for key in ['piuser','regularuser']:
username="%s@%s"%(sfa_slice_spec[key],sfa_slice_spec['domain'])
try: self.apiserver.DeletePerson(self.auth_root(),username)
- except: print "User %s already absent from PLC db"%username
+ except:
+ # this in fact is expected as sites delete their members
+ #print "User %s already absent from PLC db"%username
+ pass
print "REMEMBER TO RUN sfa_import AGAIN"
return True
test_slice=TestSliceSfa(self,slice_spec)
dir_basename=os.path.basename(test_slice.sfi_path())
dir_name=self.confsubdir("dot-sfi/%s"%dir_basename,clean=True,dry_run=self.options.dry_run)
- test_slice.sfi_config(dir_name)
+ test_slice.sfi_configure(dir_name)
# push into the remote /root/sfi area
location = test_slice.sfi_path()
remote="%s/%s"%(self.vm_root_in_host(),location)
def resname (self,name,ext): return "%s.%s"%(name,ext)
def addslicefile (self): return self.resname("slice_record","xml")
- def addpersonfile (self): return self.resname("person_record","xml")
def adfile (self): return self.resname("ad","rspec")
def reqfile (self): return self.resname("req","rspec")
def nodefile (self): return self.resname("nodes","txt")
# dir_name is local and will be pushed later on by TestPlc
# by default set SFI_USER to the pi, we'll overload this
# on the command line when needed
- def sfi_config (self,dir_name):
+ def sfi_configure (self,dir_name):
plc_spec=self.test_plc.plc_spec
sfa_spec=self.sfa_spec
sfa_slice_spec=self.sfa_slice_spec
fileconf.close()
utils.header ("(Over)wrote %s"%file_name)
#
- file_name=dir_name + os.sep + self.addpersonfile()
- fileconf=open(file_name,'w')
- fileconf.write(sfa_slice_spec['person_record'])
- fileconf.write('\n')
- fileconf.close()
- utils.header ("(Over)wrote %s"%file_name)
- #
file_name=dir_name + os.sep + 'sfi_config'
fileconf=open(file_name,'w')
SFI_AUTH="%s"%(self.site_hrn())
self.login_base=self.sfa_slice_spec['login_base']
def sfi_path(self): return self.test_slice_sfa.sfi_path()
- def addpersonfile(self): return self.test_slice_sfa.addpersonfile()
# xxx todo - not the right place any longer - or is it ?
def add_user (self):
- return self.test_plc.run_in_guest("sfi.py -d %s add %s"%
- (self.sfi_path(),self.addpersonfile()))==0
+ sfi_add_options = self.sfa_slice_spec['person_options']
+ command="sfi -d %s add"%(self.sfi_path())
+ for (opt,val) in sfi_add_options.items():
+ command += " %s %s"%(opt,val)
+ # handle key separately because of embedded whitespace
+ # hack - the user's pubkey is avail from his hrn
+ hrn=sfi_add_options['-x']
+ command += " -k %s/%s.pub"%(self.sfi_path(),hrn)
+ return self.test_plc.run_in_guest(command)==0
def update_user (self):
- return self.test_plc.run_in_guest("sfi.py -d %s update %s"%
- (self.sfi_path(),self.addpersonfile()))==0
+ # xxx TODO now that we use sfi arguments
+ utils.header ("WARNING: TestUserSfa.update_user needs more work")
+ return True
+# return self.test_plc.run_in_guest("sfi.py -d %s update %s"%
+# (self.sfi_path(),self.addpersonfile()))==0
def delete_user(self):
auth=self.sfa_spec['SFA_REGISTRY_ROOT_AUTH']
hrn=prefix+'.'+slicename
user_hrn=prefix+'.'+regularuser
pi_hrn=prefix+'.'+piuser
- key=public_key2
mail="%s@%s"%(regularuser,domain)
+ user_key=public_key2
+ # xxx as compared with the xml-record-based approach
+ # is enabled=True needed here ?
+ # ditto for roles = user+tech
+ person_options = { '-t': 'user',
+ '-x': user_hrn,
+ '-e': mail,
+ '-f': "Fake",
+ '-l': "SFA-style-%s"%rspec_style,
+ }
+
person_record_xml =\
-'''<record hrn="%(user_hrn)s" type="user" email="%(mail)s" enabled="True"
+'''<record enabled="True"
first_name="Fake" last_name="Sfa style=%(rspec_style)s" >
-<keys>%(key)s</keys>
+<keys>%(user_key)s</keys>
<roles>user</roles>
<roles>tech</roles>
</record>'''%locals()
'nodenames' : all_nodenames(options,index),
'sitename' : the_login_base,
'slicename' : slicename,
- 'slice_record' : slice_record_xml,
+ # handle key separately because of embedded whitespace
+ 'person_options': person_options,
'person_record' : person_record_xml,
+ 'slice_record' : slice_record_xml,
'rspec_style':rspec_style,
}