X-Git-Url: http://xvm.mit.edu/gitweb/invirt/packages/invirt-web.git/blobdiff_plain/e37dd15bbf8683bab8454ea0eec8e9968ce982b2..b001dd5804c18377b497d87ddf23138282ef2690:/code/validation.py diff --git a/code/validation.py b/code/validation.py index fd2b979..817c2cf 100644 --- a/code/validation.py +++ b/code/validation.py @@ -1,10 +1,11 @@ #!/usr/bin/python +import cache_acls import getafsgroups import re import string -from sipb_xen_database import Machine, NIC -from webcommon import InvalidInput, g +from invirt.database import Machine, NIC, Type, Disk, CDROM, Autoinstall +from webcommon import InvalidInput MAX_MEMORY_TOTAL = 512 MAX_MEMORY_SINGLE = 256 @@ -15,22 +16,73 @@ MIN_DISK_SINGLE = 0.1 MAX_VMS_TOTAL = 10 MAX_VMS_ACTIVE = 4 -def getMachinesByOwner(user, machine=None): +class Validate: + def __init__(self, username, state, machine_id=None, name=None, description=None, owner=None, + admin=None, contact=None, memory=None, disksize=None, + vmtype=None, cdrom=None, autoinstall=None, strict=False): + # XXX Successive quota checks aren't a good idea, since you + # can't necessarily change the locker and disk size at the + # same time. + created_new = (machine_id is None) + + if strict: + if name is None: + raise InvalidInput('name', name, "You must provide a machine name.") + if description is None: + raise InvalidInput('description', description, "You must provide a description.") + if memory is None: + raise InvalidInput('memory', memory, "You must provide a memory size.") + if disksize is None: + raise InvalidInput('disk', disksize, "You must provide a disk size.") + + if machine_id is not None: + self.machine = testMachineId(username, state, machine_id) + machine = getattr(self, 'machine', None) + + owner = testOwner(username, owner, machine) + if owner is not None: + self.owner = owner + admin = testAdmin(username, admin, machine) + if admin is not None: + self.admin = admin + contact = testContact(username, contact, machine) + if contact is not None: + self.contact = contact + name = testName(username, name, machine) + if name is not None: + self.name = name + description = testDescription(username, description, machine) + if description is not None: + self.description = description + if memory is not None: + self.memory = validMemory(self.owner, state, memory, machine, + on=not created_new) + if disksize is not None: + self.disksize = validDisk(self.owner, state, disksize, machine) + if vmtype is not None: + self.vmtype = validVmType(vmtype) + if cdrom is not None: + if not CDROM.get(cdrom): + raise CodeError("Invalid cdrom type '%s'" % cdrom) + self.cdrom = cdrom + if autoinstall is not None: + self.autoinstall = Autoinstall.get(autoinstall) + + +def getMachinesByOwner(owner, machine=None): """Return the machines owned by the same as a machine. - + If the machine is None, return the machines owned by the same user. """ if machine: owner = machine.owner - else: - owner = user return Machine.select_by(owner=owner) -def maxMemory(user, machine=None, on=True): +def maxMemory(owner, g, machine=None, on=True): """Return the maximum memory for a machine or a user. - If machine is None, return the memory available for a new + If machine is None, return the memory available for a new machine. Else, return the maximum that machine can have. on is whether the machine should be turned on. If false, the max @@ -42,20 +94,28 @@ def maxMemory(user, machine=None, on=True): return machine.memory if not on: return MAX_MEMORY_SINGLE - machines = getMachinesByOwner(user, machine) - active_machines = [x for x in machines if g.uptimes.get(x)] + machines = getMachinesByOwner(owner, machine) + active_machines = [m for m in machines if m.name in g.xmlist_raw] mem_usage = sum([x.memory for x in active_machines if x != machine]) return min(MAX_MEMORY_SINGLE, MAX_MEMORY_TOTAL-mem_usage) -def maxDisk(user, machine=None): - machines = getMachinesByOwner(user, machine) - disk_usage = sum([sum([y.size for y in x.disks]) - for x in machines if x != machine]) +def maxDisk(owner, machine=None): + """Return the maximum disk that a machine can reach. + + If machine is None, the maximum disk for a new machine. Otherwise, + return the maximum that a given machine can be changed to. + """ + if machine is not None: + machine_id = machine.machine_id + else: + machine_id = None + disk_usage = Disk.query().filter_by(Disk.c.machine_id != machine_id, + owner=owner).sum(Disk.c.size) or 0 return min(MAX_DISK_SINGLE, MAX_DISK_TOTAL-disk_usage/1024.) -def cantAddVm(user): - machines = getMachinesByOwner(user) - active_machines = [x for x in machines if g.uptimes.get(x)] +def cantAddVm(owner, g): + machines = getMachinesByOwner(owner) + active_machines = [m for m in machines if m.name in g.xmlist_raw] if len(machines) >= MAX_VMS_TOTAL: return 'You have too many VMs to create a new one.' if len(active_machines) >= MAX_VMS_ACTIVE: @@ -63,41 +123,28 @@ def cantAddVm(user): 'To create more, turn one off.') return False -def validAddVm(user): - reason = cantAddVm(user) - if reason: - raise InvalidInput('create', True, reason) - return True - -def haveAccess(user, machine): +def haveAccess(user, state, machine): """Return whether a user has administrative access to a machine""" - if user in (machine.administrator, machine.owner): - return True - if getafsgroups.checkAfsGroup(user, machine.administrator, - 'athena.mit.edu'): #XXX Cell? - return True - if not getafsgroups.notLockerOwner(user, machine.owner): - return True - return owns(user, machine) + return state.overlord or user in cache_acls.accessList(machine) def owns(user, machine): """Return whether a user owns a machine""" - return not getafsgroups.notLockerOwner(user, machine.owner) + return user in expandLocker(machine.owner) def validMachineName(name): """Check that name is valid for a machine name""" if not name: return False - charset = string.ascii_letters + string.digits + '-_' - if name[0] in '-_' or len(name) > 22: + charset = string.lowercase + string.digits + '-' + if '-' in (name[0], name[-1]) or len(name) > 63: return False for x in name: if x not in charset: return False return True -def validMemory(user, memory, machine=None, on=True): - """Parse and validate limits for memory for a given user and machine. +def validMemory(owner, g, memory, machine=None, on=True): + """Parse and validate limits for memory for a given owner and machine. on is whether the memory must be valid after the machine is switched on. @@ -107,21 +154,21 @@ def validMemory(user, memory, machine=None, on=True): if memory < MIN_MEMORY_SINGLE: raise ValueError except ValueError: - raise InvalidInput('memory', memory, + raise InvalidInput('memory', memory, "Minimum %s MiB" % MIN_MEMORY_SINGLE) - if memory > maxMemory(user, machine, on): + max_val = maxMemory(owner, g, machine, on) + if not g.overlord and memory > max_val: raise InvalidInput('memory', memory, - 'Maximum %s MiB for %s' % (maxMemory(user, machine), - user)) + 'Maximum %s MiB for %s' % (max_val, owner)) return memory -def validDisk(user, disk, machine=None): - """Parse and validate limits for disk for a given user and machine.""" +def validDisk(owner, g, disk, machine=None): + """Parse and validate limits for disk for a given owner and machine.""" try: disk = float(disk) - if disk > maxDisk(user, machine): + if not g.overlord and disk > maxDisk(owner, machine): raise InvalidInput('disk', disk, - "Maximum %s G" % maxDisk(user, machine)) + "Maximum %s G" % maxDisk(owner, machine)) disk = int(disk * 1024) if disk < MIN_DISK_SINGLE * 1024: raise ValueError @@ -129,14 +176,22 @@ def validDisk(user, disk, machine=None): raise InvalidInput('disk', disk, "Minimum %s GiB" % MIN_DISK_SINGLE) return disk - -def testMachineId(user, machine_id, exists=True): + +def validVmType(vm_type): + if vm_type is None: + return None + t = Type.get(vm_type) + if t is None: + raise CodeError("Invalid vm type '%s'" % vm_type) + return t + +def testMachineId(user, state, machine_id, exists=True): """Parse, validate and check authorization for a given user and machine. If exists is False, don't check that it exists. """ if machine_id is None: - raise InvalidInput('machine_id', machine_id, + raise InvalidInput('machine_id', machine_id, "Must specify a machine ID.") try: machine_id = int(machine_id) @@ -145,35 +200,59 @@ def testMachineId(user, machine_id, exists=True): machine = Machine.get(machine_id) if exists and machine is None: raise InvalidInput('machine_id', machine_id, "Does not exist.") - if machine is not None and not haveAccess(user, machine): + if machine is not None and not haveAccess(user, state, machine): raise InvalidInput('machine_id', machine_id, "You do not have access to this machine.") return machine def testAdmin(user, admin, machine): - if admin in (None, machine.administrator): + """Determine whether a user can set the admin of a machine to this value. + + Return the value to set the admin field to (possibly 'system:' + + admin). XXX is modifying this a good idea? + """ + if admin is None: + return None + if machine is not None and admin == machine.administrator: return None if admin == user: return admin - if getafsgroups.checkAfsGroup(user, admin, 'athena.mit.edu'): - return admin - if getafsgroups.checkAfsGroup(user, 'system:'+admin, - 'athena.mit.edu'): - return 'system:'+admin + if ':' not in admin: + if cache_acls.isUser(admin): + return admin + admin = 'system:' + admin + try: + if user in getafsgroups.getAfsGroupMembers(admin, 'athena.mit.edu'): + return admin + except getafsgroups.AfsProcessError, e: + errmsg = str(e) + if errmsg.startswith("pts: User or group doesn't exist"): + errmsg = 'The group "%s" does not exist.' % admin + raise InvalidInput('administrator', admin, errmsg) + #XXX Should we require that user is in the admin group? return admin - + def testOwner(user, owner, machine=None): - if owner == user or machine is not None and owner == machine.owner: + """Determine whether a user can set the owner of a machine to this value. + + If machine is None, this is the owner of a new machine. + """ + if owner == user: return owner + if machine is not None and owner in (machine.owner, None): + return machine.owner if owner is None: raise InvalidInput('owner', owner, "Owner must be specified") - value = getafsgroups.notLockerOwner(user, owner) - if not value: - return owner - raise InvalidInput('owner', owner, value) + try: + if user not in cache_acls.expandLocker(owner): + raise InvalidInput('owner', owner, 'You do not have access to the ' + + owner + ' locker') + except getafsgroups.AfsProcessError, e: + raise InvalidInput('owner', owner, str(e)) + return owner def testContact(user, contact, machine=None): - if contact in (None, machine.contact): + if contact is None or (machine is not None and contact == machine.contact): return None if not re.match("^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$", contact, re.I): raise InvalidInput('contact', contact, "Not a valid email.") @@ -183,12 +262,22 @@ def testDisk(user, disksize, machine=None): return disksize def testName(user, name, machine=None): - if name in (None, machine.name): + if name is None: + return None + name = name.lower() + if machine is not None and name == machine.name: return None if not Machine.select_by(name=name): + if not validMachineName(name): + raise InvalidInput('name', name, 'You must provide a machine name. Max 63 chars, alnum plus \'-\', does not begin or end with \'-\'.') return name raise InvalidInput('name', name, "Name is already taken.") +def testDescription(user, description, machine=None): + if description is None or description.strip() == '': + return None + return description.strip() + def testHostname(user, hostname, machine): for nic in machine.nics: if hostname == nic.hostname: