import time
import traceback
import sys
-
+import re
from types import StringTypes
from sfa.util.namespace import *
from sfa.util.rspec import *
from sfa.plc.api import SfaAPI
from sfa.plc.slices import *
-"""
-Create a new plauth object that the Aggregate Manager can use to execute
-plshell commands as the authenticated user.
-"""
-def __get_user_plauth(api, registry, credential, creds, operation, hrn):
- plauth = None
-
- user_creds = api.auth.checkCredentials(creds, operation, hrn)
- user_cred_obj = Credential(string=user_creds[0])
-
- # If user cred has a parent then the caller is the parent's cred.
- # This is true for delegated creds.
- if user_cred_obj.parent:
- user_hrn = user_cred_obj.parent.get_gid_caller().get_hrn()
- else:
- user_hrn = user_cred_obj.get_gid_caller().get_hrn()
-
- user_record = registry.Resolve(user_hrn, [credential])[0]
- email = user_record['email']
-
- person = api.plshell.GetPersons(api.plauth, email)
- if person:
- person_id = person[0]['person_id']
- # Get the user's session if one exists, create one otherwise
- session = api.plshell.GetSessions(api.plauth, {'person_id': person_id})
- if not session:
- session = api.plshell.AddSession(api.plauth, person_id)
- else:
- session = session[0]['session_id']
-
- # Create new authentication token
- plauth = {'Username':email, 'AuthMethod':'session', 'session':session}
-
- return plauth
-
def __get_registry_objects(slice_xrn, creds, users):
"""
reg_objects = None
if users:
+ # dont allow special characters in the site login base
+ only_alphanumeric = re.compile('[^a-zA-Z0-9]+')
+ login_base = only_alphanumeric.sub('', hrn_auth[:20]).lower()
+
reg_objects = {}
site = {}
site['site_id'] = 0
- site['name'] = 'geni.%s' % hrn_auth[:20]
+ site['name'] = 'geni.%s' % login_base
site['enabled'] = True
site['max_slices'] = 100
# Note:
# Is it okay if this login base is the same as one already at this myplc site?
# Do we need uniqueness? Should use hrn_auth instead of just the leaf perhaps?
- site['login_base'] = hrn_auth[:20]
- site['abbreviated_name'] = hrn_auth[:20]
+ site['login_base'] = login_base
+ site['abbreviated_name'] = login_base
site['max_slivers'] = 1000
reg_objects['site'] = site
Create the sliver[s] (slice) at this aggregate.
Verify HRN and initialize the slice record in PLC if necessary.
"""
+
reg_objects = __get_registry_objects(slice_xrn, creds, users)
hrn, type = urn_to_hrn(slice_xrn)
slice_record = slices.verify_slice(registry, credential, hrn, site_id,
remote_site_id, peer, sfa_peer, reg_objects)
-
- user_plauth = __get_user_plauth(api, registry, credential, creds,
- "createsliver", hrn)
-
- # The Network instance will use user_plauth to call the PLCAPI
- network = Network(api, user_plauth)
+
+ network = Network(api)
slice = network.get_slice(api, hrn)
slice.peer_id = slice_record['peer_slice_id']
if peer:
api.plshell.UnBindObjectFromPeer(api.plauth, 'slice', slice.id, peer)
- api.plshell.AddSliceToNodes(user_plauth, slice.name, added_nodes)
- api.plshell.DeleteSliceFromNodes(user_plauth, slice.name, deleted_nodes)
+ api.plshell.AddSliceToNodes(api.plauth, slice.name, added_nodes)
+ api.plshell.DeleteSliceFromNodes(api.plauth, slice.name, deleted_nodes)
network.updateSliceTags()
slice.peer_id)
# print network.toxml()
+
return True
if rspec:
return rspec
- registry = api.registries[api.hrn]
- credential = api.getCredential()
- user_plauth = __get_user_plauth(api, registry, credential, creds,
- "listnodes", hrn)
-
- # The Network instance will use user_plauth to call the PLCAPI
- network = Network(api, user_plauth)
+ network = Network(api)
if (hrn):
if network.get_slice(api, hrn):
network.addSlice()
# cache the result
if api.cache and not xrn:
api.cache.add('nodes', rspec)
-
+
return rspec