Fix UpdateSharedTemplates view,w, implement assignment by TemplateUserMember

554c8261 · Szabolcs Gelencser · 31a33a47 · 554c8261 · 554c8261 · 554c8261
Commit 554c8261 authored Jun 01, 2018 by Szabolcs Gelencser
Hide whitespace changes
Inline Side-by-side

Showing with 39 additions and 8 deletions

circle/circle/settings/base.py
+3 -0

circle/dashboard/urls.py
+5 -0

circle/dashboard/views/util.py
+30 -7

circle/vm/operations.py
+1 -1

No files found.
--- a/circle/circle/settings/base.py
+++ b/circle/circle/settings/base.py
@@ -607,3 +607,5 @@ OPENSTACK_INTERFACE = "public"
 DEFAULT_LEASE_NAME = "default"
 DEFAULT_LEASE_SUSPEND_SECONDS = 3600
 DEFAULT_LEASE_DELETE_SECONDS = 7200
+SESSIONHOOK_SHARED_SECRET = "verysecretmuchsecure"
\ No newline at end of file
--- a/circle/dashboard/urls.py
+++ b/circle/dashboard/urls.py
@@ -23,6 +23,8 @@ from dashboard.views.template import TemplateList, TemplateChoose, TemplateDetai
    TemplateAclUpdateView
 from dashboard.views.vm import VmDetailView, VmList, VmCreate, vm_activity, vm_ops, FavouriteView, VmPlainImageCreate
 from django.conf.urls import url
+from dashboard.views import UpdateSharedTemplates
+from django.views.decorators.csrf import csrf_exempt
 from .views import (
    IndexView,
@@ -223,6 +225,9 @@ urlpatterns = [
    url(r'^autocomplete/acl/user/$',
        AclUserAutocomplete.as_view(),
        name='autocomplete.acl.user'),
+    url(r'^sessionhook$',
+        csrf_exempt(UpdateSharedTemplates.as_view()),
+        name='sessionhook'),
 ]
 urlpatterns += [

--- a/circle/dashboard/views/util.py
+++ b/circle/dashboard/views/util.py
@@ -605,7 +605,7 @@ class AclUpdateView(LoginRequiredMixin, View, SingleObjectMixin):
 class UpdateSharedTemplates(View):
    # TODO: extract these to openstack_api
-    def __get_glance_admin_client(self):
+    def __get_glance_admin_client(self, project_id):
        from keystoneauth1 import session
        from glanceclient import Client
@@ -613,7 +613,7 @@ class UpdateSharedTemplates(View):
            auth_url=fix_auth_url_version(settings.OPENSTACK_KEYSTONE_URL),
            user_id=settings.OPENSTACK_CIRCLE_USERID,
            password=settings.OPENSTACK_CIRCLE_PASSWORD,
-            project_id=self.project_id,
+            project_id=project_id,
        )
        session = session.Session(auth=auth, verify=False)
@@ -633,7 +633,7 @@ class UpdateSharedTemplates(View):
        return client.Client(session=sess, interface=settings.OPENSTACK_INTERFACE)
    def __get_templates_of_snapshots(self):
-        images = openstack_api.glance.image_list_detailed(self.request)[0]  # TODO: why nested lists?
+        images = [i for i in self.glance.images.list()]
        snapshot_ids = [
            i.id for i in images if hasattr(i, 'image_location') and i.image_location == 'snapshot'
        ]
@@ -659,19 +659,41 @@ class UpdateSharedTemplates(View):
            pass
        if not self.__is_member_of_groups(template):
-            self.glance.image_members.delete(template.image_id, self.project_id)
+            snapshot_owner_glance = self.__get_glance_admin_client(template.owner_id)
+            snapshot_owner_glance.image_members.delete(template.image_id, self.project_id)
    def __cleanup_snapshots(self):
        templates_of_existing_snaps = self.__get_templates_of_snapshots()
        for t in templates_of_existing_snaps:
            self.__cleanup_snapshot(t)
+    def __accept_membership(self, template):
+        self.glance.image_members.update(template.image_id, self.project_id, 'accepted')
+    def __assign_by_users(self):
+        templates = InstanceTemplate.objects.filter(users__project_id=self.project_id)
+        for t in templates:
+            snapshot_owner_glance = self.__get_glance_admin_client(t.owner_id)
+            try:
+                snapshot_owner_glance.image_members.create(t.image_id, self.project_id)
+                self.__accept_membership(t)
+            except:
+                pass  # TODO: silent fail, but should log in case of some error
+    def __assign_by_groups(self):
+        pass
+    def __assign_snapshots(self):
+        self.__assign_by_users()
+        self.__assign_by_groups()
    def __update_shared_templates(self):
        self.__cleanup_snapshots()
+        self.__assign_snapshots()
    def post(self, request):
-        if not hasattr(request.POST, 'secret') or \
+        if not 'secret' in request.POST or \
-           not hasattr(request.POST, 'project_id'):
+           not 'project_id' in request.POST:
            return HttpResponse(status=400)
        secret = request.POST['secret']
@@ -679,9 +701,10 @@ class UpdateSharedTemplates(View):
            return HttpResponse(status=401)
        self.project_id = request.POST['project_id']
-        self.glance = self.__get_glance_admin_client()
+        self.glance = self.__get_glance_admin_client(self.project_id)
        self.__update_shared_templates()
+        return HttpResponse(status=200)
 class GraphMixin(object):
    graph_time_options = [

--- a/circle/vm/operations.py
+++ b/circle/vm/operations.py
@@ -536,7 +536,7 @@ class SaveAsTemplateOperation(InstanceOperation):
            name=name,
            image_id=template_image_id,
            flavor_id=self.instance.flavor["id"],
-            owner_id=user.id,
+            owner_id=user.tenant_id,
            lease=VmLease.get_or_create_lease(self.instance).lease
        )
        template.save()