git://git.onelab.eu / sfa.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
namespace module is gone, plxrn provides PL-specific translations
[sfa.git] / sfa / managers / registry_manager_pl.py
diff --git a/sfa/managers/registry_manager_pl.py b/sfa/managers/registry_manager_pl.py
index 7c96927..3835873 100644 (file)
--- a/sfa/managers/registry_manager_pl.py
+++ b/sfa/managers/registry_manager_pl.py
@@ -1,15 +1,23 @@
 import types
 import time 
 import types
 import time 
-from sfa.server.registry import Registries
+
+from sfa.util.faults import *
 from sfa.util.prefixTree import prefixTree
 from sfa.util.record import SfaRecord
 from sfa.util.table import SfaTable
 from sfa.util.record import SfaRecord
 from sfa.trust.gid import GID 
 from sfa.util.prefixTree import prefixTree
 from sfa.util.record import SfaRecord
 from sfa.util.table import SfaTable
 from sfa.util.record import SfaRecord
 from sfa.trust.gid import GID 
-from sfa.util.namespace import *
-from sfa.trust.credential import *
-from sfa.trust.certificate import *
-from sfa.util.faults import *
+from sfa.util.xrn import Xrn, get_leaf, get_authority, hrn_to_urn, urn_to_hrn
+from sfa.util.plxrn import hrn_to_pl_login_base
+from sfa.trust.credential import Credential
+from sfa.trust.certificate import Certificate, Keypair
+from sfa.trust.gid import create_uuid
+
+def get_version(api):
+    version = {}
+    version['geni_api'] = 1
+    version['sfa'] = 1
+    return version
 
 def get_credential(api, xrn, type, is_self=False):
     # convert xrn to hrn     
 
 def get_credential(api, xrn, type, is_self=False):
     # convert xrn to hrn     
@@ -17,6 +25,7 @@ def get_credential(api, xrn, type, is_self=False):
         hrn = urn_to_hrn(xrn)[0]
     else:
         hrn, type = urn_to_hrn(xrn)
         hrn = urn_to_hrn(xrn)[0]
     else:
         hrn, type = urn_to_hrn(xrn)
+        
     # Is this a root or sub authority
     auth_hrn = api.auth.get_authority(hrn)
     if not auth_hrn or hrn == api.config.SFA_INTERFACE_HRN:
     # Is this a root or sub authority
     auth_hrn = api.auth.get_authority(hrn)
     if not auth_hrn or hrn == api.config.SFA_INTERFACE_HRN:
@@ -55,18 +64,28 @@ def get_credential(api, xrn, type, is_self=False):
     new_cred = Credential(subject = object_gid.get_subject())
     new_cred.set_gid_caller(caller_gid)
     new_cred.set_gid_object(object_gid)
     new_cred = Credential(subject = object_gid.get_subject())
     new_cred.set_gid_caller(caller_gid)
     new_cred.set_gid_object(object_gid)
-    new_cred.set_issuer(key=auth_info.get_pkey_object(), subject=auth_hrn)
-    new_cred.set_pubkey(object_gid.get_pubkey())
+    new_cred.set_issuer_keys(auth_info.get_privkey_filename(), auth_info.get_gid_filename())
+    #new_cred.set_pubkey(object_gid.get_pubkey())
     new_cred.set_privileges(rights)
     new_cred.set_privileges(rights)
-    new_cred.set_delegate(True)
+    new_cred.get_privileges().delegate_all_privileges(True)
+    if 'expires' in record:
+        new_cred.set_expiration(int(record['expires']))
     auth_kind = "authority,ma,sa"
     auth_kind = "authority,ma,sa"
-    new_cred.set_parent(api.auth.hierarchy.get_auth_cred(auth_hrn, kind=auth_kind))
+    # Parent not necessary, verify with certs
+    #new_cred.set_parent(api.auth.hierarchy.get_auth_cred(auth_hrn, kind=auth_kind))
     new_cred.encode()
     new_cred.sign()
 
     return new_cred.save_to_string(save_parents=True)
 
     new_cred.encode()
     new_cred.sign()
 
     return new_cred.save_to_string(save_parents=True)
 
-def resolve(api, xrns, type=None, origin_hrn=None, full=True):
+
+# The GENI GetVersion call
+def GetVersion():
+    version = {}
+    version['geni_api'] = 1
+    return version
+
+def resolve(api, xrns, type=None, full=True):
 
     # load all know registry names into a prefix tree and attempt to find
     # the longest matching prefix
 
     # load all know registry names into a prefix tree and attempt to find
     # the longest matching prefix
@@ -76,8 +95,7 @@ def resolve(api, xrns, type=None, origin_hrn=None, full=True):
     # create a dict whre key is an registry hrn and its value is a
     # hrns at that registry (determined by the known prefix tree).  
     xrn_dict = {}
     # create a dict whre key is an registry hrn and its value is a
     # hrns at that registry (determined by the known prefix tree).  
     xrn_dict = {}
-    # XX Preload this into the api module
-    registries = Registries(api)
+    registries = api.registries
     tree = prefixTree()
     registry_hrns = registries.keys()
     tree.load(registry_hrns)
     tree = prefixTree()
     registry_hrns = registries.keys()
     tree.load(registry_hrns)
@@ -99,7 +117,7 @@ def resolve(api, xrns, type=None, origin_hrn=None, full=True):
         xrns = xrn_dict[registry_hrn]
         if registry_hrn != api.hrn:
             credential = api.getCredential()
         xrns = xrn_dict[registry_hrn]
         if registry_hrn != api.hrn:
             credential = api.getCredential()
-            peer_records = registries[registry_hrn].resolve(credential, xrns, origin_hrn)
+            peer_records = registries[registry_hrn].Resolve(xrns, credential)
             records.extend([SfaRecord(dict=record).as_dict() for record in peer_records])
 
     # try resolving the remaining unfound records at the local registry
             records.extend([SfaRecord(dict=record).as_dict() for record in peer_records])
 
     # try resolving the remaining unfound records at the local registry
@@ -126,12 +144,12 @@ def list(api, xrn, origin_hrn=None):
     # load all know registry names into a prefix tree and attempt to find
     # the longest matching prefix
     records = []
     # load all know registry names into a prefix tree and attempt to find
     # the longest matching prefix
     records = []
-    registries = Registries(api)
+    registries = api.registries
     registry_hrns = registries.keys()
     tree = prefixTree()
     tree.load(registry_hrns)
     registry_hrn = tree.best_match(hrn)
     registry_hrns = registries.keys()
     tree = prefixTree()
     tree.load(registry_hrns)
     registry_hrn = tree.best_match(hrn)
-    
+   
     #if there was no match then this record belongs to an unknow registry
     if not registry_hrn:
         raise MissingAuthority(xrn)
     #if there was no match then this record belongs to an unknow registry
     if not registry_hrn:
         raise MissingAuthority(xrn)
@@ -144,7 +162,7 @@ def list(api, xrn, origin_hrn=None):
         record_list = registries[registry_hrn].list(credential, xrn, origin_hrn)
         records = [SfaRecord(dict=record).as_dict() for record in record_list]
     
         record_list = registries[registry_hrn].list(credential, xrn, origin_hrn)
         records = [SfaRecord(dict=record).as_dict() for record in record_list]
     
-    # if we still havnt found the record yet, try the local registry
+    # if we still have not found the record yet, try the local registry
     if not records:
         if not api.auth.hierarchy.auth_exists(hrn):
             raise MissingAuthority(hrn)
     if not records:
         if not api.auth.hierarchy.auth_exists(hrn):
             raise MissingAuthority(hrn)
@@ -158,7 +176,7 @@ def list(api, xrn, origin_hrn=None):
 def register(api, record):
 
     hrn, type = record['hrn'], record['type']
 def register(api, record):
 
     hrn, type = record['hrn'], record['type']
-
+    urn = hrn_to_urn(hrn,type)
     # validate the type
     if type not in ['authority', 'slice', 'node', 'user']:
         raise UnknownSfaType(type) 
     # validate the type
     if type not in ['authority', 'slice', 'node', 'user']:
         raise UnknownSfaType(type) 
@@ -187,7 +205,7 @@ def register(api, record):
                 pub_key = record['key']
             pkey = convert_public_key(pub_key)
 
                 pub_key = record['key']
             pkey = convert_public_key(pub_key)
 
-        gid_object = api.auth.hierarchy.create_gid(hrn, uuid, pkey)
+        gid_object = api.auth.hierarchy.create_gid(urn, uuid, pkey)
         gid = gid_object.save_to_string(save_parents=True)
         record['gid'] = gid
         record.set_gid(gid)
         gid = gid_object.save_to_string(save_parents=True)
         record['gid'] = gid
         record.set_gid(gid)
@@ -195,7 +213,7 @@ def register(api, record):
     if type in ["authority"]:
         # update the tree
         if not api.auth.hierarchy.auth_exists(hrn):
     if type in ["authority"]:
         # update the tree
         if not api.auth.hierarchy.auth_exists(hrn):
-            api.auth.hierarchy.create_auth(hrn)
+            api.auth.hierarchy.create_auth(hrn_to_urn(hrn,'authority'))
 
         # get the GID from the newly created authority
         gid = auth_info.get_gid_object()
 
         # get the GID from the newly created authority
         gid = auth_info.get_gid_object()
@@ -268,6 +286,7 @@ def update(api, record_dict):
     new_record = SfaRecord(dict = record_dict)
     type = new_record['type']
     hrn = new_record['hrn']
     new_record = SfaRecord(dict = record_dict)
     type = new_record['type']
     hrn = new_record['hrn']
+    urn = hrn_to_urn(hrn,type)
     api.auth.verify_object_permission(hrn)
     table = SfaTable()
     # make sure the record exists
     api.auth.verify_object_permission(hrn)
     table = SfaTable()
     # make sure the record exists
@@ -332,7 +351,7 @@ def update(api, record_dict):
             # update the openssl key and gid
             pkey = convert_public_key(new_key)
             uuid = create_uuid()
             # update the openssl key and gid
             pkey = convert_public_key(new_key)
             uuid = create_uuid()
-            gid_object = api.auth.hierarchy.create_gid(hrn, uuid, pkey)
+            gid_object = api.auth.hierarchy.create_gid(urn, uuid, pkey)
             gid = gid_object.save_to_string(save_parents=True)
             record['gid'] = gid
             record = SfaRecord(dict=record)
             gid = gid_object.save_to_string(save_parents=True)
             record['gid'] = gid
             record = SfaRecord(dict=record)
@@ -349,25 +368,23 @@ def update(api, record_dict):
     
     return 1 
 
     
     return 1 
 
-def remove(api, xrn, type, origin_hrn=None):
-    # convert xrn to hrn     
-    if type:
-        hrn = urn_to_hrn(xrn)[0]
-    else:
-        hrn, type = urn_to_hrn(xrn)    
+# expecting an Xrn instance
+def remove(api, xrn, origin_hrn=None):
 
     table = SfaTable()
 
     table = SfaTable()
-    filter = {'hrn': hrn}
-    if type not in ['all', '*']:
+    filter = {'hrn': xrn.get_hrn()}
+    hrn=xrn.get_hrn()
+    type=xrn.get_type()
+    if type and type not in ['all', '*']:
         filter['type'] = type
         filter['type'] = type
+
     records = table.find(filter)
     records = table.find(filter)
-    if not records:
-        raise RecordNotFound(hrn)
+    if not records: raise RecordNotFound(hrn)
     record = records[0]
     type = record['type']
 
     credential = api.getCredential()
     record = records[0]
     type = record['type']
 
     credential = api.getCredential()
-    registries = Registries(api)
+    registries = api.registries
 
     # Try to remove the object from the PLCDB of federated agg.
     # This is attempted before removing the object from the local agg's PLCDB and sfa table
 
     # Try to remove the object from the PLCDB of federated agg.
     # This is attempted before removing the object from the local agg's PLCDB and sfa table
sfa