r106167 MediaWiki - Code Review archive

Repository:MediaWiki
Revision:r106166‎ | r106167 | r106168 >
Date:08:45, 14 December 2011
Author:laner
Status:ok
Tags:openstack 
Comment:
* Refactor how credentials are created per project, and how the nova connection is created
* Remove a few unused variables
* Add support for default security group rules
Modified paths:
  • /trunk/extensions/OpenStackManager/OpenStackManager.php (modified) (history)
  • /trunk/extensions/OpenStackManager/OpenStackNovaController.php (modified) (history)
  • /trunk/extensions/OpenStackManager/OpenStackNovaUser.php (modified) (history)
  • /trunk/extensions/OpenStackManager/special/SpecialNovaAddress.php (modified) (history)
  • /trunk/extensions/OpenStackManager/special/SpecialNovaDomain.php (modified) (history)
  • /trunk/extensions/OpenStackManager/special/SpecialNovaInstance.php (modified) (history)
  • /trunk/extensions/OpenStackManager/special/SpecialNovaKey.php (modified) (history)
  • /trunk/extensions/OpenStackManager/special/SpecialNovaProject.php (modified) (history)
  • /trunk/extensions/OpenStackManager/special/SpecialNovaRole.php (modified) (history)
  • /trunk/extensions/OpenStackManager/special/SpecialNovaSecurityGroup.php (modified) (history)
  • /trunk/extensions/OpenStackManager/special/SpecialNovaVolume.php (modified) (history)

Diff [purge]

Index: trunk/extensions/OpenStackManager/special/SpecialNovaInstance.php
@@ -29,8 +29,8 @@
3030 return true;
3131 }
3232 $project = $wgRequest->getVal( 'project' );
33 - $userCredentials = $this->userLDAP->getCredentials( $project );
34 - $this->userNova = new OpenStackNovaController( $userCredentials );
 33+ $userCredentials = $this->userLDAP->getCredentials();
 34+ $this->userNova = new OpenStackNovaController( $userCredentials, $project );
3535 $adminCredentials = $wgOpenStackManagerNovaAdminKeys;
3636 $this->adminNova = new OpenStackNovaController( $adminCredentials );
3737
Index: trunk/extensions/OpenStackManager/special/SpecialNovaSecurityGroup.php
@@ -487,8 +487,8 @@
488488 $project = $formData['project'];
489489 $groupname = $formData['groupname'];
490490 $description = $formData['description'];
491 - $userCredentials = $this->userLDAP->getCredentials( $project );
492 - $this->userNova = new OpenStackNovaController( $userCredentials );
 491+ $userCredentials = $this->userLDAP->getCredentials();
 492+ $this->userNova = new OpenStackNovaController( $userCredentials, $project );
493493 $securitygroup = $this->userNova->createSecurityGroup( $groupname, $description );
494494 if ( $securitygroup ) {
495495 $wgOut->addWikiMsg( 'openstackmanager-createdsecuritygroup' );
@@ -512,8 +512,8 @@
513513 global $wgOut;
514514
515515 $project = $formData['project'];
516 - $userCredentials = $this->userLDAP->getCredentials( $project );
517 - $this->userNova = new OpenStackNovaController( $userCredentials );
 516+ $userCredentials = $this->userLDAP->getCredentials();
 517+ $this->userNova = new OpenStackNovaController( $userCredentials, $project );
518518 $securitygroup = $this->adminNova->getSecurityGroup( $formData['groupname'], $project );
519519 if ( !$securitygroup ) {
520520 $wgOut->addWikiMsg( 'openstackmanager-nonexistantsecuritygroup' );
@@ -588,8 +588,8 @@
589589 $group = explode( ':', $group );
590590 $groups[] = array( 'groupname' => $group[0], 'project' => $group[1] );
591591 }
592 - $userCredentials = $this->userLDAP->getCredentials( $project );
593 - $this->userNova = new OpenStackNovaController( $userCredentials );
 592+ $userCredentials = $this->userLDAP->getCredentials();
 593+ $this->userNova = new OpenStackNovaController( $userCredentials, $project );
594594 $securitygroup = $this->adminNova->getSecurityGroup( $formData['groupname'], $project );
595595 if ( ! $securitygroup ) {
596596 $wgOut->addWikiMsg( 'openstackmanager-nonexistantsecuritygroup' );
@@ -636,8 +636,8 @@
637637 $groups[] = array( 'groupname' => $rawgroup[0], 'project' => $rawgroup[1] );
638638 }
639639 }
640 - $userCredentials = $this->userLDAP->getCredentials( $project );
641 - $this->userNova = new OpenStackNovaController( $userCredentials );
 640+ $userCredentials = $this->userLDAP->getCredentials();
 641+ $this->userNova = new OpenStackNovaController( $userCredentials, $project );
642642 $securitygroup = $this->adminNova->getSecurityGroup( $formData['groupname'], $project );
643643 if ( ! $securitygroup ) {
644644 $wgOut->addWikiMsg( 'openstackmanager-nonexistantsecuritygroup' );
Index: trunk/extensions/OpenStackManager/special/SpecialNovaAddress.php
@@ -61,8 +61,8 @@
6262 $this->notInRole( 'netadmin' );
6363 return false;
6464 }
65 - $userCredentials = $this->userLDAP->getCredentials( $project );
66 - $this->userNova = new OpenStackNovaController( $userCredentials );
 65+ $userCredentials = $this->userLDAP->getCredentials();
 66+ $this->userNova = new OpenStackNovaController( $userCredentials, $project );
6767 if ( ! $wgRequest->wasPosted() ) {
6868 $wgOut->addWikiMsg( 'openstackmanager-allocateaddress-confirm', $project );
6969 }
@@ -101,8 +101,8 @@
102102 $this->notInRole( 'netadmin' );
103103 return false;
104104 }
105 - $userCredentials = $this->userLDAP->getCredentials( $project );
106 - $this->userNova = new OpenStackNovaController( $userCredentials );
 105+ $userCredentials = $this->userLDAP->getCredentials();
 106+ $this->userNova = new OpenStackNovaController( $userCredentials, $project );
107107 $ip = $wgRequest->getText( 'ip' );
108108 if ( ! $wgRequest->wasPosted() ) {
109109 $wgOut->addWikiMsg( 'openstackmanager-releaseaddress-confirm', $ip );
@@ -148,8 +148,8 @@
149149 $this->notInRole( 'netadmin' );
150150 return false;
151151 }
152 - $userCredentials = $this->userLDAP->getCredentials( $project );
153 - $this->userNova = new OpenStackNovaController( $userCredentials );
 152+ $userCredentials = $this->userLDAP->getCredentials();
 153+ $this->userNova = new OpenStackNovaController( $userCredentials, $project );
154154 $instances = $this->userNova->getInstances();
155155 $instance_keys = array();
156156 foreach ( $instances as $instance ) {
@@ -204,8 +204,8 @@
205205 $this->notInRole( 'netadmin' );
206206 return false;
207207 }
208 - $userCredentials = $this->userLDAP->getCredentials( $project );
209 - $this->userNova = new OpenStackNovaController( $userCredentials );
 208+ $userCredentials = $this->userLDAP->getCredentials();
 209+ $this->userNova = new OpenStackNovaController( $userCredentials, $project );
210210 $ip = $wgRequest->getText( 'ip' );
211211 if ( ! $wgRequest->wasPosted() ) {
212212 $wgOut->addWikiMsg( 'openstackmanager-disassociateaddress-confirm', $ip );
@@ -309,8 +309,8 @@
310310 $this->notInRole( 'netadmin' );
311311 return false;
312312 }
313 - $userCredentials = $this->userLDAP->getCredentials( $project );
314 - $this->userNova = new OpenStackNovaController( $userCredentials );
 313+ $userCredentials = $this->userLDAP->getCredentials();
 314+ $this->userNova = new OpenStackNovaController( $userCredentials, $project );
315315 $ip = $wgRequest->getText( 'ip' );
316316 $domain = $wgRequest->getText( 'domain' );
317317 $hostname = $wgRequest->getText( 'hostname' );
Index: trunk/extensions/OpenStackManager/special/SpecialNovaProject.php
@@ -1,7 +1,7 @@
22 <?php
33 class SpecialNovaProject extends SpecialNova {
44
5 - var $userNova, $adminNova;
 5+ var $adminNova;
66 var $userLDAP;
77
88 function __construct() {
@@ -291,6 +291,7 @@
292292 */
293293 function tryCreateSubmit( $formData, $entryPoint = 'internal' ) {
294294 global $wgOut;
 295+ global $wgOpenStackManagerDefaultSecurityGroupRules;
295296
296297 $success = OpenStackNovaProject::createProject( $formData['projectname'] );
297298 if ( ! $success ) {
@@ -299,6 +300,49 @@
300301 }
301302 $project = OpenStackNovaProject::getProjectByName( $formData['projectname'] );
302303 $project->editArticle();
 304+ # Create a default security group for this project, and add configured default rules
 305+ $groupname = 'default';
 306+ # Change the connection to reference this project
 307+ $this->adminNova->configureConnection( $formData['projectname'] );
 308+ $this->adminNova->createSecurityGroup( $groupname, '' );
 309+ foreach ( $wgOpenStackManagerDefaultSecurityGroupRules as $rule ) {
 310+ $fromport = '';
 311+ $toport = '';
 312+ $protocol = '';
 313+ $ranges = array();
 314+ $groups = array();
 315+ if ( array_key_exists( 'fromport', $rule ) ) {
 316+ $fromport = $rule['fromport'];
 317+ }
 318+ if ( array_key_exists( 'toport', $rule ) ) {
 319+ $toport = $rule['toport'];
 320+ }
 321+ if ( array_key_exists( 'protocol', $rule ) ) {
 322+ $protocol = $rule['protocol'];
 323+ }
 324+ if ( array_key_exists( 'ranges', $rule ) ) {
 325+ $ranges = $rule['ranges'];
 326+ }
 327+ if ( array_key_exists( 'groups', $rule ) ) {
 328+ foreach ( $rule['groups'] as $group ) {
 329+ if ( !array_key_exists( 'groupname', $group ) ) {
 330+ # TODO: log an error here
 331+ continue;
 332+ }
 333+ if ( array_key_exists( 'project', $group ) ) {
 334+ $groupproject = $group['project'];
 335+ } else {
 336+ # Assume groups with no project defined are
 337+ # referencing this project's group
 338+ $groupproject = $formData['projectname'];
 339+ }
 340+ $groups[] = array( 'groupname' => $group['groupname'], 'project' => $groupproject );
 341+ }
 342+ }
 343+ $this->adminNova->addSecurityGroupRule( $groupname, $fromport, $toport, $protocol, $ranges, $groups );
 344+ }
 345+ # Reset connection to default
 346+ $this->adminNova->configureConnection();
303347 $wgOut->addWikiMsg( 'openstackmanager-createdproject' );
304348 $sk = $wgOut->getSkin();
305349 $out = '<br />';
Index: trunk/extensions/OpenStackManager/special/SpecialNovaDomain.php
@@ -1,7 +1,7 @@
22 <?php
33 class SpecialNovaDomain extends SpecialNova {
44
5 - var $userNova, $adminNova;
 5+ var $adminNova;
66 var $userLDAP;
77
88 function __construct() {
Index: trunk/extensions/OpenStackManager/special/SpecialNovaVolume.php
@@ -29,8 +29,8 @@
3030 return true;
3131 }
3232 $project = $wgRequest->getVal( 'project' );
33 - $userCredentials = $this->userLDAP->getCredentials( $project );
34 - $this->userNova = new OpenStackNovaController( $userCredentials );
 33+ $userCredentials = $this->userLDAP->getCredentials();
 34+ $this->userNova = new OpenStackNovaController( $userCredentials, $project );
3535 $adminCredentials = $wgOpenStackManagerNovaAdminKeys;
3636 $this->adminNova = new OpenStackNovaController( $adminCredentials );
3737
Index: trunk/extensions/OpenStackManager/special/SpecialNovaKey.php
@@ -49,8 +49,8 @@
5050 $this->notInProject();
5151 return true;
5252 }
53 - $userCredentials = $this->userLDAP->getCredentials( $project );
54 - $this->userNova = new OpenStackNovaController( $userCredentials );
 53+ $userCredentials = $this->userLDAP->getCredentials();
 54+ $this->userNova = new OpenStackNovaController( $userCredentials, $project );
5555 }
5656
5757 $this->setHeaders();
@@ -175,8 +175,8 @@
176176 $out .= $sk->link( $this->getTitle(), wfMsgHtml( 'openstackmanager-importkey' ), array(), array( 'action' => 'import' ) );
177177 $projects = $this->userLDAP->getProjects();
178178 foreach ( $projects as $project ) {
179 - $userCredentials = $this->userLDAP->getCredentials( $project );
180 - $this->userNova = new OpenStackNovaController( $userCredentials );
 179+ $userCredentials = $this->userLDAP->getCredentials();
 180+ $this->userNova = new OpenStackNovaController( $userCredentials, $project );
181181 $keypairs = $this->userNova->getKeypairs();
182182 if ( ! $keypairs ) {
183183 continue;
Index: trunk/extensions/OpenStackManager/special/SpecialNovaRole.php
@@ -1,7 +1,7 @@
22 <?php
33 class SpecialNovaRole extends SpecialNova {
44
5 - var $userNova, $adminNova;
 5+ var $adminNova;
66 var $userLDAP;
77
88 function __construct() {
Index: trunk/extensions/OpenStackManager/OpenStackNovaUser.php
@@ -35,10 +35,9 @@
3636 * @param string $project
3737 * @return array
3838 */
39 - function getCredentials( $project = '' ) {
 39+ function getCredentials() {
4040 if ( isset( $this->userInfo[0]['accesskey'] ) ) {
4141 $accessKey = $this->userInfo[0]['accesskey'][0];
42 - $accessKey = $accessKey . ':' . $project;
4342 } else {
4443 $accessKey = '';
4544 }
Index: trunk/extensions/OpenStackManager/OpenStackNovaController.php
@@ -3,6 +3,7 @@
44 # TODO: Make this an abstract class, and make the EC2 API a subclass
55 class OpenStackNovaController {
66
 7+ var $credentials;
78 var $novaConnection;
89 var $instances, $images, $keypairs, $availabilityZones;
910 var $addresses, $securityGroups;
@@ -12,16 +13,29 @@
1314 /**
1415 * @param $credentials
1516 */
16 - function __construct( $credentials ) {
 17+ function __construct( $credentials, $project='' ) {
 18+ $this->credentials = $credentials;
 19+ $this->configureConnection( $project );
 20+ $this->instances = array();
 21+ }
 22+
 23+ /**
 24+ * @param $project
 25+ * @return null
 26+ */
 27+ function configureConnection( $project='' ) {
1728 global $wgOpenStackManagerNovaDisableSSL, $wgOpenStackManagerNovaServerName,
18 - $wgOpenStackManagerNovaPort, $wgOpenStackManagerNovaResourcePrefix;
 29+ $wgOpenStackManagerNovaPort, $wgOpenStackManagerNovaResourcePrefix,
 30+ $wgOpenStackManagerNovaDefaultProject;
1931
20 - $this->novaConnection = new AmazonEC2( $credentials['accessKey'], $credentials['secretKey'] );
 32+ if ( $project == '' ) {
 33+ $project = $wgOpenStackManagerNovaDefaultProject;
 34+ }
 35+ $this->novaConnection = new AmazonEC2( $this->credentials['accessKey'] . ':' . $project, $this->credentials['secretKey'] );
2136 $this->novaConnection->disable_ssl( $wgOpenStackManagerNovaDisableSSL );
2237 $this->novaConnection->set_hostname( $wgOpenStackManagerNovaServerName, $wgOpenStackManagerNovaPort );
2338 $this->novaConnection->set_resource_prefix( $wgOpenStackManagerNovaResourcePrefix );
2439 $this->novaConnection->allow_hostname_override(false);
25 - $this->instances = array();
2640 }
2741
2842 /**
Index: trunk/extensions/OpenStackManager/OpenStackManager.php
@@ -80,6 +80,7 @@
8181 $wgOpenStackManagerCreateResourcePages = true;
8282 $wgOpenStackManagerCreateProjectSALPages = true;
8383 $wgOpenStackManagerLDAPUseUidAsNamingAttribute = false;
 84+$wgOpenStackManagerNovaDefaultProject = "";
8485
8586 $dir = dirname( __FILE__ ) . '/';
8687

Status & tagging log