projects / osm / NBI.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
feature 1417: Add pdu CRUD
[osm/NBI.git] / osm_nbi / engine.py
diff --git a/osm_nbi/engine.py b/osm_nbi/engine.py
index 29bd4f1..6df84c8 100644 (file)
--- a/osm_nbi/engine.py
+++ b/osm_nbi/engine.py
@@ -9,7 +9,6 @@ import tarfile
 import yaml
 import json
 import logging
-from random import choice as random_choice
 from uuid import uuid4
 from hashlib import sha256, md5
 from osm_common.dbbase import DbException, deep_update
@@ -17,7 +16,7 @@ from osm_common.fsbase import FsException
 from osm_common.msgbase import MsgException
 from http import HTTPStatus
 from time import time
-from copy import deepcopy, copy
+from copy import copy
 from validation import validate_input, ValidationError
 
 __author__ = "Alfonso Tierno <alfonso.tiernosepulveda@telefonica.com>"
@@ -30,15 +29,15 @@ class EngineException(Exception):
         Exception.__init__(self, message)
 
 
-def get_iterable(input):
+def get_iterable(input_var):
     """
-    Returns an iterable, in case input is None it just returns an empty tuple
-    :param input:
-    :return: iterable
+    Returns an iterable, in case input_var is None it just returns an empty tuple
+    :param input_var: can be a list, tuple or None
+    :return: input_var or () if it is None
     """
-    if input is None:
+    if input_var is None:
         return ()
-    return input
+    return input_var
 
 
 class Engine(object):
@@ -100,102 +99,6 @@ class Engine(object):
         except (DbException, FsException, MsgException) as e:
             raise EngineException(str(e), http_code=e.http_code)
 
-    def authorize(self, token):
-        try:
-            if not token:
-                raise EngineException("Needed a token or Authorization http header",
-                                      http_code=HTTPStatus.UNAUTHORIZED)
-            if token not in self.tokens:
-                raise EngineException("Invalid token or Authorization http header",
-                                      http_code=HTTPStatus.UNAUTHORIZED)
-            session = self.tokens[token]
-            now = time()
-            if session["expires"] < now:
-                del self.tokens[token]
-                raise EngineException("Expired Token or Authorization http header",
-                                      http_code=HTTPStatus.UNAUTHORIZED)
-            return session
-        except EngineException:
-            if self.config["global"].get("test.user_not_authorized"):
-                return {"id": "fake-token-id-for-test",
-                        "project_id": self.config["global"].get("test.project_not_authorized", "admin"),
-                        "username": self.config["global"]["test.user_not_authorized"]}
-            else:
-                raise
-
-    def new_token(self, session, indata, remote):
-        now = time()
-        user_content = None
-
-        # Try using username/password
-        if indata.get("username"):
-            user_rows = self.db.get_list("users", {"username": indata.get("username")})
-            user_content = None
-            if user_rows:
-                user_content = user_rows[0]
-                salt = user_content["_admin"]["salt"]
-                shadow_password = sha256(indata.get("password", "").encode('utf-8') + salt.encode('utf-8')).hexdigest()
-                if shadow_password != user_content["password"]:
-                    user_content = None
-            if not user_content:
-                raise EngineException("Invalid username/password", http_code=HTTPStatus.UNAUTHORIZED)
-        elif session:
-            user_rows = self.db.get_list("users", {"username": session["username"]})
-            if user_rows:
-                user_content = user_rows[0]
-            else:
-                raise EngineException("Invalid token", http_code=HTTPStatus.UNAUTHORIZED)
-        else:
-            raise EngineException("Provide credentials: username/password or Authorization Bearer token",
-                                  http_code=HTTPStatus.UNAUTHORIZED)
-
-        token_id = ''.join(random_choice('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789')
-                           for _ in range(0, 32))
-        if indata.get("project_id"):
-            project_id = indata.get("project_id")
-            if project_id not in user_content["projects"]:
-                raise EngineException("project {} not allowed for this user".format(project_id),
-                                      http_code=HTTPStatus.UNAUTHORIZED)
-        else:
-            project_id = user_content["projects"][0]
-        if project_id == "admin":
-            session_admin = True
-        else:
-            project = self.db.get_one("projects", {"_id": project_id})
-            session_admin = project.get("admin", False)
-        new_session = {"issued_at": now, "expires": now+3600,
-                       "_id": token_id, "id": token_id, "project_id": project_id, "username": user_content["username"],
-                       "remote_port": remote.port, "admin": session_admin}
-        if remote.name:
-            new_session["remote_host"] = remote.name
-        elif remote.ip:
-            new_session["remote_host"] = remote.ip
-
-        self.tokens[token_id] = new_session
-        return deepcopy(new_session)
-
-    def get_token_list(self, session):
-        token_list = []
-        for token_id, token_value in self.tokens.items():
-            if token_value["username"] == session["username"]:
-                token_list.append(deepcopy(token_value))
-        return token_list
-
-    def get_token(self, session, token_id):
-        token_value = self.tokens.get(token_id)
-        if not token_value:
-            raise EngineException("token not found", http_code=HTTPStatus.NOT_FOUND)
-        if token_value["username"] != session["username"] and not session["admin"]:
-            raise EngineException("needed admin privileges", http_code=HTTPStatus.UNAUTHORIZED)
-        return token_value
-
-    def del_token(self, token_id):
-        try:
-            del self.tokens[token_id]
-            return "token '{}' deleted".format(token_id)
-        except KeyError:
-            raise EngineException("Token '{}' not found".format(token_id), http_code=HTTPStatus.NOT_FOUND)
-
     @staticmethod
     def _remove_envelop(item, indata=None):
         """
@@ -234,8 +137,7 @@ class Engine(object):
     def _check_project_dependencies(self, project_id):
         """
         Check if a project can be deleted
-        :param session:
-        :param _id:
+        :param project_id:
         :return:
         """
         # TODO Is it needed to check descriptors _admin.project_read/project_write??
@@ -243,6 +145,17 @@ class Engine(object):
         if self.db.get_list("users", _filter):
             raise EngineException("There are users that uses this project", http_code=HTTPStatus.CONFLICT)
 
+    def _check_pdus_usage(self, pdu_id):
+        """
+        Check if a pdu can be deleted
+        :param pdu_id:
+        :return:
+        """
+        # TODO Is it needed to check descriptors _admin.project_read/project_write??
+        _filter = {"vdur.pdu-id": pdu_id}
+        if self.db.get_list("vnfrs", _filter):
+            raise EngineException("There are ns that uses this pdu", http_code=HTTPStatus.CONFLICT)
+
     def _check_dependencies_on_descriptor(self, session, item, descriptor_id, _id):
         """
         Check that the descriptor to be deleded is not a dependency of others
@@ -477,12 +390,12 @@ class Engine(object):
         else:
             if not indata.get("_id"):
                 indata["_id"] = str(uuid4())
-            if item in ("vnfds", "nsds", "nsrs", "vnfrs"):
+            if item in ("vnfds", "nsds", "nsrs", "vnfrs", "pdus"):
                 if not indata["_admin"].get("projects_read"):
                     indata["_admin"]["projects_read"] = [session["project_id"]]
                 if not indata["_admin"].get("projects_write"):
                     indata["_admin"]["projects_write"] = [session["project_id"]]
-            if item in ("vnfds", "nsds"):
+            if item in ("vnfds", "nsds", "pdus"):
                 indata["_admin"]["onboardingState"] = "CREATED"
                 indata["_admin"]["operationalState"] = "DISABLED"
                 indata["_admin"]["usageSate"] = "NOT_IN_USE"
@@ -739,6 +652,8 @@ class Engine(object):
                         "internal-connection-point": [],
                         "interfaces": [],
                     }
+                    if vnfd.get("pdu-type"):
+                        vdur["pdu-type"] = vnfd["pdu-type"]
                     # TODO volumes: name, volume-id
                     for icp in vdu.get("internal-connection-point", ()):
                         vdu_icp = {
@@ -930,7 +845,7 @@ class Engine(object):
             return filter
         if item == "users":
             filter["username"] = session["username"]
-        elif item in ("vnfds", "nsds", "nsrs", "vnfrs"):
+        elif item in ("vnfds", "nsds", "nsrs", "vnfrs", "pdus"):
             filter["_admin.projects_read.cont"] = ["ANY", session["project_id"]]
 
     def _add_delete_filter(self, session, item, filter):
@@ -942,7 +857,7 @@ class Engine(object):
         elif item == "project":
             if filter.get("_id") == session["project_id"]:
                 raise EngineException("You cannot delete your own project", http_code=HTTPStatus.CONFLICT)
-        elif item in ("vnfds", "nsds") and not session["admin"]:
+        elif item in ("vnfds", "nsds", "pdus") and not session["admin"]:
             filter["_admin.projects_write.cont"] = ["ANY", session["project_id"]]
 
     def get_file(self, session, item, _id, path=None, accept_header=None):
@@ -1062,6 +977,9 @@ class Engine(object):
         elif item == "projects":
             if not force:
                 self._check_project_dependencies(_id)
+        elif item == "pdus":
+            if not force:
+                self._check_pdus_usage(_id)
 
         if item == "nsrs":
             nsr = self.db.get_one(item, filter)
@@ -1072,6 +990,9 @@ class Engine(object):
             v = self.db.del_one(item, {"_id": _id})
             self.db.del_list("nslcmops", {"nsInstanceId": _id})
             self.db.del_list("vnfrs", {"nsr-id-ref": _id})
+            # set all used pdus as free
+            self.db.set_list("pdus", {"_admin.usage.nsr_id": _id},
+                             {"_admin.usageSate": "NOT_IN_USE", "_admin.usage": None})
             self.msg.write("ns", "deleted", {"_id": _id})
             return v
         if item in ("vim_accounts", "sdns") and not force: