GitLab

custom csrf handling is already applied in those views.

Fixes action errors when cyclades are installed along with astakos app which
enables csrf protection middleware.

Also add 2013 in package COPYRIGHT files.

Change logging level of messages about unauthorized access to helpdesk.
Info level should be enough.

Add basic support for quering a public IP address. All uses of this IP
address are returned which are currently rendered to a dummy template.

Use POST /tokens to authenticate. Delete AstakosClient.get_user_info()
and replace its uses by AstakosClient.authenticate().

Change AstakosClient to use ASTAKOS_AUTH_URL as entry point to the
Astakos service, instead of ASTAKOS_BASE_URL it was using until now.

Remove ASTAKOS_BASE_URL from Cyclades settings, replace it with
ASTAKOS_AUTH_URL. Modify Cyclades to determine ASTAKOS_ACCOUNT_URL and
ASTAKOS_UI_URL with calls to astakosclient.

In Django 1.4 'is_safe' and 'needs_autoescape' attributes has been made
keyword arguments of @register.filter

Drop support for Django 1.2. Remove compatibility code that were used in
order to support Django 1.2 and 1.4. Finally update django documentation
link in the docs.

This reverts commit 730fb3b0a0607bba95b90db1c6154cb7febb9187. This
commit is reverted because it breaks compatibility with Django 1.2. This
should be applied for Synnefo 0.15.

In Django 1.4 'is_safe' and 'needs_autoescape' attributes has been made
keyword arguments of @register.filter

when helpdesk users search using ip address

Major refactor to cyclades api and logic apps that removes most code
from the api views and moves it to logic app, so that the same logic
code can be used by different apps (e.g. EC2 API). Code is moved into
logic.servers.

This commit also introduces the VirtualMachine.task attribute
which contains the last issued action to a server. This attribute is set
when the corresponding job is sent to Ganeti, and is cleared upon
completion of the corresponding job (task_job_id attribute). Until the
task is completed, no other action is allowed on the VM. The only
exception is 'DESTROY' action which is always allowed. Actions on VMs
with uncompleted tasks results in a bad request fault.  Also, some
actions are not allowed if the operating state of the VM is not correct.
For example, it is not allowed to start or resize a running VM.  The
running task is also exposed to the API (SNF:task_state), and the
available states are:
* BUILDING
* STARTING
* STOPPING
* REBOOTING
* DESTROYING
* RESIZING
* CONNECTING
* DISCONNECTING

Also, this commit introduces two quotable resources, the 'active_ram'
and 'active_cpu' representing the ram and cpu of running instances,
specifically the instances in 'STARTED', 'BUILD' and 'ERROR' operstate.
In order to count quotas for these resources, commissioning is needed
when starting, stopping and rebooting instances. Also, the destroy
commissioning is different if the vm is running or is stopped.

Finally this commit changes the way commissioning is used in
snf-dispatcher. Until now dispatcher only accepted or rejected
commissions issued by the API. This commit introduces extra logic in
dispatcher, to issue commissions for every quotable change, if a
commission for this change has not already been issued by the API. This
enables the administrator to do whatever action in the Ganeti backend
without resulting in unsynced quotas. If a new commission is required,
the previous commission for the VM by the API (if existing) will be
rejected, since this commission will reflect a different change in the
VM.

variable used as prefix for vm os icon urls

https://service.deployment.vendor.tld/service-base/api-prefix/hard/path
|___________________________________| |__________| |________| |_______|
             BASE_HOST                  BASE_PATH    PREFIX    Hardcoded
|_________________________________________________|
             SERVICE_BASE_URL

- Introduce <SERVICE>_BASE_URL setting, and <API>_PREFIX constants
  for all services. Extract BASE_HOST, BASE_PATH from the setting.

- Use settings and constants to construct top-level patterns
  (base-path/api-prefix) in services' urls.py

- Refactor/extend proxy() to be compatible with the above.

- Change URLs passed around (ui, e-mails) to be compatible.
  (needs more work)

Notes:

This configuration REQUIRES that any rewriting and proxying on the
front-end must eventually result in the application server (gunicorn)
getting the original path of the request, otherwise the view-generated
URLs will be different.

Changes:
- set top-level urlpatterns from <SERVICE>_BASE_URL
- rename setting: APP_INSTALL_URL to CYCLADES_BASE_URL
- rename setting: ASTAKOS_URL to ASTAKOS_BASE_URL everywhere
- introduce setting: PITHOS_BASE_URL
- update shipped .confs, quick install admin guide, upgrade guide
- fix urls/views/reverse()/other that were broken
- (more not listed)

use existing cyclades db factories instead of json fixtures which are painful
to maintain

Use mock to library to bypass astakos authentication in helpdesk views.

Include an additional action to helpdesk view. Based on the current
status of the virtual machine helpdesk user is allowed to start it or
shut it down.

This comes handy since in most cases vm suspension needs to be
followed up with some kind of network cut off of the corresponding
machine. Since no such option is currently available from the
software, machine shutdown is provided as an alternative.

Refs #3452

- Include suspend/release suspension tests
- Mock astakos displayname/uuid resolving methods
- Update fixtures with user uuids
- Test vmid lookup

Refs #3454

Refs #3453

VM lookup is triggered when search query matches the following patterns

- vm<id>
- vm-<id>

- Do not use autocomplete feature (usernames are now stored in astakos
  db)
- Translate provided username to retrieve user uuid
- UI: Display network operstate in as badge. Hide deleted vms in nics
  lists.