def test_get_by_project(self):
self.mox.StubOutWithMock(db, "security_group_get_by_project")
db.security_group_get_by_project(self.context, "fake-project").AndReturn(fake_secgroups)
self.mox.ReplayAll()
secgroup_list = security_group.SecurityGroupList.get_by_project(self.context, "fake-project")
for i in range(len(fake_secgroups)):
self.assertIsInstance(secgroup_list[i], security_group.SecurityGroup)
self.assertEqual(fake_secgroups[i]["id"], secgroup_list[i]["id"])
def test_get_by_project(self):
self.mox.StubOutWithMock(db, 'security_group_get_by_project')
db.security_group_get_by_project(
self.context, 'fake-project').AndReturn(fake_secgroups)
self.mox.ReplayAll()
secgroup_list = security_group.SecurityGroupList.get_by_project(
self.context, 'fake-project')
for i in range(len(fake_secgroups)):
self.assertTrue(
isinstance(secgroup_list[i], security_group.SecurityGroup))
self.assertEqual(fake_secgroups[i]['id'], secgroup_list[i]['id'])
def test_get_by_project(self):
self.mox.StubOutWithMock(db, 'security_group_get_by_project')
db.security_group_get_by_project(self.context,
'fake-project').AndReturn(
fake_secgroups)
self.mox.ReplayAll()
secgroup_list = security_group.SecurityGroupList.get_by_project(
self.context, 'fake-project')
for i in range(len(fake_secgroups)):
self.assertTrue(isinstance(secgroup_list[i],
security_group.SecurityGroup))
self.assertEqual(fake_secgroups[i]['id'],
secgroup_list[i]['id'])
def index(self, req):
context = req.environ["nova.context"]
self.compute_api.ensure_default_security_group(context)
groups = db.security_group_get_by_project(context, context.project_id)
groups = [self._format_security_group(context, g) for g in groups]
return {"security_groups": list(sorted(groups, key=lambda k: (k["tenant_id"], k["name"])))}
def _refresh_security_mixins(self, extras):
"""
Registers security groups as security mixins
"""
# ensures that preexisting openstack security groups are
# added and only once.
# collect these and add them to an exclusion list so they're
# not created again when listing non-user-defined sec. groups
excld_grps = []
for cat in self.registry.get_categories(extras):
if (isinstance(cat, core_model.Mixin) and
os_addon.SEC_GROUP in cat.related):
excld_grps.append(cat.term)
groups = db.security_group_get_by_project(extras['nova_ctx'],
extras['nova_'
'ctx'].project_id)
sec_grp = 'http://schemas.openstack.org/infrastructure/security/group#'
for group in groups:
if group['name'] not in excld_grps:
sec_mix = os_mixins.UserSecurityGroupMixin(
term=str(group["id"]),
scheme=sec_grp,
related=[os_addon.SEC_GROUP],
attributes=None,
title=group['name'],
location='/security/' + quote(str(group['name'])) + '/')
try:
self.registry.get_backend(sec_mix, extras)
except AttributeError:
self.register_backend(sec_mix, MIXIN_BACKEND)
def _refresh_security_mixins(self, extras):
"""
Registers security groups as security mixins
"""
# ensures that preexisting openstack security groups are
# added and only once.
# collect these and add them to an exclusion list so they're
# not created again when listing non-user-defined sec. groups
excld_grps = []
for cat in self.registry.get_categories(extras):
if (isinstance(cat, core_model.Mixin)
and os_addon.SEC_GROUP in cat.related):
excld_grps.append(cat.term)
groups = db.security_group_get_by_project(
extras['nova_ctx'], extras['nova_'
'ctx'].project_id)
sec_grp = 'http://schemas.openstack.org/infrastructure/security/group#'
for group in groups:
if group['name'] not in excld_grps:
sec_mix = os_mixins.UserSecurityGroupMixin(
term=str(group["id"]),
scheme=sec_grp,
related=[os_addon.SEC_GROUP],
attributes=None,
title=group['name'],
location='/security/' + quote(str(group['name'])) + '/')
try:
self.registry.get_backend(sec_mix, extras)
except AttributeError:
self.register_backend(sec_mix, MIXIN_BACKEND)
def scrub(self, project_id):
"""Deletes data associated with project."""
admin_context = context.get_admin_context()
networks = db.project_get_networks(admin_context, project_id)
for network in networks:
db.network_disassociate(admin_context, network['id'])
groups = db.security_group_get_by_project(admin_context, project_id)
for group in groups:
db.security_group_destroy(admin_context, group['id'])
def index(self, req):
context = req.environ['nova.context']
self.compute_api.ensure_default_security_group(context)
groups = db.security_group_get_by_project(context,
context.project_id)
groups = [self._format_security_group(context, g) for g in groups]
return {'security_groups':
list(sorted(groups,
key=lambda k: (k['tenant_id'], k['name'])))}
def index(self, req):
"""Returns a list of security groups"""
context = req.environ["nova.context"]
authorize(context)
self.compute_api.ensure_default_security_group(context)
groups = db.security_group_get_by_project(context, context.project_id)
limited_list = common.limited(groups, req)
result = [self._format_security_group(context, group) for group in limited_list]
return {"security_groups": list(sorted(result, key=lambda k: (k["tenant_id"], k["name"])))}
def index(self, req):
context = req.environ['nova.context']
self.compute_api.ensure_default_security_group(context)
if context.is_admin:
groups = db.security_group_get_all(context)
else:
groups = db.security_group_get_by_project(context,
context.project_id)
groups = [self._format_security_group(context, g) for g in groups]
return {'security_groups':
list(sorted(groups,
key=lambda k: (k['tenant_id'], k['name'])))}
def index(self, req):
"""Returns a list of security groups"""
context = req.environ['nova.context']
self.compute_api.ensure_default_security_group(context)
groups = db.security_group_get_by_project(context,
context.project_id)
limited_list = common.limited(groups, req)
result = [self._format_security_group(context, group)
for group in limited_list]
return {'security_groups':
list(sorted(result,
key=lambda k: (k['tenant_id'], k['name'])))}
def describe_security_groups(self, context, group_name=None, **kwargs):
self.compute_api.ensure_default_security_group(context)
if context.is_admin:
groups = db.security_group_get_all(context)
else:
groups = db.security_group_get_by_project(context,
context.project_id)
groups = [self._format_security_group(context, g) for g in groups]
if not group_name is None:
groups = [g for g in groups if g.name in group_name]
return {'securityGroupInfo':
list(sorted(groups,
key=lambda k: (k['ownerId'], k['groupName'])))}
def fix_usage(cntxt, tenant):
# Get per-user data for this tenant since usage is now per-user
filter_object = {'project_id': tenant}
instance_info = db.instance_get_all_by_filters(cntxt, filter_object)
usage_by_resource = {}
#resource_types = ['instances', 'cores', 'ram', 'security_groups']
states_to_ignore = ['error', 'deleted', 'building']
for instance in instance_info:
user = instance['user_id']
# We need to build a list of users who have launched vm's even if the user
# no longer exists. We can't use keystone here.
if not usage_by_resource.has_key(user):
usage_by_resource[user] = {
} # Record that this user has once used resources
if not instance['vm_state'] in states_to_ignore:
user_resource = usage_by_resource[user]
user_resource['instances'] = user_resource.get('instances', 0) + 1
user_resource['cores'] = user_resource.get('cores',
0) + instance['vcpus']
user_resource['ram'] = user_resource.get('ram',
0) + instance['memory_mb']
secgroup_list = db.security_group_get_by_project(cntxt, tenant)
for group in secgroup_list:
user = group.user_id
if not usage_by_resource.has_key(user):
usage_by_resource[user] = {
} # Record that this user has once used resources
user_resource = usage_by_resource[user]
user_resource['security_groups'] = user_resource.get(
'security_groups', 0) + 1
# Correct the quota usage in the database
for user in usage_by_resource:
for resource in resource_types:
usage = usage_by_resource[user].get(resource, 0)
try:
db.quota_usage_update(cntxt,
tenant,
user,
resource,
in_use=usage)
except exception.QuotaUsageNotFound as e:
print e
print 'db.quota_usage_update(cntxt, %s, %s, %s, in_use=%s)' % \
(tenant, user, resource, usage)
def describe_security_groups(self, context, group_name=None, **kwargs):
self.compute_api.ensure_default_security_group(context)
if group_name:
groups = []
for name in group_name:
group = db.security_group_get_by_name(context,
context.project_id, name)
groups.append(group)
elif context.is_admin:
groups = db.security_group_get_all(context)
else:
groups = db.security_group_get_by_project(context,
context.project_id)
groups = [self._format_security_group(context, g) for g in groups]
return {
'securityGroupInfo':
list(sorted(groups, key=lambda k: (k['ownerId'], k['groupName'])))
}
def fix_usage(cntxt, tenant):
# Get per-user data for this tenant since usage is now per-user
filter_object = {'project_id': tenant}
instance_info = db.instance_get_all_by_filters(cntxt, filter_object)
usage_by_resource = {}
#resource_types = ['instances', 'cores', 'ram', 'security_groups']
states_to_ignore = ['error', 'deleted', 'building']
for instance in instance_info:
user = instance['user_id']
# We need to build a list of users who have launched vm's even if the user
# no longer exists. We can't use keystone here.
if not usage_by_resource.has_key(user):
usage_by_resource[user] = {} # Record that this user has once used resources
if not instance['vm_state'] in states_to_ignore:
user_resource = usage_by_resource[user]
user_resource['instances'] = user_resource.get('instances', 0) + 1
user_resource['cores'] = user_resource.get('cores', 0) + instance['vcpus']
user_resource['ram'] = user_resource.get('ram', 0) + instance['memory_mb']
secgroup_list = db.security_group_get_by_project(cntxt, tenant)
for group in secgroup_list:
user = group.user_id
if not usage_by_resource.has_key(user):
usage_by_resource[user] = {} # Record that this user has once used resources
user_resource = usage_by_resource[user]
user_resource['security_groups'] = user_resource.get('security_groups', 0) + 1
# Correct the quota usage in the database
for user in usage_by_resource:
for resource in resource_types:
usage = usage_by_resource[user].get(resource, 0)
try:
db.quota_usage_update(cntxt, tenant, user, resource, in_use=usage)
except exception.QuotaUsageNotFound as e:
print e
print 'db.quota_usage_update(cntxt, %s, %s, %s, in_use=%s)' % \
(tenant, user, resource, usage)
def get_actual_usage(cntxt, tenant):
filter_object = {'deleted': '', 'project_id': tenant}
instances = db.instance_get_all_by_filters(cntxt, filter_object)
# calculate actual usage
actual_instance_count = len(instances)
actual_core_count = 0
actual_ram_count = 0
for instance in instances:
actual_core_count += instance['vcpus']
actual_ram_count += instance['memory_mb']
actual_secgroup_count = len(db.security_group_get_by_project(
cntxt, tenant))
if actual_secgroup_count == 0:
actual_secgroup_count = 1 # Every tenant uses quota for default security group
return OrderedDict(
(("actual_instance_count",
actual_instance_count), ("actual_core_count", actual_core_count),
("actual_ram_count", actual_ram_count), ("actual_secgroup_count",
actual_secgroup_count)))
def get_actual_usage(cntxt, tenant):
filter_object = {'deleted': '',
'project_id': tenant}
instances = db.instance_get_all_by_filters(cntxt, filter_object)
# calculate actual usage
actual_instance_count = len(instances)
actual_core_count = 0
actual_ram_count = 0
for instance in instances:
actual_core_count += instance['vcpus']
actual_ram_count += instance['memory_mb']
actual_secgroup_count = len(db.security_group_get_by_project(cntxt, tenant))
if actual_secgroup_count == 0:
actual_secgroup_count = 1 # Every tenant uses quota for default security group
return OrderedDict((
("actual_instance_count", actual_instance_count),
("actual_core_count", actual_core_count),
("actual_ram_count", actual_ram_count),
("actual_secgroup_count", actual_secgroup_count)
))
def get_by_project(cls, context, project_id):
return _make_secgroup_list(context, cls(),
db.security_group_get_by_project(
context, project_id))
def get_by_project(cls, context, project_id):
groups = db.security_group_get_by_project(context, project_id)
return base.obj_make_list(context, cls(context), objects.SecurityGroup,
groups)
def get_by_project(cls, context, project_id):
return _make_secgroup_list(context, cls(),
db.security_group_get_by_project(
context, project_id))
def get_by_project(cls, context, project_id):
groups = db.security_group_get_by_project(context, project_id)
return base.obj_make_list(context, cls(context),
objects.SecurityGroup, groups)
