-
Sofia Papagiannaki authored6ab52be6
__init__.py 10.30 KiB
# Copyright 2011-2012 GRNET S.A. All rights reserved.
#
# Redistribution and use in source and binary forms, with or
# without modification, are permitted provided that the following
# conditions are met:
#
# 1. Redistributions of source code must retain the above
# copyright notice, this list of conditions and the following
# disclaimer.
#
# 2. Redistributions in binary form must reproduce the above
# copyright notice, this list of conditions and the following
# disclaimer in the documentation and/or other materials
# provided with the distribution.
#
# THIS SOFTWARE IS PROVIDED BY GRNET S.A. ``AS IS'' AND ANY EXPRESS
# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GRNET S.A OR
# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
# AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.
#
# The views and conclusions contained in the software and
# documentation are those of the authors and should not be
# interpreted as representing official policies, either expressed
# or implied, of GRNET S.A.
from django.db import IntegrityError, transaction
from django.core.exceptions import ObjectDoesNotExist
from functools import wraps
from smtplib import SMTPException
from astakos.im.models import (
AstakosUser, AstakosGroup, GroupKind, Resource, Service, RESOURCE_SEPARATOR
)
from astakos.im.api.backends.base import BaseBackend, SuccessResult, FailureResult
from astakos.im.api.backends.errors import (
ItemNotExists, ItemExists, MissingIdentifier, MultipleItemsExist
)
from astakos.im.util import reserved_email, model_to_dict
from astakos.im.endpoints.qh import get_quota
import logging
logger = logging.getLogger(__name__)
DEFAULT_CONTENT_TYPE = None
def safe(func):
"""Decorator function for views that implement an API method."""
@transaction.commit_manually
@wraps(func)
def wrapper(self, *args, **kwargs):
logger.debug('%s %s %s' % (func, args, kwargs))
try:
data = func(self, *args, **kwargs) or ()
except Exception, e:
logger.exception(e)
transaction.rollback()
return FailureResult(e)
else:
transaction.commit()
return SuccessResult(data)
return wrapper
class DjangoBackend(BaseBackend):
def _lookup_object(self, model, **kwargs):
"""
Returns an object of the specific model matching the given lookup
parameters.
"""
if not kwargs:
raise MissingIdentifier
try:
return model.objects.get(**kwargs)
except model.DoesNotExist:
raise ItemNotExists(model._meta.verbose_name, **kwargs)
except model.MultipleObjectsReturned:
raise MultipleItemsExist(model._meta.verbose_name, **kwargs)
def _lookup_user(self, id):
"""
Returns an AstakosUser having this id.
"""
if not isinstance(id, int):
raise TypeError('User id should be of type int')
return self._lookup_object(AstakosUser, id=id)
def _lookup_service(self, id):
"""
Returns an Service having this id.
"""
if not isinstance(id, int):
raise TypeError('Service id should be of type int')
return self._lookup_object(Service, id=id)
def _list(self, model, filter=()):
q = model.objects.all()
if filter:
q = q.filter(id__in=filter)
return map(lambda o: model_to_dict(o, exclude=[]), q)
def _create_object(self, model, **kwargs):
o = model.objects.create(**kwargs)
o.save()
return o
def _update_object(self, model, id, save=True, **kwargs):
o = self._lookup_object(model, id=id)
if kwargs:
o.__dict__.update(kwargs)
if save:
o.save()
return o
@safe
def update_user(self, user_id, renew_token=False, **kwargs):
user = self._update_object(AstakosUser, user_id, save=False, **kwargs)
if renew_token:
user.renew_token()
if kwargs or renew_token:
user.save()
@safe
def create_user(self, **kwargs):
policies = kwargs.pop('policies', ())
permissions = kwargs.pop('permissions', ())
groups = kwargs.pop('groups', ())
password = kwargs.pop('password', None)
u = self._create_object(AstakosUser, **kwargs)
if password:
u.set_password(password)
u.permissions = permissions
u.policies = policies
u.extended_groups = groups
if not u.has_auth_provider('local'):
u.add_auth_provider('local')
return self._list(AstakosUser, filter=(u.id,))
@safe
def add_policies(self, user_id, update=False, policies=()):
user = self._lookup_user(user_id)
rejected = []
append = rejected.append
for p in policies:
service = p.get('service')
resource = p.get('resource')
uplimit = p.get('uplimit')
try:
user.add_policy(service, resource, uplimit, update)
except (ObjectDoesNotExist, IntegrityError), e:
append((service, resource, e))
return rejected
@safe
def remove_policies(self, user_id, policies=()):
user = self._lookup_user(user_id)
if not user:
return user_id
rejected = []
append = rejected.append
for p in policies:
service = p.get('service')
resource = p.get('resource')
try:
user.delete_policy(service, resource)
except ObjectDoesNotExist, e:
append((service, resource, e))
return rejected
@safe
def add_permissions(self, user_id, permissions=()):
user = self._lookup_user(user_id)
rejected = []
append = rejected.append
for p in permissions:
try:
user.add_permission(p)
except IntegrityError, e:
append((p, e))
return rejected
@safe
def remove_permissions(self, user_id, permissions=()):
user = self._lookup_user(user_id)
rejected = []
append = rejected.append
for p in permissions:
try:
user.remove_permission(p)
except (ObjectDoesNotExist, IntegrityError), e:
append((p, e))
return rejected
@safe
def invite_users(self, senderid, recipients=()):
user = self._lookup_user(senderid)
rejected = []
append = rejected.append
for r in recipients:
email = r.get('email')
realname = r.get('realname')
try:
user.invite(email, realname)
except (IntegrityError, SMTPException), e:
append((email, e))
return rejected
@safe
def list_users(self, filter=()):
return self._list(AstakosUser, filter=filter)
@safe
def get_resource_usage(self, user_id):
user = self._lookup_user(user_id)
c, data = get_quota((user,))
resources = []
append = resources.append
for t in data:
t = (i if i else 0 for i in t)
(entity, name, quantity, capacity, importLimit, exportLimit,
imported, exported, returned, released, flags) = t
service, sep, resource = name.partition(RESOURCE_SEPARATOR)
resource = Resource.objects.select_related().get(
service__name=service, name=resource)
d = dict(name=name,
description=resource.desc,
unit=resource.unit or '',
maxValue=quantity + capacity,
currValue=quantity + imported - released - exported + returned)
append(d)
return resources
@safe
def list_resources(self, filter=()):
return self._list(Resource, filter=filter)
@safe
def create_service(self, **kwargs):
resources = kwargs.pop('resources', ())
s = self._create_object(Service, **kwargs)
s.resources = resources
return self._list(Service, filter=(s.id,))
@safe
def remove_services(self, ids=()):
# TODO return information for unknown ids
q = Service.objects.filter(id__in=ids)
q.delete()
@safe
def update_service(self, service_id, renew_token=False, **kwargs):
s = self._update_object(Service, service_id, save=False, **kwargs)
if renew_token:
s.renew_token()
if kwargs or renew_token:
s.save()
@safe
def add_resources(self, service_id, update=False, resources=()):
s = self._lookup_service(service_id)
rejected = []
append = rejected.append
for r in resources:
try:
rr = r.copy()
resource_id = rr.pop('id', None)
if update:
if not resource_id:
raise MissingIdentifier
resource = self._update_object(Resource, resource_id, **rr)
else:
resource = self._create_object(Resource, service=s, **rr)
except Exception, e:
append((r, e))
return rejected
@safe
def remove_resources(self, service_id, ids=()):
# TODO return information for unknown ids
q = Resource.objects.filter(service__id=service_id,
id__in=ids)
q.delete()
@safe
def create_group(self, **kwargs):
policies = kwargs.pop('policies', ())
permissions = kwargs.pop('permissions', ())
members = kwargs.pop('members', ())
owners = kwargs.pop('owners', ())
g = self._create_object(AstakosGroup, **kwargs)
g.permissions = permissions
g.policies = policies
# g.members = members
g.owners = owners
return self._list(AstakosGroup, filter=(g.id,))