X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=geni%2Futil%2Fapi.py;h=8adcecb2514150cc2365b777968536b0b7659bd9;hb=34ae6acfdd362cc1a5b0085fe04391718e0727f0;hp=6244fbe5e1ed6d6628bcc9cb301b6c4f4aa2f907;hpb=58e81cb4f657aea3581fb46d79bfeb8369631e92;p=sfa.git diff --git a/geni/util/api.py b/geni/util/api.py index 6244fbe5..8adcecb2 100644 --- a/geni/util/api.py +++ b/geni/util/api.py @@ -14,6 +14,8 @@ from geni.util.faults import * from geni.util.debug import * from geni.util.rights import * from geni.util.credential import * +from geni.util.misc import * + # See "2.2 Characters" in the XML specification: # # #x9 | #xA | #xD | [#x20-#xD7FF] | [#xE000-#xFFFD] @@ -95,7 +97,7 @@ class GeniAPI: # flat list of method names methods = geni.methods.methods - def __init__(self, config = "/usr/share/geniwrapper/geni/util/geni_config", encoding = "utf-8", peer_cert = None, interface = None, key_file = None, cert_file = None): + def __init__(self, config = "/etc/geni/geni_config", encoding = "utf-8", peer_cert = None, interface = None, key_file = None, cert_file = None): self.encoding = encoding # Better just be documenting the API @@ -119,7 +121,7 @@ class GeniAPI: def getPLCShell(self): self.plauth = {'Username': self.config.GENI_PLC_USER, 'AuthMethod': 'password', - 'AuthString': self.config.GENI_PLC_PASSWORD} + 'AuthString': self.config.GENI_PLC_PASSWORD} try: import PLC.Shell shell = PLC.Shell.Shell(globals = globals()) @@ -138,13 +140,34 @@ class GeniAPI: return shell def getCredential(self): - return self.getCredentialFromRegistry() + if self.interface in ['registry']: + return self.getCredentialFromLocalRegistry() + else: + return self.getCredentialFromRegistry() + def getCredentialFromRegistry(self): + """ + Get our credential from a remote registry using a geniclient connection + """ + type = 'authority' + cred_filename = ".".join([self.server_basedir, self.interface, self.hrn, type, "cred"]) + try: + credential = Credential(filename = cred_filename) + return credential + except IOError: + from geni.registry import Registries + registries = Registries(self) + registry = registries[self.hrn] + self_cred = registry.get_credential(None, type, self.hrn) + cred = registry.get_credential(self_cred, type, self.hrn) + cred.save_to_file(cred_filename, save_parents=True) + + def getCredentialFromLocalRegistry(self): """ - Get our current credential from the local registry. + Get our current credential directly from the local registry. """ - + hrn = self.hrn auth_hrn = self.auth.get_authority(hrn) if not auth_hrn: @@ -164,14 +187,8 @@ class GeniAPI: new_cred.set_pubkey(object_gid.get_pubkey()) r1 = determine_rights(type, hrn) new_cred.set_privileges(r1) - - # determine the type of credential that we want to use as a parent for - # this credential. - if (type == "ma") or (type == "node"): - auth_kind = "authority,ma" - else: # user, slice, sa - auth_kind = "authority,sa" + auth_kind = "authority,ma,sa" new_cred.set_parent(self.auth.hierarchy.get_auth_cred(auth_hrn, kind=auth_kind)) @@ -195,7 +212,7 @@ class GeniAPI: self.credential = Credential(filename = ma_cred_filename) except IOError: self.credential = self.getCredentialFromRegistry() - + ## # Convert geni fields to PLC fields for use when registering up updating # registry record in the PLC database @@ -234,7 +251,7 @@ class GeniAPI: if not "model" in pl_fields: pl_fields["model"] = "geni" - elif type == "sa": + elif type == "authority": pl_fields["login_base"] = hrn_to_pl_login_base(hrn) if not "name" in pl_fields: @@ -250,7 +267,7 @@ class GeniAPI: pl_fields["is_public"] = True - + def fill_record_pl_info(self, record): """ Fill in the planetlab specific fields of a Geni record. This @@ -263,7 +280,8 @@ class GeniAPI: """ type = record.get_type() pointer = record.get_pointer() - + auth_hrn = self.hrn + login_base = '' # records with pointer==-1 do not have plc info associated with them. # for example, the top level authority records which are # authorities, but not PL "sites" @@ -271,29 +289,57 @@ class GeniAPI: record.set_pl_info({}) return - if (type == "sa") or (type == "ma"): + if (type in ["authority", "sa", "ma"]): pl_res = self.plshell.GetSites(self.plauth, [pointer]) elif (type == "slice"): pl_res = self.plshell.GetSlices(self.plauth, [pointer]) elif (type == "user"): pl_res = self.plshell.GetPersons(self.plauth, [pointer]) - key_ids = pl_res[0]['key_ids'] - keys = self.plshell.GetKeys(self.plauth, key_ids) - pubkeys = [] - if keys: - pubkeys = [key['key'] for key in keys] - pl_res[0]['keys'] = pubkeys elif (type == "node"): pl_res = self.plshell.GetNodes(self.plauth, [pointer]) else: raise UnknownGeniType(type) - + if not pl_res: - # the planetlab record no longer exists - # TODO: delete the geni record ? raise PlanetLabRecordDoesNotExist(record.get_name()) - record.set_pl_info(pl_res[0]) + # convert ids to hrns + pl_record = pl_res[0] + print pl_record + if 'site_id' in pl_record: + sites = self.plshell.GetSites(self.plauth, pl_record['site_id'], ['login_base']) + site = sites[0] + login_base = site['login_base'] + pl_record['site'] = ".".join([auth_hrn, login_base]) + if 'person_ids' in pl_record: + persons = self.plshell.GetPersons(self.plauth, pl_record['person_ids'], ['email']) + emails = [person['email'] for person in persons] + usernames = [email.split('@')[0] for email in emails] + person_hrns = [".".join([auth_hrn, login_base, username]) for username in usernames] + pl_record['persons'] = person_hrns + if 'slice_ids' in pl_record: + slices = self.plshell.GetSlices(self.plauth, pl_record['slice_ids'], ['name']) + slicenames = [slice['name'] for slice in slices] + slice_hrns = [slicename_to_hrn(auth_hrn, slicename) for slicename in slicenames] + pl_record['slices'] = slice_hrns + if 'node_ids' in pl_record: + nodes = self.plshell.GetNodes(self.plauth, pl_record['node_ids'], ['hostname']) + hostnames = [node['hostname'] for node in nodes] + node_hrns = [hostname_to_hrn(auth_hrn, login_base, hostname) for hostname in hostnames] + pl_record['nodes'] = node_hrns + if 'site_ids' in pl_record: + sites = self.plshell.GetSites(self.plauth, pl_record['site_ids'], ['login_base']) + login_bases = [site['login_base'] for site in sites] + site_hrns = [".".join([auth_hrn, lbase]) for lbase in login_bases] + pl_record['sites'] = site_hrns + if 'key_ids' in pl_record: + keys = self.plshell.GetKeys(self.plauth, pl_record['key_ids']) + pubkeys = [] + if keys: + pubkeys = [key['key'] for key in keys] + pl_record['keys'] = pubkeys + + record.set_pl_info(pl_record) def lookup_users(self, auth_table, user_id_list, role="*"): @@ -318,24 +364,16 @@ class GeniAPI: researchers = self.lookup_users(auth_table, person_ids) geni_info['researcher'] = researchers - elif (type == "sa"): + elif (type == "authority"): auth_table = self.auth.get_auth_table(record.get_name()) person_ids = record.pl_info.get("person_ids", []) pis = self.lookup_users(auth_table, person_ids, "pi") - geni_info['pi'] = pis - # TODO: OrganizationName - - elif (type == "ma"): - auth_table = self.auth.get_auth_table(record.get_name()) - person_ids = record.pl_info.get("person_ids", []) operators = self.lookup_users(auth_table, person_ids, "tech") - geni_info['operator'] = operators - # TODO: OrganizationName - - auth_table = self.auth.get_auth_table(record.get_name()) - person_ids = record.pl_info.get("person_ids", []) owners = self.lookup_users(auth_table, person_ids, "admin") + geni_info['pi'] = pis + geni_info['operator'] = operators geni_info['owner'] = owners + # TODO: OrganizationName elif (type == "node"): geni_info['dns'] = record.pl_info.get("hostname", "") @@ -373,13 +411,20 @@ class GeniAPI: # their pointer newIdList = [] for hrn in newList: - userRecord = self.resolve_raw("user", hrn)[0] - newIdList.append(userRecord.get_pointer()) + auth_hrn = self.auth.get_authority(hrn) + if not auth_hrn: + auth_hrn = hrn + auth_info = self.auth.get_auth_info(auth_hrn) + table = self.auth.get_auth_table(auth_hrn) + records = table.resolve('user', hrn) + if records: + userRecord = records[0] + newIdList.append(userRecord.get_pointer()) # build a list of the old person ids from the person_ids field of the # pl_info if oldRecord: - oldIdList = oldRecord.plinfo.get("person_ids", []) + oldIdList = oldRecord.pl_info.get("person_ids", []) containerId = oldRecord.get_pointer() else: # if oldRecord==None, then we are doing a Register, instead of an @@ -404,13 +449,10 @@ class GeniAPI: self.update_membership_list(oldRecord, record, 'researcher', self.plshell.AddPersonToSlice, self.plshell.DeletePersonFromSlice) - elif record.type == "sa": - # TODO - pass - elif record.type == "ma": + elif record.type == "authority": # TODO pass - + def callable(self, method): """ @@ -427,6 +469,7 @@ class GeniAPI: callablemethod = getattr(module, classname)(self) return getattr(module, classname)(self) except ImportError, AttributeError: + raise raise GeniInvalidAPIMethod, method def call(self, source, method, *args):