7 files changed, 124 insertions, 59 deletions

diff --git a/compass-deck/db/api/cluster.py b/compass-deck/db/api/cluster.py
index 7a7022c..82bcaab 100644
--- a/compass-deck/db/api/cluster.py
+++ b/compass-deck/db/api/cluster.py
@@ -48,9 +48,9 @@ RESP_CLUSTERHOST_FIELDS = [
     'cluster_id', 'clustername', 'location', 'tag',
     'networks', 'mac', 'switch_ip', 'port', 'switches',
     'os_installed', 'distributed_system_installed',
-    'os_name', 'os_id', 'ip',
-    'reinstall_os', 'reinstall_distributed_system',
-    'owner', 'cluster_id',
+    'os_name', 'os_id', 'ip', 'reinstall_os',
+    'reinstall_distributed_system', 'owner', 'cluster_id',
+    'power_type', 'power_manage',
     'created_at', 'updated_at',
     'patched_roles'
 ]
diff --git a/compass-deck/db/api/host.py b/compass-deck/db/api/host.py
index 15e0bb6..61e3ab2 100644
--- a/compass-deck/db/api/host.py
+++ b/compass-deck/db/api/host.py
@@ -16,6 +16,7 @@
 import functools
 import logging
 import netaddr
+import ipaddress
 import re
 
 from compass.db.api import database
@@ -23,6 +24,7 @@ from compass.db.api import metadata_holder as metadata_api
 from compass.db.api import permission
 from compass.db.api import user as user_api
 from compass.db.api import utils
+from compass.db.api import network
 from compass.db import exception
 from compass.db import models
 from compass.utils import util
@@ -642,6 +644,35 @@ def get_hostnetwork(host_network_id, user=None, session=None, **kwargs):
     return _get_hostnetwork(host_network_id, session=session)
 
 
+def check_ip_available(subnet, ip):
+    if not subnet.reserved_range:
+       return
+    ip_int = int(ipaddress.IPv4Address(ip.decode()))
+    reserved_ranges = []
+    reserved_ips = []
+    for item in subnet.reserved_range.split(','):
+        ip_ends = item.split('-')
+        if len(ip_ends) == 2:
+            reserved_ranges.append(item)
+        elif len(ip_ends) == 1:
+            reserved_ips.append(item)
+    for item in reserved_ranges:
+        ends = item.split('-')
+        check_1 = int(ipaddress.IPv4Address(ends[0].decode())) - ip_int
+        check_2 = int(ipaddress.IPv4Address(ends[1].decode())) - ip_int
+        if (check_1 > 0) ^ (check_2 > 0):
+            raise exception.Forbidden(
+                'IP %s is reserved, reserved range: %s'
+                % (ip, subnet.reserved_range)
+                )
+    for item in reserved_ips:
+        if ip_int == int(ipaddress.IPv4Address(item.decode())):
+            raise exception.Forbidden(
+                'IP %s is reserved, reserved range: %s'
+                % (ip, subnet.reserved_range)
+                )
+
+
 @utils.supported_filters(
     ADDED_NETWORK_FIELDS,
     optional_support_keys=OPTIONAL_ADDED_NETWORK_FIELDS,
@@ -652,17 +683,20 @@ def get_hostnetwork(host_network_id, user=None, session=None, **kwargs):
 )
 @utils.wrap_to_dict(RESP_NETWORK_FIELDS)
 def _add_host_network(
-    host_id, exception_when_existing=True,
-    session=None, user=None, interface=None, ip=None, **kwargs
+    host_id, exception_when_existing=True, session=None,
+    user=None, interface=None, ip=None, subnet_id=None, **kwargs
 ):
     """Add hostnetwork to a host."""
     host = _get_host(host_id, session=session)
     check_host_editable(host, user=user)
+    subnet = network.get_subnet_internal(subnet_id, session=session)
+    check_ip_available(subnet, ip)
     user_id = user.id
     return utils.add_db_object(
         session, models.HostNetwork,
         exception_when_existing,
-        host.id, interface, user_id, ip=ip, **kwargs
+        host.id, interface, user_id,
+        ip=ip, subnet_id=subnet_id, **kwargs
     )
 
 
@@ -671,14 +705,13 @@ def _add_host_network(
     permission.PERMISSION_ADD_HOST_NETWORK
 )
 def add_host_network(
-    host_id, exception_when_existing=True,
-    interface=None, user=None, session=None, **kwargs
+    host_id, exception_when_existing=True, interface=None,
+    user=None, session=None, subnet_id=None, **kwargs
 ):
     """Create a hostnetwork to a host."""
     return _add_host_network(
-        host_id,
-        exception_when_existing,
-        interface=interface, session=session, user=user, **kwargs
+        host_id, exception_when_existing, interface=interface,
+        user=user, session=session, subnet_id=subnet_id, **kwargs
     )
 
 
@@ -747,6 +780,8 @@ def _update_host_network(
 ):
     """Update host network."""
     check_host_editable(host_network.host, user=user)
+    subnet = network.get_subnet_internal(host_network.subnet_id, session=session)
+    check_ip_available(subnet, ip)
     return utils.update_db_object(session, host_network, **kwargs)
 
 
diff --git a/compass-deck/db/api/machine.py b/compass-deck/db/api/machine.py
index b7b16b2..5b3cea0 100644
--- a/compass-deck/db/api/machine.py
+++ b/compass-deck/db/api/machine.py
@@ -29,20 +29,20 @@ from compass.utils import util
 
 MACHINE_PRIMARY_FILEDS = ['mac', 'owner_id']
 SUPPORTED_FIELDS = [
-    'mac', 'tag', 'location',
-    'machine_attributes', 'owner_id']
+    'mac', 'tag', 'location', 'power_manage',
+    'machine_attributes', 'owner_id', 'power_type']
 IGNORE_FIELDS = ['id', 'created_at', 'updated_at']
 UPDATED_FIELDS = [
-    'ipmi_credentials', 'machine_attributes',
-    'tag', 'location']
+    'mac', 'tag', 'location', 'power_manage',
+    'machine_attributes', 'power_type']
 PATCHED_FIELDS = [
-    'patched_ipmi_credentials', 'patched_tag',
+    'patched_power_manage', 'patched_tag',
     'patched_location'
 ]
 RESP_FIELDS = [
-    'id', 'mac', 'ipmi_credentials', 'switches', 'switch_ip',
+    'id', 'mac', 'power_manage', 'switches', 'switch_ip',
     'port', 'vlans', 'machine_attributes', 'owner_id',
-    'tag', 'location', 'created_at', 'updated_at'
+    'tag', 'location', 'power_type', 'created_at', 'updated_at'
 ]
 RESP_DEPLOY_FIELDS = [
     'status', 'machine'
@@ -68,7 +68,7 @@ def _get_machine(machine_id, session=None, **kwargs):
 @utils.input_validates(mac=utils.check_mac)
 def _add_machine(mac, owner_id=None, session=None, **kwargs):
     """Add a machine."""
-    if isinstance(owner_id, (int, long)):
+    if not owner_id or isinstance(owner_id, (int, long)):
         return utils.add_db_object(
             session, models.Machine,
             True,
@@ -149,7 +149,7 @@ def _update_machine(machine_id, session=None, **kwargs):
     optional_support_keys=UPDATED_FIELDS,
     ignore_support_keys=IGNORE_FIELDS
 )
-@utils.input_validates(ipmi_credentials=utils.check_ipmi_credentials)
+@utils.input_validates(power_manage=utils.check_power_manage)
 @database.run_in_session()
 @user_api.check_user_permission(
     permission.PERMISSION_ADD_MACHINE
@@ -161,11 +161,11 @@ def update_machine(machine_id, user=None, session=None, **kwargs):
     )
 
 
-# replace [ipmi_credentials, tag, location] to
-# [patched_ipmi_credentials, patched_tag, patched_location]
+# replace [power_manage, tag, location] to
+# [patched_power_manage, patched_tag, patched_location]
 # in kwargs. It tells db these fields will be patched.
 @utils.replace_filters(
-    ipmi_credentials='patched_ipmi_credentials',
+    power_manage='patched_power_manage',
     tag='patched_tag',
     location='patched_location'
 )
@@ -174,7 +174,7 @@ def update_machine(machine_id, user=None, session=None, **kwargs):
     ignore_support_keys=IGNORE_FIELDS
 )
 @database.run_in_session()
-@utils.output_validates(ipmi_credentials=utils.check_ipmi_credentials)
+@utils.output_validates(power_manage=utils.check_power_manage)
 @user_api.check_user_permission(
     permission.PERMISSION_ADD_MACHINE
 )
diff --git a/compass-deck/db/api/network.py b/compass-deck/db/api/network.py
index e2bf7d3..763b0b3 100644
--- a/compass-deck/db/api/network.py
+++ b/compass-deck/db/api/network.py
@@ -15,6 +15,7 @@
 """Network related database operations."""
 import logging
 import netaddr
+import ipaddress
 import re
 
 from compass.db.api import database
@@ -25,16 +26,17 @@ from compass.db import exception
 from compass.db import models
 
 
-SUPPORTED_FIELDS = ['subnet', 'name']
+SUPPORTED_FIELDS = ['subnet', 'name', 'gateway']
 RESP_FIELDS = [
-    'id', 'name', 'subnet', 'created_at', 'updated_at'
+    'id', 'name', 'subnet', 'gateway', 'created_at',
+    'updated_at', 'reserved_range'
 ]
 ADDED_FIELDS = ['subnet']
-OPTIONAL_ADDED_FIELDS = ['name']
+OPTIONAL_ADDED_FIELDS = ['name', 'gateway', 'reserved_range']
 IGNORE_FIELDS = [
     'id', 'created_at', 'updated_at'
 ]
-UPDATED_FIELDS = ['subnet', 'name']
+UPDATED_FIELDS = ['subnet', 'name', 'gateway', 'reserved_range']
 
 
 def _check_subnet(subnet):
@@ -47,6 +49,29 @@ def _check_subnet(subnet):
             'subnet %s format unrecognized' % subnet)
 
 
+def _check_ip_range(ip_ranges):
+    """Check if the ip range is valid.
+    The valid range can be a range or individual ips.
+    Range should be two ips jointed with "-", different ip
+    ranges and ips should be separated by ","
+    e.g. "10.1.0.0-10.1.0.50, 10.1.0.60"
+    """
+    for ip_range in ip_ranges.split(','):
+        ip_ends = ip_range.split('-')
+        try:
+            ipaddress.IPv4Address(ip_ends[0].decode())
+            if len(ip_ends) == 2:
+                ipaddress.IPv4Address(ip_ends[1].decode())
+        except Exception as error:
+            logging.exception(error)
+            raise exception.InvalidParameter(
+                'ip range %s format unrecognized' % ip_ranges)
+        finally:
+            if len(ip_ends) > 2:
+                raise exception.InvalidParameter(
+                    'ip range %s format unrecognized' % ip_ranges)
+
+
 @utils.supported_filters(optional_support_keys=SUPPORTED_FIELDS)
 @database.run_in_session()
 @user_api.check_user_permission(
@@ -72,6 +97,11 @@ def _get_subnet(subnet_id, session=None, **kwargs):
     )
 
 
+def get_subnet_internal(subnet_id, session=None, **kwargs):
+    """"Helper function to get subnet."""
+    return _get_subnet(subnet_id=subnet_id, session=session, **kwargs)
+
+
 @utils.supported_filters([])
 @database.run_in_session()
 @user_api.check_user_permission(
@@ -93,7 +123,7 @@ def get_subnet(
     ADDED_FIELDS, optional_support_keys=OPTIONAL_ADDED_FIELDS,
     ignore_support_keys=IGNORE_FIELDS
 )
-@utils.input_validates(subnet=_check_subnet)
+@utils.input_validates(subnet=_check_subnet, reserved_range=_check_ip_range)
 @database.run_in_session()
 @user_api.check_user_permission(
     permission.PERMISSION_ADD_SUBNET
@@ -114,7 +144,7 @@ def add_subnet(
     optional_support_keys=UPDATED_FIELDS,
     ignore_support_keys=IGNORE_FIELDS
 )
-@utils.input_validates(subnet=_check_subnet)
+@utils.input_validates(subnet=_check_subnet, reserved_range=_check_ip_range)
 @database.run_in_session()
 @user_api.check_user_permission(
     permission.PERMISSION_ADD_SUBNET
diff --git a/compass-deck/db/api/switch.py b/compass-deck/db/api/switch.py
index 647eec0..92d7a7f 100644
--- a/compass-deck/db/api/switch.py
+++ b/compass-deck/db/api/switch.py
@@ -58,17 +58,17 @@ UPDATED_FILTERS_FIELDS = ['put_machine_filters']
 PATCHED_FILTERS_FIELDS = ['patched_machine_filters']
 ADDED_MACHINES_FIELDS = ['mac']
 OPTIONAL_ADDED_MACHINES_FIELDS = [
-    'ipmi_credentials', 'tag', 'location', 'owner_id'
+    'power_manage', 'tag', 'location', 'owner_id'
 ]
 ADDED_SWITCH_MACHINES_FIELDS = ['port']
 OPTIONAL_ADDED_SWITCH_MACHINES_FIELDS = ['vlans']
 UPDATED_MACHINES_FIELDS = [
-    'ipmi_credentials',
+    'power_manage',
     'tag', 'location'
 ]
 UPDATED_SWITCH_MACHINES_FIELDS = ['port', 'vlans', 'owner_id']
 PATCHED_MACHINES_FIELDS = [
-    'patched_ipmi_credentials',
+    'patched_power_manage',
     'patched_tag', 'patched_location'
 ]
 PATCHED_SWITCH_MACHINES_FIELDS = ['patched_vlans']
@@ -85,13 +85,13 @@ RESP_ACTION_FIELDS = [
 RESP_MACHINES_FIELDS = [
     'id', 'switch_id', 'switch_ip', 'machine_id', 'switch_machine_id',
     'port', 'vlans', 'mac', 'owner_id',
-    'ipmi_credentials', 'tag', 'location',
+    'power_manage', 'tag', 'location',
     'created_at', 'updated_at'
 ]
 RESP_MACHINES_HOSTS_FIELDS = [
     'id', 'switch_id', 'switch_ip', 'machine_id', 'switch_machine_id',
     'port', 'vlans', 'mac',
-    'ipmi_credentials', 'tag', 'location', 'ip',
+    'power_manage', 'tag', 'location', 'ip',
     'name', 'hostname', 'os_name', 'owner',
     'os_installer', 'reinstall_os', 'os_installed',
     'clusters', 'created_at', 'updated_at'
@@ -988,13 +988,13 @@ def update_switchmachine(switch_machine_id, user=None, session=None, **kwargs):
     )
 
 
-# replace [vlans, ipmi_credentials, tag, location] to
-# [patched_vlans, patched_ipmi_credentials, patched_tag,
+# replace [vlans, power_manage, tag, location] to
+# [patched_vlans, patched_power_manage, patched_tag,
 # patched_location] in kwargs. It tells db these fields will
 # be patched.
 @utils.replace_filters(
     vlans='patched_vlans',
-    ipmi_credentials='patched_ipmi_credentials',
+    power_manage='patched_power_manage',
     tag='patched_tag',
     location='patched_location'
 )
@@ -1024,13 +1024,13 @@ def patch_switch_machine(
     )
 
 
-# replace [vlans, ipmi_credentials, tag, location] to
-# [patched_vlans, patched_ipmi_credentials, patched_tag,
+# replace [vlans, power_manage, tag, location] to
+# [patched_vlans, patched_power_manage, patched_tag,
 # patched_location] in kwargs. It tells db these fields will
 # be patched.
 @utils.replace_filters(
     vlans='patched_vlans',
-    ipmi_credentials='patched_ipmi_credentials',
+    power_manage='patched_power_manage',
     tag='patched_tag',
     location='patched_location'
 )
diff --git a/compass-deck/db/api/user.py b/compass-deck/db/api/user.py
index db039eb..0105797 100644
--- a/compass-deck/db/api/user.py
+++ b/compass-deck/db/api/user.py
@@ -18,7 +18,7 @@ import functools
 import logging
 import re
 
-from flask.ext.login import UserMixin
+from flask_login import UserMixin
 
 from compass.db.api import database
 from compass.db.api import utils
diff --git a/compass-deck/db/api/utils.py b/compass-deck/db/api/utils.py
index a44f26e..8921b4a 100644
--- a/compass-deck/db/api/utils.py
+++ b/compass-deck/db/api/utils.py
@@ -1208,42 +1208,42 @@ def check_name(name):
         )
 
 
-def _check_ipmi_credentials_ip(ip):
+def _check_power_manage_ip(ip):
     check_ip(ip)
 
 
-def check_ipmi_credentials(ipmi_credentials):
-    """Check ipmi credentials format is correct."""
-    if not ipmi_credentials:
+def check_power_manage(power_manage):
+    """Check power manage format is correct."""
+    if not power_manage:
         return
-    if not isinstance(ipmi_credentials, dict):
+    if not isinstance(power_manage, dict):
         raise exception.InvalidParameter(
-            'invalid ipmi credentials %s' % ipmi_credentials
+            'invalid power manage %s' % power_manage
 
         )
-    for key in ipmi_credentials:
+    for key in power_manage:
         if key not in ['ip', 'username', 'password']:
             raise exception.InvalidParameter(
-                'unrecognized field %s in ipmi credentials %s' % (
-                    key, ipmi_credentials
+                'unrecognized field %s in power manage %s' % (
+                    key, power_manage
                 )
             )
     for key in ['ip', 'username', 'password']:
-        if key not in ipmi_credentials:
+        if key not in power_manage:
             raise exception.InvalidParameter(
-                'no field %s in ipmi credentials %s' % (
-                    key, ipmi_credentials
+                'no field %s in power manage %s' % (
+                    key, power_manage
                 )
             )
-        check_ipmi_credential_field = '_check_ipmi_credentials_%s' % key
+        check_power_manage_field = '_check_power_manage_%s' % key
         this_module = globals()
-        if check_ipmi_credential_field in this_module:
-            this_module[check_ipmi_credential_field](
-                ipmi_credentials[key]
+        if check_power_manage_field in this_module:
+            this_module[check_power_manage_field](
+                power_manage[key]
             )
         else:
             logging.debug(
-                'function %s is not defined', check_ipmi_credential_field
+                'function %s is not defined', check_power_manage_field
             )