Commit dc17a01d authored by Christos Stavrakakis's avatar Christos Stavrakakis
Browse files

cyclades: Move code for validating network values

Move code for network parameters validation from 'api' module to 'logic'.
parent c78761a8
......@@ -37,9 +37,9 @@ from django.core.management.base import BaseCommand, CommandError
from synnefo.db.models import (Network, Backend, BackendNetwork,
pooled_rapi_client)
from synnefo.management.common import (validate_network_info, get_network,
get_backend)
from synnefo.management.common import (get_network, get_backend)
from snf_django.management.utils import parse_bool
from synnefo.logic import networks
from synnefo.logic.backend import create_network, delete_network
HELP_MSG = """Modify a network.
......@@ -144,8 +144,11 @@ class Command(BaseCommand):
network = get_network(args[0])
# Validate subnet
if options.get('subnet'):
validate_network_info(options)
subnet = options["subnet"] or network.subnet
gateway = options["gateway"] or network.gateway
subnet6 = options["subnet6"] or network.subnet6
gateway6 = options["gateway6"] or network.gateway6
networks.validate_network_params(subnet, gateway, subnet6, gateway6)
# Validate state
state = options.get('state')
......
......@@ -31,8 +31,6 @@
# interpreted as representing official policies, either expressed
# or implied, of GRNET S.A.
import ipaddr
from base64 import b64encode, b64decode
from hashlib import sha256
from logging import getLogger
......@@ -55,7 +53,6 @@ from synnefo.db.models import (Flavor, VirtualMachine, VirtualMachineMetadata,
from synnefo.db.pools import EmptyPool
from synnefo.plankton.utils import image_backend
from synnefo.settings import MAX_CIDR_BLOCK
from synnefo.cyclades_settings import cyclades_services, BASE_HOST
from synnefo.lib.services import get_service_path
......@@ -231,51 +228,6 @@ def get_floating_ip(user_id, ipv4, for_update=False):
raise faults.ItemNotFound("Floating IP does not exist.")
def validate_network_params(subnet=None, gateway=None, subnet6=None,
gateway6=None):
if (subnet is None) and (subnet6 is None):
raise faults.BadRequest("subnet or subnet6 is required")
if subnet:
try:
# Use strict option to not all subnets with host bits set
network = ipaddr.IPv4Network(subnet, strict=True)
except ValueError:
raise faults.BadRequest("Invalid network IPv4 subnet")
# Check that network size is allowed!
if not validate_network_size(network.prefixlen):
raise faults.OverLimit(message="Unsupported network size",
details="Network mask must be in range"
" (%s, 29]" % MAX_CIDR_BLOCK)
if gateway: # Check that gateway belongs to network
try:
gateway = ipaddr.IPv4Address(gateway)
except ValueError:
raise faults.BadRequest("Invalid network IPv4 gateway")
if not gateway in network:
raise faults.BadRequest("Invalid network IPv4 gateway")
if subnet6:
try:
# Use strict option to not all subnets with host bits set
network6 = ipaddr.IPv6Network(subnet6, strict=True)
except ValueError:
raise faults.BadRequest("Invalid network IPv6 subnet")
if gateway6:
try:
gateway6 = ipaddr.IPv6Address(gateway6)
except ValueError:
raise faults.BadRequest("Invalid network IPv6 gateway")
if not gateway6 in network6:
raise faults.BadRequest("Invalid network IPv6 gateway")
def validate_network_size(cidr_block):
"""Return True if network size is allowed."""
return cidr_block <= 29 and cidr_block > MAX_CIDR_BLOCK
def allocate_public_address(backend):
"""Get a public IP for any available network of a backend."""
# Guarantee exclusive access to backend, because accessing the IP pools of
......
......@@ -30,9 +30,12 @@
# documentation are those of the authors and should not be
# interpreted as representing official policies, either expressed
# or implied, of GRNET S.A.
import ipaddr
from functools import wraps
from django.db import transaction
from django.conf import settings
from snf_django.lib.api import faults
from synnefo.api import util
from synnefo import quotas
......@@ -80,7 +83,7 @@ def create(user_id, name, flavor, subnet=None, gateway=None, subnet6=None,
raise faults.BadRequest("IPv6 only networks can not be"
" pools.")
# Check that network parameters are valid
util.validate_network_params(subnet, gateway, subnet6, gateway6)
validate_network_params(subnet, gateway, subnet6, gateway6)
try:
fmode, flink, fmac_prefix, ftags = util.values_from_flavor(flavor)
......@@ -165,3 +168,45 @@ def delete(network):
# If network does not exist in any backend, update the network state
backend_mod.update_network_state(network)
return network
def validate_network_params(subnet=None, gateway=None, subnet6=None,
gateway6=None):
if (subnet is None) and (subnet6 is None):
raise faults.BadRequest("subnet or subnet6 is required")
if subnet:
try:
# Use strict option to not all subnets with host bits set
network = ipaddr.IPv4Network(subnet, strict=True)
except ValueError:
raise faults.BadRequest("Invalid network IPv4 subnet")
# Check that network size is allowed!
prefixlen = network.prefixlen
if not prefixlen <= 29 and prefixlen > settings.MAX_CIDR_BLOCK:
raise faults.OverLimit(message="Unsupported network size",
details="Network mask must be in range"
" (%s, 29]"
% settings.MAX_CIDR_BLOCK)
if gateway: # Check that gateway belongs to network
try:
gateway = ipaddr.IPv4Address(gateway)
except ValueError:
raise faults.BadRequest("Invalid network IPv4 gateway")
if not gateway in network:
raise faults.BadRequest("Invalid network IPv4 gateway")
if subnet6:
try:
# Use strict option to not all subnets with host bits set
network6 = ipaddr.IPv6Network(subnet6, strict=True)
except ValueError:
raise faults.BadRequest("Invalid network IPv6 subnet")
if gateway6:
try:
gateway6 = ipaddr.IPv6Address(gateway6)
except ValueError:
raise faults.BadRequest("Invalid network IPv6 gateway")
if not gateway6 in network6:
raise faults.BadRequest("Invalid network IPv6 gateway")
......@@ -52,20 +52,6 @@ def format_vm_state(vm):
return vm.operstate
def validate_network_info(options):
subnet = options['subnet']
gateway = options['gateway']
subnet6 = options['subnet6']
gateway6 = options['gateway6']
try:
util.validate_network_params(subnet, gateway)
except (faults.BadRequest, faults.OverLimit) as e:
raise CommandError(e)
return subnet, gateway, subnet6, gateway6
def get_backend(backend_id):
try:
backend_id = int(backend_id)
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment