OpenStack Image Management (Glance)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

1630 lines
57 KiB

# Copyright 2010 United States Government as represented by the
# Administrator of the National Aeronautics and Space Administration.
# Copyright 2010-2011 OpenStack Foundation
# Copyright 2012 Justin Santa Barbara
# Copyright 2013 IBM Corp.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
"""Defines interface for DB access."""
import threading
from oslo.config import cfg
from oslo.db import exception as db_exception
from oslo.db.sqlalchemy import session
from oslo.utils import timeutils
import osprofiler.sqlalchemy
from retrying import retry
import six
from six.moves import xrange
import sqlalchemy
import sqlalchemy.orm as sa_orm
import sqlalchemy.sql as sa_sql
from glance.common import exception
from glance.common import utils
from glance.db.sqlalchemy.metadef_api import namespace as metadef_namespace_api
from glance.db.sqlalchemy.metadef_api import object as metadef_object_api
from glance.db.sqlalchemy.metadef_api import property as metadef_property_api
from glance.db.sqlalchemy.metadef_api\
import resource_type as metadef_resource_type_api
from glance.db.sqlalchemy.metadef_api\
import resource_type_association as metadef_association_api
from glance.db.sqlalchemy import models
from glance import i18n
import glance.openstack.common.log as os_logging
BASE = models.BASE
sa_logger = None
LOG = os_logging.getLogger(__name__)
_ = i18n._
_LI = i18n._LI
_LW = i18n._LW
STATUSES = ['active', 'saving', 'queued', 'killed', 'pending_delete',
'deleted']
CONF = cfg.CONF
CONF.import_opt('debug', 'glance.openstack.common.log')
CONF.import_group("profiler", "glance.common.wsgi")
_FACADE = None
_LOCK = threading.Lock()
def _retry_on_deadlock(exc):
"""Decorator to retry a DB API call if Deadlock was received."""
if isinstance(exc, db_exception.DBDeadlock):
LOG.warn(_LW("Deadlock detected. Retrying..."))
return True
return False
def _create_facade_lazily():
global _LOCK, _FACADE
if _FACADE is None:
with _LOCK:
if _FACADE is None:
_FACADE = session.EngineFacade.from_config(CONF)
if CONF.profiler.enabled and CONF.profiler.trace_sqlalchemy:
osprofiler.sqlalchemy.add_tracing(sqlalchemy,
_FACADE.get_engine(),
"db")
return _FACADE
def get_engine():
facade = _create_facade_lazily()
return facade.get_engine()
def get_session(autocommit=True, expire_on_commit=False):
facade = _create_facade_lazily()
return facade.get_session(autocommit=autocommit,
expire_on_commit=expire_on_commit)
def clear_db_env():
"""
Unset global configuration variables for database.
"""
global _FACADE
_FACADE = None
def _check_mutate_authorization(context, image_ref):
if not is_image_mutable(context, image_ref):
LOG.warn(_LW("Attempted to modify image user did not own."))
msg = _("You do not own this image")
if image_ref.is_public:
exc_class = exception.ForbiddenPublicImage
else:
exc_class = exception.Forbidden
raise exc_class(msg)
def image_create(context, values):
"""Create an image from the values dictionary."""
return _image_update(context, values, None, purge_props=False)
def image_update(context, image_id, values, purge_props=False,
from_state=None):
"""
Set the given properties on an image and update it.
:raises NotFound if image does not exist.
"""
return _image_update(context, values, image_id, purge_props,
from_state=from_state)
@retry(retry_on_exception=_retry_on_deadlock, wait_fixed=500,
stop_max_attempt_number=50)
def image_destroy(context, image_id):
"""Destroy the image or raise if it does not exist."""
session = get_session()
with session.begin():
image_ref = _image_get(context, image_id, session=session)
# Perform authorization check
_check_mutate_authorization(context, image_ref)
image_ref.delete(session=session)
delete_time = image_ref.deleted_at
_image_locations_delete_all(context, image_id, delete_time, session)
_image_property_delete_all(context, image_id, delete_time, session)
_image_member_delete_all(context, image_id, delete_time, session)
_image_tag_delete_all(context, image_id, delete_time, session)
return _normalize_locations(image_ref)
def _normalize_locations(image, force_show_deleted=False):
"""
Generate suitable dictionary list for locations field of image.
We don't need to set other data fields of location record which return
from image query.
"""
if force_show_deleted:
locations = image['locations']
else:
locations = filter(lambda x: not x.deleted, image['locations'])
image['locations'] = [{'id': loc['id'],
'url': loc['value'],
'metadata': loc['meta_data'],
'status': loc['status']}
for loc in locations]
return image
def _normalize_tags(image):
undeleted_tags = filter(lambda x: not x.deleted, image['tags'])
image['tags'] = [tag['value'] for tag in undeleted_tags]
return image
def image_get(context, image_id, session=None, force_show_deleted=False):
image = _image_get(context, image_id, session=session,
force_show_deleted=force_show_deleted)
image = _normalize_locations(image.to_dict(),
force_show_deleted=force_show_deleted)
return image
def _check_image_id(image_id):
"""
check if the given image id is valid before executing operations. For
now, we only check its length. The original purpose of this method is
wrapping the different behaviors between MySql and DB2 when the image id
length is longer than the defined length in database model.
:param image_id: The id of the image we want to check
:return: Raise NoFound exception if given image id is invalid
"""
if (image_id and
len(image_id) > models.Image.id.property.columns[0].type.length):
raise exception.NotFound()
def _image_get(context, image_id, session=None, force_show_deleted=False):
"""Get an image or raise if it does not exist."""
_check_image_id(image_id)
session = session or get_session()
try:
query = session.query(models.Image).options(
sa_orm.joinedload(models.Image.properties)).options(
sa_orm.joinedload(
models.Image.locations)).filter_by(id=image_id)
# filter out deleted images if context disallows it
if not force_show_deleted and not _can_show_deleted(context):
query = query.filter_by(deleted=False)
image = query.one()
except sa_orm.exc.NoResultFound:
msg = "No image found with ID %s" % image_id
LOG.debug(msg)
raise exception.NotFound(msg)
# Make sure they can look at it
if not is_image_visible(context, image):
msg = "Forbidding request, image %s not visible" % image_id
LOG.debug(msg)
raise exception.Forbidden(msg)
return image
def is_image_mutable(context, image):
"""Return True if the image is mutable in this context."""
# Is admin == image mutable
if context.is_admin:
return True
# No owner == image not mutable
if image['owner'] is None or context.owner is None:
return False
# Image only mutable by its owner
return image['owner'] == context.owner
def is_image_visible(context, image, status=None):
"""Return True if the image is visible in this context."""
# Is admin == image visible
if context.is_admin:
return True
# No owner == image visible
if image['owner'] is None:
return True
# Image is_public == image visible
if image['is_public']:
return True
# Perform tests based on whether we have an owner
if context.owner is not None:
if context.owner == image['owner']:
return True
# Figure out if this image is shared with that tenant
members = image_member_find(context,
image_id=image['id'],
member=context.owner,
status=status)
if members:
return True
# Private image
return False
def _paginate_query(query, model, limit, sort_keys, marker=None,
sort_dir=None, sort_dirs=None):
"""Returns a query with sorting / pagination criteria added.
Pagination works by requiring a unique sort_key, specified by sort_keys.
(If sort_keys is not unique, then we risk looping through values.)
We use the last row in the previous page as the 'marker' for pagination.
So we must return values that follow the passed marker in the order.
With a single-valued sort_key, this would be easy: sort_key > X.
With a compound-values sort_key, (k1, k2, k3) we must do this to repeat
the lexicographical ordering:
(k1 > X1) or (k1 == X1 && k2 > X2) or (k1 == X1 && k2 == X2 && k3 > X3)
We also have to cope with different sort_directions.
Typically, the id of the last row is used as the client-facing pagination
marker, then the actual marker object must be fetched from the db and
passed in to us as marker.
:param query: the query object to which we should add paging/sorting
:param model: the ORM model class
:param limit: maximum number of items to return
:param sort_keys: array of attributes by which results should be sorted
:param marker: the last item of the previous page; we returns the next
results after this value.
:param sort_dir: direction in which results should be sorted (asc, desc)
:param sort_dirs: per-column array of sort_dirs, corresponding to sort_keys
:rtype: sqlalchemy.orm.query.Query
:return: The query with sorting/pagination added.
"""
if 'id' not in sort_keys:
# TODO(justinsb): If this ever gives a false-positive, check
# the actual primary key, rather than assuming its id
LOG.warn(_LW('Id not in sort_keys; is sort_keys unique?'))
assert(not (sort_dir and sort_dirs))
# Default the sort direction to ascending
if sort_dirs is None and sort_dir is None:
sort_dir = 'asc'
# Ensure a per-column sort direction
if sort_dirs is None:
sort_dirs = [sort_dir for _sort_key in sort_keys]
assert(len(sort_dirs) == len(sort_keys))
# Add sorting
for current_sort_key, current_sort_dir in zip(sort_keys, sort_dirs):
sort_dir_func = {
'asc': sqlalchemy.asc,
'desc': sqlalchemy.desc,
}[current_sort_dir]
try:
sort_key_attr = getattr(model, current_sort_key)
except AttributeError:
raise exception.InvalidSortKey()
query = query.order_by(sort_dir_func(sort_key_attr))
default = '' # Default to an empty string if NULL
# Add pagination
if marker is not None:
marker_values = []
for sort_key in sort_keys:
v = getattr(marker, sort_key)
if v is None:
v = default
marker_values.append(v)
# Build up an array of sort criteria as in the docstring
criteria_list = []
for i in xrange(len(sort_keys)):
crit_attrs = []
for j in xrange(i):
model_attr = getattr(model, sort_keys[j])
default = None if isinstance(
model_attr.property.columns[0].type,
sqlalchemy.DateTime) else ''
attr = sa_sql.expression.case([(model_attr != None,
model_attr), ],
else_=default)
crit_attrs.append((attr == marker_values[j]))
model_attr = getattr(model, sort_keys[i])
default = None if isinstance(model_attr.property.columns[0].type,
sqlalchemy.DateTime) else ''
attr = sa_sql.expression.case([(model_attr != None,
model_attr), ],
else_=default)
if sort_dirs[i] == 'desc':
crit_attrs.append((attr < marker_values[i]))
elif sort_dirs[i] == 'asc':
crit_attrs.append((attr > marker_values[i]))
else:
raise ValueError(_("Unknown sort direction, "
"must be 'desc' or 'asc'"))
criteria = sa_sql.and_(*crit_attrs)
criteria_list.append(criteria)
f = sa_sql.or_(*criteria_list)
query = query.filter(f)
if limit is not None:
query = query.limit(limit)
return query
def _make_conditions_from_filters(filters, is_public=None):
# NOTE(venkatesh) make copy of the filters are to be altered in this
# method.
filters = filters.copy()
image_conditions = []
prop_conditions = []
tag_conditions = []
if is_public is not None:
image_conditions.append(models.Image.is_public == is_public)
if 'checksum' in filters:
checksum = filters.pop('checksum')
image_conditions.append(models.Image.checksum == checksum)
if 'is_public' in filters:
key = 'is_public'
value = filters.pop('is_public')
prop_filters = _make_image_property_condition(key=key, value=value)
prop_conditions.append(prop_filters)
for (k, v) in filters.pop('properties', {}).items():
prop_filters = _make_image_property_condition(key=k, value=v)
prop_conditions.append(prop_filters)
if 'changes-since' in filters:
# normalize timestamp to UTC, as sqlalchemy doesn't appear to
# respect timezone offsets
changes_since = timeutils.normalize_time(filters.pop('changes-since'))
image_conditions.append(models.Image.updated_at > changes_since)
if 'deleted' in filters:
deleted_filter = filters.pop('deleted')
image_conditions.append(models.Image.deleted == deleted_filter)
# TODO(bcwaldon): handle this logic in registry server
if not deleted_filter:
image_statuses = [s for s in STATUSES if s != 'killed']
image_conditions.append(models.Image.status.in_(image_statuses))
if 'tags' in filters:
tags = filters.pop('tags')
for tag in tags:
tag_filters = [models.ImageTag.deleted == False]
tag_filters.extend([models.ImageTag.value == tag])
tag_conditions.append(tag_filters)
filters = dict([(k, v) for k, v in filters.items() if v is not None])
for (k, v) in filters.items():
key = k
if k.endswith('_min') or k.endswith('_max'):
key = key[0:-4]
try:
v = int(filters.pop(k))
except ValueError:
msg = _("Unable to filter on a range "
"with a non-numeric value.")
raise exception.InvalidFilterRangeValue(msg)
if k.endswith('_min'):
image_conditions.append(getattr(models.Image, key) >= v)
if k.endswith('_max'):
image_conditions.append(getattr(models.Image, key) <= v)
for (k, v) in filters.items():
value = filters.pop(k)
if hasattr(models.Image, k):
image_conditions.append(getattr(models.Image, k) == value)
else:
prop_filters = _make_image_property_condition(key=k, value=value)
prop_conditions.append(prop_filters)
return image_conditions, prop_conditions, tag_conditions
def _make_image_property_condition(key, value):
prop_filters = [models.ImageProperty.deleted == False]
prop_filters.extend([models.ImageProperty.name == key])
prop_filters.extend([models.ImageProperty.value == value])
return prop_filters
def _select_images_query(context, image_conditions, admin_as_user,
member_status, visibility):
session = get_session()
img_conditional_clause = sa_sql.and_(*image_conditions)
regular_user = (not context.is_admin) or admin_as_user
query_member = session.query(models.Image).join(
models.Image.members).filter(img_conditional_clause)
if regular_user:
member_filters = [models.ImageMember.deleted == False]
if context.owner is not None:
member_filters.extend([models.ImageMember.member == context.owner])
if member_status != 'all':
member_filters.extend([
models.ImageMember.status == member_status])
query_member = query_member.filter(sa_sql.and_(*member_filters))
# NOTE(venkatesh) if the 'visibility' is set to 'shared', we just
# query the image members table. No union is required.
if visibility is not None and visibility == 'shared':
return query_member
query_image = session.query(models.Image).filter(img_conditional_clause)
if regular_user:
query_image = query_image.filter(models.Image.is_public == True)
query_image_owner = None
if context.owner is not None:
query_image_owner = session.query(models.Image).filter(
models.Image.owner == context.owner).filter(
img_conditional_clause)
if query_image_owner is not None:
query = query_image.union(query_image_owner, query_member)
else:
query = query_image.union(query_member)
return query
else:
# Admin user
return query_image
def image_get_all(context, filters=None, marker=None, limit=None,
sort_key=['created_at'], sort_dir='desc',
member_status='accepted', is_public=None,
admin_as_user=False, return_tag=False):
"""
Get all images that match zero or more filters.
:param filters: dict of filter keys and values. If a 'properties'
key is present, it is treated as a dict of key/value
filters on the image properties attribute
:param marker: image id after which to start page
:param limit: maximum number of images to return
:param sort_key: list of image attributes by which results should be sorted
:param sort_dir: direction in which results should be sorted (asc, desc)
:param member_status: only return shared images that have this membership
status
:param is_public: If true, return only public images. If false, return
only private and shared images.
:param admin_as_user: For backwards compatibility. If true, then return to
an admin the equivalent set of images which it would see
if it were a regular user
:param return_tag: To indicates whether image entry in result includes it
relevant tag entries. This could improve upper-layer
query performance, to prevent using separated calls
"""
filters = filters or {}
visibility = filters.pop('visibility', None)
showing_deleted = 'changes-since' in filters or filters.get('deleted',
False)
img_cond, prop_cond, tag_cond = _make_conditions_from_filters(
filters, is_public)
query = _select_images_query(context,
img_cond,
admin_as_user,
member_status,
visibility)
if visibility is not None:
if visibility == 'public':
query = query.filter(models.Image.is_public == True)
elif visibility == 'private':
query = query.filter(models.Image.is_public == False)
if prop_cond:
for prop_condition in prop_cond:
query = query.join(models.ImageProperty, aliased=True).filter(
sa_sql.and_(*prop_condition))
if tag_cond:
for tag_condition in tag_cond:
query = query.join(models.ImageTag, aliased=True).filter(
sa_sql.and_(*tag_condition))
marker_image = None
if marker is not None:
marker_image = _image_get(context,
marker,
force_show_deleted=showing_deleted)
for key in ['created_at', 'id']:
if key not in sort_key:
sort_key.append(key)
query = _paginate_query(query, models.Image, limit,
sort_key,
marker=marker_image,
sort_dir=sort_dir)
query = query.options(sa_orm.joinedload(
models.Image.properties)).options(
sa_orm.joinedload(models.Image.locations))
if return_tag:
query = query.options(sa_orm.joinedload(models.Image.tags))
images = []
for image in query.all():
image_dict = image.to_dict()
image_dict = _normalize_locations(image_dict,
force_show_deleted=showing_deleted)
if return_tag:
image_dict = _normalize_tags(image_dict)
images.append(image_dict)
return images
def _drop_protected_attrs(model_class, values):
"""
Removed protected attributes from values dictionary using the models
__protected_attributes__ field.
"""
for attr in model_class.__protected_attributes__:
if attr in values:
del values[attr]
def _image_get_disk_usage_by_owner(owner, session, image_id=None):
query = session.query(models.Image)
query = query.filter(models.Image.owner == owner)
if image_id is not None:
query = query.filter(models.Image.id != image_id)
query = query.filter(models.Image.size > 0)
query = query.filter(~models.Image.status.in_(['killed', 'deleted']))
images = query.all()
total = 0
for i in images:
locations = [l for l in i.locations if l['status'] != 'deleted']
total += (i.size * len(locations))
return total
def _validate_image(values):
"""
Validates the incoming data and raises a Invalid exception
if anything is out of order.
:param values: Mapping of image metadata to check
"""
status = values.get('status')
if not status:
msg = "Image status is required."
raise exception.Invalid(msg)
if status not in STATUSES:
msg = "Invalid image status '%s' for image." % status
raise exception.Invalid(msg)
return values
def _update_values(image_ref, values):
for k in values:
if getattr(image_ref, k) != values[k]:
setattr(image_ref, k, values[k])
@retry(retry_on_exception=_retry_on_deadlock, wait_fixed=500,
stop_max_attempt_number=50)
@utils.no_4byte_params
def _image_update(context, values, image_id, purge_props=False,
from_state=None):
"""
Used internally by image_create and image_update
:param context: Request context
:param values: A dict of attributes to set
:param image_id: If None, create the image, otherwise, find and update it
"""
# NOTE(jbresnah) values is altered in this so a copy is needed
values = values.copy()
session = get_session()
with session.begin():
# Remove the properties passed in the values mapping. We
# handle properties separately from base image attributes,
# and leaving properties in the values mapping will cause
# a SQLAlchemy model error because SQLAlchemy expects the
# properties attribute of an Image model to be a list and
# not a dict.
properties = values.pop('properties', {})
location_data = values.pop('locations', None)
new_status = values.get('status', None)
if image_id:
image_ref = _image_get(context, image_id, session=session)
current = image_ref.status
# Perform authorization check
_check_mutate_authorization(context, image_ref)
else:
if values.get('size') is not None:
values['size'] = int(values['size'])
if 'min_ram' in values:
values['min_ram'] = int(values['min_ram'] or 0)
if 'min_disk' in values:
values['min_disk'] = int(values['min_disk'] or 0)
values['is_public'] = bool(values.get('is_public', False))
values['protected'] = bool(values.get('protected', False))
image_ref = models.Image()
# Need to canonicalize ownership
if 'owner' in values and not values['owner']:
values['owner'] = None
if image_id:
# Don't drop created_at if we're passing it in...
_drop_protected_attrs(models.Image, values)
# NOTE(iccha-sethi): updated_at must be explicitly set in case
# only ImageProperty table was modifited
values['updated_at'] = timeutils.utcnow()
if image_id:
query = session.query(models.Image).filter_by(id=image_id)
if from_state:
query = query.filter_by(status=from_state)
if new_status:
_validate_image(values)
# Validate fields for Images table. This is similar to what is done
# for the query result update except that we need to do it prior
# in this case.
# TODO(dosaboy): replace this with a dict comprehension once py26
# support is deprecated.
keys = values.keys()
for k in keys:
if k not in image_ref.to_dict():
del values[k]
updated = query.update(values, synchronize_session='fetch')
if not updated:
msg = (_('cannot transition from %(current)s to '
'%(next)s in update (wanted '
'from_state=%(from)s)') %
{'current': current, 'next': new_status,
'from': from_state})
raise exception.Conflict(msg)
image_ref = _image_get(context, image_id, session=session)
else:
image_ref.update(values)
# Validate the attributes before we go any further. From my
# investigation, the @validates decorator does not validate
# on new records, only on existing records, which is, well,
# idiotic.
values = _validate_image(image_ref.to_dict())
_update_values(image_ref, values)
try:
image_ref.save(session=session)
except db_exception.DBDuplicateEntry:
raise exception.Duplicate("Image ID %s already exists!"
% values['id'])
_set_properties_for_image(context, image_ref, properties, purge_props,
session)
if location_data is not None:
_image_locations_set(context, image_ref.id, location_data,
session=session)
return image_get(context, image_ref.id)
@utils.no_4byte_params
def image_location_add(context, image_id, location, session=None):
deleted = location['status'] in ('deleted', 'pending_delete')
delete_time = timeutils.utcnow() if deleted else None
location_ref = models.ImageLocation(image_id=image_id,
value=location['url'],
meta_data=location['metadata'],
status=location['status'],
deleted=deleted,
deleted_at=delete_time)
session = session or get_session()
location_ref.save(session=session)
@utils.no_4byte_params
def image_location_update(context, image_id, location, session=None):
loc_id = location.get('id')
if loc_id is None:
msg = _("The location data has an invalid ID: %d") % loc_id
raise exception.Invalid(msg)
try:
session = session or get_session()
location_ref = session.query(models.ImageLocation).filter_by(
id=loc_id).filter_by(image_id=image_id).one()
deleted = location['status'] in ('deleted', 'pending_delete')
updated_time = timeutils.utcnow()
delete_time = updated_time if deleted else None
location_ref.update({"value": location['url'],
"meta_data": location['metadata'],
"status": location['status'],
"deleted": deleted,
"updated_at": updated_time,
"deleted_at": delete_time})
location_ref.save(session=session)
except sa_orm.exc.NoResultFound:
msg = (_("No location found with ID %(loc)s from image %(img)s") %
dict(loc=loc_id, img=image_id))
LOG.warn(msg)
raise exception.NotFound(msg)
def image_location_delete(context, image_id, location_id, status,
delete_time=None, session=None):
if status not in ('deleted', 'pending_delete'):
msg = _("The status of deleted image location can only be set to "
"'pending_delete' or 'deleted'")
raise exception.Invalid(msg)
try:
session = session or get_session()
location_ref = session.query(models.ImageLocation).filter_by(
id=location_id).filter_by(image_id=image_id).one()
delete_time = delete_time or timeutils.utcnow()
location_ref.update({"deleted": True,
"status": status,
"updated_at": delete_time,
"deleted_at": delete_time})
location_ref.save(session=session)
except sa_orm.exc.NoResultFound:
msg = (_("No location found with ID %(loc)s from image %(img)s") %
dict(loc=location_id, img=image_id))
LOG.warn(msg)
raise exception.NotFound(msg)
def _image_locations_set(context, image_id, locations, session=None):
# NOTE(zhiyan): 1. Remove records from DB for deleted locations
session = session or get_session()
query = session.query(models.ImageLocation).filter_by(
image_id=image_id).filter_by(
deleted=False).filter(~models.ImageLocation.id.in_(
[loc['id']
for loc in locations
if loc.get('id')]))
for loc_id in [loc_ref.id for loc_ref in query.all()]:
image_location_delete(context, image_id, loc_id, 'deleted',
session=session)
# NOTE(zhiyan): 2. Adding or update locations
for loc in locations:
if loc.get('id') is None:
image_location_add(context, image_id, loc, session=session)
else:
image_location_update(context, image_id, loc, session=session)
def _image_locations_delete_all(context, image_id,
delete_time=None, session=None):
"""Delete all image locations for given image"""
session = session or get_session()
location_refs = session.query(models.ImageLocation).filter_by(
image_id=image_id).filter_by(deleted=False).all()
for loc_id in [loc_ref.id for loc_ref in location_refs]:
image_location_delete(context, image_id, loc_id, 'deleted',
delete_time=delete_time, session=session)
@utils.no_4byte_params
def _set_properties_for_image(context, image_ref, properties,
purge_props=False, session=None):
"""
Create or update a set of image_properties for a given image
:param context: Request context
:param image_ref: An Image object
:param properties: A dict of properties to set
:param session: A SQLAlchemy session to use (if present)
"""
orig_properties = {}
for prop_ref in image_ref.properties:
orig_properties[prop_ref.name] = prop_ref
for name, value in six.iteritems(properties):
prop_values = {'image_id': image_ref.id,
'name': name,
'value': value}
if name in orig_properties:
prop_ref = orig_properties[name]
_image_property_update(context, prop_ref, prop_values,
session=session)
else:
image_property_create(context, prop_values, session=session)
if purge_props:
for key in orig_properties.keys():
if key not in properties:
prop_ref = orig_properties[key]
image_property_delete(context, prop_ref.name,
image_ref.id, session=session)
def _image_child_entry_delete_all(child_model_cls, image_id, delete_time=None,
session=None):
"""Deletes all the child entries for the given image id.
Deletes all the child entries of the given child entry ORM model class
using the parent image's id.
The child entry ORM model class can be one of the following:
model.ImageLocation, model.ImageProperty, model.ImageMember and
model.ImageTag.
:param child_model_cls: the ORM model class.
:param image_id: id of the image whose child entries are to be deleted.
:param delete_time: datetime of deletion to be set.
If None, uses current datetime.
:param session: A SQLAlchemy session to use (if present)
:rtype: int
:return: The number of child entries got soft-deleted.
"""
session = session or get_session()
query = session.query(child_model_cls).filter_by(
image_id=image_id).filter_by(deleted=False)
delete_time = delete_time or timeutils.utcnow()
count = query.update({"deleted": True, "deleted_at": delete_time})
return count
def image_property_create(context, values, session=None):
"""Create an ImageProperty object."""
prop_ref = models.ImageProperty()
prop = _image_property_update(context, prop_ref, values, session=session)
return prop.to_dict()
def _image_property_update(context, prop_ref, values, session=None):
"""
Used internally by image_property_create and image_property_update.
"""
_drop_protected_attrs(models.ImageProperty, values)
values["deleted"] = False
prop_ref.update(values)
prop_ref.save(session=session)
return prop_ref
def image_property_delete(context, prop_ref, image_ref, session=None):
"""
Used internally by image_property_create and image_property_update.
"""
session = session or get_session()
prop = session.query(models.ImageProperty).filter_by(image_id=image_ref,
name=prop_ref).one()
prop.delete(session=session)
return prop
def _image_property_delete_all(context, image_id, delete_time=None,
session=None):
"""Delete all image properties for given image"""
props_updated_count = _image_child_entry_delete_all(models.ImageProperty,
image_id,
delete_time,
session)
return props_updated_count
def image_member_create(context, values, session=None):
"""Create an ImageMember object."""
memb_ref = models.ImageMember()
_image_member_update(context, memb_ref, values, session=session)
return _image_member_format(memb_ref)
def _image_member_format(member_ref):
"""Format a member ref for consumption outside of this module."""
return {
'id': member_ref['id'],
'image_id': member_ref['image_id'],
'member': member_ref['member'],
'can_share': member_ref['can_share'],
'status': member_ref['status'],
'created_at': member_ref['created_at'],
'updated_at': member_ref['updated_at']
}
def image_member_update(context, memb_id, values):
"""Update an ImageMember object."""
session = get_session()
memb_ref = _image_member_get(context, memb_id, session)
_image_member_update(context, memb_ref, values, session)
return _image_member_format(memb_ref)
def _image_member_update(context, memb_ref, values, session=None):
"""Apply supplied dictionary of values to a Member object."""
_drop_protected_attrs(models.ImageMember, values)
values["deleted"] = False
values.setdefault('can_share', False)
memb_ref.update(values)
memb_ref.save(session=session)
return memb_ref
def image_member_delete(context, memb_id, session=None):
"""Delete an ImageMember object."""
session = session or get_session()
member_ref = _image_member_get(context, memb_id, session)
_image_member_delete(context, member_ref, session)
def _image_member_delete(context, memb_ref, session):
memb_ref.delete(session=session)
def _image_member_delete_all(context, image_id, delete_time=None,
session=None):
"""Delete all image members for given image"""
members_updated_count = _image_child_entry_delete_all(models.ImageMember,
image_id,
delete_time,
session)
return members_updated_count
def _image_member_get(context, memb_id, session):
"""Fetch an ImageMember entity by id."""
query = session.query(models.ImageMember)
query = query.filter_by(id=memb_id)
return query.one()
def image_member_find(context, image_id=None, member=None, status=None):
"""Find all members that meet the given criteria
:param image_id: identifier of image entity
:param member: tenant to which membership has been granted
"""
session = get_session()
members = _image_member_find(context, session, image_id, member, status)
return [_image_member_format(m) for m in members]
def _image_member_find(context, session, image_id=None,
member=None, status=None):
query = session.query(models.ImageMember)
query = query.filter_by(deleted=False)
if not context.is_admin:
query = query.join(models.Image)
filters = [
models.Image.owner == context.owner,
models.ImageMember.member == context.owner,
]
query = query.filter(sa_sql.or_(*filters))
if image_id is not None:
query = query.filter(models.ImageMember.image_id == image_id)
if member is not None:
query = query.filter(models.ImageMember.member == member)
if status is not None:
query = query.filter(models.ImageMember.status == status)
return query.all()
def image_member_count(context, image_id):
"""Return the number of image members for this image
:param image_id: identifier of image entity
"""
session = get_session()
if not image_id:
msg = _("Image id is required.")
raise exception.Invalid(msg)
query = session.query(models.ImageMember)
query = query.filter_by(deleted=False)
query = query.filter(models.ImageMember.image_id == str(image_id))
return query.count()
# pylint: disable-msg=C0111
def _can_show_deleted(context):
"""
Calculates whether to include deleted objects based on context.
Currently just looks for a flag called deleted in the context dict.
"""
if hasattr(context, 'show_deleted'):
return context.show_deleted
if not hasattr(context, 'get'):
return False
return context.get('deleted', False)
def image_tag_set_all(context, image_id, tags):
# NOTE(kragniz): tag ordering should match exactly what was provided, so a
# subsequent call to image_tag_get_all returns them in the correct order
session = get_session()
existing_tags = image_tag_get_all(context, image_id, session)
tags_created = []
for tag in tags:
if tag not in tags_created and tag not in existing_tags:
tags_created.append(tag)
image_tag_create(context, image_id, tag, session)
for tag in existing_tags:
if tag not in tags:
image_tag_delete(context, image_id, tag, session)
@utils.no_4byte_params
def image_tag_create(context, image_id, value, session=None):
"""Create an image tag."""
session = session or get_session()
tag_ref = models.ImageTag(image_id=image_id, value=value)
tag_ref.save(session=session)
return tag_ref['value']
def image_tag_delete(context, image_id, value, session=None):
"""Delete an image tag."""
_check_image_id(image_id)
session = session or get_session()
query = session.query(models.ImageTag).filter_by(
image_id=image_id).filter_by(
value=value).filter_by(deleted=False)
try:
tag_ref = query.one()
except sa_orm.exc.NoResultFound:
raise exception.NotFound()
tag_ref.delete(session=session)
def _image_tag_delete_all(context, image_id, delete_time=None, session=None):
"""Delete all image tags for given image"""
tags_updated_count = _image_child_entry_delete_all(models.ImageTag,
image_id,
delete_time,
session)
return tags_updated_count
def image_tag_get_all(context, image_id, session=None):
"""Get a list of tags for a specific image."""
_check_image_id(image_id)
session = session or get_session()
tags = session.query(models.ImageTag.value).filter_by(
image_id=image_id).filter_by(deleted=False).all()
return [tag[0] for tag in tags]
def user_get_storage_usage(context, owner_id, image_id=None, session=None):
_check_image_id(image_id)
session = session or get_session()
total_size = _image_get_disk_usage_by_owner(
owner_id, session, image_id=image_id)
return total_size
def _task_info_format(task_info_ref):
"""Format a task info ref for consumption outside of this module"""
if task_info_ref is None:
return {}
return {
'task_id': task_info_ref['task_id'],
'input': task_info_ref['input'],
'result': task_info_ref['result'],
'message': task_info_ref['message'],
}
def _task_info_create(context, task_id, values, session=None):
"""Create an TaskInfo object"""
session = session or get_session()
task_info_ref = models.TaskInfo()
task_info_ref.task_id = task_id
task_info_ref.update(values)
task_info_ref.save(session=session)
return _task_info_format(task_info_ref)
def _task_info_update(context, task_id, values, session=None):
"""Update an TaskInfo object"""
session = session or get_session()
task_info_ref = _task_info_get(context, task_id, session=session)
if task_info_ref:
task_info_ref.update(values)
task_info_ref.save(session=session)
return _task_info_format(task_info_ref)
def _task_info_get(context, task_id, session=None):
"""Fetch an TaskInfo entity by task_id"""
session = session or get_session()
query = session.query(models.TaskInfo)
query = query.filter_by(task_id=task_id)
try:
task_info_ref = query.one()
except sa_orm.exc.NoResultFound:
msg = ("TaskInfo was not found for task with id %(task_id)s" %
{'task_id': task_id})
LOG.debug(msg)
task_info_ref = None
return task_info_ref
def task_create(context, values, session=None):
"""Create a task object"""
values = values.copy()
session = session or get_session()
with session.begin():
task_info_values = _pop_task_info_values(values)
task_ref = models.Task()
_task_update(context, task_ref, values, session=session)
_task_info_create(context,
task_ref.id,
task_info_values,
session=session)
return task_get(context, task_ref.id, session)
def _pop_task_info_values(values):
task_info_values = {}
for k, v in values.items():
if k in ['input', 'result', 'message']:
values.pop(k)
task_info_values[k] = v
return task_info_values
def task_update(context, task_id, values, session=None):
"""Update a task object"""
session = session or get_session()
with session.begin():
task_info_values = _pop_task_info_values(values)
task_ref = _task_get(context, task_id, session)
_drop_protected_attrs(models.Task, values)
values['updated_at'] = timeutils.utcnow()
_task_update(context, task_ref, values, session)
if task_info_values:
_task_info_update(context,
task_id,
task_info_values,
session)
return task_get(context, task_id, session)
def task_get(context, task_id, session=None, force_show_deleted=False):
"""Fetch a task entity by id"""
task_ref = _task_get(context, task_id, session=session,
force_show_deleted=force_show_deleted)
return _task_format(task_ref, task_ref.info)
def task_delete(context, task_id, session=None):
"""Delete a task"""
session = session or get_session()
task_ref = _task_get(context, task_id, session=session)
task_ref.delete(session=session)
return _task_format(task_ref, task_ref.info)
def task_get_all(context, filters=None, marker=None, limit=None,
sort_key='created_at', sort_dir='desc', admin_as_user=False):
"""
Get all tasks that match zero or more filters.
:param filters: dict of filter keys and values.
:param marker: task id after which to start page
:param limit: maximum number of tasks to return
:param sort_key: task attribute by which results should be sorted
:param sort_dir: direction in which results should be sorted (asc, desc)
:param admin_as_user: For backwards compatibility. If true, then return to
an admin the equivalent set of tasks which it would see
if it were a regular user
:return: tasks set
"""
filters = filters or {}
session = get_session()
query = session.query(models.Task)
if (not (context.is_admin or admin_as_user == True)
and context.owner is not None):
query = query.filter(models.Task.owner == context.owner)
showing_deleted = False
if 'deleted' in filters:
deleted_filter = filters.pop('deleted')
query = query.filter_by(deleted=deleted_filter)
showing_deleted = deleted_filter
for (k, v) in filters.items():
if v is not None:
key = k
if hasattr(models.Task, key):
query = query.filter(getattr(models.Task, key) == v)
marker_task = None
if marker is not None:
marker_task = _task_get(context, marker,
force_show_deleted=showing_deleted)
sort_keys = ['created_at', 'id']
if sort_key not in sort_keys:
sort_keys.insert(0, sort_key)
query = _paginate_query(query, models.Task, limit,
sort_keys,
marker=marker_task,
sort_dir=sort_dir)
task_refs = query.all()
tasks = []
for task_ref in task_refs:
tasks.append(_task_format(task_ref, task_info_ref=None))
return tasks
def _is_task_visible(context, task):
"""Return True if the task is visible in this context."""
# Is admin == task visible
if context.is_admin:
return True
# No owner == task visible
if task['owner'] is None:
return True
# Perform tests based on whether we have an owner
if context.owner is not None:
if context.owner == task['owner']:
return True
return False
def _task_get(context, task_id, session=None, force_show_deleted=False):
"""Fetch a task entity by id"""
session = session or get_session()
query = session.query(models.Task).options(
sa_orm.joinedload(models.Task.info)
).filter_by(id=task_id)
if not force_show_deleted and not _can_show_deleted(context):
query = query.filter_by(deleted=False)
try:
task_ref = query.one()
except sa_orm.exc.NoResultFound:
msg = "No task found with ID %s" % task_id
LOG.debug(msg)
raise exception.TaskNotFound(task_id=task_id)
# Make sure the task is visible
if not _is_task_visible(context, task_ref):
msg = "Forbidding request, task %s is not visible" % task_id
LOG.debug(msg)
raise exception.Forbidden(msg)
return task_ref
def _task_update(context, task_ref, values, session=None):
"""Apply supplied dictionary of values to a task object."""
values["deleted"] = False
task_ref.update(values)
task_ref.save(session=session)
return task_ref
def _task_format(task_ref, task_info_ref=None):
"""Format a task ref for consumption outside of this module"""
task_dict = {
'id': task_ref['id'],
'type': task_ref['type'],
'status': task_ref['status'],
'owner': task_ref['owner'],
'expires_at': task_ref['expires_at'],
'created_at': task_ref['created_at'],
'updated_at': task_ref['updated_at'],
'deleted_at': task_ref['deleted_at'],
'deleted': task_ref['deleted']
}
if task_info_ref:
task_info_dict = {
'input': task_info_ref['input'],
'result': task_info_ref['result'],
'message': task_info_ref['message'],
}
task_dict.update(task_info_dict)
return task_dict
def metadef_namespace_get_all(context, marker=None, limit=None, sort_key=None,
sort_dir=None, filters=None, session=None):
"""List all available namespaces."""
session = session or get_session()
namespaces = metadef_namespace_api.get_all(
context, session, marker, limit, sort_key, sort_dir, filters)
return namespaces
def metadef_namespace_get(context, namespace_name, session=None):
"""Get a namespace or raise if it does not exist or is not visible."""
session = session or get_session()
return metadef_namespace_api.get(
context, namespace_name, session)
def metadef_namespace_create(context, values, session=None):
"""Create a namespace or raise if it already exists."""
session = session or get_session()
return metadef_namespace_api.create(context, values, session)
def metadef_namespace_update(context, namespace_id, namespace_dict,
session=None):
"""Update a namespace or raise if it does not exist or not visible"""
session = session or get_session()
return metadef_namespace_api.\
update(context, namespace_id, namespace_dict, session)
def metadef_namespace_delete(context, namespace_name, session=None):
"""Delete the namespace and all foreign references"""
session = session or get_session()
return metadef_namespace_api.delete_cascade(
context, namespace_name, session)
def metadef_object_get_all(context, namespace_name, session=None):
"""Get a metadata-schema object or raise if it does not exist."""
session = session or get_session()
return metadef_object_api.get_all(
context, namespace_name, session)
def metadef_object_get(context, namespace_name, object_name, session=None):
"""Get a metadata-schema object or raise if it does not exist."""
session = session or get_session()
return metadef_object_api.get(
context, namespace_name, object_name, session)
def metadef_object_create(context, namespace_name, object_dict,
session=None):
"""Create a metadata-schema object or raise if it already exists."""
session = session or get_session()
return metadef_object_api.create(
context, namespace_name, object_dict, session)
def metadef_object_update(context, namespace_name, object_id, object_dict,
session=None):
"""Update an object or raise if it does not exist or not visible."""
session = session or get_session()
return metadef_object_api.update(
context, namespace_name, object_id, object_dict, session)
def metadef_object_delete(context, namespace_name, object_name,
session=None):
"""Delete an object or raise if namespace or object doesn't exist."""
session = session or get_session()
return metadef_object_api.delete(
context, namespace_name, object_name, session)
def metadef_object_delete_namespace_content(
context, namespace_name, session=None):
"""Delete an object or raise if namespace or object doesn't exist."""
session = session or get_session()
return metadef_object_api.delete_by_namespace_name(
context, namespace_name, session)
def metadef_object_count(context, namespace_name, session=None):
"""Get count of properties for a namespace, raise if ns doesn't exist."""
session = session or get_session()
return metadef_object_api.count(context, namespace_name, session)
def metadef_property_get_all(context, namespace_name, session=None):
"""Get a metadef property or raise if it does not exist."""
session = session or get_session()
return metadef_property_api.get_all(context, namespace_name, session)
def metadef_property_get(context, namespace_name,
property_name, session=None):
"""Get a metadef property or raise if it does not exist."""
session = session or get_session()
return metadef_property_api.get(
context, namespace_name, property_name, session)
def metadef_property_create(context, namespace_name, property_dict,
session=None):
"""Create a metadef property or raise if it already exists."""
session = session or get_session()
return metadef_property_api.create(
context, namespace_name, property_dict, session)
def metadef_property_update(context, namespace_name, property_id,
property_dict, session=None):
"""Update an object or raise if it does not exist or not visible."""
session = session or get_session()
return metadef_property_api.update(
context, namespace_name, property_id, property_dict, session)
def metadef_property_delete(context, namespace_name, property_name,
session=None):
"""Delete a property or raise if it or namespace doesn't exist."""
session = session or get_session()
return metadef_property_api.delete(
context, namespace_name, property_name, session)
def metadef_property_delete_namespace_content(
context, namespace_name, session=None):
"""Delete a property or raise if it or namespace doesn't exist."""
session = session or get_session()
return metadef_property_api.delete_by_namespace_name(
context, namespace_name, session)
def metadef_property_count(context, namespace_name, session=None):
"""Get count of properties for a namespace, raise if ns doesn't exist."""
session = session or get_session()
return metadef_property_api.count(context, namespace_name, session)
def metadef_resource_type_create(context, values, session=None):
"""Create a resource_type"""
session = session or get_session()
return metadef_resource_type_api.create(
context, values, session)
def metadef_resource_type_get(context, resource_type_name, session=None):
"""Get a resource_type"""
session = session or get_session()
return metadef_resource_type_api.get(
context, resource_type_name, session)
def metadef_resource_type_get_all(context, session=None):
"""list all resource_types"""
session = session or get_session()
return metadef_resource_type_api.get_all(context, session)
def metadef_resource_type_delete(context, resource_type_name, session=None):
"""Get a resource_type"""
session = session or get_session()
return metadef_resource_type_api.delete(
context, resource_type_name, session)
def metadef_resource_type_association_get(
context, namespace_name, resource_type_name, session=None):
session = session or get_session()
return metadef_association_api.get(
context, namespace_name, resource_type_name, session)
def metadef_resource_type_association_create(
context, namespace_name, values, session=None):
session = session or get_session()
return metadef_association_api.create(
context, namespace_name, values, session)
def metadef_resource_type_association_delete(
context, namespace_name, resource_type_name, session=None):
session = session or get_session()
return metadef_association_api.delete(
context, namespace_name, resource_type_name, session)
def metadef_resource_type_association_get_all_by_namespace(
context, namespace_name, session=None):
session = session or get_session()
return metadef_association_api.\
get_all_by_namespace(context, namespace_name, session)