def set_default_temp_time(request):
"""For the given account, set the default-temp-time. """
storage_url = request.session.get('storage_url', '')
auth_token = request.session.get('auth_token', '')
tempurl_form = TimeForm(request.POST)
if tempurl_form.is_valid():
days_to_expiry = float(tempurl_form.cleaned_data['days'])
hours_to_expiry = float(tempurl_form.cleaned_data['hours'])
seconds_to_expiry = int(
days_to_expiry * 24 * 3600
+ hours_to_expiry * 60 * 60)
try:
client.post_account(
storage_url,
auth_token,
{"x-account-meta-default-temp-time": seconds_to_expiry})
messages.add_message(
request,
messages.INFO,
_("Default Temp Url Time updated!"))
except Exception, e:
messages.error(request, "Error updating default temp url time")
def swift_cloud_removal(request):
if request.method != 'POST':
return JsonResponse({"error": "Method not allowed"}, status=405)
params = json.loads(request.body)
project_id = params.get('project_id')
undo_removal = params.get('undo_removal')
if not project_id:
return JsonResponse({"error": "Missing project_id parameter"},
status=400)
http_conn, storage_url = get_conn_and_storage_url(request, project_id)
auth_token = request.session.get('auth_token')
headers = {"x-account-meta-cloud-remove": "true"}
if undo_removal:
headers["x-account-meta-cloud-remove"] = ""
try:
client.post_account(storage_url,
auth_token,
headers,
http_conn=http_conn)
except Exception as err:
log.exception(f'Exception: {err}')
return JsonResponse({"error": "Project update error"}, status=500)
return JsonResponse({"message": "Success"}, status=200)
def get_temp_key(storage_url, auth_token, http_conn):
""" Tries to get meta-temp-url key from account.
If not set, generate tempurl and save it to account.
This requires at least account owner rights. """
try:
account = client.get_account(storage_url,
auth_token,
http_conn=http_conn)
except client.ClientException:
return None
key = account[0].get('x-account-meta-temp-url-key')
if not key:
chars = string.ascii_lowercase + string.digits
key = ''.join(random.choice(chars) for x in range(32))
headers = {'x-account-meta-temp-url-key': key}
try:
client.post_account(storage_url,
token=auth_token,
headers=headers,
http_conn=http_conn)
except client.ClientException:
return None
return key
def get_temp_key(storage_url, auth_token, container):
""" Tries to get meta-temp-url key from account.
If not set, generate tempurl and save it to acocunt.
This requires at least account owner rights. """
try:
account = client.get_account(storage_url, auth_token)
except client.ClientException:
#Try to get the container temp url key instead
try:
container = client.get_container(
storage_url, auth_token, container)
return container[0].get('x-container-meta-temp-url-key')
except client.ClientException:
return None
return None
key = account[0].get('x-account-meta-temp-url-key')
if not key:
chars = string.ascii_lowercase + string.digits
key = ''.join(random.choice(chars) for x in range(32))
headers = {'x-account-meta-temp-url-key': key}
try:
client.post_account(storage_url, auth_token, headers)
except client.ClientException:
return None
return key
def get_temp_key(storage_url, auth_token):
""" Tries to get meta-temp-url key from account.
If not set, generate tempurl and save it to acocunt.
This requires at least account owner rights. """
logging.debug(' in get_temp_key: ' )
try:
account = client.head_account(storage_url, auth_token)
except client.ClientException:
return None
logging.debug(' account in get_temp_key: %s ' % account)
key = account.get('x-account-meta-temp-url-key')
logging.debug(' key in get_temp_key: %s ' % key)
if not key:
chars = string.ascii_lowercase + string.digits
key = ''.join(random.choice(chars) for x in range(32))
headers = {'x-account-meta-temp-url-key': key}
try:
client.post_account(storage_url, auth_token, headers)
except client.ClientException:
return None
return key
def create_swift_account(sc, tenant_id, quota_bytes):
url, token = sc.get_auth()
base_url = url.split('_')[0] + '_'
tenant_url = base_url + tenant_id
client.post_account(url=tenant_url,
token=token,
headers={'X-Account-Meta-Quota-Bytes': quota_bytes})
def get_tempurl_key():
(storage_url, auth_token) = client.get_auth(settings.SWIFT_AUTH_URL, settings.SWIFT_USER, settings.SWIFT_PASSWORD)
meta = client.head_account(storage_url, auth_token)
key = meta.get("x-account-meta-temp-url-key")
if not key:
key = random_key()
headers = {"x-account-meta-temp-url-key": key}
client.post_account(storage_url, auth_token, headers)
return storage_url, key
def set_swift_quota(sc, tenant_id, quota):
tenant_url, token = get_swift_tenant_connection(sc, tenant_id)
try:
print 'Setting quota for project %s to %s bytes' % \
(tenant_id, quota)
swiftclient.post_account(url=tenant_url,
token=token,
headers={SWIFT_QUOTA_KEY: quota})
except:
print 'Failed to set quota for project %s to %s bytes' % \
(tenant_id, quota)
def get_fine_grained_temp_key(storage_url, auth_token, container_name=None):
"""
Tries to get meta-temp-url key from account or container.
If not set, generate tempurl and save it.
"""
logging.debug(' in get_fine_grained_temp_key: container_name:%s, \
storage_url:%s ' %
(container_name, storage_url) )
try:
if container_name:
container = client.head_container(storage_url, auth_token,
container_name)
key = container.get('x-container-meta-temp-url-key')
logging.debug(' key in get_fine_grained_temp_key container: %s ' % key)
else:
account = client.head_account(storage_url, auth_token)
key = account.get('x-account-meta-temp-url-key')
logging.debug(' key in get_fine_grained_temp_key account: %s ' % key)
except client.ClientException:
return None
# logging.debug(' account or container in get_temp_key: %s '
# % account or container)
if not key:
chars = string.ascii_lowercase + string.digits
key = ''.join(random.choice(chars) for x in range(32))
if container_name:
headers = {'x-container-meta-temp-url-key': key}
try:
client.post_container(storage_url, auth_token, container_name,
headers)
logging.debug(' post_container')
except client.ClientException:
return None
raise ValueError('cannot get key, have no account rights to \
get account key!')
else:
headers = {'x-account-meta-temp-url-key': key}
try:
client.post_account(storage_url, auth_token, headers)
logging.debug(' post_account')
except client.ClientException:
return None
return key
def update_swift_account(user, password, project_name, headers):
keystone = KeystoneNoRequest(user, password, project_name)
endpoints = keystone.get_endpoints()
storage_url = endpoints.get("object_store").get("adminURL")
http_conn = client.http_connection(storage_url,
insecure=settings.SWIFT_INSECURE)
try:
client.post_account(storage_url,
keystone.conn.auth_token,
headers,
http_conn=http_conn)
except client.ClientException as err:
log.exception('Exception: {}'.format(err))
return False
return True
def set_quota(tenant_id, quota):
"""Set the swift quota for a tenant.
:param str quota: A number in bytes or None for unlimited.
"""
if quota.lower() == "none":
quota = ''
else:
quota = size_to_bytes(quota)
sc = client()
url, token = sc.get_auth()
base_url = url.split('_')[0] + '_'
tenant_url = base_url + tenant_id
swift_client.post_account(url=tenant_url,
token=token,
headers={'X-Account-Meta-Quota-Bytes': quota})
def set_quota(tenant_id, quota):
"""Set the swift quota for a tenant.
:param str quota: A number in bytes or None for unlimited.
"""
if quota.lower() == "none":
quota = ''
else:
quota = size_to_bytes(quota)
sc = client()
url, token = sc.get_auth()
base_url = url.split('_')[0] + '_'
tenant_url = base_url + tenant_id
swift_client.post_account(url=tenant_url,
token=token,
headers={'X-Account-Meta-Quota-Bytes': quota})
def add_swift_quota(sc, tenant, gigabytes):
tenant_url, token = get_swift_tenant_connection(sc, tenant.id)
quota_bytes = int(gigabytes) * 1024 * 1024 * 1024
attempt = 1
max_attempts = 3
while attempt <= max_attempts:
try:
swift_client.post_account(url=tenant_url,
token=token,
headers={SWIFT_QUOTA_KEY: quota_bytes})
# return
break
except swift_client.ClientException as ex:
print(ex)
print("Failed to set swift quota, retying, attempt %s" % attempt)
time.sleep(attempt * 2)
attempt += 1
if attempt == max_attempts:
raise ProvisionException('Failed to set swift quota, '
'{}'.format(ex))
# for testing return quota bytes and number of attemps
return quota_bytes, attempt
def enable_account_for_storlets(url, token):
headers = dict()
headers['X-Account-Meta-storlet-enabled'] = 'True'
c.post_account(url, token, headers)
def post_account(self, account_id, token, s_type, headers):
cnx = self.get_cnx(account_id, s_type)
sclient.post_account("", token, headers, http_conn=cnx)
def projects(request, project_id=None):
"""
GET: List all projects ordered by name
PUT: Save a project (enable)
DELETE: Delete a project (disable)
POST: Check if a project exist or is enabled
"""
try:
r = get_redis_connection()
except RedisError:
return JSONResponse('Error connecting with DB',
status=status.HTTP_500_INTERNAL_SERVER_ERROR)
if request.method == 'GET':
enabled_projects = r.lrange('projects_crystal_enabled', 0, -1)
return JSONResponse(enabled_projects, status=status.HTTP_200_OK)
if request.method == 'PUT':
project_list = get_project_list()
project_name = project_list[project_id]
if project_name == settings.MANAGEMENT_ACCOUNT:
return JSONResponse(
"Management project could not be set as Crystal project",
status=status.HTTP_400_BAD_REQUEST)
try:
# Set Manager as admin of the Crystal Project
keystone_client = get_keystone_admin_auth()
admin_role_id, reseller_admin_role_id, admin_user_id = get_admin_role_user_ids(
keystone_client)
keystone_client.roles.grant(role=admin_role_id,
user=admin_user_id,
project=project_id)
keystone_client.roles.grant(role=reseller_admin_role_id,
user=admin_user_id,
project=project_id)
# Post Storlet and Dependency containers
url, token = get_swift_url_and_token(project_name)
swift_client.put_container(url, token, ".storlet")
swift_client.put_container(url, token, ".dependency")
headers = {
'X-Account-Meta-Crystal-Enabled': True,
'X-Account-Meta-Storlet-Enabled': True
}
swift_client.post_account(url, token, headers)
# Create project docker image
create_docker_image(r, project_id)
r.lpush('projects_crystal_enabled', project_id)
return JSONResponse("Crystal Project correctly enabled",
status=status.HTTP_201_CREATED)
except:
return JSONResponse("Error Enabling Crystal Project",
status=status.HTTP_400_BAD_REQUEST)
if request.method == 'DELETE':
try:
project_list = get_project_list()
project_name = project_list[project_id]
# Delete Storlet and Dependency containers
try:
url, token = get_swift_url_and_token(project_name)
headers = {
'X-Account-Meta-Crystal-Enabled': '',
'X-Account-Meta-Storlet-Enabled': ''
}
swift_client.post_account(url, token, headers)
swift_client.delete_container(url, token, ".storlet")
swift_client.delete_container(url, token, ".dependency")
except:
pass
# Delete Manager as admin of the Crystal Project
keystone_client = get_keystone_admin_auth()
admin_role_id, reseller_admin_role_id, admin_user_id = get_admin_role_user_ids(
keystone_client)
try:
keystone_client.roles.revoke(role=admin_role_id,
user=admin_user_id,
project=project_id)
keystone_client.roles.revoke(role=reseller_admin_role_id,
user=admin_user_id,
project=project_id)
except:
pass
# Delete project docker image
delete_docker_image(r, project_id)
r.lrem('projects_crystal_enabled', project_id)
return JSONResponse("Crystal project correctly disabled.",
status=status.HTTP_201_CREATED)
except RedisError:
return JSONResponse("Error inserting data",
status=status.HTTP_400_BAD_REQUEST)
if request.method == 'POST':
enabled_projects = r.lrange('projects_crystal_enabled', 0, -1)
if project_id in enabled_projects:
return JSONResponse(project_id, status=status.HTTP_200_OK)
return JSONResponse('The project with id: ' + str(project_id) +
' does not exist.',
status=status.HTTP_404_NOT_FOUND)
return JSONResponse('Method ' + str(request.method) + ' not allowed.',
status=status.HTTP_405_METHOD_NOT_ALLOWED)
from swiftclient.client import get_account, head_account, post_account
from swiftclient.exceptions import ClientException
auth_url = 'http://10.111.1.123:5000/v2.0'
account = 'test'
user = '******'
key = 'testing'
try:
acuser = "******" % (account, user)
(storage_url, token) = get_auth(auth_url, acuser, key, auth_version='2.0')
conn = http_connection(storage_url)
req_headers = {'X-Account-Meta-Test1': 'aaabbbccc',
'X-Account-Meta-Test2': '0123456789'}
resp_headers = {}
post_account(storage_url, token, req_headers,
response_dict=resp_headers, http_conn=conn)
print "[Response headers of post_account()]"
pp = pprint.PrettyPrinter(indent=2)
pp.pprint(resp_headers)
print ""
headers = head_account(storage_url, token, http_conn=conn)
print "[Response headers of head_account()]"
pp.pprint(headers)
except ClientException, e:
print e
def post_account(self, account_id, token, s_type, headers):
cnx = self.get_cnx(account_id, s_type)
sclient.post_account("", token, headers, http_conn=cnx)
def projects(request, project_id=None):
"""
GET: List all projects ordered by name
PUT: Save a project (enable)
DELETE: Delete a project (disable)
POST: Check if a project exist or is enabled
"""
try:
r = get_redis_connection()
except RedisError:
return JSONResponse('Error connecting with DB', status=status.HTTP_500_INTERNAL_SERVER_ERROR)
if request.method == 'GET':
enabled_projects = r.lrange('projects_crystal_enabled', 0, -1)
return JSONResponse(enabled_projects, status=status.HTTP_200_OK)
if request.method == 'PUT':
project_list = get_project_list()
project_name = project_list[project_id]
if project_name == settings.MANAGEMENT_ACCOUNT:
return JSONResponse("Management project could not be set as Crystal project",
status=status.HTTP_400_BAD_REQUEST)
try:
# Set Manager as admin of the Crystal Project
keystone_client = get_keystone_admin_auth()
admin_role_id, reseller_admin_role_id, admin_user_id = get_admin_role_user_ids(keystone_client)
keystone_client.roles.grant(role=admin_role_id, user=admin_user_id, project=project_id)
keystone_client.roles.grant(role=reseller_admin_role_id, user=admin_user_id, project=project_id)
# Post Storlet and Dependency containers
url, token = get_swift_url_and_token(project_name)
swift_client.put_container(url, token, ".storlet")
swift_client.put_container(url, token, ".dependency")
headers = {'X-Account-Meta-Crystal-Enabled': True, 'X-Account-Meta-Storlet-Enabled': True}
swift_client.post_account(url, token, headers)
# Create project docker image
create_docker_image(r, project_id)
r.lpush('projects_crystal_enabled', project_id)
return JSONResponse("Crystal Project correctly enabled", status=status.HTTP_201_CREATED)
except:
return JSONResponse("Error Enabling Crystal Project", status=status.HTTP_400_BAD_REQUEST)
if request.method == 'DELETE':
try:
project_list = get_project_list()
project_name = project_list[project_id]
# Delete Storlet and Dependency containers
try:
url, token = get_swift_url_and_token(project_name)
headers = {'X-Account-Meta-Crystal-Enabled': '', 'X-Account-Meta-Storlet-Enabled': ''}
swift_client.post_account(url, token, headers)
swift_client.delete_container(url, token, ".storlet")
swift_client.delete_container(url, token, ".dependency")
except:
pass
# Delete Manager as admin of the Crystal Project
keystone_client = get_keystone_admin_auth()
admin_role_id, reseller_admin_role_id, admin_user_id = get_admin_role_user_ids(keystone_client)
try:
keystone_client.roles.revoke(role=admin_role_id, user=admin_user_id, project=project_id)
keystone_client.roles.revoke(role=reseller_admin_role_id, user=admin_user_id, project=project_id)
except:
pass
# Delete project docker image
delete_docker_image(r, project_id)
r.lrem('projects_crystal_enabled', project_id)
return JSONResponse("Crystal project correctly disabled.", status=status.HTTP_201_CREATED)
except RedisError:
return JSONResponse("Error inserting data", status=status.HTTP_400_BAD_REQUEST)
if request.method == 'POST':
enabled_projects = r.lrange('projects_crystal_enabled', 0, -1)
if project_id in enabled_projects:
return JSONResponse(project_id, status=status.HTTP_200_OK)
return JSONResponse('The project with id: ' + str(project_id) + ' does not exist.',
status=status.HTTP_404_NOT_FOUND)
return JSONResponse('Method ' + str(request.method) + ' not allowed.', status=status.HTTP_405_METHOD_NOT_ALLOWED)
def enable_account_for_storlets(url, token):
headers = dict()
headers['X-Account-Meta-storlet-enabled'] = 'True'
c.post_account(url, token, headers)
def enable_account_for_storlets(url, token):
headers = dict()
headers["X-Account-Meta-storlet-enabled"] = "True"
c.post_account(url, token, headers)
