X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=sfa%2Fmanagers%2Fslice_manager_pl.py;h=eee8693aaa118ef857bf014422fe39022d50f882;hb=dbce495b6f2e7d8dccbfb18c5507907d784c143b;hp=60acc7375bbe88c608dc0246ceb4493c69571cd6;hpb=b448751536c93b610a0b724f63c0ad9a0fa9c8f0;p=sfa.git

diff --git a/sfa/managers/slice_manager_pl.py b/sfa/managers/slice_manager_pl.py
index 60acc737..eee8693a 100644
--- a/sfa/managers/slice_manager_pl.py
+++ b/sfa/managers/slice_manager_pl.py
@@ -1,16 +1,17 @@
 ### $Id: slices.py 15842 2009-11-22 09:56:13Z anil $
 ### $URL: https://svn.planet-lab.org/svn/sfa/trunk/sfa/plc/slices.py $
 
-import datetime
-import time
-import traceback
 import sys
-from copy import deepcopy
-from lxml import etree
+import time,datetime
 from StringIO import StringIO
 from types import StringTypes
+from copy import deepcopy
+from copy import copy
+from lxml import etree
+
+from sfa.util.sfalogging import sfa_logger
 from sfa.util.rspecHelper import merge_rspecs
-from sfa.util.namespace import *
+from sfa.util.namespace import urn_to_hrn, hrn_to_urn
 from sfa.util.rspec import *
 from sfa.util.specdict import *
 from sfa.util.faults import *
@@ -21,9 +22,7 @@ from sfa.util.sfaticket import *
 from sfa.trust.credential import Credential
 from sfa.util.threadmanager import ThreadManager
 import sfa.util.xmlrpcprotocol as xmlrpcprotocol     
-from sfa.util.debug import log
 import sfa.plc.peers as peers
-from copy import copy
 
 def get_version():
     version = {}
@@ -60,27 +59,47 @@ def create_slice(api, xrn, creds, rspec, users):
             message = "%s (line %s)" % (error.message, error.line)
             raise InvalidRSpec(message)
 
+    # get the callers hrn
+    valid_cred = api.auth.checkCredentials(creds, 'createsliver', hrn)[0]
+    caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn()
+
     # attempt to use delegated credential first
     credential = api.getDelegatedCredential(creds)
     if not credential:     
         credential = api.getCredential()
     threads = ThreadManager()
     for aggregate in api.aggregates:
+        # prevent infinite loop. Dont send request back to caller
+        # unless the caller is the aggregate's SM 
+        if caller_hrn == aggregate and aggregate != api.hrn:
+            continue
+            
         # Just send entire RSpec to each aggregate
         server = api.aggregates[aggregate]
-        threads.run(server.CreateSliver, xrn, cred, rspec, users)
+        threads.run(server.CreateSliver, xrn, credential, rspec, users)
             
     results = threads.get_results() 
     merged_rspec = merge_rspecs(results)
     return merged_rspec
 
 def renew_slice(api, xrn, creds, expiration_time):
+    hrn, type = urn_to_hrn(xrn)
+
+    # get the callers hrn
+    valid_cred = api.auth.checkCredentials(creds, 'renewesliver', hrn)[0]
+    caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn()
+
     # attempt to use delegated credential first
     credential = api.getDelegatedCredential(creds)
     if not credential:
         credential = api.getCredential()
     threads = ThreadManager()
     for aggregate in api.aggregates:
+        # prevent infinite loop. Dont send request back to caller
+        # unless the caller is the aggregate's SM
+        if caller_hrn == aggregate and aggregate != api.hrn:
+            continue
+
         server = api.aggregates[aggregate]
         threads.run(server.RenewSliver, xrn, credential, expiration_time)
     threads.get_results()
@@ -96,12 +115,20 @@ def get_ticket(api, xrn, creds, rspec, users):
         aggregate_hrn = element.values()[0]
         aggregate_rspecs[aggregate_hrn] = rspec 
 
+    # get the callers hrn
+    valid_cred = api.auth.checkCredentials(creds, 'getticket', slice_hrn)[0]
+    caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn()
+
     # attempt to use delegated credential first
     credential = api.getDelegatedCredential(creds)
     if not credential:
         credential = api.getCredential() 
     threads = ThreadManager()
     for aggregate, aggregate_rspec in aggregate_rspecs.items():
+        # prevent infinite loop. Dont send request back to caller
+        # unless the caller is the aggregate's SM
+        if caller_hrn == aggregate and aggregate != api.hrn:
+            continue
         server = None
         if aggregate in api.aggregates:
             server = api.aggregates[aggregate]
@@ -156,37 +183,67 @@ def get_ticket(api, xrn, creds, rspec, users):
     return ticket.save_to_string(save_parents=True)
 
 
-def delete_slice(api, xrn, origin_hrn=None):
+def delete_slice(api, xrn, creds):
+    hrn, type = urn_to_hrn(xrn)
+
+    # get the callers hrn
+    valid_cred = api.auth.checkCredentials(creds, 'deletesliver', hrn)[0]
+    caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn()
+
     # attempt to use delegated credential first
     credential = api.getDelegatedCredential(creds)
     if not credential:
         credential = api.getCredential()
     threads = ThreadManager()
     for aggregate in api.aggregates:
+        # prevent infinite loop. Dont send request back to caller
+        # unless the caller is the aggregate's SM
+        if caller_hrn == aggregate and aggregate != api.hrn:
+            continue
         server = api.aggregates[aggregate]
         threads.run(server.DeleteSliver, xrn, credential)
     threads.get_results()
     return 1
 
 def start_slice(api, xrn, creds):
+    hrn, type = urn_to_hrn(xrn)
+
+    # get the callers hrn
+    valid_cred = api.auth.checkCredentials(creds, 'startslice', hrn)[0]
+    caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn()
+
     # attempt to use delegated credential first
     credential = api.getDelegatedCredential(creds)
     if not credential:
         credential = api.getCredential()
     threads = ThreadManager()
     for aggregate in api.aggregates:
+        # prevent infinite loop. Dont send request back to caller
+        # unless the caller is the aggregate's SM
+        if caller_hrn == aggregate and aggregate != api.hrn:
+            continue
         server = api.aggregates[aggregate]
         threads.run(server.Start, xrn, credential)
     threads.get_results()    
     return 1
  
 def stop_slice(api, xrn, creds):
+    hrn, type = urn_to_hrn(xrn)
+
+    # get the callers hrn
+    valid_cred = api.auth.checkCredentials(creds, 'stopslice', hrn)[0]
+    caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn()
+
     # attempt to use delegated credential first
     credential = api.getDelegatedCredential(creds)
     if not credential:
         credential = api.getCredential()
     threads = ThreadManager()
     for aggregate in api.aggregates:
+        # prevent infinite loop. Dont send request back to caller
+        # unless the caller is the aggregate's SM
+        if caller_hrn == aggregate and aggregate != api.hrn:
+            continue
         server = api.aggregates[aggregate]
         threads.run(server.Stop, xrn, credential)
     threads.get_results()    
@@ -211,12 +268,17 @@ def status(api, xrn, creds):
     return 1
 
 def get_slices(api, creds):
+
     # look in cache first
     if api.cache:
         slices = api.cache.get('slices')
         if slices:
             return slices    
 
+    # get the callers hrn
+    valid_cred = api.auth.checkCredentials(creds, 'listslices', None)[0]
+    caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn()
+
     # attempt to use delegated credential first
     credential = api.getDelegatedCredential(creds)
     if not credential:
@@ -224,6 +286,10 @@ def get_slices(api, creds):
     threads = ThreadManager()
     # fetch from aggregates
     for aggregate in api.aggregates:
+        # prevent infinite loop. Dont send request back to caller
+        # unless the caller is the aggregate's SM
+        if caller_hrn == aggregate and aggregate != api.hrn:
+            continue
         server = api.aggregates[aggregate]
         threads.run(server.ListSlices, credential)
 
@@ -240,6 +306,7 @@ def get_slices(api, creds):
     return slices
  
 def get_rspec(api, creds, options):
+    
     # get slice's hrn from options
     xrn = options.get('geni_slice_urn', None)
     hrn, type = urn_to_hrn(xrn)
@@ -257,13 +324,21 @@ def get_rspec(api, creds, options):
 
     hrn, type = urn_to_hrn(xrn)
     rspec = None
-    
+
+    # get the callers hrn
+    valid_cred = api.auth.checkCredentials(creds, 'listnodes', hrn)[0]
+    caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn()
+
     # attempt to use delegated credential first
     credential = api.getDelegatedCredential(creds)
     if not credential:
         credential = api.getCredential()
     threads = ThreadManager()
     for aggregate in api.aggregates:
+        # prevent infinite loop. Dont send request back to caller
+        # unless the caller is the aggregate's SM
+        if caller_hrn == aggregate and aggregate != api.hrn:
+            continue
         # get the rspec from the aggregate
         server = api.aggregates[aggregate]
         my_opts = copy(options)
@@ -290,6 +365,7 @@ def get_rspec(api, creds, options):
                 for request in root.iterfind("./request"):
                     rspec.append(deepcopy(request))
     
+    sfa_logger().debug('get_rspec: rspec=%r'%rspec)
     rspec =  etree.tostring(rspec, xml_declaration=True, pretty_print=True)
     # cache the result
     if api.cache and not xrn: