# Copyright 2013 NetApp # Copyright 2015 EMC Corporation. # All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations # under the License. """The share snapshots api.""" from http import client as http_client from oslo_log import log import webob from webob import exc from manila.api import common from manila.api.openstack import api_version_request as api_version from manila.api.openstack import wsgi from manila.api.v1 import share_snapshots from manila.api.views import share_snapshots as snapshot_views from manila.common import constants from manila.db import api as db_api from manila import exception from manila.i18n import _ from manila import share LOG = log.getLogger(__name__) class ShareSnapshotsController(share_snapshots.ShareSnapshotMixin, wsgi.Controller, wsgi.AdminActionsMixin): """The Share Snapshots API V2 controller for the OpenStack API.""" resource_name = 'share_snapshot' _view_builder_class = snapshot_views.ViewBuilder def __init__(self): super(ShareSnapshotsController, self).__init__() self.share_api = share.API() @wsgi.Controller.authorize('unmanage_snapshot') def _unmanage(self, req, id, body=None, allow_dhss_true=False): """Unmanage a share snapshot.""" context = req.environ['manila.context'] LOG.info("Unmanage share snapshot with id: %s.", id) try: snapshot = self.share_api.get_snapshot(context, id) share = self.share_api.get(context, snapshot['share_id']) if not allow_dhss_true and share.get('share_server_id'): msg = _("Operation 'unmanage_snapshot' is not supported for " "snapshots of shares that are created with share" " servers (created with share-networks).") raise exc.HTTPForbidden(explanation=msg) elif share.get('has_replicas'): msg = _("Share %s has replicas. Snapshots of this share " "cannot currently be unmanaged until all replicas " "are removed.") % share['id'] raise exc.HTTPConflict(explanation=msg) elif snapshot['status'] in constants.TRANSITIONAL_STATUSES: msg = _("Snapshot with transitional state cannot be " "unmanaged. Snapshot '%(s_id)s' is in '%(state)s' " "state.") % {'state': snapshot['status'], 's_id': snapshot['id']} raise exc.HTTPForbidden(explanation=msg) self.share_api.unmanage_snapshot(context, snapshot, share['host']) except (exception.ShareSnapshotNotFound, exception.ShareNotFound) as e: raise exc.HTTPNotFound(explanation=e.msg) return webob.Response(status_int=http_client.ACCEPTED) @wsgi.Controller.authorize('manage_snapshot') def _manage(self, req, body): """Instruct Manila to manage an existing snapshot. Required HTTP Body: .. code-block:: json { "snapshot": { "share_id": , "provider_location": } } Optional elements in 'snapshot' are: name A name for the new snapshot. description A description for the new snapshot. driver_options Driver specific dicts for the existing snapshot. """ context = req.environ['manila.context'] snapshot_data = self._validate_manage_parameters(context, body) # NOTE(vponomaryov): compatibility actions are required between API and # DB layers for 'name' and 'description' API params that are # represented in DB as 'display_name' and 'display_description' # appropriately. name = snapshot_data.get('display_name', snapshot_data.get('name')) description = snapshot_data.get( 'display_description', snapshot_data.get('description')) share_id = snapshot_data['share_id'] snapshot = { 'share_id': share_id, 'provider_location': snapshot_data['provider_location'], 'display_name': name, 'display_description': description, } try: share_ref = self.share_api.get(context, share_id) except exception.NotFound: raise exception.ShareNotFound(share_id=share_id) if share_ref.get('is_soft_deleted'): msg = _("Can not manage snapshot for share '%s' " "since it has been soft deleted.") % share_id raise exc.HTTPForbidden(explanation=msg) driver_options = snapshot_data.get('driver_options', {}) try: snapshot_ref = self.share_api.manage_snapshot(context, snapshot, driver_options, share=share_ref) except (exception.ShareNotFound, exception.ShareSnapshotNotFound) as e: raise exc.HTTPNotFound(explanation=e.msg) except (exception.InvalidShare, exception.ManageInvalidShareSnapshot) as e: raise exc.HTTPConflict(explanation=e.msg) return self._view_builder.detail(req, snapshot_ref) def _validate_manage_parameters(self, context, body): if not (body and self.is_valid_body(body, 'snapshot')): msg = _("Snapshot entity not found in request body.") raise exc.HTTPUnprocessableEntity(explanation=msg) data = body['snapshot'] required_parameters = ('share_id', 'provider_location') self._validate_parameters(data, required_parameters) return data def _validate_parameters(self, data, required_parameters, fix_response=False): if fix_response: exc_response = exc.HTTPBadRequest else: exc_response = exc.HTTPUnprocessableEntity for parameter in required_parameters: if parameter not in data: msg = _("Required parameter %s not found.") % parameter raise exc_response(explanation=msg) if not data.get(parameter): msg = _("Required parameter %s is empty.") % parameter raise exc_response(explanation=msg) if not isinstance(data[parameter], str): msg = _("Parameter %s must be a string.") % parameter raise exc_response(explanation=msg) def _check_if_share_share_network_is_active(self, context, snapshot): share_network_id = snapshot['share'].get('share_network_id') if share_network_id: share_network = db_api.share_network_get( context, share_network_id) common.check_share_network_is_active(share_network) def _allow(self, req, id, body, enable_ipv6=False): context = req.environ['manila.context'] if not (body and self.is_valid_body(body, 'allow_access')): msg = _("Access data not found in request body.") raise exc.HTTPBadRequest(explanation=msg) access_data = body.get('allow_access') required_parameters = ('access_type', 'access_to') self._validate_parameters(access_data, required_parameters, fix_response=True) access_type = access_data['access_type'] access_to = access_data['access_to'] common.validate_access(access_type=access_type, access_to=access_to, enable_ipv6=enable_ipv6) snapshot = self.share_api.get_snapshot(context, id) self._check_if_share_share_network_is_active(context, snapshot) self._check_mount_snapshot_support(context, snapshot) try: access = self.share_api.snapshot_allow_access( context, snapshot, access_type, access_to) except exception.ShareSnapshotAccessExists as e: raise webob.exc.HTTPBadRequest(explanation=e.msg) return self._view_builder.detail_access(req, access) def _deny(self, req, id, body): context = req.environ['manila.context'] if not (body and self.is_valid_body(body, 'deny_access')): msg = _("Access data not found in request body.") raise exc.HTTPBadRequest(explanation=msg) access_data = body.get('deny_access') self._validate_parameters( access_data, ('access_id',), fix_response=True) access_id = access_data['access_id'] snapshot = self.share_api.get_snapshot(context, id) self._check_mount_snapshot_support(context, snapshot) self._check_if_share_share_network_is_active(context, snapshot) access = self.share_api.snapshot_access_get(context, access_id) if access['share_snapshot_id'] != snapshot['id']: msg = _("Access rule provided is not associated with given" " snapshot.") raise webob.exc.HTTPBadRequest(explanation=msg) self.share_api.snapshot_deny_access(context, snapshot, access) return webob.Response(status_int=http_client.ACCEPTED) def _check_mount_snapshot_support(self, context, snapshot): share = self.share_api.get(context, snapshot['share_id']) if not share['mount_snapshot_support']: msg = _("Cannot control access to the snapshot %(snap)s since the " "parent share %(share)s does not support mounting its " "snapshots.") % {'snap': snapshot['id'], 'share': share['id']} raise exc.HTTPBadRequest(explanation=msg) def _access_list(self, req, snapshot_id): context = req.environ['manila.context'] snapshot = self.share_api.get_snapshot(context, snapshot_id) self._check_mount_snapshot_support(context, snapshot) access_list = self.share_api.snapshot_access_get_all(context, snapshot) return self._view_builder.detail_list_access(req, access_list) @wsgi.Controller.api_version('2.0', '2.6') @wsgi.action('os-reset_status') def snapshot_reset_status_legacy(self, req, id, body): return self._reset_status(req, id, body) @wsgi.Controller.api_version('2.7') @wsgi.action('reset_status') def snapshot_reset_status(self, req, id, body): return self._reset_status(req, id, body) @wsgi.Controller.api_version('2.0', '2.6') @wsgi.action('os-force_delete') def snapshot_force_delete_legacy(self, req, id, body): return self._force_delete(req, id, body) @wsgi.Controller.api_version('2.7') @wsgi.action('force_delete') def snapshot_force_delete(self, req, id, body): return self._force_delete(req, id, body) @wsgi.Controller.api_version('2.12') @wsgi.response(202) def manage(self, req, body): return self._manage(req, body) @wsgi.Controller.api_version('2.12', '2.48') @wsgi.action('unmanage') def unmanage(self, req, id, body=None): return self._unmanage(req, id, body) @wsgi.Controller.api_version('2.49') # noqa @wsgi.action('unmanage') def unmanage(self, req, id, # pylint: disable=function-redefined # noqa F811 body=None): return self._unmanage(req, id, body, allow_dhss_true=True) @wsgi.Controller.api_version('2.32') @wsgi.action('allow_access') @wsgi.response(202) @wsgi.Controller.authorize def allow_access(self, req, id, body=None): enable_ipv6 = False if req.api_version_request >= api_version.APIVersionRequest("2.38"): enable_ipv6 = True return self._allow(req, id, body, enable_ipv6) @wsgi.Controller.api_version('2.32') @wsgi.action('deny_access') @wsgi.Controller.authorize def deny_access(self, req, id, body=None): return self._deny(req, id, body) @wsgi.Controller.api_version('2.32') @wsgi.Controller.authorize def access_list(self, req, snapshot_id): return self._access_list(req, snapshot_id) @wsgi.Controller.api_version("2.0") def index(self, req): """Returns a summary list of shares.""" if req.api_version_request < api_version.APIVersionRequest("2.36"): req.GET.pop('name~', None) req.GET.pop('description~', None) req.GET.pop('description', None) return self._get_snapshots(req, is_detail=False) @wsgi.Controller.api_version("2.0") def detail(self, req): """Returns a detailed list of shares.""" if req.api_version_request < api_version.APIVersionRequest("2.36"): req.GET.pop('name~', None) req.GET.pop('description~', None) req.GET.pop('description', None) return self._get_snapshots(req, is_detail=True) def create_resource(): return wsgi.Resource(ShareSnapshotsController())