fix permissions

[sfa.git] / sfa / client / sfi.py
diff --git a/sfa/client/sfi.py b/sfa/client/sfi.py

index a8d96d6..72a6f86 100755 (executable)
--- a/sfa/client/sfi.py
+++ b/sfa/client/sfi.py
@@ -11,11 +11,14 @@ import socket
  import random
  import datetime
  import zlib
  import random
  import datetime
  import zlib
+import codecs
+import pickle
  from lxml import etree
  from StringIO import StringIO
  from types import StringTypes, ListType
  from optparse import OptionParser
  from lxml import etree
  from StringIO import StringIO
  from types import StringTypes, ListType
  from optparse import OptionParser
-from sfa.util.sfalogging import _SfaLogger, logging
+
+from sfa.util.sfalogging import sfi_logger
  from sfa.trust.certificate import Keypair, Certificate
  from sfa.trust.gid import GID
  from sfa.trust.credential import Credential
  from sfa.trust.certificate import Keypair, Certificate
  from sfa.trust.gid import GID
  from sfa.trust.credential import Credential
@@ -26,6 +29,8 @@ import sfa.util.xmlrpcprotocol as xmlrpcprotocol
  from sfa.util.config import Config
  from sfa.util.version import version_core
  from sfa.util.cache import Cache
  from sfa.util.config import Config
  from sfa.util.version import version_core
  from sfa.util.cache import Cache
+from sfa.rspecs.rspec_version import RSpecVersion
+from sfa.rspecs.pg_rspec import pg_rspec_request_version
  
  AGGREGATE_PORT=12346
  CM_PORT=12346
  
  AGGREGATE_PORT=12346
  CM_PORT=12346
@@ -76,23 +81,51 @@ def filter_records(type, records):
  
  
  # save methods
  
  
  # save methods
+def save_variable_to_file(var, filename, format="text"):
+    f = open(filename, "w")
+    if format == "text":
+        f.write(str(var))
+    elif format == "pickled":
+        f.write(pickle.dumps(var))
+    else:
+        # this should never happen
+        print "unknown output format", format
+
+
  def save_rspec_to_file(rspec, filename):
      if not filename.endswith(".rspec"):
          filename = filename + ".rspec"
  def save_rspec_to_file(rspec, filename):
      if not filename.endswith(".rspec"):
          filename = filename + ".rspec"
-
      f = open(filename, 'w')
      f.write(rspec)
      f.close()
      return
  
      f = open(filename, 'w')
      f.write(rspec)
      f.close()
      return
  
-def save_records_to_file(filename, recordList):
-    index = 0
-    for record in recordList:
-        if index > 0:
-            save_record_to_file(filename + "." + str(index), record)
-        else:
-            save_record_to_file(filename, record)
-        index = index + 1
+def save_records_to_file(filename, recordList, format="xml"):
+    if format == "xml":
+        index = 0
+        for record in recordList:
+            if index > 0:
+                save_record_to_file(filename + "." + str(index), record)
+            else:
+                save_record_to_file(filename, record)
+            index = index + 1
+    elif format == "xmllist":
+        f = open(filename, "w")
+        f.write("<recordlist>\n")
+        for record in recordList:
+            record = SfaRecord(dict=record)
+            f.write('<record hrn="' + record.get_name() + '" type="' + record.get_type() + '" />\n')
+        f.write("</recordlist>\n");
+        f.close()
+    elif format == "hrnlist":
+        f = open(filename, "w")
+        for record in recordList:
+            record = SfaRecord(dict=record)
+            f.write(record.get_name() + "\n")
+        f.close()
+    else:
+        # this should never happen
+        print "unknown output format", format
  
  def save_record_to_file(filename, record):
      if record['type'] in ['user']:
  
  def save_record_to_file(filename, record):
      if record['type'] in ['user']:
@@ -106,13 +139,17 @@ def save_record_to_file(filename, record):
      else:
          record = SfaRecord(dict=record)
      str = record.save_to_string()
      else:
          record = SfaRecord(dict=record)
      str = record.save_to_string()
-    file(filename, "w").write(str)
+    f=codecs.open(filename, encoding='utf-8',mode="w")
+    f.write(str)
+    f.close()
      return
  
  
  # load methods
  def load_record_from_file(filename):
      return
  
  
  # load methods
  def load_record_from_file(filename):
-    str = file(filename, "r").read()
+    f=codecs.open(filename, encoding="utf-8", mode="r")
+    str = f.read()
+    f.close()
      record = SfaRecord(string=str)
      return record
  
      record = SfaRecord(string=str)
      return record
  
@@ -134,6 +171,8 @@ class Sfi:
          for opt in Sfi.required_options:
              if not hasattr(options,opt): setattr(options,opt,None)
          if not hasattr(options,'sfi_dir'): options.sfi_dir=os.path.expanduser("~/.sfi/")
          for opt in Sfi.required_options:
              if not hasattr(options,opt): setattr(options,opt,None)
          if not hasattr(options,'sfi_dir'): options.sfi_dir=os.path.expanduser("~/.sfi/")
+        # xxx oops, this is dangerous, sounds like ww sometimes have discrepency
+        # would be safer to remove self.sfi_dir altogether
          self.sfi_dir = options.sfi_dir
          self.options = options
          self.slicemgr = None
          self.sfi_dir = options.sfi_dir
          self.options = options
          self.slicemgr = None
@@ -141,9 +180,8 @@ class Sfi:
          self.user = None
          self.authority = None
          self.hashrequest = False
          self.user = None
          self.authority = None
          self.hashrequest = False
-        #sfa_logger_goes_to_console()
-        #self.logger=sfa_logger()
-        self.logger = _SfaLogger(self.sfi_dir + 'sfi.log', level = logging.INFO)
+        self.logger = sfi_logger
+        self.logger.enable_console()
     
      def create_cmd_parser(self, command, additional_cmdargs=None):
          cmdargs = {"list": "authority",
     
      def create_cmd_parser(self, command, additional_cmdargs=None):
          cmdargs = {"list": "authority",
@@ -153,6 +191,7 @@ class Sfi:
                    "update": "record",
                    "aggregates": "[name]",
                    "registries": "[name]",
                    "update": "record",
                    "aggregates": "[name]",
                    "registries": "[name]",
+                  "create_gid": "[name]",
                    "get_gid": [],  
                    "get_trusted_certs": "cred",
                    "slices": "",
                    "get_gid": [],  
                    "get_trusted_certs": "cred",
                    "slices": "",
@@ -216,15 +255,27 @@ class Sfi:
                                  help="optional component information", default=None)
  
  
                                  help="optional component information", default=None)
  
  
-        if command in ("resources", "show", "list"):
+        # 'create' does return the new rspec, makes sense to save that too
+        if command in ("resources", "show", "list", "create_gid", 'create'):
             parser.add_option("-o", "--output", dest="file",
                              help="output XML to file", metavar="FILE", default=None)
             parser.add_option("-o", "--output", dest="file",
                              help="output XML to file", metavar="FILE", default=None)
-        
+
          if command in ("show", "list"):
             parser.add_option("-f", "--format", dest="format", type="choice",
                               help="display format ([text]|xml)", default="text",
                               choices=("text", "xml"))
  
          if command in ("show", "list"):
             parser.add_option("-f", "--format", dest="format", type="choice",
                               help="display format ([text]|xml)", default="text",
                               choices=("text", "xml"))
  
+           parser.add_option("-F", "--fileformat", dest="fileformat", type="choice",
+                             help="output file format ([xml]|xmllist|hrnlist)", default="xml",
+                             choices=("xml", "xmllist", "hrnlist"))
+
+        if command in ("status"):
+           parser.add_option("-o", "--output", dest="file",
+                            help="output dictionary to file", metavar="FILE", default=None)
+           parser.add_option("-F", "--fileformat", dest="fileformat", type="choice",
+                             help="output file format ([text]|pickled)", default="text",
+                             choices=("text","pickled"))
+
          if command in ("delegate"):
             parser.add_option("-u", "--user",
                              action="store_true", dest="delegate_user", default=False,
          if command in ("delegate"):
             parser.add_option("-u", "--user",
                              action="store_true", dest="delegate_user", default=False,
@@ -274,13 +325,15 @@ class Sfi:
          parser.add_option("-k", "--hashrequest",
                           action="store_true", dest="hashrequest", default=False,
                           help="Create a hash of the request that will be authenticated on the server")
          parser.add_option("-k", "--hashrequest",
                           action="store_true", dest="hashrequest", default=False,
                           help="Create a hash of the request that will be authenticated on the server")
+        parser.add_option("-t", "--timeout", dest="timeout", default=None,
+                         help="Amout of time tom wait before timing out the request")
          parser.disable_interspersed_args()
  
          return parser
          
  
      def read_config(self):
          parser.disable_interspersed_args()
  
          return parser
          
  
      def read_config(self):
-       config_file = self.options.sfi_dir + os.sep + "sfi_config"
+       config_file = os.path.join(self.options.sfi_dir,"sfi_config")
         try:
            config = Config (config_file)
         except:
         try:
            config = Config (config_file)
         except:
@@ -348,16 +401,16 @@ class Sfi:
         self.cert_file = cert_file
         self.cert = GID(filename=cert_file)
         self.logger.info("Contacting Registry at: %s"%self.reg_url)
         self.cert_file = cert_file
         self.cert = GID(filename=cert_file)
         self.logger.info("Contacting Registry at: %s"%self.reg_url)
-       self.registry = xmlrpcprotocol.get_server(self.reg_url, key_file, cert_file, self.options)  
+       self.registry = xmlrpcprotocol.get_server(self.reg_url, key_file, cert_file, timeout=self.options.timeout, verbose=self.options.debug)  
         self.logger.info("Contacting Slice Manager at: %s"%self.sm_url)
         self.logger.info("Contacting Slice Manager at: %s"%self.sm_url)
-       self.slicemgr = xmlrpcprotocol.get_server(self.sm_url, key_file, cert_file, self.options)
+       self.slicemgr = xmlrpcprotocol.get_server(self.sm_url, key_file, cert_file, timeout=self.options.timeout, verbose=self.options.debug)
         return
  
      def get_cached_server_version(self, server):
          # check local cache first
          cache = None
          version = None 
         return
  
      def get_cached_server_version(self, server):
          # check local cache first
          cache = None
          version = None 
-        cache_file = self.sfi_dir + os.path.sep + 'sfi_cache.dat'
+        cache_file = os.path.join(self.options.sfi_dir,'sfi_cache.dat')
          cache_key = server.url + "-version"
          try:
              cache = Cache(cache_file)
          cache_key = server.url + "-version"
          try:
              cache = Cache(cache_file)
@@ -372,6 +425,8 @@ class Sfi:
              version = server.GetVersion()
              # cache version for 24 hours
              cache.add(cache_key, version, ttl= 60*60*24)
              version = server.GetVersion()
              # cache version for 24 hours
              cache.add(cache_key, version, ttl= 60*60*24)
+            self.logger.info("Updating cache file %s" % cache_file)
+            cache.save_to_file(cache_file)
  
  
          return version   
  
  
          return version   
@@ -434,23 +489,19 @@ class Sfi:
          cert.set_issuer(k, self.user)
          cert.sign()
          self.logger.info("Writing self-signed certificate to %s"%cert_file)
          cert.set_issuer(k, self.user)
          cert.sign()
          self.logger.info("Writing self-signed certificate to %s"%cert_file)
-        print "Writing self-signed certificate to %s"%cert_file
          cert.save_to_file(cert_file)
          self.cert = cert
          # try to get registry issued cert
          try:
              self.logger.info("Getting Registry issued cert")
          cert.save_to_file(cert_file)
          self.cert = cert
          # try to get registry issued cert
          try:
              self.logger.info("Getting Registry issued cert")
-            print "Getting Registry issued cert"
              self.read_config()
              # *hack.  need to set registyr before _get_gid() is called 
              self.read_config()
              # *hack.  need to set registyr before _get_gid() is called 
-            self.registry = xmlrpcprotocol.get_server(self.reg_url, key_file, cert_file, self.options)
+            self.registry = xmlrpcprotocol.get_server(self.reg_url, key_file, cert_file, timeout=self.options.timeout, verbose=self.options.debug)
              gid = self._get_gid(type='user')
              self.registry = None 
              self.logger.info("Writing certificate to %s"%cert_file)
              gid.save_to_file(cert_file)
          except:
              gid = self._get_gid(type='user')
              self.registry = None 
              self.logger.info("Writing certificate to %s"%cert_file)
              gid.save_to_file(cert_file)
          except:
-            
-            print "Failed to download Registry issued cert"
              self.logger.info("Failed to download Registry issued cert")
  
          return cert_file
              self.logger.info("Failed to download Registry issued cert")
  
          return cert_file
@@ -485,6 +536,7 @@ class Sfi:
              hrn = self.user
   
          gidfile = os.path.join(self.options.sfi_dir, hrn + ".gid")
              hrn = self.user
   
          gidfile = os.path.join(self.options.sfi_dir, hrn + ".gid")
+        print gidfile
          gid = self.get_cached_gid(gidfile)
          if not gid:
              user_cred = self.get_user_cred()
          gid = self.get_cached_gid(gidfile)
          if not gid:
              user_cred = self.get_user_cred()
@@ -618,7 +670,7 @@ class Sfi:
          host_parts = host.split('/')
          host_parts[0] = host_parts[0] + ":" + str(port)
          url =  "http://%s" %  "/".join(host_parts)    
          host_parts = host.split('/')
          host_parts[0] = host_parts[0] + ":" + str(port)
          url =  "http://%s" %  "/".join(host_parts)    
-        return xmlrpcprotocol.get_server(url, keyfile, certfile, self.options)
+        return xmlrpcprotocol.get_server(url, keyfile, certfile, timeout=self.options.timeout, verbose=self.options.debug)
  
      # xxx opts could be retrieved in self.options
      def get_server_from_opts(self, opts):
  
      # xxx opts could be retrieved in self.options
      def get_server_from_opts(self, opts):
@@ -643,7 +695,22 @@ class Sfi:
    
      def dispatch(self, command, cmd_opts, cmd_args):
          return getattr(self, command)(cmd_opts, cmd_args)
    
      def dispatch(self, command, cmd_opts, cmd_args):
          return getattr(self, command)(cmd_opts, cmd_args)
- 
+
+    def create_gid(self, opts, args):
+        if len(args) < 1:
+            self.print_help()
+            sys.exit(1)
+        target_hrn = args[0]
+        user_cred = self.get_user_cred().save_to_string(save_parents=True)
+        gid = self.registry.CreateGid(user_cred, target_hrn, self.cert.save_to_string())
+        if opts.file:
+            filename = opts.file
+        else:
+            filename = os.sep.join([self.sfi_dir, '%s.gid' % target_hrn])
+        self.logger.info("writing %s gid to %s" % (target_hrn, filename))
+        GID(string=gid).save_to_file(filename)
+         
+     
      # list entires in named authority registry
      def list(self, opts, args):
          if len(args)!= 1:
      # list entires in named authority registry
      def list(self, opts, args):
          if len(args)!= 1:
@@ -655,17 +722,14 @@ class Sfi:
              list = self.registry.List(hrn, user_cred)
          except IndexError:
              raise Exception, "Not enough parameters for the 'list' command"
              list = self.registry.List(hrn, user_cred)
          except IndexError:
              raise Exception, "Not enough parameters for the 'list' command"
-          
-        # filter on person, slice, site, node, etc.  
+
+        # filter on person, slice, site, node, etc.
          # THis really should be in the self.filter_records funct def comment...
          list = filter_records(opts.type, list)
          for record in list:
          # THis really should be in the self.filter_records funct def comment...
          list = filter_records(opts.type, list)
          for record in list:
-            print "%s (%s)" % (record['hrn'], record['type'])     
+            print "%s (%s)" % (record['hrn'], record['type'])
          if opts.file:
          if opts.file:
-            file = opts.file
-            if not file.startswith(os.sep):
-                file = os.path.join(self.options.sfi_dir, file)
-            save_records_to_file(file, list)
+            save_records_to_file(opts.file, list, opts.fileformat)
          return
      
      # show named registry record
          return
      
      # show named registry record
@@ -694,12 +758,8 @@ class Sfi:
                  record.dump()  
              else:
                  print record.save_to_string() 
                  record.dump()  
              else:
                  print record.save_to_string() 
- 
          if opts.file:
          if opts.file:
-            file = opts.file
-            if not file.startswith(os.sep):
-                file = os.path.join(self.options.sfi_dir, file)
-            save_records_to_file(file, records)
+            save_records_to_file(opts.file, records, opts.fileformat)
          return
      
      def delegate(self, opts, args):
          return
      
      def delegate(self, opts, args):
@@ -812,6 +872,8 @@ class Sfi:
          """ 
          trusted_certs = self.registry.get_trusted_certs()
          for trusted_cert in trusted_certs:
          """ 
          trusted_certs = self.registry.get_trusted_certs()
          for trusted_cert in trusted_certs:
+            gid = GID(string=trusted_cert)
+            gid.dump()
              cert = Certificate(string=trusted_cert)
              self.logger.debug('Sfi.get_trusted_certs -> %r'%cert.get_subject())
          return 
              cert = Certificate(string=trusted_cert)
              self.logger.debug('Sfi.get_trusted_certs -> %r'%cert.get_subject())
          return 
@@ -894,7 +956,14 @@ class Sfi:
              delegated_cred = self.delegate_cred(cred, get_authority(self.authority))
              creds.append(delegated_cred)
          if opts.rspec_version:
              delegated_cred = self.delegate_cred(cred, get_authority(self.authority))
              creds.append(delegated_cred)
          if opts.rspec_version:
-            call_options['rspec_version'] = opts.rspec_version 
+            server_version = self.get_cached_server_version(server)
+            if 'sfa' in server_version:
+                # just request the version the client wants 
+                call_options['rspec_version'] = dict(RSpecVersion(opts.rspec_version)) 
+            else:
+                # this must be a protogeni aggregate. We should request a v2 ad rspec
+                # regardless of what the client user requested 
+                call_options['rspec_version'] = dict(pg_rspec_request_version)     
          #panos add info options
          if opts.info:
              call_options['info'] = opts.info 
          #panos add info options
          if opts.info:
              call_options['info'] = opts.info 
@@ -903,18 +972,16 @@ class Sfi:
          if self.server_supports_call_id_arg(server):
              call_args.append(unique_call_id())
          result = server.ListResources(*call_args)
          if self.server_supports_call_id_arg(server):
              call_args.append(unique_call_id())
          result = server.ListResources(*call_args)
-        format = opts.format
          if opts.file is None:
          if opts.file is None:
-            display_rspec(result, format)
+            display_rspec(result, opts.format)
          else:
          else:
-            file = opts.file
-            if not file.startswith(os.sep):
-                file = os.path.join(self.options.sfi_dir, file)
-            save_rspec_to_file(result, file)
+            save_rspec_to_file(result, opts.file)
          return
      
      # created named slice with given rspec
      def create(self, opts, args):
          return
      
      # created named slice with given rspec
      def create(self, opts, args):
+        server = self.get_server_from_opts(opts)
+        server_version = self.get_cached_server_version(server)
          slice_hrn = args[0]
          slice_urn = hrn_to_urn(slice_hrn, 'slice') 
          user_cred = self.get_user_cred()
          slice_hrn = args[0]
          slice_urn = hrn_to_urn(slice_hrn, 'slice') 
          user_cred = self.get_user_cred()
@@ -926,36 +993,52 @@ class Sfi:
          rspec_file = self.get_rspec_file(args[1])
          rspec = open(rspec_file).read()
  
          rspec_file = self.get_rspec_file(args[1])
          rspec = open(rspec_file).read()
  
+        # need to pass along user keys to the aggregate.  
          # users = [
          #  { urn: urn:publicid:IDN+emulab.net+user+alice
          #    keys: [<ssh key A>, <ssh key B>] 
          #  }]
          users = []
          # users = [
          #  { urn: urn:publicid:IDN+emulab.net+user+alice
          #    keys: [<ssh key A>, <ssh key B>] 
          #  }]
          users = []
-        server = self.get_server_from_opts(opts)
-        version = server.GetVersion()
-        if 'sfa' not in version:
-            # need to pass along user keys if this request is going to a ProtoGENI aggregate 
+        all_keys = []
+        all_key_ids = []
+        slice_records = self.registry.Resolve(slice_urn, [user_cred.save_to_string(save_parents=True)])
+        if slice_records and 'researcher' in slice_records[0] and slice_records[0]['researcher']!=[]:
+            slice_record = slice_records[0]
+            user_hrns = slice_record['researcher']
+            user_urns = [hrn_to_urn(hrn, 'user') for hrn in user_hrns]
+            user_records = self.registry.Resolve(user_urns, [user_cred.save_to_string(save_parents=True)])
+            for user_record in user_records:
+                if user_record['type'] != 'user':
+                    continue
+                #user = {'urn': user_cred.get_gid_caller().get_urn(),'keys': []}
+                user = {'urn': user_cred.get_gid_caller().get_urn(), #
+                        'keys': user_record['keys'],
+                        'email': user_record['email'], #  needed for MyPLC
+                        'person_id': user_record['person_id'], # needed for MyPLC
+                        'first_name': user_record['first_name'], # needed for MyPLC
+                        'last_name': user_record['last_name'], # needed for MyPLC
+                        'slice_record': slice_record, # needed for legacy refresh peer
+                        'key_ids': user_record['key_ids'] # needed for legacy refresh peer
+                } 
+                users.append(user)
+                all_keys.extend(user_record['keys'])
+                all_key_ids.extend(user_record['key_ids'])
              # ProtoGeni Aggregates will only install the keys of the user that is issuing the
              # ProtoGeni Aggregates will only install the keys of the user that is issuing the
-            # request. So we will only pass in one user that contains the keys for all
-            # users of the slice 
-            user = {'urn': user_cred.get_gid_caller().get_urn(),
-                    'keys': []}
-            slice_record = self.registry.Resolve(slice_urn, creds)
-            if slice_record and 'researchers' in slice_record:
-                user_hrns = slice_record['researchers']
-                user_urns = [hrn_to_urn(hrn, 'user') for hrn in user_hrns] 
-                user_records = self.registry.Resolve(user_urns, creds)
-                for user_record in user_records:
-                    if 'keys' in user_record:
-                        user['keys'].extend(user_record['keys'])
-            users.append(user)
+            # request. So we will add all to the current caller's list of keys
+            if 'sfa' not in server_version:
+                for user in users:
+                    if user['urn'] == user_cred.get_gid_caller().get_urn():
+                        user['keys'] = all_keys  
  
          call_args = [slice_urn, creds, rspec, users]
          if self.server_supports_call_id_arg(server):
              call_args.append(unique_call_id())
               
  
          call_args = [slice_urn, creds, rspec, users]
          if self.server_supports_call_id_arg(server):
              call_args.append(unique_call_id())
               
-        result =  server.CreateSliver(*call_args)
-        print result
+        result = server.CreateSliver(*call_args)
+        if opts.file is None:
+            print result
+        else:
+            save_rspec_to_file (result, opts.file)
          return result
  
      # get a ticket for the specified slice
          return result
  
      # get a ticket for the specified slice
@@ -1092,7 +1175,10 @@ class Sfi:
          call_args = [slice_urn, creds]
          if self.server_supports_call_id_arg(server):
              call_args.append(unique_call_id())
          call_args = [slice_urn, creds]
          if self.server_supports_call_id_arg(server):
              call_args.append(unique_call_id())
-        print server.SliverStatus(*call_args)
+        result = server.SliverStatus(*call_args)
+        print result
+        if opts.file:
+            save_variable_to_file(result, opts.file, opts.fileformat)
  
  
      def shutdown(self, opts, args):
  
  
      def shutdown(self, opts, args):
@@ -1136,12 +1222,13 @@ class Sfi:
              self.logger.debug("resources cmd_opts %s" % cmd_opts.format)
          elif command in ("list", "show", "remove"):
              self.logger.debug("cmd_opts.type %s" % cmd_opts.type)
              self.logger.debug("resources cmd_opts %s" % cmd_opts.format)
          elif command in ("list", "show", "remove"):
              self.logger.debug("cmd_opts.type %s" % cmd_opts.type)
-        self.logger.debug('cmd_args %s',cmd_args)
+        self.logger.debug('cmd_args %s' % cmd_args)
  
          try:
              self.dispatch(command, cmd_opts, cmd_args)
          except KeyError:
              self.logger.critical ("Unknown command %s"%command)
  
          try:
              self.dispatch(command, cmd_opts, cmd_args)
          except KeyError:
              self.logger.critical ("Unknown command %s"%command)
+            raise
              sys.exit(1)
      
          return
              sys.exit(1)
      
          return