X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=sfa%2Fmethods%2Fregister.py;h=1e3e24a6b64edc25516af0411cfbdf0e7c26c4ea;hb=3d7237fa0b5f2b4a60cb97c7fb3b6aecfd94558a;hp=31220ea399a58f173832aeebee39cf7083ab164f;hpb=1971124b0a49cfbd7bce902722a1512baf8562f3;p=sfa.git diff --git a/sfa/methods/register.py b/sfa/methods/register.py index 31220ea3..1e3e24a6 100644 --- a/sfa/methods/register.py +++ b/sfa/methods/register.py @@ -3,21 +3,19 @@ from sfa.trust.certificate import Keypair, convert_public_key from sfa.trust.gid import * - from sfa.util.faults import * -from sfa.util.misc import * from sfa.util.method import Method from sfa.util.parameter import Parameter, Mixed -from sfa.util.record import GeniRecord -from sfa.util.genitable import GeniTable +from sfa.util.record import SfaRecord from sfa.util.debug import log from sfa.trust.auth import Auth from sfa.trust.gid import create_uuid +from sfa.trust.credential import Credential class register(Method): """ Register an object with the registry. In addition to being stored in the - Geni database, the appropriate records will also be created in the + SFA database, the appropriate records will also be created in the PLC databases @param cred credential string @@ -35,107 +33,23 @@ class register(Method): returns = Parameter(int, "String representation of gid object") - def call(self, cred, record_dict): - self.api.auth.check(cred, "register") - record = GeniRecord(dict = record_dict) - table = GeniTable() - type = record['type'] - hrn = record['hrn'] - auth_name = get_authority(hrn) - self.api.auth.verify_object_permission(hrn) - auth_info = self.api.auth.get_auth_info(auth_name) - pub_key = None - # make sure record has a gid - if 'gid' not in record: - uuid = create_uuid() - pkey = Keypair(create=True) - if 'key' in record and record['key']: - if isinstance(record['key'], list): - pub_key = record['key'][0] - else: - pub_key = record['key'] - pkey = convert_public_key(pub_key) - - gid_object = self.api.auth.hierarchy.create_gid(hrn, uuid, pkey) - gid = gid_object.save_to_string(save_parents=True) - record['gid'] = gid - record.set_gid(gid) - - # check if record already exists - existing_records = table.find({'type': type, 'hrn': hrn}) - if existing_records: - raise ExistingRecord(hrn) + def call(self, cred, record, origin_hrn=None): + user_cred = Credential(string=cred) + + #log the call + if not origin_hrn: + origin_hrn = user_cred.get_gid_caller().get_hrn() + hrn = None + if 'hrn' in record: + hrn = record['hrn'] + self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, hrn, self.name)) - if type in ["authority"]: - # update the tree - if not self.api.auth.hierarchy.auth_exists(hrn): - self.api.auth.hierarchy.create_auth(hrn) - - # authorities are special since they are managed by the registry - # rather than by the caller. We create our own GID for the - # authority rather than relying on the caller to supply one. - - # get the GID from the newly created authority - gid = auth_info.get_gid_object() - record.set_gid(gid.save_to_string(save_parents=True)) - - pl_record = self.api.geni_fields_to_pl_fields(type, hrn, record) - sites = self.api.plshell.GetSites(self.api.plauth, [pl_record['login_base']]) - if not sites: - pointer = self.api.plshell.AddSite(self.api.plauth, pl_record) - else: - pointer = sites[0]['site_id'] - - record.set_pointer(pointer) - - elif (type == "slice"): - pl_record = self.api.geni_fields_to_pl_fields(type, hrn, record) - slices = self.api.plshell.GetSlices(self.api.plauth, [pl_record['name']]) - if not slices: - pointer = self.api.plshell.AddSlice(self.api.plauth, pl_record) - else: - pointer = slices[0]['slice_id'] - record.set_pointer(pointer) - - elif (type == "user"): - persons = self.api.plshell.GetPersons(self.api.plauth, [record['email']]) - if not persons: - pointer = self.api.plshell.AddPerson(self.api.plauth, dict(record)) - else: - pointer = persons[0]['person_id'] - - if 'enabled' in record and record['enabled']: - self.api.plshell.UpdatePerson(self.api.plauth, pointer, {'enabled': record['enabled']}) - login_base = get_leaf(auth_name) - self.api.plshell.AddPersonToSite(self.api.plauth, pointer, login_base) - # What roles should this user have? - self.api.plshell.AddRoleToPerson(self.api.plauth, 'user', pointer) - record.set_pointer(pointer) - - # Add the user's key - if pub_key: - self.api.plshell.AddPersonKey(self.api.plauth, pointer, {'key_type' : 'ssh', 'key' : pub_key}) - - elif (type == "node"): - pl_record = self.api.geni_fields_to_pl_fields(type, hrn, record) - login_base = hrn_to_pl_login_base(auth_name) - nodes = self.api.plshell.GetNodes(self.api.plauth, [pl_record['hostname']]) - if not nodes: - pointer = self.api.plshell.AddNode(self.api.plauth, login_base, pl_record) - else: - pointer = nodes[0]['node_id'] - record.set_pointer(pointer) - - else: - raise UnknownGeniType(type) - - # SFA upcalls may exist in PLCAPI and they could have already added the - # record for us. Lets check if the record already exists - existing_records = table.find({'type': type, 'hrn': hrn}) - if not existing_records: - table.insert(record) - - # update membership for researchers, pis, owners, operators - self.api.update_membership(None, record) + # validate the cred + self.api.auth.check(cred, "register") - return record.get_gid_object().save_to_string(save_parents=True) + #send the call to the right manager + manager_base = 'sfa.managers' + mgr_type = self.api.config.SFA_REGISTRY_TYPE + manager_module = manager_base + ".registry_manager_%s" % mgr_type + manager = __import__(manager_module, fromlist=[manager_base]) + return manager.register(self.api, record)