X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=sfa%2Fclientbin%2Fsfaadmin.py;h=0b22998c652f42c9f493625bef2a06512f590c6b;hb=4291ce8ec6478b2cfda1d9d71d8c955bb39de4a6;hp=90c3f74579388f0875d4cd387a4b1dac751f2e40;hpb=bfe0c599727812f22fa54f140448e9c6112a539e;p=sfa.git diff --git a/sfa/clientbin/sfaadmin.py b/sfa/clientbin/sfaadmin.py index 90c3f745..0b22998c 100755 --- a/sfa/clientbin/sfaadmin.py +++ b/sfa/clientbin/sfaadmin.py @@ -1,4 +1,5 @@ #!/usr/bin/python +import os import sys import copy from pprint import pformat @@ -8,8 +9,10 @@ from pprint import PrettyPrinter from sfa.util.xrn import Xrn from sfa.storage.record import Record from sfa.client.sfi import save_records_to_file -pprinter = PrettyPrinter(indent=4) +from sfa.trust.hierarchy import Hierarchy +from sfa.trust.gid import GID +pprinter = PrettyPrinter(indent=4) def args(*args, **kwargs): def _decorator(func): @@ -26,8 +29,8 @@ class Commands(object): available_methods.append(attrib) return available_methods -class RegistryCommands(Commands): +class RegistryCommands(Commands): def __init__(self, *args, **kwds): self.api= Generic.the_flavour().make_api(interface='registry') @@ -76,21 +79,94 @@ class RegistryCommands(Commands): def credential(self, xrn, type=None): cred = self.api.manager.GetCredential(self.api, xrn, type, self.api.hrn) print cred + + + def import_registry(self): + pass + + @args('-a', '--all', dest='all', metavar='', action='store_true', default=False, + help='Remove all registry records and all files in %s area' % Hierarchy().basedir) + @args('-c', '--certs', dest='certs', metavar='', action='store_true', default=False, + help='Remove all cached certs/gids found in %s' % Hierarchy().basedir ) + @args('-0', '--no-reinit', dest='reinit', metavar='', action='store_false', default=True, + help='By default a new DB schema is installed after the cleanup; this option prevents that') + def nuke(self, all=False, certs=False, reinit=True): + from sfa.storage.dbschema import DBSchema + from sfa.util.sfalogging import _SfaLogger + logger = _SfaLogger(logfile='/var/log/sfa_import.log', loggername='importlog') + logger.setLevelFromOptVerbose(self.api.config.SFA_API_LOGLEVEL) + logger.info("Purging SFA records from database") + dbschema=DBSchema() + dbschema.nuke() + + # for convenience we re-create the schema here, so there's no need for an explicit + # service sfa restart + # however in some (upgrade) scenarios this might be wrong + if options.reinit: + logger.info("re-creating empty schema") + dbschema.init_or_upgrade() + + # remove the server certificate and all gids found in /var/lib/sfa/authorities + if options.clean_certs: + logger.info("Purging cached certificates") + for (dir, _, files) in os.walk('/var/lib/sfa/authorities'): + for file in files: + if file.endswith('.gid') or file == 'server.cert': + path=dir+os.sep+file + os.unlink(path) + + # just remove all files that do not match 'server.key' or 'server.cert' + if options.all: + logger.info("Purging registry filesystem cache") + preserved_files = [ 'server.key', 'server.cert'] + for (dir,_,files) in os.walk(Hierarchy().basedir): + for file in files: + if file in preserved_files: continue + path=dir+os.sep+file + os.unlink(path) + -class CerficiateCommands(Commands): +class CertCommands(Commands): - def import_records(self, xrn): - pass - - def export(self, xrn): - pass - - def display(self, xrn): + def import_gid(self, xrn): pass - def nuke(self): - pass + @args('-x', '--xrn', dest='xrn', metavar='', help='object hrn/urn') + @args('-t', '--type', dest='type', metavar='', help='object type', default=None) + @args('-o', '--outfile', dest='outfile', metavar='', help='output file', default=None) + def export(self, xrn, type=None, outfile=None): + from sfa.storage.alchemy import dbsession + from sfa.storage.model import RegRecord + hrn = Xrn(xrn).get_hrn() + request=dbsession.query(RegRecord).filter_by(hrn=hrn) + if type: request = request.filter_by(type=type) + record=request.first() + if record: + gid = GID(string=record.gid) + else: + # check the authorities hierarchy + hierarchy = Hierarchy() + try: + auth_info = hierarchy.get_auth_info(hrn) + gid = auth_info.gid_object + except: + print "Record: %s not found" % hrn + sys.exit(1) + # save to file + if not outfile: + outfile = os.path.abspath('./%s.gid' % gid.get_hrn()) + gid.save_to_file(outfile, save_parents=True) + + @args('-g', '--gidfile', dest='gid', metavar='', help='path of gid file to display') + def display(self, gidfile): + gid_path = os.path.abspath(gidfile) + if not gid_path or not os.path.isfile(gid_path): + print "No such gid file: %s" % gidfile + sys.exit(1) + gid = GID(filename=gid_path) + gid.dump(dump_parents=True) + class AggregateCommands(Commands): @@ -122,8 +198,19 @@ class AggregateCommands(Commands): @args('-x', '--xrn', dest='xrn', metavar='', help='object hrn/urn', default=None) @args('-r', '--rspec', dest='rspec', metavar='', help='rspec file') - def create(self, xrn, rspec): - pass + @args('-u', '--user', dest='user', metavar='', help='hrn/urn of slice user') + @args('-k', '--key', dest='key', metavar='', help="path to user's public key file") + def create(self, xrn, rspec, user, key): + xrn = Xrn(xrn) + slice_urn=xrn.get_urn() + slice_hrn=xrn.get_hrn() + rspec_string = open(rspec).read() + user_xrn = Xrn(user, 'user') + user_urn = user_xrn.get_urn() + user_key_string = open(key).read() + users = [{'urn': user_urn, 'keys': [user_key_string]}] + options={} + self.api.manager.CreateSliver(self, slice_urn, slice_hrn, [], rspec_string, users, options) @args('-x', '--xrn', dest='xrn', metavar='', help='object hrn/urn', default=None) def delete(self, xrn): @@ -148,30 +235,43 @@ class AggregateCommands(Commands): pass + class SliceManagerCommands(AggregateCommands): def __init__(self, *args, **kwds): self.api= Generic.the_flavour().make_api(interface='slicemgr') -CATEGORIES = {'registry': RegistryCommands, +CATEGORIES = {'cert': CertCommands, + 'registry': RegistryCommands, 'aggregate': AggregateCommands, 'slicemgr': SliceManagerCommands} +def category_usage(): + print "Available categories:" + for k in CATEGORIES: + print "\t%s" % k + def main(): argv = copy.deepcopy(sys.argv) script_name = argv.pop(0) + # ensure category is specified if len(argv) < 1: print script_name + " category action []" - print "Available categories:" - for k in CATEGORIES: - print "\t%s" % k + category_usage() sys.exit(2) + # ensure category is valid category = argv.pop(0) usage = "%%prog %s action [options]" % (category) parser = OptionParser(usage=usage) - command_class = CATEGORIES[category] + command_class = CATEGORIES.get(category, None) + if not command_class: + print "no such category %s " % category + category_usage() + sys.exit(2) + + # ensure command is valid command_instance = command_class() actions = command_instance._get_commands() if len(argv) < 1: @@ -188,6 +288,7 @@ def main(): action = argv.pop(0) command = getattr(command_instance, action) + # ensure options are valid options = getattr(command, 'options', []) usage = "%%prog %s %s [options]" % (category, action) parser = OptionParser(usage=usage) @@ -201,6 +302,7 @@ def main(): if v is None: del cmd_kwds[k] + # execute commadn try: command(*cmd_args, **cmd_kwds) sys.exit(0)