Merge branch 'master' into senslab2

[sfa.git] / sfa / client / sfi.py
diff --git a/sfa/client/sfi.py b/sfa/client/sfi.py

index 317c19d..cc8ef3f 100644 (file)
--- a/sfa/client/sfi.py
+++ b/sfa/client/sfi.py
@@ -1,7 +1,6 @@
  #
  # sfi.py - basic SFA command-line client
  #
  # sfi.py - basic SFA command-line client
-# the actual binary in sfa/clientbin essentially runs main()
-# this module is used in sfascan
+# this module is also used in sfascan
  #
  
  import sys
  #
  
  import sys
@@ -9,22 +8,26 @@ sys.path.append('.')
  
  import os, os.path
  import socket
  
  import os, os.path
  import socket
+import re
  import datetime
  import codecs
  import pickle
  import json
  import datetime
  import codecs
  import pickle
  import json
+import shutil
  from lxml import etree
  from StringIO import StringIO
  from optparse import OptionParser
  from pprint import PrettyPrinter
  from lxml import etree
  from StringIO import StringIO
  from optparse import OptionParser
  from pprint import PrettyPrinter
+from tempfile import mkstemp
  
  from sfa.trust.certificate import Keypair, Certificate
  from sfa.trust.gid import GID
  from sfa.trust.credential import Credential
  from sfa.trust.sfaticket import SfaTicket
  
  
  from sfa.trust.certificate import Keypair, Certificate
  from sfa.trust.gid import GID
  from sfa.trust.credential import Credential
  from sfa.trust.sfaticket import SfaTicket
  
+from sfa.util.faults import SfaInvalidArgument
  from sfa.util.sfalogging import sfi_logger
  from sfa.util.sfalogging import sfi_logger
-from sfa.util.xrn import get_leaf, get_authority, hrn_to_urn
+from sfa.util.xrn import get_leaf, get_authority, hrn_to_urn, Xrn
  from sfa.util.config import Config
  from sfa.util.version import version_core
  from sfa.util.cache import Cache
  from sfa.util.config import Config
  from sfa.util.version import version_core
  from sfa.util.cache import Cache
@@ -39,10 +42,35 @@ from sfa.client.sfaclientlib import SfaClientBootstrap
  from sfa.client.sfaserverproxy import SfaServerProxy, ServerException
  from sfa.client.client_helper import pg_users_arg, sfa_users_arg
  from sfa.client.return_value import ReturnValue
  from sfa.client.sfaserverproxy import SfaServerProxy, ServerException
  from sfa.client.client_helper import pg_users_arg, sfa_users_arg
  from sfa.client.return_value import ReturnValue
+from sfa.client.candidates import Candidates
  
  CM_PORT=12346
  
  # utility methods here
  
  CM_PORT=12346
  
  # utility methods here
+def optparse_listvalue_callback(option, option_string, value, parser):
+    setattr(parser.values, option.dest, value.split(','))
+
+# a code fragment that could be helpful for argparse which unfortunately is 
+# available with 2.7 only, so this feels like too strong a requirement for the client side
+#class ExtraArgAction  (argparse.Action):
+#    def __call__ (self, parser, namespace, values, option_string=None):
+# would need a try/except of course
+#        (k,v)=values.split('=')
+#        d=getattr(namespace,self.dest)
+#        d[k]=v
+#####
+#parser.add_argument ("-X","--extra",dest='extras', default={}, action=ExtraArgAction,
+#                     help="set extra flags, testbed dependent, e.g. --extra enabled=true")
+    
+def optparse_dictvalue_callback (option, option_string, value, parser):
+    try:
+        (k,v)=value.split('=',1)
+        d=getattr(parser.values, option.dest)
+        d[k]=v
+    except:
+        parser.print_help()
+        sys.exit(1)
+
  # display methods
  def display_rspec(rspec, format='rspec'):
      if format in ['dns']:
  # display methods
  def display_rspec(rspec, format='rspec'):
      if format in ['dns']:
@@ -72,7 +100,7 @@ def display_records(recordList, dump=False):
  
  def display_record(record, dump=False):
      if dump:
  
  def display_record(record, dump=False):
      if dump:
-        record.dump()
+        record.dump(sort=True)
      else:
          info = record.getdict()
          print "%s (%s)" % (info['hrn'], info['type'])
      else:
          info = record.getdict()
          print "%s (%s)" % (info['hrn'], info['type'])
@@ -87,6 +115,21 @@ def filter_records(type, records):
      return filtered_records
  
  
      return filtered_records
  
  
+def credential_printable (credential_string):
+    credential=Credential(string=credential_string)
+    result=""
+    result += credential.get_summary_tostring()
+    result += "\n"
+    rights = credential.get_privileges()
+    result += "rights=%s"%rights
+    result += "\n"
+    return result
+
+def show_credentials (cred_s):
+    if not isinstance (cred_s,list): cred_s = [cred_s]
+    for cred in cred_s:
+        print "Using Credential %s"%credential_printable(cred)
+
  # save methods
  def save_raw_to_file(var, filename, format="text", banner=None):
      if filename == "-":
  # save methods
  def save_raw_to_file(var, filename, format="text", banner=None):
      if filename == "-":
@@ -147,15 +190,99 @@ def save_records_to_file(filename, record_dicts, format="xml"):
          print "unknown output format", format
  
  def save_record_to_file(filename, record_dict):
          print "unknown output format", format
  
  def save_record_to_file(filename, record_dict):
-    rec_record = Record(dict=record_dict)
-    str = record.save_to_string()
+    record = Record(dict=record_dict)
+    xml = record.save_as_xml()
      f=codecs.open(filename, encoding='utf-8',mode="w")
      f=codecs.open(filename, encoding='utf-8',mode="w")
-    f.write(str)
+    f.write(xml)
      f.close()
      return
  
      f.close()
      return
  
+# used in sfi list
+def terminal_render (records,options):
+    # sort records by type
+    grouped_by_type={}
+    for record in records:
+        type=record['type']
+        if type not in grouped_by_type: grouped_by_type[type]=[]
+        grouped_by_type[type].append(record)
+    group_types=grouped_by_type.keys()
+    group_types.sort()
+    for type in group_types:
+        group=grouped_by_type[type]
+#        print 20 * '-', type
+        try:    renderer=eval('terminal_render_'+type)
+        except: renderer=terminal_render_default
+        for record in group: renderer(record,options)
+
+def render_plural (how_many, name,names=None):
+    if not names: names="%ss"%name
+    if how_many<=0: return "No %s"%name
+    elif how_many==1: return "1 %s"%name
+    else: return "%d %s"%(how_many,names)
+
+def terminal_render_default (record,options):
+    print "%s (%s)" % (record['hrn'], record['type'])
+def terminal_render_user (record, options):
+    print "%s (User)"%record['hrn'],
+    if record.get('reg-pi-authorities',None): print " [PI at %s]"%(" and ".join(record['reg-pi-authorities'])),
+    if record.get('reg-slices',None): print " [IN slices %s]"%(" and ".join(record['reg-slices'])),
+    user_keys=record.get('reg-keys',[])
+    if not options.verbose:
+        print " [has %s]"%(render_plural(len(user_keys),"key"))
+    else:
+        print ""
+        for key in user_keys: print 8*' ',key.strip("\n")
+        
+def terminal_render_slice (record, options):
+    print "%s (Slice)"%record['hrn'],
+    if record.get('reg-researchers',None): print " [USERS %s]"%(" and ".join(record['reg-researchers'])),
+#    print record.keys()
+    print ""
+def terminal_render_authority (record, options):
+    print "%s (Authority)"%record['hrn'],
+    if record.get('reg-pis',None): print " [PIS %s]"%(" and ".join(record['reg-pis'])),
+    print ""
+def terminal_render_node (record, options):
+    print "%s (Node)"%record['hrn']
+
+# minimally check a key argument
+def check_ssh_key (key):
+    good_ssh_key = r'^.*(?:ssh-dss|ssh-rsa)[ ]+[A-Za-z0-9+/=]+(?: .*)?$'
+    return re.match(good_ssh_key, key, re.IGNORECASE)
  
  # load methods
  
  # load methods
+def load_record_from_opts(options):
+    record_dict = {}
+    if hasattr(options, 'xrn') and options.xrn:
+        if hasattr(options, 'type') and options.type:
+            xrn = Xrn(options.xrn, options.type)
+        else:
+            xrn = Xrn(options.xrn)
+        record_dict['urn'] = xrn.get_urn()
+        record_dict['hrn'] = xrn.get_hrn()
+        record_dict['type'] = xrn.get_type()
+    if hasattr(options, 'key') and options.key:
+        try:
+            pubkey = open(options.key, 'r').read()
+        except IOError:
+            pubkey = options.key
+        if not check_ssh_key (pubkey):
+            raise SfaInvalidArgument(name='key',msg="Could not find file, or wrong key format")
+        record_dict['keys'] = [pubkey]
+    if hasattr(options, 'slices') and options.slices:
+        record_dict['slices'] = options.slices
+    if hasattr(options, 'researchers') and options.researchers:
+        record_dict['researcher'] = options.researchers
+    if hasattr(options, 'email') and options.email:
+        record_dict['email'] = options.email
+    if hasattr(options, 'pis') and options.pis:
+        record_dict['pi'] = options.pis
+
+    # handle extra settings
+    record_dict.update(options.extras)
+    
+    return Record(dict=record_dict)
+
  def load_record_from_file(filename):
      f=codecs.open(filename, encoding="utf-8", mode="r")
      xml_string = f.read()
  def load_record_from_file(filename):
      f=codecs.open(filename, encoding="utf-8", mode="r")
      xml_string = f.read()
@@ -217,8 +344,9 @@ class Sfi:
          ("get_ticket", "slice_hrn rspec"),
          ("redeem_ticket", "ticket"),
          ("delegate", "name"),
          ("get_ticket", "slice_hrn rspec"),
          ("redeem_ticket", "ticket"),
          ("delegate", "name"),
-        ("create_gid", "[name]"),
-        ("get_trusted_certs", "cred"),
+        ("gid", "[name]"),
+        ("trusted", "cred"),
+        ("config", ""),
          ]
  
      def print_command_help (self, options):
          ]
  
      def print_command_help (self, options):
@@ -256,6 +384,30 @@ class Sfi:
          parser = OptionParser(usage="sfi [sfi_options] %s [cmd_options] %s" \
                                       % (command, self.available_dict[command]))
  
          parser = OptionParser(usage="sfi [sfi_options] %s [cmd_options] %s" \
                                       % (command, self.available_dict[command]))
  
+        if command in ("add", "update"):
+            parser.add_option('-x', '--xrn', dest='xrn', metavar='<xrn>', help='object hrn/urn (mandatory)')
+            parser.add_option('-t', '--type', dest='type', metavar='<type>', help='object type', default=None)
+            parser.add_option('-e', '--email', dest='email', default="",  help="email (mandatory for users)") 
+# use --extra instead
+#            parser.add_option('-u', '--url', dest='url', metavar='<url>', default=None, help="URL, useful for slices") 
+#            parser.add_option('-d', '--description', dest='description', metavar='<description>', 
+#                              help='Description, useful for slices', default=None)
+            parser.add_option('-k', '--key', dest='key', metavar='<key>', help='public key string or file', 
+                              default=None)
+            parser.add_option('-s', '--slices', dest='slices', metavar='<slices>', help='slice xrns',
+                              default='', type="str", action='callback', callback=optparse_listvalue_callback)
+            parser.add_option('-r', '--researchers', dest='researchers', metavar='<researchers>', 
+                              help='slice researchers', default='', type="str", action='callback', 
+                              callback=optparse_listvalue_callback)
+            parser.add_option('-p', '--pis', dest='pis', metavar='<PIs>', help='Principal Investigators/Project Managers',
+                              default='', type="str", action='callback', callback=optparse_listvalue_callback)
+# use --extra instead
+#            parser.add_option('-f', '--firstname', dest='firstname', metavar='<firstname>', help='user first name')
+#            parser.add_option('-l', '--lastname', dest='lastname', metavar='<lastname>', help='user last name')
+            parser.add_option ('-X','--extra',dest='extras',default={},type='str',metavar="<EXTRA_ASSIGNS>",
+                               action="callback", callback=optparse_dictvalue_callback, nargs=1,
+                               help="set extra/testbed-dependent flags, e.g. --extra enabled=true")
+
          # user specifies remote aggregate/sm/component                          
          if command in ("resources", "slices", "create", "delete", "start", "stop", 
                         "restart", "shutdown",  "get_ticket", "renew", "status"):
          # user specifies remote aggregate/sm/component                          
          if command in ("resources", "slices", "create", "delete", "start", "stop", 
                         "restart", "shutdown",  "get_ticket", "renew", "status"):
@@ -264,12 +416,19 @@ class Sfi:
                               help="Include a credential delegated to the user's root"+\
                                    "authority in set of credentials for this call")
  
                               help="Include a credential delegated to the user's root"+\
                                    "authority in set of credentials for this call")
  
+        # show_credential option
+        if command in ("list","resources","create","add","update","remove","slices","delete","status","renew"):
+            parser.add_option("-C","--credential",dest='show_credential',action='store_true',default=False,
+                              help="show credential(s) used in human-readable form")
          # registy filter option
          if command in ("list", "show", "remove"):
              parser.add_option("-t", "--type", dest="type", type="choice",
                              help="type filter ([all]|user|slice|authority|node|aggregate)",
                              choices=("all", "user", "slice", "authority", "node", "aggregate"),
                              default="all")
          # registy filter option
          if command in ("list", "show", "remove"):
              parser.add_option("-t", "--type", dest="type", type="choice",
                              help="type filter ([all]|user|slice|authority|node|aggregate)",
                              choices=("all", "user", "slice", "authority", "node", "aggregate"),
                              default="all")
+        if command in ("show"):
+            parser.add_option("-k","--key",dest="keys",action="append",default=[],
+                              help="specify specific keys to be displayed from record")
          if command in ("resources"):
              # rspec version
              parser.add_option("-r", "--rspec-version", dest="rspec_version", default="SFA 1",
          if command in ("resources"):
              # rspec version
              parser.add_option("-r", "--rspec-version", dest="rspec_version", default="SFA 1",
@@ -283,12 +442,16 @@ class Sfi:
                               help="display format ([xml]|dns|ip)", default="xml",
                               choices=("xml", "dns", "ip"))
              #panos: a new option to define the type of information about resources a user is interested in
                               help="display format ([xml]|dns|ip)", default="xml",
                               choices=("xml", "dns", "ip"))
              #panos: a new option to define the type of information about resources a user is interested in
-           parser.add_option("-i", "--info", dest="info",
+            parser.add_option("-i", "--info", dest="info",
                                  help="optional component information", default=None)
                                  help="optional component information", default=None)
+            # a new option to retreive or not reservation-oriented RSpecs (leases)
+            parser.add_option("-l", "--list_leases", dest="list_leases", type="choice",
+                                help="Retreive or not reservation-oriented RSpecs ([resources]|leases|all )",
+                                choices=("all", "resources", "leases"), default="resources")
  
  
          # 'create' does return the new rspec, makes sense to save that too
  
  
          # 'create' does return the new rspec, makes sense to save that too
-        if command in ("resources", "show", "list", "create_gid", 'create'):
+        if command in ("resources", "show", "list", "gid", 'create'):
             parser.add_option("-o", "--output", dest="file",
                              help="output XML to file", metavar="FILE", default=None)
  
             parser.add_option("-o", "--output", dest="file",
                              help="output XML to file", metavar="FILE", default=None)
  
@@ -300,7 +463,11 @@ class Sfi:
             parser.add_option("-F", "--fileformat", dest="fileformat", type="choice",
                               help="output file format ([xml]|xmllist|hrnlist)", default="xml",
                               choices=("xml", "xmllist", "hrnlist"))
             parser.add_option("-F", "--fileformat", dest="fileformat", type="choice",
                               help="output file format ([xml]|xmllist|hrnlist)", default="xml",
                               choices=("xml", "xmllist", "hrnlist"))
-
+        if command == 'list':
+           parser.add_option("-r", "--recursive", dest="recursive", action='store_true',
+                             help="list all child records", default=False)
+           parser.add_option("-v", "--verbose", dest="verbose", action='store_true',
+                             help="gives details, like user keys", default=False)
          if command in ("delegate"):
             parser.add_option("-u", "--user",
                              action="store_true", dest="delegate_user", default=False,
          if command in ("delegate"):
             parser.add_option("-u", "--user",
                              action="store_true", dest="delegate_user", default=False,
@@ -362,14 +529,20 @@ class Sfi:
          
  
      def print_help (self):
          
  
      def print_help (self):
+        print "==================== Generic sfi usage"
          self.sfi_parser.print_help()
          self.sfi_parser.print_help()
+        print "==================== Specific command usage"
          self.command_parser.print_help()
  
      #
      # Main: parse arguments and dispatch to command
      #
      def dispatch(self, command, command_options, command_args):
          self.command_parser.print_help()
  
      #
      # Main: parse arguments and dispatch to command
      #
      def dispatch(self, command, command_options, command_args):
-        return getattr(self, command)(command_options, command_args)
+        method=getattr(self, command,None)
+        if not method:
+            print "Unknown command %s"%command
+            return
+        return method(command_options, command_args)
  
      def main(self):
          self.sfi_parser = self.create_parser()
  
      def main(self):
          self.sfi_parser = self.create_parser()
@@ -386,37 +559,59 @@ class Sfi:
              self.print_command_help(options)
              return -1
      
              self.print_command_help(options)
              return -1
      
-        command = args[0]
+        # complete / find unique match with command set
+        command_candidates = Candidates (self.available_names)
+        input = args[0]
+        command = command_candidates.only_match(input)
+        if not command:
+            self.print_command_help(options)
+            sys.exit(1)
+        # second pass options parsing
          self.command_parser = self.create_command_parser(command)
          (command_options, command_args) = self.command_parser.parse_args(args[1:])
          self.command_options = command_options
  
          self.read_config () 
          self.bootstrap ()
          self.command_parser = self.create_command_parser(command)
          (command_options, command_args) = self.command_parser.parse_args(args[1:])
          self.command_options = command_options
  
          self.read_config () 
          self.bootstrap ()
-        self.logger.info("Command=%s" % command)
+        self.logger.debug("Command=%s" % command)
  
          try:
              self.dispatch(command, command_options, command_args)
  
          try:
              self.dispatch(command, command_options, command_args)
-        except KeyError:
-            self.logger.critical ("Unknown command %s"%command)
-            raise
+        except:
+            self.logger.log_exc ("sfi command %s failed"%command)
              sys.exit(1)
              sys.exit(1)
-    
+
          return
      
      ####################
      def read_config(self):
          config_file = os.path.join(self.options.sfi_dir,"sfi_config")
          return
      
      ####################
      def read_config(self):
          config_file = os.path.join(self.options.sfi_dir,"sfi_config")
+        shell_config_file  = os.path.join(self.options.sfi_dir,"sfi_config.sh")
          try:
          try:
-           config = Config (config_file)
+            if Config.is_ini(config_file):
+                config = Config (config_file)
+            else:
+                # try upgrading from shell config format
+                fp, fn = mkstemp(suffix='sfi_config', text=True)  
+                config = Config(fn)
+                # we need to preload the sections we want parsed 
+                # from the shell config
+                config.add_section('sfi')
+                config.add_section('sface')
+                config.load(config_file)
+                # back up old config
+                shutil.move(config_file, shell_config_file)
+                # write new config
+                config.save(config_file)
+                 
          except:
          except:
-           self.logger.critical("Failed to read configuration file %s"%config_file)
-           self.logger.info("Make sure to remove the export clauses and to add quotes")
-           if self.options.verbose==0:
-               self.logger.info("Re-run with -v for more details")
-           else:
-               self.logger.log_exc("Could not read config file %s"%config_file)
-           sys.exit(1)
+            self.logger.critical("Failed to read configuration file %s"%config_file)
+            self.logger.info("Make sure to remove the export clauses and to add quotes")
+            if self.options.verbose==0:
+                self.logger.info("Re-run with -v for more details")
+            else:
+                self.logger.log_exc("Could not read config file %s"%config_file)
+            sys.exit(1)
       
          errors = 0
          # Set SliceMgr URL
       
          errors = 0
          # Set SliceMgr URL
@@ -434,7 +629,7 @@ class Sfi:
          elif hasattr(config, "SFI_REGISTRY"):
             self.reg_url = config.SFI_REGISTRY
          else:
          elif hasattr(config, "SFI_REGISTRY"):
             self.reg_url = config.SFI_REGISTRY
          else:
-           self.logger.errors("You need to set e.g. SFI_REGISTRY='http://your.registry.url:12345/' in %s" % config_file)
+           self.logger.error("You need to set e.g. SFI_REGISTRY='http://your.registry.url:12345/' in %s" % config_file)
             errors += 1 
  
          # Set user HRN
             errors += 1 
  
          # Set user HRN
@@ -443,7 +638,7 @@ class Sfi:
          elif hasattr(config, "SFI_USER"):
             self.user = config.SFI_USER
          else:
          elif hasattr(config, "SFI_USER"):
             self.user = config.SFI_USER
          else:
-           self.logger.errors("You need to set e.g. SFI_USER='plc.princeton.username' in %s" % config_file)
+           self.logger.error("You need to set e.g. SFI_USER='plc.princeton.username' in %s" % config_file)
             errors += 1 
  
          # Set authority HRN
             errors += 1 
  
          # Set authority HRN
@@ -455,9 +650,21 @@ class Sfi:
             self.logger.error("You need to set e.g. SFI_AUTH='plc.princeton' in %s" % config_file)
             errors += 1 
  
             self.logger.error("You need to set e.g. SFI_AUTH='plc.princeton' in %s" % config_file)
             errors += 1 
  
+        self.config_file=config_file
          if errors:
             sys.exit(1)
  
          if errors:
             sys.exit(1)
  
+    def show_config (self):
+        print "From configuration file %s"%self.config_file
+        flags=[ 
+            ('SFI_USER','user'),
+            ('SFI_AUTH','authority'),
+            ('SFI_SM','sm_url'),
+            ('SFI_REGISTRY','reg_url'),
+            ]
+        for (external_name, internal_name) in flags:
+            print "%s='%s'"%(external_name,getattr(self,internal_name))
+
      #
      # Get various credential and spec files
      #
      #
      # Get various credential and spec files
      #
@@ -473,41 +680,42 @@ class Sfi:
      
      # init self-signed cert, user credentials and gid
      def bootstrap (self):
      
      # init self-signed cert, user credentials and gid
      def bootstrap (self):
-        bootstrap = SfaClientBootstrap (self.user, self.reg_url, self.options.sfi_dir)
+        client_bootstrap = SfaClientBootstrap (self.user, self.reg_url, self.options.sfi_dir,
+                                               logger=self.logger)
          # if -k is provided, use this to initialize private key
          if self.options.user_private_key:
          # if -k is provided, use this to initialize private key
          if self.options.user_private_key:
-            bootstrap.init_private_key_if_missing (self.options.user_private_key)
+            client_bootstrap.init_private_key_if_missing (self.options.user_private_key)
          else:
              # trigger legacy compat code if needed 
              # the name has changed from just <leaf>.pkey to <hrn>.pkey
          else:
              # trigger legacy compat code if needed 
              # the name has changed from just <leaf>.pkey to <hrn>.pkey
-            if not os.path.isfile(bootstrap.private_key_filename()):
+            if not os.path.isfile(client_bootstrap.private_key_filename()):
                  self.logger.info ("private key not found, trying legacy name")
                  try:
                  self.logger.info ("private key not found, trying legacy name")
                  try:
-                    legacy_private_key = os.path.join (self.options.sfi_dir, "%s.pkey"%get_leaf(self.user))
+                    legacy_private_key = os.path.join (self.options.sfi_dir, "%s.pkey"%Xrn.unescape(get_leaf(self.user)))
                      self.logger.debug("legacy_private_key=%s"%legacy_private_key)
                      self.logger.debug("legacy_private_key=%s"%legacy_private_key)
-                    bootstrap.init_private_key_if_missing (legacy_private_key)
+                    client_bootstrap.init_private_key_if_missing (legacy_private_key)
                      self.logger.info("Copied private key from legacy location %s"%legacy_private_key)
                  except:
                      self.logger.log_exc("Can't find private key ")
                      sys.exit(1)
              
          # make it bootstrap
                      self.logger.info("Copied private key from legacy location %s"%legacy_private_key)
                  except:
                      self.logger.log_exc("Can't find private key ")
                      sys.exit(1)
              
          # make it bootstrap
-        bootstrap.bootstrap_my_gid()
+        client_bootstrap.bootstrap_my_gid()
          # extract what's needed
          # extract what's needed
-        self.private_key = bootstrap.private_key()
-        self.my_credential_string = bootstrap.my_credential_string ()
-        self.my_gid = bootstrap.my_gid ()
-        self.bootstrap = bootstrap
+        self.private_key = client_bootstrap.private_key()
+        self.my_credential_string = client_bootstrap.my_credential_string ()
+        self.my_gid = client_bootstrap.my_gid ()
+        self.client_bootstrap = client_bootstrap
  
  
      def my_authority_credential_string(self):
          if not self.authority:
              self.logger.critical("no authority specified. Use -a or set SF_AUTH")
              sys.exit(-1)
  
  
      def my_authority_credential_string(self):
          if not self.authority:
              self.logger.critical("no authority specified. Use -a or set SF_AUTH")
              sys.exit(-1)
-        return self.bootstrap.authority_credential_string (self.authority)
+        return self.client_bootstrap.authority_credential_string (self.authority)
  
      def slice_credential_string(self, name):
  
      def slice_credential_string(self, name):
-        return self.bootstrap.slice_credential_string (name)
+        return self.client_bootstrap.slice_credential_string (name)
  
      # xxx should be supported by sfaclientbootstrap as well
      def delegate_cred(self, object_cred, hrn, type='authority'):
  
      # xxx should be supported by sfaclientbootstrap as well
      def delegate_cred(self, object_cred, hrn, type='authority'):
@@ -525,7 +733,7 @@ class Sfi:
          caller_gidfile = self.my_gid()
    
          # the gid of the user who will be delegated to
          caller_gidfile = self.my_gid()
    
          # the gid of the user who will be delegated to
-        delegee_gid = self.bootstrap.gid(hrn,type)
+        delegee_gid = self.client_bootstrap.gid(hrn,type)
          delegee_hrn = delegee_gid.get_hrn()
          dcred = object_cred.delegate(delegee_gid, self.private_key, caller_gidfile)
          return dcred.save_to_string(save_parents=True)
          delegee_hrn = delegee_gid.get_hrn()
          dcred = object_cred.delegate(delegee_gid, self.private_key, caller_gidfile)
          return dcred.save_to_string(save_parents=True)
@@ -690,16 +898,21 @@ or version information about sfi itself
              self.print_help()
              sys.exit(1)
          hrn = args[0]
              self.print_help()
              sys.exit(1)
          hrn = args[0]
+        opts = {}
+        if options.recursive:
+            opts['recursive'] = options.recursive
+        
+        if options.show_credential:
+            show_credentials(self.my_credential_string)
          try:
          try:
-            list = self.registry().List(hrn, self.my_credential_string)
+            list = self.registry().List(hrn, self.my_credential_string, options)
          except IndexError:
              raise Exception, "Not enough parameters for the 'list' command"
  
          # filter on person, slice, site, node, etc.
          except IndexError:
              raise Exception, "Not enough parameters for the 'list' command"
  
          # filter on person, slice, site, node, etc.
-        # THis really should be in the self.filter_records funct def comment...
+        # This really should be in the self.filter_records funct def comment...
          list = filter_records(options.type, list)
          list = filter_records(options.type, list)
-        for record in list:
-            print "%s (%s)" % (record['hrn'], record['type'])
+        terminal_render (list, options)
          if options.file:
              save_records_to_file(options.file, list, options.fileformat)
          return
          if options.file:
              save_records_to_file(options.file, list, options.fileformat)
          return
@@ -712,13 +925,24 @@ or version information about sfi itself
              self.print_help()
              sys.exit(1)
          hrn = args[0]
              self.print_help()
              sys.exit(1)
          hrn = args[0]
-        record_dicts = self.registry().Resolve(hrn, self.my_credential_string)
+        # explicitly require Resolve to run in details mode
+        record_dicts = self.registry().Resolve(hrn, self.my_credential_string, {'details':True})
          record_dicts = filter_records(options.type, record_dicts)
          if not record_dicts:
              self.logger.error("No record of type %s"% options.type)
          record_dicts = filter_records(options.type, record_dicts)
          if not record_dicts:
              self.logger.error("No record of type %s"% options.type)
+            return
+        # user has required to focus on some keys
+        if options.keys:
+            def project (record):
+                projected={}
+                for key in options.keys:
+                    try: projected[key]=record[key]
+                    except: pass
+                return projected
+            record_dicts = [ project (record) for record in record_dicts ]
          records = [ Record(dict=record_dict) for record_dict in record_dicts ]
          for record in records:
          records = [ Record(dict=record_dict) for record_dict in record_dicts ]
          for record in records:
-            if (options.format == "text"):      record.dump()  
+            if (options.format == "text"):      record.dump(sort=True)  
              else:                               print record.save_as_xml() 
          if options.file:
              save_records_to_file(options.file, record_dicts, options.fileformat)
              else:                               print record.save_as_xml() 
          if options.file:
              save_records_to_file(options.file, record_dicts, options.fileformat)
@@ -727,29 +951,52 @@ or version information about sfi itself
      def add(self, options, args):
          "add record into registry from xml file (Register)"
          auth_cred = self.my_authority_credential_string()
      def add(self, options, args):
          "add record into registry from xml file (Register)"
          auth_cred = self.my_authority_credential_string()
-        if len(args)!=1:
+        if options.show_credential:
+            show_credentials(auth_cred)
+        record_dict = {}
+        if len(args) > 0:
+            record_filepath = args[0]
+            rec_file = self.get_record_file(record_filepath)
+            record_dict.update(load_record_from_file(rec_file).todict())
+        if options:
+            record_dict.update(load_record_from_opts(options).todict())
+        # we should have a type by now
+        if 'type' not in record_dict :
              self.print_help()
              sys.exit(1)
              self.print_help()
              sys.exit(1)
-        record_filepath = args[0]
-        rec_file = self.get_record_file(record_filepath)
-        record = load_record_from_file(rec_file).todict()
-        return self.registry().Register(record, auth_cred)
+        # this is still planetlab dependent.. as plc will whine without that
+        # also, it's only for adding
+        if record_dict['type'] == 'user':
+            if not 'first_name' in record_dict:
+                record_dict['first_name'] = record_dict['hrn']
+            if 'last_name' not in record_dict:
+                record_dict['last_name'] = record_dict['hrn'] 
+        return self.registry().Register(record_dict, auth_cred)
      
      def update(self, options, args):
          "update record into registry from xml file (Update)"
      
      def update(self, options, args):
          "update record into registry from xml file (Update)"
-        if len(args)!=1:
+        record_dict = {}
+        if len(args) > 0:
+            record_filepath = args[0]
+            rec_file = self.get_record_file(record_filepath)
+            record_dict.update(load_record_from_file(rec_file).todict())
+        if options:
+            record_dict.update(load_record_from_opts(options).todict())
+        # at the very least we need 'type' here
+        if 'type' not in record_dict:
              self.print_help()
              sys.exit(1)
              self.print_help()
              sys.exit(1)
-        rec_file = self.get_record_file(args[0])
-        record = load_record_from_file(rec_file)
-        if record.type == "user":
-            if record.hrn == self.user:
+
+        # don't translate into an object, as this would possibly distort
+        # user-provided data; e.g. add an 'email' field to Users
+        if record_dict['type'] == "user":
+            if record_dict['hrn'] == self.user:
                  cred = self.my_credential_string
              else:
                  cred = self.my_authority_credential_string()
                  cred = self.my_credential_string
              else:
                  cred = self.my_authority_credential_string()
-        elif record.type in ["slice"]:
+        elif record_dict['type'] in ["slice"]:
              try:
              try:
-                cred = self.slice_credential_string(record.hrn)
+                cred = self.slice_credential_string(record_dict['hrn'])
              except ServerException, e:
                 # XXX smbaker -- once we have better error return codes, update this
                 # to do something better than a string compare
              except ServerException, e:
                 # XXX smbaker -- once we have better error return codes, update this
                 # to do something better than a string compare
@@ -757,13 +1004,14 @@ or version information about sfi itself
                     cred = self.my_authority_credential_string()
                 else:
                     raise
                     cred = self.my_authority_credential_string()
                 else:
                     raise
-        elif record.type in ["authority"]:
+        elif record_dict['type'] in ["authority"]:
              cred = self.my_authority_credential_string()
              cred = self.my_authority_credential_string()
-        elif record.type == 'node':
+        elif record_dict['type'] == 'node':
              cred = self.my_authority_credential_string()
          else:
              cred = self.my_authority_credential_string()
          else:
-            raise "unknown record type" + record.type
-        record_dict = record.todict()
+            raise "unknown record type" + record_dict['type']
+        if options.show_credential:
+            show_credentials(cred)
          return self.registry().Update(record_dict, cred)
    
      def remove(self, options, args):
          return self.registry().Update(record_dict, cred)
    
      def remove(self, options, args):
@@ -776,6 +1024,8 @@ or version information about sfi itself
          type = options.type 
          if type in ['all']:
              type = '*'
          type = options.type 
          if type in ['all']:
              type = '*'
+        if options.show_credential:
+            show_credentials(auth_cred)
          return self.registry().Remove(hrn, auth_cred, type)
      
      # ==================================================================
          return self.registry().Remove(hrn, auth_cred, type)
      
      # ==================================================================
@@ -793,6 +1043,8 @@ or version information about sfi itself
          # options and call_id when supported
          api_options = {}
         api_options['call_id']=unique_call_id()
          # options and call_id when supported
          api_options = {}
         api_options['call_id']=unique_call_id()
+        if options.show_credential:
+            show_credentials(creds)
          result = server.ListSlices(creds, *self.ois(server,api_options))
          value = ReturnValue.get_value(result)
          if self.options.raw:
          result = server.ListSlices(creds, *self.ois(server,api_options))
          value = ReturnValue.get_value(result)
          if self.options.raw:
@@ -817,6 +1069,8 @@ or with an slice hrn, shows currently provisioned resources
              creds.append(self.my_credential_string)
          if options.delegate:
              creds.append(self.delegate_cred(cred, get_authority(self.authority)))
              creds.append(self.my_credential_string)
          if options.delegate:
              creds.append(self.delegate_cred(cred, get_authority(self.authority)))
+        if options.show_credential:
+            show_credentials(creds)
  
          # no need to check if server accepts the options argument since the options has
          # been a required argument since v1 API
  
          # no need to check if server accepts the options argument since the options has
          # been a required argument since v1 API
@@ -830,6 +1084,8 @@ or with an slice hrn, shows currently provisioned resources
              api_options['geni_slice_urn'] = hrn_to_urn(hrn, 'slice')
          if options.info:
              api_options['info'] = options.info
              api_options['geni_slice_urn'] = hrn_to_urn(hrn, 'slice')
          if options.info:
              api_options['info'] = options.info
+        if options.list_leases:
+            api_options['list_leases'] = options.list_leases
          if options.current:
              if options.current == True:
                  api_options['cached'] = False
          if options.current:
              if options.current == True:
                  api_options['cached'] = False
@@ -869,6 +1125,7 @@ or with an slice hrn, shows currently provisioned resources
  
          # credentials
          creds = [self.slice_credential_string(slice_hrn)]
  
          # credentials
          creds = [self.slice_credential_string(slice_hrn)]
+
          delegated_cred = None
          server_version = self.get_cached_server_version(server)
          if server_version.get('interface') == 'slicemgr':
          delegated_cred = None
          server_version = self.get_cached_server_version(server)
          if server_version.get('interface') == 'slicemgr':
@@ -880,6 +1137,9 @@ or with an slice hrn, shows currently provisioned resources
              #elif server_version.get('urn'):
              #    delegated_cred = self.delegate_cred(slice_cred, urn_to_hrn(server_version['urn']))
  
              #elif server_version.get('urn'):
              #    delegated_cred = self.delegate_cred(slice_cred, urn_to_hrn(server_version['urn']))
  
+        if options.show_credential:
+            show_credentials(creds)
+
          # rspec
          rspec_file = self.get_rspec_file(args[1])
          rspec = open(rspec_file).read()
          # rspec
          rspec_file = self.get_rspec_file(args[1])
          rspec = open(rspec_file).read()
@@ -891,10 +1151,14 @@ or with an slice hrn, shows currently provisioned resources
          #    keys: [<ssh key A>, <ssh key B>]
          #  }]
          users = []
          #    keys: [<ssh key A>, <ssh key B>]
          #  }]
          users = []
+        # xxx Thierry 2012 sept. 21
+        # contrary to what I was first thinking, calling Resolve with details=False does not yet work properly here
+        # I am turning details=True on again on a - hopefully - temporary basis, just to get this whole thing to work again
          slice_records = self.registry().Resolve(slice_urn, [self.my_credential_string])
          slice_records = self.registry().Resolve(slice_urn, [self.my_credential_string])
-        if slice_records and 'researcher' in slice_records[0] and slice_records[0]['researcher']!=[]:
+        # slice_records = self.registry().Resolve(slice_urn, [self.my_credential_string], {'details':True})
+        if slice_records and 'reg-researchers' in slice_records[0] and slice_records[0]['reg-researchers']:
              slice_record = slice_records[0]
              slice_record = slice_records[0]
-            user_hrns = slice_record['researcher']
+            user_hrns = slice_record['reg-researchers']
              user_urns = [hrn_to_urn(hrn, 'user') for hrn in user_hrns]
              user_records = self.registry().Resolve(user_urns, [self.my_credential_string])
  
              user_urns = [hrn_to_urn(hrn, 'user') for hrn in user_hrns]
              user_records = self.registry().Resolve(user_urns, [self.my_credential_string])
  
@@ -904,6 +1168,7 @@ or with an slice hrn, shows currently provisioned resources
                  rspec.filter({'component_manager_id': server_version['urn']})
                  rspec = RSpecConverter.to_pg_rspec(rspec.toxml(), content_type='request')
              else:
                  rspec.filter({'component_manager_id': server_version['urn']})
                  rspec = RSpecConverter.to_pg_rspec(rspec.toxml(), content_type='request')
              else:
+                print >>sys.stderr, "\r\n \r\n \r\n WOOOOOO"
                  users = sfa_users_arg(user_records, slice_record)
  
          # do not append users, keys, or slice tags. Anything
                  users = sfa_users_arg(user_records, slice_record)
  
          # do not append users, keys, or slice tags. Anything
@@ -914,7 +1179,6 @@ or with an slice hrn, shows currently provisioned resources
          api_options = {}
          api_options ['append'] = False
          api_options ['call_id'] = unique_call_id()
          api_options = {}
          api_options ['append'] = False
          api_options ['call_id'] = unique_call_id()
-
          result = server.CreateSliver(slice_urn, creds, rspec, users, *self.ois(server, api_options))
          value = ReturnValue.get_value(result)
          if self.options.raw:
          result = server.CreateSliver(slice_urn, creds, rspec, users, *self.ois(server, api_options))
          value = ReturnValue.get_value(result)
          if self.options.raw:
@@ -946,6 +1210,8 @@ or with an slice hrn, shows currently provisioned resources
          # options and call_id when supported
          api_options = {}
          api_options ['call_id'] = unique_call_id()
          # options and call_id when supported
          api_options = {}
          api_options ['call_id'] = unique_call_id()
+        if options.show_credential:
+            show_credentials(creds)
          result = server.DeleteSliver(slice_urn, creds, *self.ois(server, api_options ) )
          value = ReturnValue.get_value(result)
          if self.options.raw:
          result = server.DeleteSliver(slice_urn, creds, *self.ois(server, api_options ) )
          value = ReturnValue.get_value(result)
          if self.options.raw:
@@ -974,6 +1240,8 @@ or with an slice hrn, shows currently provisioned resources
          # options and call_id when supported
          api_options = {}
          api_options['call_id']=unique_call_id()
          # options and call_id when supported
          api_options = {}
          api_options['call_id']=unique_call_id()
+        if options.show_credential:
+            show_credentials(creds)
          result = server.SliverStatus(slice_urn, creds, *self.ois(server,api_options))
          value = ReturnValue.get_value(result)
          if self.options.raw:
          result = server.SliverStatus(slice_urn, creds, *self.ois(server,api_options))
          value = ReturnValue.get_value(result)
          if self.options.raw:
@@ -1056,21 +1324,25 @@ or with an slice hrn, shows currently provisioned resources
          renew slice (RenewSliver)
          """
          server = self.sliceapi()
          renew slice (RenewSliver)
          """
          server = self.sliceapi()
+        if len(args) != 2:
+            self.print_help()
+            sys.exit(1)
+        [ slice_hrn, input_time ] = args
          # slice urn    
          # slice urn    
-        slice_hrn = args[0]
          slice_urn = hrn_to_urn(slice_hrn, 'slice') 
          slice_urn = hrn_to_urn(slice_hrn, 'slice') 
+        # time: don't try to be smart on the time format, server-side will
          # creds
          slice_cred = self.slice_credential_string(args[0])
          creds = [slice_cred]
          if options.delegate:
              delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
              creds.append(delegated_cred)
          # creds
          slice_cred = self.slice_credential_string(args[0])
          creds = [slice_cred]
          if options.delegate:
              delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
              creds.append(delegated_cred)
-        # time
-        time = args[1]
          # options and call_id when supported
          api_options = {}
         api_options['call_id']=unique_call_id()
          # options and call_id when supported
          api_options = {}
         api_options['call_id']=unique_call_id()
-        result =  server.RenewSliver(slice_urn, creds, time, *self.ois(server,api_options))
+        if options.show_credential:
+            show_credentials(creds)
+        result =  server.RenewSliver(slice_urn, creds, input_time, *self.ois(server,api_options))
          value = ReturnValue.get_value(result)
          if self.options.raw:
              save_raw_to_file(result, self.options.raw, self.options.rawformat, self.options.rawbanner)
          value = ReturnValue.get_value(result)
          if self.options.raw:
              save_raw_to_file(result, self.options.raw, self.options.rawformat, self.options.rawbanner)
@@ -1171,7 +1443,7 @@ or with an slice hrn, shows currently provisioned resources
                  self.logger.log_exc(e.message)
          return
  
                  self.logger.log_exc(e.message)
          return
  
-    def create_gid(self, options, args):
+    def gid(self, options, args):
          """
          Create a GID (CreateGid)
          """
          """
          Create a GID (CreateGid)
          """
@@ -1179,7 +1451,7 @@ or with an slice hrn, shows currently provisioned resources
              self.print_help()
              sys.exit(1)
          target_hrn = args[0]
              self.print_help()
              sys.exit(1)
          target_hrn = args[0]
-        gid = self.registry().CreateGid(self.my_credential_string, target_hrn, self.bootstrap.my_gid_string())
+        gid = self.registry().CreateGid(self.my_credential_string, target_hrn, self.client_bootstrap.my_gid_string())
          if options.file:
              filename = options.file
          else:
          if options.file:
              filename = options.file
          else:
@@ -1214,7 +1486,7 @@ or with an slice hrn, shows currently provisioned resources
  
          self.logger.info("delegated credential for %s to %s and wrote to %s"%(object_hrn, delegee_hrn,dest_fn))
      
  
          self.logger.info("delegated credential for %s to %s and wrote to %s"%(object_hrn, delegee_hrn,dest_fn))
      
-    def get_trusted_certs(self, options, args):
+    def trusted(self, options, args):
          """
          return uhe trusted certs at this interface (get_trusted_certs)
          """ 
          """
          return uhe trusted certs at this interface (get_trusted_certs)
          """ 
@@ -1223,6 +1495,9 @@ or with an slice hrn, shows currently provisioned resources
              gid = GID(string=trusted_cert)
              gid.dump()
              cert = Certificate(string=trusted_cert)
              gid = GID(string=trusted_cert)
              gid.dump()
              cert = Certificate(string=trusted_cert)
-            self.logger.debug('Sfi.get_trusted_certs -> %r'%cert.get_subject())
+            self.logger.debug('Sfi.trusted -> %r'%cert.get_subject())
          return 
  
          return 
  
+    def config (self, options, args):
+        "Display contents of current config"
+        self.show_config()