4 from geni.trust.certificate import Keypair, convert_public_key
5 from geni.trust.gid import *
7 from geni.util.faults import *
8 from geni.util.misc import *
9 from geni.util.method import Method
10 from geni.util.parameter import Parameter, Mixed
11 from geni.util.auth import Auth
12 from geni.util.record import GeniRecord
13 from geni.util.debug import log
15 class register(Method):
17 Register an object with the registry. In addition to being stored in the
18 Geni database, the appropriate records will also be created in the
21 @param cred credential string
22 @param record_dict dictionary containing record fields
24 @return gid string representation
27 interfaces = ['registry']
30 Parameter(str, "Credential string"),
31 Parameter(dict, "Record dictionary containing record fields")
34 returns = Parameter(int, "String representation of gid object")
36 def call(self, cred, record_dict):
37 self.api.auth.check(cred, "register")
38 record = GeniRecord(dict = record_dict)
39 type = record.get_type()
40 name = record.get_name()
41 self.api.auth.verify_object_permission(name)
42 auth_name = self.api.auth.get_authority(name)
43 auth_info = self.api.auth.get_auth_info(auth_name)
44 table = self.api.auth.get_auth_table(auth_name)
46 # make sure record has a gid
47 if 'gid' not in record:
49 pkey = Keypair(create=True)
50 if 'keys' in record and record['keys']:
51 pkey = convert_public_key(record['keys'][0])
53 gid_object = self.api.auth.hierarchy.create_gid(name, uuid, pkey)
54 gid = gid_object.save_to_string(save_parents=True)
58 # check if record already exists
59 existing_records = table.resolve(type, name)
61 raise ExistingRecord(name)
63 if (type == "sa") or (type=="ma"):
65 if not self.api.auth.hierarchy.auth_exists(name):
66 self.api.auth.hierarchy.create_auth(name)
68 # authorities are special since they are managed by the registry
69 # rather than by the caller. We create our own GID for the
70 # authority rather than relying on the caller to supply one.
72 # get the GID from the newly created authority
73 child_auth_info = self.api.auth.get_auth_info(name)
74 gid = auth_info.get_gid_object()
75 record.set_gid(gid.save_to_string(save_parents=True))
77 # if registering a sa, see if a ma already exists
78 # if registering a ma, see if a sa already exists
80 other_rec = table.resolve("ma", record.get_name())
82 other_rec = table.resolve("sa", record.get_name())
85 print >> log, "linking ma and sa to the same plc site"
86 pointer = other_rec[0].get_pointer()
88 pl_record = self.api.geni_fields_to_pl_fields(type, name, record)
89 print >> log, "adding site with fields", pl_record
90 pointer = self.api.plshell.AddSite(self.api.plauth, pl_record)
92 record.set_pointer(pointer)
94 elif (type == "slice"):
95 pl_record = self.api.geni_fields_to_pl_fields(type, name, record)
96 pointer = self.api.plshell.AddSlice(self.api.plauth, pl_record)
97 record.set_pointer(pointer)
99 elif (type == "user"):
100 pointer = self.api.plshell.AddPerson(self.api.plauth, dict(record))
101 if 'enabled' in record and record['enabled']:
102 self.api.plshell.UpdatePerson(self.api.plauth, pointer, {'enabled': record['enabled']})
103 login_base = get_leaf(auth_info.hrn)
104 self.api.plshell.AddPersonToSite(self.api.plauth, pointer, login_base)
105 # What roles should this user have?
106 self.api.plshell.AddRoleToPerson(self.api.plauth, 'user', pointer)
107 record.set_pointer(pointer)
111 self.api.plshell.AddPersonKey(self.api.plauth, pointer, {'key_type' : 'ssh', 'key' : record['keys'][0]})
113 elif (type == "node"):
114 pl_record = self.api.geni_fields_to_pl_fields(type, name, record)
115 login_base = hrn_to_pl_login_base(auth_name)
116 pointer = self.api.plshell.AddNode(self.api.plauth, login_base, pl_record)
117 record.set_pointer(pointer)
120 raise UnknownGeniType(type)
124 # update membership for researchers, pis, owners, operators
125 self.api.update_membership(None, record)
127 return record.get_gid_object().save_to_string(save_parents=True)