4 from sfa.trust.certificate import Keypair, convert_public_key
5 from sfa.trust.gid import *
7 from sfa.util.faults import *
8 from sfa.util.misc import *
9 from sfa.util.method import Method
10 from sfa.util.parameter import Parameter, Mixed
11 from sfa.util.record import GeniRecord
12 from sfa.util.genitable import GeniTable
13 from sfa.util.debug import log
14 from sfa.trust.auth import Auth
15 from sfa.trust.gid import create_uuid
16 from sfa.trust.credential import Credential
18 class register(Method):
20 Register an object with the registry. In addition to being stored in the
21 Geni database, the appropriate records will also be created in the
24 @param cred credential string
25 @param record_dict dictionary containing record fields
27 @return gid string representation
30 interfaces = ['registry']
33 Parameter(str, "Credential string"),
34 Parameter(dict, "Record dictionary containing record fields")
37 returns = Parameter(int, "String representation of gid object")
39 def call(self, cred, record_dict, caller_cred=None):
40 self.api.auth.check(cred, "register")
45 self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, Credential(string=caller_cred).get_gid_caller().get_hrn(), None, self.name))
46 record = GeniRecord(dict = record_dict)
50 auth_name = get_authority(hrn)
51 self.api.auth.verify_object_permission(hrn)
52 auth_info = self.api.auth.get_auth_info(auth_name)
54 # make sure record has a gid
55 if 'gid' not in record:
57 pkey = Keypair(create=True)
58 if 'key' in record and record['key']:
59 if isinstance(record['key'], list):
60 pub_key = record['key'][0]
62 pub_key = record['key']
63 pkey = convert_public_key(pub_key)
65 gid_object = self.api.auth.hierarchy.create_gid(hrn, uuid, pkey)
66 gid = gid_object.save_to_string(save_parents=True)
70 # check if record already exists
71 existing_records = table.find({'type': type, 'hrn': hrn})
73 raise ExistingRecord(hrn)
75 # We will update the pointer later
76 record['pointer'] = -1
77 record.set_pointer(-1)
78 record_id = table.insert(record)
79 record['record_id'] = record_id
81 if type in ["authority"]:
83 if not self.api.auth.hierarchy.auth_exists(hrn):
84 self.api.auth.hierarchy.create_auth(hrn)
86 # authorities are special since they are managed by the registry
87 # rather than by the caller. We create our own GID for the
88 # authority rather than relying on the caller to supply one.
90 # get the GID from the newly created authority
91 gid = auth_info.get_gid_object()
92 record.set_gid(gid.save_to_string(save_parents=True))
94 pl_record = self.api.geni_fields_to_pl_fields(type, hrn, record)
95 sites = self.api.plshell.GetSites(self.api.plauth, [pl_record['login_base']])
97 pointer = self.api.plshell.AddSite(self.api.plauth, pl_record)
99 pointer = sites[0]['site_id']
101 record.set_pointer(pointer)
103 elif (type == "slice"):
104 pl_record = self.api.geni_fields_to_pl_fields(type, hrn, record)
105 slices = self.api.plshell.GetSlices(self.api.plauth, [pl_record['name']])
107 pointer = self.api.plshell.AddSlice(self.api.plauth, pl_record)
109 pointer = slices[0]['slice_id']
110 record.set_pointer(pointer)
112 elif (type == "user"):
113 persons = self.api.plshell.GetPersons(self.api.plauth, [record['email']])
115 pointer = self.api.plshell.AddPerson(self.api.plauth, dict(record))
117 pointer = persons[0]['person_id']
119 if 'enabled' in record and record['enabled']:
120 self.api.plshell.UpdatePerson(self.api.plauth, pointer, {'enabled': record['enabled']})
121 # add this persons to the site only if he is being added for the first
122 # time by sfa and doesont already exist in plc
123 if not persons or not persons[0]['site_ids']:
124 login_base = get_leaf(auth_name)
125 self.api.plshell.AddPersonToSite(self.api.plauth, pointer, login_base)
127 # What roles should this user have?
128 self.api.plshell.AddRoleToPerson(self.api.plauth, 'user', pointer)
129 record.set_pointer(pointer)
132 self.api.plshell.AddPersonKey(self.api.plauth, pointer, {'key_type' : 'ssh', 'key' : pub_key})
134 elif (type == "node"):
135 pl_record = self.api.geni_fields_to_pl_fields(type, hrn, record)
136 login_base = hrn_to_pl_login_base(auth_name)
137 nodes = self.api.plshell.GetNodes(self.api.plauth, [pl_record['hostname']])
139 pointer = self.api.plshell.AddNode(self.api.plauth, login_base, pl_record)
141 pointer = nodes[0]['node_id']
142 record.set_pointer(pointer)
145 raise UnknownGeniType(type)
149 # update membership for researchers, pis, owners, operators
150 self.api.update_membership(None, record)
152 return record.get_gid_object().save_to_string(save_parents=True)