X-Git-Url: https://osm.etsi.org/gitweb/?p=osm%2FNBI.git;a=blobdiff_plain;f=osm_nbi%2Fnbi.py;h=2d2d6355ac77764275b3b7b6647f7c8f40512466;hp=8f995f5c748a6ee5d83da80efc392d23bead16e4;hb=f5f2e3f9cecc38647a437af7812323a1da7d3f60;hpb=b19cadcf9ff2169f34f6db79b866bad91f9c8aed diff --git a/osm_nbi/nbi.py b/osm_nbi/nbi.py index 8f995f5..2d2d635 100644 --- a/osm_nbi/nbi.py +++ b/osm_nbi/nbi.py @@ -47,7 +47,6 @@ auth_database_version = '1.0' nbi_server = None # instance of Server class subscription_thread = None # instance of SubscriptionThread class - """ North Bound Interface (O: OSM specific; 5,X: SOL005 not implemented yet; O5: SOL005 implemented) URL: /osm GET POST PUT DELETE PATCH @@ -112,6 +111,10 @@ URL: /osm GET POST / O O O /sdns O O / O O O + /k8sclusters O O + / O O O + /k8srepos O O + / O O /nst/v1 O O /netslice_templates_content O O @@ -212,45 +215,58 @@ valid_url_methods = { }, "users": {"METHODS": ("GET", "POST"), "ROLE_PERMISSION": "users:", - "": {"METHODS": ("GET", "POST", "DELETE", "PATCH", "PUT"), + "": {"METHODS": ("GET", "DELETE", "PATCH"), "ROLE_PERMISSION": "users:id:" } }, "projects": {"METHODS": ("GET", "POST"), "ROLE_PERMISSION": "projects:", - "": {"METHODS": ("GET", "DELETE", "PUT"), + "": {"METHODS": ("GET", "DELETE", "PATCH"), "ROLE_PERMISSION": "projects:id:"} }, "roles": {"METHODS": ("GET", "POST"), "ROLE_PERMISSION": "roles:", - "": {"METHODS": ("GET", "POST", "DELETE", "PUT"), + "": {"METHODS": ("GET", "DELETE", "PATCH"), "ROLE_PERMISSION": "roles:id:" } }, "vims": {"METHODS": ("GET", "POST"), "ROLE_PERMISSION": "vims:", - "": {"METHODS": ("GET", "DELETE", "PATCH", "PUT"), + "": {"METHODS": ("GET", "DELETE", "PATCH"), "ROLE_PERMISSION": "vims:id:" } }, "vim_accounts": {"METHODS": ("GET", "POST"), "ROLE_PERMISSION": "vim_accounts:", - "": {"METHODS": ("GET", "DELETE", "PATCH", "PUT"), + "": {"METHODS": ("GET", "DELETE", "PATCH"), "ROLE_PERMISSION": "vim_accounts:id:" } }, "wim_accounts": {"METHODS": ("GET", "POST"), "ROLE_PERMISSION": "wim_accounts:", - "": {"METHODS": ("GET", "DELETE", "PATCH", "PUT"), + "": {"METHODS": ("GET", "DELETE", "PATCH"), "ROLE_PERMISSION": "wim_accounts:id:" } }, "sdns": {"METHODS": ("GET", "POST"), "ROLE_PERMISSION": "sdn_controllers:", - "": {"METHODS": ("GET", "DELETE", "PATCH", "PUT"), + "": {"METHODS": ("GET", "DELETE", "PATCH"), "ROLE_PERMISSION": "sdn_controllers:id:" } }, + "k8sclusters": {"METHODS": ("GET", "POST"), + "ROLE_PERMISSION": "k8sclusters:", + "": {"METHODS": ("GET", "DELETE", "PATCH"), + "ROLE_PERMISSION": "k8sclusters:id:" + } + }, + "k8srepos": {"METHODS": ("GET", "POST"), + "ROLE_PERMISSION": "k8srepos:", + "": {"METHODS": ("GET", "DELETE"), + "ROLE_PERMISSION": "k8srepos:id:" + } + }, + } }, "pdu": { @@ -321,12 +337,21 @@ valid_url_methods = { "artifacts": {"*": {"METHODS": ("GET", ), "ROLE_PERMISSION": "vnfds:id:vnfd_artifact:" } - } + }, + "action": {"METHODS": ("POST", ), + "ROLE_PERMISSION": "vnfds:id:action:" + }, } }, "subscriptions": {"TODO": ("GET", "POST"), "": {"TODO": ("GET", "DELETE")} }, + "vnfpkg_op_occs": {"METHODS": ("GET", ), + "ROLE_PERMISSION": "vnfds:vnfpkgops:", + "": {"METHODS": ("GET", ), + "ROLE_PERMISSION": "vnfds:vnfpkgops:id:" + } + }, } }, "nslcm": { @@ -465,8 +490,8 @@ class Server(object): def __init__(self): self.instance += 1 - self.engine = Engine() self.authenticator = Authenticator(valid_url_methods, valid_query_string) + self.engine = Engine(self.authenticator) def _format_in(self, kwargs): try: @@ -698,6 +723,10 @@ class Server(object): @cherrypy.expose def test(self, *args, **kwargs): + if not cherrypy.config.get("server.enable_test") or (isinstance(cherrypy.config["server.enable_test"], str) and + cherrypy.config["server.enable_test"].lower() == "false"): + cherrypy.response.status = HTTPStatus.METHOD_NOT_ALLOWED.value + return "test URL is disabled" thread_info = None if args and args[0] == "help": return "
\ninit\nfile/  download file\ndb-clear/table\nfs-clear[/folder]\nlogin\nlogin2\n"\
@@ -958,6 +987,10 @@ class Server(object):
                 engine_topic = "nsds"
             elif main_topic == "vnfpkgm":
                 engine_topic = "vnfds"
+                if topic == "vnfpkg_op_occs":
+                    engine_topic = "vnfpkgops"
+                if topic == "vnf_packages" and item == "action":
+                    engine_topic = "vnfpkgops"
             elif main_topic == "nslcm":
                 engine_topic = "nsrs"
                 if topic == "ns_lcm_op_occs":
@@ -995,6 +1028,7 @@ class Server(object):
                         # TODO check that project_id (_id in this context) has permissions
                         _id = args[0]
                     outdata = self.engine.get_item(engine_session, engine_topic, _id)
+
             elif method == "POST":
                 cherrypy.response.status = HTTPStatus.CREATED.value
                 if topic in ("ns_descriptors_content", "vnf_packages_content", "netslice_templates_content"):
@@ -1033,7 +1067,6 @@ class Server(object):
                     indata["netsliceInstanceId"] = _id
                     nsilcmop_id, _ = self.engine.new_item(rollback, engine_session, "nsilcmops", indata, kwargs)
                     outdata = {"id": _id, "nsilcmop_id": nsilcmop_id}
-
                 elif topic == "netslice_instances" and item:
                     indata["lcmOperationType"] = item
                     indata["netsliceInstanceId"] = _id
@@ -1041,6 +1074,13 @@ class Server(object):
                     self._set_location_header(main_topic, version, "nsi_lcm_op_occs", _id)
                     outdata = {"id": _id}
                     cherrypy.response.status = HTTPStatus.ACCEPTED.value
+                elif topic == "vnf_packages" and item == "action":
+                    indata["lcmOperationType"] = item
+                    indata["vnfPkgId"] = _id
+                    _id, _ = self.engine.new_item(rollback, engine_session, "vnfpkgops", indata, kwargs)
+                    self._set_location_header(main_topic, version, "vnfpkg_op_occs", _id)
+                    outdata = {"id": _id}
+                    cherrypy.response.status = HTTPStatus.ACCEPTED.value
                 else:
                     _id, op_id = self.engine.new_item(rollback, engine_session, engine_topic, indata, kwargs,
                                                       cherrypy.request.headers)
@@ -1063,7 +1103,7 @@ class Server(object):
                             "nsInstanceId": _id,
                             "autoremove": True
                         }
-                        opp_id, _ = self.engine.new_item(rollback, engine_session, "nslcmops", nslcmop_desc, None)
+                        opp_id, _ = self.engine.new_item(rollback, engine_session, "nslcmops", nslcmop_desc, kwargs)
                         if opp_id:
                             delete_in_process = True
                             outdata = {"_id": opp_id}
@@ -1082,7 +1122,7 @@ class Server(object):
                     if not delete_in_process:
                         self.engine.del_item(engine_session, engine_topic, _id)
                         cherrypy.response.status = HTTPStatus.NO_CONTENT.value
-                if engine_topic in ("vim_accounts", "wim_accounts", "sdns"):
+                if engine_topic in ("vim_accounts", "wim_accounts", "sdns", "k8sclusters", "k8srepos"):
                     cherrypy.response.status = HTTPStatus.ACCEPTED.value
 
             elif method in ("PUT", "PATCH"):
@@ -1110,6 +1150,11 @@ class Server(object):
             # if Role information changes, it is needed to reload the information of roles
             if topic == "roles" and method != "GET":
                 self.authenticator.load_operation_to_allowed_roles()
+
+            if topic == "projects" and method == "DELETE" \
+                    or topic in ["users", "roles"] and method in ["PUT", "PATCH", "DELETE"]:
+                self.authenticator.remove_token_from_cache()
+
             return self._format_out(outdata, token_info, _format)
         except Exception as e:
             if isinstance(e, (NbiException, EngineException, DbException, FsException, MsgException, AuthException,
@@ -1254,14 +1299,9 @@ def _start_service():
     subscription_thread.start()
     # Do not capture except SubscriptionException
 
-    # load and print version. Ignore possible errors, e.g. file not found
-    try:
-        backend = engine_config["authentication"]["backend"]
-        nbi_version
-        cherrypy.log.error("Starting OSM NBI Version '{}' with '{}' authentication backend"
-                           .format(nbi_version + " " + nbi_version_date, backend))
-    except Exception:
-        pass
+    backend = engine_config["authentication"]["backend"]
+    cherrypy.log.error("Starting OSM NBI Version '{} {}' with '{}' authentication backend"
+                       .format(nbi_version, nbi_version_date, backend))
 
 
 def _stop_service():