X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=sfa%2Fclient%2Fsfaadmin.py;h=df4629fe676de7666783b119cc0e8425ef70ba10;hb=f8934f852d6f200f10c0c07ee98ef5730f67b886;hp=ffe7a4bf1f12aaaddaf950a9408b6d0aae08b760;hpb=ec119c68825b2b16a249d120422739e3f7b32a9d;p=sfa.git diff --git a/sfa/client/sfaadmin.py b/sfa/client/sfaadmin.py index ffe7a4bf..df4629fe 100755 --- a/sfa/client/sfaadmin.py +++ b/sfa/client/sfaadmin.py @@ -11,9 +11,12 @@ from sfa.storage.record import Record from sfa.client.sfi import save_records_to_file from sfa.trust.hierarchy import Hierarchy from sfa.trust.gid import GID +from sfa.trust.certificate import convert_public_key from sfa.client.candidates import Candidates +from sfa.client.common import optparse_listvalue_callback, terminal_render, filter_records + pprinter = PrettyPrinter(indent=4) try: @@ -21,9 +24,6 @@ try: except: help_basedir='*unable to locate Hierarchy().basedir' -def optparse_listvalue_callback(option, opt, value, parser): - setattr(parser.values, option.dest, value.split(',')) - def args(*args, **kwargs): def _decorator(func): func.__dict__.setdefault('options', []).insert(0, (args, kwargs)) @@ -51,15 +51,19 @@ class RegistryCommands(Commands): @args('-x', '--xrn', dest='xrn', metavar='', help='authority to list (hrn/urn - mandatory)') @args('-t', '--type', dest='type', metavar='', help='object type', default=None) @args('-r', '--recursive', dest='recursive', metavar='', help='list all child records', - action='store_true', default=False) - def list(self, xrn, type=None, recursive=False): + action='store_true', default=False) + @args('-v', '--verbose', dest='verbose', action='store_true', default=False) + def list(self, xrn, type=None, recursive=False, verbose=False): """List names registered at a given authority - possibly filtered by type""" xrn = Xrn(xrn, type) - options = {'recursive': recursive} - records = self.api.manager.List(self.api, xrn.get_hrn(), options=options) - for record in records: - if not type or record['type'] == type: - print "%s (%s)" % (record['hrn'], record['type']) + options_dict = {'recursive': recursive} + records = self.api.manager.List(self.api, xrn.get_hrn(), options=options_dict) + list = filter_records(type, records) + # terminal_render expects an options object + class Options: pass + options=Options() + options.verbose=verbose + terminal_render (list, options) @args('-x', '--xrn', dest='xrn', metavar='', help='object hrn/urn (mandatory)') @@ -110,6 +114,75 @@ class RegistryCommands(Commands): record_dict['pi'] = pis return record_dict + + @args('-x', '--xrn', dest='xrn', metavar='', help='object hrn/urn', default=None) + @args('-t', '--type', dest='type', metavar='', help='object type (mandatory)',) + @args('-a', '--all', dest='all', metavar='', action='store_true', default=False, help='check all users GID') + @args('-v', '--verbose', dest='verbose', metavar='', action='store_true', default=False, help='verbose mode: display user\'s hrn ') + def check_gid(self, xrn=None, type=None, all=None, verbose=None): + """Check the correspondance between the GID and the PubKey""" + + # db records + from sfa.storage.alchemy import dbsession + from sfa.storage.model import RegRecord + db_query = dbsession.query(RegRecord).filter_by(type=type) + if xrn and not all: + hrn = Xrn(xrn).get_hrn() + db_query = db_query.filter_by(hrn=hrn) + elif all and xrn: + print "Use either -a or -x , not both !!!" + sys.exit(1) + elif not all and not xrn: + print "Use either -a or -x , one of them is mandatory !!!" + sys.exit(1) + + records = db_query.all() + if not records: + print "No Record found" + sys.exit(1) + + OK = [] + NOK = [] + ERROR = [] + NOKEY = [] + for record in records: + # get the pubkey stored in SFA DB + if record.reg_keys: + db_pubkey_str = record.reg_keys[0].key + try: + db_pubkey_obj = convert_public_key(db_pubkey_str) + except: + ERROR.append(record.hrn) + continue + else: + NOKEY.append(record.hrn) + continue + + # get the pubkey from the gid + gid_str = record.gid + gid_obj = GID(string = gid_str) + gid_pubkey_obj = gid_obj.get_pubkey() + + # Check if gid_pubkey_obj and db_pubkey_obj are the same + check = gid_pubkey_obj.is_same(db_pubkey_obj) + if check : + OK.append(record.hrn) + else: + NOK.append(record.hrn) + + if not verbose: + print "Users NOT having a PubKey: %s\n\ +Users having a non RSA PubKey: %s\n\ +Users having a GID/PubKey correpondence OK: %s\n\ +Users having a GID/PubKey correpondence Not OK: %s\n"%(len(NOKEY), len(ERROR), len(OK), len(NOK)) + else: + print "Users NOT having a PubKey: %s and are: \n%s\n\n\ +Users having a non RSA PubKey: %s and are: \n%s\n\n\ +Users having a GID/PubKey correpondence OK: %s and are: \n%s\n\n\ +Users having a GID/PubKey correpondence NOT OK: %s and are: \n%s\n\n"%(len(NOKEY),NOKEY, len(ERROR), ERROR, len(OK), OK, len(NOK), NOK) + + + @args('-x', '--xrn', dest='xrn', metavar='', help='object hrn/urn (mandatory)') @args('-t', '--type', dest='type', metavar='', help='object type', default=None) @args('-e', '--email', dest='email', default="", @@ -120,12 +193,12 @@ class RegistryCommands(Commands): help='Description, useful for slices', default=None) @args('-k', '--key', dest='key', metavar='', help='public key string or file', default=None) - @args('-s', '--slices', dest='slices', metavar='', help='slice xrns', + @args('-s', '--slices', dest='slices', metavar='', help='Set/replace slice xrns', default='', type="str", action='callback', callback=optparse_listvalue_callback) - @args('-r', '--researchers', dest='researchers', metavar='', help='slice researchers', + @args('-r', '--researchers', dest='researchers', metavar='', help='Set/replace slice researchers', default='', type="str", action='callback', callback=optparse_listvalue_callback) @args('-p', '--pis', dest='pis', metavar='', - help='Principal Investigators/Project Managers ', + help='Set/replace Principal Investigators/Project Managers', default='', type="str", action='callback', callback=optparse_listvalue_callback) def register(self, xrn, type=None, url=None, description=None, key=None, slices='', pis='', researchers='',email=''): @@ -142,16 +215,17 @@ class RegistryCommands(Commands): help='Description', default=None) @args('-k', '--key', dest='key', metavar='', help='public key string or file', default=None) - @args('-s', '--slices', dest='slices', metavar='', help='slice xrns', + @args('-s', '--slices', dest='slices', metavar='', help='Set/replace slice xrns', default='', type="str", action='callback', callback=optparse_listvalue_callback) - @args('-r', '--researchers', dest='researchers', metavar='', help='slice researchers', + @args('-r', '--researchers', dest='researchers', metavar='', help='Set/replace slice researchers', default='', type="str", action='callback', callback=optparse_listvalue_callback) @args('-p', '--pis', dest='pis', metavar='', - help='Principal Investigators/Project Managers ', + help='Set/replace Principal Investigators/Project Managers', default='', type="str", action='callback', callback=optparse_listvalue_callback) def update(self, xrn, type=None, url=None, description=None, key=None, slices='', pis='', researchers=''): """Update an existing Registry record""" + print 'incoming PIS',pis record_dict = self._record_dict(xrn=xrn, type=type, url=url, description=description, key=key, slices=slices, researchers=researchers, pis=pis) self.api.manager.Update(self.api, record_dict)