X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=sfa%2Fmethods%2Fupdate.py;h=2a1be732f70507feeb16b5249aa0e0374606d445;hb=3d7237fa0b5f2b4a60cb97c7fb3b6aecfd94558a;hp=7d9e0073b064b7a2e277c457af0b89068ebff628;hpb=17946dee2698e6c1ed9ccaddc5489e010ce2ea00;p=sfa.git diff --git a/sfa/methods/update.py b/sfa/methods/update.py index 7d9e0073..2a1be732 100644 --- a/sfa/methods/update.py +++ b/sfa/methods/update.py @@ -5,18 +5,13 @@ import time from sfa.util.faults import * from sfa.util.method import Method from sfa.util.parameter import Parameter, Mixed -from sfa.trust.auth import Auth -from sfa.util.record import GeniRecord -from sfa.util.genitable import GeniTable -from sfa.trust.certificate import Keypair, convert_public_key -from sfa.trust.gid import * from sfa.util.debug import log from sfa.trust.credential import Credential class update(Method): """ Update an object in the registry. Currently, this only updates the - PLC information associated with the record. The Geni fields (name, type, + PLC information associated with the record. The SFA fields (name, type, GID) are fixed. @param cred credential string specifying rights of the caller @@ -29,99 +24,28 @@ class update(Method): accepts = [ Parameter(str, "Credential string"), - Parameter(dict, "Record dictionary to be updated") + Parameter(dict, "Record dictionary to be updated"), + Mixed(Parameter(str, "Human readable name of the original caller"), + Parameter(None, "Origin hrn not specified")) ] returns = Parameter(int, "1 if successful") - def call(self, cred, record_dict, caller_cred=None): + def call(self, cred, record_dict, origin_hrn=None): + user_cred = Credential(string=cred) + + #log the call + if not origin_hrn: + origin_hrn = user_cred.get_gid_caller().get_hrn() + self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, None, self.name)) + + # validate the cred self.api.auth.check(cred, "update") - if caller_cred==None: - caller_cred=cred - - #log the call - self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, Credential(string=caller_cred).get_gid_caller().get_hrn(), None, self.name)) - new_record = GeniRecord(dict = record_dict) - type = new_record['type'] - hrn = new_record['hrn'] - self.api.auth.verify_object_permission(hrn) - table = GeniTable() - # make sure the record exists - records = table.findObjects({'type': type, 'hrn': hrn}) - if not records: - raise RecordNotFound(hrn) - record = records[0] - record['last_updated'] = time.gmtime() - - # Update_membership needs the membership lists in the existing record - # filled in, so it can see if members were added or removed - self.api.fill_record_info(record) - - # Use the pointer from the existing record, not the one that the user - # gave us. This prevents the user from inserting a forged pointer - pointer = record['pointer'] - - # update the PLC information that was specified with the record - - if (type == "authority"): - self.api.plshell.UpdateSite(self.api.plauth, pointer, new_record) - - elif type == "slice": - pl_record=self.api.geni_fields_to_pl_fields(type, hrn, new_record) - if 'name' in pl_record: - pl_record.pop('name') - self.api.plshell.UpdateSlice(self.api.plauth, pointer, pl_record) - - elif type == "user": - # SMBAKER: UpdatePerson only allows a limited set of fields to be - # updated. Ideally we should have a more generic way of doing - # this. I copied the field names from UpdatePerson.py... - update_fields = {} - all_fields = new_record - for key in all_fields.keys(): - if key in ['first_name', 'last_name', 'title', 'email', - 'password', 'phone', 'url', 'bio', 'accepted_aup', - 'enabled']: - update_fields[key] = all_fields[key] - self.api.plshell.UpdatePerson(self.api.plauth, pointer, update_fields) - - if 'key' in new_record and new_record['key']: - # must check this key against the previous one if it exists - persons = self.api.plshell.GetPersons(self.api.plauth, [pointer], ['key_ids']) - person = persons[0] - keys = person['key_ids'] - keys = self.api.plshell.GetKeys(self.api.plauth, person['key_ids']) - key_exists = False - if isinstance(new_record['key'], list): - new_key = new_record['key'][0] - else: - new_key = new_record['key'] - - # Delete all stale keys - for key in keys: - if new_record['key'] != key['key']: - self.api.plshell.DeleteKey(self.api.plauth, key['key_id']) - else: - key_exists = True - if not key_exists: - self.api.plshell.AddPersonKey(self.api.plauth, pointer, {'key_type': 'ssh', 'key': new_key}) - - # update the openssl key and gid - pkey = convert_public_key(new_key) - uuid = create_uuid() - gid_object = self.api.auth.hierarchy.create_gid(hrn, uuid, pkey) - gid = gid_object.save_to_string(save_parents=True) - record['gid'] = gid - record = GeniRecord(dict=record) - table.update(record) - - elif type == "node": - self.api.plshell.UpdateNode(self.api.plauth, pointer, new_record) - - else: - raise UnknownGeniType(type) - - # update membership for researchers, pis, owners, operators - self.api.update_membership(record, new_record) + + # send the call to the right manager + manager_base = 'sfa.managers' + mgr_type = self.api.config.SFA_REGISTRY_TYPE + manager_module = manager_base + ".registry_manager_%s" % mgr_type + manager = __import__(manager_module, fromlist=[manager_base]) + return manager.update(self.api, record_dict) - return 1