source: trunk/packages/invirt-web/code/validation.py @ 2040

Last change on this file since 2040 was 2022, checked in by broder, 16 years ago

Don't assume that the user creating a VM has a locker with the same
name.

This isn't true, for example, for people using root instance tickets
with SPNEGO

File size: 12.0 KB
Line 
1#!/usr/bin/python
2
3import cache_acls
4import getafsgroups
5import re
6import string
7import dns.resolver
8from invirt.database import Machine, NIC, Type, Disk, CDROM, Autoinstall
9from invirt.config import structs as config
10from invirt.common import InvalidInput
11
12MAX_MEMORY_TOTAL = 512
13MAX_MEMORY_SINGLE = 512
14MIN_MEMORY_SINGLE = 16
15MAX_DISK_TOTAL = 50
16MAX_DISK_SINGLE = 50
17MIN_DISK_SINGLE = 0.1
18MAX_VMS_TOTAL = 10
19MAX_VMS_ACTIVE = 4
20
21class Validate:
22    def __init__(self, username, state, machine_id=None, name=None, description=None, owner=None,
23                 admin=None, contact=None, memory=None, disksize=None,
24                 vmtype=None, cdrom=None, autoinstall=None, strict=False):
25        # XXX Successive quota checks aren't a good idea, since you
26        # can't necessarily change the locker and disk size at the
27        # same time.
28        created_new = (machine_id is None)
29
30        if strict:
31            if name is None:
32                raise InvalidInput('name', name, "You must provide a machine name.")
33            if description is None:
34                raise InvalidInput('description', description, "You must provide a description.")
35            if memory is None:
36                raise InvalidInput('memory', memory, "You must provide a memory size.")
37            if disksize is None:
38                raise InvalidInput('disk', disksize, "You must provide a disk size.")
39
40        if machine_id is not None:
41            self.machine = testMachineId(username, state, machine_id)
42        machine = getattr(self, 'machine', None)
43
44        owner = testOwner(username, owner, machine)
45        if owner is not None:
46            self.owner = owner
47        self.admin = testAdmin(username, admin, machine)
48        contact = testContact(username, contact, machine)
49        if contact is not None:
50            self.contact = contact
51        name = testName(username, name, machine)
52        if name is not None:
53            self.name = name
54        description = testDescription(username, description, machine)
55        if description is not None:
56            self.description = description
57        if memory is not None:
58            self.memory = validMemory(self.owner, state, memory, machine,
59                                      on=not created_new)
60        if disksize is not None:
61            self.disksize = validDisk(self.owner, state, disksize, machine)
62        if vmtype is not None:
63            self.vmtype = validVmType(vmtype)
64        if cdrom is not None:
65            if not CDROM.query().get(cdrom):
66                raise CodeError("Invalid cdrom type '%s'" % cdrom)
67            self.cdrom = cdrom
68        if autoinstall is not None:
69            #raise InvalidInput('autoinstall', 'install',
70            #                   "The autoinstaller has been temporarily disabled")
71            self.autoinstall = Autoinstall.query().get(autoinstall)
72
73
74def getMachinesByOwner(owner, machine=None):
75    """Return the machines owned by the same as a machine.
76
77    If the machine is None, return the machines owned by the same
78    user.
79    """
80    if machine:
81        owner = machine.owner
82    return Machine.query().filter_by(owner=owner)
83
84def maxMemory(owner, g, machine=None, on=True):
85    """Return the maximum memory for a machine or a user.
86
87    If machine is None, return the memory available for a new
88    machine.  Else, return the maximum that machine can have.
89
90    on is whether the machine should be turned on.  If false, the max
91    memory for the machine to change to, if it is left off, is
92    returned.
93    """
94    if machine is not None and machine.memory > MAX_MEMORY_SINGLE:
95        # If they've been blessed, let them have it
96        return machine.memory
97    if not on:
98        return MAX_MEMORY_SINGLE
99    machines = getMachinesByOwner(owner, machine)
100    active_machines = [m for m in machines if m.name in g.xmlist_raw]
101    mem_usage = sum([x.memory for x in active_machines if x != machine])
102    return min(MAX_MEMORY_SINGLE, MAX_MEMORY_TOTAL-mem_usage)
103
104def maxDisk(owner, machine=None):
105    """Return the maximum disk that a machine can reach.
106
107    If machine is None, the maximum disk for a new machine. Otherwise,
108    return the maximum that a given machine can be changed to.
109    """
110    if machine is not None:
111        machine_id = machine.machine_id
112    else:
113        machine_id = None
114    disk_usage = Disk.query().filter(Disk.c.machine_id != machine_id).\
115                     join('machine').\
116                     filter_by(owner=owner).sum(Disk.c.size) or 0
117    return min(MAX_DISK_SINGLE, MAX_DISK_TOTAL-disk_usage/1024.)
118
119def cantAddVm(owner, g):
120    machines = getMachinesByOwner(owner)
121    active_machines = [m for m in machines if m.name in g.xmlist_raw]
122    if machines.count() >= MAX_VMS_TOTAL:
123        return 'You have too many VMs to create a new one.'
124    if len(active_machines) >= MAX_VMS_ACTIVE:
125        return ('You already have the maximum number of VMs turned on.  '
126                'To create more, turn one off.')
127    return False
128
129def haveAccess(user, state, machine):
130    """Return whether a user has administrative access to a machine"""
131    return (user in cache_acls.accessList(machine)
132            or (machine.adminable and state.isadmin))
133
134def owns(user, machine):
135    """Return whether a user owns a machine"""
136    return user in expandLocker(machine.owner)
137
138def validMachineName(name):
139    """Check that name is valid for a machine name"""
140    if not name:
141        return False
142    charset = string.lowercase + string.digits + '-'
143    if '-' in (name[0], name[-1]) or len(name) > 63:
144        return False
145    for x in name:
146        if x not in charset:
147            return False
148    return True
149
150def validMemory(owner, g, memory, machine=None, on=True):
151    """Parse and validate limits for memory for a given owner and machine.
152
153    on is whether the memory must be valid after the machine is
154    switched on.
155    """
156    try:
157        memory = int(memory)
158        if memory < MIN_MEMORY_SINGLE:
159            raise ValueError
160    except ValueError:
161        raise InvalidInput('memory', memory,
162                           "Minimum %s MiB" % MIN_MEMORY_SINGLE)
163    max_val = maxMemory(owner, g, machine, on)
164    if not g.isadmin and memory > max_val:
165        raise InvalidInput('memory', memory,
166                           'Maximum %s MiB for %s' % (max_val, owner))
167    return memory
168
169def validDisk(owner, g, disk, machine=None):
170    """Parse and validate limits for disk for a given owner and machine."""
171    try:
172        disk = float(disk)
173        if not g.isadmin and disk > maxDisk(owner, machine):
174            raise InvalidInput('disk', disk,
175                               "Maximum %s G" % maxDisk(owner, machine))
176        disk = int(disk * 1024)
177        if disk < MIN_DISK_SINGLE * 1024:
178            raise ValueError
179    except ValueError:
180        raise InvalidInput('disk', disk,
181                           "Minimum %s GiB" % MIN_DISK_SINGLE)
182    return disk
183
184def validVmType(vm_type):
185    if vm_type is None:
186        return None
187    t = Type.query().get(vm_type)
188    if t is None:
189        raise CodeError("Invalid vm type '%s'"  % vm_type)
190    return t
191
192def testMachineId(user, state, machine_id, exists=True):
193    """Parse, validate and check authorization for a given user and machine.
194
195    If exists is False, don't check that it exists.
196    """
197    if machine_id is None:
198        raise InvalidInput('machine_id', machine_id,
199                           "Must specify a machine ID.")
200    try:
201        machine_id = int(machine_id)
202    except ValueError:
203        raise InvalidInput('machine_id', machine_id, "Must be an integer.")
204    machine = Machine.query().get(machine_id)
205    if exists and machine is None:
206        raise InvalidInput('machine_id', machine_id, "Does not exist.")
207    if machine is not None and not haveAccess(user, state, machine):
208        raise InvalidInput('machine_id', machine_id,
209                           "You do not have access to this machine.")
210    return machine
211
212def testAdmin(user, admin, machine):
213    """Determine whether a user can set the admin of a machine to this value.
214
215    Return the value to set the admin field to (possibly 'system:' +
216    admin).  XXX is modifying this a good idea?
217    """
218    if admin is None:
219        return None
220    if machine is not None and admin == machine.administrator:
221        return admin
222    if admin == user:
223        return admin
224    if ':' not in admin:
225        if cache_acls.isUser(admin):
226            return admin
227        admin = 'system:' + admin
228    try:
229        if user in getafsgroups.getAfsGroupMembers(admin, config.authz[0].cell):
230            return admin
231    except getafsgroups.AfsProcessError, e:
232        errmsg = str(e)
233        if errmsg.startswith("pts: User or group doesn't exist"):
234            errmsg = 'The group "%s" does not exist.' % admin
235        raise InvalidInput('administrator', admin, errmsg)
236    #XXX Should we require that user is in the admin group?
237    return admin
238
239def testOwner(user, owner, machine=None):
240    """Determine whether a user can set the owner of a machine to this value.
241
242    If machine is None, this is the owner of a new machine.
243    """
244    if machine is not None and owner in (machine.owner, None):
245        return machine.owner
246    if owner is None:
247        raise InvalidInput('owner', owner, "Owner must be specified")
248    try:
249        if user not in cache_acls.expandLocker(owner):
250            raise InvalidInput('owner', owner, 'You do not have access to the '
251                               + owner + ' locker')
252    except getafsgroups.AfsProcessError, e:
253        raise InvalidInput('owner', owner, str(e))
254    return owner
255
256def testContact(user, contact, machine=None):
257    if contact is None or (machine is not None and contact == machine.contact):
258        return None
259    if not re.match("^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$", contact, re.I):
260        raise InvalidInput('contact', contact, "Not a valid email.")
261    return contact
262
263def testDisk(user, disksize, machine=None):
264    return disksize
265
266def testName(user, name, machine=None):
267    if name is None:
268        return None
269    name = name.lower()
270    if machine is not None and name == machine.name:
271        return None
272    try:
273        hostname = '%s.%s.' % (name, config.dns.domains[0])
274        resolver = dns.resolver.Resolver()
275        resolver.nameservers = ['127.0.0.1']
276        try:
277            resolver.query(hostname, 'A')
278        except dns.resolver.NoAnswer, e:
279            # If we can get the TXT record, then we can verify it's
280            # reserved. If this lookup fails, let it bubble up and be
281            # dealt with
282            answer = resolver.query(hostname, 'TXT')
283            txt = answer[0].strings[0]
284            if txt.startswith('reserved'):
285                raise InvalidInput('name', name, 'The name you have requested has been %s. For more information, contact us at %s' % (txt, config.dns.contact))
286
287        # If the hostname didn't exist, it would have thrown an
288        # exception by now - error out
289        raise InvalidInput('name', name, 'Name is already taken.')
290    except dns.resolver.NXDOMAIN, e:
291        if not validMachineName(name):
292            raise InvalidInput('name', name, 'You must provide a machine name.  Max 63 chars, alnum plus \'-\', does not begin or end with \'-\'.')
293        return name
294    except InvalidInput:
295        raise
296    except:
297        # Any other error is a validation failure
298        raise InvalidInput('name', name, 'We were unable to verify that this name is available. If you believe this is in error, please contact us at %s' % config.dns.contact)
299
300def testDescription(user, description, machine=None):
301    if description is None or description.strip() == '':
302        return None
303    return description.strip()
304
305def testHostname(user, hostname, machine):
306    for nic in machine.nics:
307        if hostname == nic.hostname:
308            return hostname
309    # check if doesn't already exist
310    if NIC.select_by(hostname=hostname):
311        raise InvalidInput('hostname', hostname,
312                           "Already exists")
313    if not re.match("^[A-Z0-9-]{1,22}$", hostname, re.I):
314        raise InvalidInput('hostname', hostname, "Not a valid hostname; "
315                           "must only use number, letters, and dashes.")
316    return hostname
Note: See TracBrowser for help on using the repository browser.