def test_update_default_quotas(self): quota = self.quotas.first() # init quotas.get_disabled_quotas(IsA(http.HttpRequest)) \ .AndReturn(self.disabled_quotas.first()) quotas.get_default_quota_data(IsA(http.HttpRequest)).AndReturn(quota) # update some fields quota[0].limit = 123 quota[1].limit = -1 updated_quota = self._get_quota_info(quota) # handle nova_fields = quotas.NOVA_QUOTA_FIELDS + quotas.MISSING_QUOTA_FIELDS nova_updated_quota = dict([(key, updated_quota[key]) for key in nova_fields if key != 'fixed_ips']) api.nova.default_quota_update(IsA(http.HttpRequest), **nova_updated_quota) cinder_updated_quota = dict([(key, updated_quota[key]) for key in quotas.CINDER_QUOTA_FIELDS]) api.cinder.default_quota_update(IsA(http.HttpRequest), **cinder_updated_quota) self.mox.ReplayAll() url = reverse('horizon:admin:defaults:update_defaults') res = self.client.post(url, updated_quota) self.assertNoFormErrors(res) self.assertRedirectsNoFollow(res, INDEX_URL)
def test_quota_sets_defaults_get(self, nc): filters = {'user': {'tenant_id': 'tenant'}} request = self.mock_rest_request(**{'GET': dict(filters)}) api.base.is_service_enabled(request, 'compute').AndReturn(True) quotas.get_disabled_quotas(request).AndReturn(['floating_ips']) nc.default_quota_get.return_value = [ Quota('metadata_items', 100), Quota('floating_ips', 1), Quota('q2', 101) ] self.mox.ReplayAll() response = nova.DefaultQuotaSets().get(request) self.assertStatusCode(response, 200) self.assertEqual(response.json, {"items": [ {"limit": 100, "display_name": "Metadata Items", "name": "metadata_items"}, {"limit": 101, "display_name": "Q2", "name": "q2"} ]}) nc.default_quota_get.assert_called_once_with(request, request.user.tenant_id)
def test_quota_sets_defaults_patch(self, nc): request = self.mock_rest_request(body=''' {"key_pairs": "15", "metadata_items": "5000", "cores": "10", "instances": "20", "floating_ips": 10, "injected_file_content_bytes": "15", "injected_file_path_bytes": "5000", "injected_files": "5", "ram": "10", "gigabytes": "5"} ''') api.base.is_service_enabled(request, 'compute').AndReturn(True) quotas.get_disabled_quotas(request).AndReturn(['floating_ips']) self.mox.ReplayAll() response = nova.DefaultQuotaSets().patch(request) self.assertStatusCode(response, 204) self.assertEqual(response.content.decode('utf-8'), '') nc.default_quota_update.assert_called_once_with( request, key_pairs='15', metadata_items='5000', cores='10', instances='20', injected_file_content_bytes='15', injected_file_path_bytes='5000', injected_files='5', ram='10')
def test_quota_sets_defaults_get(self, nc): filters = {'user': {'tenant_id': 'tenant'}} request = self.mock_rest_request(**{'GET': dict(filters)}) api.base.is_service_enabled(request, 'compute').AndReturn(True) quotas.get_disabled_quotas(request).AndReturn(['floating_ips']) nc.default_quota_get.return_value = [ Quota('metadata_items', 100), Quota('floating_ips', 1), Quota('q2', 101) ] self.mox.ReplayAll() response = nova.DefaultQuotaSets().get(request) self.assertStatusCode(response, 200) self.assertEqual( response.json, { "items": [{ "limit": 100, "display_name": "Metadata Items", "name": "metadata_items" }, { "limit": 101, "display_name": "Q2", "name": "q2" }] }) nc.default_quota_get.assert_called_once_with(request, request.user.tenant_id)
def test_update_quotas_get(self): quota = self.quotas.first() quotas.get_disabled_quotas(IsA(http.HttpRequest)) \ .AndReturn(set()) quotas.get_tenant_quota_data(IsA(http.HttpRequest), tenant_id=self.tenant.id) \ .AndReturn(quota) self.mox.ReplayAll() url = reverse('horizon:identity:projects:update_quotas', args=[self.tenant.id]) res = self.client.get(url) self.assertTemplateUsed(res, views.WorkflowView.template_name) workflow = res.context['workflow'] self.assertEqual(res.context['workflow'].name, workflows.UpdateQuota.name) step = workflow.get_step("update_compute_quotas") self.assertEqual(step.action.initial['ram'], quota.get('ram').limit) self.assertEqual(step.action.initial['injected_files'], quota.get('injected_files').limit) self.assertQuerysetEqual(workflow.steps, [ '<UpdateComputeQuota: update_compute_quotas>', '<UpdateVolumeQuota: update_volume_quotas>' ])
def test_update_quotas_update_error(self): project = self.tenants.first() quota = self.quotas.first() quota_usages = self.quota_usages.first() # get/init quotas.get_disabled_quotas(IsA(http.HttpRequest)) \ .AndReturn(set()) quotas.get_tenant_quota_data(IsA(http.HttpRequest), tenant_id=self.tenant.id) \ .AndReturn(quota) # update some fields quota[0].limit = 444 quota[1].limit = -1 updated_quota = self._get_quota_info(quota) # handle quotas.tenant_quota_usages(IsA(http.HttpRequest), tenant_id=project.id, targets=tuple(quotas.NOVA_QUOTA_FIELDS)) \ .AndReturn(quota_usages) quotas.tenant_quota_usages(IsA(http.HttpRequest), tenant_id=project.id, targets=tuple(quotas.CINDER_QUOTA_FIELDS)) \ .AndReturn(quota_usages) nova_updated_quota = { key: updated_quota[key] for key in quotas.NOVA_QUOTA_FIELDS } api.nova.tenant_quota_update(IsA(http.HttpRequest), project.id, **nova_updated_quota) \ .AndRaise(self.exceptions.nova) # handle() of all steps are called even after one of handle() fails. cinder_updated_quota = { key: updated_quota[key] for key in quotas.CINDER_QUOTA_FIELDS } api.cinder.tenant_quota_update(IsA(http.HttpRequest), project.id, **cinder_updated_quota) self.mox.ReplayAll() # submit form data url = reverse('horizon:identity:projects:update_quotas', args=[self.tenant.id]) res = self.client.post(url, updated_quota) self.assertNoFormErrors(res) self.assertMessageCount(error=2, warning=0) self.assertRedirectsNoFollow(res, INDEX_URL)
def patch(self, request, project_id): """Update a single project quota data. The PATCH data should be an application/json object with the attributes to set to new quota values. This method returns HTTP 204 (no content) on success. """ # Filters only neutron quota fields disabled_quotas = quotas.get_disabled_quotas(request) if api.base.is_service_enabled(request, 'network') and \ api.neutron.is_extension_supported(request, 'quotas'): neutron_data = { key: request.DATA[key] for key in quotas.NEUTRON_QUOTA_FIELDS if key not in disabled_quotas } api.neutron.tenant_quota_update(request, project_id, **neutron_data) else: message = _('Service Neutron is disabled or quotas extension not ' 'available.') raise rest_utils.AjaxError(501, message)
def __init__(self, request, *args, **kwargs): super(UpdateProjectQuotaAction, self).__init__(request, *args, **kwargs) disabled_quotas = get_disabled_quotas(request) for field in disabled_quotas: if field in self.fields: self.fields[field].required = False self.fields[field].widget = forms.HiddenInput()
def _update_project_quota(self, request, data, project_id): # update the project quota nova_data = dict( [(key, data[key]) for key in quotas.NOVA_QUOTA_FIELDS]) try: nova.tenant_quota_update(request, project_id, **nova_data) if base.is_service_enabled(request, 'volume'): cinder_data = dict([(key, data[key]) for key in quotas.CINDER_QUOTA_FIELDS]) cinder.tenant_quota_update(request, project_id, **cinder_data) if api.base.is_service_enabled(request, 'network') and \ api.neutron.is_quotas_extension_supported(request): neutron_data = {} disabled_quotas = quotas.get_disabled_quotas(request) for key in quotas.NEUTRON_QUOTA_FIELDS: if key not in disabled_quotas: neutron_data[key] = data[key] api.neutron.tenant_quota_update(request, project_id, **neutron_data) return True except Exception: exceptions.handle(request, _('Modified project information and ' 'members, but unable to modify ' 'project quotas.')) return False
def _update_project_quota(self, request, data, project_id): # Update the project quota. nova_data = dict([(key, data[key]) for key in quotas.NOVA_QUOTA_FIELDS]) try: nova.tenant_quota_update(request, project_id, region=data['region_id'], **nova_data) if base.is_service_enabled(request, 'volume'): cinder_data = dict([(key, data[key]) for key in quotas.CINDER_QUOTA_FIELDS]) cinder.tenant_quota_update(request, project_id, region=data['region_id'], **cinder_data) if api.base.is_service_enabled(request, 'network') and \ api.neutron.is_quotas_extension_supported(request): neutron_data = {} disabled_quotas = quotas.get_disabled_quotas(request) for key in quotas.NEUTRON_QUOTA_FIELDS: if key not in disabled_quotas: neutron_data[key] = data[key] api.neutron.tenant_quota_update(request, project_id, region=data['region_id'], **neutron_data) except Exception: exceptions.handle(request, _('Unable to set project quotas.'))
def patch(self, request): """Update the values for Nova specific quotas This method returns HTTP 204 (no content) on success. """ if api.base.is_service_enabled(request, 'compute'): disabled_quotas = quotas.get_disabled_quotas(request) filtered_quotas = [ quota for quota in quotas.NOVA_QUOTA_FIELDS if quota not in disabled_quotas ] request_data = { key: request.DATA.get(key, None) for key in filtered_quotas } nova_data = { key: value for key, value in request_data.items() if value is not None } api.nova.default_quota_update(request, **nova_data) else: raise rest_utils.AjaxError(501, _('Service Nova is disabled.'))
def __init__(self, request, *args, **kwargs): super(UpdateProjectQuotaAction, self).__init__(request, *args, **kwargs) disabled_quotas = get_disabled_quotas(request) for field in disabled_quotas: if field in self.fields: self.fields[field].required = False self.fields[field].widget = forms.HiddenInput() # jt if "project_id" in args[0]: project_id = args[0]["project_id"] self.fields["images"].initial = api.jt.get_image_quota(project_id) self.fields["expiration"].initial = api.jt.get_expiration_date(project_id) self.fields["start_date"].initial = api.jt.get_start_date(project_id) self.fields["dair_notice"].initial = api.jt.get_dair_notice(project_id) self.fields["object_mb"].initial = api.jt.get_object_mb_quota(project_id) self.fields["reseller_logo"].initial = api.jt.get_reseller_logo(project_id) else: # mj expiration autofill start_date = datetime.date.today() future_expire_date = start_date.replace(year=start_date.year + 1).strftime("%B %d, %Y") self.fields["images"].initial = 5 self.fields["expiration"].initial = future_expire_date self.fields["start_date"].initial = start_date.strftime("%B %d, %Y") self.fields["dair_notice"].initial = "Information not available." self.fields["object_mb"].initial = 204800 self.fields["reseller_logo"].initial = "Information not available."
def _update_project_quota(self, request, data, project_id): # Update the project quota. nova_data = dict([(key, data[key]) for key in quotas.NOVA_QUOTA_FIELDS]) if is_m1_user_admin(self.request): tenant_quota_update_nova(request, project_id, **nova_data) else: nova.tenant_quota_update(request, project_id, **nova_data) if base.is_service_enabled(request, 'volume'): cinder_data = dict([(key, data[key]) for key in quotas.CINDER_QUOTA_FIELDS]) if is_m1_user_admin(self.request): tenant_quota_update_cinder(request, project_id, **cinder_data) else: cinder.tenant_quota_update(request, project_id, **cinder_data) if api.base.is_service_enabled(request, 'network') and \ api.neutron.is_quotas_extension_supported(request): neutron_data = {} disabled_quotas = quotas.get_disabled_quotas(request) for key in quotas.NEUTRON_QUOTA_FIELDS: if key not in disabled_quotas: neutron_data[key] = data[key] if is_m1_user_admin(self.request): tenant_quota_update_neutron(request, project_id, **neutron_data) else: api.neutron.tenant_quota_update(request, project_id, **neutron_data)
def _update_project_quota(self, request, data, project_id): # Update the project quota. enabled_quota_groups = getattr(settings, 'ENABLED_QUOTA_GROUPS', {}) nova_data = dict( [(key, data[key]) for key in quotas.NOVA_QUOTA_FIELDS]) try: if enabled_quota_groups.get('nova', True): nova.tenant_quota_update(request, project_id, **nova_data) if enabled_quota_groups.get('cinder', True): if base.is_service_enabled(request, 'volume'): cinder_data = dict([(key, data[key]) for key in quotas.CINDER_QUOTA_FIELDS]) cinder.tenant_quota_update(request, project_id, **cinder_data) if enabled_quota_groups.get('neutron', True): if api.base.is_service_enabled(request, 'network') and \ api.neutron.is_quotas_extension_supported(request): neutron_data = {} disabled_quotas = quotas.get_disabled_quotas(request) for key in quotas.NEUTRON_QUOTA_FIELDS: if key not in disabled_quotas: neutron_data[key] = data[key] api.neutron.tenant_quota_update(request, project_id, **neutron_data) except Exception: exceptions.handle(request, _('Unable to set project quotas.'))
def __init__(self, request, *args, **kwargs): super(ProjectQuotaAction, self).__init__(request, *args, **kwargs) disabled_quotas = quotas.get_disabled_quotas(request) for field in disabled_quotas: if field in self.fields: self.fields[field].required = False self.fields[field].widget = forms.HiddenInput()
def _update_project_quota(self, request, data, project_id): disabled_quotas = quotas.get_disabled_quotas(request) # Update the project quotas. if api.base.is_service_enabled(request, 'compute'): nova_data = {key: data[key] for key in set(quotas.NOVA_QUOTA_FIELDS) - disabled_quotas} nova.tenant_quota_update(request, project_id, **nova_data) if cinder.is_volume_service_enabled(request): cinder_data = dict([(key, data[key]) for key in quotas.CINDER_QUOTA_FIELDS]) cinder.tenant_quota_update(request, project_id, **cinder_data) if api.base.is_service_enabled(request, 'network') and \ api.neutron.is_quotas_extension_supported(request): neutron_data = {} for key in quotas.NEUTRON_QUOTA_FIELDS: if key not in disabled_quotas: neutron_data[key] = data[key] api.neutron.tenant_quota_update(request, project_id, **neutron_data)
def __init__(self, request, *args, **kwargs): super(UpdateProjectQuotaAction, self).__init__(request, *args, **kwargs) disabled_quotas = get_disabled_quotas(request) for field in disabled_quotas: if field in self.fields: self.fields[field].required = False self.fields[field].widget = forms.HiddenInput() # jt if 'project_id' in args[0]: project_id = args[0]['project_id'] self.fields['images'].initial = api.jt.get_image_quota(project_id) self.fields['expiration'].initial = api.jt.get_expiration_date( project_id) self.fields['start_date'].initial = api.jt.get_start_date( project_id) self.fields['dair_notice'].initial = api.jt.get_dair_notice( project_id) self.fields['object_mb'].initial = api.jt.get_object_mb_quota( project_id) self.fields['reseller_logo'].initial = api.jt.get_reseller_logo( project_id) else: #mj expiration autofill start_date = datetime.date.today() future_expire_date = start_date.replace(year=start_date.year + 1).strftime('%B %d, %Y') self.fields['images'].initial = 5 self.fields['expiration'].initial = future_expire_date self.fields['start_date'].initial = start_date.strftime( '%B %d, %Y') self.fields['dair_notice'].initial = 'Information not available.' self.fields['object_mb'].initial = 204800 self.fields['reseller_logo'].initial = 'Information not available.'
def _update_project_quota(self, request, data, project_id): disabled_quotas = quotas.get_disabled_quotas(request) # Update the project quotas. if api.base.is_service_enabled(request, 'compute'): nova_data = { key: data[key] for key in quotas.NOVA_QUOTA_FIELDS - disabled_quotas } if nova_data: nova.tenant_quota_update(request, project_id, **nova_data) if cinder.is_volume_service_enabled(request): cinder_data = { key: data[key] for key in quotas.CINDER_QUOTA_FIELDS - disabled_quotas } if cinder_data: cinder.tenant_quota_update(request, project_id, **cinder_data) if (api.base.is_service_enabled(request, 'network') and api.neutron.is_quotas_extension_supported(request)): neutron_data = { key: data[key] for key in quotas.NEUTRON_QUOTA_FIELDS - disabled_quotas } if neutron_data: api.neutron.tenant_quota_update(request, project_id, **neutron_data)
def get(self, request): """Get the values for Nova specific quotas Example GET: http://localhost/api/nova/quota-sets/defaults/ """ if api.base.is_service_enabled(request, 'compute'): quota_set = api.nova.default_quota_get(request, request.user.tenant_id) disabled_quotas = quotas.get_disabled_quotas(request) filtered_quotas = [quota for quota in quota_set if quota.name not in disabled_quotas] result = [{ 'display_name': quotas.QUOTA_NAMES.get( quota.name, quota.name.replace("_", " ").title() ) + '', 'name': quota.name, 'limit': quota.limit } for quota in filtered_quotas] return {'items': result} else: raise rest_utils.AjaxError(501, _('Service Nova is disabled.'))
def _update_project_quota(self, request, data, project_id): # Update the project quota. nova_data = dict( [(key, data[key]) for key in quotas.NOVA_QUOTA_FIELDS]) try: nova.tenant_quota_update(request, project_id, region=data['region_id'], **nova_data) if base.is_service_enabled(request, 'volume'): cinder_data = dict([(key, data[key]) for key in quotas.CINDER_QUOTA_FIELDS]) cinder.tenant_quota_update(request, project_id, region=data['region_id'], **cinder_data) if api.base.is_service_enabled(request, 'network') and \ api.neutron.is_quotas_extension_supported(request): neutron_data = {} disabled_quotas = quotas.get_disabled_quotas(request) for key in quotas.NEUTRON_QUOTA_FIELDS: if key not in disabled_quotas: neutron_data[key] = data[key] api.neutron.tenant_quota_update(request, project_id, region=data['region_id'], **neutron_data) except Exception: exceptions.handle(request, _('Unable to set project quotas.'))
def test_get_disabled_quotas(self): self.mock_object(base, "is_service_enabled", mock.Mock(return_value=False)) result_quotas = quotas.get_disabled_quotas(self.request) expected_quotas = set(quotas.QUOTA_FIELDS) self.assertItemsEqual(result_quotas, expected_quotas)
def test_get_all_disabled_quotas(self): self._mock_service_enabled(volume_enabled=False) result_quotas = quotas.get_disabled_quotas(self.request) expected_quotas = (quotas.CINDER_QUOTA_FIELDS | quotas.NEUTRON_QUOTA_FIELDS | quotas.NOVA_QUOTA_FIELDS) self.assertItemsEqual(result_quotas, expected_quotas) self._check_service_enabled({'compute': 1, 'network': 1, 'volume': 1})
def get(self, request): """Get a list of editable quota fields. The listing result is an object with property "items". Each item is an editable quota. Returns an empty list in case no editable quota is found. """ disabled_quotas = quotas.get_disabled_quotas(request) editable_quotas = [quota for quota in quotas.QUOTA_FIELDS if quota not in disabled_quotas] return {"items": editable_quotas}
def test_get_all_disabled_quotas(self): self._mock_service_enabled(volume_enabled=False) result_quotas = quotas.get_disabled_quotas(self.request) expected_quotas = (quotas.CINDER_QUOTA_FIELDS | quotas.NEUTRON_QUOTA_FIELDS | quotas.NOVA_QUOTA_FIELDS) self.assertCountEqual(result_quotas, expected_quotas) self._check_service_enabled({'compute': 1, 'network': 1, 'volume': 1})
def get(self, request): """Get a list of editable quota fields. The listing result is an object with property "items". Each item is an editable quota. Returns an empty list in case no editable quota is found. """ disabled_quotas = quotas.get_disabled_quotas(request) editable_quotas = [quota for quota in quotas.QUOTA_FIELDS if quota not in disabled_quotas] return {'items': editable_quotas}
def test_get_all_disabled_quotas(self): cinder.is_volume_service_enabled(IsA(http.HttpRequest)).AndReturn( False) api.base.is_service_enabled(IsA(http.HttpRequest), 'network').AndReturn(False) self.mox.ReplayAll() result_quotas = quotas.get_disabled_quotas(self.request) expected_quotas = list(quotas.CINDER_QUOTA_FIELDS) + \ list(quotas.NEUTRON_QUOTA_FIELDS) + list(quotas.NOVA_QUOTA_FIELDS) self.assertItemsEqual(result_quotas, expected_quotas)
def get_initial(self): initial = super(UpdateDefaultQuotasView, self).get_initial() # get initial quota defaults try: quota_defaults = quotas.get_default_quota_data(self.request) for field in quotas.QUOTA_FIELDS: initial[field] = quota_defaults.get(field).limit except Exception: error_msg = _('Unable to retrieve default quota values.') self.add_error_to_step(error_msg, 'update_default_quotas') initial['disabled_quotas'] = quotas.get_disabled_quotas(self.request) return initial
def test_get_all_disabled_quotas(self): cinder.is_volume_service_enabled(IsA( http.HttpRequest)).AndReturn(False) api.base.is_service_enabled(IsA(http.HttpRequest), 'network').AndReturn(False) # Nova enabled but quotas disabled api.base.is_service_enabled(IsA(http.HttpRequest), 'compute').AndReturn(True) self.mox.ReplayAll() result_quotas = quotas.get_disabled_quotas(self.request) expected_quotas = list(quotas.CINDER_QUOTA_FIELDS) + \ list(quotas.NEUTRON_QUOTA_FIELDS) + \ list(quotas.NOVA_QUOTA_FIELDS) + list(quotas.MISSING_QUOTA_FIELDS) self.assertItemsEqual(result_quotas, expected_quotas)
def __init__(self, request, *args, **kwargs): super(ProjectQuotaAction, self).__init__(request, *args, **kwargs) disabled_quotas = quotas.get_disabled_quotas(request) for field in disabled_quotas: if field in self.fields: self.fields[field].required = False self.fields[field].widget = forms.HiddenInput() self.fields['metadata_items'].widget = forms.HiddenInput() self.fields['injected_files'].widget = forms.HiddenInput() self.fields['injected_file_content_bytes'].widget = forms.HiddenInput() self.fields['floating_ips'].widget = forms.HiddenInput() self.fields['fixed_ips'].widget = forms.HiddenInput() self.fields['security_groups'].widget = forms.HiddenInput() self.fields['security_group_rules'].widget = forms.HiddenInput() self.fields['security_group'].widget = forms.HiddenInput() self.fields['security_group_rule'].widget = forms.HiddenInput() self.fields['port'].widget = forms.HiddenInput() if policy.check((("identity", "project_admin_required"), ), self.request): self.fields['cores'].validators.append(MaxValueValidator(32)) self.fields['instances'].validators.append(MaxValueValidator(32)) self.fields['volumes'].validators.append(MaxValueValidator(64)) self.fields['snapshots'].validators.append(MaxValueValidator(64)) self.fields['volume_gigabytes'].validators.append( MaxValueValidator(7680)) self.fields['snapshot_gigabytes'].validators.append( MaxValueValidator(7680)) self.fields['ram'].validators.append(MaxValueValidator(262144)) self.fields['floatingip'].validators.append(MaxValueValidator(32)) self.fields['network'].validators.append(MaxValueValidator(1)) self.fields['port'].validators.append(MaxValueValidator(128)) self.fields['router'].validators.append(MaxValueValidator(1)) self.fields['subnet'].validators.append(MaxValueValidator(1)) self.fields['bandwidth'].validators.append(MaxValueValidator(100)) self.fields['network'].widget = forms.HiddenInput() self.fields['port'].widget = forms.HiddenInput() self.fields['router'].widget = forms.HiddenInput() self.fields['subnet'].widget = forms.HiddenInput() regions = api.keystone.list_regions(self.request) if not self.request.user.is_superuser: for region in regions[:]: if not region.id in self.request.user._services_region: regions.remove(region) region_choices = [] for region in regions: region_choices.append((region.id, region.description)) region_choices.insert(0, ('', _("Select a region"))) self.fields['region_id'].choices = region_choices
def patch(self, request, project_id): """Update a single project quota data. The PATCH data should be an application/json object with the attributes to set to new quota values. This method returns HTTP 204 (no content) on success. """ disabled_quotas = quotas.get_disabled_quotas(request) if api.base.is_service_enabled(request, "compute"): nova_data = {key: request.DATA[key] for key in quotas.NOVA_QUOTA_FIELDS if key not in disabled_quotas} api.nova.tenant_quota_update(request, project_id, **nova_data) else: raise rest_utils.AjaxError(501, _("Service Nova is disabled."))
def __init__(self, request, *args, **kwargs): super(ProjectQuotaAction, self).__init__(request, *args, **kwargs) disabled_quotas = quotas.get_disabled_quotas(request) for field in disabled_quotas: if field in self.fields: self.fields[field].required = False self.fields[field].widget = forms.HiddenInput() self.fields['metadata_items'].widget = forms.HiddenInput() self.fields['injected_files'].widget = forms.HiddenInput() self.fields['injected_file_content_bytes'].widget = forms.HiddenInput() self.fields['floating_ips'].widget = forms.HiddenInput() self.fields['fixed_ips'].widget = forms.HiddenInput() self.fields['security_groups'].widget = forms.HiddenInput() self.fields['security_group_rules'].widget = forms.HiddenInput() self.fields['security_group'].widget = forms.HiddenInput() self.fields['security_group_rule'].widget = forms.HiddenInput() self.fields['port'].widget = forms.HiddenInput() if policy.check((("identity", "project_admin_required"),), self.request): self.fields['cores'].validators.append(MaxValueValidator(32)) self.fields['instances'].validators.append(MaxValueValidator(32)) self.fields['volumes'].validators.append(MaxValueValidator(64)) self.fields['snapshots'].validators.append(MaxValueValidator(64)) self.fields['volume_gigabytes'].validators.append(MaxValueValidator(7680)) self.fields['snapshot_gigabytes'].validators.append(MaxValueValidator(7680)) self.fields['ram'].validators.append(MaxValueValidator(262144)) self.fields['floatingip'].validators.append(MaxValueValidator(32)) self.fields['network'].validators.append(MaxValueValidator(1)) self.fields['port'].validators.append(MaxValueValidator(128)) self.fields['router'].validators.append(MaxValueValidator(1)) self.fields['subnet'].validators.append(MaxValueValidator(1)) self.fields['bandwidth'].validators.append(MaxValueValidator(100)) self.fields['network'].widget = forms.HiddenInput() self.fields['port'].widget = forms.HiddenInput() self.fields['router'].widget = forms.HiddenInput() self.fields['subnet'].widget = forms.HiddenInput() regions = api.keystone.list_regions(self.request) if not self.request.user.is_superuser : for region in regions[:]: if not region.id in self.request.user._services_region: regions.remove(region) region_choices = [] for region in regions: region_choices.append((region.id, region.description)) region_choices.insert(0, ('', _("Select a region"))) self.fields['region_id'].choices = region_choices
def get_initial(self): initial = super(UpdateQuotasView, self).get_initial() project_id = self.kwargs['tenant_id'] initial['project_id'] = project_id try: # get initial project quota if keystone.is_cloud_admin(self.request): quota_data = quotas.get_tenant_quota_data(self.request, tenant_id=project_id) for field in quotas.QUOTA_FIELDS: initial[field] = quota_data.get(field).limit except Exception: exceptions.handle(self.request, _('Unable to retrieve project quotas.'), redirect=reverse(INDEX_URL)) initial['disabled_quotas'] = quotas.get_disabled_quotas(self.request) return initial
def test_get_disabled_quotas_router_disabled(self): self._mock_service_enabled(network_enabled=True) self.mock_is_extension_supported.return_value = True self.mock_is_router_enabled.return_value = False self.mock_is_quotas_extension_supported.return_value = True disabled_quotas = quotas.get_disabled_quotas(self.request) expected = set(['router', 'floatingip']) self.assertEqual(expected, disabled_quotas) self._check_service_enabled({'compute': 1, 'network': 1, 'volume': 1}) self.mock_is_extension_supported.assert_called_once_with( test.IsHttpRequest(), 'security-group') self.mock_is_router_enabled.assert_called_once_with( test.IsHttpRequest()) self.mock_is_quotas_extension_supported.assert_called_once_with( test.IsHttpRequest())
def get_initial(self): initial = super().get_initial() project_id = self.kwargs['tenant_id'] initial['project_id'] = project_id try: # get initial project quota if keystone.is_cloud_admin(self.request): quota_data = quotas.get_tenant_quota_data(self.request, tenant_id=project_id) for field in quotas.QUOTA_FIELDS: initial[field] = quota_data.get(field).limit except Exception: exceptions.handle(self.request, _('Unable to retrieve project quotas.'), redirect=reverse(INDEX_URL)) initial['disabled_quotas'] = quotas.get_disabled_quotas(self.request) return initial
def test_get_disabled_quotas_router_disabled(self): api.cinder.is_volume_service_enabled(IsA( http.HttpRequest)).AndReturn(True) api.base.is_service_enabled(IsA(http.HttpRequest), 'network').AndReturn(True) api.neutron.is_extension_supported(IsA(http.HttpRequest), 'security-group').AndReturn(True) api.neutron.is_router_enabled(IsA(http.HttpRequest)).AndReturn(False) api.neutron.is_quotas_extension_supported(IsA(http.HttpRequest)) \ .AndReturn(True) api.base.is_service_enabled(IsA(http.HttpRequest), 'compute').AndReturn(True) self.mox.ReplayAll() disabled_quotas = quotas.get_disabled_quotas(self.request) expected = set(['router', 'floatingip']) self.assertEqual(expected, disabled_quotas)
def test_get_disabled_quotas_router_disabled(self): api.cinder.is_volume_service_enabled( IsA(http.HttpRequest) ).AndReturn(True) api.base.is_service_enabled(IsA(http.HttpRequest), 'network').AndReturn(True) api.neutron.is_extension_supported(IsA(http.HttpRequest), 'security-group').AndReturn(True) api.neutron.is_router_enabled(IsA(http.HttpRequest)).AndReturn(False) api.neutron.is_quotas_extension_supported(IsA(http.HttpRequest)) \ .AndReturn(True) api.base.is_service_enabled(IsA(http.HttpRequest), 'compute').AndReturn(True) self.mox.ReplayAll() disabled_quotas = quotas.get_disabled_quotas(self.request) expected = set(['router', 'floatingip']) self.assertEqual(expected, disabled_quotas)
def __init__(self, request, *args, **kwargs): super(UpdateProjectQuotaAction, self).__init__(request, *args, **kwargs) disabled_quotas = set(quotas.get_disabled_quotas(request)) enabled_quota_groups = getattr(settings, 'ENABLED_QUOTA_GROUPS', {}) if not enabled_quota_groups.get('nova', True): disabled_quotas = disabled_quotas.union( set(quotas.NOVA_QUOTA_FIELDS)) if not enabled_quota_groups.get('neutron', True): disabled_quotas = disabled_quotas.union( set(quotas.NEUTRON_QUOTA_FIELDS)) if not enabled_quota_groups.get('cinder', True): disabled_quotas = disabled_quotas.union( set(quotas.CINDER_QUOTA_FIELDS)) for field in disabled_quotas: if field in self.fields: self.fields[field].required = False self.fields[field].widget = forms.HiddenInput()
def patch(self, request): """Update the values for Nova specific quotas This method returns HTTP 204 (no content) on success. """ if api.base.is_service_enabled(request, "compute"): disabled_quotas = quotas.get_disabled_quotas(request) all_quotas = quotas.NOVA_QUOTA_FIELDS + quotas.MISSING_QUOTA_FIELDS filtered_quotas = [quota for quota in all_quotas if quota not in disabled_quotas] request_data = {key: request.DATA.get(key, None) for key in filtered_quotas} nova_data = {key: value for key, value in request_data.items() if value is not None} api.nova.default_quota_update(request, **nova_data) else: raise rest_utils.AjaxError(501, _("Service Nova is disabled."))
def patch(self, request, project_id): """Update a single project quota data. The PATCH data should be an application/json object with the attributes to set to new quota values. This method returns HTTP 204 (no content) on success. """ disabled_quotas = quotas.get_disabled_quotas(request) if api.base.is_service_enabled(request, 'compute'): nova_data = { key: request.DATA[key] for key in quotas.NOVA_QUOTA_FIELDS if key not in disabled_quotas } api.nova.tenant_quota_update(request, project_id, **nova_data) else: raise rest_utils.AjaxError(501, _('Service Nova is disabled.'))
def __init__(self, request, *args, **kwargs): super(UpdateProjectQuotaAction, self).__init__(request, *args, **kwargs) disabled_quotas = quotas.get_disabled_quotas(request) for field in disabled_quotas: if field in self.fields: self.fields[field].required = False self.fields[field].widget = forms.HiddenInput() # jt if 'project_id' in args[0]: project_id = args[0]['project_id'] self.fields['images'].initial = api.jt.get_image_quota(project_id) self.fields['object_mb'].initial = api.jt.get_object_mb_quota(project_id) else: # MJ expiration autofill self.fields['images'].initial = 5 self.fields['object_mb'].initial = 204800
def __init__(self, request, *args, **kwargs): super(ProjectQuotaAction, self).__init__(request, *args, **kwargs) disabled_quotas = quotas.get_disabled_quotas(request) for field in disabled_quotas: if field in self.fields: self.fields[field].required = False self.fields[field].widget = forms.HiddenInput() # jt if 'project_id' in args[0]: project_id = args[0]['project_id'] self.fields['images'].initial = api.jt.get_image_quota(project_id) self.fields['object_mb'].initial = api.jt.get_object_mb_quota(project_id) else: # MJ expiration autofill self.fields['images'].initial = 5 self.fields['object_mb'].initial = 204800
def patch(self, request, project_id): """Update a single project quota data. The PATCH data should be an application/json object with the attributes to set to new quota values. This method returns HTTP 204 (no content) on success. """ # Filters cinder quota fields disabled_quotas = quotas.get_disabled_quotas(request) if api.cinder.is_volume_service_enabled(request): cinder_data = { key: request.DATA[key] for key in quotas.CINDER_QUOTA_FIELDS if key not in disabled_quotas } api.cinder.tenant_quota_update(request, project_id, **cinder_data) else: raise rest_utils.AjaxError(501, _('Service Cinder is disabled.'))
def _update_project_quota(self, request, data, project_id): disabled_quotas = quotas.get_disabled_quotas(request) # Update the project quotas. if api.base.is_service_enabled(request, 'compute'): nova_data = {key: data[key] for key in quotas.NOVA_QUOTA_FIELDS - disabled_quotas} if nova_data: nova.tenant_quota_update(request, project_id, **nova_data) if cinder.is_volume_service_enabled(request): cinder_data = {key: data[key] for key in quotas.CINDER_QUOTA_FIELDS - disabled_quotas} if cinder_data: cinder.tenant_quota_update(request, project_id, **cinder_data) if (api.base.is_service_enabled(request, 'network') and api.neutron.is_quotas_extension_supported(request)): neutron_data = {key: data[key] for key in quotas.NEUTRON_QUOTA_FIELDS - disabled_quotas} if neutron_data: api.neutron.tenant_quota_update(request, project_id, **neutron_data)
def handle(self, request, data): # FIXME(gabriel): This should be refactored to use Python's built-in # sets and do this all in a single "roles to add" and "roles to remove" # pass instead of the multi-pass thing happening now. project_id = data['project_id'] domain_id = '' # update project info try: project = api.keystone.tenant_update( request, project_id, name=data['name'], description=data['description'], enabled=data['enabled']) # Use the domain_id from the project if available domain_id = getattr(project, "domain_id", None) except Exception: exceptions.handle(request, ignore=True) return False # update project members users_to_modify = 0 # Project-user member step member_step = self.get_step(PROJECT_USER_MEMBER_SLUG) try: # Get our role options available_roles = api.keystone.role_list(request) # Get the users currently associated with this project so we # can diff against it. project_members = api.keystone.user_list(request, project=project_id) users_to_modify = len(project_members) for user in project_members: # Check if there have been any changes in the roles of # Existing project members. current_roles = api.keystone.roles_for_user(self.request, user.id, project_id) current_role_ids = [role.id for role in current_roles] for role in available_roles: field_name = member_step.get_member_field_name(role.id) # Check if the user is in the list of users with this role. if user.id in data[field_name]: # Add it if necessary if role.id not in current_role_ids: # user role has changed api.keystone.add_tenant_user_role( request, project=project_id, user=user.id, role=role.id) else: # User role is unchanged, so remove it from the # remaining roles list to avoid removing it later. index = current_role_ids.index(role.id) current_role_ids.pop(index) # Prevent admins from doing stupid things to themselves. is_current_user = user.id == request.user.id is_current_project = project_id == request.user.tenant_id admin_roles = [role for role in current_roles if role.name.lower() == 'admin'] if len(admin_roles): removing_admin = any([role.id in current_role_ids for role in admin_roles]) else: removing_admin = False if is_current_user and is_current_project and removing_admin: # Cannot remove "admin" role on current(admin) project msg = _('You cannot revoke your administrative privileges ' 'from the project you are currently logged into. ' 'Please switch to another project with ' 'administrative privileges or remove the ' 'administrative role manually via the CLI.') messages.warning(request, msg) # Otherwise go through and revoke any removed roles. else: for id_to_delete in current_role_ids: api.keystone.remove_tenant_user_role( request, project=project_id, user=user.id, role=id_to_delete) users_to_modify -= 1 # Grant new roles on the project. for role in available_roles: field_name = member_step.get_member_field_name(role.id) # Count how many users may be added for exception handling. users_to_modify += len(data[field_name]) for role in available_roles: users_added = 0 field_name = member_step.get_member_field_name(role.id) for user_id in data[field_name]: if not filter(lambda x: user_id == x.id, project_members): api.keystone.add_tenant_user_role(request, project=project_id, user=user_id, role=role.id) users_added += 1 users_to_modify -= users_added except Exception: if PROJECT_GROUP_ENABLED: group_msg = _(", update project groups") else: group_msg = "" exceptions.handle(request, _('Failed to modify %(users_to_modify)s' ' project members%(group_msg)s and ' 'update project quotas.') % {'users_to_modify': users_to_modify, 'group_msg': group_msg}) return False if PROJECT_GROUP_ENABLED: # update project groups groups_to_modify = 0 member_step = self.get_step(PROJECT_GROUP_MEMBER_SLUG) try: # Get the groups currently associated with this project so we # can diff against it. project_groups = api.keystone.group_list(request, domain=domain_id, project=project_id) groups_to_modify = len(project_groups) for group in project_groups: # Check if there have been any changes in the roles of # Existing project members. current_roles = api.keystone.roles_for_group( self.request, group=group.id, project=project_id) current_role_ids = [role.id for role in current_roles] for role in available_roles: # Check if the group is in the list of groups with # this role. field_name = member_step.get_member_field_name(role.id) if group.id in data[field_name]: # Add it if necessary if role.id not in current_role_ids: # group role has changed api.keystone.add_group_role( request, role=role.id, group=group.id, project=project_id) else: # Group role is unchanged, so remove it from # the remaining roles list to avoid removing it # later. index = current_role_ids.index(role.id) current_role_ids.pop(index) # Revoke any removed roles. for id_to_delete in current_role_ids: api.keystone.remove_group_role(request, role=id_to_delete, group=group.id, project=project_id) groups_to_modify -= 1 # Grant new roles on the project. for role in available_roles: field_name = member_step.get_member_field_name(role.id) # Count how many groups may be added for error handling. groups_to_modify += len(data[field_name]) for role in available_roles: groups_added = 0 field_name = member_step.get_member_field_name(role.id) for group_id in data[field_name]: if not filter(lambda x: group_id == x.id, project_groups): api.keystone.add_group_role(request, role=role.id, group=group_id, project=project_id) groups_added += 1 groups_to_modify -= groups_added except Exception: exceptions.handle(request, _('Failed to modify %s project ' 'members, update project groups ' 'and update project quotas.' % groups_to_modify)) return False # update the project quota nova_data = dict( [(key, data[key]) for key in quotas.NOVA_QUOTA_FIELDS]) try: nova.tenant_quota_update(request, project_id, **nova_data) if base.is_service_enabled(request, 'volume'): cinder_data = dict([(key, data[key]) for key in quotas.CINDER_QUOTA_FIELDS]) cinder.tenant_quota_update(request, project_id, **cinder_data) if api.base.is_service_enabled(request, 'network') and \ api.neutron.is_quotas_extension_supported(request): neutron_data = {} disabled_quotas = quotas.get_disabled_quotas(request) for key in quotas.NEUTRON_QUOTA_FIELDS: if key not in disabled_quotas: neutron_data[key] = data[key] api.neutron.tenant_quota_update(request, project_id, **neutron_data) return True except Exception: exceptions.handle(request, _('Modified project information and ' 'members, but unable to modify ' 'project quotas.')) return False
def handle(self, request, data): # create the project domain_id = data['domain_id'] try: desc = data['description'] self.object = api.keystone.tenant_create(request, name=data['name'], description=desc, enabled=data['enabled'], domain=domain_id) except Exception: exceptions.handle(request, ignore=True) return False project_id = self.object.id # update project members users_to_add = 0 try: available_roles = api.keystone.role_list(request) member_step = self.get_step(PROJECT_USER_MEMBER_SLUG) # count how many users are to be added for role in available_roles: field_name = member_step.get_member_field_name(role.id) role_list = data[field_name] users_to_add += len(role_list) # add new users to project for role in available_roles: field_name = member_step.get_member_field_name(role.id) role_list = data[field_name] users_added = 0 for user in role_list: api.keystone.add_tenant_user_role(request, project=project_id, user=user, role=role.id) users_added += 1 users_to_add -= users_added except Exception: if PROJECT_GROUP_ENABLED: group_msg = _(", add project groups") else: group_msg = "" exceptions.handle(request, _('Failed to add %(users_to_add)s ' 'project members%(group_msg)s and ' 'set project quotas.') % {'users_to_add': users_to_add, 'group_msg': group_msg}) if PROJECT_GROUP_ENABLED: # update project groups groups_to_add = 0 try: available_roles = api.keystone.role_list(request) member_step = self.get_step(PROJECT_GROUP_MEMBER_SLUG) # count how many groups are to be added for role in available_roles: field_name = member_step.get_member_field_name(role.id) role_list = data[field_name] groups_to_add += len(role_list) # add new groups to project for role in available_roles: field_name = member_step.get_member_field_name(role.id) role_list = data[field_name] groups_added = 0 for group in role_list: api.keystone.add_group_role(request, role=role.id, group=group, project=project_id) groups_added += 1 groups_to_add -= groups_added except Exception: exceptions.handle(request, _('Failed to add %s project groups ' 'and update project quotas.' % groups_to_add)) # Update the project quota. nova_data = dict( [(key, data[key]) for key in quotas.NOVA_QUOTA_FIELDS]) try: nova.tenant_quota_update(request, project_id, **nova_data) if base.is_service_enabled(request, 'volume'): cinder_data = dict([(key, data[key]) for key in quotas.CINDER_QUOTA_FIELDS]) cinder.tenant_quota_update(request, project_id, **cinder_data) if api.base.is_service_enabled(request, 'network') and \ api.neutron.is_quotas_extension_supported(request): neutron_data = {} disabled_quotas = quotas.get_disabled_quotas(request) for key in quotas.NEUTRON_QUOTA_FIELDS: if key not in disabled_quotas: neutron_data[key] = data[key] api.neutron.tenant_quota_update(request, project_id, **neutron_data) except Exception: exceptions.handle(request, _('Unable to set project quotas.')) return True
def get_initial(self): initial = super(UpdateDefaultQuotasView, self).get_initial() initial['disabled_quotas'] = quotas.get_disabled_quotas(self.request) return initial
def handle(self, request, data): # FIXME(gabriel): This should be refactored to use Python's built-in # sets and do this all in a single "roles to add" and "roles to remove" # pass instead of the multi-pass thing happening now. project_id = data['project_id'] domain_id = '' # update project info try: project = api.keystone.tenant_update( request, project_id, name=data['name'], description=data['description'], enabled=data['enabled']) # Use the domain_id from the project if available domain_id = getattr(project, "domain_id", None) except Exception: exceptions.handle(request, ignore=True) return False # update project members users_to_modify = 0 # Project-user member step member_step = self.get_step(PROJECT_USER_MEMBER_SLUG) try: # Get our role options available_roles = api.keystone.role_list(request) # Get the users currently associated with this project so we # can diff against it. project_members = api.keystone.user_list(request, project=project_id) users_to_modify = len(project_members) for user in project_members: # Check if there have been any changes in the roles of # Existing project members. current_roles = api.keystone.roles_for_user(self.request, user.id, project_id) current_role_ids = [role.id for role in current_roles] for role in available_roles: field_name = member_step.get_member_field_name(role.id) # Check if the user is in the list of users with this role. if user.id in data[field_name]: # Add it if necessary if role.id not in current_role_ids: # user role has changed api.keystone.add_tenant_user_role( request, project=project_id, user=user.id, role=role.id) else: # User role is unchanged, so remove it from the # remaining roles list to avoid removing it later. index = current_role_ids.index(role.id) current_role_ids.pop(index) # Prevent admins from doing stupid things to themselves. is_current_user = user.id == request.user.id is_current_project = project_id == request.user.tenant_id admin_roles = [role for role in current_roles if role.name.lower() == 'admin'] if len(admin_roles): removing_admin = any([role.id in current_role_ids for role in admin_roles]) else: removing_admin = False if is_current_user and is_current_project and removing_admin: # Cannot remove "admin" role on current(admin) project msg = _('You cannot revoke your administrative privileges ' 'from the project you are currently logged into. ' 'Please switch to another project with ' 'administrative privileges or remove the ' 'administrative role manually via the CLI.') messages.warning(request, msg) # Otherwise go through and revoke any removed roles. else: for id_to_delete in current_role_ids: api.keystone.remove_tenant_user_role( request, project=project_id, user=user.id, role=id_to_delete) users_to_modify -= 1 # Grant new roles on the project. for role in available_roles: field_name = member_step.get_member_field_name(role.id) # Count how many users may be added for exception handling. users_to_modify += len(data[field_name]) for role in available_roles: users_added = 0 field_name = member_step.get_member_field_name(role.id) for user_id in data[field_name]: if not filter(lambda x: user_id == x.id, project_members): api.keystone.add_tenant_user_role(request, project=project_id, user=user_id, role=role.id) users_added += 1 users_to_modify -= users_added except Exception: if PROJECT_GROUP_ENABLED: group_msg = _(", update project groups") else: group_msg = "" exceptions.handle(request, _('Failed to modify %(users_to_modify)s' ' project members%(group_msg)s and ' 'update project quotas.') % {'users_to_modify': users_to_modify, 'group_msg': group_msg}) return False if PROJECT_GROUP_ENABLED: # update project groups groups_to_modify = 0 member_step = self.get_step(PROJECT_GROUP_MEMBER_SLUG) try: # Get the groups currently associated with this project so we # can diff against it. project_groups = api.keystone.group_list(request, domain=domain_id, project=project_id) groups_to_modify = len(project_groups) for group in project_groups: # Check if there have been any changes in the roles of # Existing project members. current_roles = api.keystone.roles_for_group( self.request, group=group.id, project=project_id) current_role_ids = [role.id for role in current_roles] for role in available_roles: # Check if the group is in the list of groups with # this role. field_name = member_step.get_member_field_name(role.id) if group.id in data[field_name]: # Add it if necessary if role.id not in current_role_ids: # group role has changed api.keystone.add_group_role( request, role=role.id, group=group.id, project=project_id) else: # Group role is unchanged, so remove it from # the remaining roles list to avoid removing it # later. index = current_role_ids.index(role.id) current_role_ids.pop(index) # Revoke any removed roles. for id_to_delete in current_role_ids: api.keystone.remove_group_role(request, role=id_to_delete, group=group.id, project=project_id) groups_to_modify -= 1 # Grant new roles on the project. for role in available_roles: field_name = member_step.get_member_field_name(role.id) # Count how many groups may be added for error handling. groups_to_modify += len(data[field_name]) for role in available_roles: groups_added = 0 field_name = member_step.get_member_field_name(role.id) for group_id in data[field_name]: if not filter(lambda x: group_id == x.id, project_groups): api.keystone.add_group_role(request, role=role.id, group=group_id, project=project_id) groups_added += 1 groups_to_modify -= groups_added except Exception: exceptions.handle(request, _('Failed to modify %s project ' 'members, update project groups ' 'and update project quotas.') % groups_to_modify) return False # update the project quota nova_data = dict( [(key, data[key]) for key in quotas.NOVA_QUOTA_FIELDS]) try: nova.tenant_quota_update(request, project_id, **nova_data) if base.is_service_enabled(request, 'volume'): cinder_data = dict([(key, data[key]) for key in quotas.CINDER_QUOTA_FIELDS]) cinder.tenant_quota_update(request, project_id, **cinder_data) if api.base.is_service_enabled(request, 'network') and \ api.neutron.is_quotas_extension_supported(request): neutron_data = {} disabled_quotas = quotas.get_disabled_quotas(request) for key in quotas.NEUTRON_QUOTA_FIELDS: if key not in disabled_quotas: neutron_data[key] = data[key] api.neutron.tenant_quota_update(request, project_id, **neutron_data) return True except Exception: exceptions.handle(request, _('Modified project information and ' 'members, but unable to modify ' 'project quotas.')) return False
def handle(self, request, data): # create the project domain_id = data['domain_id'] try: desc = data['description'] self.object = api.keystone.tenant_create(request, name=data['name'], description=desc, enabled=data['enabled'], domain=domain_id) except Exception: exceptions.handle(request, ignore=True) return False project_id = self.object.id # update project members users_to_add = 0 try: available_roles = api.keystone.role_list(request) member_step = self.get_step(PROJECT_USER_MEMBER_SLUG) # count how many users are to be added for role in available_roles: field_name = member_step.get_member_field_name(role.id) role_list = data[field_name] users_to_add += len(role_list) # add new users to project for role in available_roles: field_name = member_step.get_member_field_name(role.id) role_list = data[field_name] users_added = 0 for user in role_list: api.keystone.add_tenant_user_role(request, project=project_id, user=user, role=role.id) users_added += 1 users_to_add -= users_added except Exception: if PROJECT_GROUP_ENABLED: group_msg = _(", add project groups") else: group_msg = "" exceptions.handle(request, _('Failed to add %(users_to_add)s project ' 'members%(group_msg)s and set project quotas.') % {'users_to_add': users_to_add, 'group_msg': group_msg}) if PROJECT_GROUP_ENABLED: # update project groups groups_to_add = 0 try: available_roles = api.keystone.role_list(request) member_step = self.get_step(PROJECT_GROUP_MEMBER_SLUG) # count how many groups are to be added for role in available_roles: field_name = member_step.get_member_field_name(role.id) role_list = data[field_name] groups_to_add += len(role_list) # add new groups to project for role in available_roles: field_name = member_step.get_member_field_name(role.id) role_list = data[field_name] groups_added = 0 for group in role_list: api.keystone.add_group_role(request, role=role.id, group=group, project=project_id) groups_added += 1 groups_to_add -= groups_added except Exception: exceptions.handle(request, _('Failed to add %s project groups ' 'and update project quotas.') % groups_to_add) # Update the project quota. nova_data = dict( [(key, data[key]) for key in quotas.NOVA_QUOTA_FIELDS]) try: nova.tenant_quota_update(request, project_id, **nova_data) if base.is_service_enabled(request, 'volume'): cinder_data = dict([(key, data[key]) for key in quotas.CINDER_QUOTA_FIELDS]) cinder.tenant_quota_update(request, project_id, **cinder_data) if api.base.is_service_enabled(request, 'network') and \ api.neutron.is_quotas_extension_supported(request): neutron_data = {} disabled_quotas = quotas.get_disabled_quotas(request) for key in quotas.NEUTRON_QUOTA_FIELDS: if key not in disabled_quotas: neutron_data[key] = data[key] api.neutron.tenant_quota_update(request, project_id, **neutron_data) except Exception: exceptions.handle(request, _('Unable to set project quotas.')) return True
def get_initial(self): initial = super().get_initial() initial['disabled_quotas'] = quotas.get_disabled_quotas(self.request) return initial