From: root Date: Tue, 4 Oct 2011 15:33:56 +0000 (+0200) Subject: Registry X-Git-Tag: sfa-2.1-24~3^2~329 X-Git-Url: http://git.onelab.eu/?a=commitdiff_plain;h=80ccc42f08e7f28076dfc57498bd1a18ae342dde;p=sfa.git Registry egisth '#' will be ignored, and an empty message aborts the commit. --- diff --git a/sfa/managers/registry_manager_slab.py b/sfa/managers/registry_manager_slab.py index 622f2410..2e275a55 100644 --- a/sfa/managers/registry_manager_slab.py +++ b/sfa/managers/registry_manager_slab.py @@ -48,7 +48,7 @@ def get_credential(api, xrn, type, is_self=False): # verify_cancreate_credential requires that the member lists # (researchers, pis, etc) be filled in - #api.fill_record_info(record) + api.fill_record_info(record) record['enabled'] = True print>> sys.stderr , " \r\n ++ REGISTRY get_credential hrn %s record['enabled'] %s is_self %s" %(hrn, record['enabled'], is_self) if record['type']=='user': @@ -61,6 +61,7 @@ def get_credential(api, xrn, type, is_self=False): if is_self: caller_hrn = hrn caller_gid = record.get_gid_object() + print>>sys.stderr, " \r\n REGISTRY IS SELF OK caller_hrn %s--- \r\n caller_gid %s---------" %(caller_hrn,caller_gid) else: print>> sys.stderr , " \r\n ++ ELSE " caller_gid = api.auth.client_cred.get_gid_caller() @@ -72,7 +73,7 @@ def get_credential(api, xrn, type, is_self=False): print>> sys.stderr , " \r\n ++ ELSE object_hrn %s " %(object_hrn) rights = api.auth.determine_user_rights(caller_hrn, record) - print>> sys.stderr , " \r\n ++ After rights record: %s " %(record ) + print>> sys.stderr , " \r\n ++ After rights record: %s \r\n ====RIGHTS %s " %(record , rights) # make sure caller has rights to this object if rights.is_empty(): @@ -208,10 +209,11 @@ def list(api, xrn, origin_hrn=None): def register(api, record): - print>>sys.stderr, " \r\n \r\n ----------- registry_manager_sl register hrn %s"%(hrn) + hrn, type = record['hrn'], record['type'] urn = hrn_to_urn(hrn,type) # validate the type + print>>sys.stderr, " \r\n \r\n ----------- registry_manager_sl register hrn %s"%(hrn) if type not in ['authority', 'slice', 'node', 'user']: raise UnknownSfaType(type) @@ -253,9 +255,9 @@ def register(api, record): gid = auth_info.get_gid_object() record.set_gid(gid.save_to_string(save_parents=True)) pl_record = api.sfa_fields_to_pl_fields(type, hrn, record) - sites = api.plshell.GetSites(api.plauth, [pl_record['login_base']]) + sites = api.oar.GetSites( [pl_record['login_base']]) if not sites: - pointer = api.plshell.AddSite(api.plauth, pl_record) + pointer = api.oar.AddSite( pl_record) else: pointer = sites[0]['site_id'] @@ -265,49 +267,53 @@ def register(api, record): elif (type == "slice"): acceptable_fields=['url', 'instantiation', 'name', 'description'] pl_record = api.sfa_fields_to_pl_fields(type, hrn, record) + print>>sys.stderr, " \r\n \r\n ----------- registry_manager_slab register slice pl_record %s"%(pl_record) for key in pl_record.keys(): if key not in acceptable_fields: pl_record.pop(key) - slices = api.plshell.GetSlices(api.plauth, [pl_record['name']]) + slices = api.users.GetSlices( [pl_record['name']]) if not slices: - pointer = api.plshell.AddSlice(api.plauth, pl_record) + pointer = api.users.AddSlice(pl_record) else: pointer = slices[0]['slice_id'] record.set_pointer(pointer) record['pointer'] = pointer elif (type == "user"): - persons = api.plshell.GetPersons(api.plauth, [record['email']]) - if not persons: - pointer = api.plshell.AddPerson(api.plauth, dict(record)) - else: - pointer = persons[0]['person_id'] + persons = api.users.GetPersons( [record['email']]) + if not persons: + print>>sys.stderr, " \r\n \r\n ----------- registry_manager_slab register NO PERSON ADD TO LDAP?" + + #if not persons: + #pointer = api.users.AddPerson( dict(record)) + #else: + #pointer = persons[0]['person_id'] if 'enabled' in record and record['enabled']: - api.plshell.UpdatePerson(api.plauth, pointer, {'enabled': record['enabled']}) + api.users.UpdatePerson( pointer, {'enabled': record['enabled']}) # add this persons to the site only if he is being added for the first # time by sfa and doesont already exist in plc if not persons or not persons[0]['site_ids']: login_base = get_leaf(record['authority']) - api.plshell.AddPersonToSite(api.plauth, pointer, login_base) + api.users.AddPersonToSite( pointer, login_base) # What roles should this user have? - api.plshell.AddRoleToPerson(api.plauth, 'user', pointer) + api.users.AddRoleToPerson( 'user', pointer) # Add the user's key if pub_key: - api.plshell.AddPersonKey(api.plauth, pointer, {'key_type' : 'ssh', 'key' : pub_key}) - - elif (type == "node"): - pl_record = api.sfa_fields_to_pl_fields(type, hrn, record) - login_base = hrn_to_pl_login_base(record['authority']) - nodes = api.plshell.GetNodes(api.plauth, [pl_record['hostname']]) - if not nodes: - pointer = api.plshell.AddNode(api.plauth, login_base, pl_record) - else: - pointer = nodes[0]['node_id'] - - record['pointer'] = pointer - record.set_pointer(pointer) + api.users.AddPersonKey( pointer, {'key_type' : 'ssh', 'key' : pub_key}) + + #elif (type == "node"): + #pl_record = api.sfa_fields_to_pl_fields(type, hrn, record) + #login_base = hrn_to_pl_login_base(record['authority']) + #nodes = api.oar.GetNodes( [pl_record['hostname']]) + #if not nodes: + #pointer = api.oar.AddNode(login_base, pl_record) + #else: + #pointer = nodes[0]['node_id'] + + ##record['pointer'] = pointer + ##record.set_pointer(pointer) record_id = table.insert(record) record['record_id'] = record_id @@ -340,13 +346,13 @@ def update(api, record_dict): # update the PLC information that was specified with the record if (type == "authority"): - api.plshell.UpdateSite(api.plauth, pointer, new_record) + api.oar.UpdateSite( pointer, new_record) elif type == "slice": pl_record=api.sfa_fields_to_pl_fields(type, hrn, new_record) if 'name' in pl_record: pl_record.pop('name') - api.plshell.UpdateSlice(api.plauth, pointer, pl_record) + api.users.UpdateSlice( pointer, pl_record) elif type == "user": # SMBAKER: UpdatePerson only allows a limited set of fields to be @@ -359,14 +365,14 @@ def update(api, record_dict): 'password', 'phone', 'url', 'bio', 'accepted_aup', 'enabled']: update_fields[key] = all_fields[key] - api.plshell.UpdatePerson(api.plauth, pointer, update_fields) + api.users.UpdatePerson( pointer, update_fields) if 'key' in new_record and new_record['key']: # must check this key against the previous one if it exists - persons = api.plshell.GetPersons(api.plauth, [pointer], ['key_ids']) + persons = api.users.GetPersons( [pointer], ['key_ids']) person = persons[0] keys = person['key_ids'] - keys = api.plshell.GetKeys(api.plauth, person['key_ids']) + keys = api.users.GetKeys( person['key_ids']) key_exists = False if isinstance(new_record['key'], types.ListType): new_key = new_record['key'][0] @@ -376,11 +382,11 @@ def update(api, record_dict): # Delete all stale keys for key in keys: if new_record['key'] != key['key']: - api.plshell.DeleteKey(api.plauth, key['key_id']) + api.users.DeleteKey( key['key_id']) else: key_exists = True if not key_exists: - api.plshell.AddPersonKey(api.plauth, pointer, {'key_type': 'ssh', 'key': new_key}) + api.users.AddPersonKey( pointer, {'key_type': 'ssh', 'key': new_key}) # update the openssl key and gid pkey = convert_public_key(new_key) @@ -392,7 +398,7 @@ def update(api, record_dict): table.update(record) elif type == "node": - api.plshell.UpdateNode(api.plauth, pointer, new_record) + api.oar.UpdateNode( pointer, new_record) else: raise UnknownSfaType(type) @@ -430,20 +436,20 @@ def remove(api, xrn, origin_hrn=None): except: pass if type == "user": - persons = api.plshell.GetPersons(api.plauth, record['pointer']) + persons = api.users.GetPersons(record['pointer']) # only delete this person if he has site ids. if he doesnt, it probably means # he was just removed from a site, not actually deleted if persons and persons[0]['site_ids']: - api.plshell.DeletePerson(api.plauth, record['pointer']) + api.users.DeletePerson(record['pointer']) elif type == "slice": - if api.plshell.GetSlices(api.plauth, record['pointer']): - api.plshell.DeleteSlice(api.plauth, record['pointer']) + if api.users.GetSlices( record['pointer']): + api.users.DeleteSlice( record['pointer']) elif type == "node": - if api.plshell.GetNodes(api.plauth, record['pointer']): - api.plshell.DeleteNode(api.plauth, record['pointer']) + if api.oar.GetNodes( record['pointer']): + api.oar.DeleteNode( record['pointer']) elif type == "authority": - if api.plshell.GetSites(api.plauth, record['pointer']): - api.plshell.DeleteSite(api.plauth, record['pointer']) + if api.oar.GetSites( record['pointer']): + api.oar.DeleteSite( record['pointer']) else: raise UnknownSfaType(type)