projects
/
invirt/packages/invirt-web.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Use expandOwner/expandAdmin rather than removed expandLocker
[invirt/packages/invirt-web.git]
/
code
/
validation.py
diff --git
a/code/validation.py
b/code/validation.py
old mode 100644
(file)
new mode 100755
(executable)
index
fe6d7c8
..
29cb310
--- a/
code/validation.py
+++ b/
code/validation.py
@@
-5,18
+5,13
@@
import getafsgroups
import re
import string
import dns.resolver
import re
import string
import dns.resolver
-from invirt.database import Machine, NIC, Type, Disk, CDROM, Autoinstall
+from invirt import authz
+from invirt.database import Machine, NIC, Type, Disk, CDROM, Autoinstall, Owner
from invirt.config import structs as config
from invirt.config import structs as config
-from invirt.common import InvalidInput
+from invirt.common import InvalidInput, CodeError
-MAX_MEMORY_TOTAL = 512
-MAX_MEMORY_SINGLE = 256
MIN_MEMORY_SINGLE = 16
MIN_MEMORY_SINGLE = 16
-MAX_DISK_TOTAL = 50
-MAX_DISK_SINGLE = 50
MIN_DISK_SINGLE = 0.1
MIN_DISK_SINGLE = 0.1
-MAX_VMS_TOTAL = 10
-MAX_VMS_ACTIVE = 4
class Validate:
def __init__(self, username, state, machine_id=None, name=None, description=None, owner=None,
class Validate:
def __init__(self, username, state, machine_id=None, name=None, description=None, owner=None,
@@
-44,9
+39,7
@@
class Validate:
owner = testOwner(username, owner, machine)
if owner is not None:
self.owner = owner
owner = testOwner(username, owner, machine)
if owner is not None:
self.owner = owner
- admin = testAdmin(username, admin, machine)
- if admin is not None:
- self.admin = admin
+ self.admin = testAdmin(username, admin, machine)
contact = testContact(username, contact, machine)
if contact is not None:
self.contact = contact
contact = testContact(username, contact, machine)
if contact is not None:
self.contact = contact
@@
-68,6
+61,8
@@
class Validate:
raise CodeError("Invalid cdrom type '%s'" % cdrom)
self.cdrom = cdrom
if autoinstall is not None:
raise CodeError("Invalid cdrom type '%s'" % cdrom)
self.cdrom = cdrom
if autoinstall is not None:
+ #raise InvalidInput('autoinstall', 'install',
+ # "The autoinstaller has been temporarily disabled")
self.autoinstall = Autoinstall.query().get(autoinstall)
self.autoinstall = Autoinstall.query().get(autoinstall)
@@
-91,15
+86,14
@@
def maxMemory(owner, g, machine=None, on=True):
memory for the machine to change to, if it is left off, is
returned.
"""
memory for the machine to change to, if it is left off, is
returned.
"""
- if machine is not None and machine.memory > MAX_MEMORY_SINGLE:
- # If they've been blessed, let them have it
- return machine.memory
+ (quota_total, quota_single) = Owner.getMemoryQuotas(machine.owner if machine else owner)
+
if not on:
if not on:
- return MAX_MEMORY_SINGLE
+ return quota_single
machines = getMachinesByOwner(owner, machine)
active_machines = [m for m in machines if m.name in g.xmlist_raw]
mem_usage = sum([x.memory for x in active_machines if x != machine])
machines = getMachinesByOwner(owner, machine)
active_machines = [m for m in machines if m.name in g.xmlist_raw]
mem_usage = sum([x.memory for x in active_machines if x != machine])
- return min(MAX_MEMORY_SINGLE, MAX_MEMORY_TOTAL-mem_usage)
+ return min(quota_single, quota_total-mem_usage)
def maxDisk(owner, machine=None):
"""Return the maximum disk that a machine can reach.
def maxDisk(owner, machine=None):
"""Return the maximum disk that a machine can reach.
@@
-107,6
+101,8
@@
def maxDisk(owner, machine=None):
If machine is None, the maximum disk for a new machine. Otherwise,
return the maximum that a given machine can be changed to.
"""
If machine is None, the maximum disk for a new machine. Otherwise,
return the maximum that a given machine can be changed to.
"""
+ (quota_total, quota_single) = Owner.getDiskQuotas(machine.owner if machine else owner)
+
if machine is not None:
machine_id = machine.machine_id
else:
if machine is not None:
machine_id = machine.machine_id
else:
@@
-114,14
+110,15
@@
def maxDisk(owner, machine=None):
disk_usage = Disk.query().filter(Disk.c.machine_id != machine_id).\
join('machine').\
filter_by(owner=owner).sum(Disk.c.size) or 0
disk_usage = Disk.query().filter(Disk.c.machine_id != machine_id).\
join('machine').\
filter_by(owner=owner).sum(Disk.c.size) or 0
- return min(MAX_DISK_SINGLE, MAX_DISK_TOTAL-disk_usage/1024.)
+ return min(quota_single, quota_total-disk_usage/1024.)
def cantAddVm(owner, g):
machines = getMachinesByOwner(owner)
active_machines = [m for m in machines if m.name in g.xmlist_raw]
def cantAddVm(owner, g):
machines = getMachinesByOwner(owner)
active_machines = [m for m in machines if m.name in g.xmlist_raw]
- if machines.count() >= MAX_VMS_TOTAL:
+ (quota_total, quota_active) = Owner.getVMQuotas(owner)
+ if machines.count() >= quota_total:
return 'You have too many VMs to create a new one.'
return 'You have too many VMs to create a new one.'
- if len(active_machines) >= MAX_VMS_ACTIVE:
+ if len(active_machines) >= quota_active:
return ('You already have the maximum number of VMs turned on. '
'To create more, turn one off.')
return False
return ('You already have the maximum number of VMs turned on. '
'To create more, turn one off.')
return False
@@
-133,7
+130,7
@@
def haveAccess(user, state, machine):
def owns(user, machine):
"""Return whether a user owns a machine"""
def owns(user, machine):
"""Return whether a user owns a machine"""
- return user in expandLocker(machine.owner)
+ return user in authz.expandOwner(machine.owner)
def validMachineName(name):
"""Check that name is valid for a machine name"""
def validMachineName(name):
"""Check that name is valid for a machine name"""
@@
-218,7
+215,7
@@
def testAdmin(user, admin, machine):
if admin is None:
return None
if machine is not None and admin == machine.administrator:
if admin is None:
return None
if machine is not None and admin == machine.administrator:
- return None
+ return admin
if admin == user:
return admin
if ':' not in admin:
if admin == user:
return admin
if ':' not in admin:
@@
-226,7
+223,7
@@
def testAdmin(user, admin, machine):
return admin
admin = 'system:' + admin
try:
return admin
admin = 'system:' + admin
try:
- if user in getafsgroups.getAfsGroupMembers(admin, config.authz[0].cell):
+ if user in getafsgroups.getAfsGroupMembers(admin, config.authz.afs.cells[0].cell):
return admin
except getafsgroups.AfsProcessError, e:
errmsg = str(e)
return admin
except getafsgroups.AfsProcessError, e:
errmsg = str(e)
@@
-241,14
+238,14
@@
def testOwner(user, owner, machine=None):
If machine is None, this is the owner of a new machine.
"""
If machine is None, this is the owner of a new machine.
"""
- if owner == user:
- return owner
if machine is not None and owner in (machine.owner, None):
return machine.owner
if owner is None:
raise InvalidInput('owner', owner, "Owner must be specified")
if machine is not None and owner in (machine.owner, None):
return machine.owner
if owner is None:
raise InvalidInput('owner', owner, "Owner must be specified")
+ if '@' in owner:
+ raise InvalidInput('owner', owner, "No cross-realm Hesiod lockers allowed")
try:
try:
- if user not in cache_acls.expandLocker(owner):
+ if user not in authz.expandOwner(owner):
raise InvalidInput('owner', owner, 'You do not have access to the '
+ owner + ' locker')
except getafsgroups.AfsProcessError, e:
raise InvalidInput('owner', owner, 'You do not have access to the '
+ owner + ' locker')
except getafsgroups.AfsProcessError, e:
@@
-262,9
+259,6
@@
def testContact(user, contact, machine=None):
raise InvalidInput('contact', contact, "Not a valid email.")
return contact
raise InvalidInput('contact', contact, "Not a valid email.")
return contact
-def testDisk(user, disksize, machine=None):
- return disksize
-
def testName(user, name, machine=None):
if name is None:
return None
def testName(user, name, machine=None):
if name is None:
return None
projects / invirt/packages/invirt-web.git / blobdiff