X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=sfa%2Fplanetlab%2Fpldriver.py;h=4bcb7937175b7b9e9acbaae850a11bf5546b6f02;hb=1cc8e9613cab8b5b22478de369f259e591c54e6d;hp=db9a2ddff76849f4a579d199ef26177ae0a89e83;hpb=de06f1f7eb8480a7894ed6a1aa8665f032365892;p=sfa.git

diff --git a/sfa/planetlab/pldriver.py b/sfa/planetlab/pldriver.py
index db9a2ddf..4bcb7937 100644
--- a/sfa/planetlab/pldriver.py
+++ b/sfa/planetlab/pldriver.py
@@ -2,7 +2,7 @@ import datetime
 #
 from sfa.util.faults import MissingSfaInfo, UnknownSfaType, \
     RecordNotFound, SfaNotImplemented, SliverDoesNotExist, SearchFailed, \
-    UnsupportedOperation 
+    UnsupportedOperation, Forbidden 
 from sfa.util.sfalogging import logger
 from sfa.util.defaultdict import defaultdict
 from sfa.util.sfatime import utcparse, datetime_to_string, datetime_to_epoch
@@ -12,6 +12,7 @@ from sfa.util.cache import Cache
 # one would think the driver should not need to mess with the SFA db, but..
 from sfa.storage.alchemy import dbsession
 from sfa.storage.model import RegRecord, SliverAllocation
+from sfa.trust.credential import Credential
 
 # used to be used in get_ticket
 #from sfa.trust.sfaticket import SfaTicket
@@ -52,7 +53,49 @@ class PlDriver (Driver):
             if PlDriver.cache is None:
                 PlDriver.cache = Cache()
             self.cache = PlDriver.cache
+
+    def sliver_to_slice_xrn(self, xrn):
+        sliver_id_parts = Xrn(xrn).get_sliver_id_parts()
+        filter = {}
+        try:
+            filter['slice_id'] = int(sliver_id_parts[0])
+        except ValueError:
+            fliter['name'] = sliver_id_parts[0] 
+        slices = self.shell.GetSlices(filter)
+        if not slices:
+            raise Forbidden("Unable to locate slice record for sliver:  %s" % xrn)
+        slice = slices[0]
+        slice_xrn = PlXrn(auth=self.hrn, slicename=slice['name'])
+        return slice_xrn 
  
+    def check_sliver_credentials(self, creds, urns):
+        # build list of cred object hrns
+        slice_cred_names = []
+        for cred in creds:
+            slice_cred_hrn = Credential(cred=cred).get_gid_object().get_hrn() 
+            slice_cred_names.append(PlXrn(xrn=slice_cred_hrn).pl_slicename()) 
+
+        # look up slice name of slivers listed in urns arg
+        slice_ids = []
+        for urn in urns:
+            sliver_id_parts = Xrn(xrn=urn).get_sliver_id_parts()
+            try:
+                slice_ids.append(int(sliver_id_parts[0]))
+            except ValueError: 
+                pass
+
+        if not slice_ids:
+             raise Forbidden("sliver urn not provided")
+
+        slices = self.shell.GetSlices(slice_ids)
+        sliver_names = [slice['name'] for slice in slices]
+
+        # make sure we have a credential for every specified sliver ierd
+        for sliver_name in sliver_names:
+            if sliver_name not in slice_cred_names:
+                msg = "Valid credential not found for target: %s" % sliver_name
+                raise Forbidden(msg)
+
     ########################################
     ########## registry oriented
     ########################################
@@ -91,7 +134,10 @@ class PlDriver (Driver):
             if not persons:
                 for key in ['first_name','last_name']:
                     if key not in sfa_record: sfa_record[key]='*from*sfa*'
-                pointer = self.shell.AddPerson(dict(sfa_record))
+                # AddPerson does not allow everything to be set
+                can_add = ['first_name', 'last_name', 'title','email', 'password', 'phone', 'url', 'bio']
+                add_person_dict=dict ( [ (k,sfa_record[k]) for k in sfa_record if k in can_add ] )
+                pointer = self.shell.AddPerson(add_person_dict)
             else:
                 pointer = persons[0]['person_id']
     
@@ -118,7 +164,7 @@ class PlDriver (Driver):
                 self.shell.AddPersonKey(pointer, {'key_type' : 'ssh', 'key' : pub_key})
 
         elif type == 'node':
-            login_base = PlXrn(xrn=sfa_record['authority'],type='node').pl_login_base()
+            login_base = PlXrn(xrn=sfa_record['authority'],type='authority').pl_login_base()
             nodes = self.shell.GetNodes([pl_record['hostname']])
             if not nodes:
                 pointer = self.shell.AddNode(login_base, pl_record)
@@ -132,6 +178,7 @@ class PlDriver (Driver):
     def update (self, old_sfa_record, new_sfa_record, hrn, new_key):
         pointer = old_sfa_record['pointer']
         type = old_sfa_record['type']
+        new_key_pointer = None
 
         # new_key implemented for users only
         if new_key and type not in [ 'user' ]:
@@ -170,20 +217,19 @@ class PlDriver (Driver):
                 keys = person['key_ids']
                 keys = self.shell.GetKeys(person['key_ids'])
                 
-                # Delete all stale keys
                 key_exists = False
                 for key in keys:
-                    if new_key != key['key']:
-                        self.shell.DeleteKey(key['key_id'])
-                    else:
+                    if new_key == key['key']:
                         key_exists = True
+                        new_key_pointer = key['key_id']
+                        break
                 if not key_exists:
-                    self.shell.AddPersonKey(pointer, {'key_type': 'ssh', 'key': new_key})
+                    new_key_pointer = self.shell.AddPersonKey(pointer, {'key_type': 'ssh', 'key': new_key})
     
         elif type == "node":
             self.shell.UpdateNode(pointer, new_sfa_record)
 
-        return True
+        return (pointer, new_key_pointer)
         
 
     ##########
@@ -580,7 +626,7 @@ class PlDriver (Driver):
                   'geni_slivers': desc['geni_slivers']}
         return status
 
-    def allocate (self, urn, rspec_string, options={}):
+    def allocate (self, urn, rspec_string, expiration, options={}):
         xrn = Xrn(urn)
         aggregate = PlAggregate(self)
         slices = PlSlices(self)
@@ -598,44 +644,44 @@ class PlDriver (Driver):
         # ensure site record exists
         site = slices.verify_site(xrn.hrn, slice_record, peer, sfa_peer, options=options)
         # ensure slice record exists
-        slice = slices.verify_slice(xrn.hrn, slice_record, peer, sfa_peer, options=options)
+        slice = slices.verify_slice(xrn.hrn, slice_record, peer, sfa_peer, expiration=expiration, options=options)
         # ensure person records exists
-        persons = slices.verify_persons(xrn.hrn, slice, users, peer, sfa_peer, options=options)
+        #persons = slices.verify_persons(xrn.hrn, slice, users, peer, sfa_peer, options=options)
         # ensure slice attributes exists
         slices.verify_slice_attributes(slice, requested_attributes, options=options)
        
         # add/remove slice from nodes
         request_nodes = rspec.version.get_nodes_with_slivers()
-        nodes = slices.verify_slice_nodes(slice, request_nodes, peer)
+        nodes = slices.verify_slice_nodes(urn, slice, request_nodes, peer)
          
         # add/remove links links 
         slices.verify_slice_links(slice, rspec.version.get_link_requests(), nodes)
 
         # add/remove leases
-        requested_leases = []
-        kept_leases = []
-        for lease in rspec.version.get_leases():
-            requested_lease = {}
-            if not lease.get('lease_id'):
-               requested_lease['hostname'] = xrn_to_hostname(lease.get('component_id').strip())
-               requested_lease['start_time'] = lease.get('start_time')
-               requested_lease['duration'] = lease.get('duration')
-            else:
-               kept_leases.append(int(lease['lease_id']))
-            if requested_lease.get('hostname'):
-                requested_leases.append(requested_lease)
+        try:
+           rspec_requested_leases = rspec.version.get_leases()
+           leases = slices.verify_slice_leases(slice, rspec_requested_leases, peer)
+        except:
+           pass
 
-        leases = slices.verify_slice_leases(slice, requested_leases, kept_leases, peer)
         # handle MyPLC peer association.
         # only used by plc and ple.
-        slices.handle_peer(site, slice, persons, peer)
+        slices.handle_peer(site, slice, None, peer)
         
         return aggregate.describe([xrn.get_urn()], version=rspec.version)
 
     def provision(self, urns, options={}):
-        # update sliver allocation states and set them to geni_provisioned
+        # update users
+        slices = PlSlices(self)
         aggregate = PlAggregate(self)
         slivers = aggregate.get_slivers(urns)
+        slice = slivers[0]
+        peer = slices.get_peer(slice['hrn'])
+        sfa_peer = slices.get_sfa_peer(slice['hrn'])
+        users = options.get('geni_users', [])
+        persons = slices.verify_persons(None, slice, users, peer, sfa_peer, options=options)
+        slices.handle_peer(None, None, persons, peer)
+        # update sliver allocation states and set them to geni_provisioned
         sliver_ids = [sliver['sliver_id'] for sliver in slivers]
         SliverAllocation.set_allocations(sliver_ids, 'geni_provisioned')
         version_manager = VersionManager()
@@ -681,18 +727,13 @@ class PlDriver (Driver):
                  'geni_allocation_status': 'geni_unallocated',
                  'geni_expires': datetime_to_string(utcparse(sliver['expires']))})  
         return geni_slivers
-    
+
     def renew (self, urns, expiration_time, options={}):
-        # we can only renew slices, not individual slivers. ignore sliver
-        # ids in the urn 
-        names = []
-        for urn in urns:
-            xrn = PlXrn(xrn=urn, type='slice')
-            names.append(xrn.pl_slicename())
-        slices = self.shell.GetSlices(names, ['slice_id'])
-        if not slices:
+        aggregate = PlAggregate(self)
+        slivers = aggregate.get_slivers(urns)
+        if not slivers:
             raise SearchFailed(urns)
-        slice = slices[0]
+        slice = slivers[0]
         requested_time = utcparse(expiration_time)
         record = {'expires': int(datetime_to_epoch(requested_time))}
         self.shell.UpdateSlice(slice['slice_id'], record)