X-Git-Url: https://osm.etsi.org/gitweb/?p=osm%2FNBI.git;a=blobdiff_plain;f=osm_nbi%2Fadmin_topics.py;h=565d76313a3b1fd542d2b221b28f5b41f51e8c95;hp=ada9c7b11502fc5ce67dc78cf9a663f40d8f467b;hb=2a929042e82cf1e010da9d8ff516f96159a57efd;hpb=79e40f41887cbc1e56f4b7c3518314952985fa51 diff --git a/osm_nbi/admin_topics.py b/osm_nbi/admin_topics.py index ada9c7b..565d763 100644 --- a/osm_nbi/admin_topics.py +++ b/osm_nbi/admin_topics.py @@ -302,12 +302,13 @@ class CommonVimWimSdn(BaseTopic): return "{}:0".format(content["_id"]) - def delete(self, session, _id, dry_run=False): + def delete(self, session, _id, dry_run=False, not_send_msg=None): """ Delete item by its internal _id :param session: contains "username", "admin", "force", "public", "project_id", "set_project" :param _id: server internal id :param dry_run: make checking but do not delete + :param not_send_msg: To not send message (False) or store content (list) instead :return: operation id if it is ordered to delete. None otherwise """ @@ -344,7 +345,7 @@ class CommonVimWimSdn(BaseTopic): if session["force"]: self.db.del_one(self.topic, {"_id": _id}) op_id = None - self._send_msg("deleted", {"_id": _id, "op_id": op_id}) + self._send_msg("deleted", {"_id": _id, "op_id": op_id}, not_send_msg=not_send_msg) else: update_dict["_admin.to_delete"] = True self.db.set_one(self.topic, {"_id": _id}, @@ -354,7 +355,7 @@ class CommonVimWimSdn(BaseTopic): # the number of operations is the operation_id. db_content does not contains the new operation inserted, # so the -1 is not needed op_id = "{}:{}".format(db_content["_id"], len(db_content["_admin"]["operations"])) - self._send_msg("delete", {"_id": _id, "op_id": op_id}) + self._send_msg("delete", {"_id": _id, "op_id": op_id}, not_send_msg=not_send_msg) return op_id @@ -368,6 +369,21 @@ class VimAccountTopic(CommonVimWimSdn): config_to_encrypt = {"1.1": ("admin_password", "nsx_password", "vcenter_password"), "default": ("admin_password", "nsx_password", "vcenter_password", "vrops_password")} + def check_conflict_on_del(self, session, _id, db_content): + """ + Check if deletion can be done because of dependencies if it is not force. To override + :param session: contains "username", "admin", "force", "public", "project_id", "set_project" + :param _id: internal _id + :param db_content: The database content of this item _id + :return: None if ok or raises EngineException with the conflict + """ + if session["force"]: + return + # check if used by VNF + if self.db.get_list("vnfrs", {"vim-account-id": _id}): + raise EngineException("There is at least one VNF using this VIM account", http_code=HTTPStatus.CONFLICT) + super().check_conflict_on_del(session, _id, db_content) + class WimAccountTopic(CommonVimWimSdn): topic = "wim_accounts" @@ -388,6 +404,25 @@ class SdnTopic(CommonVimWimSdn): password_to_encrypt = "password" config_to_encrypt = {} + def _obtain_url(self, input, create): + if input.get("ip") or input.get("port"): + if not input.get("ip") or not input.get("port") or input.get('url'): + raise ValidationError("You must provide both 'ip' and 'port' (deprecated); or just 'url' (prefered)") + input['url'] = "http://{}:{}/".format(input["ip"], input["port"]) + del input["ip"] + del input["port"] + elif create and not input.get('url'): + raise ValidationError("You must provide 'url'") + return input + + def _validate_input_new(self, input, force=False): + input = super()._validate_input_new(input, force) + return self._obtain_url(input, True) + + def _validate_input_edit(self, input, force=False): + input = super()._validate_input_edit(input, force) + return self._obtain_url(input, False) + class K8sClusterTopic(CommonVimWimSdn): topic = "k8sclusters" @@ -402,6 +437,15 @@ class K8sClusterTopic(CommonVimWimSdn): oid = super().format_on_new(content, project_id, make_public) self.db.encrypt_decrypt_fields(content["credentials"], 'encrypt', ['password', 'secret'], schema_version=content["schema_version"], salt=content["_id"]) + # Add Helm/Juju Repo lists + repos = {"helm-chart": [], "juju-bundle": []} + for proj in content["_admin"]["projects_read"]: + if proj != 'ANY': + for repo in self.db.get_list("k8srepos", {"_admin.projects_read": proj}): + if repo["_id"] not in repos[repo["type"]]: + repos[repo["type"]].append(repo["_id"]) + for k in repos: + content["_admin"][k.replace('-', '_')+"_repos"] = repos[k] return oid def format_on_edit(self, final_content, edit_content): @@ -412,6 +456,22 @@ class K8sClusterTopic(CommonVimWimSdn): oid = super().format_on_edit(final_content, edit_content) return oid + def check_conflict_on_edit(self, session, final_content, edit_content, _id): + super(CommonVimWimSdn, self).check_conflict_on_edit(session, final_content, edit_content, _id) + super().check_conflict_on_edit(session, final_content, edit_content, _id) + # Update Helm/Juju Repo lists + repos = {"helm-chart": [], "juju-bundle": []} + for proj in session.get("set_project", []): + if proj != 'ANY': + for repo in self.db.get_list("k8srepos", {"_admin.projects_read": proj}): + if repo["_id"] not in repos[repo["type"]]: + repos[repo["type"]].append(repo["_id"]) + for k in repos: + rlist = k.replace('-', '_') + "_repos" + if rlist not in final_content["_admin"]: + final_content["_admin"][rlist] = [] + final_content["_admin"][rlist] += repos[k] + class K8sRepoTopic(CommonVimWimSdn): topic = "k8srepos" @@ -422,6 +482,26 @@ class K8sRepoTopic(CommonVimWimSdn): password_to_encrypt = None config_to_encrypt = {} + def format_on_new(self, content, project_id=None, make_public=False): + oid = super().format_on_new(content, project_id, make_public) + # Update Helm/Juju Repo lists + repo_list = content["type"].replace('-', '_')+"_repos" + for proj in content["_admin"]["projects_read"]: + if proj != 'ANY': + self.db.set_list("k8sclusters", + {"_admin.projects_read": proj, "_admin."+repo_list+".ne": content["_id"]}, {}, + push={"_admin."+repo_list: content["_id"]}) + return oid + + def delete(self, session, _id, dry_run=False, not_send_msg=None): + type = self.db.get_one("k8srepos", {"_id": _id})["type"] + oid = super().delete(session, _id, dry_run, not_send_msg) + if oid: + # Remove from Helm/Juju Repo lists + repo_list = type.replace('-', '_') + "_repos" + self.db.set_list("k8sclusters", {"_admin."+repo_list: _id}, {}, pull={"_admin."+repo_list: _id}) + return oid + class UserTopicAuth(UserTopic): # topic = "users" @@ -566,7 +646,7 @@ class UserTopicAuth(UserTopic): rollback.append({"topic": self.topic, "_id": _id}) # del content["password"] - # self._send_msg("created", content) + # self._send_msg("created", content, not_send_msg=not_send_msg) return _id, None except ValidationError as e: raise EngineException(e, HTTPStatus.UNPROCESSABLE_ENTITY) @@ -580,7 +660,7 @@ class UserTopicAuth(UserTopic): :return: dictionary, raise exception if not found. """ # Allow _id to be a name or uuid - filter_q = {self.id_field(self.topic, _id): _id} + filter_q = {"username": _id} # users = self.auth.get_user_list(filter_q) users = self.list(session, filter_q) # To allow default filtering (Bug 853) if len(users) == 1: @@ -718,7 +798,7 @@ class UserTopicAuth(UserTopic): user_list = [usr for usr in user_list if usr["username"] == session["username"]] return user_list - def delete(self, session, _id, dry_run=False): + def delete(self, session, _id, dry_run=False, not_send_msg=None): """ Delete item by its internal _id @@ -726,6 +806,7 @@ class UserTopicAuth(UserTopic): :param _id: server internal id :param force: indicates if deletion must be forced in case of conflict :param dry_run: make checking but do not delete + :param not_send_msg: To not send message (False) or store content (list) instead :return: dictionary with deleted item _id. It raises EngineException on error: not found, conflict, ... """ # Allow _id to be a name or uuid @@ -850,7 +931,7 @@ class ProjectTopicAuth(ProjectTopic): self.format_on_new(content, project_id=session["project_id"], make_public=session["public"]) _id = self.auth.create_project(content) rollback.append({"topic": self.topic, "_id": _id}) - # self._send_msg("created", content) + # self._send_msg("created", content, not_send_msg=not_send_msg) return _id, None except ValidationError as e: raise EngineException(e, HTTPStatus.UNPROCESSABLE_ENTITY) @@ -890,13 +971,14 @@ class ProjectTopicAuth(ProjectTopic): project_list = [proj for proj in project_list if proj["_id"] in projects] return project_list - def delete(self, session, _id, dry_run=False): + def delete(self, session, _id, dry_run=False, not_send_msg=None): """ Delete item by its internal _id :param session: contains "username", "admin", "force", "public", "project_id", "set_project" :param _id: server internal id :param dry_run: make checking but do not delete + :param not_send_msg: To not send message (False) or store content (list) instead :return: dictionary with deleted item _id. It raises EngineException on error: not found, conflict, ... """ # Allow _id to be a name or uuid @@ -1070,11 +1152,12 @@ class RoleTopicAuth(BaseTopic): raise EngineException("You cannot delete role '{}'".format(role["name"]), http_code=HTTPStatus.FORBIDDEN) # If any user is using this role, raise CONFLICT exception - for user in self.auth.get_user_list(): - for prm in user.get("project_role_mappings"): - if prm["role"] == _id: - raise EngineException("Role '{}' ({}) is being used by user '{}'" - .format(role["name"], _id, user["username"]), HTTPStatus.CONFLICT) + if not session["force"]: + for user in self.auth.get_user_list(): + for prm in user.get("project_role_mappings"): + if prm["role"] == _id: + raise EngineException("Role '{}' ({}) is being used by user '{}'" + .format(role["name"], _id, user["username"]), HTTPStatus.CONFLICT) @staticmethod def format_on_new(content, project_id=None, make_public=False): # TO BE REMOVED ? @@ -1179,18 +1262,19 @@ class RoleTopicAuth(BaseTopic): content["_id"] = rid # _id = self.db.create(self.topic, content) rollback.append({"topic": self.topic, "_id": rid}) - # self._send_msg("created", content) + # self._send_msg("created", content, not_send_msg=not_send_msg) return rid, None except ValidationError as e: raise EngineException(e, HTTPStatus.UNPROCESSABLE_ENTITY) - def delete(self, session, _id, dry_run=False): + def delete(self, session, _id, dry_run=False, not_send_msg=None): """ Delete item by its internal _id :param session: contains "username", "admin", "force", "public", "project_id", "set_project" :param _id: server internal id :param dry_run: make checking but do not delete + :param not_send_msg: To not send message (False) or store content (list) instead :return: dictionary with deleted item _id. It raises EngineException on error: not found, conflict, ... """ filter_q = {BaseTopic.id_field(self.topic, _id): _id}