X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=TODO;h=7f442ee6f7b623cbd1d42f3790c9125a1898a2da;hb=82f6b46e70dff8f7defd92177562c7d387b2f1fd;hp=379eb918ab72344c2318b06afc4ab6618e92dcca;hpb=fb36e6f286b078f3911c7de56b3f6fb9f47f1229;p=sfa.git diff --git a/TODO b/TODO index 379eb918..7f442ee6 100644 --- a/TODO +++ b/TODO @@ -1,47 +1,43 @@ -- URN vs HRN -* methods should support urn or hrn arguments -* create a module that converts urn to hrn so we can continue using - hrn behind the scenes -* add get_urn() method to GID object -* urn is the standard over the wire format +- test rpms: build/install -- Registry -* refactor to use managers -* update call should attempt to push updates to federated peers if - the peer has a record for an object that is updated locally -* api.update_membership() shoudl behave more like resolve when looking up records (attempt to resolve records at federated registeries) instead of only looking in the local registry +- Stop invalid users +* a recently disabled/deleted user may still have a valid cred. Keep a list of valid/invalid users on the aggregate and check callers against this list - -- Aggregate -* sfa.plc.slices.verify_site() should check if site['max_slices'] needs to be updated -* sfa.plc.slices.verify_slice() should check if slice['expires'] needs to be updated - - Component manager -* install the slice and node gid when the slice is created (create NM plugin to execute sfa_component_setup.py ?) - -- sfa-clean-peer-records -* modify resolve to support a list of hrns -* resolve a list of peer hrns instead of each hrn individally + * GetTicket - must verify_{site,slice,person,keys} on remote aggregate + * Redeem ticket - RedeemTicket/AdminTicket not working. Why? + * install the slice and node gid when the slice is created (create NM plugin to execute sfa_component_setup.py ?) -- sfi remove, if removing a site, remove any record that site is an an authority for +- Protogeni +* agree on standard set of functon calls +* agree on standard set of privs +* on permission error, return priv needed to make call +* cache slice resource states (if aggregate goes down, how do we know what + slices were on it and recreate them? do we make some sort of transaction log) -- routing sm calls +- Registry +* sign peer gids +* update call should attempt to push updates to federated peers if + the peer has a record for an object that is updated locally +* api.update_membership() shoudl behave more like resolve when looking up records (attempt to resolve records at federated registeries) instead of only looking in the local registry +* move db tables into db with less overhead (tokyocabinet?) +* make resolve, fill_record_info more fault tolerent. Skip records with failures + +- Auth Service + * develop a simple service where users auth using username/passord and + receive their cred + * service manages users key/cert,creds + +- GUI + * requires user's cred (depends on Auth Service above) + +- SM call routing * sfi -a option should send request to sm with an extra argument to specify which am to contact instead of connecting directly to the am (am may not trust client directly) -- make registry more generic -* support interface managers -* support generic registry records (dont depend on postgres! object db?) - -- checking support for conventional ssl (creating a shared keypair for the request) - - Initscripts on sfa / geniwrapper +* should sfa have native initscript support or should we piggyback off of myplc? +* should this be in the rspec -- Fully integrate SOAP (need to throw either soap or xmlrpc exceptions depending on the client) - -- error messages -* error messages should be easier to understand -* (failing to connect to plcapi shoudl return a helpful message, not a generic internal server error) -- unit tests