X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=sfa%2Fclient%2Fsfaadmin.py;h=b7b45d46e486ee774703d6bf360bd931983a160a;hb=4d368864279e499c7ee1b8b0505112f1abee01a5;hp=9f5fa0ff14104e6b76543d497fcca92361345447;hpb=8a5bac7cc1f21cd5885c6a862a828ac53fb5aabb;p=sfa.git diff --git a/sfa/client/sfaadmin.py b/sfa/client/sfaadmin.py index 9f5fa0ff..b7b45d46 100755 --- a/sfa/client/sfaadmin.py +++ b/sfa/client/sfaadmin.py @@ -11,9 +11,12 @@ from sfa.storage.record import Record from sfa.client.sfi import save_records_to_file from sfa.trust.hierarchy import Hierarchy from sfa.trust.gid import GID +from sfa.trust.certificate import convert_public_key from sfa.client.candidates import Candidates +from sfa.client.common import optparse_listvalue_callback, optparse_dictvalue_callback, terminal_render, filter_records + pprinter = PrettyPrinter(indent=4) try: @@ -21,9 +24,6 @@ try: except: help_basedir='*unable to locate Hierarchy().basedir' -def optparse_listvalue_callback(option, opt, value, parser): - setattr(parser.values, option.dest, value.split(',')) - def args(*args, **kwargs): def _decorator(func): func.__dict__.setdefault('options', []).insert(0, (args, kwargs)) @@ -49,17 +49,21 @@ class RegistryCommands(Commands): pprinter.pprint(version) @args('-x', '--xrn', dest='xrn', metavar='', help='authority to list (hrn/urn - mandatory)') - @args('-t', '--type', dest='type', metavar='', help='object type', default=None) + @args('-t', '--type', dest='type', metavar='', help='object type', default='all') @args('-r', '--recursive', dest='recursive', metavar='', help='list all child records', - action='store_true', default=False) - def list(self, xrn, type=None, recursive=False): + action='store_true', default=False) + @args('-v', '--verbose', dest='verbose', action='store_true', default=False) + def list(self, xrn, type=None, recursive=False, verbose=False): """List names registered at a given authority - possibly filtered by type""" xrn = Xrn(xrn, type) - options = {'recursive': recursive} - records = self.api.manager.List(self.api, xrn.get_hrn(), options=options) - for record in records: - if not type or record['type'] == type: - print "%s (%s)" % (record['hrn'], record['type']) + options_dict = {'recursive': recursive} + records = self.api.manager.List(self.api, xrn.get_hrn(), options=options_dict) + list = filter_records(type, records) + # terminal_render expects an options object + class Options: pass + options=Options() + options.verbose=verbose + terminal_render (list, options) @args('-x', '--xrn', dest='xrn', metavar='', help='object hrn/urn (mandatory)') @@ -69,7 +73,7 @@ class RegistryCommands(Commands): choices=('text', 'xml', 'simple'), help='display record in different formats') def show(self, xrn, type=None, format=None, outfile=None): """Display details for a registered object""" - records = self.api.manager.Resolve(self.api, xrn, type, True) + records = self.api.manager.Resolve(self.api, xrn, type, details=True) for record in records: sfa_record = Record(dict=record) sfa_record.dump(format) @@ -80,7 +84,7 @@ class RegistryCommands(Commands): def _record_dict(self, xrn=None, type=None, url=None, description=None, email='', key=None, - slices=[], researchers=[], pis=[]): + slices=[], researchers=[], pis=[], extras={}): record_dict = {} if xrn: if type: @@ -108,8 +112,79 @@ class RegistryCommands(Commands): record_dict['email'] = email if pis: record_dict['pi'] = pis + if extras: + record_dict.update(extras) return record_dict + + @args('-x', '--xrn', dest='xrn', metavar='', help='object hrn/urn', default=None) + @args('-t', '--type', dest='type', metavar='', help='object type (mandatory)',) + @args('-a', '--all', dest='all', metavar='', action='store_true', default=False, help='check all users GID') + @args('-v', '--verbose', dest='verbose', metavar='', action='store_true', default=False, help='verbose mode: display user\'s hrn ') + def check_gid(self, xrn=None, type=None, all=None, verbose=None): + """Check the correspondance between the GID and the PubKey""" + + # db records + from sfa.storage.alchemy import dbsession + from sfa.storage.model import RegRecord + db_query = dbsession.query(RegRecord).filter_by(type=type) + if xrn and not all: + hrn = Xrn(xrn).get_hrn() + db_query = db_query.filter_by(hrn=hrn) + elif all and xrn: + print "Use either -a or -x , not both !!!" + sys.exit(1) + elif not all and not xrn: + print "Use either -a or -x , one of them is mandatory !!!" + sys.exit(1) + + records = db_query.all() + if not records: + print "No Record found" + sys.exit(1) + + OK = [] + NOK = [] + ERROR = [] + NOKEY = [] + for record in records: + # get the pubkey stored in SFA DB + if record.reg_keys: + db_pubkey_str = record.reg_keys[0].key + try: + db_pubkey_obj = convert_public_key(db_pubkey_str) + except: + ERROR.append(record.hrn) + continue + else: + NOKEY.append(record.hrn) + continue + + # get the pubkey from the gid + gid_str = record.gid + gid_obj = GID(string = gid_str) + gid_pubkey_obj = gid_obj.get_pubkey() + + # Check if gid_pubkey_obj and db_pubkey_obj are the same + check = gid_pubkey_obj.is_same(db_pubkey_obj) + if check : + OK.append(record.hrn) + else: + NOK.append(record.hrn) + + if not verbose: + print "Users NOT having a PubKey: %s\n\ +Users having a non RSA PubKey: %s\n\ +Users having a GID/PubKey correpondence OK: %s\n\ +Users having a GID/PubKey correpondence Not OK: %s\n"%(len(NOKEY), len(ERROR), len(OK), len(NOK)) + else: + print "Users NOT having a PubKey: %s and are: \n%s\n\n\ +Users having a non RSA PubKey: %s and are: \n%s\n\n\ +Users having a GID/PubKey correpondence OK: %s and are: \n%s\n\n\ +Users having a GID/PubKey correpondence NOT OK: %s and are: \n%s\n\n"%(len(NOKEY),NOKEY, len(ERROR), ERROR, len(OK), OK, len(NOK), NOK) + + + @args('-x', '--xrn', dest='xrn', metavar='', help='object hrn/urn (mandatory)') @args('-t', '--type', dest='type', metavar='', help='object type', default=None) @args('-e', '--email', dest='email', default="", @@ -120,18 +195,19 @@ class RegistryCommands(Commands): help='Description, useful for slices', default=None) @args('-k', '--key', dest='key', metavar='', help='public key string or file', default=None) - @args('-s', '--slices', dest='slices', metavar='', help='slice xrns', + @args('-s', '--slices', dest='slices', metavar='', help='Set/replace slice xrns', default='', type="str", action='callback', callback=optparse_listvalue_callback) - @args('-r', '--researchers', dest='researchers', metavar='', help='slice researchers', + @args('-r', '--researchers', dest='researchers', metavar='', help='Set/replace slice researchers', default='', type="str", action='callback', callback=optparse_listvalue_callback) @args('-p', '--pis', dest='pis', metavar='', - help='Principal Investigators/Project Managers ', + help='Set/replace Principal Investigators/Project Managers', default='', type="str", action='callback', callback=optparse_listvalue_callback) + @args('-X','--extra',dest='extras',default={},type='str',metavar="", action="callback", callback=optparse_dictvalue_callback, nargs=1, help="set extra/testbed-dependent flags, e.g. --extra enabled=true") def register(self, xrn, type=None, url=None, description=None, key=None, slices='', - pis='', researchers='',email=''): + pis='', researchers='',email='', extras={}): """Create a new Registry record""" record_dict = self._record_dict(xrn=xrn, type=type, url=url, key=key, - slices=slices, researchers=researchers, email=email, pis=pis) + slices=slices, researchers=researchers, email=email, pis=pis, extras=extras) self.api.manager.Register(self.api, record_dict) @@ -142,18 +218,20 @@ class RegistryCommands(Commands): help='Description', default=None) @args('-k', '--key', dest='key', metavar='', help='public key string or file', default=None) - @args('-s', '--slices', dest='slices', metavar='', help='slice xrns', + @args('-s', '--slices', dest='slices', metavar='', help='Set/replace slice xrns', default='', type="str", action='callback', callback=optparse_listvalue_callback) - @args('-r', '--researchers', dest='researchers', metavar='', help='slice researchers', + @args('-r', '--researchers', dest='researchers', metavar='', help='Set/replace slice researchers', default='', type="str", action='callback', callback=optparse_listvalue_callback) @args('-p', '--pis', dest='pis', metavar='', - help='Principal Investigators/Project Managers ', + help='Set/replace Principal Investigators/Project Managers', default='', type="str", action='callback', callback=optparse_listvalue_callback) + @args('-X','--extra',dest='extras',default={},type='str',metavar="", action="callback", callback=optparse_dictvalue_callback, nargs=1, help="set extra/testbed-dependent flags, e.g. --extra enabled=true") def update(self, xrn, type=None, url=None, description=None, key=None, slices='', - pis='', researchers=''): + pis='', researchers='', extras={}): """Update an existing Registry record""" + print 'incoming PIS',pis record_dict = self._record_dict(xrn=xrn, type=type, url=url, description=description, - key=key, slices=slices, researchers=researchers, pis=pis) + key=key, slices=slices, researchers=researchers, pis=pis, extras=extras) self.api.manager.Update(self.api, record_dict) @args('-x', '--xrn', dest='xrn', metavar='', help='object hrn/urn (mandatory)') @@ -179,10 +257,10 @@ class RegistryCommands(Commands): importer.run() def sync_db(self): - """Initiailize or upgrade the db""" + """Initialize or upgrade the db""" from sfa.storage.dbschema import DBSchema dbschema=DBSchema() - dbschema.init_or_upgrade + dbschema.init_or_upgrade() @args('-a', '--all', dest='all', metavar='', action='store_true', default=False, help='Remove all registry records and all files in %s area' % help_basedir) @@ -280,12 +358,11 @@ class AggregateCommands(Commands): version = self.api.manager.GetVersion(self.api, {}) pprinter.pprint(version) - @args('-x', '--xrn', dest='xrn', metavar='', help='object hrn/urn (mandatory)') def status(self, xrn): - """Display the status of a slice or slivers""" - urn = Xrn(xrn, 'slice').get_urn() - status = self.api.manager.SliverStatus(self.api, [urn], {}, {}) + """Retrieve the status of the slivers belonging to the named slice (Status)""" + urns = [Xrn(xrn, 'slice').get_urn()] + status = self.api.manager.Status(self.api, urns, [], {}) pprinter.pprint(status) @args('-r', '--rspec-version', dest='rspec_version', metavar='', @@ -293,73 +370,39 @@ class AggregateCommands(Commands): def resources(self, rspec_version='GENI'): """Display the available resources at an aggregate""" options = {'geni_rspec_version': rspec_version} - if xrn: - options['geni_slice_urn'] = Xrn(xrn, 'slice').get_urn() - resources = self.api.manager.ListResources(self.api, {}, options) + print options + resources = self.api.manager.ListResources(self.api, [], options) print resources - - @args('-x', '--xrn', dest='xrn', metavar='', help='object hrn/urn', default=None) - @args('-r', '--rspec-version', dest='rspec_version', metavar='', - default='GENI', help='version/format of the resulting rspec response') - def describe(self, xrn, rspec_version='GENI'): - """Display the resources allocated by a slice or slivers""" - urn = Xrn(xrn, 'slice').get_urn() - options = {'geni_rspec_version': rspec_version} - status = self.api.manager.Describe(self.api, {}, [urn], options) - print status - + + @args('-x', '--xrn', dest='xrn', metavar='', help='slice hrn/urn (mandatory)') - @args('-r', '--rspec', dest='rspec', metavar='', help='rspec file (mandatory)') - @args('-u', '--user', dest='user', metavar='', help='hrn/urn of slice user (mandatory)') - @args('-k', '--key', dest='key', metavar='', help="path to user's public key file (mandatory)") - def allocate(self, xrn, rspec, user, key): + @args('-r', '--rspec', dest='rspec', metavar='', help='rspec file (mandatory)') + def allocate(self, xrn, rspec): """Allocate slivers""" xrn = Xrn(xrn, 'slice') - urn=xrn.get_urn() + slice_urn=xrn.get_urn() rspec_string = open(rspec).read() - user_xrn = Xrn(user, 'user') - user_urn = user_xrn.get_urn() - user_key_string = open(key).read() - users = [{'urn': user_urn, 'keys': [user_key_string]}] - options={'geni_users': users} - status = self.api.manager.Allocate(self.api, urn, {}, rspec_string, options) - print status + options={} + manifest = self.api.manager.Allocate(self.api, slice_urn, [], rspec_string, options) + print manifest - @args('-x', '--xrn', dest='xrn', metavar='', help='slice hrn/urn (mandatory)') - def provision(self, xrns): - status = self.api.manager.Provision(self.api, [xrns], {}, {}) - print status @args('-x', '--xrn', dest='xrn', metavar='', help='slice hrn/urn (mandatory)') - def delete(self, xrn): - """Delete slivers""" - result = self.api.manager.DeleteSliver(self.api, [xrn], {}, {}) - print result + def provision(self, xrn): + """Provision slivers""" + xrn = Xrn(xrn, 'slice') + slice_urn=xrn.get_urn() + options={} + manifest = self.api.manager.provision(self.api, [slice_urn], [], options) + print manifest - @args('-x', '--xrn', dest='xrn', metavar='', help='slice hrn/urn (mandatory)') - @args('-e', '--expiration', dest='expiration', metavar='', help='Expiration date (mandatory)') - def renew(self, xrn, expiration): - """Start slivers""" - result = self.api.manager.start_slice(self.api, xrn, {}, expiration, {}) - print result - @args('-x', '--xrn', dest='xrn', metavar='', help='slice hrn/urn (mandatory)') - def shutdown(self, xrn): - """Stop slivers""" - result = self.api.manager.Shutdown(self.api, xrn, {}, {}) - print result @args('-x', '--xrn', dest='xrn', metavar='', help='slice hrn/urn (mandatory)') - @args('-a', '--action', dest='action', metavar='', help='Action name (mandatory)') - def operation(self, xrn, action): - """Reset sliver""" - result = self.api.manager.PerformOperationalAction(self.api, [xrn], {}, action, {}) - print result - -# @args('-x', '--xrn', dest='xrn', metavar='', help='object hrn/urn', default=None) -# @args('-r', '--rspec', dest='rspec', metavar='', help='request rspec', default=None) -# def ticket(self, xrn, rspec): -# pass + def delete(self, xrn): + """Delete slivers""" + self.api.manager.Delete(self.api, [xrn], [], {}) +