4 from sfa.trust.certificate import Keypair, convert_public_key
5 from sfa.trust.gid import *
7 from sfa.util.faults import *
8 from sfa.util.misc import *
9 from sfa.util.method import Method
10 from sfa.util.parameter import Parameter, Mixed
11 from sfa.util.record import GeniRecord
12 from sfa.util.genitable import GeniTable
13 from sfa.util.debug import log
14 from sfa.trust.auth import Auth
15 from sfa.trust.gid import create_uuid
17 class register(Method):
19 Register an object with the registry. In addition to being stored in the
20 Geni database, the appropriate records will also be created in the
23 @param cred credential string
24 @param record_dict dictionary containing record fields
26 @return gid string representation
29 interfaces = ['registry']
32 Parameter(str, "Credential string"),
33 Parameter(dict, "Record dictionary containing record fields")
36 returns = Parameter(int, "String representation of gid object")
38 def call(self, cred, record_dict):
39 self.api.auth.check(cred, "register")
40 record = GeniRecord(dict = record_dict)
44 auth_name = get_authority(hrn)
45 self.api.auth.verify_object_permission(hrn)
46 auth_info = self.api.auth.get_auth_info(auth_name)
48 # make sure record has a gid
49 if 'gid' not in record:
51 pkey = Keypair(create=True)
52 if 'key' in record and record['key']:
53 if isinstance(record['key'], list):
54 pub_key = record['key'][0]
56 pub_key = record['key']
57 pkey = convert_public_key(pub_key)
59 gid_object = self.api.auth.hierarchy.create_gid(hrn, uuid, pkey)
60 gid = gid_object.save_to_string(save_parents=True)
64 # check if record already exists
65 existing_records = table.find({'type': type, 'hrn': hrn})
67 raise ExistingRecord(hrn)
69 if type in ["authority"]:
71 if not self.api.auth.hierarchy.auth_exists(hrn):
72 self.api.auth.hierarchy.create_auth(hrn)
74 # authorities are special since they are managed by the registry
75 # rather than by the caller. We create our own GID for the
76 # authority rather than relying on the caller to supply one.
78 # get the GID from the newly created authority
79 gid = auth_info.get_gid_object()
80 record.set_gid(gid.save_to_string(save_parents=True))
82 pl_record = self.api.geni_fields_to_pl_fields(type, hrn, record)
83 sites = self.api.plshell.GetSites(self.api.plauth, [pl_record['login_base']])
85 pointer = self.api.plshell.AddSite(self.api.plauth, pl_record)
87 pointer = sites[0]['site_id']
89 record.set_pointer(pointer)
91 elif (type == "slice"):
92 pl_record = self.api.geni_fields_to_pl_fields(type, hrn, record)
93 slices = self.api.plshell.GetSlices(self.api.plauth, [pl_record['name']])
95 pointer = self.api.plshell.AddSlice(self.api.plauth, pl_record)
97 pointer = slices[0]['slice_id']
98 record.set_pointer(pointer)
100 elif (type == "user"):
101 persons = self.api.plshell.GetPersons(self.api.plauth, [record['email']])
103 pointer = self.api.plshell.AddPerson(self.api.plauth, dict(record))
105 pointer = persons[0]['person_id']
107 if 'enabled' in record and record['enabled']:
108 self.api.plshell.UpdatePerson(self.api.plauth, pointer, {'enabled': record['enabled']})
109 login_base = get_leaf(auth_name)
110 self.api.plshell.AddPersonToSite(self.api.plauth, pointer, login_base)
111 # What roles should this user have?
112 self.api.plshell.AddRoleToPerson(self.api.plauth, 'user', pointer)
113 record.set_pointer(pointer)
117 self.api.plshell.AddPersonKey(self.api.plauth, pointer, {'key_type' : 'ssh', 'key' : pub_key})
119 elif (type == "node"):
120 pl_record = self.api.geni_fields_to_pl_fields(type, hrn, record)
121 login_base = hrn_to_pl_login_base(auth_name)
122 nodes = self.api.plshell.GetNodes(self.api.plauth, [pl_record['hostname']])
124 pointer = self.api.plshell.AddNode(self.api.plauth, login_base, pl_record)
126 pointer = nodes[0]['node_id']
127 record.set_pointer(pointer)
130 raise UnknownGeniType(type)
132 # SFA upcalls may exist in PLCAPI and they could have already added the
133 # record for us. Lets check if the record already exists
134 existing_records = table.find({'type': type, 'hrn': hrn})
135 if not existing_records:
138 # update membership for researchers, pis, owners, operators
139 self.api.update_membership(None, record)
141 return record.get_gid_object().save_to_string(save_parents=True)