X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=sfa%2Fclient%2Fsfaadmin.py;h=2ef48099735b21aa38e1de60a83a159dac69fd50;hb=eabad1f49b519d0a7b73a2644c14a94e87545dda;hp=704d651cfdf48cddc7952854a35f8b6428463458;hpb=9e11e6829dfde9b01ba47cbb76866f37537db633;p=sfa.git diff --git a/sfa/client/sfaadmin.py b/sfa/client/sfaadmin.py index 704d651c..2ef48099 100755 --- a/sfa/client/sfaadmin.py +++ b/sfa/client/sfaadmin.py @@ -1,186 +1,614 @@ #!/usr/bin/python + +# pylint: disable=c0111, c0103, w0402, w0622 + +from __future__ import print_function + +import os import sys import copy -from sfa.generic import Generic +from pprint import PrettyPrinter from optparse import OptionParser +from sfa.generic import Generic from sfa.util.xrn import Xrn -from sfa.storage.record import SfaRecord +from sfa.util.sfalogging import logger, init_logger + +from sfa.storage.record import Record + +from sfa.trust.hierarchy import Hierarchy +from sfa.trust.gid import GID +from sfa.trust.certificate import convert_public_key -def args(*args, **kwargs): +from sfa.client.common import (optparse_listvalue_callback, + optparse_dictvalue_callback, + terminal_render, filter_records) +from sfa.client.candidates import Candidates +from sfa.client.sfi import save_records_to_file + +pprinter = PrettyPrinter(indent=4) + +# if set, will output on stdout +DEBUG = False + +try: + help_basedir = Hierarchy().basedir +except Exception: + help_basedir = '*unable to locate Hierarchy().basedir' + + +def add_options(*args, **kwargs): def _decorator(func): - func.__dict__.setdefault('options', []).insert(0, (args, kwargs)) + func.__dict__.setdefault('add_options', []).insert(0, (args, kwargs)) return func return _decorator + class Commands(object): def _get_commands(self): - available_methods = [] + command_names = [] for attrib in dir(self): if callable(getattr(self, attrib)) and not attrib.startswith('_'): - available_methods.append(attrib) - return available_methods + command_names.append(attrib) + return command_names + class RegistryCommands(Commands): def __init__(self, *args, **kwds): - self.api= Generic.the_flavour().make_api(interface='registry') - - def version(self): - pass - - @args('-x', '--xrn', dest='xrn', metavar='', help='object hrn/urn') - @args('-t', '--type', dest='type', metavar='', help='object type', default=None) - def list(self, xrn, type=None): - xrn = Xrn(xrn, type) - records = self.api.manager.List(self.api, xrn.get_hrn()) - for record in records: - if not type or record['type'] == type: - print "%s (%s)" % (record['hrn'], record['type']) - + self.api = Generic.the_flavour().make_api(interface='registry') - @args('-x', '--xrn', dest='xrn', metavar='', help='object hrn/urn') - @args('-t', '--type', dest='type', metavar='', help='object type', default=None) - @args('-o', '--outfile', dest='outfile', metavar='', help='save record to file') - def show(self, xrn, type=None, full=True): - records = self.api.manager.Resolve(self.api, xrn, type, full) + def version(self): + """Display the Registry version""" + version = self.api.manager.GetVersion(self.api, {}) + pprinter.pprint(version) + + @add_options('-x', '--xrn', dest='xrn', metavar='', + help='authority to list (hrn/urn - mandatory)') + @add_options('-t', '--type', dest='type', metavar='', + help='object type', default='all') + @add_options('-r', '--recursive', dest='recursive', metavar='', + help='list all child records', + action='store_true', default=False) + @add_options('-v', '--verbose', dest='verbose', + action='store_true', default=False) + def list(self, xrn, type=None, recursive=False, verbose=False): + """ + List names registered at a given authority, possibly filtered by type + """ + xrn = Xrn(xrn, type) + options_dict = {'recursive': recursive} + records = self.api.manager.List( + self.api, xrn.get_hrn(), options=options_dict) + list = filter_records(type, records) + # terminal_render expects an options object + + class Options: # pylint: disable=r0903 + def __init__(self, verbose): + self.verbose = verbose + + options = Options(verbose) + terminal_render(list, options) + + @add_options('-x', '--xrn', dest='xrn', metavar='', + help='object hrn/urn (mandatory)') + @add_options('-t', '--type', dest='type', metavar='', + help='object type', default=None) + @add_options('-o', '--outfile', dest='outfile', metavar='', + help='save record to file') + @add_options('-f', '--format', dest='format', metavar='', + type='choice', choices=('text', 'xml', 'simple'), + help='display record in different formats') + def show(self, xrn, type=None, format=None, outfile=None): + """Display details for a registered object""" + records = self.api.manager.Resolve(self.api, xrn, type, details=True) for record in records: - sfa_record = SfaRecord(record) - print sfa_record.dump() - - def register(self, record): - pass - - def update(self, record): - pass - - def remove(self, xrn): - pass - - def credential(self, xrn): - pass - + sfa_record = Record(dict=record) + sfa_record.dump(format) + if outfile: + save_records_to_file(outfile, records) + + @staticmethod + def _record_dict(xrn, type, email, key, + slices, researchers, pis, + url, description, extras): + record_dict = {} + if xrn: + if type: + xrn = Xrn(xrn, type) + else: + xrn = Xrn(xrn) + record_dict['urn'] = xrn.get_urn() + record_dict['hrn'] = xrn.get_hrn() + record_dict['type'] = xrn.get_type() + if url: + record_dict['url'] = url + if description: + record_dict['description'] = description + if key: + try: + pubkey = open(key, 'r').read() + except IOError: + pubkey = key + record_dict['reg-keys'] = [pubkey] + if slices: + record_dict['slices'] = slices + if researchers: + record_dict['reg-researchers'] = researchers + if email: + record_dict['email'] = email + if pis: + record_dict['reg-pis'] = pis + if extras: + record_dict.update(extras) + return record_dict + + @add_options('-x', '--xrn', dest='xrn', metavar='', + help='object hrn/urn', default=None) + @add_options('-t', '--type', dest='type', metavar='', + help='object type (mandatory)') + @add_options('-a', '--all', dest='all', metavar='', + action='store_true', default=False, + help='check all users GID') + @add_options('-v', '--verbose', dest='verbose', metavar='', + action='store_true', default=False, + help='verbose mode: display user\'s hrn ') + def check_gid(self, xrn=None, type=None, all=None, verbose=None): + """Check the correspondance between the GID and the PubKey""" + + # db records + from sfa.storage.model import RegRecord + db_query = self.api.dbsession().query(RegRecord).filter_by(type=type) + if xrn and not all: + hrn = Xrn(xrn).get_hrn() + db_query = db_query.filter_by(hrn=hrn) + elif all and xrn: + print("Use either -a or -x , not both !!!") + sys.exit(1) + elif not all and not xrn: + print("Use either -a or -x , one of them is mandatory !!!") + sys.exit(1) + + records = db_query.all() + if not records: + print("No Record found") + sys.exit(1) + + OK = [] + NOK = [] + ERROR = [] + NOKEY = [] + for record in records: + # get the pubkey stored in SFA DB + if record.reg_keys: + db_pubkey_str = record.reg_keys[0].key + try: + db_pubkey_obj = convert_public_key(db_pubkey_str) + except Exception: + ERROR.append(record.hrn) + continue + else: + NOKEY.append(record.hrn) + continue + + # get the pubkey from the gid + gid_str = record.gid + gid_obj = GID(string=gid_str) + gid_pubkey_obj = gid_obj.get_pubkey() + + # Check if gid_pubkey_obj and db_pubkey_obj are the same + check = gid_pubkey_obj.is_same(db_pubkey_obj) + if check: + OK.append(record.hrn) + else: + NOK.append(record.hrn) + + if not verbose: + print("Users NOT having a PubKey: %s\n\ +Users having a non RSA PubKey: %s\n\ +Users having a GID/PubKey correpondence OK: %s\n\ +Users having a GID/PubKey correpondence Not OK: %s\n" + % (len(NOKEY), len(ERROR), len(OK), len(NOK))) + else: + print("Users NOT having a PubKey: %s and are: \n%s\n\n\ +Users having a non RSA PubKey: %s and are: \n%s\n\n\ +Users having a GID/PubKey correpondence OK: %s and are: \n%s\n\n\ +Users having a GID/PubKey correpondence NOT OK: %s and are: \n%s\n\n" + % (len(NOKEY), NOKEY, len(ERROR), ERROR, + len(OK), OK, len(NOK), NOK)) + + + @add_options('-x', '--xrn', dest='xrn', metavar='', + help='object hrn/urn (mandatory)') + @add_options('-t', '--type', dest='type', metavar='', + help='object type', default=None) + @add_options('-e', '--email', dest='email', default="", + help="email (mandatory for users)") + @add_options('-u', '--url', dest='url', metavar='', default=None, + help="URL, useful for slices") + @add_options('-d', '--description', dest='description', + metavar='', + help='Description, useful for slices', default=None) + @add_options('-k', '--key', dest='key', metavar='', + help='public key string or file', + default=None) + @add_options('-s', '--slices', dest='slices', metavar='', + help='Set/replace slice xrns', + default='', type="str", action='callback', + callback=optparse_listvalue_callback) + @add_options('-r', '--researchers', dest='researchers', + metavar='', help='Set/replace slice researchers', + default='', type="str", action='callback', + callback=optparse_listvalue_callback) + @add_options('-p', '--pis', dest='pis', metavar='', + help='Set/replace Principal Investigators/Project Managers', + default='', type="str", action='callback', + callback=optparse_listvalue_callback) + @add_options('-X', '--extra', dest='extras', + default={}, type='str', metavar="", + action="callback", callback=optparse_dictvalue_callback, + nargs=1, + help="set extra/testbed-dependent flags," + " e.g. --extra enabled=true") + def register(self, xrn, type=None, email='', key=None, + slices='', pis='', researchers='', + url=None, description=None, extras={}): + """Create a new Registry record""" + record_dict = self._record_dict( + xrn=xrn, type=type, email=email, key=key, + slices=slices, researchers=researchers, pis=pis, + url=url, description=description, extras=extras) + self.api.manager.Register(self.api, record_dict) + + @add_options('-x', '--xrn', dest='xrn', metavar='', + help='object hrn/urn (mandatory)') + @add_options('-t', '--type', dest='type', metavar='', + help='object type', default=None) + @add_options('-u', '--url', dest='url', metavar='', + help='URL', default=None) + @add_options('-d', '--description', dest='description', + metavar='', + help='Description', default=None) + @add_options('-k', '--key', dest='key', metavar='', + help='public key string or file', + default=None) + @add_options('-s', '--slices', dest='slices', metavar='', + help='Set/replace slice xrns', + default='', type="str", action='callback', + callback=optparse_listvalue_callback) + @add_options('-r', '--researchers', dest='researchers', + metavar='', help='Set/replace slice researchers', + default='', type="str", action='callback', + callback=optparse_listvalue_callback) + @add_options('-p', '--pis', dest='pis', metavar='', + help='Set/replace Principal Investigators/Project Managers', + default='', type="str", action='callback', + callback=optparse_listvalue_callback) + @add_options('-X', '--extra', dest='extras', default={}, type='str', + metavar="", nargs=1, + action="callback", callback=optparse_dictvalue_callback, + help="set extra/testbed-dependent flags," + " e.g. --extra enabled=true") + def update(self, xrn, type=None, email='', key=None, + slices='', pis='', researchers='', + url=None, description=None, extras={}): + """Update an existing Registry record""" + record_dict = self._record_dict( + xrn=xrn, type=type, email=email, key=key, + slices=slices, researchers=researchers, pis=pis, + url=url, description=description, extras=extras) + self.api.manager.Update(self.api, record_dict) + + @add_options('-x', '--xrn', dest='xrn', metavar='', + help='object hrn/urn (mandatory)') + @add_options('-t', '--type', dest='type', metavar='', + help='object type', default=None) + def remove(self, xrn, type=None): + """Remove given object from the registry""" + xrn = Xrn(xrn, type) + self.api.manager.Remove(self.api, xrn) + + @add_options('-x', '--xrn', dest='xrn', metavar='', + help='object hrn/urn (mandatory)') + @add_options('-t', '--type', dest='type', metavar='', + help='object type', default=None) + def credential(self, xrn, type=None): + """Invoke GetCredential""" + cred = self.api.manager.GetCredential( + self.api, xrn, type, self.api.hrn) + print(cred) + + + def import_registry(self): + """Run the importer""" + if not DEBUG: + init_logger('import') + from sfa.importer import Importer + importer = Importer() + importer.run() + + + def sync_db(self): + """Initialize or upgrade the db""" + from sfa.storage.dbschema import DBSchema + dbschema = DBSchema() + dbschema.init_or_upgrade() + + + @add_options('-a', '--all', dest='all', metavar='', + action='store_true', default=False, + help='Remove all registry records and all files in %s area' + % help_basedir) + @add_options('-c', '--certs', dest='certs', + metavar='', action='store_true', default=False, + help='Remove all cached certs/gids found in %s' + % help_basedir) + @add_options('-0', '--no-reinit', dest='reinit', metavar='', + action='store_false', default=True, + help="Prevents new DB schema" + " from being installed after cleanup") + def nuke(self, all=False, certs=False, reinit=True): + """ + Cleanup local registry DB, plus various additional + filesystem cleanups optionally + """ + from sfa.storage.dbschema import DBSchema + from sfa.util.sfalogging import init_logger, logger + init_logger('import') + logger.setLevelFromOptVerbose(self.api.config.SFA_API_LOGLEVEL) + logger.info("Purging SFA records from database") + dbschema = DBSchema() + dbschema.nuke() + + # for convenience we re-create the schema here, + # so there's no need for an explicit + # service sfa restart + # however in some (upgrade) scenarios this might be wrong + if reinit: + logger.info("re-creating empty schema") + dbschema.init_or_upgrade() + + # remove the server certificate and all gids found in + # /var/lib/sfa/authorities + if certs: + logger.info("Purging cached certificates") + for (dir, _, files) in os.walk('/var/lib/sfa/authorities'): + for file in files: + if file.endswith('.gid') or file == 'server.cert': + path = dir + os.sep + file + os.unlink(path) + + # just remove all files that do not match 'server.key' or 'server.cert' + if all: + logger.info("Purging registry filesystem cache") + preserved_files = ['server.key', 'server.cert'] + for dir, _, files in os.walk(Hierarchy().basedir): + for file in files: + if file in preserved_files: + continue + path = dir + os.sep + file + os.unlink(path) + + +class CertCommands(Commands): -class CerficiateCommands(Commands): - - def import_records(self, xrn): - pass + def __init__(self, *args, **kwds): + self.api = Generic.the_flavour().make_api(interface='registry') - def export(self, xrn): + def import_gid(self, xrn): pass + @add_options('-x', '--xrn', dest='xrn', metavar='', + help='object hrn/urn (mandatory)') + @add_options('-t', '--type', dest='type', metavar='', + help='object type', default=None) + @add_options('-o', '--outfile', dest='outfile', metavar='', + help='output file', default=None) + def export(self, xrn, type=None, outfile=None): + """Fetch an object's GID from the Registry""" + from sfa.storage.model import RegRecord + hrn = Xrn(xrn).get_hrn() + request = self.api.dbsession().query(RegRecord).filter_by(hrn=hrn) + if type: + request = request.filter_by(type=type) + record = request.first() + if record: + gid = GID(string=record.gid) + else: + # check the authorities hierarchy + hierarchy = Hierarchy() + try: + auth_info = hierarchy.get_auth_info(hrn) + gid = auth_info.gid_object + except Exception: + print("Record: %s not found" % hrn) + sys.exit(1) + # save to file + if not outfile: + outfile = os.path.abspath('./%s.gid' % gid.get_hrn()) + gid.save_to_file(outfile, save_parents=True) + + @add_options('-g', '--gidfile', dest='gid', metavar='', + help='path of gid file to display (mandatory)') + def display(self, gidfile): + """Print contents of a GID file""" + gid_path = os.path.abspath(gidfile) + if not gid_path or not os.path.isfile(gid_path): + print("No such gid file: %s" % gidfile) + sys.exit(1) + gid = GID(filename=gid_path) + gid.dump(dump_parents=True) - def display(self, xrn): - pass - def nuke(self): - pass class AggregateCommands(Commands): def __init__(self, *args, **kwds): - self.api= Generic.the_flavour().make_api(interface='aggregate') - - def version(self): - pass + self.api = Generic.the_flavour().make_api(interface='aggregate') - def slices(self): - pass + def version(self): + """Display the Aggregate version""" + version = self.api.manager.GetVersion(self.api, {}) + pprinter.pprint(version) + @add_options('-x', '--xrn', dest='xrn', metavar='', + help='object hrn/urn (mandatory)') def status(self, xrn): - pass - - def resources(self, xrn): - pass - - def create(self, xrn, rspec): - pass - + """ + Retrieve the status of the slivers + belonging to the named slice (Status) + """ + urns = [Xrn(xrn, 'slice').get_urn()] + status = self.api.manager.Status(self.api, urns, [], {}) + pprinter.pprint(status) + + @add_options('-r', '--rspec-version', dest='rspec_version', + metavar='', default='GENI', + help='version/format of the resulting rspec response') + def resources(self, rspec_version='GENI'): + """Display the available resources at an aggregate""" + options = {'geni_rspec_version': rspec_version} + print(options) + resources = self.api.manager.ListResources(self.api, [], options) + print(resources) + + @add_options('-x', '--xrn', dest='xrn', metavar='', + help='slice hrn/urn (mandatory)') + @add_options('-r', '--rspec', dest='rspec', metavar='', + help='rspec file (mandatory)') + def allocate(self, xrn, rspec): + """Allocate slivers""" + xrn = Xrn(xrn, 'slice') + slice_urn = xrn.get_urn() + rspec_string = open(rspec).read() + options = {} + manifest = self.api.manager.Allocate( + self.api, slice_urn, [], rspec_string, options) + print(manifest) + + @add_options('-x', '--xrn', dest='xrn', metavar='', + help='slice hrn/urn (mandatory)') + def provision(self, xrn): + """Provision slivers""" + xrn = Xrn(xrn, 'slice') + slice_urn = xrn.get_urn() + options = {} + manifest = self.api.manager.provision( + self.api, [slice_urn], [], options) + print(manifest) + + @add_options('-x', '--xrn', dest='xrn', metavar='', + help='slice hrn/urn (mandatory)') def delete(self, xrn): - pass - - def start(self, xrn): - pass + """Delete slivers""" + self.api.manager.Delete(self.api, [xrn], [], {}) - def stop(self, xrn): - pass - def reset(self, xrn): - pass +class SliceManagerCommands(AggregateCommands): - def ticket(self): - pass + def __init__(self, *args, **kwds): + self.api = Generic.the_flavour().make_api(interface='slicemgr') -class SliceManagerCommands(AggregateCommands): - - def __init__(self, *args, **kwds): - self.api= Generic().make_api(interface='slicemgr') +class SfaAdmin: + CATEGORIES = {'certificate': CertCommands, + 'registry': RegistryCommands, + 'aggregate': AggregateCommands, + 'slicemgr': SliceManagerCommands} -CATEGORIES = {'registry': RegistryCommands, - 'aggregate': AggregateCommands, - 'slicemgr': SliceManagerCommands} + # returns (name,class) or (None,None) + def find_category(self, input): + full_name = Candidates(SfaAdmin.CATEGORIES.keys()).only_match(input) + if not full_name: + return (None, None) + return (full_name, SfaAdmin.CATEGORIES[full_name]) -def main(): - argv = copy.deepcopy(sys.argv) - script_name = argv.pop(0) - if len(argv) < 1: - print script_name + " category action []" - print "Available categories:" - for k in CATEGORIES: - print "\t%s" % k + def summary_usage(self, category=None): + print("Usage:", self.script_name + " category command []") + if category and category in SfaAdmin.CATEGORIES: + categories = [category] + else: + categories = SfaAdmin.CATEGORIES + for c in categories: + cls = SfaAdmin.CATEGORIES[c] + print("==================== category=%s" % c) + names = cls.__dict__.keys() + names.sort() + for name in names: + method = cls.__dict__[name] + if name.startswith('_'): + continue + margin = 15 + print("%-15s" % name, end=' ') + doc = getattr(method, '__doc__', None) + if not doc: + print("") + continue + lines = [line.strip() for line in doc.split("\n")] + line1 = lines.pop(0) + print(line1) + for extra_line in lines: + print(margin * " ", extra_line) sys.exit(2) - category = argv.pop(0) - usage = "%%prog %s action [options]" % (category) - parser = OptionParser(usage=usage) - command_class = CATEGORIES[category] - command_instance = command_class() - actions = command_instance._get_commands() - if len(argv) < 1: - if hasattr(command_instance, '__call__'): - action = '' - command = command_instance.__call__ + def main(self): + argv = copy.deepcopy(sys.argv) + self.script_name = argv.pop(0) + # ensure category is specified + if len(argv) < 1: + self.summary_usage() + + # ensure category is valid + category_input = argv.pop(0) + (category_name, category_class) = self.find_category(category_input) + if not category_name or not category_class: + self.summary_usage(category_name) + + usage = "%%prog %s command [options]" % (category_name) + parser = OptionParser(usage=usage) + + # ensure command is valid + category_instance = category_class() + commands = category_instance._get_commands() + if len(argv) < 1: + # xxx what is this about ? + command_name = '__call__' + else: + command_input = argv.pop(0) + command_name = Candidates(commands).only_match(command_input) + + if command_name and hasattr(category_instance, command_name): + command = getattr(category_instance, command_name) else: - print script_name + " category action []" - print "Available actions for %s category:" % category - for k in actions: - print "\t%s" % k - sys.exit(2) - else: - action = argv.pop(0) - command = getattr(command_instance, action) - - options = getattr(command, 'options', []) - usage = "%%prog %s %s [options]" % (category, action) - parser = OptionParser(usage=usage) - for arg, kwd in options: - parser.add_option(*arg, **kwd) - (opts, cmd_args) = parser.parse_args(argv) - cmd_kwds = vars(opts) - - # dont overrride meth - for k, v in cmd_kwds.items(): - if v is None: - del cmd_kwds[k] - - try: - command(*cmd_args, **cmd_kwds) - sys.exit(0) - except TypeError: - print "Possible wrong number of arguments supplied" - print command.__doc__ - parser.print_help() - #raise - except Exception: - print "Command failed, please check log for more info" - raise - - -if __name__ == '__main__': - main() - - - - + self.summary_usage(category_name) + + # ensure options are valid + usage = "%%prog %s %s [options]" % (category_name, command_name) + parser = OptionParser(usage=usage) + for args, kwdargs in getattr(command, 'add_options', []): + parser.add_option(*args, **kwdargs) + (opts, cmd_args) = parser.parse_args(argv) + cmd_kwds = vars(opts) + + # dont overrride meth + for k, v in cmd_kwds.items(): + if v is None: + del cmd_kwds[k] + + # execute command + try: + # print "invoking %s *=%s **=%s"%(command.__name__, cmd_args, + # cmd_kwds) + command(*cmd_args, **cmd_kwds) + sys.exit(0) + except TypeError: + print("Possible wrong number of arguments supplied") + print(command.__doc__) + parser.print_help() + sys.exit(1) + # raise + except Exception: + print("Command failed, please check log for more info") + raise + sys.exit(1)