from sfa.trust.hierarchy import Hierarchy
from sfa.trust.certificate import Keypair,convert_public_key
from sfa.trust.gid import create_uuid
+from sfa.trust.trustedroots import TrustedRoots
-
+config = Config()
+TrustedR = TrustedRoots(Config.get_trustedroots_dir(config))
AuthHierarchy = Hierarchy()
table = SfaTable()
if not table.exists():
table.create()
+
+def create_sm_client_record(self):
+ """
+ Create a user record for the Slicemanager service.
+ """
+ hrn = config.SFA_INTERFACE_HRN + '.slicemanager'
+ urn = hrn_to_urn(hrn, 'user')
+ if not AuthHierarchy.auth_exists(urn):
+ AuthHierarchy.create_auth(urn)
+
+ auth_info = AuthHierarchy.get_auth_info(hrn)
+ table = SfaTable()
+ sm_user_record = table.find({'type': 'user', 'hrn': hrn})
+ if not sm_user_record:
+ record = SfaRecord(hrn=hrn, gid=auth_info.get_gid_object(), type="user", pointer=-1)
+ record['authority'] = get_authority(record['hrn'])
+ table.insert(record)
+
+def create_interface_records():
+ """
+ Create a record for each SFA interface
+ """
+ # just create certs for all sfa interfaces even if they
+ # arent enabled
+ interface_hrn = config.SFA_INTERFACE_HRN
+ interfaces = ['authority+sa', 'authority+am', 'authority+sm']
+
+ auth_info = AuthHierarchy.get_auth_info(interface_hrn)
+ pkey = auth_info.get_pkey_object()
+ for interface in interfaces:
+ interface_record = table.find({'type': interface, 'hrn': interface_hrn})
+ if not interface_record:
+ urn = hrn_to_urn(interface_hrn, interface)
+ gid = AuthHierarchy.create_gid(urn, create_uuid(), pkey)
+ record = SfaRecord(hrn=interface_hrn, gid=gid, type=interface, pointer=-1)
+ record['authority'] = get_authority(interface_hrn)
+ print>>sys.stderr,"\r\n ==========create_interface_records", record['authority']
+ table.insert(record)
+
def create_top_level_auth_records(hrn):
"""
Create top level records (includes root and sub authorities (local/remote)
"""
- print>>sys.stderr, "\r\n =========SenslabImport create_top_level_auth_records\r\n"
+
urn = hrn_to_urn(hrn, 'authority')
# make sure parent exists
parent_hrn = get_authority(hrn)
+ print>>sys.stderr, "\r\n =========slab-import create_top_level_auth_records hrn %s urn %s parent_hrn %s \r\n" %(hrn, urn, parent_hrn)
if not parent_hrn:
parent_hrn = hrn
if not parent_hrn == hrn:
create_top_level_auth_records(parent_hrn)
-
-
+
# create the authority if it doesnt already exist
if not AuthHierarchy.auth_exists(urn):
AuthHierarchy.create_auth(urn)
if not auth_record:
auth_record = SfaRecord(hrn=hrn, gid=auth_info.get_gid_object(), type="authority", pointer=-1)
auth_record['authority'] = get_authority(auth_record['hrn'])
- print sys.stderr, " \r\n \t slab-import : auth record %s inserted" %(auth_record['hrn'])
+ print sys.stderr, " \r\n \t slab-import : auth record %s inserted record %s " %(auth_record['hrn'], auth_record)
table.insert(auth_record)
- print>>sys.stderr, "\r\n ========= \t\t SenslabImport NO AUTH RECORD \r\n" ,auth_record['authority']
+
def import_node(hrn, node):
existing_records = table.find({'hrn': person['hrn'], 'type': 'user'})
extime = datetime.datetime.utcnow()
person['date_created'] = int(time.mktime(extime.timetuple()))
+ if 'savakian' in person['hrn']:
+ person['pkey']="ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAwSUkJ+cr3xM47h8lFkIXJoJhg4wHakTaLJmgTXkzvUmQsQeFB2MjUZ6WAelMXj/EFz2+XkK+bcWNXwfbrLptJQ+XwGpPZlu9YV/kzO63ghVrAyEg0+p7Pn1TO9f1ZYg4R6JfP/3qwH1AsE+X3PNpIewsuEIKwd2wUCJDf5RXJTpl39GizcBFemrRqgs0bdqAN/vUT9YvtWn8fCYR5EfJHVXOK8P1KmnbuGZpk7ryz21pDMlgw13+8aYB+LPkxdv5zG54A5c6o9N3zOCblvRFWaNBqathS8y04cOYWPmyu+Q0Xccwi7vM3Ktm8RoJw+raQNwsmneJOm6KXKnjoOQeiQ== savakian@sfa2.grenoble.senslab.info"
+
+ print>>sys.stderr," \r\n \t slab-import : CMOI \r\n \t\t %s\r\n\r\n" %(person)
+
if not existing_records:
print>>sys.stderr, " \r\n \t slab-import : person record %s inserted" %(person['hrn'])
uuid=create_uuid()
extime = datetime.datetime.utcnow()
slice_record['date_created'] = int(time.mktime(extime.timetuple()))
- print>>sys.stderr, " \r\n \t slab-import : slice record %s " %(slice_record['hrn'])
+
existing_records = table.find({'hrn': slice_record['hrn'], 'type': 'slice'})
if not existing_records:
print>>sys.stderr, " \r\n \t slab-import : slice record %s inserted" %(slice_record['hrn'])
def main():
- config = Config()
+
if not config.SFA_REGISTRY_ENABLED:
sys.exit(0)
root_auth = config.SFA_REGISTRY_ROOT_AUTH
# create root authority
create_top_level_auth_records(root_auth)
+ if not root_auth == interface_hrn:
+ create_top_level_auth_records(interface_hrn)
- # create s user record for the slice manager
- #Do we need this?
- #SenslabImporter.create_sm_client_record()
+ # create s user record for the slice manager Do we need this?
+ #create_sm_client_record()
+
+ # create interface records ADDED 18 nov 11 Do we need this?
+
+ create_interface_records()
+
+ # add local root authority's cert to trusted list ADDED 18 nov 11 Do we need this?
- # create interface records
- #Do we need this?
- #SenslabImporter.logger.info("Import: creating interface records")
- #SenslabImporter.create_interface_records()
+ authority = AuthHierarchy.get_auth_info(interface_hrn)
+ TrustedR.add_gid(authority.get_gid_object())
+
+
+
# create dict of all existing sfa records
existing_records = {}
ldap_person_list = Driver.GetPersons()
- #slices_list = SenslabUsers.GetSlices()
- #print "\r\n SLICES_LIST ",slices_list
-
- # Get all Senslab sites
- #sites_dict = OARImporter.GetSites()
- #print "\r\n sSITES_DICT" , sites_dict
-
- # start importing
- #for site in sites_dict:
- #site_hrn = interface_hrn + "." + site['login_base']
- ##sfa_logger().info("Importing site: %s" % site_hrn)
- #print "HRN %s %s site existing in hrn ? %s" %( site['login_base'],site_hrn, site_hrn in existing_hrns)
- ## import if hrn is not in list of existing hrns or if the hrn exists
- ## but its not a site record
- #if site_hrn not in existing_hrns or \
- #(site_hrn, 'authority') not in existing_records:
- #print "SITE HRN UNKNOWN" , site, site_hrn
- #site_hrn = SenslabImporter.import_site(interface_hrn, site)
# import node records
for node in nodes_dict:
(hrn, 'node') not in existing_records:
import_node(hrn, node)
- # import persons
+ # import persons and slices
for person in ldap_person_list:
if person['hrn'] not in existing_hrns or \
(person['hrn'], 'user') not in existing_records :
import_person(root_auth,person)
import_slice(person)
-# import slices
- #for slice_id in site['slice_ids']:
- #print >>sys.stderr, "\r\n\r\n \t ^^^^^^^\\\\\\\\\\\\\\\^^^^^^ slice_id %s " %(slice_id)
- #for sl in slices_list:
- #if slice_id is sl['slice_id']:
- ##hrn = slicename_to_hrn(interface_hrn, sl['name'])
- #hrn = email_to_hrn(site_hrn, sl['name'])
- #print >>sys.stderr, "\r\n\r\n^^^^^^^^^^^^^SLICE ID hrn %s site_hrn %s" %(hrn,site_hrn)
- #if hrn not in existing_hrns or \
- #(hrn, 'slice') not in existing_records:
- #SenslabImporter.import_slice(site_hrn, sl)
+
# remove stale records