Coverage for osm_nbi/nbi.py: 0%

1#!/usr/bin/python3 

2# -*- coding: utf-8 -*- 

3 

4# Licensed under the Apache License, Version 2.0 (the "License"); 

5# you may not use this file except in compliance with the License. 

6# You may obtain a copy of the License at 

7# 

8# http://www.apache.org/licenses/LICENSE-2.0 

9# 

10# Unless required by applicable law or agreed to in writing, software 

11# distributed under the License is distributed on an "AS IS" BASIS, 

12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 

13# implied. 

14# See the License for the specific language governing permissions and 

15# limitations under the License. 

16 

17import cherrypy 

18import time 

19import json 

20import yaml 

21import osm_nbi.html_out as html 

22import logging 

23import logging.handlers 

24import getopt 

25import sys 

26 

27from osm_nbi.authconn import AuthException, AuthconnException 

28from osm_nbi.auth import Authenticator 

29from osm_nbi.engine import Engine, EngineException 

30from osm_nbi.subscriptions import SubscriptionThread 

31from osm_nbi.utils import cef_event, cef_event_builder 

32from osm_nbi.validation import ValidationError 

33from osm_common.dbbase import DbException 

34from osm_common.fsbase import FsException 

35from osm_common.msgbase import MsgException 

36from http import HTTPStatus 

37from codecs import getreader 

38from os import environ, path 

39from osm_nbi import version as nbi_version, version_date as nbi_version_date 

40 

41__author__ = "Alfonso Tierno <alfonso.tiernosepulveda@telefonica.com>" 

42 

43__version__ = "0.1.3" # file version, not NBI version 

44version_date = "Aug 2019" 

45 

46database_version = "1.2" 

47auth_database_version = "1.0" 

48nbi_server = None # instance of Server class 

49subscription_thread = None # instance of SubscriptionThread class 

50cef_logger = None 

51 

52""" 

53North Bound Interface (O: OSM specific; 5,X: SOL005 not implemented yet; O5: SOL005 implemented) 

54URL: /osm GET POST PUT DELETE PATCH 

55 /nsd/v1 

56 /ns_descriptors_content O O 

57 /<nsdInfoId> O O O O 

58 /ns_descriptors O5 O5 

59 /<nsdInfoId> O5 O5 5 

60 /nsd_content O5 O5 

61 /nsd O 

62 /artifacts[/<artifactPath>] O 

63 /ns_config_template O O 

64 /<nsConfigTemplateId> O O 

65 /template_content O O 

66 /pnf_descriptors 5 5 

67 /<pnfdInfoId> 5 5 5 

68 /pnfd_content 5 5 

69 /subscriptions 5 5 

70 /<subscriptionId> 5 X 

71 

72 /vnfpkgm/v1 

73 /vnf_packages_content O O 

74 /<vnfPkgId> O O 

75 /vnf_packages O5 O5 

76 /<vnfPkgId> O5 O5 5 

77 /package_content O5 O5 

78 /upload_from_uri X 

79 /vnfd O5 

80 /artifacts[/<artifactPath>] O5 

81 /subscriptions X X 

82 /<subscriptionId> X X 

83 

84 /nslcm/v1 

85 /ns_instances_content O O 

86 /<nsInstanceId> O O 

87 /ns_instances 5 5 

88 /<nsInstanceId> O5 O5 

89 instantiate O5 

90 terminate O5 

91 action O 

92 scale O5 

93 migrate O 

94 update 05 

95 heal O5 

96 /ns_lcm_op_occs 5 5 

97 /<nsLcmOpOccId> 5 5 5 

98 cancel 05 

99 /vnf_instances (also vnfrs for compatibility) O 

100 /<vnfInstanceId> O 

101 /subscriptions 5 5 

102 /<subscriptionId> 5 X 

103 

104 /pdu/v1 

105 /pdu_descriptors O O 

106 /<id> O O O O 

107 

108 /admin/v1 

109 /tokens O O 

110 /<id> O O 

111 /users O O 

112 /<id> O O O O 

113 /projects O O 

114 /<id> O O 

115 /vim_accounts (also vims for compatibility) O O 

116 /<id> O O O 

117 /wim_accounts O O 

118 /<id> O O O 

119 /sdns O O 

120 /<id> O O O 

121 /k8sclusters O O 

122 /<id> O O O 

123 /k8srepos O O 

124 /<id> O O 

125 /osmrepos O O 

126 /<id> O O 

127 

128 /nst/v1 O O 

129 /netslice_templates_content O O 

130 /<nstInfoId> O O O O 

131 /netslice_templates O O 

132 /<nstInfoId> O O O 

133 /nst_content O O 

134 /nst O 

135 /artifacts[/<artifactPath>] O 

136 /subscriptions X X 

137 /<subscriptionId> X X 

138 

139 /nsilcm/v1 

140 /netslice_instances_content O O 

141 /<SliceInstanceId> O O 

142 /netslice_instances O O 

143 /<SliceInstanceId> O O 

144 instantiate O 

145 terminate O 

146 action O 

147 /nsi_lcm_op_occs O O 

148 /<nsiLcmOpOccId> O O O 

149 /subscriptions X X 

150 /<subscriptionId> X X 

151 

152query string: 

153 Follows SOL005 section 4.3.2 It contains extra METHOD to override http method, FORCE to force. 

154 simpleFilterExpr := <attrName>["."<attrName>]*["."<op>]"="<value>[","<value>]* 

155 filterExpr := <simpleFilterExpr>["&"<simpleFilterExpr>]* 

156 op := "eq" | "neq" (or "ne") | "gt" | "lt" | "gte" | "lte" | "cont" | "ncont" 

157 attrName := string 

158 For filtering inside array, it must select the element of the array, or add ANYINDEX to apply the filtering over any 

159 item of the array, that is, pass if any item of the array pass the filter. 

160 It allows both ne and neq for not equal 

161 TODO: 4.3.3 Attribute selectors 

162 all_fields, fields=x,y,.., exclude_default, exclude_fields=x,y,... 

163 (none) … same as “exclude_default” 

164 all_fields … all attributes. 

165 fields=<list> … all attributes except all complex attributes with minimum cardinality of zero that are not 

166 conditionally mandatory, and that are not provided in <list>. 

167 exclude_fields=<list> … all attributes except those complex attributes with a minimum cardinality of zero that 

168 are not conditionally mandatory, and that are provided in <list>. 

169 exclude_default … all attributes except those complex attributes with a minimum cardinality of zero that are not 

170 conditionally mandatory, and that are part of the "default exclude set" defined in the present specification for 

171 the particular resource 

172 exclude_default and include=<list> … all attributes except those complex attributes with a minimum cardinality 

173 of zero that are not conditionally mandatory and that are part of the "default exclude set" defined in the 

174 present specification for the particular resource, but that are not part of <list> 

175 Additionally it admits some administrator values: 

176 FORCE: To force operations skipping dependency checkings 

177 ADMIN: To act as an administrator or a different project 

178 PUBLIC: To get public descriptors or set a descriptor as public 

179 SET_PROJECT: To make a descriptor available for other project 

180 

181Header field name Reference Example Descriptions 

182 Accept IETF RFC 7231 [19] application/json Content-Types that are acceptable for the response. 

183 This header field shall be present if the response is expected to have a non-empty message body. 

184 Content-Type IETF RFC 7231 [19] application/json The MIME type of the body of the request. 

185 This header field shall be present if the request has a non-empty message body. 

186 Authorization IETF RFC 7235 [22] Bearer mF_9.B5f-4.1JqM The authorization token for the request. 

187 Details are specified in clause 4.5.3. 

188 Range IETF RFC 7233 [21] 1000-2000 Requested range of bytes from a file 

189Header field name Reference Example Descriptions 

190 Content-Type IETF RFC 7231 [19] application/json The MIME type of the body of the response. 

191 This header field shall be present if the response has a non-empty message body. 

192 Location IETF RFC 7231 [19] http://www.example.com/vnflcm/v1/vnf_instances/123 Used in redirection, or when a 

193 new resource has been created. 

194 This header field shall be present if the response status code is 201 or 3xx. 

195 In the present document this header field is also used if the response status code is 202 and a new resource was 

196 created. 

197 WWW-Authenticate IETF RFC 7235 [22] Bearer realm="example" Challenge if the corresponding HTTP request has not 

198 provided authorization, or error details if the corresponding HTTP request has provided an invalid authorization 

199 token. 

200 Accept-Ranges IETF RFC 7233 [21] bytes Used by the Server to signal whether or not it supports ranges for 

201 certain resources. 

202 Content-Range IETF RFC 7233 [21] bytes 21010-47021/ 47022 Signals the byte range that is contained in the 

203 response, and the total length of the file. 

204 Retry-After IETF RFC 7231 [19] Fri, 31 Dec 1999 23:59:59 GMT 

205""" 

206 

207valid_query_string = ("ADMIN", "SET_PROJECT", "FORCE", "PUBLIC") 

208# ^ Contains possible administrative query string words: 

209# ADMIN=True(by default)|Project|Project-list: See all elements, or elements of a project 

210# (not owned by my session project). 

211# PUBLIC=True(by default)|False: See/hide public elements. Set/Unset a topic to be public 

212# FORCE=True(by default)|False: Force edition/deletion operations 

213# SET_PROJECT=Project|Project-list: Add/Delete the topic to the projects portfolio 

214 

215valid_url_methods = { 

216 # contains allowed URL and methods, and the role_permission name 

217 "admin": { 

218 "v1": { 

219 "tokens": { 

220 "METHODS": ("GET", "POST", "DELETE"), 

221 "ROLE_PERMISSION": "tokens:", 

222 "<ID>": {"METHODS": ("GET", "DELETE"), "ROLE_PERMISSION": "tokens:id:"}, 

223 }, 

224 "users": { 

225 "METHODS": ("GET", "POST"), 

226 "ROLE_PERMISSION": "users:", 

227 "<ID>": { 

228 "METHODS": ("GET", "DELETE", "PATCH"), 

229 "ROLE_PERMISSION": "users:id:", 

230 }, 

231 }, 

232 "projects": { 

233 "METHODS": ("GET", "POST"), 

234 "ROLE_PERMISSION": "projects:", 

235 "<ID>": { 

236 "METHODS": ("GET", "DELETE", "PATCH"), 

237 "ROLE_PERMISSION": "projects:id:", 

238 }, 

239 }, 

240 "roles": { 

241 "METHODS": ("GET", "POST"), 

242 "ROLE_PERMISSION": "roles:", 

243 "<ID>": { 

244 "METHODS": ("GET", "DELETE", "PATCH"), 

245 "ROLE_PERMISSION": "roles:id:", 

246 }, 

247 }, 

248 "vims": { 

249 "METHODS": ("GET", "POST"), 

250 "ROLE_PERMISSION": "vims:", 

251 "<ID>": { 

252 "METHODS": ("GET", "DELETE", "PATCH"), 

253 "ROLE_PERMISSION": "vims:id:", 

254 }, 

255 }, 

256 "vim_accounts": { 

257 "METHODS": ("GET", "POST"), 

258 "ROLE_PERMISSION": "vim_accounts:", 

259 "<ID>": { 

260 "METHODS": ("GET", "DELETE", "PATCH"), 

261 "ROLE_PERMISSION": "vim_accounts:id:", 

262 }, 

263 }, 

264 "wim_accounts": { 

265 "METHODS": ("GET", "POST"), 

266 "ROLE_PERMISSION": "wim_accounts:", 

267 "<ID>": { 

268 "METHODS": ("GET", "DELETE", "PATCH"), 

269 "ROLE_PERMISSION": "wim_accounts:id:", 

270 }, 

271 }, 

272 "sdns": { 

273 "METHODS": ("GET", "POST"), 

274 "ROLE_PERMISSION": "sdn_controllers:", 

275 "<ID>": { 

276 "METHODS": ("GET", "DELETE", "PATCH"), 

277 "ROLE_PERMISSION": "sdn_controllers:id:", 

278 }, 

279 }, 

280 "k8sclusters": { 

281 "METHODS": ("GET", "POST"), 

282 "ROLE_PERMISSION": "k8sclusters:", 

283 "<ID>": { 

284 "METHODS": ("GET", "DELETE", "PATCH"), 

285 "ROLE_PERMISSION": "k8sclusters:id:", 

286 }, 

287 }, 

288 "vca": { 

289 "METHODS": ("GET", "POST"), 

290 "ROLE_PERMISSION": "vca:", 

291 "<ID>": { 

292 "METHODS": ("GET", "DELETE", "PATCH"), 

293 "ROLE_PERMISSION": "vca:id:", 

294 }, 

295 }, 

296 "k8srepos": { 

297 "METHODS": ("GET", "POST"), 

298 "ROLE_PERMISSION": "k8srepos:", 

299 "<ID>": { 

300 "METHODS": ("GET", "DELETE"), 

301 "ROLE_PERMISSION": "k8srepos:id:", 

302 }, 

303 }, 

304 "osmrepos": { 

305 "METHODS": ("GET", "POST"), 

306 "ROLE_PERMISSION": "osmrepos:", 

307 "<ID>": { 

308 "METHODS": ("GET", "DELETE", "PATCH"), 

309 "ROLE_PERMISSION": "osmrepos:id:", 

310 }, 

311 }, 

312 "domains": { 

313 "METHODS": ("GET",), 

314 "ROLE_PERMISSION": "domains:", 

315 }, 

316 } 

317 }, 

318 "pdu": { 

319 "v1": { 

320 "pdu_descriptors": { 

321 "METHODS": ("GET", "POST"), 

322 "ROLE_PERMISSION": "pduds:", 

323 "<ID>": { 

324 "METHODS": ("GET", "POST", "DELETE", "PATCH", "PUT"), 

325 "ROLE_PERMISSION": "pduds:id:", 

326 }, 

327 }, 

328 } 

329 }, 

330 "nsd": { 

331 "v1": { 

332 "ns_descriptors_content": { 

333 "METHODS": ("GET", "POST"), 

334 "ROLE_PERMISSION": "nsds:", 

335 "<ID>": { 

336 "METHODS": ("GET", "PUT", "DELETE"), 

337 "ROLE_PERMISSION": "nsds:id:", 

338 }, 

339 }, 

340 "ns_descriptors": { 

341 "METHODS": ("GET", "POST"), 

342 "ROLE_PERMISSION": "nsds:", 

343 "<ID>": { 

344 "METHODS": ("GET", "DELETE", "PATCH"), 

345 "ROLE_PERMISSION": "nsds:id:", 

346 "nsd_content": { 

347 "METHODS": ("GET", "PUT"), 

348 "ROLE_PERMISSION": "nsds:id:content:", 

349 }, 

350 "nsd": { 

351 "METHODS": ("GET",), # descriptor inside package 

352 "ROLE_PERMISSION": "nsds:id:content:", 

353 }, 

354 "artifacts": { 

355 "METHODS": ("GET",), 

356 "ROLE_PERMISSION": "nsds:id:nsd_artifact:", 

357 "*": None, 

358 }, 

359 }, 

360 }, 

361 "ns_config_template": { 

362 "METHODS": ("GET", "POST"), 

363 "ROLE_PERMISSION": "ns_config_template:content:", 

364 "<ID>": { 

365 "METHODS": ("GET", "DELETE"), 

366 "ROLE_PERMISSION": "ns_config_template:id:", 

367 "template_content": { 

368 "METHODS": ("GET", "PUT"), 

369 "ROLE_PERMISSION": "ns_config_template:id:content:", 

370 }, 

371 }, 

372 }, 

373 "pnf_descriptors": { 

374 "TODO": ("GET", "POST"), 

375 "<ID>": { 

376 "TODO": ("GET", "DELETE", "PATCH"), 

377 "pnfd_content": {"TODO": ("GET", "PUT")}, 

378 }, 

379 }, 

380 "subscriptions": { 

381 "TODO": ("GET", "POST"), 

382 "<ID>": {"TODO": ("GET", "DELETE")}, 

383 }, 

384 } 

385 }, 

386 "vnfpkgm": { 

387 "v1": { 

388 "vnf_packages_content": { 

389 "METHODS": ("GET", "POST"), 

390 "ROLE_PERMISSION": "vnfds:", 

391 "<ID>": { 

392 "METHODS": ("GET", "PUT", "DELETE"), 

393 "ROLE_PERMISSION": "vnfds:id:", 

394 }, 

395 }, 

396 "vnf_packages": { 

397 "METHODS": ("GET", "POST"), 

398 "ROLE_PERMISSION": "vnfds:", 

399 "<ID>": { 

400 "METHODS": ("GET", "DELETE", "PATCH"), # GET: vnfPkgInfo 

401 "ROLE_PERMISSION": "vnfds:id:", 

402 "package_content": { 

403 "METHODS": ("GET", "PUT"), # package 

404 "ROLE_PERMISSION": "vnfds:id:", 

405 "upload_from_uri": { 

406 "METHODS": (), 

407 "TODO": ("POST",), 

408 "ROLE_PERMISSION": "vnfds:id:upload:", 

409 }, 

410 }, 

411 "vnfd": { 

412 "METHODS": ("GET",), # descriptor inside package 

413 "ROLE_PERMISSION": "vnfds:id:content:", 

414 }, 

415 "artifacts": { 

416 "METHODS": ("GET",), 

417 "ROLE_PERMISSION": "vnfds:id:vnfd_artifact:", 

418 "*": None, 

419 }, 

420 "action": { 

421 "METHODS": ("POST",), 

422 "ROLE_PERMISSION": "vnfds:id:action:", 

423 }, 

424 }, 

425 }, 

426 "subscriptions": { 

427 "TODO": ("GET", "POST"), 

428 "<ID>": {"TODO": ("GET", "DELETE")}, 

429 }, 

430 "vnfpkg_op_occs": { 

431 "METHODS": ("GET",), 

432 "ROLE_PERMISSION": "vnfds:vnfpkgops:", 

433 "<ID>": {"METHODS": ("GET",), "ROLE_PERMISSION": "vnfds:vnfpkgops:id:"}, 

434 }, 

435 } 

436 }, 

437 "nslcm": { 

438 "v1": { 

439 "ns_instances_content": { 

440 "METHODS": ("GET", "POST"), 

441 "ROLE_PERMISSION": "ns_instances:", 

442 "<ID>": { 

443 "METHODS": ("GET", "DELETE"), 

444 "ROLE_PERMISSION": "ns_instances:id:", 

445 }, 

446 }, 

447 "ns_instances": { 

448 "METHODS": ("GET", "POST"), 

449 "ROLE_PERMISSION": "ns_instances:", 

450 "<ID>": { 

451 "METHODS": ("GET", "DELETE"), 

452 "ROLE_PERMISSION": "ns_instances:id:", 

453 "heal": { 

454 "METHODS": ("POST",), 

455 "ROLE_PERMISSION": "ns_instances:id:heal:", 

456 }, 

457 "scale": { 

458 "METHODS": ("POST",), 

459 "ROLE_PERMISSION": "ns_instances:id:scale:", 

460 }, 

461 "terminate": { 

462 "METHODS": ("POST",), 

463 "ROLE_PERMISSION": "ns_instances:id:terminate:", 

464 }, 

465 "instantiate": { 

466 "METHODS": ("POST",), 

467 "ROLE_PERMISSION": "ns_instances:id:instantiate:", 

468 }, 

469 "migrate": { 

470 "METHODS": ("POST",), 

471 "ROLE_PERMISSION": "ns_instances:id:migrate:", 

472 }, 

473 "action": { 

474 "METHODS": ("POST",), 

475 "ROLE_PERMISSION": "ns_instances:id:action:", 

476 }, 

477 "update": { 

478 "METHODS": ("POST",), 

479 "ROLE_PERMISSION": "ns_instances:id:update:", 

480 }, 

481 "verticalscale": { 

482 "METHODS": ("POST",), 

483 "ROLE_PERMISSION": "ns_instances:id:verticalscale:", 

484 }, 

485 }, 

486 }, 

487 "ns_lcm_op_occs": { 

488 "METHODS": ("GET",), 

489 "ROLE_PERMISSION": "ns_instances:opps:", 

490 "<ID>": { 

491 "METHODS": ("GET",), 

492 "ROLE_PERMISSION": "ns_instances:opps:id:", 

493 "cancel": { 

494 "METHODS": ("POST",), 

495 "ROLE_PERMISSION": "ns_instances:opps:cancel:", 

496 }, 

497 }, 

498 }, 

499 "vnfrs": { 

500 "METHODS": ("GET",), 

501 "ROLE_PERMISSION": "vnf_instances:", 

502 "<ID>": {"METHODS": ("GET",), "ROLE_PERMISSION": "vnf_instances:id:"}, 

503 }, 

504 "vnf_instances": { 

505 "METHODS": ("GET",), 

506 "ROLE_PERMISSION": "vnf_instances:", 

507 "<ID>": {"METHODS": ("GET",), "ROLE_PERMISSION": "vnf_instances:id:"}, 

508 }, 

509 "subscriptions": { 

510 "METHODS": ("GET", "POST"), 

511 "ROLE_PERMISSION": "ns_subscriptions:", 

512 "<ID>": { 

513 "METHODS": ("GET", "DELETE"), 

514 "ROLE_PERMISSION": "ns_subscriptions:id:", 

515 }, 

516 }, 

517 } 

518 }, 

519 "vnflcm": { 

520 "v1": { 

521 "vnf_instances": { 

522 "METHODS": ("GET", "POST"), 

523 "ROLE_PERMISSION": "vnflcm_instances:", 

524 "<ID>": { 

525 "METHODS": ("GET", "DELETE"), 

526 "ROLE_PERMISSION": "vnflcm_instances:id:", 

527 "scale": { 

528 "METHODS": ("POST",), 

529 "ROLE_PERMISSION": "vnflcm_instances:id:scale:", 

530 }, 

531 "terminate": { 

532 "METHODS": ("POST",), 

533 "ROLE_PERMISSION": "vnflcm_instances:id:terminate:", 

534 }, 

535 "instantiate": { 

536 "METHODS": ("POST",), 

537 "ROLE_PERMISSION": "vnflcm_instances:id:instantiate:", 

538 }, 

539 }, 

540 }, 

541 "vnf_lcm_op_occs": { 

542 "METHODS": ("GET",), 

543 "ROLE_PERMISSION": "vnf_instances:opps:", 

544 "<ID>": { 

545 "METHODS": ("GET",), 

546 "ROLE_PERMISSION": "vnf_instances:opps:id:", 

547 }, 

548 }, 

549 "subscriptions": { 

550 "METHODS": ("GET", "POST"), 

551 "ROLE_PERMISSION": "vnflcm_subscriptions:", 

552 "<ID>": { 

553 "METHODS": ("GET", "DELETE"), 

554 "ROLE_PERMISSION": "vnflcm_subscriptions:id:", 

555 }, 

556 }, 

557 } 

558 }, 

559 "nst": { 

560 "v1": { 

561 "netslice_templates_content": { 

562 "METHODS": ("GET", "POST"), 

563 "ROLE_PERMISSION": "slice_templates:", 

564 "<ID>": { 

565 "METHODS": ("GET", "PUT", "DELETE"), 

566 "ROLE_PERMISSION": "slice_templates:id:", 

567 }, 

568 }, 

569 "netslice_templates": { 

570 "METHODS": ("GET", "POST"), 

571 "ROLE_PERMISSION": "slice_templates:", 

572 "<ID>": { 

573 "METHODS": ("GET", "DELETE"), 

574 "TODO": ("PATCH",), 

575 "ROLE_PERMISSION": "slice_templates:id:", 

576 "nst_content": { 

577 "METHODS": ("GET", "PUT"), 

578 "ROLE_PERMISSION": "slice_templates:id:content:", 

579 }, 

580 "nst": { 

581 "METHODS": ("GET",), # descriptor inside package 

582 "ROLE_PERMISSION": "slice_templates:id:content:", 

583 }, 

584 "artifacts": { 

585 "METHODS": ("GET",), 

586 "ROLE_PERMISSION": "slice_templates:id:content:", 

587 "*": None, 

588 }, 

589 }, 

590 }, 

591 "subscriptions": { 

592 "TODO": ("GET", "POST"), 

593 "<ID>": {"TODO": ("GET", "DELETE")}, 

594 }, 

595 } 

596 }, 

597 "nsilcm": { 

598 "v1": { 

599 "netslice_instances_content": { 

600 "METHODS": ("GET", "POST"), 

601 "ROLE_PERMISSION": "slice_instances:", 

602 "<ID>": { 

603 "METHODS": ("GET", "DELETE"), 

604 "ROLE_PERMISSION": "slice_instances:id:", 

605 }, 

606 }, 

607 "netslice_instances": { 

608 "METHODS": ("GET", "POST"), 

609 "ROLE_PERMISSION": "slice_instances:", 

610 "<ID>": { 

611 "METHODS": ("GET", "DELETE"), 

612 "ROLE_PERMISSION": "slice_instances:id:", 

613 "terminate": { 

614 "METHODS": ("POST",), 

615 "ROLE_PERMISSION": "slice_instances:id:terminate:", 

616 }, 

617 "instantiate": { 

618 "METHODS": ("POST",), 

619 "ROLE_PERMISSION": "slice_instances:id:instantiate:", 

620 }, 

621 "action": { 

622 "METHODS": ("POST",), 

623 "ROLE_PERMISSION": "slice_instances:id:action:", 

624 }, 

625 }, 

626 }, 

627 "nsi_lcm_op_occs": { 

628 "METHODS": ("GET",), 

629 "ROLE_PERMISSION": "slice_instances:opps:", 

630 "<ID>": { 

631 "METHODS": ("GET",), 

632 "ROLE_PERMISSION": "slice_instances:opps:id:", 

633 }, 

634 }, 

635 } 

636 }, 

637 "nspm": { 

638 "v1": { 

639 "pm_jobs": { 

640 "<ID>": { 

641 "reports": { 

642 "<ID>": { 

643 "METHODS": ("GET",), 

644 "ROLE_PERMISSION": "reports:id:", 

645 } 

646 } 

647 }, 

648 }, 

649 }, 

650 }, 

651 "nsfm": { 

652 "v1": { 

653 "alarms": { 

654 "METHODS": ("GET", "PATCH"), 

655 "ROLE_PERMISSION": "alarms:", 

656 "<ID>": { 

657 "METHODS": ("GET", "PATCH"), 

658 "ROLE_PERMISSION": "alarms:id:", 

659 }, 

660 } 

661 }, 

662 }, 

663} 

664 

665 

666class NbiException(Exception): 

667 def __init__(self, message, http_code=HTTPStatus.METHOD_NOT_ALLOWED): 

668 Exception.__init__(self, message) 

669 self.http_code = http_code 

670 

671 

672class Server(object): 

673 instance = 0 

674 # to decode bytes to str 

675 reader = getreader("utf-8") 

676 

677 def __init__(self): 

678 self.instance += 1 

679 self.authenticator = Authenticator(valid_url_methods, valid_query_string) 

680 self.engine = Engine(self.authenticator) 

681 

682 def _format_in(self, kwargs): 

683 error_text = "" # error_text must be initialized outside try 

684 try: 

685 indata = None 

686 if cherrypy.request.body.length: 

687 error_text = "Invalid input format " 

688 

689 if "Content-Type" in cherrypy.request.headers: 

690 if "application/json" in cherrypy.request.headers["Content-Type"]: 

691 error_text = "Invalid json format " 

692 indata = json.load(self.reader(cherrypy.request.body)) 

693 cherrypy.request.headers.pop("Content-File-MD5", None) 

694 elif "application/yaml" in cherrypy.request.headers["Content-Type"]: 

695 error_text = "Invalid yaml format " 

696 indata = yaml.safe_load(cherrypy.request.body) 

697 cherrypy.request.headers.pop("Content-File-MD5", None) 

698 elif ( 

699 "application/binary" in cherrypy.request.headers["Content-Type"] 

700 or "application/gzip" 

701 in cherrypy.request.headers["Content-Type"] 

702 or "application/zip" in cherrypy.request.headers["Content-Type"] 

703 or "text/plain" in cherrypy.request.headers["Content-Type"] 

704 ): 

705 indata = cherrypy.request.body # .read() 

706 elif ( 

707 "multipart/form-data" 

708 in cherrypy.request.headers["Content-Type"] 

709 ): 

710 if "descriptor_file" in kwargs: 

711 filecontent = kwargs.pop("descriptor_file") 

712 if not filecontent.file: 

713 raise NbiException( 

714 "empty file or content", HTTPStatus.BAD_REQUEST 

715 ) 

716 indata = filecontent.file # .read() 

717 if filecontent.content_type.value: 

718 cherrypy.request.headers[ 

719 "Content-Type" 

720 ] = filecontent.content_type.value 

721 else: 

722 # raise cherrypy.HTTPError(HTTPStatus.Not_Acceptable, 

723 # "Only 'Content-Type' of type 'application/json' or 

724 # 'application/yaml' for input format are available") 

725 error_text = "Invalid yaml format " 

726 indata = yaml.safe_load(cherrypy.request.body) 

727 cherrypy.request.headers.pop("Content-File-MD5", None) 

728 else: 

729 error_text = "Invalid yaml format " 

730 indata = yaml.safe_load(cherrypy.request.body) 

731 cherrypy.request.headers.pop("Content-File-MD5", None) 

732 if not indata: 

733 indata = {} 

734 

735 format_yaml = False 

736 if cherrypy.request.headers.get("Query-String-Format") == "yaml": 

737 format_yaml = True 

738 

739 for k, v in kwargs.items(): 

740 if isinstance(v, str): 

741 if v == "": 

742 kwargs[k] = None 

743 elif format_yaml: 

744 try: 

745 kwargs[k] = yaml.safe_load(v) 

746 except Exception: 

747 pass 

748 elif ( 

749 k.endswith(".gt") 

750 or k.endswith(".lt") 

751 or k.endswith(".gte") 

752 or k.endswith(".lte") 

753 ): 

754 try: 

755 kwargs[k] = int(v) 

756 except Exception: 

757 try: 

758 kwargs[k] = float(v) 

759 except Exception: 

760 pass 

761 elif v.find(",") > 0: 

762 kwargs[k] = v.split(",") 

763 elif isinstance(v, (list, tuple)): 

764 for index in range(0, len(v)): 

765 if v[index] == "": 

766 v[index] = None 

767 elif format_yaml: 

768 try: 

769 v[index] = yaml.safe_load(v[index]) 

770 except Exception: 

771 pass 

772 

773 return indata 

774 except (ValueError, yaml.YAMLError) as exc: 

775 raise NbiException(error_text + str(exc), HTTPStatus.BAD_REQUEST) 

776 except KeyError as exc: 

777 raise NbiException( 

778 "Query string error: " + str(exc), HTTPStatus.BAD_REQUEST 

779 ) 

780 except Exception as exc: 

781 raise NbiException(error_text + str(exc), HTTPStatus.BAD_REQUEST) 

782 

783 @staticmethod 

784 def _format_out(data, token_info=None, _format=None): 

785 """ 

786 return string of dictionary data according to requested json, yaml, xml. By default json 

787 :param data: response to be sent. Can be a dict, text or file 

788 :param token_info: Contains among other username and project 

789 :param _format: The format to be set as Content-Type if data is a file 

790 :return: None 

791 """ 

792 accept = cherrypy.request.headers.get("Accept") 

793 if data is None: 

794 if accept and "text/html" in accept: 

795 return html.format( 

796 data, cherrypy.request, cherrypy.response, token_info 

797 ) 

798 # cherrypy.response.status = HTTPStatus.NO_CONTENT.value 

799 return 

800 elif hasattr(data, "read"): # file object 

801 if _format: 

802 cherrypy.response.headers["Content-Type"] = _format 

803 elif "b" in data.mode: # binariy asssumig zip 

804 cherrypy.response.headers["Content-Type"] = "application/zip" 

805 else: 

806 cherrypy.response.headers["Content-Type"] = "text/plain" 

807 # TODO check that cherrypy close file. If not implement pending things to close per thread next 

808 return data 

809 if accept: 

810 if "text/html" in accept: 

811 return html.format( 

812 data, cherrypy.request, cherrypy.response, token_info 

813 ) 

814 elif "application/yaml" in accept or "*/*" in accept: 

815 pass 

816 elif "application/json" in accept or ( 

817 cherrypy.response.status and cherrypy.response.status >= 300 

818 ): 

819 cherrypy.response.headers[ 

820 "Content-Type" 

821 ] = "application/json; charset=utf-8" 

822 a = json.dumps(data, indent=4) + "\n" 

823 return a.encode("utf8") 

824 cherrypy.response.headers["Content-Type"] = "application/yaml" 

825 return yaml.safe_dump( 

826 data, 

827 explicit_start=True, 

828 indent=4, 

829 default_flow_style=False, 

830 tags=False, 

831 encoding="utf-8", 

832 allow_unicode=True, 

833 ) # , canonical=True, default_style='"' 

834 

835 @cherrypy.expose 

836 def index(self, *args, **kwargs): 

837 token_info = None 

838 try: 

839 if cherrypy.request.method == "GET": 

840 token_info = self.authenticator.authorize() 

841 outdata = token_info # Home page 

842 else: 

843 raise cherrypy.HTTPError( 

844 HTTPStatus.METHOD_NOT_ALLOWED.value, 

845 "Method {} not allowed for tokens".format(cherrypy.request.method), 

846 ) 

847 

848 return self._format_out(outdata, token_info) 

849 

850 except (EngineException, AuthException) as e: 

851 # cherrypy.log("index Exception {}".format(e)) 

852 cherrypy.response.status = e.http_code.value 

853 return self._format_out("Welcome to OSM!", token_info) 

854 

855 @cherrypy.expose 

856 def version(self, *args, **kwargs): 

857 # TODO consider to remove and provide version using the static version file 

858 try: 

859 if cherrypy.request.method != "GET": 

860 raise NbiException( 

861 "Only method GET is allowed", HTTPStatus.METHOD_NOT_ALLOWED 

862 ) 

863 elif args or kwargs: 

864 raise NbiException( 

865 "Invalid URL or query string for version", 

866 HTTPStatus.METHOD_NOT_ALLOWED, 

867 ) 

868 # TODO include version of other modules, pick up from some kafka admin message 

869 osm_nbi_version = {"version": nbi_version, "date": nbi_version_date} 

870 return self._format_out(osm_nbi_version) 

871 except NbiException as e: 

872 cherrypy.response.status = e.http_code.value 

873 problem_details = { 

874 "code": e.http_code.name, 

875 "status": e.http_code.value, 

876 "detail": str(e), 

877 } 

878 return self._format_out(problem_details, None) 

879 

880 def domain(self): 

881 try: 

882 domains = { 

883 "user_domain_name": cherrypy.tree.apps["/osm"] 

884 .config["authentication"] 

885 .get("user_domain_name"), 

886 "project_domain_name": cherrypy.tree.apps["/osm"] 

887 .config["authentication"] 

888 .get("project_domain_name"), 

889 } 

890 return self._format_out(domains) 

891 except NbiException as e: 

892 cherrypy.response.status = e.http_code.value 

893 problem_details = { 

894 "code": e.http_code.name, 

895 "status": e.http_code.value, 

896 "detail": str(e), 

897 } 

898 return self._format_out(problem_details, None) 

899 

900 @staticmethod 

901 def _format_login(token_info): 

902 """ 

903 Changes cherrypy.request.login to include username/project_name;session so that cherrypy access log will