hashrequest = False
def create_cmd_parser(self, command, additional_cmdargs=None):
- cmdargs = {"gid": "",
- "list": "name",
+ cmdargs = {"list": "name",
"show": "name",
"remove": "name",
"add": "record",
parser = OptionParser(usage="sfi [sfi_options] %s [options] %s" \
% (command, cmdargs[command]))
- if command in ("resources"):
- parser.add_option("-f", "--format", dest="format", type="choice",
- help="display format ([xml]|dns|ip)", default="xml",
- choices=("xml", "dns", "ip"))
-
- if command in ("resources", "slices", "create", "delete", "start", "stop", "get_ticket"):
+ # user specifies remote aggregate/sm/component
+ if command in ("resources", "slices", "create", "delete", "start", "stop", "restart", "get_ticket", "redeem_ticket"):
parser.add_option("-a", "--aggregate", dest="aggregate",
default=None, help="aggregate host")
parser.add_option("-p", "--port", dest="port",
default=AGGREGATE_PORT, help="aggregate port")
-
- if command in ("start", "stop", "reset", "delete", "slices"):
parser.add_option("-c", "--component", dest="component", default=None,
help="component hrn")
-
+
+ # registy filter option
if command in ("list", "show", "remove"):
parser.add_option("-t", "--type", dest="type", type="choice",
- help="type filter ([all]|user|slice|sa|ma|node|aggregate)",
- choices=("all", "user", "slice", "sa", "ma", "node", "aggregate"),
+ help="type filter ([all]|user|slice|authority|node|aggregate)",
+ choices=("all", "user", "slice", "authority", "node", "aggregate"),
default="all")
+ # display formats
+ if command in ("resources"):
+ parser.add_option("-f", "--format", dest="format", type="choice",
+ help="display format ([xml]|dns|ip)", default="xml",
+ choices=("xml", "dns", "ip"))
+
if command in ("resources", "show", "list"):
parser.add_option("-o", "--output", dest="file",
help="output XML to file", metavar="FILE", default=None)
cert.save_to_file(file)
return file
- def get_gid(self):
- #file = os.path.join(self.options.sfi_dir, get_leaf(self.user) + ".gid")
- file = os.path.join(self.options.sfi_dir, self.user.replace(self.authority + '.', '') + ".gid")
- if (os.path.isfile(file)):
- gid = GID(filename=file)
- return gid
- else:
- cert_str = self.cert.save_to_string(save_parents=True)
- gid_str = self.registry.get_gid(cert_str, self.user, "user")
- gid = GID(string=gid_str)
- if self.options.verbose:
- print "Writing user gid to", file
- gid.save_to_file(file, save_parents=True)
- return gid
-
def get_cached_credential(self, file):
"""
Return a cached credential only if it hasn't expired.
return cred
- def delegate_cred(self, cred, hrn, type='authority'):
- # the gid and hrn of the object we are delegating
- user_cred = Credential(string=cred)
- object_gid = user_cred.get_gid_object()
- object_hrn = object_gid.get_hrn()
- #cred.set_delegate(True)
- #if not cred.get_delegate():
- # raise Exception, "Error: Object credential %(object_hrn)s does not have delegate bit set" % locals()
-
-
- records = self.registry.resolve(cred, hrn)
- records = filter_records(type, records)
-
- if not records:
- raise Exception, "Error: Didn't find a %(type)s record for %(hrn)s" % locals()
-
- # the gid of the user who will be delegated too
- record = SfaRecord(dict=records[0])
- delegee_gid = record.get_gid_object()
- delegee_hrn = delegee_gid.get_hrn()
-
- # the key and hrn of the user who will be delegating
- user_key = Keypair(filename=self.get_key_file())
- user_hrn = user_cred.get_gid_caller().get_hrn()
-
- dcred = Credential(subject=object_hrn + " delegated to " + delegee_hrn)
- dcred.set_gid_caller(delegee_gid)
- dcred.set_gid_object(object_gid)
- dcred.set_privileges(user_cred.get_privileges())
- dcred.get_privileges().delegate_all_privileges(True)
-
-
- # Save the issuer's gid to a file
- fname = self.options.sfi_dir + os.sep + "gid_%d" % random.randint(0, 999999999)
- f = open(fname, "w")
- f.write(user_cred.get_gid_caller().save_to_string())
- f.close()
- dcred.set_issuer_keys(self.get_key_file(), fname)
- os.remove(fname)
-
- dcred.set_parent(user_cred)
- dcred.encode()
- dcred.sign()
-
- return dcred.save_to_string(save_parents=True)
def get_rspec_file(self, rspec):
if (os.path.isabs(rspec)):
"""
server = self.slicemgr
# direct connection to an aggregate
- if opts.aggregate:
+ if hasattr(opts, 'aggregate') and opts.aggregate:
server = self.get_server(opts.aggregate, opts.port, self.key_file, \
self.cert_file, self.options.debug)
# direct connection to the nodes component manager interface
- if opts.component:
+ if hasattr(opts, 'component') and opts.component:
server = self.get_component_server_from_hrn(opts.component)
return server
def dispatch(self, command, cmd_opts, cmd_args):
getattr(self, command)(cmd_opts, cmd_args)
- def gid(self, opts, args):
- gid = self.get_gid()
- print "GID: %s" % (gid.save_to_string(save_parents=True))
- return
-
# list entires in named authority registry
def list(self, opts, args):
user_cred = self.get_user_cred().save_to_string(save_parents=True)
# =====================================================================
def GetVersion(self, opts, args):
- server = self.geni_am
- #server = self.get_server_from_opts(opts)
+ server = self.get_server_from_opts(opts)
print server.GetVersion()
def ListResources(self, opts, args):