from sfa.trust.credential import Credential
from sfa.util.threadmanager import ThreadManager
import sfa.util.xmlrpcprotocol as xmlrpcprotocol
-from sfa.util.debug import log
import sfa.plc.peers as peers
+from copy import copy
def get_version():
version = {}
message = "%s (line %s)" % (error.message, error.line)
raise InvalidRSpec(message)
- # XX
- # XX TODO: Should try to use delegated credential first
- # XX
- cred = api.getCredential()
+ # get the callers hrn
+ valid_cred = api.auth.checkCredentials(creds, 'createsliver', hrn)[0]
+ caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn()
+
+ # attempt to use delegated credential first
+ credential = api.getDelegatedCredential(creds)
+ if not credential:
+ credential = api.getCredential()
threads = ThreadManager()
for aggregate in api.aggregates:
- if aggregate not in [api.auth.client_cred.get_gid_caller().get_hrn()]:
- server = api.aggregates[aggregate]
- # Just send entire RSpec to each aggregate
- threads.run(server.CreateSliver, xrn, cred, rspec, users)
+ # prevent infinite loop. Dont send request back to caller
+ # unless the caller is the aggregate's SM
+ if caller_hrn == aggregate and aggregate != api.hrn:
+ continue
+
+ # Just send entire RSpec to each aggregate
+ server = api.aggregates[aggregate]
+ threads.run(server.CreateSliver, xrn, credential, rspec, users)
results = threads.get_results()
merged_rspec = merge_rspecs(results)
return merged_rspec
def renew_slice(api, xrn, creds, expiration_time):
- # XX
- # XX TODO: Should try to use delegated credential first
- # XX
- credential = api.getCredential()
+ hrn, type = urn_to_hrn(xrn)
+
+ # get the callers hrn
+ valid_cred = api.auth.checkCredentials(creds, 'renewesliver', hrn)[0]
+ caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn()
+
+ # attempt to use delegated credential first
+ credential = api.getDelegatedCredential(creds)
+ if not credential:
+ credential = api.getCredential()
threads = ThreadManager()
for aggregate in api.aggregates:
+ # prevent infinite loop. Dont send request back to caller
+ # unless the caller is the aggregate's SM
+ if caller_hrn == aggregate and aggregate != api.hrn:
+ continue
+
server = api.aggregates[aggregate]
threads.run(server.RenewSliver, xrn, credential, expiration_time)
threads.get_results()
aggregate_hrn = element.values()[0]
aggregate_rspecs[aggregate_hrn] = rspec
- # get a ticket from each aggregate
- credential = api.getCredential()
+ # get the callers hrn
+ valid_cred = api.auth.checkCredentials(creds, 'getticket', slice_hrn)[0]
+ caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn()
+
+ # attempt to use delegated credential first
+ credential = api.getDelegatedCredential(creds)
+ if not credential:
+ credential = api.getCredential()
threads = ThreadManager()
for aggregate, aggregate_rspec in aggregate_rspecs.items():
+ # prevent infinite loop. Dont send request back to caller
+ # unless the caller is the aggregate's SM
+ if caller_hrn == aggregate and aggregate != api.hrn:
+ continue
server = None
if aggregate in api.aggregates:
server = api.aggregates[aggregate]
net_urn = hrn_to_urn(aggregate, 'authority')
# we may have a peer that knows about this aggregate
for agg in api.aggregates:
- agg_info = api.aggregates[agg].get_aggregates(credential, net_urn)
- if agg_info:
- # send the request to this address
- url = 'http://%s:%s' % (agg_info['addr'], agg_info['port'])
- server = xmlrpcprotocol.get_server(url, api.key_file, api.cert_file)
- break
+ target_aggs = api.aggregates[agg].get_aggregates(credential, net_urn)
+ if not target_aggs or not 'hrn' in target_aggs[0]:
+ continue
+ # send the request to this address
+ url = target_aggs[0]['url']
+ server = xmlrpcprotocol.get_server(url, api.key_file, api.cert_file)
+ # aggregate found, no need to keep looping
+ break
if server is None:
continue
threads.run(server.GetTicket, xrn, credential, aggregate_rspec, users)
return ticket.save_to_string(save_parents=True)
-def delete_slice(api, xrn, origin_hrn=None):
- # XX
- # XX TODO: Should try to use delegated credential first
- # XX
- credential = api.getCredential()
+def delete_slice(api, xrn, creds):
+ hrn, type = urn_to_hrn(xrn)
+
+ # get the callers hrn
+ valid_cred = api.auth.checkCredentials(creds, 'deletesliver', hrn)[0]
+ caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn()
+
+ # attempt to use delegated credential first
+ credential = api.getDelegatedCredential(creds)
+ if not credential:
+ credential = api.getCredential()
threads = ThreadManager()
for aggregate in api.aggregates:
+ # prevent infinite loop. Dont send request back to caller
+ # unless the caller is the aggregate's SM
+ if caller_hrn == aggregate and aggregate != api.hrn:
+ continue
server = api.aggregates[aggregate]
threads.run(server.DeleteSliver, xrn, credential)
threads.get_results()
return 1
def start_slice(api, xrn, creds):
- # XX
- # XX TODO: Should try to use delegated credential first
- # XX
- credential = api.getCredential()
+ hrn, type = urn_to_hrn(xrn)
+
+ # get the callers hrn
+ valid_cred = api.auth.checkCredentials(creds, 'startslice', hrn)[0]
+ caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn()
+
+ # attempt to use delegated credential first
+ credential = api.getDelegatedCredential(creds)
+ if not credential:
+ credential = api.getCredential()
threads = ThreadManager()
for aggregate in api.aggregates:
+ # prevent infinite loop. Dont send request back to caller
+ # unless the caller is the aggregate's SM
+ if caller_hrn == aggregate and aggregate != api.hrn:
+ continue
server = api.aggregates[aggregate]
threads.run(server.Start, xrn, credential)
threads.get_results()
return 1
def stop_slice(api, xrn, creds):
- # XX
- # XX TODO: Should try to use delegated credential first
- # XX
- credential = api.getCredential()
+ hrn, type = urn_to_hrn(xrn)
+
+ # get the callers hrn
+ valid_cred = api.auth.checkCredentials(creds, 'stopslice', hrn)[0]
+ caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn()
+
+ # attempt to use delegated credential first
+ credential = api.getDelegatedCredential(creds)
+ if not credential:
+ credential = api.getCredential()
threads = ThreadManager()
for aggregate in api.aggregates:
+ # prevent infinite loop. Dont send request back to caller
+ # unless the caller is the aggregate's SM
+ if caller_hrn == aggregate and aggregate != api.hrn:
+ continue
server = api.aggregates[aggregate]
threads.run(server.Stop, xrn, credential)
threads.get_results()
return 1
def get_slices(api, creds):
+
# look in cache first
if api.cache:
slices = api.cache.get('slices')
if slices:
return slices
- # fetch from aggregates
- slices = []
- credential = api.getCredential()
+ # get the callers hrn
+ valid_cred = api.auth.checkCredentials(creds, 'listslices', None)[0]
+ caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn()
+
+ # attempt to use delegated credential first
+ credential = api.getDelegatedCredential(creds)
+ if not credential:
+ credential = api.getCredential()
threads = ThreadManager()
+ # fetch from aggregates
for aggregate in api.aggregates:
+ # prevent infinite loop. Dont send request back to caller
+ # unless the caller is the aggregate's SM
+ if caller_hrn == aggregate and aggregate != api.hrn:
+ continue
server = api.aggregates[aggregate]
threads.run(server.ListSlices, credential)
return slices
def get_rspec(api, creds, options):
+
# get slice's hrn from options
xrn = options.get('geni_slice_urn', None)
hrn, type = urn_to_hrn(xrn)
hrn, type = urn_to_hrn(xrn)
rspec = None
- # XX
- # XX TODO: Should try to use delegated credential first
- # XX
- cred = api.getCredential()
+
+ # get the callers hrn
+ valid_cred = api.auth.checkCredentials(creds, 'listnodes', hrn)[0]
+ caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn()
+
+ # attempt to use delegated credential first
+ credential = api.getDelegatedCredential(creds)
+ if not credential:
+ credential = api.getCredential()
threads = ThreadManager()
-
for aggregate in api.aggregates:
- if aggregate not in [api.auth.client_cred.get_gid_caller().get_hrn()]:
- # get the rspec from the aggregate
- server = api.aggregates[aggregate]
- threads.run(server.ListResources, cred, options)
- #threads.run(server.get_resources, cred, xrn, origin_hrn)
+ # prevent infinite loop. Dont send request back to caller
+ # unless the caller is the aggregate's SM
+ if caller_hrn == aggregate and aggregate != api.hrn:
+ continue
+ # get the rspec from the aggregate
+ server = api.aggregates[aggregate]
+ my_opts = copy(options)
+ my_opts['geni_compressed'] = False
+ threads.run(server.ListResources, credential, my_opts)
+ #threads.run(server.get_resources, cred, xrn, origin_hrn)
-
results = threads.get_results()
# combine the rspecs into a single rspec
for agg_rspec in results:
git://git.onelab.eu / sfa.git / blobdiff