X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=PLC%2FMethods%2FGetNodes.py;h=99669e4a2e83acc00a1d98f17ffe33c983cfb720;hb=19d4a01ccf66af9e00914351b3eacd5fc880f988;hp=2b270d0dec256d7c9fd7c888ab6626e6b4338e5c;hpb=31cde73cdfc4397ea5aa328cce4cfba471a24324;p=plcapi.git diff --git a/PLC/Methods/GetNodes.py b/PLC/Methods/GetNodes.py index 2b270d0..99669e4 100644 --- a/PLC/Methods/GetNodes.py +++ b/PLC/Methods/GetNodes.py @@ -1,52 +1,89 @@ -import os - from PLC.Faults import * from PLC.Method import Method from PLC.Parameter import Parameter, Mixed +from PLC.Filter import Filter from PLC.Nodes import Node, Nodes -from PLC.Auth import PasswordAuth +from PLC.Persons import Person, Persons +from PLC.Auth import Auth + +admin_only = ['key', 'session', 'boot_nonce' ] class GetNodes(Method): """ - Return an array of dictionaries containing details about the - specified nodes. + Returns an array of structs containing details about nodes. If + node_filter is specified and is an array of node identifiers or + hostnames, or a struct of node attributes, only nodes matching the + filter will be returned. - If return_fields is specified, only the specified fields will be - returned. Only admins may retrieve certain fields. Otherwise, the - default set of fields returned is: + If return_fields is specified, only the specified details will be + returned. NOTE that if return_fields is unspecified, the complete + set of native fields are returned, which DOES NOT include tags at + this time. + Some fields may only be viewed by admins. """ - roles = ['admin', 'pi', 'user', 'tech'] + roles = ['admin', 'pi', 'user', 'tech', 'node', 'anonymous'] accepts = [ - PasswordAuth(), - [Mixed(Node.fields['node_id'], - Node.fields['hostname'])], + Auth(), + Mixed([Mixed(Node.fields['node_id'], + Node.fields['hostname'])], + Parameter(str,"hostname"), + Parameter(int,"node_id"), + Filter(Node.fields)), + Parameter([str], "List of fields to return", nullok = True), ] returns = [Node.fields] - def __init__(self, *args, **kwds): - Method.__init__(self, *args, **kwds) - # Update documentation with list of default fields returned - self.__doc__ += os.linesep.join(Node.fields.keys()) - def call(self, auth, node_id_or_hostname_list = None): - # Authenticated function - assert self.caller is not None + def call(self, auth, node_filter = None, return_fields = None): - valid_fields = Node.fields.keys() + # Must query at least slice_ids_whitelist + if return_fields is not None: + added_fields = set(['slice_ids_whitelist', 'site_id']).difference(return_fields) + return_fields += added_fields + else: + added_fields =[] + + # Get node information + nodes = Nodes(self.api, node_filter, return_fields) # Remove admin only fields - if 'admin' not in self.caller['roles']: - for key in ['boot_nonce', 'key', 'session', 'root_person_ids']: - valid_fields.remove(key) + if not isinstance(self.caller, Person) or \ + 'admin' not in self.caller['roles']: + slice_ids = set() + site_ids = set() - # Get node information - nodes = Nodes(self.api, node_id_or_hostname_list).values() + if self.caller: + slice_ids.update(self.caller['slice_ids']) + if isinstance(self.caller, Node): + site_ids.update([self.caller['site_id']]) + else: + site_ids.update(self.caller['site_ids']) + + # if node has whitelist, only return it if users is at + # the same site or user has a slice on the whitelist + for node in nodes[:]: + if 'site_id' in node and \ + site_ids.intersection([node['site_id']]): + continue + if 'slice_ids_whitelist' in node and \ + node['slice_ids_whitelist'] and \ + not slice_ids.intersection(node['slice_ids_whitelist']): + nodes.remove(node) + + # remove remaining admin only fields + for node in nodes: + for field in admin_only: + if field in node: + del node[field] + + # remove added fields if not specified + if added_fields: + for node in nodes: + for field in added_fields: + del node[field] - # turn each node into a real dict. - nodes = [dict(node.items()) for node in nodes] - return nodes