### $URL: https://svn.planet-lab.org/svn/sfa/trunk/sfa/server/interface.py $
#
-
from sfa.util.faults import *
from sfa.util.storage import *
from sfa.util.namespace import *
from sfa.trust.gid import GID
from sfa.util.table import SfaTable
from sfa.util.record import SfaRecord
+import traceback
import sfa.util.xmlrpcprotocol as xmlrpcprotocol
import sfa.util.soapprotocol as soapprotocol
raise SfaInfaildArgument('Invalid type %s: must be in %s' % (type, self.types))
dict.__init__(self, {})
self.api = api
-
+ self.type = type
# load config file
self.interface_info = XmlStorage(conf_file, self.default_dict)
self.interface_info.load()
- self.interfaces = self.interface_info.values()[0].values()[0]
- if not isinstance(self.interfaces, list):
- self.interfaces = [self.interfaces]
-
+ interfaces = self.interface_info.values()[0].values()[0]
+ if not isinstance(interfaces, list):
+ interfaces = [self.interfaces]
+ self.interfaces = {}
+ for interface in interfaces:
+ self.interfaces[interface['hrn']] = interface
+
+ # get connections
+ self.update(self.get_connections(self.interfaces))
+
+ def sync_interfaces(self):
+ """
+ Install missing trusted gids and db records for our federated
+ interfaces
+ """
# Attempt to get any missing peer gids
# There should be a gid file in /etc/sfa/trusted_roots for every
# peer registry found in in the registries.xml config file. If there
# are any missing gids, request a new one from the peer registry.
gids_current = self.api.auth.trusted_cert_list
hrns_current = [gid.get_hrn() for gid in gids_current]
- hrns_expected = [interface['hrn'] for interface in self.interfaces]
+ hrns_expected = self.interfaces.keys()
new_hrns = set(hrns_expected).difference(hrns_current)
- self.get_peer_gids(new_hrns)
-
+ gids = self.get_peer_gids(new_hrns)
# update the local db records for these registries
- self.update_db_records(type)
+ self.update_db_records(self.type, gids)
- # create connections to the registries
- self.update(self.get_connections(self.interfaces))
-
def get_peer_gids(self, new_hrns):
"""
Install trusted gids from the specified interfaces.
"""
+ peer_gids = []
if not new_hrns:
- return
+ return peer_gids
trusted_certs_dir = self.api.config.get_trustedroots_dir()
for new_hrn in new_hrns:
# the gid for this interface should already be installed
continue
try:
# get gid from the registry
+ interface_info = self.interfaces[new_hrn]
interface = self.get_connections(self.interfaces[new_hrn])[new_hrn]
trusted_gids = interface.get_trusted_certs()
- # default message
- message = "interface: %s\tunable to install trusted gid for %s" % \
- (self.api.interface, new_hrn)
if trusted_gids:
# the gid we want shoudl be the first one in the list,
# but lets make sure
for trusted_gid in trusted_gids:
+ # default message
+ message = "interface: %s\t" % (self.api.interface)
+ message += "unable to install trusted gid for %s" % \
+ (new_hrn)
gid = GID(string=trusted_gids[0])
+ peer_gids.append(gid)
if gid.get_hrn() == new_hrn:
gid_filename = os.path.join(trusted_certs_dir, '%s.gid' % new_hrn)
gid.save_to_file(gid_filename, save_parents=True)
message = "interface: %s\tinstalled trusted gid for %s" % \
(self.api.interface, new_hrn)
- # log the message
- self.api.logger.info(message)
+ # log the message
+ self.api.logger.info(message)
except:
message = "interface: %s\tunable to install trusted gid for %s" % \
(self.api.interface, new_hrn)
self.api.logger.info(message)
+ traceback.print_exc()
# reload the trusted certs list
self.api.auth.load_trusted_certs()
+ return peer_gids
- def update_db_records(self, type):
+ def update_db_records(self, type, gids):
"""
Make sure there is a record in the local db for allowed registries
defined in the config file (registries.xml). Removes old records from
the db.
"""
+ if not gids:
+ return
# get hrns we expect to find
- hrns_expected = [interface['hrn'] for interface in self.interfaces]
+ # ignore records for local interfaces
+ ignore_interfaces = [self.api.config.SFA_INTERFACE_HRN]
+ hrns_expected = [gid.get_hrn() for gid in gids \
+ if gid.get_hrn() not in ignore_interfaces]
# get hrns that actually exist in the db
table = SfaTable()
table.remove(record)
# add new records
- for hrn in hrns_expected:
+ for gid in gids:
+ hrn = gid.get_hrn()
if hrn not in hrns_found:
record = {
'hrn': hrn,
'type': type,
'pointer': -1,
'authority': get_authority(hrn),
+ 'gid': gid.save_to_string(save_parents=True),
}
record = SfaRecord(dict=record)
table.insert(record)
-
def get_connections(self, interfaces):
"""
read connection details for the trusted peer registries from file return
interfaces = [interfaces]
for interface in interfaces:
# make sure the required fields are present and not null
- for key in required_fields:
- if not interface.get(key):
- continue
+ if not all([interface.get(key) for key in required_fields]):
+ continue
+
hrn, address, port = interface['hrn'], interface['addr'], interface['port']
url = 'http://%(address)s:%(port)s' % locals()
# check which client we should use