X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=sfa%2Fmanagers%2Faggregate_manager_pl.py;h=c0e9d9ebcb6929f4d4d2e7c6e58f607b5a904f05;hb=0cf0d31c313a366e3f272f830bdb4f2a7308e11f;hp=2204296d1f2834913ccea9558445ecaafe481e38;hpb=ab602af22bbc5d199ab6df7334da5891d9dd6988;p=sfa.git

diff --git a/sfa/managers/aggregate_manager_pl.py b/sfa/managers/aggregate_manager_pl.py
index 2204296d..c0e9d9eb 100644
--- a/sfa/managers/aggregate_manager_pl.py
+++ b/sfa/managers/aggregate_manager_pl.py
@@ -5,7 +5,7 @@ import datetime
 import time
 import traceback
 import sys
-
+import re
 from types import StringTypes
 from sfa.util.namespace import *
 from sfa.util.rspec import *
@@ -15,7 +15,6 @@ from sfa.util.record import SfaRecord
 from sfa.util.policy import Policy
 from sfa.util.record import *
 from sfa.util.sfaticket import SfaTicket
-from sfa.util.debug import log
 from sfa.plc.slices import Slices
 from sfa.trust.credential import Credential
 import sfa.plc.peers as peers
@@ -23,41 +22,6 @@ from sfa.plc.network import *
 from sfa.plc.api import SfaAPI
 from sfa.plc.slices import *
 
-""" 
-Create a new plauth object that the Aggregate Manager can use to execute
-plshell commands as the authenticated user.
-"""
-def __get_user_plauth(api, registry, credential, creds, operation, hrn):
-    plauth = None
-
-    user_creds = api.auth.checkCredentials(creds, operation, hrn)
-    user_cred_obj = Credential(string=user_creds[0])
-
-    # If user cred has a parent then the caller is the parent's cred.
-    # This is true for delegated creds.
-    if user_cred_obj.parent:
-        user_hrn = user_cred_obj.parent.get_gid_caller().get_hrn()
-    else:
-        user_hrn = user_cred_obj.get_gid_caller().get_hrn()
-        
-    user_record = registry.Resolve(user_hrn, [credential])[0]
-    email = user_record['email']
-
-    person = api.plshell.GetPersons(api.plauth, email)
-    if person:
-        person_id = person[0]['person_id']
-        # Get the user's session if one exists, create one otherwise
-        session = api.plshell.GetSessions(api.plauth, {'person_id': person_id})
-        if not session:
-            session = api.plshell.AddSession(api.plauth, person_id)
-        else:
-            session = session[0]['session_id']
-
-        # Create new authentication token
-        plauth = {'Username':email, 'AuthMethod':'session', 'session':session}
-
-    return plauth
-
 
 def __get_registry_objects(slice_xrn, creds, users):
     """
@@ -72,19 +36,23 @@ def __get_registry_objects(slice_xrn, creds, users):
     reg_objects = None
 
     if users:
+        # dont allow special characters in the site login base
+        only_alphanumeric = re.compile('[^a-zA-Z0-9]+')
+        login_base = only_alphanumeric.sub('', hrn_auth[:20]).lower()
+  
         reg_objects = {}
 
         site = {}
         site['site_id'] = 0
-        site['name'] = 'geni.%s' % hrn_auth[:20]
+        site['name'] = 'geni.%s' % login_base 
         site['enabled'] = True
         site['max_slices'] = 100
 
         # Note:
         # Is it okay if this login base is the same as one already at this myplc site?
         # Do we need uniqueness?  Should use hrn_auth instead of just the leaf perhaps?
-        site['login_base'] = hrn_auth[:20]
-        site['abbreviated_name'] = hrn_auth[:20]
+        site['login_base'] = login_base
+        site['abbreviated_name'] = login_base
         site['max_slivers'] = 1000
         reg_objects['site'] = site
 
@@ -132,6 +100,7 @@ def create_slice(api, slice_xrn, creds, rspec, users):
     Create the sliver[s] (slice) at this aggregate.    
     Verify HRN and initialize the slice record in PLC if necessary.
     """
+
     reg_objects = __get_registry_objects(slice_xrn, creds, users)
 
     hrn, type = urn_to_hrn(slice_xrn)
@@ -146,12 +115,8 @@ def create_slice(api, slice_xrn, creds, rspec, users):
 
     slice_record = slices.verify_slice(registry, credential, hrn, site_id, 
                                 remote_site_id, peer, sfa_peer, reg_objects)
-
-    user_plauth = __get_user_plauth(api, registry, credential, creds, 
-                                    "createsliver", hrn)
-
-    # The Network instance will use user_plauth to call the PLCAPI
-    network = Network(api, user_plauth)
+     
+    network = Network(api)
 
     slice = network.get_slice(api, hrn)
     slice.peer_id = slice_record['peer_slice_id']
@@ -165,20 +130,23 @@ def create_slice(api, slice_xrn, creds, rspec, users):
 
     # add nodes from rspec
     added_nodes = list(set(request).difference(current))
-    
-    if peer:
-        api.plshell.UnBindObjectFromPeer(api.plauth, 'slice', slice.id, peer)
 
-    api.plshell.AddSliceToNodes(user_plauth, slice.name, added_nodes) 
-    api.plshell.DeleteSliceFromNodes(user_plauth, slice.name, deleted_nodes)
+    try:
+        if peer:
+            api.plshell.UnBindObjectFromPeer(api.plauth, 'slice', slice.id, peer)
 
-    network.updateSliceTags()
+        api.plshell.AddSliceToNodes(api.plauth, slice.name, added_nodes) 
+        api.plshell.DeleteSliceFromNodes(api.plauth, slice.name, deleted_nodes)
 
-    if peer:
-        api.plshell.BindObjectToPeer(api.plauth, 'slice', slice.id, peer, 
-                                     slice.peer_id)
+        network.updateSliceTags()
+
+    finally:
+        if peer:
+            api.plshell.BindObjectToPeer(api.plauth, 'slice', slice.id, peer, 
+                                         slice.peer_id)
 
     # print network.toxml()
+
     return True
 
 
@@ -236,11 +204,13 @@ def delete_slice(api, xrn, creds):
 
     # determine if this is a peer slice
     peer = peers.get_peer(api, hrn)
-    if peer:
-        api.plshell.UnBindObjectFromPeer(api.plauth, 'slice', slice['slice_id'], peer)
-    api.plshell.DeleteSliceFromNodes(api.plauth, slicename, slice['node_ids'])
-    if peer:
-        api.plshell.BindObjectToPeer(api.plauth, 'slice', slice['slice_id'], peer, slice['peer_slice_id'])
+    try:
+        if peer:
+            api.plshell.UnBindObjectFromPeer(api.plauth, 'slice', slice['slice_id'], peer)
+        api.plshell.DeleteSliceFromNodes(api.plauth, slicename, slice['node_ids'])
+    finally:
+        if peer:
+            api.plshell.BindObjectToPeer(api.plauth, 'slice', slice['slice_id'], peer, slice['peer_slice_id'])
     return 1
 
 def get_slices(api, creds):
@@ -266,32 +236,23 @@ def get_rspec(api, creds, options):
     xrn = options.get('geni_slice_urn', None)
     hrn, type = urn_to_hrn(xrn)
 
-    """
     # look in cache first
     if api.cache and not xrn:
         rspec = api.cache.get('nodes')
         if rspec:
             return rspec 
-    """
-
-    registry = api.registries[api.hrn]
-    credential = api.getCredential()
-    user_plauth = __get_user_plauth(api, registry, credential, creds, 
-                                    "listnodes", hrn)
 
-    # The Network instance will use user_plauth to call the PLCAPI
-    network = Network(api, user_plauth)
+    network = Network(api)
     if (hrn):
         if network.get_slice(api, hrn):
             network.addSlice()
 
     rspec = network.toxml()
 
-    """
     # cache the result
     if api.cache and not xrn:
         api.cache.add('nodes', rspec)
-    """
+
     return rspec