3 from sfa.util.config import Config
4 from sfa.util.xrn import Xrn, get_authority, hrn_to_urn
6 from sfa.senslab.slabdriver import SlabDriver
8 from sfa.trust.certificate import Keypair, convert_public_key
9 from sfa.trust.gid import create_uuid
11 from sfa.storage.alchemy import dbsession
12 from sfa.storage.model import RegRecord, RegAuthority, RegSlice, RegNode, \
14 from sfa.util.sfalogging import logger
16 from sqlalchemy.exc import SQLAlchemyError
19 def _get_site_hrn(site):
25 def __init__ (self, auth_hierarchy, loc_logger):
26 self.auth_hierarchy = auth_hierarchy
27 self.logger = loc_logger
28 self.logger.setLevelDebug()
30 def hostname_to_hrn_escaped(self, root_auth, hostname):
31 return '.'.join( [root_auth, Xrn.escape(hostname)] )
35 def slicename_to_hrn(self, person_hrn):
36 return (person_hrn +'_slice')
38 def add_options (self, parser):
39 # we don't have any options for now
42 def find_record_by_type_hrn(self, record_type, hrn):
43 return self.records_by_type_hrn.get ( (record_type, hrn), None)
45 def locate_by_type_pointer (self, record_type, pointer):
46 print >>sys.stderr, " \r\n \r\n \t SLABPOSTGRES locate_by_type_pointer .........................."
47 ret = self.records_by_type_pointer.get ( (record_type, pointer), None)
48 print >>sys.stderr, " \r\n \r\n \t SLABPOSTGRES locate_by_type_pointer "
51 def update_just_added_records_dict (self, record):
52 rec_tuple = (record.type, record.hrn)
53 if rec_tuple in self.records_by_type_hrn:
54 self.logger.warning ("SlabImporter.update_just_added_records_dict: duplicate (%s,%s)"%rec_tuple)
56 self.records_by_type_hrn [ rec_tuple ] = record
58 def run (self, options):
61 slabdriver = SlabDriver(config)
63 #Create special slice table for senslab
65 if not slabdriver.db.exists('slab_xp'):
66 slabdriver.db.createtable()
67 self.logger.info ("SlabImporter.run: slab_xp table created ")
69 #retrieve all existing SFA objects
70 all_records = dbsession.query(RegRecord).all()
72 # initialize record.stale to True by default, then mark stale=False on the ones that are in use
73 for record in all_records:
75 #create hash by (type,hrn)
76 #used to know if a given record is already known to SFA
78 self.records_by_type_hrn = \
79 dict ( [ ( (record.type,record.hrn) , record ) for record in all_records ] )
80 print>>sys.stderr,"\r\n SLABIMPORT \t all_records[0] %s all_records[0].email %s \r\n" %(all_records[0].type, all_records[0])
81 self.users_rec_by_email = \
82 dict ( [ (record.email, record) for record in all_records if record.type == 'user' ] )
84 # create hash by (type,pointer)
85 self.records_by_type_pointer = \
86 dict ( [ ( (str(record.type),record.pointer) , record ) for record in all_records if record.pointer != -1] )
89 nodes_listdict = slabdriver.slab_api.GetNodes()
90 nodes_by_id = dict([(node['node_id'],node) for node in nodes_listdict])
91 sites_listdict = slabdriver.slab_api.GetSites()
93 ldap_person_listdict = slabdriver.slab_api.GetPersons()
94 print>>sys.stderr,"\r\n SLABIMPORT \t ldap_person_listdict %s \r\n" %(ldap_person_listdict)
95 slices_listdict = slabdriver.slab_api.GetSlices()
97 slices_by_userid = dict ( [ (one_slice['reg_researchers']['record_id'], one_slice ) for one_slice in slices_listdict ] )
99 self.logger.log_exc("SlabImporter: failed to create list of slices by user id.")
102 for site in sites_listdict:
103 site_hrn = _get_site_hrn(site)
104 site_record = self.find_record_by_type_hrn ('authority', site_hrn)
107 urn = hrn_to_urn(site_hrn, 'authority')
108 if not self.auth_hierarchy.auth_exists(urn):
109 self.auth_hierarchy.create_auth(urn)
110 auth_info = self.auth_hierarchy.get_auth_info(urn)
111 site_record = RegAuthority(hrn=site_hrn, gid=auth_info.get_gid_object(),
113 authority=get_authority(site_hrn))
114 site_record.just_created()
115 dbsession.add(site_record)
117 self.logger.info("SlabImporter: imported authority (site) : %s" % site_record)
118 self.update_just_added_records_dict(site_record)
119 except SQLAlchemyError:
120 # if the site import fails then there is no point in trying to import the
121 # site's child records (node, slices, persons), so skip them.
122 self.logger.log_exc("SlabImporter: failed to import site. Skipping child records")
125 # xxx update the record ...
127 site_record.stale = False
129 # import node records in site
130 for node_id in site['node_ids']:
132 node = nodes_by_id[node_id]
134 self.logger.warning ("SlabImporter: cannot find node_id %s - ignored"%node_id)
136 site_auth = get_authority(site_hrn)
137 site_name = site['name']
138 escaped_hrn = self.hostname_to_hrn_escaped(slabdriver.slab_api.root_auth, node['hostname'])
139 print>>sys.stderr, "\r\n \r\n SLABIMPORTER node %s " %(node)
143 # xxx this sounds suspicious
144 if len(hrn) > 64: hrn = hrn[:64]
145 node_record = self.find_record_by_type_hrn( 'node', hrn )
148 pkey = Keypair(create=True)
149 urn = hrn_to_urn(escaped_hrn, 'node')
150 node_gid = self.auth_hierarchy.create_gid(urn, create_uuid(), pkey)
151 def slab_get_authority(hrn):
152 return hrn.split(".")[0]
154 node_record = RegNode (hrn=hrn, gid=node_gid,
156 authority=slab_get_authority(hrn))
157 node_record.just_created()
158 dbsession.add(node_record)
160 #self.logger.info("SlabImporter: imported node: %s" % node_record)
161 self.update_just_added_records_dict(node_record)
163 self.logger.log_exc("SlabImporter: failed to import node")
165 # xxx update the record ...
167 node_record.stale=False
171 for person in ldap_person_listdict :
174 print>>sys.stderr,"SlabImporter: person: %s" %(person)
175 if 'ssh-rsa' not in person['pkey']:
176 #people with invalid ssh key (ssh-dss, empty, bullshit keys...)
179 person_hrn = person['hrn']
180 slice_hrn = self.slicename_to_hrn(person['hrn'])
182 # xxx suspicious again
183 if len(person_hrn) > 64: person_hrn = person_hrn[:64]
184 person_urn = hrn_to_urn(person_hrn, 'user')
187 print>>sys.stderr," \r\n SlabImporter: HEYYYYYYYYYY" , self.users_rec_by_email
189 #Check if user using person['email'] form LDAP is already registered
190 #in SFA. One email = one person. Inb this case, do not create another
191 #record for this person
192 #person_hrn returned by GetPErson based on senslab root auth + uid ldap
193 user_record = self.find_record_by_type_hrn('user', person_hrn)
194 if not user_record and person['email'] in self.users_rec_by_email:
195 user_record = self.users_rec_by_email[person['email']]
196 person_hrn = user_record.hrn
197 person_urn = hrn_to_urn(person_hrn, 'user')
200 slice_record = self.find_record_by_type_hrn ('slice', slice_hrn)
202 # return a tuple pubkey (a plc key object) and pkey (a Keypair object)
203 def init_person_key (person, slab_key):
206 # randomly pick first key in set
210 pkey = convert_public_key(pubkey)
212 #key not good. create another pkey
213 self.logger.warn('SlabImporter: \
214 unable to convert public \
215 key for %s' % person_hrn)
216 pkey = Keypair(create=True)
219 # the user has no keys. Creating a random keypair for the user's gid
220 self.logger.warn("SlabImporter: person %s does not have a public key"%person_hrn)
221 pkey = Keypair(create=True)
222 return (pubkey, pkey)
226 slab_key = person['pkey']
229 (pubkey,pkey) = init_person_key (person, slab_key )
230 if pubkey is not None and pkey is not None :
231 person_gid = self.auth_hierarchy.create_gid(person_urn, create_uuid(), pkey)
233 print>>sys.stderr, "\r\n \r\n SLAB IMPORTER PERSON EMAIL OK email %s " %(person['email'])
234 person_gid.set_email(person['email'])
235 user_record = RegUser (hrn=person_hrn, gid=person_gid,
237 authority=get_authority(person_hrn),
238 email=person['email'])
240 user_record = RegUser (hrn=person_hrn, gid=person_gid,
242 authority=get_authority(person_hrn))
245 user_record.reg_keys = [RegKey (pubkey)]
247 self.logger.warning("No key found for user %s"%user_record)
248 user_record.just_created()
249 dbsession.add (user_record)
251 self.logger.info("SlabImporter: imported person: %s" % user_record)
252 self.update_just_added_records_dict( user_record )
254 # update the record ?
255 # if user's primary key has changed then we need to update the
256 # users gid by forcing an update here
257 sfa_keys = user_record.reg_keys
260 if slab_key is not sfa_keys :
263 print>>sys.stderr,"SlabImporter: \t \t USER UPDATE person: %s" %(person['hrn'])
264 (pubkey,pkey) = init_person_key (person, slab_key)
265 person_gid = self.auth_hierarchy.create_gid(person_urn, create_uuid(), pkey)
267 user_record.reg_keys=[]
269 user_record.reg_keys=[ RegKey (pubkey)]
270 self.logger.info("SlabImporter: updated person: %s" % user_record)
273 user_record.email = person['email']
277 user_record.stale = False
279 self.logger.log_exc("SlabImporter: failed to import person %s"%(person) )
282 single_slice = slices_by_userid[user_record.record_id]
284 self.logger.warning ("SlabImporter: cannot locate slices_by_userid[user_record.record_id] %s - ignored"%user_record)
286 if not slice_record :
288 pkey = Keypair(create=True)
289 urn = hrn_to_urn(slice_hrn, 'slice')
290 slice_gid = self.auth_hierarchy.create_gid(urn, create_uuid(), pkey)
291 slice_record = RegSlice (hrn=slice_hrn, gid=slice_gid,
293 authority=get_authority(slice_hrn))
295 slice_record.just_created()
296 dbsession.add(slice_record)
299 #Serial id created after commit
301 sl_rec = dbsession.query(RegSlice).filter(RegSlice.hrn.match(slice_hrn)).all()
303 #slab_slice = SenslabXP( slice_hrn = slice_hrn, record_id_slice=sl_rec[0].record_id, record_id_user= user_record.record_id)
304 #print>>sys.stderr, "\r\n \r\n SLAB IMPORTER SLICE IMPORT NOTslice_record %s \r\n slab_slice %s" %(sl_rec,slab_slice)
305 #slab_dbsession.add(slab_slice)
306 #slab_dbsession.commit()
307 #self.logger.info("SlabImporter: imported slice: %s" % slice_record)
308 self.update_just_added_records_dict ( slice_record )
311 self.logger.log_exc("SlabImporter: failed to import slice")
313 #No slice update upon import in senslab
315 # xxx update the record ...
316 self.logger.warning ("Slice update not yet implemented")
318 # record current users affiliated with the slice
321 slice_record.reg_researchers = [user_record]
323 slice_record.stale=False
327 ### remove stale records
328 # special records must be preserved
329 system_hrns = [slabdriver.hrn, slabdriver.slab_api.root_auth, \
330 slabdriver.hrn+ '.slicemanager']
331 for record in all_records:
332 if record.hrn in system_hrns:
334 if record.peer_authority:
338 for record in all_records:
339 if record.type == 'user':
340 print>>sys.stderr,"SlabImporter: stale records: hrn %s %s" \
341 %(record.hrn,record.stale)
346 self.logger.warning("stale not found with %s"%record)
348 self.logger.info("SlabImporter: deleting stale record: %s" % record)
349 #if record.type == 'user':
350 #rec = slab_dbsession.query(SenslabXP).filter_by(record_id_user = record.record_id).first()
351 #slab_dbsession.delete(rec)
352 #slab_dbsession.commit()
353 dbsession.delete(record)