from http import HTTPStatus
from time import time
from osm_common.dbbase import deep_update_rfc7396
-from validation import validate_input, ValidationError, is_valid_uuid
+from osm_nbi.validation import validate_input, ValidationError, is_valid_uuid
__author__ = "Alfonso Tierno <alfonso.tiernosepulveda@telefonica.com>"
def __init__(self, message, http_code=HTTPStatus.BAD_REQUEST):
self.http_code = http_code
- Exception.__init__(self, message)
+ super(Exception, self).__init__(message)
def get_iterable(input_var):
schema_edit = None # to_override
multiproject = True # True if this Topic can be shared by several projects. Then it contains _admin.projects_read
+ default_quota = 500
+
# Alternative ID Fields for some Topics
alt_id_field = {
"projects": "name",
"roles": "name"
}
- def __init__(self, db, fs, msg):
+ def __init__(self, db, fs, msg, auth):
self.db = db
self.fs = fs
self.msg = msg
self.logger = logging.getLogger("nbi.engine")
+ self.auth = auth
@staticmethod
def id_field(topic, value):
"""Returns ID Field for given topic and field value"""
- if topic in ["projects", "users"] and not is_valid_uuid(value):
+ if topic in BaseTopic.alt_id_field.keys() and not is_valid_uuid(value):
return BaseTopic.alt_id_field[topic]
else:
return "_id"
return {}
return indata
+ def check_quota(self, session):
+ """
+ Check whether topic quota is exceeded by the given project
+ Used by relevant topics' 'new' function to decide whether or not creation of the new item should be allowed
+ :param projects: projects (tuple) for which quota should be checked
+ :param override: boolean. If true, don't raise ValidationError even though quota be exceeded
+ :return: None
+ :raise:
+ DbException if project not found
+ ValidationError if quota exceeded and not overridden
+ """
+ if session["force"] or session["admin"]:
+ return
+ projects = session["project_id"]
+ for project in projects:
+ proj = self.auth.get_project(project)
+ pid = proj["_id"]
+ quota = proj.get("quotas", {}).get(self.topic, self.default_quota)
+ count = self.db.count(self.topic, {"_admin.projects_read": pid})
+ if count >= quota:
+ name = proj["name"]
+ raise ValidationError("{} quota ({}) exceeded for project {} ({})".format(self.topic, quota, name, pid))
+
def _validate_input_new(self, input, force=False):
"""
Validates input user content for a new entry. It uses jsonschema. Some overrides will use pyangbind
"""
Check that the data to be edited/uploaded is valid
:param session: contains "username", "admin", "force", "public", "project_id", "set_project"
- :param final_content: data once modified. This methdo may change it.
+ :param final_content: data once modified. This method may change it.
:param edit_content: incremental data that contains the modifications to apply
:param _id: internal _id
:return: None or raises EngineException
:param _id: If not None, ignore this entry that are going to change
:return: None or raises EngineException
"""
- _filter = self._get_project_filter(session)
+ if not self.multiproject:
+ _filter = {}
+ else:
+ _filter = self._get_project_filter(session)
_filter["name"] = name
if _id:
_filter["_id.neq"] = _id
:param content: descriptor to be modified
:param project_id: if included, it add project read/write permissions. Can be None or a list
:param make_public: if included it is generated as public for reading.
- :return: None, but content is modified
+ :return: op_id: operation id on asynchronous operation, None otherwise. In addition content is modified
"""
now = time()
if "_admin" not in content:
content["_admin"]["projects_read"].append("ANY")
if not content["_admin"].get("projects_write"):
content["_admin"]["projects_write"] = list(project_id)
+ return None
@staticmethod
def format_on_edit(final_content, edit_content):
+ """
+ Modifies final_content to admin information upon edition
+ :param final_content: final content to be stored at database
+ :param edit_content: user requested update content
+ :return: operation id, if this edit implies an asynchronous operation; None otherwise
+ """
if final_content.get("_admin"):
now = time()
final_content["_admin"]["modified"] = now
+ return None
def _send_msg(self, action, content):
if self.topic_msg:
:param _id: server internal id
:return: dictionary, raise exception if not found.
"""
- filter_db = self._get_project_filter(session)
+ if not self.multiproject:
+ filter_db = {}
+ else:
+ filter_db = self._get_project_filter(session)
# To allow project&user addressing by name AS WELL AS _id
filter_db[BaseTopic.id_field(self.topic, _id)] = _id
return self.db.get_one(self.topic, filter_db)
"""
if not filter_q:
filter_q = {}
-
- filter_q.update(self._get_project_filter(session))
+ if self.multiproject:
+ filter_q.update(self._get_project_filter(session))
# TODO transform data for SOL005 URL requests. Transform filtering
# TODO implement "field-type" query string SOL005
:param indata: data to be inserted
:param kwargs: used to override the indata descriptor
:param headers: http request headers
- :return: _id: identity of the inserted data.
+ :return: _id, op_id:
+ _id: identity of the inserted data.
+ op_id: operation id if this is asynchronous, None otherwise
"""
try:
+ if self.multiproject:
+ self.check_quota(session)
+
content = self._remove_envelop(indata)
# Override descriptor with query string kwargs
self._update_input_with_kwargs(content, kwargs)
content = self._validate_input_new(content, force=session["force"])
self.check_conflict_on_new(session, content)
- self.format_on_new(content, project_id=session["project_id"], make_public=session["public"])
+ op_id = self.format_on_new(content, project_id=session["project_id"], make_public=session["public"])
_id = self.db.create(self.topic, content)
rollback.append({"topic": self.topic, "_id": _id})
+ if op_id:
+ content["op_id"] = op_id
self._send_msg("create", content)
- return _id
+ return _id, op_id
except ValidationError as e:
raise EngineException(e, HTTPStatus.UNPROCESSABLE_ENTITY)
# TODO add admin to filter, validate rights
if not filter_q:
filter_q = {}
- filter_q.update(self._get_project_filter(session))
+ if self.multiproject:
+ filter_q.update(self._get_project_filter(session))
return self.db.del_list(self.topic, filter_q)
def delete_extra(self, session, _id, db_content):
:param session: contains "username", "admin", "force", "public", "project_id", "set_project"
:param _id: server internal id
:param dry_run: make checking but do not delete
- :return: dictionary with deleted item _id. It raises EngineException on error: not found, conflict, ...
+ :return: operation id (None if there is not operation), raise exception if error or not found, conflict, ...
"""
# To allow addressing projects and users by name AS WELL AS by _id
if dry_run:
return None
- filter_q.update(self._get_project_filter(session))
+ if self.multiproject:
+ filter_q.update(self._get_project_filter(session))
if self.multiproject and session["project_id"]:
# remove reference from project_read. If not last delete
+ # if this topic is not part of session["project_id"] no midification at database is done and an exception
+ # is raised
self.db.set_one(self.topic, filter_q, update_dict=None,
pull={"_admin.projects_read": {"$in": session["project_id"]}})
# try to delete if there is not any more reference from projects. Ignore if it is not deleted
filter_q = {'_id': _id, '_admin.projects_read': [[], ["ANY"]]}
v = self.db.del_one(self.topic, filter_q, fail_on_empty=False)
if not v or not v["deleted"]:
- return v
+ return None
else:
- v = self.db.del_one(self.topic, filter_q)
+ self.db.del_one(self.topic, filter_q)
self.delete_extra(session, _id, item_content)
self._send_msg("deleted", {"_id": _id})
- return v
+ return None
def edit(self, session, _id, indata=None, kwargs=None, content=None):
"""
:param indata: contains the changes to apply
:param kwargs: modifies indata
:param content: original content of the item
- :return:
+ :return: op_id: operation id if this is processed asynchronously, None otherwise
"""
indata = self._remove_envelop(indata)
if not content:
content = self.show(session, _id)
deep_update_rfc7396(content, indata)
+
+ # To allow project addressing by name AS WELL AS _id. Get the _id, just in case the provided one is a name
+ _id = content.get("_id") or _id
+
self.check_conflict_on_edit(session, content, indata, _id=_id)
- self.format_on_edit(content, indata)
- # To allow project addressing by name AS WELL AS _id
- # self.db.replace(self.topic, _id, content)
- cid = content.get("_id")
- self.db.replace(self.topic, cid if cid else _id, content)
+ op_id = self.format_on_edit(content, indata)
+
+ self.db.replace(self.topic, _id, content)
indata.pop("_admin", None)
+ if op_id:
+ indata["op_id"] = op_id
indata["_id"] = _id
self._send_msg("edit", indata)
- return _id
+ return op_id
except ValidationError as e:
raise EngineException(e, HTTPStatus.UNPROCESSABLE_ENTITY)