be created if not vip.vip_criado: self.log.error( u'Maxcon can not be changed because VIP has not yet been created.') raise RequestVipsNotBeenCreatedError(None) # Vip equipments permission if vip.ip is not None: for ip_equipment in vip.ip.ipequipamento_set.all(): if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION, None, ip_equipment.equipamento_id, AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION): self.log.error( u'Groups of equipment registered with the IP of the VIP request is not allowed of acess.') raise EquipmentGroupsNotAuthorizedError(None) if vip.ipv6 is not None: for ip_equipment in vip.ipv6.ipv6equipament_set.all(): if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION, None, ip_equipment.equipamento_id, AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION): self.log.error( u'Groups of equipment registered with the IP of the VIP request is not allowed of acess.') raise EquipmentGroupsNotAuthorizedError(None) # Get variables variables_map = vip.variables_to_map() # Valid variables vip.set_variables(variables_map) # Valid real names and real ips of real server if variables_map.get('reals') is not None: evip = EnvironmentVip.get_by_values(variables_map.get( 'finalidade'), variables_map.get('cliente'), variables_map.get('ambiente')) for real in variables_map.get('reals').get('real'): ip_aux_error = real.get('real_ip') equip_aux_error = real.get('real_name') equip = Equipamento.get_by_name(equip_aux_error) # Valid Real RequisicaoVips.valid_real_server( ip_aux_error, equip, evip) # Valid reals_prioritys variables_map, code = vip.valid_values_reals_priority( variables_map) if code is not None: return self.response_error(329) # Valid reals_weight variables_map, code = vip.valid_values_reals_weight( variables_map) if code is not None: return self.response_error(330) # Valid ports variables_map, code = vip.valid_values_ports(variables_map) if code is not None: return self.response_error(331) variables_map['maxcon'] = maxcon vip.set_variables(variables_map) vip.save(user, commit=True) #update server pool limits table #Fix #27 server_pools = ServerPool.objects.filter(vipporttopool__requisicao_vip=vip) for sp in server_pools: #If exists pool member, change default maxconn of pool and members if(len(sp.serverpoolmember_set.all()) > 0): #if(old_maxconn != sp.default_limit and sp.pool_created): sp.default_limit = maxcon sp.save(user, commit=True) for serverpoolmember in sp.serverpoolmember_set.all(): serverpoolmember.limit = maxcon serverpoolmember.save(user, commit=True) # gerador_vips -i <ID_REQUISICAO> --maxconn command = 'gerador_vips -i %d --maxconn' % vip.id code, stdout, stderr = exec_script(command) if code == 0: success_map = dict() success_map['codigo'] = '%04d' % code success_map['descricao'] = { 'stdout': stdout, 'stderr': stderr} map = dict() map['sucesso'] = success_map return self.response(dumps_networkapi(map)) else: #TODO Check if is needed to update pool members separately vip_old.save(user, commit=True) for sp in server_pools_old: sp.save(user, commit=True) for spm in server_pools_members_old: spm.save(user, commit=True) return self.response_error(2, stdout + stderr) except XMLError, x: self.log.error(u'Error reading the XML request.') return self.response_error(3, x)
def handle_put(self, request, user, *args, **kwargs): """ Handles PUT requests to change the VIP's real server. URL: vip/real/edit """ self.log.info("Change VIP's real server") try: # User permission if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION): self.log.error( u'User does not have permission to perform the operation.') raise UserNotAuthorizedError(None) # Commons Validations # Load XML data xml_map, attrs_map = loads( request.raw_post_data, ['real', 'reals_weight', 'reals_priority']) # XML data format networkapi_map = xml_map.get('networkapi') if networkapi_map is None: return self.response_error( 3, u'There is no value to the networkapi tag of XML request.' ) vip_map = networkapi_map.get('vip') if vip_map is None: return self.response_error( 3, u'There is no value to the vip tag of XML request.') # Get XML data vip_id = vip_map.get('vip_id') alter_priority = vip_map.get('alter_priority') # Valid VIP ID if not is_valid_int_greater_zero_param(vip_id): self.log.error( u'The vip_id parameter is not a valid value: %s.', vip_id) raise InvalidValueError(None, 'vip_id', vip_id) # Valid Alter Priority if not is_valid_int_greater_equal_zero_param(alter_priority): alter_priority = 0 # Existing Vip ID vip = RequisicaoVips.get_by_pk(vip_id) # Clone vip vip_old = clone(vip) server_pools = ServerPool.objects.filter( vipporttopool__requisicao_vip=vip) server_pools_old = [] server_pools_members_old = [] for sp in server_pools: server_pools_old.append(sp) for spm in sp.serverpoolmember_set.all(): server_pools_members_old.append(spm) # Get variables variables_map = vip.variables_to_map() # Valid variables vip.set_variables(variables_map) # Get balancing method vip_map['metodo_bal'] = str( variables_map.get('metodo_bal')).upper() with distributedlock(LOCK_VIP % vip_id): # Valid real names and real ips of real server if vip_map.get('reals') is not None: evip = EnvironmentVip.get_by_values( variables_map.get('finalidade'), variables_map.get('cliente'), variables_map.get('ambiente')) for real in vip_map.get('reals').get('real'): ip_aux_error = real.get('real_ip') equip_aux_error = real.get('real_name') if equip_aux_error is not None: equip = Equipamento.get_by_name(equip_aux_error) else: self.log.error( u'The real_name parameter is not a valid value: None.' ) raise InvalidValueError(None, 'real_name', 'None') # Valid Real RequisicaoVips.valid_real_server( ip_aux_error, equip, evip, False) # Valid reals_prioritys vip_map, code = vip.valid_values_reals_priority(vip_map) if code is not None: return self.response_error(329) # Valid reals_weight vip_map, code = vip.valid_values_reals_weight(vip_map) if code is not None: return self.response_error(330) # Get variables variables_map = vip.variables_to_map() vip_port_list, reals_list, reals_priority, reals_weight = vip.get_vips_and_reals( vip.id) if reals_list: variables_map['reals'] = {'real': reals_list} variables_map['reals_prioritys'] = { 'reals_priority': reals_priority } variables_map['reals_weights'] = { 'reals_weight': reals_weight } variables_map['portas_servicos'] = {'porta': vip_port_list} # clone variables_map # variables_map_old = clone(variables_map) # Valid ports variables_map, code = vip.valid_values_ports(variables_map) if code is not None: return self.response_error(331) """ OLD CALLS - Deprecated """ vip_ports_pool = VipPortToPool.objects.filter( requisicao_vip=vip) reals = vip_map.get('reals') new_call = True if reals and 'port_real' not in reals['real'][0]: new_call = False reals_prioritys = vip_map.get('reals_prioritys') reals_weights = dict() if 'reals_weights' in vip_map: reals_weights = vip_map.get('reals_weights') reals_aux = dict() reals_prioritys_aux = dict() reals_weight_aux = dict() reals_aux['real'] = list() reals_prioritys_aux['reals_priority'] = list() reals_weight_aux['reals_weight'] = list() repeat = (len(vip_ports_pool) * len(reals['real'])) / len( reals['real']) execute_list = list() for x in range(repeat): execute_list.append((x + 1) * len(reals['real'])) for i in range(len(reals['real'])): for vippp in vip_ports_pool: reals_prioritys_aux['reals_priority'].append( reals_prioritys['reals_priority'][i]) if 'reals_weight' in reals_weights: reals_weight_aux['reals_weight'].append( reals_weights['reals_weight'][i]) server_pool = ServerPool.objects.get( vipporttopool__id=vippp.id, vipporttopool__requisicao_vip=vip) if 'id_ip' not in reals['real'][i]: id_ip = get_id_ip(reals['real'][i]) else: id_ip = reals['real'][i]['id_ip'] reals_aux['real'].append({ 'id_ip': id_ip, 'port_real': server_pool.default_port, 'real_name': reals['real'][i]['real_name'], 'port_vip': vippp.port_vip, u'real_ip': reals['real'][i]['real_ip'] }) vip_map['reals_prioritys'] = reals_prioritys_aux vip_map['reals_weights'] = reals_weight_aux vip_map['reals'] = reals_aux """ OLD CALLS - END """ # Check diff reals (reals_to_add, reals_to_rem, reals_to_stay) reals_to_add, reals_to_rem, reals_to_stay = diff_reals( variables_map, vip_map) reals_final = dict() reals_final['reals'] = list() reals_final['priorities'] = list() reals_final['weights'] = list() reals_error = list() removes = True error = False ############################################## # NOT MODIFIED - reals_to_stay # ############################################## for i in range(len(reals_to_stay['reals'])): real, priority, weight, id_ip, port_vip, port_real, new_call = get_variables( reals_to_stay, i, new_call) # Check ip type if is_valid_ipv4(real.get('real_ip')) is True: ip_type = IP_VERSION.IPv4[1] ip = Ip().get_by_pk(id_ip) else: ip_type = IP_VERSION.IPv6[1] ip = Ipv6().get_by_pk(id_ip) reals_final['reals'].append(reals_to_stay['reals'][i]) reals_final['priorities'].append( reals_to_stay['priorities'][i]) if reals_to_stay['weighted']: reals_final['weights'].append( reals_to_stay['weights'][i]) server_pool = ServerPool.objects.get( vipporttopool__port_vip=port_vip, vipporttopool__requisicao_vip=vip) if ip_type == IP_VERSION.IPv4[1]: server_pool_member = ServerPoolMember.objects.get( server_pool=server_pool, port_real=port_real, ip=id_ip) else: server_pool_member = ServerPoolMember.objects.get( server_pool=server_pool, port_real=port_real, ipv6=id_ip) server_pool_member.priority = priority server_pool_member.weight = weight server_pool_member.save(user, commit=True) ############################################# # ADD REALS - reals_to_add # ############################################# for i in range(len(reals_to_add['reals'])): real, priority, weight, id_ip, port_vip, port_real, new_call = get_variables( reals_to_add, i, new_call) if len(real.get('real_ip').split('.')) <= 1: ip_type = IP_VERSION.IPv6[1] ip = Ipv6().get_by_pk(id_ip) if new_call: command = VIP_REALS_v6_CREATE % ( vip.id, id_ip, port_real, port_vip) else: command = VIP_REAL_v6_CREATE % ( vip.id, real.get('real_name'), real.get('real_ip')) else: ip_type = IP_VERSION.IPv4[1] ip = Ip().get_by_pk(id_ip) if new_call: command = VIP_REALS_v4_CREATE % ( vip.id, id_ip, port_real, port_vip) else: command = VIP_REAL_v4_CREATE % ( vip.id, real.get('real_name'), real.get('real_ip')) self.log.info( '------------------- ADD ----------------------') self.log.info( 'Insert ServerPoolMember before execute script') add_reals_before_script(port_vip, vip, ip, ip_type, priority, weight, port_real, user) self.log.info('The insert has completed successfully') # if new_call or (i + 1) in execute_list: self.log.info('Execute script: %s' % command) code, stdout, stderr = exec_script(command) self.log.info('Script was executed and returned code %s' % code) if code != 0: removes = False error = True reals_error.append(real) self.log.info( 'Remove ServerPoolMember after execute script if code != 0' ) remove_reals_after_script(port_vip, ip_type, vip, port_real, priority, weight, id_ip, user) self.log.info('The remove has completed successfully') else: reals_final['reals'].append(real) reals_final['priorities'].append( reals_to_add['priorities'][i]) if reals_to_add['weighted']: reals_final['weights'].append( reals_to_add['weights'][i]) self.log.info( '----------------- ADD END --------------------') ########################################## # REMOVE REALS - reals_to_rem # ########################################## if removes: for i in range(len(reals_to_rem['reals'])): real, priority, weight, id_ip, port_vip, port_real, new_call = get_variables( reals_to_rem, i, new_call) if len(real.get('real_ip').split('.')) <= 1: ip_type = IP_VERSION.IPv6[1] if new_call: command = VIP_REALS_v6_REMOVE % ( vip.id, id_ip, port_real, port_vip) else: command = VIP_REAL_v6_REMOVE % ( vip.id, real.get('real_name'), real.get('real_ip')) else: ip_type = IP_VERSION.IPv4[1] if new_call: command = VIP_REALS_v4_REMOVE % ( vip.id, id_ip, port_real, port_vip) else: command = VIP_REAL_v4_REMOVE % ( vip.id, real.get('real_name'), real.get('real_ip')) self.log.info( '------------------ REMOVE --------------------') self.log.info('Execute script: %s' % command) code, stdout, stderr = exec_script(command) self.log.info( 'script was executed and returned code %s' % code) if code != 0: error = True reals_error.append(real) reals_final['reals'].append(real) reals_final['priorities'].append( reals_to_rem['priorities'][i]) if reals_to_rem['weighted']: reals_final['weights'].append( reals_to_rem['weights'][i]) else: self.log.info( 'Remove ServerPoolMember after execute script') remove_reals_after_script(port_vip, ip_type, vip, port_real, priority, weight, id_ip, user) self.log.info( 'The remove has completed successfully') self.log.info( '---------------- REMOVE END ------------------') else: for i in range(len(reals_to_rem['reals'])): real = reals_to_rem['reals'][i] reals_final['reals'].append(real) reals_final['priorities'].append( reals_to_rem['priorities'][i]) if reals_to_add['weighted']: reals_final['weights'].append( reals_to_rem['weights'][i]) variables_map['reals'] = dict() variables_map['reals_prioritys'] = dict() variables_map['reals_weights'] = dict() if len(reals_final['reals']) > 0: variables_map['reals']['real'] = reals_final['reals'] variables_map['reals_prioritys'][ 'reals_priority'] = reals_final['priorities'] if reals_final['weights'] is not None: variables_map['reals_weights'][ 'reals_weight'] = reals_final['weights'] else: variables_map.pop('reals') variables_map.pop('reals_prioritys') variables_map.pop('reals_weights') # set variables vip.set_variables(variables_map) try: # If Priority changed if int(alter_priority) != 0: # gerador_vips -i <ID_REQUISICAO> --priority command = 'gerador_vips -i %d --priority' % vip.id # Logging self.log.info( '---------------- ALTER PRIORITY ------------------' ) self.log.info('Command: ' + command) # Execute script code, stdout, stderr = exec_script(command) self.log.info('Code returned: ' + str(code)) self.log.info('Stdout: ' + stdout) self.log.info( '-------------- ALTER PRIORITY END ----------------' ) # Script returned error while executing, rollback the # changes in database if code != 0: self.log.info('Code != 0, rollback changes') vip_old.save(user, commit=True) for sp in server_pools_old: sp.save(user, commit=True) for spm in server_pools_members_old: spm.save(user, commit=True) return self.response_error(2, stdout + stderr) except Exception, e: if isinstance(e, IntegrityError): # Duplicate value for Port Vip, Port Real and IP self.log.error(u'Failed to update the request vip.') return self.response_error(353) else: self.log.error(u'Failed to update the request vip.') raise RequisicaoVipsError( e, u'Failed to update the request vip') if error: # build return message vip_list = '' ip_list = '' for real in reals_error: vip_list = vip_list + real['real_name'] + ', ' ip_list = ip_list + real['real_ip'] + ', ' return self.response_error(333, vip_list[:-2], ip_list[:-2]) else: return self.response(dumps_networkapi({})) except XMLError, x: self.log.error(u'Error reading the XML request.') return self.response_error(3, x)
def handle_get(self, request, user, *args, **kwargs): """Rollback of the filter URLs: /vip/l7/<id_vip>/rollback/ """ self.log.info("Applies the last working filter to VIP") try: id_vip = kwargs.get('id_vip') # User is authorized if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION): self.log.error( u'User does not have permission to perform the operation.') raise UserNotAuthorizedError(None) # Valid Vip ID if not is_valid_int_greater_zero_param(id_vip): self.log.error( u'The vip_id parameter is not a valid value: %s.', id_vip) raise InvalidValueError(None) # Get VIP data vip = RequisicaoVips.get_by_pk(id_vip) with distributedlock(LOCK_VIP % id_vip): # backup do vip vip_old = clone(vip) # Vip must be created if not vip.vip_criado: self.log.error( u'Filter can not be applied because VIP has not been created yet.') raise RequestVipsNotBeenCreatedError(None) # salva data do rollback, rollback para aplicado, passa o # aplicado para l7 vip.applied_l7_datetime = datetime.now().strftime( "%Y-%m-%d %H:%M:%S") # Set Applied With Rollback vip.filter_applied = vip_old.filter_rollback vip.rule_applied = vip_old.rule_rollback # Set Rollback With Applied vip.filter_rollback = vip_old.filter_applied vip.rule_rollback = vip_old.rule_applied vip.save(user, commit=True) # roda script command = 'gerador_vips -i %d --l7_filter_current' % vip.id code, stdout, stderr = exec_script(command) # code 0 = executou com sucesso if code == 0: success_map = dict() success_map['codigo'] = '%04d' % code success_map['descricao'] = { 'stdout': stdout, 'stderr': stderr} map = dict() map['sucesso'] = success_map return self.response(dumps_networkapi(map)) else: # pega os dados anteriores e os salva no banco vip_old.save(user, commit=True) return self.response_error(2, stdout + stderr) except XMLError, x: self.log.error(u'Error reading the XML request.') return self.response_error(3, x)
def handle_put(self, request, user, *args, **kwargs): """ Handles PUT requests to change the VIP's persistence. URL: vip/<id_vip>/persistence """ self.log.info("Change VIP's persistence") try: # Commons Validations # User permission if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION): self.log.error( u'User does not have permission to perform the operation.') raise UserNotAuthorizedError(None) # Valid Vip ID vip_id = kwargs.get('id_vip') if not is_valid_int_greater_zero_param(vip_id): self.log.error( u'The vip_id parameter is not a valid value: %s.', vip_id) raise InvalidValueError(None) # Existing Vip ID vip = RequisicaoVips.get_by_pk(vip_id) with distributedlock(LOCK_VIP % vip_id): vip_old = clone(vip) # Vip must be created if not vip.vip_criado: self.log.error( u'Persistence can not be changed because VIP has not yet been created.' ) raise RequestVipsNotBeenCreatedError(None) # Vip equipments permission if vip.ip is not None: for ip_equipment in vip.ip.ipequipamento_set.all(): if not has_perm( user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION, None, ip_equipment.equipamento_id, AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION): self.log.error( u'Groups of equipment registered with the IP of the VIP request is not allowed of acess.' ) raise EquipmentGroupsNotAuthorizedError(None) if vip.ipv6 is not None: for ip_equipment in vip.ipv6.ipv6equipament_set.all(): if not has_perm( user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION, None, ip_equipment.equipamento_id, AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION): self.log.error( u'Groups of equipment registered with the IP of the VIP request is not allowed of acess.' ) raise EquipmentGroupsNotAuthorizedError(None) # Business Validations # Load XML data xml_map, attrs_map = loads(request.raw_post_data) # XML data format networkapi_map = xml_map.get('networkapi') if networkapi_map is None: return self.response_error( 3, u'There is no value to the networkapi tag of XML request.' ) vip_map = networkapi_map.get('vip') if vip_map is None: return self.response_error( 3, u'There is no value to the vip tag of XML request.') # Get variables variables_map = vip.variables_to_map() # validation of persistence type is doing by set_variables persistence = vip_map.get('persistencia', None) variables_map['persistencia'] = persistence # Set variables vip.set_variables(variables_map) # Save VIP vip.save(user, commit=True) # SYNC_VIP old_to_new(vip) # Executar script # gerador_vips -i <ID_REQUISICAO> --healthcheck command = 'gerador_vips -i %d --persistence' % vip.id code, stdout, stderr = exec_script(command) if code == 0: success_map = dict() success_map['codigo'] = '%04d' % code success_map['descricao'] = { 'stdout': stdout, 'stderr': stderr } map = dict() map['sucesso'] = success_map return self.response(dumps_networkapi(map)) else: vip_old.save(user, commit=True) return self.response_error(2, stdout + stderr) except XMLError, x: self.log.error(u'Error reading the XML request.') return self.response_error(3, x)
def handle_put(self, request, user, *args, **kwargs): """ Handles PUT requests to change the VIP's healthcheck. URL: vip/<id_vip>/healthcheck """ self.log.info("Change VIP's healthcheck") try: # Commons Validations # User permission if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION): self.log.error(u"User does not have permission to perform the operation.") raise UserNotAuthorizedError(None) # Valid Vip ID vip_id = kwargs.get("id_vip") if not is_valid_int_greater_zero_param(vip_id): self.log.error(u"The vip_id parameter is not a valid value: %s.", vip_id) raise InvalidValueError(None) # Existing Vip ID vip = RequisicaoVips.get_by_pk(vip_id) with distributedlock(LOCK_VIP % vip_id): vip_old = clone(vip) # Vip must be created if not vip.vip_criado: self.log.error(u"Healthcheck can not be changed because VIP has not yet been created.") raise RequestVipsNotBeenCreatedError(None) # Vip equipments permission if vip.ip is not None: for ip_equipment in vip.ip.ipequipamento_set.all(): if not has_perm( user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION, None, ip_equipment.equipamento_id, AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION, ): self.log.error( u"Groups of equipment registered with the IP of the VIP request is not allowed of acess." ) raise EquipmentGroupsNotAuthorizedError(None) if vip.ipv6 is not None: for ip_equipment in vip.ipv6.ipv6equipament_set.all(): if not has_perm( user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION, None, ip_equipment.equipamento_id, AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION, ): self.log.error( u"Groups of equipment registered with the IP of the VIP request is not allowed of acess." ) raise EquipmentGroupsNotAuthorizedError(None) # Business Validations # Load XML data xml_map, attrs_map = loads(request.raw_post_data) # XML data format networkapi_map = xml_map.get("networkapi") if networkapi_map is None: return self.response_error(3, u"There is no value to the networkapi tag of XML request.") vip_map = networkapi_map.get("vip") if vip_map is None: return self.response_error(3, u"There is no value to the vip tag of XML request.") # Get XML data healthcheck_type = upper(str(vip_map["healthcheck_type"])) healthcheck = vip_map["healthcheck"] id_healthcheck_expect = vip_map["id_healthcheck_expect"] vars = vip.variables_to_map() environment_vip = EnvironmentVip.get_by_values( vars.get("finalidade"), vars.get("cliente"), vars.get("ambiente") ) healthcheck_is_valid = RequisicaoVips.heathcheck_exist(healthcheck_type, environment_vip.id) # healthcheck_type exist' if not healthcheck_is_valid: self.log.error(u"The healthcheck_type parameter not exist.") raise InvalidValueError( u"The healthcheck_type parameter not exist.", "healthcheck_type", healthcheck_type ) # If healthcheck_type is not HTTP id_healthcheck_expect and # healthcheck must be None if healthcheck_type != "HTTP": if not (id_healthcheck_expect == None and healthcheck == None): msg = ( u"The healthcheck_type parameter is %s, then healthcheck and id_healthcheck_expect must be None." % healthcheck_type ) self.log.error(msg) raise InvalidValueError(msg) # return self.response_error(276) # If healthcheck_type is 'HTTP' id_healthcheck_expect and # healthcheck must NOT be None elif healthcheck_type == "HTTP": if id_healthcheck_expect == None or healthcheck == None: msg = u"The healthcheck_type parameter is HTTP, then healthcheck and id_healthcheck_expect must NOT be None." self.log.error(msg) raise InvalidValueError(msg) else: try: # Valid healthcheck_expect ID if not is_valid_int_greater_zero_param(id_healthcheck_expect): self.log.error( u"The id_healthcheck_expect parameter is not a valid value: %s.", id_healthcheck_expect, ) raise InvalidValueError(None, "id_healthcheck_expect", id_healthcheck_expect) # Find healthcheck_expect by ID to check if it # exist healthcheck_expect = HealthcheckExpect.get_by_pk(id_healthcheck_expect) # Check if healthcheck is a string if not isinstance(healthcheck, basestring): msg = u"The healthcheck must be a string." self.log.error(msg) raise InvalidValueError(msg, "healthcheck", healthcheck) except HealthcheckExpectNotFoundError: msg = u"The id_healthcheck_expect parameter does not exist." self.log.error(msg) raise InvalidValueError(msg, "id_healthcheck_expect", id_healthcheck_expect) # Business Rules # Get variables variables_map = vip.variables_to_map() # Valid variables vip.set_variables(variables_map) # Set healthcheck_type variables_map["healthcheck_type"] = healthcheck_type # If healthcheck_type is HTTP if healthcheck_type == "HTTP": # Set healthcheck variables_map["healthcheck"] = healthcheck # Set id_healthcheck_expect vip.healthcheck_expect = healthcheck_expect else: # Set healthcheck to None variables_map["healthcheck"] = None # Set id_healthcheck_expect to None vip.healthcheck_expect = None # Set variables vip.set_variables(variables_map) # Save VIP vip.save(user, commit=True) # Executar script # Put old call to work with new pool features # This call is deprecated server_pools = ServerPool.objects.filter(vipporttopool__requisicao_vip=vip) if healthcheck == None: healthcheck = "" if id_healthcheck_expect == None: healthcheck_expect = "" else: healthcheck_expect = healthcheck_expect.expect_string healthcheck_identifier = "" healthcheck_destination = "*:*" hc = get_or_create_healthcheck( user, healthcheck_expect, healthcheck_type, healthcheck, healthcheck_destination, healthcheck_identifier, ) # Applies new healthcheck in pool # Todo - new method old_healthchecks = [] for sp in server_pools: old_healthchecks.append(sp.healthcheck) sp.healthcheck = hc sp.save(user, commit=True) # gerador_vips -i <ID_REQUISICAO> --healthcheck command = "gerador_vips -i %d --healthcheck" % vip.id code, stdout, stderr = exec_script(command) if code == 0: success_map = dict() success_map["codigo"] = "%04d" % code success_map["descricao"] = {"stdout": stdout, "stderr": stderr} map = dict() map["sucesso"] = success_map return self.response(dumps_networkapi(map)) else: old_healthchecks.reverse() for sp in server_pools: sp.healthcheck = old_healthchecks.pop() sp.save(user, commit=True) vip_old.save(user, commit=True) return self.response_error(2, stdout + stderr) except XMLError, x: self.log.error(u"Error reading the XML request.") return self.response_error(3, x)
def check_filter_use(new_filter_id, env): from networkapi.equipamento.models import EquipamentoAmbiente from networkapi.ip.models import NetworkIPv4, NetworkIPv6 from networkapi.vlan.models import Vlan try: # Check existence of new filter new_fil = Filter.objects.get(pk=new_filter_id) except ObjectDoesNotExist: new_fil = None pass # Filters old_fil = env.filter if old_fil is not None: # Envs using old filter envs_old_filter = old_fil.ambiente_set.all() # Vlans in listed envs vlans = list() for env_old_filter in envs_old_filter: for vlan in env_old_filter.vlan_set.all(): vlans.append(vlan) # Nets in vlan nets_ipv4 = list() nets_ipv6 = list() for vlan in vlans: for net in vlan.networkipv4_set.all(): nets_ipv4.append({'net': net, 'vlan_env': vlan.ambiente}) for net in vlan.networkipv6_set.all(): nets_ipv6.append({'net': net, 'vlan_env': vlan.ambiente}) # Verify subnet ipv4 for i in range(0, len(nets_ipv4)): net = nets_ipv4[i].get('net') ip = "%s.%s.%s.%s/%s" % (net.oct1, net.oct2, net.oct3, net.oct4, net.block) network_ip_verify = IPNetwork(ip) nets_ipv4_aux = clone(nets_ipv4) nets_ipv4_aux.remove(nets_ipv4[i]) if verify_subnet_and_equip(nets_ipv4_aux, network_ip_verify, 'v4', net, nets_ipv4[i].get('vlan_env')): env_aux_id = nets_ipv4[i].get('vlan_env').id if env.id == env_aux_id: raise CannotDissociateFilterError( old_fil.name, u'Filter %s cannot be dissociated, its in use.' % old_fil.name) # Verify subnet ipv6 for i in range(0, len(nets_ipv6)): net = nets_ipv6[i].get('net') ip = "%s:%s:%s:%s:%s:%s:%s:%s/%d" % (net.block1, net.block2, net.block3, net.block4, net.block5, net.block6, net.block7, net.block8, net.block) network_ip_verify = IPNetwork(ip) nets_ipv6_aux = clone(nets_ipv6) nets_ipv6_aux.remove(nets_ipv6[i]) if verify_subnet_and_equip(nets_ipv6_aux, network_ip_verify, 'v6', net, nets_ipv6[i].get('vlan_env')): env_aux_id = nets_ipv6[i].get('vlan_env').id if env.id == env_aux_id: raise CannotDissociateFilterError( old_fil.name, u'Filter %s cannot be dissociated, its in use.' % old_fil.name) old_tp_equips = [ fet.equiptype.id for fet in old_fil.filterequiptype_set.all()] if new_fil is not None: new_tp_equips = [ fet.equiptype.id for fet in new_fil.filterequiptype_set.all()] else: new_tp_equips = [] # EquipTypes being excluded, check for these in environments diff_tp_equips = list(set(old_tp_equips) - set(new_tp_equips)) # Check equipments with type in diff, associated to this environment if len(diff_tp_equips) > 0: # Filter case 1 and 2 # Check for networks with same ip range nets_same_range = NetworkIPv4.objects.values( 'oct1', 'oct2', 'oct3', 'oct4', 'block').annotate(count=Count('id')).filter(count__gt=1) if len(nets_same_range) > 0: for net_gp in nets_same_range: nets_current_range = NetworkIPv4.objects.filter(oct1=net_gp['oct1'], oct2=net_gp[ 'oct2'], oct3=net_gp['oct3'], oct4=net_gp['oct4'], block=net_gp['block']) envs_of_nets = [ net.vlan.ambiente.id for net in nets_current_range] if env.id in envs_of_nets: eqas = EquipamentoAmbiente.objects.filter( equipamento__tipo_equipamento__in=diff_tp_equips, ambiente=env.id) equips_in_env = [eqa.equipamento.id for eqa in eqas] # Get other environments with these equips other_envs = [eqa.ambiente.id for eqa in EquipamentoAmbiente.objects.filter( equipamento__in=equips_in_env, ambiente__in=envs_of_nets).exclude(ambiente=env.id)] if len(other_envs) > 0: raise CannotDissociateFilterError( old_fil.name, u'Filter %s cannot be dissociated, its in use.' % old_fil.name) # Check for networks v6 with same ip range nets_same_range_v6 = NetworkIPv6.objects.values( 'block1', 'block2', 'block3', 'block4', 'block5', 'block6', 'block7', 'block8', 'block').annotate(count=Count('id')).filter(count__gt=1) if len(nets_same_range_v6) > 0: for net_gp in nets_same_range_v6: nets_current_range = NetworkIPv6.objects.filter(block1=net_gp['block1'], block2=net_gp['block2'], block3=net_gp['block3'], block4=net_gp[ 'block4'], block5=net_gp['block5'], block6=net_gp['block6'], block7=net_gp['block7'], block8=net_gp['block8'], block=net_gp['block']) envs_of_nets = [ net.vlan.ambiente.id for net in nets_current_range] if env.id in envs_of_nets: eqas = EquipamentoAmbiente.objects.filter( equipamento__tipo_equipamento__in=diff_tp_equips, ambiente=env.id) equips_in_env = [eqa.equipamento.id for eqa in eqas] # Get other environments with these equips other_envs = [eqa.ambiente.id for eqa in EquipamentoAmbiente.objects.filter( equipamento__in=equips_in_env, ambiente__in=envs_of_nets).exclude(ambiente=env.id)] if len(other_envs) > 0: raise CannotDissociateFilterError( old_fil.name, u'Filter %s cannot be dissociated, its in use.' % old_fil.name) # End of filter case 1 and 2 # Filter case 3 # Get vlans with same number vlans_same_number = Vlan.objects.values('num_vlan').annotate( count=Count('id')).filter(count__gt=1) if len(vlans_same_number) > 0: for vlan_gp in vlans_same_number: vlans_current_number = Vlan.objects.filter( num_vlan=vlan_gp['num_vlan']) envs_of_vlans = [ vlan.ambiente.id for vlan in vlans_current_number] if env.id in envs_of_vlans: eqas = EquipamentoAmbiente.objects.filter( ambiente=env.id) equips_in_env = [eqa.equipamento.id for eqa in eqas] # Get other environments with these equips other_envs = [eqa.ambiente.id for eqa in EquipamentoAmbiente.objects.filter( equipamento__in=equips_in_env, ambiente__in=envs_of_vlans).exclude(ambiente=env.id)] if len(other_envs) > 0: raise CannotDissociateFilterError( old_fil.name, u'Filter %s cannot be dissociated, its in use.' % old_fil.name) env.filter = new_fil return env
def handle_put(self, request, user, *args, **kwargs): """ Handles PUT requests to change the VIP's healthcheck. URL: vip/<id_vip>/healthcheck """ self.log.info("Change VIP's healthcheck") try: # Commons Validations # User permission if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION): self.log.error( u'User does not have permission to perform the operation.') raise UserNotAuthorizedError(None) # Valid Vip ID vip_id = kwargs.get('id_vip') if not is_valid_int_greater_zero_param(vip_id): self.log.error( u'The vip_id parameter is not a valid value: %s.', vip_id) raise InvalidValueError(None) # Existing Vip ID vip = RequisicaoVips.get_by_pk(vip_id) with distributedlock(LOCK_VIP % vip_id): vip_old = clone(vip) # Vip must be created if not vip.vip_criado: self.log.error( u'Healthcheck can not be changed because VIP has not yet been created.' ) raise RequestVipsNotBeenCreatedError(None) # Vip equipments permission if vip.ip is not None: for ip_equipment in vip.ip.ipequipamento_set.all(): if not has_perm( user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION, None, ip_equipment.equipamento_id, AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION): self.log.error( u'Groups of equipment registered with the IP of the VIP request is not allowed of acess.' ) raise EquipmentGroupsNotAuthorizedError(None) if vip.ipv6 is not None: for ip_equipment in vip.ipv6.ipv6equipament_set.all(): if not has_perm( user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION, None, ip_equipment.equipamento_id, AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION): self.log.error( u'Groups of equipment registered with the IP of the VIP request is not allowed of acess.' ) raise EquipmentGroupsNotAuthorizedError(None) # Business Validations # Load XML data xml_map, attrs_map = loads(request.raw_post_data) # XML data format networkapi_map = xml_map.get('networkapi') if networkapi_map is None: return self.response_error( 3, u'There is no value to the networkapi tag of XML request.' ) vip_map = networkapi_map.get('vip') if vip_map is None: return self.response_error( 3, u'There is no value to the vip tag of XML request.') # Get XML data healthcheck_type = upper(str(vip_map['healthcheck_type'])) healthcheck = vip_map['healthcheck'] id_healthcheck_expect = vip_map['id_healthcheck_expect'] vars = vip.variables_to_map() environment_vip = EnvironmentVip.get_by_values( vars.get('finalidade'), vars.get('cliente'), vars.get('ambiente')) healthcheck_is_valid = RequisicaoVips.heathcheck_exist( healthcheck_type, environment_vip.id) # healthcheck_type exist' if not healthcheck_is_valid: self.log.error( u'The healthcheck_type parameter not exist.') raise InvalidValueError( u'The healthcheck_type parameter not exist.', 'healthcheck_type', healthcheck_type) # If healthcheck_type is not HTTP id_healthcheck_expect and # healthcheck must be None if healthcheck_type != 'HTTP': if not (id_healthcheck_expect is None and healthcheck is None): msg = u'The healthcheck_type parameter is %s, then healthcheck and id_healthcheck_expect must be None.' % healthcheck_type self.log.error(msg) raise InvalidValueError(msg) # return self.response_error(276) # If healthcheck_type is 'HTTP' id_healthcheck_expect and # healthcheck must NOT be None elif healthcheck_type == 'HTTP': if id_healthcheck_expect is None or healthcheck is None: msg = u'The healthcheck_type parameter is HTTP, then healthcheck and id_healthcheck_expect must NOT be None.' self.log.error(msg) raise InvalidValueError(msg) else: try: # Valid healthcheck_expect ID if not is_valid_int_greater_zero_param( id_healthcheck_expect): self.log.error( u'The id_healthcheck_expect parameter is not a valid value: %s.', id_healthcheck_expect) raise InvalidValueError( None, 'id_healthcheck_expect', id_healthcheck_expect) # Find healthcheck_expect by ID to check if it # exist healthcheck_expect = HealthcheckExpect.get_by_pk( id_healthcheck_expect) # Check if healthcheck is a string if not isinstance(healthcheck, basestring): msg = u'The healthcheck must be a string.' self.log.error(msg) raise InvalidValueError( msg, 'healthcheck', healthcheck) except HealthcheckExpectNotFoundError: msg = u'The id_healthcheck_expect parameter does not exist.' self.log.error(msg) raise InvalidValueError(msg, 'id_healthcheck_expect', id_healthcheck_expect) # Business Rules # Get variables variables_map = vip.variables_to_map() # Valid variables vip.set_variables(variables_map) # Set healthcheck_type variables_map['healthcheck_type'] = healthcheck_type # If healthcheck_type is HTTP if healthcheck_type == 'HTTP': # Set healthcheck variables_map['healthcheck'] = healthcheck # Set id_healthcheck_expect vip.healthcheck_expect = healthcheck_expect else: # Set healthcheck to None variables_map['healthcheck'] = None # Set id_healthcheck_expect to None vip.healthcheck_expect = None # Set variables vip.set_variables(variables_map) # Save VIP vip.save(user, commit=True) # Executar script # Put old call to work with new pool features # This call is deprecated server_pools = ServerPool.objects.filter( vipporttopool__requisicao_vip=vip) if healthcheck is None: healthcheck = '' if id_healthcheck_expect is None: healthcheck_expect = '' else: healthcheck_expect = healthcheck_expect.expect_string healthcheck_identifier = '' healthcheck_destination = '*:*' hc = get_or_create_healthcheck(user, healthcheck_expect, healthcheck_type, healthcheck, healthcheck_destination, healthcheck_identifier) # Applies new healthcheck in pool # Todo - new method old_healthchecks = [] for sp in server_pools: old_healthchecks.append(sp.healthcheck) sp.healthcheck = hc sp.save(user, commit=True) # gerador_vips -i <ID_REQUISICAO> --healthcheck command = 'gerador_vips -i %d --healthcheck' % vip.id code, stdout, stderr = exec_script(command) if code == 0: success_map = dict() success_map['codigo'] = '%04d' % code success_map['descricao'] = { 'stdout': stdout, 'stderr': stderr } map = dict() map['sucesso'] = success_map return self.response(dumps_networkapi(map)) else: old_healthchecks.reverse() for sp in server_pools: sp.healthcheck = old_healthchecks.pop() sp.save(user, commit=True) vip_old.save(user, commit=True) return self.response_error(2, stdout + stderr) except XMLError, x: self.log.error(u'Error reading the XML request.') return self.response_error(3, x)
def handle_put(self, request, user, *args, **kwargs): """Treat PUT requests to change reals_priority list of VIP. URLs: /vip/<id_vip>/priority/ """ self.log.info("Change list the reals_priority to VIP") try: vip_id = kwargs.get('id_vip') # Load XML data xml_map, attrs_map = loads(request.raw_post_data, ['reals_priority']) # XML data format networkapi_map = xml_map.get('networkapi') if networkapi_map is None: return self.response_error( 3, u'There is no value to the networkapi tag of XML request.' ) vip_map = networkapi_map.get('vip') if vip_map is None: return self.response_error( 3, u'There is no value to the vip tag of XML request.') # User permission if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION): self.log.error( u'User does not have permission to perform the operation.') raise UserNotAuthorizedError(None) # Valid Vip ID if not is_valid_int_greater_zero_param(vip_id): self.log.error( u'The vip_id parameter is not a valid value: %s.', vip_id) raise InvalidValueError(None, 'vip_id', vip_id) # Valid reals_prioritys reals_prioritys_map = vip_map.get('reals_prioritys') if (reals_prioritys_map is not None): reals_priority_map = reals_prioritys_map.get('reals_priority') if (reals_priority_map is not None): # Valid values of reals_priority for reals_priority in reals_priority_map: if not is_valid_int_greater_equal_zero_param( reals_priority): self.log.error( u'The reals_priority parameter is not a valid value: %s.', reals_priority) raise InvalidValueError(None, 'reals_priority', reals_priority) if len(reals_priority_map) > 0: vip_map = RequisicaoVips.is_valid_values_reals_priority( reals_priority_map) else: self.log.error( u'The reals_priority_map parameter is not a valid value: %s.', reals_priority_map) raise InvalidValueError(None, 'reals_priority_map', reals_priority_map) else: self.log.error( u'The reals_priority parameter is not a valid value: %s.', reals_priority_map) raise InvalidValueError(None, 'reals_priority', reals_priority_map) else: self.log.error( u'The reals_prioritys parameter is not a valid value: %s.', reals_prioritys_map) raise InvalidValueError(None, 'reals_prioritys', reals_prioritys_map) # Existing Vip ID vip = RequisicaoVips.get_by_pk(vip_id) with distributedlock(LOCK_VIP % vip_id): vip_old = clone(vip) # Vip must be created if not vip.vip_criado: self.log.error( u'Priority can not be changed because VIP has not yet been created.' ) raise RequestVipsNotBeenCreatedError(None) # Vip equipments permission for ip_equipment in vip.ip.ipequipamento_set.all(): if not has_perm( user, AdminPermission.VIP_CREATE_SCRIPT, AdminPermission.WRITE_OPERATION, None, ip_equipment.equipamento_id, AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION): self.log.error( u'Groups of equipment registered with the IP of the VIP request is not allowed of acess.' ) raise EquipmentGroupsNotAuthorizedError(None) variables_map = vip.variables_to_map() # Valid list reals_server """if len(variables_map.get('reals').get('real')) != len(vip_map.get('reals_prioritys').get('reals_priority')): self.log.error(u'List the Reals_priority is higher or lower than list the real_server.') return self.response_error(272)""" variables_map['reals_prioritys'] = vip_map.get( 'reals_prioritys') vip.set_variables(variables_map) vip.save(user, commit=True) # gerador_vips -i <ID_REQUISICAO> --priority command = 'gerador_vips -i %d --priority' % vip.id code, stdout, stderr = exec_script(command) if code == 0: success_map = dict() success_map['codigo'] = '%04d' % code success_map['descricao'] = { 'stdout': stdout, 'stderr': stderr } map = dict() map['sucesso'] = success_map return self.response(dumps_networkapi(map)) else: vip_old.save(user, commit=True) return self.response_error(2, stdout + stderr) except XMLError, x: self.log.error(u'Error reading the XML request.') return self.response_error(3, x)
def handle_put(self, request, user, *args, **kwargs): """Treat PUT requests to change reals_priority list of VIP. URLs: /vip/<id_vip>/priority/ """ self.log.info("Change list the reals_priority to VIP") try: vip_id = kwargs.get('id_vip') # Load XML data xml_map, attrs_map = loads( request.raw_post_data, ['reals_priority']) # XML data format networkapi_map = xml_map.get('networkapi') if networkapi_map is None: return self.response_error(3, u'There is no value to the networkapi tag of XML request.') vip_map = networkapi_map.get('vip') if vip_map is None: return self.response_error(3, u'There is no value to the vip tag of XML request.') # User permission if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION): self.log.error( u'User does not have permission to perform the operation.') raise UserNotAuthorizedError(None) # Valid Vip ID if not is_valid_int_greater_zero_param(vip_id): self.log.error( u'The vip_id parameter is not a valid value: %s.', vip_id) raise InvalidValueError(None, 'vip_id', vip_id) # Valid reals_prioritys reals_prioritys_map = vip_map.get('reals_prioritys') if (reals_prioritys_map is not None): reals_priority_map = reals_prioritys_map.get('reals_priority') if (reals_priority_map is not None): # Valid values of reals_priority for reals_priority in reals_priority_map: if not is_valid_int_greater_equal_zero_param(reals_priority): self.log.error( u'The reals_priority parameter is not a valid value: %s.', reals_priority) raise InvalidValueError( None, 'reals_priority', reals_priority) if len(reals_priority_map) > 0: vip_map = RequisicaoVips.is_valid_values_reals_priority( reals_priority_map) else: self.log.error( u'The reals_priority_map parameter is not a valid value: %s.', reals_priority_map) raise InvalidValueError( None, 'reals_priority_map', reals_priority_map) else: self.log.error( u'The reals_priority parameter is not a valid value: %s.', reals_priority_map) raise InvalidValueError( None, 'reals_priority', reals_priority_map) else: self.log.error( u'The reals_prioritys parameter is not a valid value: %s.', reals_prioritys_map) raise InvalidValueError( None, 'reals_prioritys', reals_prioritys_map) # Existing Vip ID vip = RequisicaoVips.get_by_pk(vip_id) with distributedlock(LOCK_VIP % vip_id): vip_old = clone(vip) # Vip must be created if not vip.vip_criado: self.log.error( u'Priority can not be changed because VIP has not yet been created.') raise RequestVipsNotBeenCreatedError(None) # Vip equipments permission for ip_equipment in vip.ip.ipequipamento_set.all(): if not has_perm(user, AdminPermission.VIP_CREATE_SCRIPT, AdminPermission.WRITE_OPERATION, None, ip_equipment.equipamento_id, AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION): self.log.error( u'Groups of equipment registered with the IP of the VIP request is not allowed of acess.') raise EquipmentGroupsNotAuthorizedError(None) variables_map = vip.variables_to_map() # Valid list reals_server """if len(variables_map.get('reals').get('real')) != len(vip_map.get('reals_prioritys').get('reals_priority')): self.log.error(u'List the Reals_priority is higher or lower than list the real_server.') return self.response_error(272)""" variables_map['reals_prioritys'] = vip_map.get( 'reals_prioritys') vip.set_variables(variables_map) vip.save(user, commit=True) # gerador_vips -i <ID_REQUISICAO> --priority command = 'gerador_vips -i %d --priority' % vip.id code, stdout, stderr = exec_script(command) if code == 0: success_map = dict() success_map['codigo'] = '%04d' % code success_map['descricao'] = { 'stdout': stdout, 'stderr': stderr} map = dict() map['sucesso'] = success_map return self.response(dumps_networkapi(map)) else: vip_old.save(user, commit=True) return self.response_error(2, stdout + stderr) except XMLError, x: self.log.error(u'Error reading the XML request.') return self.response_error(3, x)
def handle_put(self, request, user, *args, **kwargs): """Treat requests PUT change limit connections to VIP. URLs: /vip/<id_vip>/maxcon/<maxcon>/ """ self.log.info('Change limit connections to VIP') try: vip_id = kwargs.get('id_vip') maxcon = kwargs.get('maxcon') # User permission if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION): self.log.error( u'User does not have permission to perform the operation.') raise UserNotAuthorizedError(None) # Valid Vip ID if not is_valid_int_greater_zero_param(vip_id): self.log.error( u'The vip_id parameter is not a valid value: %s.', vip_id) raise InvalidValueError(None) # Valid Maxcon if not is_valid_int_greater_equal_zero_param(maxcon): self.log.error( u'The maxcon parameter is not a valid value: %s.', maxcon) raise InvalidValueError(None) # Existing Vip ID vip = RequisicaoVips.get_by_pk(vip_id) with distributedlock(LOCK_VIP % vip_id): vip_old = clone(vip) server_pools = ServerPool.objects.filter( vipporttopool__requisicao_vip=vip) server_pools_old = [] server_pools_members_old = [] for sp in server_pools: server_pools_old.append(sp) for spm in sp.serverpoolmember_set.all(): server_pools_members_old.append(spm) # Vip must be created if not vip.vip_criado: self.log.error( u'Maxcon can not be changed because VIP has not yet been created.') raise RequestVipsNotBeenCreatedError(None) # Vip equipments permission if vip.ip is not None: for ip_equipment in vip.ip.ipequipamento_set.all(): if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION, None, ip_equipment.equipamento_id, AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION): self.log.error( u'Groups of equipment registered with the IP of the VIP request is not allowed of acess.') raise EquipmentGroupsNotAuthorizedError(None) if vip.ipv6 is not None: for ip_equipment in vip.ipv6.ipv6equipament_set.all(): if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION, None, ip_equipment.equipamento_id, AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION): self.log.error( u'Groups of equipment registered with the IP of the VIP request is not allowed of acess.') raise EquipmentGroupsNotAuthorizedError(None) # Get variables variables_map = vip.variables_to_map() # Valid variables vip.set_variables(variables_map) # Valid real names and real ips of real server if variables_map.get('reals') is not None: evip = EnvironmentVip.get_by_values(variables_map.get( 'finalidade'), variables_map.get('cliente'), variables_map.get('ambiente')) for real in variables_map.get('reals').get('real'): ip_aux_error = real.get('real_ip') equip_aux_error = real.get('real_name') equip = Equipamento.get_by_name(equip_aux_error) # Valid Real RequisicaoVips.valid_real_server( ip_aux_error, equip, evip) # Valid reals_prioritys variables_map, code = vip.valid_values_reals_priority( variables_map) if code is not None: return self.response_error(329) # Valid reals_weight variables_map, code = vip.valid_values_reals_weight( variables_map) if code is not None: return self.response_error(330) # Valid ports variables_map, code = vip.valid_values_ports(variables_map) if code is not None: return self.response_error(331) variables_map['maxcon'] = maxcon vip.set_variables(variables_map) vip.save(user, commit=True) # update server pool limits table # Fix #27 server_pools = ServerPool.objects.filter( vipporttopool__requisicao_vip=vip) for sp in server_pools: # If exists pool member, change default maxconn of pool and # members if(len(sp.serverpoolmember_set.all()) > 0): # if(old_maxconn != sp.default_limit and # sp.pool_created): sp.default_limit = maxcon sp.save(user, commit=True) for serverpoolmember in sp.serverpoolmember_set.all(): serverpoolmember.limit = maxcon serverpoolmember.save(user, commit=True) # gerador_vips -i <ID_REQUISICAO> --maxconn command = 'gerador_vips -i %d --maxconn' % vip.id code, stdout, stderr = exec_script(command) if code == 0: success_map = dict() success_map['codigo'] = '%04d' % code success_map['descricao'] = { 'stdout': stdout, 'stderr': stderr} map = dict() map['sucesso'] = success_map return self.response(dumps_networkapi(map)) else: # TODO Check if is needed to update pool members separately vip_old.save(user, commit=True) for sp in server_pools_old: sp.save(user, commit=True) for spm in server_pools_members_old: spm.save(user, commit=True) return self.response_error(2, stdout + stderr) except XMLError, x: self.log.error(u'Error reading the XML request.') return self.response_error(3, x)
def check_filter_use(new_filter_id, env): from networkapi.equipamento.models import EquipamentoAmbiente from networkapi.ip.models import NetworkIPv4, NetworkIPv6 from networkapi.vlan.models import Vlan try: # Check existence of new filter new_fil = Filter.objects.get(pk=new_filter_id) except ObjectDoesNotExist: new_fil = None pass # Filters old_fil = env.filter if old_fil is not None: # Envs using old filter envs_old_filter = old_fil.ambiente_set.all() # Vlans in listed envs vlans = list() for env_old_filter in envs_old_filter: for vlan in env_old_filter.vlan_set.all(): vlans.append(vlan) # Nets in vlan nets_ipv4 = list() nets_ipv6 = list() for vlan in vlans: for net in vlan.networkipv4_set.all(): nets_ipv4.append({'net': net, 'vlan_env': vlan.ambiente}) for net in vlan.networkipv6_set.all(): nets_ipv6.append({'net': net, 'vlan_env': vlan.ambiente}) # Verify subnet ipv4 for i in range(0, len(nets_ipv4)): net = nets_ipv4[i].get('net') ip = '%s.%s.%s.%s/%s' % (net.oct1, net.oct2, net.oct3, net.oct4, net.block) network_ip_verify = IPNetwork(ip) nets_ipv4_aux = clone(nets_ipv4) nets_ipv4_aux.remove(nets_ipv4[i]) if verify_subnet_and_equip(nets_ipv4_aux, network_ip_verify, 'v4', net, nets_ipv4[i].get('vlan_env')): env_aux_id = nets_ipv4[i].get('vlan_env').id if env.id == env_aux_id: raise CannotDissociateFilterError( old_fil.name, u'Filter %s cannot be dissociated, its in use.' % old_fil.name) # Verify subnet ipv6 for i in range(0, len(nets_ipv6)): net = nets_ipv6[i].get('net') ip = '%s:%s:%s:%s:%s:%s:%s:%s/%d' % ( net.block1, net.block2, net.block3, net.block4, net.block5, net.block6, net.block7, net.block8, net.block) network_ip_verify = IPNetwork(ip) nets_ipv6_aux = clone(nets_ipv6) nets_ipv6_aux.remove(nets_ipv6[i]) if verify_subnet_and_equip(nets_ipv6_aux, network_ip_verify, 'v6', net, nets_ipv6[i].get('vlan_env')): env_aux_id = nets_ipv6[i].get('vlan_env').id if env.id == env_aux_id: raise CannotDissociateFilterError( old_fil.name, u'Filter %s cannot be dissociated, its in use.' % old_fil.name) old_tp_equips = [ fet.equiptype.id for fet in old_fil.filterequiptype_set.all() ] if new_fil is not None: new_tp_equips = [ fet.equiptype.id for fet in new_fil.filterequiptype_set.all() ] else: new_tp_equips = [] # EquipTypes being excluded, check for these in environments diff_tp_equips = list(set(old_tp_equips) - set(new_tp_equips)) # Check equipments with type in diff, associated to this environment if len(diff_tp_equips) > 0: # Filter case 1 and 2 # Check for networks with same ip range nets_same_range = NetworkIPv4.objects.values( 'oct1', 'oct2', 'oct3', 'oct4', 'block').annotate(count=Count('id')).filter(count__gt=1) if len(nets_same_range) > 0: for net_gp in nets_same_range: nets_current_range = NetworkIPv4.objects.filter( oct1=net_gp['oct1'], oct2=net_gp['oct2'], oct3=net_gp['oct3'], oct4=net_gp['oct4'], block=net_gp['block']) envs_of_nets = [ net_crt.vlan.ambiente.id for net_crt in nets_current_range ] if env.id in envs_of_nets: eqas = EquipamentoAmbiente.objects.filter( equipamento__tipo_equipamento__in=diff_tp_equips, ambiente=env.id) equips_in_env = [eqa.equipamento.id for eqa in eqas] # Get other environments with these equips other_envs = [ eqa.ambiente.id for eqa in EquipamentoAmbiente.objects.filter( equipamento__in=equips_in_env, ambiente__in=envs_of_nets).exclude( ambiente=env.id) ] if len(other_envs) > 0: raise CannotDissociateFilterError( old_fil.name, u'Filter %s cannot be dissociated, its in use.' % old_fil.name) # Check for networks v6 with same ip range nets_same_range_v6 = NetworkIPv6.objects.values( 'block1', 'block2', 'block3', 'block4', 'block5', 'block6', 'block7', 'block8', 'block').annotate(count=Count('id')).filter(count__gt=1) if len(nets_same_range_v6) > 0: for net_gp in nets_same_range_v6: nets_current_range = NetworkIPv6.objects.filter( block1=net_gp['block1'], block2=net_gp['block2'], block3=net_gp['block3'], block4=net_gp['block4'], block5=net_gp['block5'], block6=net_gp['block6'], block7=net_gp['block7'], block8=net_gp['block8'], block=net_gp['block']) envs_of_nets = [ net_crt.vlan.ambiente.id for net_crt in nets_current_range ] if env.id in envs_of_nets: eqas = EquipamentoAmbiente.objects.filter( equipamento__tipo_equipamento__in=diff_tp_equips, ambiente=env.id) equips_in_env = [eqa.equipamento.id for eqa in eqas] # Get other environments with these equips other_envs = [ eqa.ambiente.id for eqa in EquipamentoAmbiente.objects.filter( equipamento__in=equips_in_env, ambiente__in=envs_of_nets).exclude( ambiente=env.id) ] if len(other_envs) > 0: raise CannotDissociateFilterError( old_fil.name, u'Filter %s cannot be dissociated, its in use.' % old_fil.name) # End of filter case 1 and 2 # Filter case 3 # Get vlans with same number vlans_same_number = Vlan.objects.values('num_vlan').annotate( count=Count('id')).filter(count__gt=1) if len(vlans_same_number) > 0: for vlan_gp in vlans_same_number: vlans_current_number = Vlan.objects.filter( num_vlan=vlan_gp['num_vlan']) envs_of_vlans = [ vlan.ambiente.id for vlan in vlans_current_number ] if env.id in envs_of_vlans: eqas = EquipamentoAmbiente.objects.filter( ambiente=env.id) equips_in_env = [eqa.equipamento.id for eqa in eqas] # Get other environments with these equips other_envs = [ eqa.ambiente.id for eqa in EquipamentoAmbiente.objects.filter( equipamento__in=equips_in_env, ambiente__in=envs_of_vlans).exclude( ambiente=env.id) ] if len(other_envs) > 0: raise CannotDissociateFilterError( old_fil.name, u'Filter %s cannot be dissociated, its in use.' % old_fil.name) env.filter = new_fil return env
def handle_put(self, request, user, *args, **kwargs): """ Handles PUT requests to change the VIP's persistence. URL: vip/<id_vip>/persistence """ self.log.info("Change VIP's persistence") try: # Commons Validations # User permission if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION): self.log.error( u'User does not have permission to perform the operation.') raise UserNotAuthorizedError(None) # Valid Vip ID vip_id = kwargs.get('id_vip') if not is_valid_int_greater_zero_param(vip_id): self.log.error( u'The vip_id parameter is not a valid value: %s.', vip_id) raise InvalidValueError(None) # Existing Vip ID vip = RequisicaoVips.get_by_pk(vip_id) with distributedlock(LOCK_VIP % vip_id): vip_old = clone(vip) # Vip must be created if not vip.vip_criado: self.log.error( u'Persistence can not be changed because VIP has not yet been created.') raise RequestVipsNotBeenCreatedError(None) # Vip equipments permission if vip.ip is not None: for ip_equipment in vip.ip.ipequipamento_set.all(): if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION, None, ip_equipment.equipamento_id, AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION): self.log.error( u'Groups of equipment registered with the IP of the VIP request is not allowed of acess.') raise EquipmentGroupsNotAuthorizedError(None) if vip.ipv6 is not None: for ip_equipment in vip.ipv6.ipv6equipament_set.all(): if not has_perm(user, AdminPermission.VIP_ALTER_SCRIPT, AdminPermission.WRITE_OPERATION, None, ip_equipment.equipamento_id, AdminPermission.EQUIP_UPDATE_CONFIG_OPERATION): self.log.error( u'Groups of equipment registered with the IP of the VIP request is not allowed of acess.') raise EquipmentGroupsNotAuthorizedError(None) # Business Validations # Load XML data xml_map, attrs_map = loads(request.raw_post_data) # XML data format networkapi_map = xml_map.get('networkapi') if networkapi_map is None: return self.response_error(3, u'There is no value to the networkapi tag of XML request.') vip_map = networkapi_map.get('vip') if vip_map is None: return self.response_error(3, u'There is no value to the vip tag of XML request.') # Get variables variables_map = vip.variables_to_map() # validation of persistence type is doing by set_variables persistence = vip_map.get('persistencia', None) variables_map['persistencia'] = persistence # Set variables vip.set_variables(variables_map) # Save VIP vip.save(user, commit=True) # SYNC_VIP old_to_new(vip) # Executar script # gerador_vips -i <ID_REQUISICAO> --healthcheck command = 'gerador_vips -i %d --persistence' % vip.id code, stdout, stderr = exec_script(command) if code == 0: success_map = dict() success_map['codigo'] = '%04d' % code success_map['descricao'] = { 'stdout': stdout, 'stderr': stderr} map = dict() map['sucesso'] = success_map return self.response(dumps_networkapi(map)) else: vip_old.save(user, commit=True) return self.response_error(2, stdout + stderr) except XMLError, x: self.log.error(u'Error reading the XML request.') return self.response_error(3, x)