X-Git-Url: http://xvm.mit.edu/gitweb/invirt/packages/invirt-web.git/blobdiff_plain/fa88b9bd09fdc75e26422604bb2b74821e3a9b07..cabbf7ab8e35de060f6f4e3f75670558ad25d9b5:/code/validation.py?ds=inline diff --git a/code/validation.py b/code/validation.py index a2e19fe..df5bdcc 100644 --- a/code/validation.py +++ b/code/validation.py @@ -4,8 +4,8 @@ import cache_acls import getafsgroups import re import string -from sipb_xen_database import Machine, NIC, Type -from webcommon import InvalidInput, g +from sipb_xen_database import Machine, NIC, Type, Disk +from webcommon import InvalidInput MAX_MEMORY_TOTAL = 512 MAX_MEMORY_SINGLE = 256 @@ -16,22 +16,62 @@ MIN_DISK_SINGLE = 0.1 MAX_VMS_TOTAL = 10 MAX_VMS_ACTIVE = 4 -def getMachinesByOwner(user, machine=None): +class Validate: + def __init__(self, username, state, machine_id=None, name=None, owner=None, + admin=None, contact=None, memory=None, disksize=None, + vmtype=None, cdrom=None, clone_from=None): + # XXX Successive quota checks aren't a good idea, since you + # can't necessarily change the locker and disk size at the + # same time. + created_new = (machine_id is None) + + if machine_id is not None: + self.machine = testMachineId(username, machine_id) + machine = getattr(self, 'machine', None) + + owner = testOwner(username, owner, machine) + if owner is not None: + self.owner = owner + admin = testAdmin(username, admin, machine) + if admin is not None: + self.admin = admin + contact = testContact(username, contact, machine) + if contact is not None: + self.contact = contact + name = testName(username, name, machine) + if name is not None: + self.name = name + if memory is not None: + self.memory = validMemory(self.owner, state, memory, machine, + on=not created_new) + if disksize is not None: + self.disksize = validDisk(self.owner, disksize, machine) + if vmtype is not None: + self.vmtype = validVmType(vmtype) + if cdrom is not None: + if not CDROM.get(cdrom): + raise CodeError("Invalid cdrom type '%s'" % cdrom) + self.cdrom = cdrom + if clone_from is not None: + if clone_from not in ('ice3', ): + raise CodeError("Invalid clone image '%s'" % clone_from) + self.clone_from = clone_from + + +def getMachinesByOwner(owner, machine=None): """Return the machines owned by the same as a machine. - + If the machine is None, return the machines owned by the same user. """ if machine: owner = machine.owner - else: - owner = user return Machine.select_by(owner=owner) -def maxMemory(user, machine=None, on=True): +def maxMemory(owner, g, machine=None, on=True): """Return the maximum memory for a machine or a user. - If machine is None, return the memory available for a new + If machine is None, return the memory available for a new machine. Else, return the maximum that machine can have. on is whether the machine should be turned on. If false, the max @@ -43,20 +83,28 @@ def maxMemory(user, machine=None, on=True): return machine.memory if not on: return MAX_MEMORY_SINGLE - machines = getMachinesByOwner(user, machine) - active_machines = [x for x in machines if g.uptimes.get(x)] + machines = getMachinesByOwner(owner, machine) + active_machines = [x for x in machines if g.xmlist.get(x)] mem_usage = sum([x.memory for x in active_machines if x != machine]) return min(MAX_MEMORY_SINGLE, MAX_MEMORY_TOTAL-mem_usage) -def maxDisk(user, machine=None): - machines = getMachinesByOwner(user, machine) - disk_usage = sum([sum([y.size for y in x.disks]) - for x in machines if x != machine]) +def maxDisk(owner, machine=None): + """Return the maximum disk that a machine can reach. + + If machine is None, the maximum disk for a new machine. Otherwise, + return the maximum that a given machine can be changed to. + """ + if machine is not None: + machine_id = machine.machine_id + else: + machine_id = None + disk_usage = Disk.query().filter_by(Disk.c.machine_id != machine_id, + owner=owner).sum(Disk.c.size) or 0 return min(MAX_DISK_SINGLE, MAX_DISK_TOTAL-disk_usage/1024.) -def cantAddVm(user): - machines = getMachinesByOwner(user) - active_machines = [x for x in machines if g.uptimes.get(x)] +def cantAddVm(owner, g): + machines = getMachinesByOwner(owner) + active_machines = [x for x in machines if g.xmlist.get(x)] if len(machines) >= MAX_VMS_TOTAL: return 'You have too many VMs to create a new one.' if len(active_machines) >= MAX_VMS_ACTIVE: @@ -64,12 +112,6 @@ def cantAddVm(user): 'To create more, turn one off.') return False -def validAddVm(user): - reason = cantAddVm(user) - if reason: - raise InvalidInput('create', True, reason) - return True - def haveAccess(user, machine): """Return whether a user has administrative access to a machine""" return user in cache_acls.accessList(machine) @@ -90,8 +132,8 @@ def validMachineName(name): return False return True -def validMemory(user, memory, machine=None, on=True): - """Parse and validate limits for memory for a given user and machine. +def validMemory(owner, g, memory, machine=None, on=True): + """Parse and validate limits for memory for a given owner and machine. on is whether the memory must be valid after the machine is switched on. @@ -101,21 +143,21 @@ def validMemory(user, memory, machine=None, on=True): if memory < MIN_MEMORY_SINGLE: raise ValueError except ValueError: - raise InvalidInput('memory', memory, + raise InvalidInput('memory', memory, "Minimum %s MiB" % MIN_MEMORY_SINGLE) - if memory > maxMemory(user, machine, on): + max_val = maxMemory(owner, g, machine, on) + if memory > max_val: raise InvalidInput('memory', memory, - 'Maximum %s MiB for %s' % (maxMemory(user, machine), - user)) + 'Maximum %s MiB for %s' % (max_val, owner)) return memory -def validDisk(user, disk, machine=None): - """Parse and validate limits for disk for a given user and machine.""" +def validDisk(owner, disk, machine=None): + """Parse and validate limits for disk for a given owner and machine.""" try: disk = float(disk) - if disk > maxDisk(user, machine): + if disk > maxDisk(owner, machine): raise InvalidInput('disk', disk, - "Maximum %s G" % maxDisk(user, machine)) + "Maximum %s G" % maxDisk(owner, machine)) disk = int(disk * 1024) if disk < MIN_DISK_SINGLE * 1024: raise ValueError @@ -125,12 +167,12 @@ def validDisk(user, disk, machine=None): return disk def validVmType(vm_type): - if vm_type == 'hvm': - return Type.get('linux-hvm') - elif vm_type == 'paravm': - return Type.get('linux') - else: + if vm_type is None: + return None + t = Type.get(vm_type) + if t is None: raise CodeError("Invalid vm type '%s'" % vm_type) + return t def testMachineId(user, machine_id, exists=True): """Parse, validate and check authorization for a given user and machine. @@ -138,7 +180,7 @@ def testMachineId(user, machine_id, exists=True): If exists is False, don't check that it exists. """ if machine_id is None: - raise InvalidInput('machine_id', machine_id, + raise InvalidInput('machine_id', machine_id, "Must specify a machine ID.") try: machine_id = int(machine_id) @@ -176,14 +218,16 @@ def testAdmin(user, admin, machine): raise InvalidInput('administrator', admin, errmsg) #XXX Should we require that user is in the admin group? return admin - + def testOwner(user, owner, machine=None): """Determine whether a user can set the owner of a machine to this value. If machine is None, this is the owner of a new machine. """ - if owner == user or machine is not None and owner == machine.owner: + if owner == user: return owner + if machine is not None and owner in (machine.owner, None): + return None if owner is None: raise InvalidInput('owner', owner, "Owner must be specified") try: @@ -205,9 +249,13 @@ def testDisk(user, disksize, machine=None): return disksize def testName(user, name, machine=None): - if name in (None, machine.name): + if name is None: + return None + if machine is not None and name == machine.name: return None if not Machine.select_by(name=name): + if not validMachineName(name): + raise InvalidInput('name', name, 'You must provide a machine name. Max 22 chars, alnum plus \'-\' and \'_\'.') return name raise InvalidInput('name', name, "Name is already taken.")