from hashlib import sha256
from http import HTTPStatus
from time import time
-from validation import user_new_schema, user_edit_schema, project_new_schema, project_edit_schema
-from validation import vim_account_new_schema, vim_account_edit_schema, sdn_new_schema, sdn_edit_schema
-from validation import wim_account_new_schema, wim_account_edit_schema, roles_new_schema, roles_edit_schema
-from validation import validate_input
-from validation import ValidationError
-from validation import is_valid_uuid # To check that User/Project Names don't look like UUIDs
-from base_topic import BaseTopic, EngineException
+from osm_nbi.validation import user_new_schema, user_edit_schema, project_new_schema, project_edit_schema, \
+ vim_account_new_schema, vim_account_edit_schema, sdn_new_schema, sdn_edit_schema, \
+ wim_account_new_schema, wim_account_edit_schema, roles_new_schema, roles_edit_schema, \
+ validate_input, ValidationError, is_valid_uuid # To check that User/Project Names don't look like UUIDs
+from osm_nbi.base_topic import BaseTopic, EngineException
+from osm_nbi.authconn import AuthconnNotFoundException, AuthconnConflictException
from osm_common.dbbase import deep_update_rfc7396
-from authconn import AuthconnNotFoundException, AuthconnConflictException
-# from authconn_keystone import AuthconnKeystone
__author__ = "Alfonso Tierno <alfonso.tiernosepulveda@telefonica.com>"
schema_edit = user_edit_schema
multiproject = False
- def __init__(self, db, fs, msg):
- BaseTopic.__init__(self, db, fs, msg)
+ def __init__(self, db, fs, msg, auth):
+ BaseTopic.__init__(self, db, fs, msg, auth)
@staticmethod
def _get_project_filter(session):
schema_edit = project_edit_schema
multiproject = False
- def __init__(self, db, fs, msg):
- BaseTopic.__init__(self, db, fs, msg)
+ def __init__(self, db, fs, msg, auth):
+ BaseTopic.__init__(self, db, fs, msg, auth)
@staticmethod
def _get_project_filter(session):
class CommonVimWimSdn(BaseTopic):
"""Common class for VIM, WIM SDN just to unify methods that are equal to all of them"""
- config_to_encrypt = () # what keys at config must be encrypted because contains passwords
+ config_to_encrypt = {} # what keys at config must be encrypted because contains passwords
password_to_encrypt = "" # key that contains a password
@staticmethod
final_content[self.password_to_encrypt] = self.db.encrypt(edit_content[self.password_to_encrypt],
schema_version=schema_version,
salt=final_content["_id"])
- if edit_content.get("config") and self.config_to_encrypt:
- for p in self.config_to_encrypt:
+ config_to_encrypt_keys = self.config_to_encrypt.get(schema_version) or self.config_to_encrypt.get("default")
+ if edit_content.get("config") and config_to_encrypt_keys:
+
+ for p in config_to_encrypt_keys:
if edit_content["config"].get(p):
final_content["config"][p] = self.db.encrypt(edit_content["config"][p],
schema_version=schema_version,
:return: op_id: operation id on asynchronous operation, None otherwise. In addition content is modified
"""
super().format_on_new(content, project_id=project_id, make_public=make_public)
- content["schema_version"] = schema_version = "1.1"
+ content["schema_version"] = schema_version = "1.11"
# encrypt passwords
if content.get(self.password_to_encrypt):
content[self.password_to_encrypt] = self.db.encrypt(content[self.password_to_encrypt],
schema_version=schema_version,
salt=content["_id"])
- if content.get("config") and self.config_to_encrypt:
- for p in self.config_to_encrypt:
+ config_to_encrypt_keys = self.config_to_encrypt.get(schema_version) or self.config_to_encrypt.get("default")
+ if content.get("config") and config_to_encrypt_keys:
+ for p in config_to_encrypt_keys:
if content["config"].get(p):
content["config"][p] = self.db.encrypt(content["config"][p],
schema_version=schema_version,
schema_edit = vim_account_edit_schema
multiproject = True
password_to_encrypt = "vim_password"
- config_to_encrypt = ("admin_password", "nsx_password", "vcenter_password")
+ config_to_encrypt = {"1.1": ("admin_password", "nsx_password", "vcenter_password"),
+ "default": ("admin_password", "nsx_password", "vcenter_password", "vrops_password")}
class WimAccountTopic(CommonVimWimSdn):
schema_edit = wim_account_edit_schema
multiproject = True
password_to_encrypt = "wim_password"
- config_to_encrypt = ()
+ config_to_encrypt = {}
class SdnTopic(CommonVimWimSdn):
schema_edit = sdn_edit_schema
multiproject = True
password_to_encrypt = "password"
- config_to_encrypt = ()
+ config_to_encrypt = {}
class UserTopicAuth(UserTopic):
schema_edit = user_edit_schema
def __init__(self, db, fs, msg, auth):
- UserTopic.__init__(self, db, fs, msg)
- self.auth = auth
+ UserTopic.__init__(self, db, fs, msg, auth)
+ # self.auth = auth
def check_conflict_on_new(self, session, indata):
"""
schema_edit = project_edit_schema
def __init__(self, db, fs, msg, auth):
- ProjectTopic.__init__(self, db, fs, msg)
- self.auth = auth
+ ProjectTopic.__init__(self, db, fs, msg, auth)
+ # self.auth = auth
def check_conflict_on_new(self, session, indata):
"""
raise EngineException("You cannot rename project 'admin'", http_code=HTTPStatus.CONFLICT)
# Check that project name is not used, regardless keystone already checks this
- if self.auth.get_project_list(filter_q={"name": project_name}):
+ if project_name and self.auth.get_project_list(filter_q={"name": project_name}):
raise EngineException("project '{}' is already used".format(project_name), HTTPStatus.CONFLICT)
def check_conflict_on_del(self, session, _id, db_content):
self.check_conflict_on_edit(session, content, indata, _id=_id)
self.format_on_edit(content, indata)
- if "name" in indata:
- content["name"] = indata["name"]
+ deep_update_rfc7396(content, indata)
self.auth.update_project(content["_id"], content)
except ValidationError as e:
raise EngineException(e, HTTPStatus.UNPROCESSABLE_ENTITY)
multiproject = False
def __init__(self, db, fs, msg, auth, ops):
- BaseTopic.__init__(self, db, fs, msg)
- self.auth = auth
+ BaseTopic.__init__(self, db, fs, msg, auth)
+ # self.auth = auth
self.operations = ops
# self.topic = "roles_operations" if isinstance(auth, AuthconnKeystone) else "roles"