faec267c2f
Fixes bug 1015148
The code enable defining validity checks for input variables. This
is done via callback functions per type. The following types are supported:
- type:values - checks that data is valid according to a list of values
- type:mac_address - checks that data is a valid mac address
- type:ip_address - checks that data is a valid ip address
- type:subnet - checks that data is a valid cidr
- type:regex - checks that data matches a regular expression (for
example checking UUID validity)
Change-Id: Iaa694cbfe3c518a5cd3951271853fe986106e7f5
165 lines
6.6 KiB
Python
165 lines
6.6 KiB
Python
# Copyright (c) 2012 OpenStack, LLC.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the 'License');
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an 'AS IS' BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
|
# implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
ATTR_NOT_SPECIFIED = object()
|
|
|
|
# Note: a default of ATTR_NOT_SPECIFIED indicates that an
|
|
# attribute is not required, but will be generated by the plugin
|
|
# if it is not specified. Particularly, a value of ATTR_NOT_SPECIFIED
|
|
# is different from an attribute that has been specified with a value of
|
|
# None. For example, if 'gateway_ip' is ommitted in a request to
|
|
# create a subnet, the plugin will receive ATTR_NOT_SPECIFIED
|
|
# and the default gateway_ip will be generated.
|
|
# However, if gateway_ip is specified as None, this means that
|
|
# the subnet does not have a gateway IP.
|
|
|
|
import logging
|
|
import netaddr
|
|
import re
|
|
|
|
LOG = logging.getLogger(__name__)
|
|
|
|
|
|
def _validate_values(data, valid_values=None):
|
|
if data in valid_values:
|
|
return
|
|
else:
|
|
msg_dict = dict(data=data, values=valid_values)
|
|
msg = _("%(data)s is not in %(values)s") % msg_dict
|
|
LOG.debug("validate_values: %s", msg)
|
|
return msg
|
|
|
|
|
|
def _validate_mac_address(data, valid_values=None):
|
|
try:
|
|
netaddr.EUI(data)
|
|
return
|
|
except Exception:
|
|
msg = _("%s is not a valid MAC address") % data
|
|
LOG.debug("validate_mac_address: %s", msg)
|
|
return msg
|
|
|
|
|
|
def _validate_ip_address(data, valid_values=None):
|
|
try:
|
|
netaddr.IPAddress(data)
|
|
return
|
|
except Exception:
|
|
msg = _("%s is not a valid IP address") % data
|
|
LOG.debug("validate_ip_address: %s", msg)
|
|
return msg
|
|
|
|
|
|
def _validate_subnet(data, valid_values=None):
|
|
try:
|
|
netaddr.IPNetwork(data)
|
|
return
|
|
except Exception:
|
|
msg = _("%s is not a valid IP subnet") % data
|
|
LOG.debug("validate_subnet: %s", msg)
|
|
return msg
|
|
|
|
|
|
def _validate_regex(data, valid_values=None):
|
|
match = re.match(valid_values, data)
|
|
if match:
|
|
return
|
|
else:
|
|
msg = _("%s is not valid") % data
|
|
LOG.debug("validate_regex: %s", msg)
|
|
return msg
|
|
|
|
|
|
HEX_ELEM = '[0-9A-Fa-f]'
|
|
UUID_PATTERN = '-'.join([HEX_ELEM + '{8}', HEX_ELEM + '{4}',
|
|
HEX_ELEM + '{4}', HEX_ELEM + '{4}',
|
|
HEX_ELEM + '{12}'])
|
|
|
|
# Dictionary that maintains a list of validation functions
|
|
validators = {'type:values': _validate_values,
|
|
'type:mac_address': _validate_mac_address,
|
|
'type:ip_address': _validate_ip_address,
|
|
'type:subnet': _validate_subnet,
|
|
'type:regex': _validate_regex}
|
|
|
|
# Note: a default of ATTR_NOT_SPECIFIED indicates that an
|
|
# attribute is not required, but will be generated by the plugin
|
|
# if it is not specified. Particularly, a value of ATTR_NOT_SPECIFIED
|
|
# is different from an attribute that has been specified with a value of
|
|
# None. For example, if 'gateway_ip' is ommitted in a request to
|
|
# create a subnet, the plugin will receive ATTR_NOT_SPECIFIED
|
|
# and the default gateway_ip will be generated.
|
|
# However, if gateway_ip is specified as None, this means that
|
|
# the subnet does not have a gateway IP.
|
|
# Some of the following attributes are used by the policy engine.
|
|
# They are explicitly marked with the required_by_policy flag to ensure
|
|
# they are always returned by a plugin for policy processing, even if
|
|
# they are not specified in the 'fields' query param
|
|
RESOURCE_ATTRIBUTE_MAP = {
|
|
'networks': {
|
|
'id': {'allow_post': False, 'allow_put': False,
|
|
'validate': {'type:regex': UUID_PATTERN}},
|
|
'name': {'allow_post': True, 'allow_put': True},
|
|
'subnets': {'allow_post': True, 'allow_put': True, 'default': []},
|
|
'admin_state_up': {'allow_post': True, 'allow_put': True,
|
|
'default': True,
|
|
'validate': {'type:values': [True, False]}},
|
|
'status': {'allow_post': False, 'allow_put': False},
|
|
'tenant_id': {'allow_post': True, 'allow_put': False,
|
|
'required_by_policy': True},
|
|
},
|
|
'ports': {
|
|
'id': {'allow_post': False, 'allow_put': False,
|
|
'validate': {'type:regex': UUID_PATTERN}},
|
|
'network_id': {'allow_post': True, 'allow_put': False,
|
|
'validate': {'type:regex': UUID_PATTERN}},
|
|
'admin_state_up': {'allow_post': True, 'allow_put': True,
|
|
'default': True,
|
|
'validate': {'type:values': [True, False]}},
|
|
'mac_address': {'allow_post': True, 'allow_put': False,
|
|
'default': ATTR_NOT_SPECIFIED,
|
|
'validate': {'type:mac_address': None}},
|
|
'fixed_ips': {'allow_post': True, 'allow_put': True,
|
|
'default': ATTR_NOT_SPECIFIED},
|
|
'host_routes': {'allow_post': True, 'allow_put': True,
|
|
'default': ATTR_NOT_SPECIFIED},
|
|
'device_id': {'allow_post': True, 'allow_put': True, 'default': ''},
|
|
'tenant_id': {'allow_post': True, 'allow_put': False,
|
|
'required_by_policy': True},
|
|
},
|
|
'subnets': {
|
|
'id': {'allow_post': False, 'allow_put': False,
|
|
'validate': {'type:regex': UUID_PATTERN}},
|
|
'ip_version': {'allow_post': True, 'allow_put': False,
|
|
'validate': {'type:values': [4, 6]}},
|
|
'network_id': {'allow_post': True, 'allow_put': False,
|
|
'validate': {'type:regex': UUID_PATTERN}},
|
|
'cidr': {'allow_post': True, 'allow_put': False,
|
|
'validate': {'type:subnet': None}},
|
|
'gateway_ip': {'allow_post': True, 'allow_put': True,
|
|
'default': ATTR_NOT_SPECIFIED,
|
|
'validate': {'type:ip_address': None}},
|
|
#TODO(salvatore-orlando): Enable PUT on allocation_pools
|
|
'allocation_pools': {'allow_post': True, 'allow_put': False,
|
|
'default': ATTR_NOT_SPECIFIED},
|
|
'dns_namesevers': {'allow_post': True, 'allow_put': True,
|
|
'default': ATTR_NOT_SPECIFIED},
|
|
'additional_host_routes': {'allow_post': True, 'allow_put': True,
|
|
'default': ATTR_NOT_SPECIFIED},
|
|
'tenant_id': {'allow_post': True, 'allow_put': False,
|
|
'required_by_policy': True},
|
|
}
|
|
}
|