diff options
Diffstat (limited to 'moon_orchestrator/moon_orchestrator/api/pods.py')
-rw-r--r-- | moon_orchestrator/moon_orchestrator/api/pods.py | 100 |
1 files changed, 68 insertions, 32 deletions
diff --git a/moon_orchestrator/moon_orchestrator/api/pods.py b/moon_orchestrator/moon_orchestrator/api/pods.py index 31ae31de..3a01c3a9 100644 --- a/moon_orchestrator/moon_orchestrator/api/pods.py +++ b/moon_orchestrator/moon_orchestrator/api/pods.py @@ -6,6 +6,7 @@ from flask import request from flask_restful import Resource from python_moonutilities.security_functions import check_auth +from python_moonutilities import exceptions import logging logger = logging.getLogger("moon.orchestrator.api.pods") @@ -17,6 +18,7 @@ class Pods(Resource): """ __version__ = "4.3.1" + POD_TYPES = ("authz", "wrapper") __urls__ = ( "/pods", @@ -57,6 +59,21 @@ class Pods(Resource): except Exception as e: return {"result": False, "message": str(e)}, 500 + def __get_pod_with_keystone_pid(self, keystone_pid): + for pod_key, pod_values in self.driver.get_pods().items(): + if pod_values[0]['keystone_project_id'] == keystone_pid: + return True + + def __get_wrapper(self, slave_name): + for slave in self.driver.get_slaves(): + if slave_name == slave["name"] \ + and slave["configured"]: + return True + + def __get_slave_names(self): + for slave in self.driver.get_slaves(): + yield slave["name"] + @check_auth def post(self, uuid=None, user_id=None): """Create a new pod. @@ -64,9 +81,14 @@ class Pods(Resource): :param uuid: uuid of the pod (not used here) :param user_id: user ID who do the request :request body: { - "name": "...", - "description": "...", - "type": "plugin_name" + "pdp_id": "fa2323f7055d4a88b1b85d31fe5e8369", + "name": "pdp_rbac3", + "keystone_project_id": "ceacbb5564cc48ad929dd4f00e52bf63", + "models": {...}, + "policies": {...}, + "description": "test", + "security_pipeline": [...], + "slave_name": "" } :return: { "pdp_id1": { @@ -76,25 +98,35 @@ class Pods(Resource): } } """ - logger.debug("POST param={}".format(request.json)) - try: + pods = {} + if "security_pipeline" in request.json: + if self.__get_pod_with_keystone_pid(request.json.get("keystone_project_id")): + raise exceptions.PipelineConflict self.driver.create_pipeline( request.json.get("keystone_project_id"), request.json.get("pdp_id"), request.json.get("security_pipeline"), manager_data=request.json, - active_context=None, - active_context_name=None) - pods = {} + slave_name=request.json.get("slave_name")) for _pod_key, _pod_values in self.driver.get_pods().items(): pods[_pod_key] = [] for _pod_value in _pod_values: if _pod_value['namespace'] != "moon": continue pods[_pod_key].append(_pod_value) - return {"pods": pods} - except Exception as e: - return {"result": False, "message": str(e)}, 500 + else: + logger.info("------------------------------------") + logger.info(list(self.__get_slave_names())) + logger.info("------------------------------------") + if self.__get_wrapper(request.json.get("slave_name")): + raise exceptions.WrapperConflict + if request.json.get("slave_name") not in self.__get_slave_names(): + raise exceptions.SlaveNameUnknown + slave_name = request.json.get("slave_name") + if not slave_name: + slave_name = self.driver.get_slaves(active=True) + self.driver.create_wrappers(slave_name) + return {"pods": self.driver.get_pods()} @check_auth def delete(self, uuid=None, user_id=None): @@ -110,27 +142,31 @@ class Pods(Resource): try: self.driver.delete_pipeline(uuid) return {'result': True} + except exceptions.PipelineUnknown: + for slave in self.driver.get_slaves(): + if uuid in (slave['name'], slave["wrapper_name"]): + self.driver.delete_wrapper(name=slave["wrapper_name"]) except Exception as e: return {"result": False, "message": str(e)}, 500 - @check_auth - def patch(self, uuid=None, user_id=None): - """Update a pod - - :param uuid: uuid of the pdp to update - :param user_id: user ID who do the request - :request body: { - "name": "...", - "replicas": "...", - "description": "...", - } - :return: { - "pod_id1": { - "name": "...", - "replicas": "...", - "description": "...", - } - } - :internal_api: update_pdp - """ - return {"pods": None} + # @check_auth + # def patch(self, uuid=None, user_id=None): + # """Update a pod + # + # :param uuid: uuid of the pdp to update + # :param user_id: user ID who do the request + # :request body: { + # "name": "...", + # "replicas": "...", + # "description": "...", + # } + # :return: { + # "pod_id1": { + # "name": "...", + # "replicas": "...", + # "description": "...", + # } + # } + # :internal_api: update_pdp + # """ + # return {"pods": None} |