X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=sfa%2Fmethods%2Fregister.py;h=1e3e24a6b64edc25516af0411cfbdf0e7c26c4ea;hb=3d7237fa0b5f2b4a60cb97c7fb3b6aecfd94558a;hp=210eb4c638ebe13a7d78ae76c2d793775a2c72e4;hpb=ca27dac40aa48a0df073433c489b73f361e34739;p=sfa.git diff --git a/sfa/methods/register.py b/sfa/methods/register.py index 210eb4c6..1e3e24a6 100644 --- a/sfa/methods/register.py +++ b/sfa/methods/register.py @@ -3,21 +3,19 @@ from sfa.trust.certificate import Keypair, convert_public_key from sfa.trust.gid import * - from sfa.util.faults import * -from sfa.util.misc import * from sfa.util.method import Method from sfa.util.parameter import Parameter, Mixed -from sfa.util.record import GeniRecord +from sfa.util.record import SfaRecord from sfa.util.debug import log - from sfa.trust.auth import Auth from sfa.trust.gid import create_uuid +from sfa.trust.credential import Credential class register(Method): """ Register an object with the registry. In addition to being stored in the - Geni database, the appropriate records will also be created in the + SFA database, the appropriate records will also be created in the PLC databases @param cred credential string @@ -35,97 +33,23 @@ class register(Method): returns = Parameter(int, "String representation of gid object") - def call(self, cred, record_dict): - self.api.auth.check(cred, "register") - record = GeniRecord(dict = record_dict) - type = record.get_type() - name = record.get_name() - self.api.auth.verify_object_permission(name) - auth_name = self.api.auth.get_authority(name) - auth_info = self.api.auth.get_auth_info(auth_name) - table = self.api.auth.get_auth_table(auth_name) - - # make sure record has a gid - if 'gid' not in record: - uuid = create_uuid() - pkey = Keypair(create=True) - if 'key' in record and record['key']: - pkey = convert_public_key(record['key']) - - gid_object = self.api.auth.hierarchy.create_gid(name, uuid, pkey) - gid = gid_object.save_to_string(save_parents=True) - record['gid'] = gid - record.set_gid(gid) - - # check if record already exists - existing_records = table.resolve(type, name) - if existing_records: - raise ExistingRecord(name) + def call(self, cred, record, origin_hrn=None): + user_cred = Credential(string=cred) + + #log the call + if not origin_hrn: + origin_hrn = user_cred.get_gid_caller().get_hrn() + hrn = None + if 'hrn' in record: + hrn = record['hrn'] + self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, hrn, self.name)) - if type in ["authority", "sa", "ma"]: - # update the tree - if not self.api.auth.hierarchy.auth_exists(name): - self.api.auth.hierarchy.create_auth(name) - - # authorities are special since they are managed by the registry - # rather than by the caller. We create our own GID for the - # authority rather than relying on the caller to supply one. - - # get the GID from the newly created authority - child_auth_info = self.api.auth.get_auth_info(name) - gid = auth_info.get_gid_object() - record.set_gid(gid.save_to_string(save_parents=True)) - - # if registering a sa, see if a ma already exists - # if registering a ma, see if a sa already exists - if type in ["authority", "sa", "ma"]: - other_rec = table.resolve("authority", record.get_name()) - - if other_rec: - print >> log, "linking ma and sa to the same plc site" - pointer = other_rec[0].get_pointer() - else: - pl_record = self.api.geni_fields_to_pl_fields(type, name, record) - print >> log, "adding site with fields", pl_record - pointer = self.api.plshell.AddSite(self.api.plauth, pl_record) - - record.set_pointer(pointer) - - elif (type == "slice"): - pl_record = self.api.geni_fields_to_pl_fields(type, name, record) - pointer = self.api.plshell.AddSlice(self.api.plauth, pl_record) - record.set_pointer(pointer) - - elif (type == "user"): - pointer = self.api.plshell.AddPerson(self.api.plauth, dict(record)) - if 'enabled' in record and record['enabled']: - self.api.plshell.UpdatePerson(self.api.plauth, pointer, {'enabled': record['enabled']}) - login_base = get_leaf(auth_info.hrn) - self.api.plshell.AddPersonToSite(self.api.plauth, pointer, login_base) - # What roles should this user have? - self.api.plshell.AddRoleToPerson(self.api.plauth, 'user', pointer) - record.set_pointer(pointer) - - # Add the user's key - if 'key' in record and record['key']: - self.api.plshell.AddPersonKey(self.api.plauth, pointer, {'key_type' : 'ssh', 'key' : record['key']}) - - elif (type == "node"): - pl_record = self.api.geni_fields_to_pl_fields(type, name, record) - login_base = hrn_to_pl_login_base(auth_name) - pointer = self.api.plshell.AddNode(self.api.plauth, login_base, pl_record) - record.set_pointer(pointer) - - else: - raise UnknownGeniType(type) - - # SFA upcalls may exist in PLCAPI and they could have already added the - # record for us. Lets check if the record already exists - existing_records = table.resolve(type, name) - if not existing_records: - table.insert(record) - - # update membership for researchers, pis, owners, operators - self.api.update_membership(None, record) + # validate the cred + self.api.auth.check(cred, "register") - return record.get_gid_object().save_to_string(save_parents=True) + #send the call to the right manager + manager_base = 'sfa.managers' + mgr_type = self.api.config.SFA_REGISTRY_TYPE + manager_module = manager_base + ".registry_manager_%s" % mgr_type + manager = __import__(manager_module, fromlist=[manager_base]) + return manager.register(self.api, record)