3 from sfa.util.faults import InsufficientRights
4 from sfa.util.xrn import urn_to_hrn
5 from sfa.util.method import Method
6 from sfa.util.sfatime import utcparse, add_datetime
8 from sfa.trust.credential import Credential
10 from sfa.storage.parameter import Parameter
14 Renews the resources in the specified slice or slivers by
15 extending the lifetime.
17 @param urns ([string]) List of URNs of to renew
18 @param credentials ([string]) of credentials
19 @param expiration_time (string) requested time of expiration
20 @param options (dict) options
22 interfaces = ['aggregate', 'slicemgr']
24 Parameter(type([str]), "Slice URN"),
25 Parameter(type([str]), "List of credentials"),
26 Parameter(str, "Expiration time in RFC 3339 format"),
27 Parameter(dict, "Options"),
29 returns = Parameter(bool, "Success or Failure")
31 def call(self, urns, creds, expiration_time, options):
34 # Find the valid credentials
35 valid_creds = self.api.auth.checkCredentialsSpeaksFor(creds, 'renewsliver', urns,
36 check_sliver_callback = self.api.driver.check_sliver_credentials,
38 the_credential = Credential(cred=valid_creds[0])
39 actual_caller_hrn = the_credential.actual_caller_hrn()
40 self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-urns: %s\texpiration:%s\tmethod-name: %s"%\
41 (self.api.interface, actual_caller_hrn, urns, expiration_time,self.name))
44 # extend as long as possible : take the min of requested and now+SFA_MAX_SLICE_RENEW
45 if options.get('geni_extend_alap'):
46 # ignore requested time and set to max
47 expiration_time = add_datetime(datetime.datetime.utcnow(), days=int(self.api.config.SFA_MAX_SLICE_RENEW))
49 # Validate that the time does not go beyond the credential's expiration time
50 requested_expire = utcparse(expiration_time)
51 self.api.logger.info("requested_expire = %s"%requested_expire)
52 credential_expire = the_credential.get_expiration()
53 self.api.logger.info("credential_expire = %s"%credential_expire)
54 max_renew_days = int(self.api.config.SFA_MAX_SLICE_RENEW)
55 max_expire = datetime.datetime.utcnow() + datetime.timedelta (days=max_renew_days)
56 if requested_expire > credential_expire:
57 # used to throw an InsufficientRights exception here, this was not right
58 self.api.logger.warning("Requested expiration %s, after credential expiration (%s) -> trimming to the latter/sooner"%\
59 (requested_expire, credential_expire))
60 requested_expire = credential_expire
61 if requested_expire > max_expire:
63 self.api.logger.warning("Requested expiration %s, after maximal expiration %s days (%s) -> trimming to the latter/sooner"%\
64 (requested_expire, self.api.config.SFA_MAX_SLICE_RENEW,max_expire))
65 requested_expire = max_expire
67 return self.api.manager.Renew(self.api, urns, creds, requested_expire, options)