Matteo Scandolo | ad0c175 | 2018-08-09 15:47:16 -0700 | [diff] [blame] | 1 | |
| 2 | # Copyright 2017-present Open Networking Foundation |
| 3 | # |
| 4 | # Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | # you may not use this file except in compliance with the License. |
| 6 | # You may obtain a copy of the License at |
| 7 | # |
| 8 | # http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | # |
| 10 | # Unless required by applicable law or agreed to in writing, software |
| 11 | # distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | # See the License for the specific language governing permissions and |
| 14 | # limitations under the License. |
| 15 | |
| 16 | |
Scott Baker | c2a633d | 2019-04-01 19:27:41 -0700 | [diff] [blame] | 17 | from helpers import AttHelpers |
Scott Baker | 71d2047 | 2019-02-01 12:05:35 -0800 | [diff] [blame] | 18 | from xossynchronizer.model_policies.policy import Policy |
Matteo Scandolo | ad0c175 | 2018-08-09 15:47:16 -0700 | [diff] [blame] | 19 | |
Matteo Scandolo | ea52909 | 2018-09-11 16:36:39 -0700 | [diff] [blame] | 20 | import os |
| 21 | import sys |
| 22 | |
| 23 | sync_path = os.path.abspath(os.path.join(os.path.dirname(os.path.realpath(__file__)), "..")) |
| 24 | sys.path.append(sync_path) |
| 25 | |
Matteo Scandolo | ea52909 | 2018-09-11 16:36:39 -0700 | [diff] [blame] | 26 | |
Matteo Scandolo | e8c33d6 | 2018-08-16 14:37:24 -0700 | [diff] [blame] | 27 | class DeferredException(Exception): |
| 28 | pass |
| 29 | |
Scott Baker | c2a633d | 2019-04-01 19:27:41 -0700 | [diff] [blame] | 30 | |
Matteo Scandolo | ad0c175 | 2018-08-09 15:47:16 -0700 | [diff] [blame] | 31 | class AttWorkflowDriverServiceInstancePolicy(Policy): |
| 32 | model_name = "AttWorkflowDriverServiceInstance" |
| 33 | |
| 34 | def handle_create(self, si): |
| 35 | self.logger.debug("MODEL_POLICY: handle_create for AttWorkflowDriverServiceInstance %s " % si.id) |
| 36 | self.handle_update(si) |
| 37 | |
Matteo Scandolo | ad0c175 | 2018-08-09 15:47:16 -0700 | [diff] [blame] | 38 | def handle_update(self, si): |
Scott Baker | c2a633d | 2019-04-01 19:27:41 -0700 | [diff] [blame] | 39 | self.logger.debug("MODEL_POLICY: handle_update for AttWorkflowDriverServiceInstance %s " % |
Matteo Scandolo | 2d9f40d | 2019-04-19 08:38:10 -0700 | [diff] [blame] | 40 | (si.id), onu_state=si.admin_onu_state, authentication_state=si.authentication_state) |
Matteo Scandolo | e8c33d6 | 2018-08-16 14:37:24 -0700 | [diff] [blame] | 41 | |
Andy Bavier | afaf176 | 2019-01-16 09:41:43 -0700 | [diff] [blame] | 42 | # Changing ONU state can change auth state |
| 43 | # Changing auth state can change DHCP state |
| 44 | # So need to process in this order |
| 45 | self.process_onu_state(si) |
| 46 | self.process_auth_state(si) |
| 47 | self.process_dhcp_state(si) |
| 48 | |
| 49 | self.validate_states(si) |
Matteo Scandolo | e8c33d6 | 2018-08-16 14:37:24 -0700 | [diff] [blame] | 50 | |
Matteo Scandolo | ea52909 | 2018-09-11 16:36:39 -0700 | [diff] [blame] | 51 | # handling the subscriber status |
Andy Bavier | afaf176 | 2019-01-16 09:41:43 -0700 | [diff] [blame] | 52 | # It's a combination of all the other states |
Matteo Scandolo | ea52909 | 2018-09-11 16:36:39 -0700 | [diff] [blame] | 53 | subscriber = self.get_subscriber(si.serial_number) |
Matteo Scandolo | ea52909 | 2018-09-11 16:36:39 -0700 | [diff] [blame] | 54 | if subscriber: |
| 55 | self.update_subscriber(subscriber, si) |
Matteo Scandolo | ad0c175 | 2018-08-09 15:47:16 -0700 | [diff] [blame] | 56 | |
Andy Bavier | afaf176 | 2019-01-16 09:41:43 -0700 | [diff] [blame] | 57 | si.save_changed_fields() |
| 58 | |
Matteo Scandolo | 2d9f40d | 2019-04-19 08:38:10 -0700 | [diff] [blame] | 59 | # Check the whitelist to see if the ONU is valid. If it is, make sure that it's enabled. |
Andy Bavier | afaf176 | 2019-01-16 09:41:43 -0700 | [diff] [blame] | 60 | def process_onu_state(self, si): |
Scott Baker | 71d2047 | 2019-02-01 12:05:35 -0800 | [diff] [blame] | 61 | [valid, message] = AttHelpers.validate_onu(self.model_accessor, self.logger, si) |
Matteo Scandolo | 2d9f40d | 2019-04-19 08:38:10 -0700 | [diff] [blame] | 62 | si.status_message = message |
| 63 | if valid: |
| 64 | si.admin_onu_state = "ENABLED" |
| 65 | self.update_onu(si.serial_number, "ENABLED") |
| 66 | else: |
| 67 | si.admin_onu_state = "DISABLED" |
Andy Bavier | afaf176 | 2019-01-16 09:41:43 -0700 | [diff] [blame] | 68 | self.update_onu(si.serial_number, "DISABLED") |
| 69 | |
Andy Bavier | 11ffbf5 | 2019-02-08 11:53:21 -0700 | [diff] [blame] | 70 | # If the ONU has been disabled then we force re-authentication when it |
| 71 | # is re-enabled. |
| 72 | # Setting si.authentication_state = AWAITING: |
| 73 | # -> subscriber status = "awaiting_auth" |
| 74 | # -> service chain deleted |
| 75 | # -> need authentication to restore connectivity after ONU enabled |
Andy Bavier | afaf176 | 2019-01-16 09:41:43 -0700 | [diff] [blame] | 76 | def process_auth_state(self, si): |
| 77 | auth_msgs = { |
| 78 | "AWAITING": " - Awaiting Authentication", |
| 79 | "REQUESTED": " - Authentication requested", |
| 80 | "STARTED": " - Authentication started", |
| 81 | "APPROVED": " - Authentication succeeded", |
| 82 | "DENIED": " - Authentication denied" |
| 83 | } |
Matteo Scandolo | 2d9f40d | 2019-04-19 08:38:10 -0700 | [diff] [blame] | 84 | if si.admin_onu_state == "DISABLED" or si.oper_onu_status == "DISABLED": |
Andy Bavier | afaf176 | 2019-01-16 09:41:43 -0700 | [diff] [blame] | 85 | si.authentication_state = "AWAITING" |
| 86 | else: |
| 87 | si.status_message += auth_msgs[si.authentication_state] |
| 88 | |
Andy Bavier | 11ffbf5 | 2019-02-08 11:53:21 -0700 | [diff] [blame] | 89 | # The DhcpL2Relay ONOS app generates events that update the fields below. |
| 90 | # It only sends events when it processes DHCP packets. It keeps no internal state. |
| 91 | # We reset dhcp_state when: |
| 92 | # si.authentication_state in ["AWAITING", "REQUESTED", "STARTED"] |
| 93 | # -> subscriber status = "awaiting_auth" |
| 94 | # -> service chain not present |
| 95 | # -> subscriber's OLT flow rules, xconnect not present |
| 96 | # -> DHCP packets won't go through |
| 97 | # Note, however, that the DHCP state at the endpoints is not changed. |
| 98 | # A previously issued DHCP lease may still be valid. |
Andy Bavier | afaf176 | 2019-01-16 09:41:43 -0700 | [diff] [blame] | 99 | def process_dhcp_state(self, si): |
Andy Bavier | 8ed30c9 | 2018-12-11 13:46:25 -0700 | [diff] [blame] | 100 | if si.authentication_state in ["AWAITING", "REQUESTED", "STARTED"]: |
| 101 | si.ip_address = "" |
| 102 | si.mac_address = "" |
Andy Bavier | 15310cf | 2018-12-13 14:16:49 -0700 | [diff] [blame] | 103 | si.dhcp_state = "AWAITING" |
Andy Bavier | 8ed30c9 | 2018-12-11 13:46:25 -0700 | [diff] [blame] | 104 | |
Andy Bavier | afaf176 | 2019-01-16 09:41:43 -0700 | [diff] [blame] | 105 | # Make sure the object is in a legitimate state |
| 106 | # It should be after the above processing steps |
| 107 | # However this might still fail if an event has fired in the meantime |
| 108 | # Valid states: |
| 109 | # ONU | Auth | DHCP |
| 110 | # =============================== |
| 111 | # AWAITING | AWAITING | AWAITING |
| 112 | # ENABLED | * | AWAITING |
| 113 | # ENABLED | APPROVED | * |
| 114 | # DISABLED | AWAITING | AWAITING |
| 115 | def validate_states(self, si): |
Matteo Scandolo | 2d9f40d | 2019-04-19 08:38:10 -0700 | [diff] [blame] | 116 | if (si.admin_onu_state == "AWAITING" or si.admin_onu_state == |
Scott Baker | c2a633d | 2019-04-01 19:27:41 -0700 | [diff] [blame] | 117 | "DISABLED") and si.authentication_state == "AWAITING" and si.dhcp_state == "AWAITING": |
Andy Bavier | afaf176 | 2019-01-16 09:41:43 -0700 | [diff] [blame] | 118 | return |
Matteo Scandolo | 2d9f40d | 2019-04-19 08:38:10 -0700 | [diff] [blame] | 119 | if si.admin_onu_state == "ENABLED" and (si.authentication_state == "APPROVED" or si.dhcp_state == "AWAITING"): |
Andy Bavier | afaf176 | 2019-01-16 09:41:43 -0700 | [diff] [blame] | 120 | return |
Scott Baker | c2a633d | 2019-04-01 19:27:41 -0700 | [diff] [blame] | 121 | self.logger.warning( |
| 122 | "MODEL_POLICY (validate_states): invalid state combination", |
Matteo Scandolo | 2d9f40d | 2019-04-19 08:38:10 -0700 | [diff] [blame] | 123 | onu_state=si.admin_onu_state, |
Scott Baker | c2a633d | 2019-04-01 19:27:41 -0700 | [diff] [blame] | 124 | auth_state=si.authentication_state, |
| 125 | dhcp_state=si.dhcp_state) |
Matteo Scandolo | ad0c175 | 2018-08-09 15:47:16 -0700 | [diff] [blame] | 126 | |
Matteo Scandolo | ea52909 | 2018-09-11 16:36:39 -0700 | [diff] [blame] | 127 | def update_onu(self, serial_number, admin_state): |
Scott Baker | c2a633d | 2019-04-01 19:27:41 -0700 | [diff] [blame] | 128 | onu = [onu for onu in self.model_accessor.ONUDevice.objects.all() if onu.serial_number.lower() |
| 129 | == serial_number.lower()][0] |
Andy Bavier | e02c07f | 2019-05-15 12:56:34 -0700 | [diff] [blame] | 130 | if onu.admin_state == "ADMIN_DISABLED": |
| 131 | self.logger.debug( |
| 132 | "MODEL_POLICY: ONUDevice [%s] has been manually disabled, not changing state to %s" % |
| 133 | (serial_number, admin_state)) |
| 134 | return |
Matteo Scandolo | c6ac74a | 2018-09-14 08:14:51 -0700 | [diff] [blame] | 135 | if onu.admin_state == admin_state: |
Scott Baker | c2a633d | 2019-04-01 19:27:41 -0700 | [diff] [blame] | 136 | self.logger.debug( |
| 137 | "MODEL_POLICY: ONUDevice [%s] already has admin_state to %s" % |
| 138 | (serial_number, admin_state)) |
Matteo Scandolo | c6ac74a | 2018-09-14 08:14:51 -0700 | [diff] [blame] | 139 | else: |
| 140 | self.logger.debug("MODEL_POLICY: setting ONUDevice [%s] admin_state to %s" % (serial_number, admin_state)) |
| 141 | onu.admin_state = admin_state |
Andy Bavier | 0d631eb | 2018-10-17 18:05:04 -0700 | [diff] [blame] | 142 | onu.save_changed_fields(always_update_timestamp=True) |
Matteo Scandolo | ad0c175 | 2018-08-09 15:47:16 -0700 | [diff] [blame] | 143 | |
Matteo Scandolo | ea52909 | 2018-09-11 16:36:39 -0700 | [diff] [blame] | 144 | def get_subscriber(self, serial_number): |
| 145 | try: |
Scott Baker | c2a633d | 2019-04-01 19:27:41 -0700 | [diff] [blame] | 146 | return [s for s in self.model_accessor.RCORDSubscriber.objects.all() if s.onu_device.lower() |
| 147 | == serial_number.lower()][0] |
Matteo Scandolo | ea52909 | 2018-09-11 16:36:39 -0700 | [diff] [blame] | 148 | except IndexError: |
| 149 | # If the subscriber doesn't exist we don't do anything |
Scott Baker | c2a633d | 2019-04-01 19:27:41 -0700 | [diff] [blame] | 150 | self.logger.debug( |
| 151 | "MODEL_POLICY: subscriber does not exists for this SI, doing nothing", |
| 152 | onu_device=serial_number) |
Matteo Scandolo | ea52909 | 2018-09-11 16:36:39 -0700 | [diff] [blame] | 153 | return None |
Matteo Scandolo | ad0c175 | 2018-08-09 15:47:16 -0700 | [diff] [blame] | 154 | |
Matteo Scandolo | 74f6330 | 2018-11-01 14:05:01 -0700 | [diff] [blame] | 155 | def update_subscriber_ip(self, subscriber, ip): |
| 156 | # TODO check if the subscriber has an IP and update it, |
| 157 | # or create a new one |
| 158 | try: |
Scott Baker | 71d2047 | 2019-02-01 12:05:35 -0800 | [diff] [blame] | 159 | ip = self.model_accessor.RCORDIpAddress.objects.filter( |
Matteo Scandolo | 74f6330 | 2018-11-01 14:05:01 -0700 | [diff] [blame] | 160 | subscriber_id=subscriber.id, |
| 161 | ip=ip |
| 162 | )[0] |
Scott Baker | c2a633d | 2019-04-01 19:27:41 -0700 | [diff] [blame] | 163 | self.logger.debug("MODEL_POLICY: found existing RCORDIpAddress for subscriber", |
| 164 | onu_device=subscriber.onu_device, subscriber_status=subscriber.status, ip=ip) |
Matteo Scandolo | 74f6330 | 2018-11-01 14:05:01 -0700 | [diff] [blame] | 165 | ip.save_changed_fields() |
| 166 | except IndexError: |
Scott Baker | c2a633d | 2019-04-01 19:27:41 -0700 | [diff] [blame] | 167 | self.logger.debug( |
| 168 | "MODEL_POLICY: Creating new RCORDIpAddress for subscriber", |
| 169 | onu_device=subscriber.onu_device, |
| 170 | subscriber_status=subscriber.status, |
| 171 | ip=ip) |
Scott Baker | 71d2047 | 2019-02-01 12:05:35 -0800 | [diff] [blame] | 172 | ip = self.model_accessor.RCORDIpAddress( |
Matteo Scandolo | 74f6330 | 2018-11-01 14:05:01 -0700 | [diff] [blame] | 173 | subscriber_id=subscriber.id, |
| 174 | ip=ip, |
| 175 | description="DHCP Assigned IP Address" |
| 176 | ) |
| 177 | ip.save() |
| 178 | |
Andy Bavier | 8ed30c9 | 2018-12-11 13:46:25 -0700 | [diff] [blame] | 179 | def delete_subscriber_ip(self, subscriber, ip): |
| 180 | try: |
Scott Baker | 71d2047 | 2019-02-01 12:05:35 -0800 | [diff] [blame] | 181 | ip = self.model_accessor.RCORDIpAddress.objects.filter( |
Andy Bavier | 8ed30c9 | 2018-12-11 13:46:25 -0700 | [diff] [blame] | 182 | subscriber_id=subscriber.id, |
| 183 | ip=ip |
| 184 | )[0] |
Scott Baker | c2a633d | 2019-04-01 19:27:41 -0700 | [diff] [blame] | 185 | self.logger.debug( |
| 186 | "MODEL_POLICY: delete RCORDIpAddress for subscriber", |
| 187 | onu_device=subscriber.onu_device, |
| 188 | subscriber_status=subscriber.status, |
| 189 | ip=ip) |
Andy Bavier | 8ed30c9 | 2018-12-11 13:46:25 -0700 | [diff] [blame] | 190 | ip.delete() |
Scott Baker | c2a633d | 2019-04-01 19:27:41 -0700 | [diff] [blame] | 191 | except BaseException: |
Andy Bavier | 8ed30c9 | 2018-12-11 13:46:25 -0700 | [diff] [blame] | 192 | self.logger.warning("MODEL_POLICY: no RCORDIpAddress object found, cannot delete", ip=ip) |
| 193 | |
Matteo Scandolo | ea52909 | 2018-09-11 16:36:39 -0700 | [diff] [blame] | 194 | def update_subscriber(self, subscriber, si): |
Matteo Scandolo | c6ac74a | 2018-09-14 08:14:51 -0700 | [diff] [blame] | 195 | cur_status = subscriber.status |
Andy Bavier | afaf176 | 2019-01-16 09:41:43 -0700 | [diff] [blame] | 196 | # Don't change state if someone has disabled the subscriber |
| 197 | if subscriber.status != "disabled": |
| 198 | if si.authentication_state in ["AWAITING", "REQUESTED", "STARTED"]: |
| 199 | subscriber.status = "awaiting-auth" |
| 200 | elif si.authentication_state == "APPROVED": |
| 201 | subscriber.status = "enabled" |
| 202 | elif si.authentication_state == "DENIED": |
| 203 | subscriber.status = "auth-failed" |
Matteo Scandolo | ad0c175 | 2018-08-09 15:47:16 -0700 | [diff] [blame] | 204 | |
Matteo Scandolo | de8cfa8 | 2018-10-16 13:49:05 -0700 | [diff] [blame] | 205 | # NOTE we save the subscriber only if: |
| 206 | # - the status has changed |
| 207 | # - we get a DHCPACK event |
| 208 | if cur_status != subscriber.status or si.dhcp_state == "DHCPACK": |
Scott Baker | c2a633d | 2019-04-01 19:27:41 -0700 | [diff] [blame] | 209 | self.logger.debug( |
| 210 | "MODEL_POLICY: updating subscriber", |
| 211 | onu_device=subscriber.onu_device, |
| 212 | authentication_state=si.authentication_state, |
| 213 | subscriber_status=subscriber.status) |
Andy Bavier | 8ed30c9 | 2018-12-11 13:46:25 -0700 | [diff] [blame] | 214 | if subscriber.status == "awaiting-auth": |
| 215 | self.delete_subscriber_ip(subscriber, si.ip_address) |
| 216 | subscriber.mac_address = "" |
| 217 | elif si.ip_address and si.mac_address: |
Matteo Scandolo | 74f6330 | 2018-11-01 14:05:01 -0700 | [diff] [blame] | 218 | self.update_subscriber_ip(subscriber, si.ip_address) |
Matteo Scandolo | de8cfa8 | 2018-10-16 13:49:05 -0700 | [diff] [blame] | 219 | subscriber.mac_address = si.mac_address |
Andy Bavier | 0d631eb | 2018-10-17 18:05:04 -0700 | [diff] [blame] | 220 | subscriber.save_changed_fields(always_update_timestamp=True) |
Matteo Scandolo | de8cfa8 | 2018-10-16 13:49:05 -0700 | [diff] [blame] | 221 | else: |
Matteo Scandolo | c6ac74a | 2018-09-14 08:14:51 -0700 | [diff] [blame] | 222 | self.logger.debug("MODEL_POLICY: subscriber status has not changed", onu_device=subscriber.onu_device, |
| 223 | authentication_state=si.authentication_state, subscriber_status=subscriber.status) |
Matteo Scandolo | ad0c175 | 2018-08-09 15:47:16 -0700 | [diff] [blame] | 224 | |
| 225 | def handle_delete(self, si): |
| 226 | pass |