sfa/methods/remove.py

   1 ### $Id$
   2 ### $URL$
   3
   4 from sfa.util.faults import *
   5 from sfa.util.method import Method
   6 from sfa.util.parameter import Parameter, Mixed
   7 from sfa.trust.auth import Auth
   8 from sfa.util.record import GeniRecord
   9 from sfa.util.genitable import GeniTable
  10 from sfa.util.debug import log
  11 from sfa.trust.credential import Credential
  12 from sfa.server.registry import Registries
  13
  14 class remove(Method):
  15     """
  16     Remove an object from the registry. If the object represents a PLC object,
  17     then the PLC records will also be removed.
  18
  19     @param cred credential string
  20     @param type record type
  21     @param hrn human readable name of record to remove
  22
  23     @return 1 if successful, faults otherwise
  24     """
  25
  26     interfaces = ['registry']
  27
  28     accepts = [
  29         Parameter(str, "Credential string"),
  30         Parameter(str, "Record type"),
  31         Parameter(str, "Human readable name (hrn) of record to be removed"),
  32         Mixed(Parameter(str, "Request hash"),
  33               Parameter(None, "Request hash not specified"))
  34         ]
  35
  36     returns = Parameter(int, "1 if successful")
  37
  38     def call(self, cred, type, hrn, request_hash=None):
  39         user_cred = Credential(string=cred)
  40
  41         #log the call
  42         gid_origin_caller = user_cred.get_gid_origin_caller()
  43         origin_hrn = gid_origin_caller.get_hrn()
  44         self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, hrn, self.name))
  45
  46         # This cred will be an authority cred, not a user, so we cant use it to
  47         # authenticate the caller's request_hash. Let just get the caller's gid
  48         # from the cred and authenticate using that
  49         client_gid = Credential(string=cred).get_gid_caller()
  50         client_gid_str = client_gid.save_to_string(save_parents=True)
  51         self.api.auth.authenticateGid(client_gid_str, [cred, type, hrn], request_hash)
  52         self.api.auth.check(cred, "remove")
  53         self.api.auth.verify_object_permission(hrn)
  54
  55         table = GeniTable()
  56         filter = {'hrn': hrn}
  57         if type not in ['all', '*']:
  58             filter['type'] = type
  59         records = table.find(filter)
  60         if not records:
  61             raise RecordNotFound(hrn)
  62         record = records[0]
  63         type = record['type']
  64
  65         credential = self.api.getCredential()
  66         credential.set_gid_origin_caller(gid_origin_caller)
  67         registries = Registries(self.api)
  68
  69         # Try to remove the object from the PLCDB of federated agg.
  70         # This is attempted before removing the object from the local agg's PLCDB and sfa table
  71         if hrn.startswith(self.api.hrn) and type in ['user', 'slice', 'authority']:
  72             for registry in registries:
  73                 if registry not in [self.api.hrn]:
  74                     try:
  75                         request_hash=None
  76                         result=registries[registry].remove_peer_object(credential, record, request_hash)
  77                     except:
  78                         pass
  79         if type == "user":
  80             persons = self.api.plshell.GetPersons(self.api.plauth, record['pointer'])
  81             # only delete this person if he has site ids. if he doesnt, it probably means
  82             # he was just removed from a site, not actually deleted
  83             if persons and persons[0]['site_ids']:
  84                 self.api.plshell.DeletePerson(self.api.plauth, record['pointer'])
  85         elif type == "slice":
  86             if self.api.plshell.GetSlices(self.api.plauth, record['pointer']):
  87                 self.api.plshell.DeleteSlice(self.api.plauth, record['pointer'])
  88         elif type == "node":
  89             if self.api.plshell.GetNodes(self.api.plauth, record['pointer']):
  90                 self.api.plshell.DeleteNode(self.api.plauth, record['pointer'])
  91         elif type == "authority":
  92             if self.api.plshell.GetSites(self.api.plauth, record['pointer']):
  93                 self.api.plshell.DeleteSite(self.api.plauth, record['pointer'])
  94         else:
  95             raise UnknownGeniType(type)
  96
  97         table.remove(record)
  98
  99         return 1