X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=sfa%2Fsenslab%2Fslab-import.py;h=888dcccc1f3e9202616aa17f7e1d4a239fbbcbab;hb=a7f2c200e3337fe74e92562f1aeb9d6f8c1eb63c;hp=44a2e8c2a9526b27f33e0365113e23fbae6ac8be;hpb=105d3b993e70d0a4fc8232cffdad918048c5ad32;p=sfa.git diff --git a/sfa/senslab/slab-import.py b/sfa/senslab/slab-import.py index 44a2e8c2..888dcccc 100644 --- a/sfa/senslab/slab-import.py +++ b/sfa/senslab/slab-import.py @@ -1,45 +1,88 @@ -########################################################################### -# Copyright (C) 2011 by root -# -# -# Copyright: See COPYING file that comes with this distribution -# -########################################################################### + import sys -from sfa.senslab.OARrestapi import OARapi +import datetime +import time +#from sfa.senslab.OARrestapi import OARapi from sfa.senslab.LDAPapi import LDAPapi from sfa.senslab.slabdriver import SlabDriver +from sfa.senslab.slabpostgres import SlabDB from sfa.util.config import Config -from sfa.util.xrn import hrn_to_urn, get_authority,Xrn -from sfa.util.table import SfaTable -from sfa.util.record import SfaRecord +from sfa.util.plxrn import PlXrn +from sfa.util.xrn import hrn_to_urn, get_authority,Xrn,get_leaf +from sfa.storage.table import SfaTable +from sfa.storage.record import SfaRecord from sfa.trust.hierarchy import Hierarchy -from sfa.trust.certificate import Keypair +from sfa.trust.certificate import Keypair,convert_public_key from sfa.trust.gid import create_uuid +from sfa.trust.trustedroots import TrustedRoots - +config = Config() +interface_hrn = config.SFA_INTERFACE_HRN +TrustedR = TrustedRoots(Config.get_trustedroots_dir(config)) AuthHierarchy = Hierarchy() table = SfaTable() -if not table.exists(): - table.create() +db = SlabDB() + + +def create_sm_client_record(): + """ + Create a user record for the Slicemanager service. + """ + hrn = config.SFA_INTERFACE_HRN + '.slicemanager' + urn = hrn_to_urn(hrn, 'user') + if not AuthHierarchy.auth_exists(urn): + AuthHierarchy.create_auth(urn) + + auth_info = AuthHierarchy.get_auth_info(hrn) + table = SfaTable() + sm_user_record = table.find({'type': 'user', 'hrn': hrn}) + if not sm_user_record: + record = SfaRecord(hrn=hrn, gid=auth_info.get_gid_object(), type="user", pointer=-1) + record['authority'] = get_authority(record['hrn']) + table.insert(record) + +def create_interface_records(): + """ + Create a record for each SFA interface + """ + # just create certs for all sfa interfaces even if they + # arent enabled + interface_hrn = config.SFA_INTERFACE_HRN + interfaces = ['authority+sa', 'authority+am', 'authority+sm'] + + auth_info = AuthHierarchy.get_auth_info(interface_hrn) + pkey = auth_info.get_pkey_object() + for interface in interfaces: + interface_record = table.find({'type': interface, 'hrn': interface_hrn}) + if not interface_record: + urn = hrn_to_urn(interface_hrn, interface) + gid = AuthHierarchy.create_gid(urn, create_uuid(), pkey) + record = SfaRecord(hrn=interface_hrn, gid=gid, type=interface, pointer=-1) + record['authority'] = get_authority(interface_hrn) + print>>sys.stderr,"\r\n ==========create_interface_records", record['authority'] + table.insert(record) + def create_top_level_auth_records(hrn): """ Create top level records (includes root and sub authorities (local/remote) """ - print>>sys.stderr, "\r\n =========SenslabImport create_top_level_auth_records\r\n" + urn = hrn_to_urn(hrn, 'authority') # make sure parent exists parent_hrn = get_authority(hrn) + print>>sys.stderr, "\r\n =========slab-import create_top_level_auth_records hrn %s urn %s parent_hrn %s \r\n" %(hrn, urn, parent_hrn) if not parent_hrn: parent_hrn = hrn if not parent_hrn == hrn: create_top_level_auth_records(parent_hrn) - + # enxure key and cert exists: + AuthHierarchy.create_top_level_auth(hrn) + # create the authority if it doesnt already exist - if not AuthHierarchy.auth_exists(urn): - AuthHierarchy.create_auth(urn) + #if not AuthHierarchy.auth_exists(urn): + #AuthHierarchy.create_auth(urn) # create the db record if it doesnt already exist auth_info = AuthHierarchy.get_auth_info(hrn) @@ -49,8 +92,9 @@ def create_top_level_auth_records(hrn): if not auth_record: auth_record = SfaRecord(hrn=hrn, gid=auth_info.get_gid_object(), type="authority", pointer=-1) auth_record['authority'] = get_authority(auth_record['hrn']) + print sys.stderr, " \r\n \t slab-import : auth record %s inserted record %s " %(auth_record['hrn'], auth_record) table.insert(auth_record) - print>>sys.stderr, "\r\n ========= \t\t SenslabImport NO AUTH RECORD \r\n" ,auth_record['authority'] + def import_node(hrn, node): @@ -60,13 +104,17 @@ def import_node(hrn, node): hrn = hrn[:64] node_record = table.find({'type': 'node', 'hrn': hrn}) - pkey = Keypair(create=True) + pkey = Keypair(create=True) + urn = hrn_to_urn(hrn, 'node') node_gid = AuthHierarchy.create_gid(urn, create_uuid(), pkey) node_record = SfaRecord(hrn=hrn, gid=node_gid, type="node", pointer=node['node_id']) node_record['authority'] = get_authority(node_record['hrn']) + extime = datetime.datetime.utcnow() + node_record['date_created'] = int(time.mktime(extime.timetuple())) existing_records = table.find({'hrn': hrn, 'type': 'node', 'pointer': node['node_id']}) if not existing_records: + print>>sys.stderr, " \r\n \t slab-import : node record[hrn]%s inserted" %(node['hrn']) table.insert(node_record) else: existing_record = existing_records[0] @@ -74,66 +122,104 @@ def import_node(hrn, node): table.update(node_record) # person is already a sfa record -def import_person(person): +def import_person(authname,person): existing_records = table.find({'hrn': person['hrn'], 'type': 'user'}) + extime = datetime.datetime.utcnow() + person['date_created'] = int(time.mktime(extime.timetuple())) + + if not existing_records: + print>>sys.stderr, " \r\n \t slab-import : person record %s inserted" %(person['hrn']) + uuid=create_uuid() + RSA_KEY_STRING=person['pkey'] + pkey=convert_public_key(RSA_KEY_STRING) + person['gid']=AuthHierarchy.create_gid("urn:publicid:IDN+"+authname+"+user+"+person['uid'], uuid, pkey, CA=False).save_to_string() table.insert(person) else: existing_record = existing_records[0] person['record_id'] = existing_record['record_id'] - table.update(person) - + # handle key change ??? + table.update(person) +def import_slice(person): + + hrn = person['hrn']+'_slice' + pkey = Keypair(create=True) + urn = hrn_to_urn(hrn, 'slice') + gid = AuthHierarchy.create_gid(urn, create_uuid(), pkey) + slice_record= SfaRecord(hrn=hrn, gid=gid, type="slice", pointer=-1) + slice_record['authority'] = get_authority(slice_record['hrn']) + + extime = datetime.datetime.utcnow() + slice_record['date_created'] = int(time.mktime(extime.timetuple())) + #special slice table for Senslab, to store nodes info (OAR) + + existing_records = table.find({'hrn': slice_record['hrn'], 'type': 'slice'}) + if not existing_records: + print>>sys.stderr, " \r\n \t slab-import : slice record %s inserted" %(slice_record['hrn']) + table.insert(slice_record) + db.insert_slab_slice(person) + + else: + print>>sys.stderr, " \r\n \t slab-import : slice record %s updated" %(slice_record['hrn']) + existing_record = existing_records[0] + slice_record['record_id'] = existing_record['record_id'] + table.update(slice_record) + db.update_senslab_slice(slice_record) def delete_record( hrn, type): # delete the record record_list = table.find({'type': type, 'hrn': hrn}) for record in record_list: + print>>sys.stderr, " \r\n \t slab-import : record %s deleted" %(record['hrn']) table.remove(record) -def hostname_to_hrn(root_auth,hostname): - # keep only the first part of the DNS name - #hrn='.'.join( [auth,hostname.split(".")[0] ] ) - # escape the '.' in the hostname - hrn='.'.join( [root_auth,Xrn.escape(hostname)] ) - return hrn_to_urn(hrn,'node') +def hostname_to_hrn(root_auth,login_base,hostname): + return PlXrn(auth=root_auth,hostname=login_base+'_'+hostname).get_hrn() + def main(): - config = Config() + if not db.exists('slice'): + db.createtable('slice') + if not config.SFA_REGISTRY_ENABLED: sys.exit(0) root_auth = config.SFA_REGISTRY_ROOT_AUTH interface_hrn = config.SFA_INTERFACE_HRN - print interface_hrn, root_auth - - # initialize registry db table - #table = SfaTable() - #if not table.exists(): - #table.create() - # create root authority - create_top_level_auth_records(root_auth) - - # create s user record for the slice manager - #Do we need this? - #SenslabImporter.create_sm_client_record() - # create interface records - #Do we need this? - #SenslabImporter.logger.info("Import: creating interface records") - #SenslabImporter.create_interface_records() - # create dict of all existing sfa records - + #Get all records in the sfa table + # create dict of all existing sfa records existing_records = {} existing_hrns = [] key_ids = [] - person_keys = {} results = table.find() + for result in results: existing_records[(result['hrn'], result['type'])] = result existing_hrns.append(result['hrn']) + # create root authority if it doesn't exist + if root_auth not in existing_hrns or \ + (root_auth, 'authority') not in existing_records: + create_top_level_auth_records(root_auth) + if not root_auth == interface_hrn: + create_top_level_auth_records(interface_hrn) + + # create s user record for the slice manager Do we need this? + create_sm_client_record() + + # create interface records ADDED 18 nov 11 Do we need this? + + create_interface_records() + + # add local root authority's cert to trusted list ADDED 18 nov 11 Do we need this? + + authority = AuthHierarchy.get_auth_info(interface_hrn) + TrustedR.add_gid(authority.get_gid_object()) + + #Get Senslab nodes Driver = SlabDriver(config) @@ -141,61 +227,28 @@ def main(): #print "\r\n NODES8DICT ",nodes_dict ldap_person_list = Driver.GetPersons() - print "\r\n PERSONS_LIST ",ldap_person_list - - - #slices_list = SenslabUsers.GetSlices() - #print "\r\n SLICES_LIST ",slices_list - - # Get all Senslab sites - #sites_dict = OARImporter.GetSites() - #print "\r\n sSITES_DICT" , sites_dict - - # start importing - #for site in sites_dict: - #site_hrn = interface_hrn + "." + site['login_base'] - ##sfa_logger().info("Importing site: %s" % site_hrn) - #print "HRN %s %s site existing in hrn ? %s" %( site['login_base'],site_hrn, site_hrn in existing_hrns) - ## import if hrn is not in list of existing hrns or if the hrn exists - ## but its not a site record - #if site_hrn not in existing_hrns or \ - #(site_hrn, 'authority') not in existing_records: - #print "SITE HRN UNKNOWN" , site, site_hrn - #site_hrn = SenslabImporter.import_site(interface_hrn, site) - # import node records - #for node_id in site['node_ids']: - #for[node['node_id'] for node in nodes_dict]: - #print '\r\n \t **NODE_ID %s node %s '%( node_id, node) - #continue for node in nodes_dict: - hrn = hostname_to_hrn( root_auth, node['hostname']) + # Sandrine + # A changer pour l utilisation du nouveau OAR de prod, le site etant contenu dans le hostname + hrn = node['hrn'] + #hrn = hostname_to_hrn( root_auth,node['site_login_base'], node['hostname']) if hrn not in existing_hrns or \ (hrn, 'node') not in existing_records: - print "\t\t NODE HRN NOT in existing record, importing it" ,hrn import_node(hrn, node) - # import persons + # import persons and slices for person in ldap_person_list: if person['hrn'] not in existing_hrns or \ (person['hrn'], 'user') not in existing_records : - import_person( person) -# import slices - #for slice_id in site['slice_ids']: - #print >>sys.stderr, "\r\n\r\n \t ^^^^^^^\\\\\\\\\\\\\\\^^^^^^ slice_id %s " %(slice_id) - #for sl in slices_list: - #if slice_id is sl['slice_id']: - ##hrn = slicename_to_hrn(interface_hrn, sl['name']) - #hrn = email_to_hrn(site_hrn, sl['name']) - #print >>sys.stderr, "\r\n\r\n^^^^^^^^^^^^^SLICE ID hrn %s site_hrn %s" %(hrn,site_hrn) - #if hrn not in existing_hrns or \ - #(hrn, 'slice') not in existing_records: - #SenslabImporter.import_slice(site_hrn, sl) - - + import_person(root_auth,person) + import_slice(person) + + # remove stale records system_records = [interface_hrn, root_auth, interface_hrn + '.slicemanager'] + for (record_hrn, type) in existing_records.keys(): if record_hrn in system_records: continue @@ -209,36 +262,36 @@ def main(): found = False if type == 'authority': - #for site in sites_dict: - #print "\t type : authority : ", site - #site_hrn = interface_hrn + "." + site['login_base'] - #if site_hrn == record_hrn and site['site_id'] == record['pointer']: found = True print "\t \t Found :", found break elif type == 'user': - for person in persons: + for person in ldap_person_list: if person['hrn'] == record_hrn: found = True - break + break elif type == 'node': login_base = get_leaf(get_authority(record_hrn)) nodename = Xrn.unescape(get_leaf(record_hrn)) - print "type: node : nodename %s" %(nodename) - for node in nodes_dict.values(): + for node in nodes_dict: if node['hostname'] == nodename : found = True break - + + elif type == 'slice': + for person in ldap_person_list: + if person['hrn']+'_slice' == record_hrn: + found = True + break else: continue if not found: record_object = existing_records[(record_hrn, type)] - print "\t\t NOT FOUND ! " + print "\t\t NOT FOUND ! ", record_hrn delete_record(record_hrn, type) if __name__ == "__main__": - main() \ No newline at end of file + main()