4 from sfa.trust.certificate import Keypair, convert_public_key
5 from sfa.trust.gid import *
7 from sfa.util.faults import *
8 from sfa.util.misc import *
9 from sfa.util.method import Method
10 from sfa.util.parameter import Parameter, Mixed
11 from sfa.util.record import GeniRecord
12 from sfa.util.debug import log
14 from sfa.trust.auth import Auth
15 from sfa.trust.gid import create_uuid
17 class register(Method):
19 Register an object with the registry. In addition to being stored in the
20 Geni database, the appropriate records will also be created in the
23 @param cred credential string
24 @param record_dict dictionary containing record fields
26 @return gid string representation
29 interfaces = ['registry']
32 Parameter(str, "Credential string"),
33 Parameter(dict, "Record dictionary containing record fields")
36 returns = Parameter(int, "String representation of gid object")
38 def call(self, cred, record_dict):
39 self.api.auth.check(cred, "register")
40 record = GeniRecord(dict = record_dict)
41 type = record.get_type()
42 name = record.get_name()
43 self.api.auth.verify_object_permission(name)
44 auth_name = self.api.auth.get_authority(name)
45 auth_info = self.api.auth.get_auth_info(auth_name)
46 table = self.api.auth.get_auth_table(auth_name)
48 # make sure record has a gid
49 if 'gid' not in record:
51 pkey = Keypair(create=True)
52 if 'keys' in record and record['key']:
53 pkey = convert_public_key(record['key'])
55 gid_object = self.api.auth.hierarchy.create_gid(name, uuid, pkey)
56 gid = gid_object.save_to_string(save_parents=True)
60 # check if record already exists
61 existing_records = table.resolve(type, name)
63 raise ExistingRecord(name)
65 if (type == "sa") or (type=="ma"):
67 if not self.api.auth.hierarchy.auth_exists(name):
68 self.api.auth.hierarchy.create_auth(name)
70 # authorities are special since they are managed by the registry
71 # rather than by the caller. We create our own GID for the
72 # authority rather than relying on the caller to supply one.
74 # get the GID from the newly created authority
75 child_auth_info = self.api.auth.get_auth_info(name)
76 gid = auth_info.get_gid_object()
77 record.set_gid(gid.save_to_string(save_parents=True))
79 # if registering a sa, see if a ma already exists
80 # if registering a ma, see if a sa already exists
82 other_rec = table.resolve("ma", record.get_name())
84 other_rec = table.resolve("sa", record.get_name())
87 print >> log, "linking ma and sa to the same plc site"
88 pointer = other_rec[0].get_pointer()
90 pl_record = self.api.geni_fields_to_pl_fields(type, name, record)
91 print >> log, "adding site with fields", pl_record
92 pointer = self.api.plshell.AddSite(self.api.plauth, pl_record)
94 record.set_pointer(pointer)
96 elif (type == "slice"):
97 pl_record = self.api.geni_fields_to_pl_fields(type, name, record)
98 pointer = self.api.plshell.AddSlice(self.api.plauth, pl_record)
99 record.set_pointer(pointer)
101 elif (type == "user"):
102 pointer = self.api.plshell.AddPerson(self.api.plauth, dict(record))
103 if 'enabled' in record and record['enabled']:
104 self.api.plshell.UpdatePerson(self.api.plauth, pointer, {'enabled': record['enabled']})
105 login_base = get_leaf(auth_info.hrn)
106 self.api.plshell.AddPersonToSite(self.api.plauth, pointer, login_base)
107 # What roles should this user have?
108 self.api.plshell.AddRoleToPerson(self.api.plauth, 'user', pointer)
109 record.set_pointer(pointer)
113 self.api.plshell.AddPersonKey(self.api.plauth, pointer, {'key_type' : 'ssh', 'key' : record['keys'][0]})
115 elif (type == "node"):
116 pl_record = self.api.geni_fields_to_pl_fields(type, name, record)
117 login_base = hrn_to_pl_login_base(auth_name)
118 pointer = self.api.plshell.AddNode(self.api.plauth, login_base, pl_record)
119 record.set_pointer(pointer)
122 raise UnknownGeniType(type)
126 # update membership for researchers, pis, owners, operators
127 self.api.update_membership(None, record)
129 return record.get_gid_object().save_to_string(save_parents=True)