4 from sfa.util.faults import *
5 from sfa.util.method import Method
6 from sfa.util.parameter import Parameter, Mixed
7 from sfa.trust.auth import Auth
8 from sfa.util.record import GeniRecord
9 from sfa.util.genitable import GeniTable
10 from sfa.util.debug import log
11 from sfa.trust.credential import Credential
12 from sfa.server.registry import Registries
16 Remove an object from the registry. If the object represents a PLC object,
17 then the PLC records will also be removed.
19 @param cred credential string
20 @param type record type
21 @param hrn human readable name of record to remove
23 @return 1 if successful, faults otherwise
26 interfaces = ['registry']
29 Parameter(str, "Credential string"),
30 Parameter(str, "Record type"),
31 Parameter(str, "Human readable name (hrn) of record to be removed"),
32 Mixed(Parameter(str, "Request hash"),
33 Parameter(None, "Request hash not specified"))
36 returns = Parameter(int, "1 if successful")
38 def call(self, cred, type, hrn, request_hash=None):
39 user_cred = Credential(string=cred)
42 gid_origin_caller = user_cred.get_gid_origin_caller()
43 origin_hrn = gid_origin_caller.get_hrn()
44 self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, hrn, self.name))
46 # This cred will be an authority cred, not a user, so we cant use it to
47 # authenticate the caller's request_hash. Let just get the caller's gid
48 # from the cred and authenticate using that
49 client_gid = Credential(string=cred).get_gid_caller()
50 client_gid_str = client_gid.save_to_string(save_parents=True)
51 self.api.auth.authenticateGid(client_gid_str, [cred, type, hrn], request_hash)
52 self.api.auth.check(cred, "remove")
53 self.api.auth.verify_object_permission(hrn)
57 if type not in ['all', '*']:
59 records = table.find(filter)
61 raise RecordNotFound(hrn)
65 credential = self.api.getCredential()
66 credential.set_gid_origin_caller(gid_origin_caller)
67 registries = Registries(self.api)
69 # Try to remove the object from the PLCDB of federated agg.
70 # This is attempted before removing the object from the local agg's PLCDB and sfa table
71 if hrn.startswith(self.api.hrn) and type in ['user', 'slice', 'authority']:
72 for registry in registries:
73 if registry not in [self.api.hrn]:
76 result=registries[registry].remove_peer_object(credential, record, request_hash)
80 persons = self.api.plshell.GetPersons(self.api.plauth, record['pointer'])
81 # only delete this person if he has site ids. if he doesnt, it probably means
82 # he was just removed from a site, not actually deleted
83 if persons and persons[0]['site_ids']:
84 self.api.plshell.DeletePerson(self.api.plauth, record['pointer'])
86 if self.api.plshell.GetSlices(self.api.plauth, record['pointer']):
87 self.api.plshell.DeleteSlice(self.api.plauth, record['pointer'])
89 if self.api.plshell.GetNodes(self.api.plauth, record['pointer']):
90 self.api.plshell.DeleteNode(self.api.plauth, record['pointer'])
91 elif type == "authority":
92 if self.api.plshell.GetSites(self.api.plauth, record['pointer']):
93 self.api.plshell.DeleteSite(self.api.plauth, record['pointer'])
95 raise UnknownGeniType(type)