X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=sfa%2Fmanagers%2Fregistry_manager.py;h=5264adbf9e855969b4909a2903d86914d2a0f289;hb=337c444a36e56d2c058db72306364a2da658b3e9;hp=79438096c540ba109ff1e9aaa19506b2b6bfb1ee;hpb=6975ef5b577003cdb40456f7788e932223f66875;p=sfa.git

diff --git a/sfa/managers/registry_manager.py b/sfa/managers/registry_manager.py
index 79438096..5264adbf 100644
--- a/sfa/managers/registry_manager.py
+++ b/sfa/managers/registry_manager.py
@@ -33,7 +33,7 @@ from sqlalchemy.orm.collections import InstrumentedList
 # * write operations (register, update) need e.g. 
 #   'researcher' or 'pi' to be set - reg-* are just ignored
 #
-# the 'normalize' helper functions below aim at ironing this out
+# the '_normalize_input' helper functions below aim at ironing this out
 # however in order to break as few code as possible we essentially make sure that *both* fields are set
 # upon entering the write methods (so again register and update) for legacy, as some driver code
 # might depend on the presence of, say, 'researcher'
@@ -48,15 +48,21 @@ def _normalize_input (record, reg_key, driver_key):
         # and issue a warning if they were both set and different
         # as we're overwriting some user data here
         if driver_key in record:
-            logger.warning ("normalize_input_researcher: incoming record has both values, using reg-researchers")
+            logger.warning ("normalize_input: incoming record has both values, using %s"%reg_key)
         record[driver_key]=record[reg_key]
     # we only have one key set, duplicate for the other one
     elif driver_key in record:
-        logger.warning ("normalize_input_researcher: you should use '%s' instead ot '%s'"%(reg_key,driver_key))
+        logger.warning ("normalize_input: you should use '%s' instead of '%s'"%(reg_key,driver_key))
         record[reg_key]=record[driver_key]
 
 def normalize_input_record (record):
     _normalize_input (record, 'reg-researchers','researcher')
+    _normalize_input (record, 'reg-pis','pi')
+    _normalize_input (record, 'reg-keys','keys')
+    # xxx the keys thing could use a little bit more attention:
+    # some parts of the code are using 'keys' while they should use 'reg-keys' 
+    # but I run out of time for now
+    if 'reg-keys' in record: record['keys']=record['reg-keys']
     return record
 
 class RegistryManager:
@@ -70,8 +76,7 @@ class RegistryManager:
                        if hrn != api.hrn])
         xrn=Xrn(api.hrn,type='authority')
         return version_core({'interface':'registry',
-                             'sfa': 2,
-                             'geni_api': 2,
+                             'sfa': 3,
                              'hrn':xrn.get_hrn(),
                              'urn':xrn.get_urn(),
                              'peers':peers})
@@ -236,7 +241,8 @@ class RegistryManager:
     
         return records
     
-    def List (self, api, xrn, origin_hrn=None, options={}):
+    def List (self, api, xrn, origin_hrn=None, options=None):
+        if options is None: options={}
         dbsession=api.dbsession()
         # load all know registry names into a prefix tree and attempt to find
         # the longest matching prefix
@@ -286,7 +292,6 @@ class RegistryManager:
     
         return record_dicts
     
-    
     def CreateGid(self, api, xrn, cert):
         # get the authority
         authority = Xrn(xrn=xrn).get_authority_hrn()
@@ -296,7 +301,15 @@ class RegistryManager:
         else:
             certificate = Certificate(string=cert)
             pkey = certificate.get_pubkey()    
-        gid = api.auth.hierarchy.create_gid(xrn, create_uuid(), pkey) 
+
+        # Add the email of the user to SubjectAltName in the GID
+        email = None
+        hrn = Xrn(xrn).get_hrn()
+        dbsession=api.dbsession()
+        record=dbsession.query(RegUser).filter_by(hrn=hrn).first()
+        if record:
+            email=getattr(record,'email',None)
+        gid = api.auth.hierarchy.create_gid(xrn, create_uuid(), pkey, email = email)
         return gid.save_to_string(save_parents=True)
     
     ####################
@@ -356,14 +369,14 @@ class RegistryManager:
         if not record.gid:
             uuid = create_uuid()
             pkey = Keypair(create=True)
-            if getattr(record,'keys',None):
-                pub_key=record.keys
+            pub_key=getattr(record,'reg-keys',None)
+            if pub_key is not None:
                 # use only first key in record
-                if isinstance(record.keys, types.ListType):
-                    pub_key = record.keys[0]
+                if pub_key and isinstance(pub_key, types.ListType): pub_key = pub_key[0]
                 pkey = convert_public_key(pub_key)
     
-            gid_object = api.auth.hierarchy.create_gid(urn, uuid, pkey)
+            email=getattr(record,'email',None)
+            gid_object = api.auth.hierarchy.create_gid(urn, uuid, pkey, email = email)
             gid = gid_object.save_to_string(save_parents=True)
             record.gid = gid
     
@@ -378,7 +391,7 @@ class RegistryManager:
             record.gid=gid.save_to_string(save_parents=True)
 
             # locate objects for relationships
-            pi_hrns = getattr(record,'pi',None)
+            pi_hrns = getattr(record,'reg-pis',None)
             if pi_hrns is not None: record.update_pis (pi_hrns, dbsession)
 
         elif isinstance (record, RegSlice):
@@ -387,9 +400,12 @@ class RegistryManager:
         
         elif isinstance (record, RegUser):
             # create RegKey objects for incoming keys
-            if hasattr(record,'keys'): 
-                logger.debug ("creating %d keys for user %s"%(len(record.keys),record.hrn))
-                record.reg_keys = [ RegKey (key) for key in record.keys ]
+            if hasattr(record,'reg-keys'):
+                keys=getattr(record,'reg-keys')
+                # some people send the key as a string instead of a list of strings
+                if isinstance(keys,types.StringTypes): keys=[keys]
+                logger.debug ("creating %d keys for user %s"%(len(keys),record.hrn))
+                record.reg_keys = [ RegKey (key) for key in keys ]
             
         # update testbed-specific data if needed
         pointer = api.driver.register (record.__dict__, hrn, pub_key)
@@ -423,7 +439,7 @@ class RegistryManager:
         # Use the pointer from the existing record, not the one that the user
         # gave us. This prevents the user from inserting a forged pointer
         pointer = record.pointer
-    
+
         # is there a change in keys ?
         new_key=None
         if type=='user':
@@ -438,7 +454,11 @@ class RegistryManager:
             pkey = convert_public_key(new_key)
             uuid = create_uuid()
             urn = hrn_to_urn(hrn,type)
-            gid_object = api.auth.hierarchy.create_gid(urn, uuid, pkey)
+
+            email=getattr(new_record,'email',None)
+            if email is None:
+                email=getattr(record,'email',None)
+            gid_object = api.auth.hierarchy.create_gid(urn, uuid, pkey, email = email)
             gid = gid_object.save_to_string(save_parents=True)
         
         # xxx should do side effects from new_record to record
@@ -451,7 +471,7 @@ class RegistryManager:
             if researcher_hrns is not None: record.update_researchers (researcher_hrns, dbsession)
 
         elif isinstance (record, RegAuthority):
-            pi_hrns = getattr(new_record,'pi',None)
+            pi_hrns = getattr(new_record,'reg-pis',None)
             if pi_hrns is not None: record.update_pis (pi_hrns, dbsession)
         
         # update the PLC information that was specified with the record
@@ -541,7 +561,9 @@ class RegistryManager:
         uuid = create_uuid()
         pkey = Keypair(create=True)
         urn = hrn_to_urn(record.hrn, record.type)
-        gid_object = api.auth.hierarchy.create_gid(urn, uuid, pkey)
+
+        email=getattr(record,'email',None)
+        gid_object = api.auth.hierarchy.create_gid(urn, uuid, pkey, email)
         gid = gid_object.save_to_string(save_parents=True)
         record.gid = gid