X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=TODO;h=9d3f58d4eed05e721ae65e3c7bfa943441ea3717;hb=23608cf7177e124b221b63696d064b0a14dcac37;hp=52fa9456c000e119080b192844eaae5dd873b1d2;hpb=8617dd79fc5deb62f83dcffb93ddfb5dfdbd2572;p=sfa.git diff --git a/TODO b/TODO index 52fa9456..9d3f58d4 100644 --- a/TODO +++ b/TODO @@ -1,33 +1,49 @@ --GetTicket -* sm, am only -* sm calls getticket on am and merges resulting tickets into 1 ticket - -- sfa-clean-peer-records -* modify resolve to support a list of hrns -* resolve a list of peer hrns instead of each hrn individally - -- sfi remove, if removing a site, remove any record that site is an an authority for - -- routing sm calls +- resolve xmlbuilder dependency + * add xmlbuilder to source + * update makefile + * update specfile + * test rpm + +- Stop invalid users +* a recently disabled/deleted user may still have a valid cred. Keep a list of valid/invalid users on the aggregate and check callers against this list + +- Component manager + * GetTicket - must verify_{site,slice,person,keys} on remote aggregate + * REdeem ticket - RedeemTicket/AdminTicket not working. Why? + * install the slice and node gid when the slice is created (create NM plugin to execute sfa_component_setup.py ?) + + +- sfa.util.api + * preload registries/aggregates into the api object (i.e. api.registries = Registries()) + +- Protogeni +* agree on standard set of functon calls +* agree on standard set of privs +* on permission error, return priv needed to make call +* cache slice resource states (if aggregate goes down, how do we know what + slices were on it and recreate them? do we make some sort of transaction log) + +- Registry +* sfa.plc.api.SfaAPI.fill_record_pl_info() should add the sites PIs to a slice records researchers list +* update call should attempt to push updates to federated peers if + the peer has a record for an object that is updated locally +* api.update_membership() shoudl behave more like resolve when looking up records (attempt to resolve records at federated registeries) instead of only looking in the local registry +* support generic registry records (dont depend on postgres!) + +- Aggregate +* sfa.plc.slices.verify_site() should check if site['max_slices'] needs to be updated +* sfa.plc.slices.verify_slice() should check if slice['expires'] needs to be updated + +- SM call routing * sfi -a option should send request to sm with an extra argument to specify which am to contact instead of connecting directly to the am (am may not trust client directly) -- make registry more generic -* support interface managers -* support generic registry records (dont depend on postgres! object db?) - -- checking support for conventional ssl (creating a shared keypair for the request) - - Initscripts on sfa / geniwrapper - -- Geni identification on nodes -* nodes pk stored in /etc/sfa/nodekey -* slice's gid and nodes gid stored in all slices (/etc/sfa/slicegid, /etc/sfa/nodegid) -- Fully integrate SOAP (need to throw either soap or xmlrpc exceptions depending on the client) +* should sfa have native initscript support or should we piggyback off of myplc? +* should this be in the rspec - error messages * error messages should be easier to understand * (failing to connect to plcapi shoudl return a helpful message, not a generic internal server error) -- unit tests