sfa/importer/__init__.py

   1 #!/usr/bin/python
   2
   3 import sys
   4
   5 from sfa.util.xrn import get_authority, hrn_to_urn
   6 from sfa.generic import Generic
   7 from sfa.util.config import Config
   8 from sfa.util.sfalogging import _SfaLogger
   9 from sfa.trust.hierarchy import Hierarchy
  10 #from sfa.trust.trustedroots import TrustedRoots
  11 from sfa.trust.gid import create_uuid
  12 from sfa.storage.alchemy import dbsession
  13 from sfa.storage.model import RegRecord, RegAuthority, RegUser
  14 from sfa.trust.certificate import convert_public_key, Keypair
  15
  16
  17 class Importer:
  18
  19     def __init__(self,auth_hierarchy=None,logger=None):
  20         self.config = Config()
  21         if auth_hierarchy is not None:
  22             self.auth_hierarchy=auth_hierarchy
  23         else:
  24             self.auth_hierarchy = Hierarchy ()
  25         if logger is not None:
  26             self.logger=logger
  27         else:
  28             self.logger = _SfaLogger(logfile='/var/log/sfa_import.log', loggername='importlog')
  29             self.logger.setLevelFromOptVerbose(self.config.SFA_API_LOGLEVEL)
  30 # ugly side effect so that other modules get it right
  31         import sfa.util.sfalogging
  32         sfa.util.sfalogging.logger=logger
  33 #        self.TrustedRoots = TrustedRoots(self.config.get_trustedroots_dir())
  34
  35     # check before creating a RegRecord entry as we run this over and over
  36     def record_exists (self, type, hrn):
  37        return dbsession.query(RegRecord).filter_by(hrn=hrn,type=type).count()!=0
  38
  39     def create_top_level_auth_records(self, hrn):
  40         """
  41         Create top level db records (includes root and sub authorities (local/remote)
  42         """
  43         # make sure parent exists
  44         parent_hrn = get_authority(hrn)
  45         if not parent_hrn:
  46             parent_hrn = hrn
  47         if not parent_hrn == hrn:
  48             self.create_top_level_auth_records(parent_hrn)
  49
  50         # ensure key and cert exists:
  51         self.auth_hierarchy.create_top_level_auth(hrn)
  52         # create the db record if it doesnt already exist
  53         if not self.record_exists ('authority',hrn):
  54             auth_info = self.auth_hierarchy.get_auth_info(hrn)
  55             auth_record = RegAuthority(hrn=hrn, gid=auth_info.get_gid_object(),
  56                                        authority=get_authority(hrn))
  57             auth_record.just_created()
  58             dbsession.add (auth_record)
  59             dbsession.commit()
  60             self.logger.info("SfaImporter: imported authority (parent) %s " % auth_record)
  61
  62
  63     def create_sm_client_record(self):
  64         """
  65         Create a user record for the Slicemanager service.
  66         """
  67         hrn = self.interface_hrn + '.slicemanager'
  68         urn = hrn_to_urn(hrn, 'user')
  69         if not self.auth_hierarchy.auth_exists(urn):
  70             self.logger.info("SfaImporter: creating Slice Manager user")
  71             self.auth_hierarchy.create_auth(urn)
  72
  73         if self.record_exists ('user',hrn): return
  74         auth_info = self.auth_hierarchy.get_auth_info(hrn)
  75         user_record = RegUser(hrn=hrn, gid=auth_info.get_gid_object(),
  76                               authority=get_authority(hrn))
  77         user_record.just_created()
  78         dbsession.add (user_record)
  79         dbsession.commit()
  80         self.logger.info("SfaImporter: importing user (slicemanager) %s " % user_record)
  81
  82
  83     def create_interface_records(self):
  84         """
  85         Create a record for each SFA interface
  86         """
  87         # just create certs for all sfa interfaces even if they
  88         # aren't enabled
  89         auth_info = self.auth_hierarchy.get_auth_info(self.config.SFA_INTERFACE_HRN)
  90         pkey = auth_info.get_pkey_object()
  91         hrn=self.config.SFA_INTERFACE_HRN
  92         for type in  [ 'authority+sa', 'authority+am', 'authority+sm', ]:
  93             urn = hrn_to_urn(hrn, type)
  94             gid = self.auth_hierarchy.create_gid(urn, create_uuid(), pkey)
  95             # for now we have to preserve the authority+<> stuff
  96             if self.record_exists (type,hrn): continue
  97             interface_record = RegAuthority(type=type, hrn=hrn, gid=gid,
  98                                             authority=get_authority(hrn))
  99             interface_record.just_created()
 100             dbsession.add (interface_record)
 101             dbsession.commit()
 102             self.logger.info("SfaImporter: imported authority (%s) %s " % (type,interface_record))
 103
 104     def run(self, options=None):
 105         if not self.config.SFA_REGISTRY_ENABLED:
 106             self.logger.critical("Importer: need SFA_REGISTRY_ENABLED to run import")
 107
 108         # testbed-neutral : create local certificates and the like
 109         auth_hierarchy = Hierarchy ()
 110         self.create_top_level_auth_records(self.config.SFA_INTERFACE_HRN)
 111         self.create_interface_records()
 112
 113         # testbed-specific
 114         testbed_importer = None
 115         generic=Generic.the_flavour()
 116         importer_class = generic.importer_class()
 117         if importer_class:
 118             self.logger.info ("Using flavour %s for importing (class %s)"%\
 119                          (generic.flavour,importer_class.__name__))
 120             testbed_importer = importer_class (auth_hierarchy, self.logger)
 121             if testbed_importer:
 122                 testbed_importer.add_options(options)
 123                 testbed_importer.run (options)