from sfa.client.sfi import save_records_to_file
from sfa.trust.hierarchy import Hierarchy
from sfa.trust.gid import GID
+from sfa.trust.certificate import convert_public_key
+
+from sfa.client.candidates import Candidates
pprinter = PrettyPrinter(indent=4)
return func
return _decorator
-### utility to match command-line args to names
-class Candidates:
- def __init__ (self, names):
- self.names=names
- # is an input string acceptable for one of the known names?
- @staticmethod
- def fits (input, name):
- return name.find(input)==0
- # returns one of the names if the input name has a unique match
- # or None otherwise
- def only_match (self, input):
- matches=[ name for name in self.names if Candidates.fits(input,name) ]
- if len(matches)==1: return matches[0]
- else: return None
-
class Commands(object):
def _get_commands(self):
command_names = []
choices=('text', 'xml', 'simple'), help='display record in different formats')
def show(self, xrn, type=None, format=None, outfile=None):
"""Display details for a registered object"""
- records = self.api.manager.Resolve(self.api, xrn, type, True)
+ records = self.api.manager.Resolve(self.api, xrn, type, details=True)
for record in records:
sfa_record = Record(dict=record)
sfa_record.dump(format)
record_dict['pi'] = pis
return record_dict
+
+ @args('-x', '--xrn', dest='xrn', metavar='<xrn>', help='object hrn/urn', default=None)
+ @args('-t', '--type', dest='type', metavar='<type>', help='object type (mandatory)',)
+ @args('-a', '--all', dest='all', metavar='<all>', action='store_true', default=False, help='check all users GID')
+ @args('-v', '--verbose', dest='verbose', metavar='<verbose>', action='store_true', default=False, help='verbose mode: display user\'s hrn ')
+ def check_gid(self, xrn=None, type=None, all=None, verbose=None):
+ """Check the correspondance between the GID and the PubKey"""
+
+ # db records
+ from sfa.storage.alchemy import dbsession
+ from sfa.storage.model import RegRecord
+ db_query = dbsession.query(RegRecord).filter_by(type=type)
+ if xrn and not all:
+ hrn = Xrn(xrn).get_hrn()
+ db_query = db_query.filter_by(hrn=hrn)
+ elif all and xrn:
+ print "Use either -a or -x <xrn>, not both !!!"
+ sys.exit(1)
+ elif not all and not xrn:
+ print "Use either -a or -x <xrn>, one of them is mandatory !!!"
+ sys.exit(1)
+
+ records = db_query.all()
+ if not records:
+ print "No Record found"
+ sys.exit(1)
+
+ OK = []
+ NOK = []
+ ERROR = []
+ NOKEY = []
+ for record in records:
+ # get the pubkey stored in SFA DB
+ if record.reg_keys:
+ db_pubkey_str = record.reg_keys[0].key
+ try:
+ db_pubkey_obj = convert_public_key(db_pubkey_str)
+ except:
+ ERROR.append(record.hrn)
+ continue
+ else:
+ NOKEY.append(record.hrn)
+ continue
+
+ # get the pubkey from the gid
+ gid_str = record.gid
+ gid_obj = GID(string = gid_str)
+ gid_pubkey_obj = gid_obj.get_pubkey()
+
+ # Check if gid_pubkey_obj and db_pubkey_obj are the same
+ check = gid_pubkey_obj.is_same(db_pubkey_obj)
+ if check :
+ OK.append(record.hrn)
+ else:
+ NOK.append(record.hrn)
+
+ if not verbose:
+ print "Users NOT having a PubKey: %s\n\
+Users having a non RSA PubKey: %s\n\
+Users having a GID/PubKey correpondence OK: %s\n\
+Users having a GID/PubKey correpondence Not OK: %s\n"%(len(NOKEY), len(ERROR), len(OK), len(NOK))
+ else:
+ print "Users NOT having a PubKey: %s and are: \n%s\n\n\
+Users having a non RSA PubKey: %s and are: \n%s\n\n\
+Users having a GID/PubKey correpondence OK: %s and are: \n%s\n\n\
+Users having a GID/PubKey correpondence NOT OK: %s and are: \n%s\n\n"%(len(NOKEY),NOKEY, len(ERROR), ERROR, len(OK), OK, len(NOK), NOK)
+
+
+
@args('-x', '--xrn', dest='xrn', metavar='<xrn>', help='object hrn/urn (mandatory)')
@args('-t', '--type', dest='type', metavar='<type>', help='object type', default=None)
@args('-e', '--email', dest='email', default="",
from sfa.importer import Importer
importer = Importer()
importer.run()
+
+ def sync_db(self):
+ """Initialize or upgrade the db"""
+ from sfa.storage.dbschema import DBSchema
+ dbschema=DBSchema()
+ dbschema.init_or_upgrade
@args('-a', '--all', dest='all', metavar='<all>', action='store_true', default=False,
help='Remove all registry records and all files in %s area' % help_basedir)
print "Command failed, please check log for more info"
raise
-candidates_specs=[
-('create delete reset resources slices start status stop version',
- [ ('ver','version'),
- ('r',None),
- ('re',None),
- ('res',None),
- ('rese','reset'),
- ('reset','reset'),
- ('reso','resources'),
- ('sli','slices'),
- ('st',None),
- ('sta',None),
- ('stop','stop'),
- ('a',None),
-])
-]
-
-def test_candidates ():
- for (names, tuples) in candidates_specs:
- names=names.split()
- for (input,expected) in tuples:
- got=Candidates(names).only_match(input)
- if got==expected: print '.',
- else: print 'X FAIL','names[',names,'] input',input,'expected',expected,'got',got
-
-if __name__ == '__main__':
- test_candidates()