X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=sfa%2Fserver%2Finterface.py;fp=sfa%2Fserver%2Finterface.py;h=f37331a3e3b3f16bd6b0b1b11435b6af41f2fb4a;hb=2766cff70df938dc100894220209f8a46acc2a2d;hp=12a0e4fe97398ce235c483f5a152221e4eba92a5;hpb=d8fe8baab8ee9aa3a720030d2905ae8465b30004;p=sfa.git diff --git a/sfa/server/interface.py b/sfa/server/interface.py index 12a0e4fe..f37331a3 100644 --- a/sfa/server/interface.py +++ b/sfa/server/interface.py @@ -80,107 +80,6 @@ class Interfaces(dict): self.interfaces[interface['hrn']] = interface - def sync_interfaces(self): - """ - Install missing trusted gids and db records for our federated - interfaces - """ - # Attempt to get any missing peer gids - # There should be a gid file in /etc/sfa/trusted_roots for every - # peer registry found in in the registries.xml config file. If there - # are any missing gids, request a new one from the peer registry. - gids_current = self.api.auth.trusted_cert_list - hrns_current = [gid.get_hrn() for gid in gids_current] - hrns_expected = self.interfaces.keys() - new_hrns = set(hrns_expected).difference(hrns_current) - gids = self.get_peer_gids(new_hrns) + gids_current - # make sure there is a record for every gid - self.update_db_records(self.type, gids) - - def get_peer_gids(self, new_hrns): - """ - Install trusted gids from the specified interfaces. - """ - peer_gids = [] - if not new_hrns: - return peer_gids - trusted_certs_dir = self.api.config.get_trustedroots_dir() - for new_hrn in new_hrns: - if not new_hrn: - continue - # the gid for this interface should already be installed - if new_hrn == self.api.config.SFA_INTERFACE_HRN: - continue - try: - # get gid from the registry - interface_info = self.interfaces[new_hrn] - interface = self[new_hrn] - trusted_gids = interface.get_trusted_certs() - if trusted_gids: - # the gid we want shoudl be the first one in the list, - # but lets make sure - for trusted_gid in trusted_gids: - # default message - message = "interface: %s\t" % (self.api.interface) - message += "unable to install trusted gid for %s" % \ - (new_hrn) - gid = GID(string=trusted_gids[0]) - peer_gids.append(gid) - if gid.get_hrn() == new_hrn: - gid_filename = os.path.join(trusted_certs_dir, '%s.gid' % new_hrn) - gid.save_to_file(gid_filename, save_parents=True) - message = "interface: %s\tinstalled trusted gid for %s" % \ - (self.api.interface, new_hrn) - # log the message - self.api.logger.info(message) - except: - message = "interface: %s\tunable to install trusted gid for %s" % \ - (self.api.interface, new_hrn) - self.api.logger.log_exc(message) - - # reload the trusted certs list - self.api.auth.load_trusted_certs() - return peer_gids - - def update_db_records(self, type, gids): - """ - Make sure there is a record in the local db for allowed registries - defined in the config file (registries.xml). Removes old records from - the db. - """ - # import SfaTable here so this module can be loaded by ComponentAPI - from sfa.util.table import SfaTable - if not gids: - return - - # hrns that should have a record - hrns_expected = [gid.get_hrn() for gid in gids] - - # get hrns that actually exist in the db - table = SfaTable() - records = table.find({'type': type, 'pointer': -1}) - hrns_found = [record['hrn'] for record in records] - - # remove old records - for record in records: - if record['hrn'] not in hrns_expected and \ - record['hrn'] != self.api.config.SFA_INTERFACE_HRN: - table.remove(record) - - # add new records - for gid in gids: - hrn = gid.get_hrn() - if hrn not in hrns_found: - record = { - 'hrn': hrn, - 'type': type, - 'pointer': -1, - 'authority': get_authority(hrn), - 'gid': gid.save_to_string(save_parents=True), - } - record = SfaRecord(dict=record) - table.insert(record) - def get_connections(self): """ read connection details for the trusted peer registries from file return