From 63a78a537e1300e393f6fcf54aae799210618264 Mon Sep 17 00:00:00 2001 From: PCoder Date: Sat, 8 Jun 2019 04:25:55 +0200 Subject: [PATCH 1/3] Use infoextended for fallback case also --- opennebula_api/models.py | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/opennebula_api/models.py b/opennebula_api/models.py index a333aa23..a951349e 100644 --- a/opennebula_api/models.py +++ b/opennebula_api/models.py @@ -212,7 +212,13 @@ class OpenNebulaManager(): 'Could not connect via client, using oneadmin instead') try: vm_pool = oca.VirtualMachinePool(self.oneadmin_client) - vm_pool.info(filter=-2) + if infoextended: + vm_pool.infoextended( + filter=-1, # User's resources and any of his groups + vm_state=-1 # Look for VMs in any state, except DONE + ) + else: + vm_pool.info(filter=-2) return vm_pool except: raise ConnectionRefusedError From 496178f44cbfbfc585cc8c0ddd918c9b2ff98e08 Mon Sep 17 00:00:00 2001 From: PCoder Date: Sat, 8 Jun 2019 04:40:16 +0200 Subject: [PATCH 2/3] Check if VM belongs to user against opennebula backend --- hosting/views.py | 32 +++++++++++++++++++++----------- 1 file changed, 21 insertions(+), 11 deletions(-) diff --git a/hosting/views.py b/hosting/views.py index cd6aa4f3..11a4b8bc 100644 --- a/hosting/views.py +++ b/hosting/views.py @@ -26,11 +26,11 @@ from django.views.generic import ( View, CreateView, FormView, ListView, DetailView, DeleteView, TemplateView, UpdateView ) -from rest_framework.views import APIView -from rest_framework.response import Response -from rest_framework.renderers import JSONRenderer from guardian.mixins import PermissionRequiredMixin from oca.pool import WrongIdError +from rest_framework.renderers import JSONRenderer +from rest_framework.response import Response +from rest_framework.views import APIView from stored_messages.api import mark_read from stored_messages.models import Message from stored_messages.settings import stored_messages_settings @@ -1778,13 +1778,23 @@ class CheckUserVM(APIView): response = check_otp(user, realm, token) if response != 200: return Response('Invalid token', 403) - uservms = VMDetail.objects.filter(user__email=email) - if len(uservms) > 0: - for i in range(len(uservms)): - if uservms[i].ipv4 == ip or uservms[i].ipv6 == ip: - return Response('success', 200) - return Response('No VM found matching the ip address provided', 404) - else: - return Response('No VM found with the given email address', 404) + manager = OpenNebulaManager() + # not the best way to lookup vms by ip + # TODO: make this optimal + vms = manager.get_vms() + users_vms = [VirtualMachineSerializer(vm).data for vm in vms + if vm.uname == email] + if len(users_vms) == 0: + return Response('No VM found with the given email address', + 404) + for vm in users_vms: + for nic in vm.template.nics: + if hasattr(nic, 'ip6_global'): + if nic.ip6_global == ip: + return Response('success', 200) + elif hasattr(nic, 'ip'): + if nic.ip == ip: + return Response('success', 200) + return Response('No VM found matching the ip address provided', 404) except KeyError: return Response('Not enough data provided', 400) From 1ebfc8b2dcf392958e14cde0075946ad231a889d Mon Sep 17 00:00:00 2001 From: PCoder Date: Mon, 10 Jun 2019 14:51:40 +0200 Subject: [PATCH 3/3] Don't use VirtualMachineSerializer for obtaining users_vms --- hosting/views.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/hosting/views.py b/hosting/views.py index 11a4b8bc..4c6ea04d 100644 --- a/hosting/views.py +++ b/hosting/views.py @@ -1782,8 +1782,7 @@ class CheckUserVM(APIView): # not the best way to lookup vms by ip # TODO: make this optimal vms = manager.get_vms() - users_vms = [VirtualMachineSerializer(vm).data for vm in vms - if vm.uname == email] + users_vms = [vm for vm in vms if vm.uname == email] if len(users_vms) == 0: return Response('No VM found with the given email address', 404)