X-Git-Url: http://xvm.mit.edu/gitweb/invirt/packages/invirt-web.git/blobdiff_plain/907f34a95f096535be1b47e99f37b063a2a8245c..cf6f5dce52a7c2ecdd5da56a5687c23689d0b9e3:/code/validation.py?ds=inline diff --git a/code/validation.py b/code/validation.py old mode 100644 new mode 100755 index dc0fd8c..29cb310 --- a/code/validation.py +++ b/code/validation.py @@ -4,22 +4,19 @@ import cache_acls import getafsgroups import re import string -from sipb_xen_database import Machine, NIC, Type, Disk, CDROM -from webcommon import InvalidInput +import dns.resolver +from invirt import authz +from invirt.database import Machine, NIC, Type, Disk, CDROM, Autoinstall, Owner +from invirt.config import structs as config +from invirt.common import InvalidInput, CodeError -MAX_MEMORY_TOTAL = 512 -MAX_MEMORY_SINGLE = 256 MIN_MEMORY_SINGLE = 16 -MAX_DISK_TOTAL = 50 -MAX_DISK_SINGLE = 50 MIN_DISK_SINGLE = 0.1 -MAX_VMS_TOTAL = 10 -MAX_VMS_ACTIVE = 4 class Validate: def __init__(self, username, state, machine_id=None, name=None, description=None, owner=None, admin=None, contact=None, memory=None, disksize=None, - vmtype=None, cdrom=None, clone_from=None, strict=False): + vmtype=None, cdrom=None, autoinstall=None, strict=False): # XXX Successive quota checks aren't a good idea, since you # can't necessarily change the locker and disk size at the # same time. @@ -36,15 +33,13 @@ class Validate: raise InvalidInput('disk', disksize, "You must provide a disk size.") if machine_id is not None: - self.machine = testMachineId(username, machine_id) + self.machine = testMachineId(username, state, machine_id) machine = getattr(self, 'machine', None) owner = testOwner(username, owner, machine) if owner is not None: self.owner = owner - admin = testAdmin(username, admin, machine) - if admin is not None: - self.admin = admin + self.admin = testAdmin(username, admin, machine) contact = testContact(username, contact, machine) if contact is not None: self.contact = contact @@ -58,17 +53,17 @@ class Validate: self.memory = validMemory(self.owner, state, memory, machine, on=not created_new) if disksize is not None: - self.disksize = validDisk(self.owner, disksize, machine) + self.disksize = validDisk(self.owner, state, disksize, machine) if vmtype is not None: self.vmtype = validVmType(vmtype) if cdrom is not None: - if not CDROM.get(cdrom): + if not CDROM.query().get(cdrom): raise CodeError("Invalid cdrom type '%s'" % cdrom) self.cdrom = cdrom - if clone_from is not None: - if clone_from not in ('ice3', ): - raise CodeError("Invalid clone image '%s'" % clone_from) - self.clone_from = clone_from + if autoinstall is not None: + #raise InvalidInput('autoinstall', 'install', + # "The autoinstaller has been temporarily disabled") + self.autoinstall = Autoinstall.query().get(autoinstall) def getMachinesByOwner(owner, machine=None): @@ -79,7 +74,7 @@ def getMachinesByOwner(owner, machine=None): """ if machine: owner = machine.owner - return Machine.select_by(owner=owner) + return Machine.query().filter_by(owner=owner) def maxMemory(owner, g, machine=None, on=True): """Return the maximum memory for a machine or a user. @@ -91,15 +86,14 @@ def maxMemory(owner, g, machine=None, on=True): memory for the machine to change to, if it is left off, is returned. """ - if machine is not None and machine.memory > MAX_MEMORY_SINGLE: - # If they've been blessed, let them have it - return machine.memory + (quota_total, quota_single) = Owner.getMemoryQuotas(machine.owner if machine else owner) + if not on: - return MAX_MEMORY_SINGLE + return quota_single machines = getMachinesByOwner(owner, machine) active_machines = [m for m in machines if m.name in g.xmlist_raw] mem_usage = sum([x.memory for x in active_machines if x != machine]) - return min(MAX_MEMORY_SINGLE, MAX_MEMORY_TOTAL-mem_usage) + return min(quota_single, quota_total-mem_usage) def maxDisk(owner, machine=None): """Return the maximum disk that a machine can reach. @@ -107,38 +101,43 @@ def maxDisk(owner, machine=None): If machine is None, the maximum disk for a new machine. Otherwise, return the maximum that a given machine can be changed to. """ + (quota_total, quota_single) = Owner.getDiskQuotas(machine.owner if machine else owner) + if machine is not None: machine_id = machine.machine_id else: machine_id = None - disk_usage = Disk.query().filter_by(Disk.c.machine_id != machine_id, - owner=owner).sum(Disk.c.size) or 0 - return min(MAX_DISK_SINGLE, MAX_DISK_TOTAL-disk_usage/1024.) + disk_usage = Disk.query().filter(Disk.c.machine_id != machine_id).\ + join('machine').\ + filter_by(owner=owner).sum(Disk.c.size) or 0 + return min(quota_single, quota_total-disk_usage/1024.) def cantAddVm(owner, g): machines = getMachinesByOwner(owner) active_machines = [m for m in machines if m.name in g.xmlist_raw] - if len(machines) >= MAX_VMS_TOTAL: + (quota_total, quota_active) = Owner.getVMQuotas(owner) + if machines.count() >= quota_total: return 'You have too many VMs to create a new one.' - if len(active_machines) >= MAX_VMS_ACTIVE: + if len(active_machines) >= quota_active: return ('You already have the maximum number of VMs turned on. ' 'To create more, turn one off.') return False -def haveAccess(user, machine): +def haveAccess(user, state, machine): """Return whether a user has administrative access to a machine""" - return user in cache_acls.accessList(machine) + return (user in cache_acls.accessList(machine) + or (machine.adminable and state.isadmin)) def owns(user, machine): """Return whether a user owns a machine""" - return user in expandLocker(machine.owner) + return user in authz.expandOwner(machine.owner) def validMachineName(name): """Check that name is valid for a machine name""" if not name: return False - charset = string.ascii_letters + string.digits + '-_' - if name[0] in '-_' or len(name) > 22: + charset = string.lowercase + string.digits + '-' + if '-' in (name[0], name[-1]) or len(name) > 63: return False for x in name: if x not in charset: @@ -159,16 +158,16 @@ def validMemory(owner, g, memory, machine=None, on=True): raise InvalidInput('memory', memory, "Minimum %s MiB" % MIN_MEMORY_SINGLE) max_val = maxMemory(owner, g, machine, on) - if memory > max_val: + if not g.isadmin and memory > max_val: raise InvalidInput('memory', memory, 'Maximum %s MiB for %s' % (max_val, owner)) return memory -def validDisk(owner, disk, machine=None): +def validDisk(owner, g, disk, machine=None): """Parse and validate limits for disk for a given owner and machine.""" try: disk = float(disk) - if disk > maxDisk(owner, machine): + if not g.isadmin and disk > maxDisk(owner, machine): raise InvalidInput('disk', disk, "Maximum %s G" % maxDisk(owner, machine)) disk = int(disk * 1024) @@ -182,12 +181,12 @@ def validDisk(owner, disk, machine=None): def validVmType(vm_type): if vm_type is None: return None - t = Type.get(vm_type) + t = Type.query().get(vm_type) if t is None: raise CodeError("Invalid vm type '%s'" % vm_type) return t -def testMachineId(user, machine_id, exists=True): +def testMachineId(user, state, machine_id, exists=True): """Parse, validate and check authorization for a given user and machine. If exists is False, don't check that it exists. @@ -199,10 +198,10 @@ def testMachineId(user, machine_id, exists=True): machine_id = int(machine_id) except ValueError: raise InvalidInput('machine_id', machine_id, "Must be an integer.") - machine = Machine.get(machine_id) + machine = Machine.query().get(machine_id) if exists and machine is None: raise InvalidInput('machine_id', machine_id, "Does not exist.") - if machine is not None and not haveAccess(user, machine): + if machine is not None and not haveAccess(user, state, machine): raise InvalidInput('machine_id', machine_id, "You do not have access to this machine.") return machine @@ -216,7 +215,7 @@ def testAdmin(user, admin, machine): if admin is None: return None if machine is not None and admin == machine.administrator: - return None + return admin if admin == user: return admin if ':' not in admin: @@ -224,7 +223,7 @@ def testAdmin(user, admin, machine): return admin admin = 'system:' + admin try: - if user in getafsgroups.getAfsGroupMembers(admin, 'athena.mit.edu'): + if user in getafsgroups.getAfsGroupMembers(admin, config.authz.afs.cells[0].cell): return admin except getafsgroups.AfsProcessError, e: errmsg = str(e) @@ -239,14 +238,14 @@ def testOwner(user, owner, machine=None): If machine is None, this is the owner of a new machine. """ - if owner == user: - return owner if machine is not None and owner in (machine.owner, None): return machine.owner if owner is None: raise InvalidInput('owner', owner, "Owner must be specified") + if '@' in owner: + raise InvalidInput('owner', owner, "No cross-realm Hesiod lockers allowed") try: - if user not in cache_acls.expandLocker(owner): + if user not in authz.expandOwner(owner): raise InvalidInput('owner', owner, 'You do not have access to the ' + owner + ' locker') except getafsgroups.AfsProcessError, e: @@ -260,19 +259,39 @@ def testContact(user, contact, machine=None): raise InvalidInput('contact', contact, "Not a valid email.") return contact -def testDisk(user, disksize, machine=None): - return disksize - def testName(user, name, machine=None): if name is None: return None + name = name.lower() if machine is not None and name == machine.name: return None - if not Machine.select_by(name=name): + try: + hostname = '%s.%s.' % (name, config.dns.domains[0]) + resolver = dns.resolver.Resolver() + resolver.nameservers = ['127.0.0.1'] + try: + resolver.query(hostname, 'A') + except dns.resolver.NoAnswer, e: + # If we can get the TXT record, then we can verify it's + # reserved. If this lookup fails, let it bubble up and be + # dealt with + answer = resolver.query(hostname, 'TXT') + txt = answer[0].strings[0] + if txt.startswith('reserved'): + raise InvalidInput('name', name, 'The name you have requested has been %s. For more information, contact us at %s' % (txt, config.dns.contact)) + + # If the hostname didn't exist, it would have thrown an + # exception by now - error out + raise InvalidInput('name', name, 'Name is already taken.') + except dns.resolver.NXDOMAIN, e: if not validMachineName(name): - raise InvalidInput('name', name, 'You must provide a machine name. Max 22 chars, alnum plus \'-\' and \'_\'.') + raise InvalidInput('name', name, 'You must provide a machine name. Max 63 chars, alnum plus \'-\', does not begin or end with \'-\'.') return name - raise InvalidInput('name', name, "Name is already taken.") + except InvalidInput: + raise + except: + # Any other error is a validation failure + raise InvalidInput('name', name, 'We were unable to verify that this name is available. If you believe this is in error, please contact us at %s' % config.dns.contact) def testDescription(user, description, machine=None): if description is None or description.strip() == '':