projects
/
invirt/packages/invirt-web.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Fix a SQLAlchemy bug in the web ACL caching code
[invirt/packages/invirt-web.git]
/
code
/
validation.py
diff --git
a/code/validation.py
b/code/validation.py
index
e69559a
..
860bac3
100644
(file)
--- a/
code/validation.py
+++ b/
code/validation.py
@@
-4,7
+4,8
@@
import cache_acls
import getafsgroups
import re
import string
import getafsgroups
import re
import string
-from sipb_xen_database import Machine, NIC, Type, Disk, CDROM, Autoinstall
+from invirt.database import Machine, NIC, Type, Disk, CDROM, Autoinstall
+from invirt.config import structs as config
from webcommon import InvalidInput
MAX_MEMORY_TOTAL = 512
from webcommon import InvalidInput
MAX_MEMORY_TOTAL = 512
@@
-62,11
+63,11
@@
class Validate:
if vmtype is not None:
self.vmtype = validVmType(vmtype)
if cdrom is not None:
if vmtype is not None:
self.vmtype = validVmType(vmtype)
if cdrom is not None:
- if not CDROM.get(cdrom):
+ if not CDROM.query().get(cdrom):
raise CodeError("Invalid cdrom type '%s'" % cdrom)
self.cdrom = cdrom
if autoinstall is not None:
raise CodeError("Invalid cdrom type '%s'" % cdrom)
self.cdrom = cdrom
if autoinstall is not None:
- self.autoinstall = Autoinstall.get(autoinstall)
+ self.autoinstall = Autoinstall.query().get(autoinstall)
def getMachinesByOwner(owner, machine=None):
def getMachinesByOwner(owner, machine=None):
@@
-77,7
+78,7
@@
def getMachinesByOwner(owner, machine=None):
"""
if machine:
owner = machine.owner
"""
if machine:
owner = machine.owner
- return Machine.select_by(owner=owner)
+ return Machine.query().filter_by(owner=owner)
def maxMemory(owner, g, machine=None, on=True):
"""Return the maximum memory for a machine or a user.
def maxMemory(owner, g, machine=None, on=True):
"""Return the maximum memory for a machine or a user.
@@
-109,14
+110,15
@@
def maxDisk(owner, machine=None):
machine_id = machine.machine_id
else:
machine_id = None
machine_id = machine.machine_id
else:
machine_id = None
- disk_usage = Disk.query().filter_by(Disk.c.machine_id != machine_id,
- owner=owner).sum(Disk.c.size) or 0
+ disk_usage = Disk.query().filter(Disk.c.machine_id != machine_id).\
+ join('machine').\
+ filter_by(owner=owner).sum(Disk.c.size) or 0
return min(MAX_DISK_SINGLE, MAX_DISK_TOTAL-disk_usage/1024.)
def cantAddVm(owner, g):
machines = getMachinesByOwner(owner)
active_machines = [m for m in machines if m.name in g.xmlist_raw]
return min(MAX_DISK_SINGLE, MAX_DISK_TOTAL-disk_usage/1024.)
def cantAddVm(owner, g):
machines = getMachinesByOwner(owner)
active_machines = [m for m in machines if m.name in g.xmlist_raw]
- if len(machines) >= MAX_VMS_TOTAL:
+ if machines.count() >= MAX_VMS_TOTAL:
return 'You have too many VMs to create a new one.'
if len(active_machines) >= MAX_VMS_ACTIVE:
return ('You already have the maximum number of VMs turned on. '
return 'You have too many VMs to create a new one.'
if len(active_machines) >= MAX_VMS_ACTIVE:
return ('You already have the maximum number of VMs turned on. '
@@
-125,7
+127,8
@@
def cantAddVm(owner, g):
def haveAccess(user, state, machine):
"""Return whether a user has administrative access to a machine"""
def haveAccess(user, state, machine):
"""Return whether a user has administrative access to a machine"""
- return state.overlord or user in cache_acls.accessList(machine)
+ return (user in cache_acls.accessList(machine)
+ or (machine.adminable and state.isadmin))
def owns(user, machine):
"""Return whether a user owns a machine"""
def owns(user, machine):
"""Return whether a user owns a machine"""
@@
-157,7
+160,7
@@
def validMemory(owner, g, memory, machine=None, on=True):
raise InvalidInput('memory', memory,
"Minimum %s MiB" % MIN_MEMORY_SINGLE)
max_val = maxMemory(owner, g, machine, on)
raise InvalidInput('memory', memory,
"Minimum %s MiB" % MIN_MEMORY_SINGLE)
max_val = maxMemory(owner, g, machine, on)
- if not g.overlord and memory > max_val:
+ if not g.isadmin and memory > max_val:
raise InvalidInput('memory', memory,
'Maximum %s MiB for %s' % (max_val, owner))
return memory
raise InvalidInput('memory', memory,
'Maximum %s MiB for %s' % (max_val, owner))
return memory
@@
-166,7
+169,7
@@
def validDisk(owner, g, disk, machine=None):
"""Parse and validate limits for disk for a given owner and machine."""
try:
disk = float(disk)
"""Parse and validate limits for disk for a given owner and machine."""
try:
disk = float(disk)
- if not g.overlord and disk > maxDisk(owner, machine):
+ if not g.isadmin and disk > maxDisk(owner, machine):
raise InvalidInput('disk', disk,
"Maximum %s G" % maxDisk(owner, machine))
disk = int(disk * 1024)
raise InvalidInput('disk', disk,
"Maximum %s G" % maxDisk(owner, machine))
disk = int(disk * 1024)
@@
-180,7
+183,7
@@
def validDisk(owner, g, disk, machine=None):
def validVmType(vm_type):
if vm_type is None:
return None
def validVmType(vm_type):
if vm_type is None:
return None
- t = Type.get(vm_type)
+ t = Type.query().get(vm_type)
if t is None:
raise CodeError("Invalid vm type '%s'" % vm_type)
return t
if t is None:
raise CodeError("Invalid vm type '%s'" % vm_type)
return t
@@
-197,7
+200,7
@@
def testMachineId(user, state, machine_id, exists=True):
machine_id = int(machine_id)
except ValueError:
raise InvalidInput('machine_id', machine_id, "Must be an integer.")
machine_id = int(machine_id)
except ValueError:
raise InvalidInput('machine_id', machine_id, "Must be an integer.")
- machine = Machine.get(machine_id)
+ machine = Machine.query().get(machine_id)
if exists and machine is None:
raise InvalidInput('machine_id', machine_id, "Does not exist.")
if machine is not None and not haveAccess(user, state, machine):
if exists and machine is None:
raise InvalidInput('machine_id', machine_id, "Does not exist.")
if machine is not None and not haveAccess(user, state, machine):
@@
-222,7
+225,7
@@
def testAdmin(user, admin, machine):
return admin
admin = 'system:' + admin
try:
return admin
admin = 'system:' + admin
try:
- if user in getafsgroups.getAfsGroupMembers(admin, 'athena.mit.edu'):
+ if user in getafsgroups.getAfsGroupMembers(admin, config.authz[0].cell):
return admin
except getafsgroups.AfsProcessError, e:
errmsg = str(e)
return admin
except getafsgroups.AfsProcessError, e:
errmsg = str(e)
@@
-267,9
+270,9
@@
def testName(user, name, machine=None):
name = name.lower()
if machine is not None and name == machine.name:
return None
name = name.lower()
if machine is not None and name == machine.name:
return None
- if not Machine.select_by(name=name):
+ if not Machine.query().filter_by(name=name).count():
if not validMachineName(name):
if not validMachineName(name):
- raise InvalidInput('name', name, 'You must provide a machine name. Max 22 chars, alnum plus \'-\' and \'_\'.')
+ raise InvalidInput('name', name, 'You must provide a machine name. Max 63 chars, alnum plus \'-\', does not begin or end with \'-\'.')
return name
raise InvalidInput('name', name, "Name is already taken.")
return name
raise InvalidInput('name', name, "Name is already taken.")
projects / invirt/packages/invirt-web.git / blobdiff