git://git.onelab.eu / sfa.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
only add the person to the site if this is a new record
[sfa.git] / sfa / methods / register.py
diff --git a/sfa/methods/register.py b/sfa/methods/register.py
index cf4ae3f..863d6c5 100644 (file)
--- a/sfa/methods/register.py
+++ b/sfa/methods/register.py
@@ -9,10 +9,11 @@ from sfa.util.misc import *
 from sfa.util.method import Method
 from sfa.util.parameter import Parameter, Mixed
 from sfa.util.record import GeniRecord
+from sfa.util.genitable import GeniTable
 from sfa.util.debug import log
-
 from sfa.trust.auth import Auth
 from sfa.trust.gid import create_uuid
+from sfa.trust.credential import Credential
 
 class register(Method):
     """
@@ -35,15 +36,20 @@ class register(Method):
 
     returns = Parameter(int, "String representation of gid object")
     
-    def call(self, cred, record_dict):
+    def call(self, cred, record_dict, caller_cred=None):
         self.api.auth.check(cred, "register")
+        if caller_cred==None:
+               caller_cred=cred
+       
+        #log the call
+        self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, Credential(string=caller_cred).get_gid_caller().get_hrn(), None, self.name))
         record = GeniRecord(dict = record_dict)
-        type = record.get_type()
-        name = record.get_name()
-        self.api.auth.verify_object_permission(name)
-        auth_name = self.api.auth.get_authority(name)
+        table = GeniTable()
+        type = record['type']
+        hrn = record['hrn']
+        auth_name = get_authority(hrn)
+        self.api.auth.verify_object_permission(hrn)
         auth_info = self.api.auth.get_auth_info(auth_name)
-        table = self.api.auth.get_auth_table(auth_name)
         pub_key = None  
         # make sure record has a gid
         if 'gid' not in record:
@@ -51,36 +57,35 @@ class register(Method):
             pkey = Keypair(create=True)
             if 'key' in record and record['key']:
                 if isinstance(record['key'], list):
-                    pub_key = reocrd['key'][0]
+                    pub_key = record['key'][0]
                 else:
                     pub_key = record['key']
                 pkey = convert_public_key(pub_key)
             
-            gid_object = self.api.auth.hierarchy.create_gid(name, uuid, pkey)
+            gid_object = self.api.auth.hierarchy.create_gid(hrn, uuid, pkey)
             gid = gid_object.save_to_string(save_parents=True)
             record['gid'] = gid
             record.set_gid(gid)
 
         # check if record already exists
-        existing_records = table.resolve(type, name)
+        existing_records = table.find({'type': type, 'hrn': hrn})
         if existing_records:
-            raise ExistingRecord(name)
+            raise ExistingRecord(hrn)
         
         if type in ["authority"]:
             # update the tree
-            if not self.api.auth.hierarchy.auth_exists(name):
-                self.api.auth.hierarchy.create_auth(name)
+            if not self.api.auth.hierarchy.auth_exists(hrn):
+                self.api.auth.hierarchy.create_auth(hrn)
 
             # authorities are special since they are managed by the registry
             # rather than by the caller. We create our own GID for the
             # authority rather than relying on the caller to supply one.
 
             # get the GID from the newly created authority
-            child_auth_info = self.api.auth.get_auth_info(name)
             gid = auth_info.get_gid_object()
             record.set_gid(gid.save_to_string(save_parents=True))
 
-            pl_record = self.api.geni_fields_to_pl_fields(type, name, record)
+            pl_record = self.api.geni_fields_to_pl_fields(type, hrn, record)
             sites = self.api.plshell.GetSites(self.api.plauth, [pl_record['login_base']])
             if not sites:    
                 pointer = self.api.plshell.AddSite(self.api.plauth, pl_record)
@@ -90,7 +95,7 @@ class register(Method):
             record.set_pointer(pointer)
 
         elif (type == "slice"):
-            pl_record = self.api.geni_fields_to_pl_fields(type, name, record)
+            pl_record = self.api.geni_fields_to_pl_fields(type, hrn, record)
             slices = self.api.plshell.GetSlices(self.api.plauth, [pl_record['name']])
             if not slices: 
                 pointer = self.api.plshell.AddSlice(self.api.plauth, pl_record)
@@ -107,18 +112,23 @@ class register(Method):
  
             if 'enabled' in record and record['enabled']:
                 self.api.plshell.UpdatePerson(self.api.plauth, pointer, {'enabled': record['enabled']})
-            login_base = get_leaf(auth_info.hrn)
-            self.api.plshell.AddPersonToSite(self.api.plauth, pointer, login_base)
+           
+            # add this persons to the site only if he is being added for the first
+            # time by sfa and doesont already exist in plc     
+            if not persons or not persons[0]['site_ids']:
+                login_base = get_leaf(auth_name)
+                self.api.plshell.AddPersonToSite(self.api.plauth, pointer, login_base)
+
             # What roles should this user have?
             self.api.plshell.AddRoleToPerson(self.api.plauth, 'user', pointer) 
             record.set_pointer(pointer)
            
-           # Add the user's key
+            # Add the user's key
             if pub_key:
                 self.api.plshell.AddPersonKey(self.api.plauth, pointer, {'key_type' : 'ssh', 'key' : pub_key})
 
         elif (type == "node"):
-            pl_record = self.api.geni_fields_to_pl_fields(type, name, record)
+            pl_record = self.api.geni_fields_to_pl_fields(type, hrn, record)
             login_base = hrn_to_pl_login_base(auth_name)
             nodes = self.api.plshell.GetNodes(self.api.plauth, [pl_record['hostname']])
             if not nodes:
@@ -132,7 +142,7 @@ class register(Method):
 
         # SFA upcalls may exist in PLCAPI and they could have already added the
         # record for us. Lets check if the record already exists  
-        existing_records = table.resolve(type, name)
+        existing_records = table.find({'type': type, 'hrn': hrn})
         if not existing_records:
             table.insert(record)
 
sfa