#
from sfa.util.faults import MissingSfaInfo, UnknownSfaType, \
RecordNotFound, SfaNotImplemented, SliverDoesNotExist, SearchFailed, \
- UnsupportedOperation
+ UnsupportedOperation, Forbidden
from sfa.util.sfalogging import logger
from sfa.util.defaultdict import defaultdict
from sfa.util.sfatime import utcparse, datetime_to_string, datetime_to_epoch
# one would think the driver should not need to mess with the SFA db, but..
from sfa.storage.alchemy import dbsession
from sfa.storage.model import RegRecord, SliverAllocation
+from sfa.trust.credential import Credential
# used to be used in get_ticket
#from sfa.trust.sfaticket import SfaTicket
if PlDriver.cache is None:
PlDriver.cache = Cache()
self.cache = PlDriver.cache
+
+ def sliver_to_slice_xrn(self, xrn):
+ sliver_id_parts = Xrn(xrn).get_sliver_id_parts()
+ slice_id = int(sliver_id_parts[0])
+ slices = self.shell.GetSlices(slice_id)
+ if not slices:
+ raise Forbidden("Unable to locate slice record for sliver: %s" % xrn)
+ slice = slices[0]
+ slice_xrn = PlXrn(auth=self.hrn, slicename=slice['name'])
+ return slice_xrn
+ def check_sliver_credentials(self, creds, urns):
+ # build list of cred object hrns
+ slice_cred_names = []
+ for cred in creds:
+ slice_cred_hrn = Credential(cred=cred).get_gid_object().get_hrn()
+ slice_cred_names.append(PlXrn(xrn=slice_cred_hrn).pl_slicename())
+
+ # look slice names of slivers listed in urns arg
+ slice_ids = []
+ for urn in urns:
+ sliver_id_parts = Xrn(xrn=urn).get_sliver_id_parts()
+ slice_ids.append(sliver_id_parts[0])
+
+ if not slice_ids:
+ raise Forbidden("sliver urn not provided")
+
+ slices = self.shell.GetSlices(slice_ids)
+ sliver_names = [slice['name'] for slice in slices]
+
+ # make sure we have a credential for every specified sliver ierd
+ for sliver_name in sliver_names:
+ if sliver_name not in slice_cred_names:
+ msg = "Valid credential not found for target: %s" % sliver_name
+ raise Forbidden(msg)
+
########################################
########## registry oriented
########################################
if not persons:
for key in ['first_name','last_name']:
if key not in sfa_record: sfa_record[key]='*from*sfa*'
- pointer = self.shell.AddPerson(dict(sfa_record))
+ # AddPerson does not allow everything to be set
+ can_add = ['first_name', 'last_name', 'title','email', 'password', 'phone', 'url', 'bio']
+ add_person_dict=dict ( [ (k,sfa_record[k]) for k in sfa_record if k in can_add ] )
+ pointer = self.shell.AddPerson(add_person_dict)
else:
pointer = persons[0]['person_id']
# add/remove slice from nodes
request_nodes = rspec.version.get_nodes_with_slivers()
- nodes = slices.verify_slice_nodes(slice, request_nodes, peer)
+ nodes = slices.verify_slice_nodes(urn, slice, request_nodes, peer)
# add/remove links links
slices.verify_slice_links(slice, rspec.version.get_link_requests(), nodes)