237 lines
9.1 KiB
Python
237 lines
9.1 KiB
Python
# Copyright 2011 OpenStack Foundation
|
|
# All Rights Reserved.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
|
|
from oslo.utils import strutils
|
|
import six.moves.urllib.parse as urlparse
|
|
import webob
|
|
|
|
from nova.api.openstack import extensions
|
|
from nova.api.openstack import wsgi
|
|
import nova.context
|
|
from nova import exception
|
|
from nova.i18n import _
|
|
from nova import objects
|
|
from nova import quota
|
|
from nova import utils
|
|
|
|
|
|
QUOTAS = quota.QUOTAS
|
|
NON_QUOTA_KEYS = ['tenant_id', 'id', 'force']
|
|
|
|
# Quotas that are only enabled by specific extensions
|
|
EXTENDED_QUOTAS = {'server_groups': 'os-server-group-quotas',
|
|
'server_group_members': 'os-server-group-quotas'}
|
|
|
|
authorize_update = extensions.extension_authorizer('compute', 'quotas:update')
|
|
authorize_show = extensions.extension_authorizer('compute', 'quotas:show')
|
|
authorize_delete = extensions.extension_authorizer('compute', 'quotas:delete')
|
|
|
|
|
|
class QuotaSetsController(wsgi.Controller):
|
|
|
|
supported_quotas = []
|
|
|
|
def __init__(self, ext_mgr):
|
|
self.ext_mgr = ext_mgr
|
|
self.supported_quotas = QUOTAS.resources
|
|
for resource, extension in EXTENDED_QUOTAS.items():
|
|
if not self.ext_mgr.is_loaded(extension):
|
|
self.supported_quotas.remove(resource)
|
|
|
|
def _format_quota_set(self, project_id, quota_set):
|
|
"""Convert the quota object to a result dict."""
|
|
|
|
if project_id:
|
|
result = dict(id=str(project_id))
|
|
else:
|
|
result = {}
|
|
|
|
for resource in self.supported_quotas:
|
|
if resource in quota_set:
|
|
result[resource] = quota_set[resource]
|
|
|
|
return dict(quota_set=result)
|
|
|
|
def _validate_quota_limit(self, resource, limit, minimum, maximum):
|
|
# NOTE: -1 is a flag value for unlimited
|
|
if limit < -1:
|
|
msg = (_("Quota limit %(limit)s for %(resource)s "
|
|
"must be -1 or greater.") %
|
|
{'limit': limit, 'resource': resource})
|
|
raise webob.exc.HTTPBadRequest(explanation=msg)
|
|
|
|
def conv_inf(value):
|
|
return float("inf") if value == -1 else value
|
|
|
|
if conv_inf(limit) < conv_inf(minimum):
|
|
msg = (_("Quota limit %(limit)s for %(resource)s must "
|
|
"be greater than or equal to already used and "
|
|
"reserved %(minimum)s.") %
|
|
{'limit': limit, 'resource': resource, 'minimum': minimum})
|
|
raise webob.exc.HTTPBadRequest(explanation=msg)
|
|
if conv_inf(limit) > conv_inf(maximum):
|
|
msg = (_("Quota limit %(limit)s for %(resource)s must be "
|
|
"less than or equal to %(maximum)s.") %
|
|
{'limit': limit, 'resource': resource, 'maximum': maximum})
|
|
raise webob.exc.HTTPBadRequest(explanation=msg)
|
|
|
|
def _get_quotas(self, context, id, user_id=None, usages=False):
|
|
if user_id:
|
|
values = QUOTAS.get_user_quotas(context, id, user_id,
|
|
usages=usages)
|
|
else:
|
|
values = QUOTAS.get_project_quotas(context, id, usages=usages)
|
|
|
|
if usages:
|
|
return values
|
|
else:
|
|
return dict((k, v['limit']) for k, v in values.items())
|
|
|
|
def show(self, req, id):
|
|
context = req.environ['nova.context']
|
|
authorize_show(context)
|
|
params = urlparse.parse_qs(req.environ.get('QUERY_STRING', ''))
|
|
user_id = None
|
|
if self.ext_mgr.is_loaded('os-user-quotas'):
|
|
user_id = params.get('user_id', [None])[0]
|
|
try:
|
|
nova.context.authorize_project_context(context, id)
|
|
return self._format_quota_set(id,
|
|
self._get_quotas(context, id, user_id=user_id))
|
|
except exception.Forbidden:
|
|
raise webob.exc.HTTPForbidden()
|
|
|
|
def update(self, req, id, body):
|
|
context = req.environ['nova.context']
|
|
authorize_update(context)
|
|
project_id = id
|
|
|
|
bad_keys = []
|
|
|
|
# By default, we can force update the quota if the extended
|
|
# is not loaded
|
|
force_update = True
|
|
extended_loaded = False
|
|
if self.ext_mgr.is_loaded('os-extended-quotas'):
|
|
# force optional has been enabled, the default value of
|
|
# force_update need to be changed to False
|
|
extended_loaded = True
|
|
force_update = False
|
|
|
|
user_id = None
|
|
if self.ext_mgr.is_loaded('os-user-quotas'):
|
|
# Update user quotas only if the extended is loaded
|
|
params = urlparse.parse_qs(req.environ.get('QUERY_STRING', ''))
|
|
user_id = params.get('user_id', [None])[0]
|
|
|
|
try:
|
|
settable_quotas = QUOTAS.get_settable_quotas(context, project_id,
|
|
user_id=user_id)
|
|
except exception.Forbidden:
|
|
raise webob.exc.HTTPForbidden()
|
|
|
|
if not self.is_valid_body(body, 'quota_set'):
|
|
msg = _("quota_set not specified")
|
|
raise webob.exc.HTTPBadRequest(explanation=msg)
|
|
quota_set = body['quota_set']
|
|
|
|
for key, value in quota_set.items():
|
|
if (key not in self.supported_quotas
|
|
and key not in NON_QUOTA_KEYS):
|
|
bad_keys.append(key)
|
|
continue
|
|
if key == 'force' and extended_loaded:
|
|
# only check the force optional when the extended has
|
|
# been loaded
|
|
force_update = strutils.bool_from_string(value)
|
|
elif key not in NON_QUOTA_KEYS and value:
|
|
try:
|
|
value = utils.validate_integer(value, key)
|
|
except exception.InvalidInput as e:
|
|
raise webob.exc.HTTPBadRequest(
|
|
explanation=e.format_message())
|
|
|
|
if bad_keys:
|
|
msg = _("Bad key(s) %s in quota_set") % ",".join(bad_keys)
|
|
raise webob.exc.HTTPBadRequest(explanation=msg)
|
|
|
|
for key, value in quota_set.items():
|
|
if key in NON_QUOTA_KEYS or (not value and value != 0):
|
|
continue
|
|
# validate whether already used and reserved exceeds the new
|
|
# quota, this check will be ignored if admin want to force
|
|
# update
|
|
value = int(value)
|
|
if not force_update:
|
|
minimum = settable_quotas[key]['minimum']
|
|
maximum = settable_quotas[key]['maximum']
|
|
self._validate_quota_limit(key, value, minimum, maximum)
|
|
|
|
try:
|
|
objects.Quotas.create_limit(context, project_id,
|
|
key, value, user_id=user_id)
|
|
except exception.QuotaExists:
|
|
objects.Quotas.update_limit(context, project_id,
|
|
key, value, user_id=user_id)
|
|
except exception.AdminRequired:
|
|
raise webob.exc.HTTPForbidden()
|
|
values = self._get_quotas(context, id, user_id=user_id)
|
|
return self._format_quota_set(None, values)
|
|
|
|
def defaults(self, req, id):
|
|
context = req.environ['nova.context']
|
|
authorize_show(context)
|
|
values = QUOTAS.get_defaults(context)
|
|
return self._format_quota_set(id, values)
|
|
|
|
def delete(self, req, id):
|
|
if self.ext_mgr.is_loaded('os-extended-quotas'):
|
|
context = req.environ['nova.context']
|
|
authorize_delete(context)
|
|
params = urlparse.parse_qs(req.environ.get('QUERY_STRING', ''))
|
|
user_id = params.get('user_id', [None])[0]
|
|
if user_id and not self.ext_mgr.is_loaded('os-user-quotas'):
|
|
raise webob.exc.HTTPNotFound()
|
|
try:
|
|
nova.context.authorize_project_context(context, id)
|
|
if user_id:
|
|
QUOTAS.destroy_all_by_project_and_user(context,
|
|
id, user_id)
|
|
else:
|
|
QUOTAS.destroy_all_by_project(context, id)
|
|
return webob.Response(status_int=202)
|
|
except exception.Forbidden:
|
|
raise webob.exc.HTTPForbidden()
|
|
raise webob.exc.HTTPNotFound()
|
|
|
|
|
|
class Quotas(extensions.ExtensionDescriptor):
|
|
"""Quotas management support."""
|
|
|
|
name = "Quotas"
|
|
alias = "os-quota-sets"
|
|
namespace = "http://docs.openstack.org/compute/ext/quotas-sets/api/v1.1"
|
|
updated = "2011-08-08T00:00:00Z"
|
|
|
|
def get_resources(self):
|
|
resources = []
|
|
|
|
res = extensions.ResourceExtension('os-quota-sets',
|
|
QuotaSetsController(self.ext_mgr),
|
|
member_actions={'defaults': 'GET'})
|
|
resources.append(res)
|
|
|
|
return resources
|