- #TODO SA 21/08/12 verify_persons Needs review
-
- logger.debug("IOTLABSLICES \tverify_persons \tslice_hrn %s \
- \t slice_record %s\r\n users %s \t "
- % (slice_hrn, slice_record, users))
-
- users_by_email = {}
- #users_dict : dict whose keys can either be the user's hrn or its id.
- #Values contains only id and hrn
- users_dict = {}
-
- #First create dicts by hrn and id for each user in the user record list:
- for info in users:
- # if 'slice_record' in info:
- # slice_rec = info['slice_record']
- # if 'user' in slice_rec :
- # user = slice_rec['user']
-
- if 'email' in info:
- users_by_email[info['email']] = info
- users_dict[info['email']] = info
-
- logger.debug("SLABSLICE.PY \t verify_person \
- users_dict %s \r\n user_by_email %s \r\n "
- % (users_dict, users_by_email))
-
- existing_user_ids = []
- existing_user_emails = []
- existing_users = []
- # Check if user is in Iotlab LDAP using its hrn.
- # Assuming Iotlab is centralised : one LDAP for all sites,
- # user's record_id unknown from LDAP
- # LDAP does not provide users id, therefore we rely on email to find the
- # user in LDAP
-
- if users_by_email:
- #Construct the list of filters (list of dicts) for GetPersons
- filter_user = [users_by_email[email] for email in users_by_email]
- #Check user i in LDAP with GetPersons
- #Needed because what if the user has been deleted in LDAP but
- #is still in SFA?
- existing_users = self.driver.testbed_shell.GetPersons(filter_user)
- logger.debug(" \r\n IOTLABSLICES.PY \tverify_person filter_user %s\
- existing_users %s "
- % (filter_user, existing_users))
- #User is in iotlab LDAP
- if existing_users:
- for user in existing_users:
- user['login'] = user['uid']
- users_dict[user['email']].update(user)
- existing_user_emails.append(
- users_dict[user['email']]['email'])
-
-
- # User from another known trusted federated site. Check
- # if a iotlab account matching the email has already been created.
- else:
- req = 'mail='
- if isinstance(users, list):
- req += users[0]['email']
- else:
- req += users['email']
- ldap_reslt = self.driver.testbed_shell.ldap.LdapSearch(req)
-
- if ldap_reslt:
- logger.debug(" SLABSLICE.PY \tverify_person users \
- USER already in Iotlab \t ldap_reslt %s \
- " % (ldap_reslt))
- existing_users.append(ldap_reslt[1])
-
- else:
- #User not existing in LDAP
- logger.debug("SLABSLICE.PY \tverify_person users \
- not in ldap ...NEW ACCOUNT NEEDED %s \r\n \t \
- ldap_reslt %s " % (users, ldap_reslt))
-
- requested_user_emails = users_by_email.keys()
- requested_user_hrns = \
- [users_by_email[user]['hrn'] for user in users_by_email]
- logger.debug("SLABSLICE.PY \tverify_person \
- users_by_email %s " % (users_by_email))
-
- #Check that the user of the slice in the slice record
- #matches one of the existing users
- try:
- if slice_record['reg-researchers'][0] in requested_user_hrns:
- logger.debug(" SLABSLICE \tverify_person ['PI']\
- slice_record %s" % (slice_record))
-
- except KeyError:
- pass
-
- # users to be added, removed or updated
- #One user in one iotlab slice : there should be no need
- #to remove/ add any user from/to a slice.
- #However a user from SFA which is not registered in Iotlab yet
- #should be added to the LDAP.
- added_user_emails = set(requested_user_emails).\
- difference(set(existing_user_emails))
-
-
- #self.verify_keys(existing_slice_users, updated_users_list, \
- #peer, append)
-
- added_persons = []
- # add new users
- #requested_user_email is in existing_user_emails
- if len(added_user_emails) == 0:
- slice_record['login'] = users_dict[requested_user_emails[0]]['uid']
- logger.debug(" SLABSLICE \tverify_person QUICK DIRTY %s"
- % (slice_record))
-
- for added_user_email in added_user_emails:
- added_user = users_dict[added_user_email]
- logger.debug(" IOTLABSLICES \r\n \r\n \t verify_person \
- added_user %s" % (added_user))
- person = {}
- person['peer_person_id'] = None
- k_list = ['first_name', 'last_name', 'person_id']
- for k in k_list:
- if k in added_user:
- person[k] = added_user[k]
-
- person['pkey'] = added_user['keys'][0]
- person['mail'] = added_user['email']
- person['email'] = added_user['email']
- person['key_ids'] = added_user.get('key_ids', [])
-
- ret = self.driver.testbed_shell.AddPerson(person)
- if 'uid' in ret:
- # meaning bool is True and the AddPerson was successful
- person['uid'] = ret['uid']
- slice_record['login'] = person['uid']
- else:
- # error message in ret
- logger.debug(" IOTLABSLICES ret message %s" %(ret))
-
- logger.debug(" SLABSLICE \r\n \r\n \t THE SECOND verify_person\
- person %s" % (person))
- #Update slice_Record with the id now known to LDAP
-
-
- added_persons.append(person)
- return added_persons
-
-
- def verify_keys(self, persons, users, peer, options={}):
+ if options is None: options={}
+ user = slice_record['user']
+ logger.debug("IOTLABSLICES \tverify_persons \tuser %s " % user)
+ person = {
+ 'peer_person_id': None,
+ 'mail' : user['email'],
+ 'email' : user['email'],
+ 'key_ids' : user.get('key_ids', []),
+ 'hrn' : user['hrn'],
+ }
+ if 'first_name' in user:
+ person['first_name'] = user['first_name']
+ if 'last_name' in user:
+ person['last_name'] = user['last_name']
+ if 'person_id' in user:
+ person['person_id'] = user['person_id']
+ if user['keys']:
+ # Only one key is kept for IoTLAB
+ person['pkey'] = user['keys'][0]
+ # SFA DB (if user already exist we do nothing)
+ self.driver.add_person_to_db(person)
+ # Iot-LAB LDAP (if user already exist we do nothing)
+ ret = self.driver.AddPerson(person)
+ # user uid information is only in LDAP
+ # Be carreful : global scope of dict slice_record in driver
+ slice_record['login'] = ret['uid']
+ return person
+
+
+
+ def verify_keys(self, persons, users, peer, options=None):