def _get_valid_inused_flag(self, request, id): if id in ['floatingips']: filters = api_common.get_filters(request, {}, ['in-used']) in_used = filters.get('in_used', ['nocare'])[0] return in_used
def _items(self, request, do_authz=False, parent_id=None): """Retrieves and formats a list of elements of the requested entity.""" # NOTE(salvatore-orlando): The following ensures that fields which # are needed for authZ policy validation are not stripped away by the # plugin before returning. original_fields, fields_to_add = self._do_field_list( api_common.list_args(request, 'fields')) filters = api_common.get_filters(request, self._attr_info, [ 'fields', 'sort_key', 'sort_dir', 'limit', 'marker', 'page_reverse' ]) kwargs = {'filters': filters, 'fields': original_fields} sorting_helper = self._get_sorting_helper(request) pagination_helper = self._get_pagination_helper(request) sorting_helper.update_args(kwargs) sorting_helper.update_fields(original_fields, fields_to_add) pagination_helper.update_args(kwargs) pagination_helper.update_fields(original_fields, fields_to_add) if parent_id: kwargs[self._parent_id_name] = parent_id obj_getter = getattr(self._plugin, self._plugin_handlers[self.LIST]) obj_list = obj_getter(request.context, **kwargs) obj_list = sorting_helper.sort(obj_list) obj_list = pagination_helper.paginate(obj_list) # Check authz if do_authz: # FIXME(salvatore-orlando): obj_getter might return references to # other resources. Must check authZ on them too. # Omit items from list that should not be visible obj_list = [ obj for obj in obj_list if policy.check(request.context, self._plugin_handlers[self.SHOW], obj, plugin=self._plugin, pluralized=self._collection) ] # Use the first element in the list for discriminating which attributes # should be filtered out because of authZ policies # fields_to_add contains a list of attributes added for request policy # checks but that were not required by the user. They should be # therefore stripped fields_to_strip = fields_to_add or [] if obj_list: fields_to_strip += self._exclude_attributes_by_policy( request.context, obj_list[0]) collection = { self._collection: [ self._filter_attributes(request.context, obj, fields_to_strip=fields_to_strip) for obj in obj_list ] } pagination_links = pagination_helper.get_links(obj_list) if pagination_links: collection[self._collection + "_links"] = pagination_links # Synchronize usage trackers, if needed resource_registry.resync_resource(request.context, self._resource, request.context.tenant_id) return collection
def _items(self, request, do_authz=False, parent_id=None): """Retrieves and formats a list of elements of the requested entity.""" # NOTE(salvatore-orlando): The following ensures that fields which # are needed for authZ policy validation are not stripped away by the # plugin before returning. original_fields, fields_to_add = self._do_field_list( api_common.list_args(request, 'fields')) filters = api_common.get_filters( request, self._attr_info, ['fields', 'sort_key', 'sort_dir', 'limit', 'marker', 'page_reverse'], is_filter_validation_supported=self._filter_validation) kwargs = {'filters': filters, 'fields': original_fields} sorting_helper = self._get_sorting_helper(request) pagination_helper = self._get_pagination_helper(request) sorting_helper.update_args(kwargs) sorting_helper.update_fields(original_fields, fields_to_add) pagination_helper.update_args(kwargs) pagination_helper.update_fields(original_fields, fields_to_add) if parent_id: kwargs[self._parent_id_name] = parent_id obj_getter = getattr(self._plugin, self._plugin_handlers[self.LIST]) obj_list = obj_getter(request.context, **kwargs) obj_list = sorting_helper.sort(obj_list) obj_list = pagination_helper.paginate(obj_list) # Check authz if do_authz: # FIXME(salvatore-orlando): obj_getter might return references to # other resources. Must check authZ on them too. # Omit items from list that should not be visible tmp_list = [] for obj in obj_list: self._set_parent_id_into_ext_resources_request( request, obj, parent_id, is_get=True) if policy.check( request.context, self._plugin_handlers[self.SHOW], obj, plugin=self._plugin, pluralized=self._collection): tmp_list.append(obj) obj_list = tmp_list # Use the first element in the list for discriminating which attributes # should be filtered out because of authZ policies # fields_to_add contains a list of attributes added for request policy # checks but that were not required by the user. They should be # therefore stripped fields_to_strip = fields_to_add or [] if obj_list: fields_to_strip += self._exclude_attributes_by_policy( request.context, obj_list[0]) collection = {self._collection: [self._filter_attributes(obj, fields_to_strip=fields_to_strip) for obj in obj_list]} pagination_links = pagination_helper.get_links(obj_list) if pagination_links: collection[self._collection + "_links"] = pagination_links # Synchronize usage trackers, if needed resource_registry.resync_resource( request.context, self._resource, request.context.tenant_id) return collection
def _get_valid_inused_flag(self, request, id): if id in ['floatingips'] : filters = api_common.get_filters(request, {}, ['in-used']) in_used = filters.get('in_used', ['nocare'])[0] return in_used
def delete(self, request, id, **kwargs): """Deletes the specified entity.""" self._notifier.info(request.context, self._resource + '.delete.start', {self._resource + '_id': id}) action = self._plugin_handlers[self.DELETE] # Check authz policy.init() parent_id = kwargs.get(self._parent_id_name) obj = self._item(request, id, parent_id=parent_id) try: policy.enforce(request.context, action, obj) except exceptions.PolicyNotAuthorized: with excutils.save_and_reraise_exception() as ctxt: # if the tenant id is same, reraise # otherwise pretend if request.context.tenant_id != obj['tenant_id']: ctxt.reraise = False # To avoid giving away information, pretend that it # doesn't exist msg = _('The resource could not be found.') raise webob.exc.HTTPNotFound(msg) filters = api_common.get_filters( request, self._attr_info, keeps_pre='_x_') if not kwargs: kwargs = {} if filters: kwargs['filters'] = filters obj_deleter = getattr(self._plugin, action) if kwargs: obj_deleter(request.context, id, **kwargs) else: obj_deleter(request.context, id) result = {self._resource: self._view(request.context, obj)} notifier_method = self._resource + '.delete.end' delete_notification_dict = result.copy() delete_notification_dict[self._resource + '_id'] = id data = {} for attr, attr_vals in self._attr_info.iteritems(): delete_notification = attr_vals.get('delete_notification') if delete_notification: data[attr] = obj[attr] if data: delete_notification_dict['_x_data'] = data self._notifier.info(request.context, notifier_method, delete_notification_dict) self._send_nova_notification(action, {}, result) self._send_dhcp_notification(request.context, result, notifier_method)
def _get_method(self, request): filters = api_common.get_filters(request, {}, ['method']) if 'action' not in filters: raise ResourceMethodNotFound(method=None) method = filters.get('action')[0] counter_method = CONTROLLER_LIST_MAP.keys() if method not in counter_method: raise ResourceMethodNotFound(method=method) return method
def delete(self, request, id, **kwargs): """Deletes the specified entity.""" self._notifier.info(request.context, self._resource + '.delete.start', {self._resource + '_id': id}) action = self._plugin_handlers[self.DELETE] # Check authz policy.init() parent_id = kwargs.get(self._parent_id_name) obj = self._item(request, id, parent_id=parent_id) try: policy.enforce(request.context, action, obj) except exceptions.PolicyNotAuthorized: with excutils.save_and_reraise_exception() as ctxt: # if the tenant id is same, reraise # otherwise pretend if request.context.tenant_id != obj['tenant_id']: ctxt.reraise = False # To avoid giving away information, pretend that it # doesn't exist msg = _('The resource could not be found.') raise webob.exc.HTTPNotFound(msg) filters = api_common.get_filters(request, self._attr_info, keeps_pre='_x_') if not kwargs: kwargs = {} if filters: kwargs['filters'] = filters obj_deleter = getattr(self._plugin, action) if kwargs: obj_deleter(request.context, id, **kwargs) else: obj_deleter(request.context, id) result = {self._resource: self._view(request.context, obj)} notifier_method = self._resource + '.delete.end' delete_notification_dict = result.copy() delete_notification_dict[self._resource + '_id'] = id data = {} for attr, attr_vals in self._attr_info.iteritems(): delete_notification = attr_vals.get('delete_notification') if delete_notification: data[attr] = obj[attr] if data: delete_notification_dict['_x_data'] = data self._notifier.info(request.context, notifier_method, delete_notification_dict) self._send_nova_notification(action, {}, result) self._send_dhcp_notification(request.context, result, notifier_method)
def _items(self, request, do_authz=False, parent_id=None): """Retrieves and formats a list of elements of the requested entity.""" # NOTE(salvatore-orlando): The following ensures that fields which # are needed for authZ policy validation are not stripped away by the # plugin before returning. original_fields, fields_to_add = self._do_field_list(api_common.list_args(request, "fields")) filters = api_common.get_filters( request, self._attr_info, ["fields", "sort_key", "sort_dir", "limit", "marker", "page_reverse"] ) kwargs = {"filters": filters, "fields": original_fields} sorting_helper = self._get_sorting_helper(request) pagination_helper = self._get_pagination_helper(request) sorting_helper.update_args(kwargs) sorting_helper.update_fields(original_fields, fields_to_add) pagination_helper.update_args(kwargs) pagination_helper.update_fields(original_fields, fields_to_add) if parent_id: kwargs[self._parent_id_name] = parent_id obj_getter = getattr(self._plugin, self._plugin_handlers[self.LIST]) obj_list = obj_getter(request.context, **kwargs) obj_list = sorting_helper.sort(obj_list) obj_list = pagination_helper.paginate(obj_list) # Check authz if do_authz: # FIXME(salvatore-orlando): obj_getter might return references to # other resources. Must check authZ on them too. # Omit items from list that should not be visible obj_list = [ obj for obj in obj_list if policy.check(request.context, self._plugin_handlers[self.SHOW], obj, plugin=self._plugin) ] # Use the first element in the list for discriminating which attributes # should be filtered out because of authZ policies # fields_to_add contains a list of attributes added for request policy # checks but that were not required by the user. They should be # therefore stripped fields_to_strip = fields_to_add or [] if obj_list: fields_to_strip += self._exclude_attributes_by_policy(request.context, obj_list[0]) collection = { self._collection: [ self._filter_attributes(request.context, obj, fields_to_strip=fields_to_strip) for obj in obj_list ] } pagination_links = pagination_helper.get_links(obj_list) if pagination_links: collection[self._collection + "_links"] = pagination_links return collection
def _items(self, request, do_authz=False, parent_id=None): """Retrieves and formats a list of elements of the requested entity.""" # NOTE(salvatore-orlando): The following ensures that fields which # are needed for authZ policy validation are not stripped away by the # plugin before returning. original_fields, fields_to_add = self._do_field_list( api_common.list_args(request, 'fields')) filters = api_common.get_filters(request, self._attr_info, [ 'fields', 'sort_key', 'sort_dir', 'limit', 'marker', 'page_reverse' ]) kwargs = {'filters': filters, 'fields': original_fields} sorting_helper = self._get_sorting_helper(request) pagination_helper = self._get_pagination_helper(request) sorting_helper.update_args(kwargs) sorting_helper.update_fields(original_fields, fields_to_add) pagination_helper.update_args(kwargs) pagination_helper.update_fields(original_fields, fields_to_add) if parent_id: kwargs[self._parent_id_name] = parent_id obj_getter = getattr(self._plugin, self._plugin_handlers[self.LIST]) obj_list = obj_getter(request.context, **kwargs) obj_list = sorting_helper.sort(obj_list) obj_list = pagination_helper.paginate(obj_list) # Check authz if do_authz: # FIXME(salvatore-orlando): obj_getter might return references to # other resources. Must check authZ on them too. # Omit items from list that should not be visible obj_list = [ obj for obj in obj_list if policy.check(request.context, self._plugin_handlers[self.SHOW], obj, plugin=self._plugin) ] collection = { self._collection: [ self._view(request.context, obj, fields_to_strip=fields_to_add) for obj in obj_list ] } pagination_links = pagination_helper.get_links(obj_list) if pagination_links: collection[self._collection + "_links"] = pagination_links return collection
def _items(self, request, do_authz=False, parent_id=None): """Retrieves and formats a list of elements of the requested entity.""" # NOTE(salvatore-orlando): The following ensures that fields which # are needed for authZ policy validation are not stripped away by the # plugin before returning. original_fields, fields_to_add = self._do_field_list( api_common.list_args(request, 'fields')) filters = api_common.get_filters(request, self._attr_info, ['fields', 'sort_key', 'sort_dir', 'limit', 'marker', 'page_reverse']) kwargs = {'filters': filters, 'fields': original_fields} sorting_helper = self._get_sorting_helper(request) pagination_helper = self._get_pagination_helper(request) sorting_helper.update_args(kwargs) sorting_helper.update_fields(original_fields, fields_to_add) pagination_helper.update_args(kwargs) pagination_helper.update_fields(original_fields, fields_to_add) if parent_id: kwargs[self._parent_id_name] = parent_id obj_getter = getattr(self._plugin, self._plugin_handlers[self.LIST]) obj_list = obj_getter(request.context, **kwargs) obj_list = sorting_helper.sort(obj_list) obj_list = pagination_helper.paginate(obj_list) # Check authz if do_authz: # FIXME(salvatore-orlando): obj_getter might return references to # other resources. Must check authZ on them too. # Omit items from list that should not be visible obj_list = [obj for obj in obj_list if policy.check(request.context, self._plugin_handlers[self.SHOW], obj, plugin=self._plugin)] collection = {self._collection: [self._view(request.context, obj, fields_to_strip=fields_to_add) for obj in obj_list]} pagination_links = pagination_helper.get_links(obj_list) if pagination_links: collection[self._collection + "_links"] = pagination_links return collection
def _items(self, request, do_authz=False, parent_id=None): """Retrieves and formats a list of elements of the requested entity.""" # NOTE(salvatore-orlando): The following ensures that fields which # are needed for authZ policy validation are not stripped away by the # plugin before returning. #brk(host="10.10.12.21", port=49175) original_fields, fields_to_add = self._do_field_list( api_common.list_args(request, 'fields')) #获取查询条件字段?? filters = api_common.get_filters(request, self._attr_info, [ 'fields', 'sort_key', 'sort_dir', 'limit', 'marker', 'page_reverse', 'offset' ]) # ### add by xm at 2015.9.22 权限控制 # #LOG.debug(_("111111 222 %s"), filters) # #LOG.debug(_("111111 222 context: %s"), request.context.__dict__) # if request.context.gc_resource_type == '0': # #LOG.debug(_("111111 222 context.user_id:%s gc_resource_type:%s"), request.context.user_id, request.context.gc_resource_type) # user_id = [request.context.user_id] # user_id = list(set(user_id) | set(filters.get("user_id", []))) # filters.update({"user_id": user_id}) # #LOG.debug(_("111111 222 ddd %s"), filters) # #LOG.debug(_("111111 222 %s"), filters) # ###end by xm #validate create_time_first and create_time_end api_common.validate_update_time_range(filters) kwargs = {'filters': filters, 'fields': original_fields} #according to filters params:only_statics ,get is_query_items is_query_items = self._get_is_query_detail_items_infos(filters) filters_copy = filters.copy() # first get resources count number by resources filters counter = self._get_items_count_by_filter(request=request, filters=filters_copy) collection = {} if is_query_items: #this function is not only statics #get resources items obj_list = None pagination_helper = None #change from counter >=0 to counter !=0 for no method of 'get_xxx_count' if (counter is not None and counter != 0) or (counter is None): obj_list, pagination_helper = self._get_items_by_filter_and_order_and_page( request=request, kwargs=kwargs, original_fields=original_fields, fields_to_add=fields_to_add, do_authz=do_authz, parent_id=parent_id) # Use the first element in the list for discriminating which attributes # should be filtered out because of authZ policies # fields_to_add contains a list of attributes added for request policy # checks but that were not required by the user. They should be # therefore stripped fields_to_strip = fields_to_add or [] if obj_list: fields_to_strip += self._exclude_attributes_by_policy( request.context, obj_list[0]) if obj_list: collection = { self._collection: [ self._filter_attributes( request.context, obj, fields_to_strip=fields_to_strip) for obj in obj_list ] } else: collection = {self._collection: []} counter = 0 if counter is not None and counter >= 0: collection["list"] = {"count": counter} #delete by luoyibing #pagination_links = pagination_helper.get_links(obj_list) #if pagination_links: # collection[self._collection + "_links"] = pagination_links return collection
def _items(self, request, do_authz=False, parent_id=None): """Retrieves and formats a list of elements of the requested entity.""" # NOTE(salvatore-orlando): The following ensures that fields which # are needed for authZ policy validation are not stripped away by the # plugin before returning. #brk(host="10.10.12.21", port=49175) original_fields, fields_to_add = self._do_field_list( api_common.list_args(request, 'fields')) #获取查询条件字段?? filters = api_common.get_filters(request, self._attr_info, ['fields', 'sort_key', 'sort_dir', 'limit', 'marker', 'page_reverse','offset']) # ### add by xm at 2015.9.22 权限控制 # #LOG.debug(_("111111 222 %s"), filters) # #LOG.debug(_("111111 222 context: %s"), request.context.__dict__) # if request.context.gc_resource_type == '0': # #LOG.debug(_("111111 222 context.user_id:%s gc_resource_type:%s"), request.context.user_id, request.context.gc_resource_type) # user_id = [request.context.user_id] # user_id = list(set(user_id) | set(filters.get("user_id", []))) # filters.update({"user_id": user_id}) # #LOG.debug(_("111111 222 ddd %s"), filters) # #LOG.debug(_("111111 222 %s"), filters) # ###end by xm #validate create_time_first and create_time_end api_common.validate_update_time_range(filters) kwargs = {'filters': filters, 'fields': original_fields} #according to filters params:only_statics ,get is_query_items is_query_items=self._get_is_query_detail_items_infos(filters) filters_copy=filters.copy() # first get resources count number by resources filters counter=self._get_items_count_by_filter(request=request,filters=filters_copy) collection={} if is_query_items :#this function is not only statics #get resources items obj_list=None pagination_helper=None #change from counter >=0 to counter !=0 for no method of 'get_xxx_count' if (counter is not None and counter != 0) or (counter is None): obj_list,pagination_helper = self._get_items_by_filter_and_order_and_page(request=request ,kwargs=kwargs, original_fields=original_fields ,fields_to_add=fields_to_add, do_authz=do_authz, parent_id=parent_id) # Use the first element in the list for discriminating which attributes # should be filtered out because of authZ policies # fields_to_add contains a list of attributes added for request policy # checks but that were not required by the user. They should be # therefore stripped fields_to_strip = fields_to_add or [] if obj_list: fields_to_strip += self._exclude_attributes_by_policy( request.context, obj_list[0]) if obj_list: collection = {self._collection: [self._filter_attributes( request.context, obj, fields_to_strip=fields_to_strip) for obj in obj_list]} else: collection = {self._collection:[]} counter=0 if counter is not None and counter>=0 : collection["list"]={"count":counter} #delete by luoyibing #pagination_links = pagination_helper.get_links(obj_list) #if pagination_links: # collection[self._collection + "_links"] = pagination_links return collection
def index(self, request, input_resources=None, **kwargs): counts = [] fields = request.params.dict_of_lists().get('fields', ()) for field in fields: if 'count:' in field: field_to_count = str(field).split('count:')[1] counts.append(field_to_count) request.GET.add(u'fields', field_to_count) LOG.info('Fileds to count: %s', counts) start = time.time() filters = api_common.get_filters(request, {}, [ 'fields', 'sort_key', 'sort_dir', 'limit', 'marker', 'page_reverse' ]) uos_resources = RESOURCE_PLUGIN_MAP.keys() resources = [] if input_resources: resources = [input_resources] elif filters and 'uos_resources' in filters and input_resources is None: resources = filters['uos_resources'] for name in resources: if name not in uos_resources: raise ResourceNotFound(name=name) if not resources: resources = uos_resources resources_set = set(resources) # NOTE(gongysh) shared is used since we maybe have # tenant_id in filters, but at the same time, we # want got shared resources for these tenants shared = request.GET.get('net_shared') if not shared: shared = request.GET.get('uos_shared') netflag = False subnetflag = False if shared: if ('networks' in resources_set): resources_set.remove('networks') netflag = True if ('subnets' in resources_set): resources_set.remove('subnets') subnetflag = True result = {} for name in resources_set: _start = time.time() controller = self._get_resource_controller(name) _result = controller.index(request) LOG.debug('performance %s, %.3f', name, time.time() - _start) if _result: result.update(_result) envstr = request.environ.get('QUERY_STRING') shared_resources = [] if netflag: shared_resources.append('networks') if subnetflag: shared_resources.append('subnets') for resource in shared_resources: _result = self._get_shared_resource(request, envstr, resource) if _result: result.update(_result) LOG.debug('performance end %.3f', time.time() - start) #NOTE(wwei): This part should abstract to a indival func for attr in counts: if len(result) is 1 and attr in result.values()[0][0]: for obj in result.values()[0]: obj['count:%s' % attr] = len(obj[attr]) elif attr == 'floatingips' and 'routers' in resources: new_req = request.copy() new_req.GET.clear() new_req.GET.add('fields', 'router_id') controller = self._get_resource_controller(attr) _result = controller.index(new_req).values()[0] _result_count = [] for item in _result: _result_count.append(item.get('router_id')) _result_set = set(_result_count) _result = {} for item in _result_set: _result[item] = _result_count.count(item) for router in result['routers']: router['count:%s' % attr] = _result.get(router['id'], 0) return result
def index(self, request, input_resources=None, **kwargs): counts = [] fields = request.params.dict_of_lists().get('fields', ()) for field in fields: if 'count:' in field: field_to_count = str(field).split('count:')[1] counts.append(field_to_count) request.GET.add(u'fields', field_to_count) LOG.info('Fileds to count: %s', counts) start = time.time() filters = api_common.get_filters(request, {}, ['fields', 'sort_key', 'sort_dir', 'limit', 'marker', 'page_reverse']) uos_resources = RESOURCE_PLUGIN_MAP.keys() resources = [] if input_resources: resources = [input_resources] elif filters and 'uos_resources' in filters and input_resources is None: resources = filters['uos_resources'] for name in resources: if name not in uos_resources: raise ResourceNotFound(name=name) if not resources: resources = uos_resources resources_set = set(resources) # NOTE(gongysh) shared is used since we maybe have # tenant_id in filters, but at the same time, we # want got shared resources for these tenants shared = request.GET.get('net_shared') if not shared: shared = request.GET.get('uos_shared') netflag = False subnetflag = False if shared: if ('networks' in resources_set): resources_set.remove('networks') netflag = True if ('subnets' in resources_set): resources_set.remove('subnets') subnetflag = True result = {} for name in resources_set: _start = time.time() controller = self._get_resource_controller(name) _result = controller.index(request) LOG.debug('performance %s, %.3f', name, time.time() - _start) if _result: result.update(_result) envstr = request.environ.get('QUERY_STRING') shared_resources = [] if netflag: shared_resources.append('networks') if subnetflag: shared_resources.append('subnets') for resource in shared_resources: _result = self._get_shared_resource(request, envstr, resource) if _result: result.update(_result) LOG.debug('performance end %.3f', time.time() - start) #NOTE(wwei): This part should abstract to a indival func for attr in counts: if len(result) is 1 and attr in result.values()[0][0]: for obj in result.values()[0]: obj['count:%s' % attr] = len(obj[attr]) elif attr == 'floatingips' and 'routers' in resources: new_req = request.copy() new_req.GET.clear() new_req.GET.add('fields', 'router_id') controller = self._get_resource_controller(attr) _result = controller.index(new_req).values()[0] _result_count = [] for item in _result: _result_count.append(item.get('router_id')) _result_set = set(_result_count) _result = {} for item in _result_set: _result[item] = _result_count.count(item) for router in result['routers']: router['count:%s' % attr] = _result.get(router['id'], 0) return result