4 from sfa.util.faults import *
5 from sfa.util.method import Method
6 from sfa.util.parameter import Parameter, Mixed
7 from sfa.trust.auth import Auth
8 from sfa.util.config import Config
9 from sfa.trust.credential import Credential
10 from sfa.util.genitable import GeniTable
11 from sfa.util.sfaticket import SfaTicket
12 from sfa.plc.slices import Slices
13 from sfatables.runtime import SFATablesRules
14 from sfa.util.rspec import *
16 class get_ticket(Method):
18 Retrieve a ticket. This operation is currently implemented on PLC
19 only (see SFA, engineering decisions); it is not implemented on
22 The ticket is filled in with information from the PLC database. This
23 information includes resources, and attributes such as user keys and
26 @param cred credential string
27 @param name name of the slice to retrieve a ticket for
28 @param rspec resource specification dictionary
30 @return the string representation of a ticket object
33 interfaces = ['aggregate', 'slicemgr']
36 Parameter(str, "Credential string"),
37 Parameter(str, "Human readable name of slice to retrive a ticket for (hrn)"),
38 Parameter(str, "Resource specification (rspec)"),
39 Mixed(Parameter(str, "Request hash"),
40 Parameter(None, "Request hash not specified"))
43 returns = Parameter(str, "String represeneation of a ticket object")
45 def call(self, cred, hrn, rspec, request_hash=None, origin_hrn=None):
46 self.api.auth.authenticateCred(cred, [cred, hrn, rspec], request_hash)
47 self.api.auth.check(cred, "getticket")
48 self.api.auth.verify_object_belongs_to_me(hrn)
49 self.api.auth.verify_object_permission(hrn)
52 origin_hrn=Credential(string=cred).get_gid_caller().get_hrn()
55 self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, hrn, self.name))
57 # set the right outgoing rules
58 manager_base = 'sfa.managers'
59 if self.api.interface in ['aggregate']:
60 outgoing_rules = SFATablesRules('OUTGOING')
61 mgr_type = self.api.config.SFA_AGGREGATE_TYPE
62 manager_module = manager_base + ".aggregate_manager_%s" % mgr_type
63 manager = __import__(manager_module, fromlist=[manager_base])
64 elif self.api.interface in ['slicemgr']:
65 outgoing_rules = SFATablesRules('FORWARD-OUTGOING')
66 mgr_type = self.api.config.SFA_SM_TYPE
67 manager_module = manager_base + ".slice_manager_%s" % mgr_type
68 manager = __import__(manager_module, fromlist=[manager_base])
70 # Filter the incoming rspec using sfatables
71 incoming_rules = SFATablesRules('INCOMING')
72 #incoming_rules.set_slice(hrn) # This is a temporary kludge. Eventually, we'd like to fetch the context requested by the match/target
73 contexts = incoming_rules.contexts
74 caller_hrn = Credential(string=cred).get_gid_caller().get_hrn()
75 request_context = manager.fetch_context(hrn, caller_hrn, contexts)
76 incoming_rules.set_context(request_context)
77 rspec = incoming_rules.apply(rspec)
78 # remove nodes that are not available at this interface from the rspec
79 valid_rspec = RSpec(xml=manager.get_rspec(self.api, None, origin_hrn))
80 valid_nodes = valid_rspec.getDictsByTagName('NodeSpec')
81 valid_hostnames = [node['name'] for node in valid_nodes]
82 rspec_object = RSpec(xml=rspec)
83 rspec_object.filter(tagname='NodeSpec', attribute='name', whitelist=valid_hostnames)
84 rspec = rspec_object.toxml()
85 ticket = manager.get_ticket(self.api, hrn, rspec, origin_hrn)