X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=PLC%2FMethods%2FAddSliceToNodes.py;h=0c18759692eefecde3ee909676fc4e2825ba3575;hb=6ad07636be41030d76b6899745cc4ccee3aaccf8;hp=249a1d8ee28134cbe7b66d924a9f75504967021b;hpb=4e6b8e3442aec9cc0012b9970236523e1a112492;p=plcapi.git diff --git a/PLC/Methods/AddSliceToNodes.py b/PLC/Methods/AddSliceToNodes.py index 249a1d8..0c18759 100644 --- a/PLC/Methods/AddSliceToNodes.py +++ b/PLC/Methods/AddSliceToNodes.py @@ -1,22 +1,28 @@ +# $Id$ +# $URL$ from PLC.Faults import * from PLC.Method import Method from PLC.Parameter import Parameter, Mixed from PLC.Nodes import Node, Nodes from PLC.Slices import Slice, Slices -from PLC.Auth import PasswordAuth +from PLC.Persons import Person, Persons +from PLC.Auth import Auth class AddSliceToNodes(Method): """ - Adds the specified slice to the specified nodes. If the slice is - already associated with a node, no errors are returned. + Adds the specified slice to the specified nodes. Nodes may be + either local or foreign nodes. + + If the slice is already associated with a node, no errors are + returned. Returns 1 if successful, faults otherwise. """ - roles = ['admin', 'pi'] + roles = ['admin', 'pi', 'user'] accepts = [ - PasswordAuth(), + Auth(), Mixed(Slice.fields['slice_id'], Slice.fields['name']), [Mixed(Node.fields['node_id'], @@ -26,26 +32,42 @@ class AddSliceToNodes(Method): returns = Parameter(int, '1 if successful') def call(self, auth, slice_id_or_name, node_id_or_hostname_list): - # Get slice information slices = Slices(self.api, [slice_id_or_name]) if not slices: raise PLCInvalidArgument, "No such slice" + slice = slices[0] - slice = slices.values()[0] - - # Get specified nodes - nodes = Nodes(self.api, node_id_or_hostname_list).values() + if slice['peer_id'] is not None: + raise PLCInvalidArgument, "Not a local slice" - # If we are not admin, make sure the caller is a pi - # of the site associated with the slice - if 'admin' not in self.caller['roles']: - if slice['site_id'] not in self.caller['site_ids']: - raise PLCPermissionDenied, "Not allowed to add nodes to this slice" + if 'admin' not in self.caller['roles']: + if self.caller['person_id'] in slice['person_ids']: + pass + elif 'pi' not in self.caller['roles']: + raise PLCPermissionDenied, "Not a member of the specified slice" + elif slice['site_id'] not in self.caller['site_ids']: + raise PLCPermissionDenied, "Specified slice not associated with any of your sites" + + # Get specified nodes, add them to the slice + nodes = Nodes(self.api, node_id_or_hostname_list, ['node_id', 'hostname', 'slice_ids', 'slice_ids_whitelist', 'site_id']) - # add slice to all nodes found for node in nodes: - if slice['slice_id'] not in node['slice_ids']: - slice.add_node(node) + # check the slice whitelist on each node first + # allow users at site to add node to slice, ignoring whitelist + if node['slice_ids_whitelist'] and \ + slice['slice_id'] not in node['slice_ids_whitelist'] and \ + not set(self.caller['site_ids']).intersection([node['site_id']]): + raise PLCInvalidArgument, "%s is not allowed on %s (not on the whitelist)" % \ + (slice['name'], node['hostname']) + if slice['slice_id'] not in node['slice_ids']: + slice.add_node(node, commit = False) + + slice.sync() + + nodeids = [node['node_id'] for node in nodes] + self.event_objects = {'Node': nodeids, + 'Slice': [slice['slice_id']]} + self.message = 'Slice %d added to nodes %s' % (slice['slice_id'], nodeids) return 1