From: Josh Karlin Date: Thu, 15 Apr 2010 21:03:37 +0000 (+0000) Subject: Adding DeleteSliver, RenewSliver, and SliverStatus X-Git-Tag: geni-apiv1-totrunk~56 X-Git-Url: http://git.onelab.eu/?a=commitdiff_plain;h=f086b478630d2dcaf9b03404911e5456319d5ad6;p=sfa.git Adding DeleteSliver, RenewSliver, and SliverStatus --- diff --git a/sfa/managers/geni_am_pl.py b/sfa/managers/geni_am_pl.py index 99b87cbe..ec152dba 100644 --- a/sfa/managers/geni_am_pl.py +++ b/sfa/managers/geni_am_pl.py @@ -54,4 +54,13 @@ def DeleteSliver(api, slice_xrn, creds): allocated = manager.delete_slice(api, slice_xrn) return allocated - \ No newline at end of file + +def SliverStatus(api, slice_xrn): + result = {} + result['geni_urn'] = slice_xrn + result['geni_status'] = 'unknown' + result['geni_resources'] = {} + return result + +def RenewSliver(api, slice_xrn, creds, renew_time): + return False \ No newline at end of file diff --git a/sfa/methods/DeleteSliver.py b/sfa/methods/DeleteSliver.py index aa45e04c..d57568fa 100644 --- a/sfa/methods/DeleteSliver.py +++ b/sfa/methods/DeleteSliver.py @@ -5,14 +5,11 @@ from sfa.util.parameter import Parameter class DeleteSliver(Method): """ - Allocate resources to a slice. This operation is expected to - start the allocated resources asynchornously after the operation - has successfully completed. Callers can check on the status of + Delete sliver from a slice. Callers can check on the status of the resources using SliverStatus. @param slice_urn (string) URN of slice to allocate to @param credentials ([string]) of credentials - @param rspec (string) rspec to allocate """ interfaces = ['geni_am'] diff --git a/sfa/methods/RenewSliver.py b/sfa/methods/RenewSliver.py new file mode 100644 index 00000000..554926df --- /dev/null +++ b/sfa/methods/RenewSliver.py @@ -0,0 +1,58 @@ +from sfa.util.faults import * +from sfa.util.namespace import * +from sfa.util.method import Method +from sfa.util.parameter import Parameter +from sfa.trust.credential import Credential +from dateutil.parser import parse + +class RenewSliver(Method): + """ + Renews the resources in a sliver, extending the lifetime of the slice. + @param slice_urn (string) URN of slice to renew + @param credentials ([string]) of credentials + @param expiration_time (string) requested time of expiration + + """ + interfaces = ['geni_am'] + accepts = [ + Parameter(str, "Slice URN"), + Parameter(type([str]), "List of credentials"), + Parameter(str, "Expiration time in RFC 3339 format") + ] + returns = Parameter(bool, "Success or Failure") + + def call(self, slice_xrn, creds, expiration_time): + hrn, type = urn_to_hrn(slice_xrn) + + self.api.logger.info("interface: %s\ttarget-hrn: %s\tcaller-creds: %s\tmethod-name: %s"%(self.api.interface, hrn, creds, self.name)) + + # Validate that at least one of the credentials is good enough + found = False + validCred = None + for cred in creds: + try: + self.api.auth.check(cred, 'renewsliver') + validCred = cred + found = True + break + except: + continue + + if not found: + raise InsufficientRights('SliverStatus: Credentials either did not verify, were no longer valid, or did not have appropriate privileges') + + # Validate that the time does not go beyond the credential's expiration time + requested_time = parse(expiration_time) + if requested_time > Credential(string=validCred).get_lifetime(): + raise InsufficientRights('SliverStatus: Credential expires before requested expiration time') + + manager_base = 'sfa.managers' + + if self.api.interface in ['geni_am']: + mgr_type = self.api.config.SFA_GENI_AGGREGATE_TYPE + manager_module = manager_base + ".geni_am_%s" % mgr_type + manager = __import__(manager_module, fromlist=[manager_base]) + return manager.RenewSliver(self.api, slice_xrn, creds, expiration_time) + + return '' + diff --git a/sfa/methods/SliverStatus.py b/sfa/methods/SliverStatus.py new file mode 100644 index 00000000..e56793bf --- /dev/null +++ b/sfa/methods/SliverStatus.py @@ -0,0 +1,49 @@ +from sfa.util.faults import * +from sfa.util.namespace import * +from sfa.util.method import Method +from sfa.util.parameter import Parameter + +class SliverStatus(Method): + """ + Get the status of a sliver + + @param slice_urn (string) URN of slice to allocate to + @param credentials ([string]) of credentials + + """ + interfaces = ['geni_am'] + accepts = [ + Parameter(str, "Slice URN"), + Parameter(type([str]), "List of credentials"), + ] + returns = Parameter(bool, "Success or Failure") + + def call(self, slice_xrn, creds): + hrn, type = urn_to_hrn(slice_xrn) + + self.api.logger.info("interface: %s\ttarget-hrn: %s\tcaller-creds: %s\tmethod-name: %s"%(self.api.interface, hrn, creds, self.name)) + + # Validate that at least one of the credentials is good enough + found = False + for cred in creds: + try: + self.api.auth.check(cred, 'sliverstatus') + found = True + break + except: + continue + + if not found: + raise InsufficientRights('SliverStatus: Credentials either did not verify, were no longer valid, or did not have appropriate privileges') + + + manager_base = 'sfa.managers' + + if self.api.interface in ['geni_am']: + mgr_type = self.api.config.SFA_GENI_AGGREGATE_TYPE + manager_module = manager_base + ".geni_am_%s" % mgr_type + manager = __import__(manager_module, fromlist=[manager_base]) + return manager.SliverStatus(self.api, slice_xrn, creds) + + return '' + diff --git a/sfa/methods/__init__.py b/sfa/methods/__init__.py index 2fc9352b..da9e5c3f 100644 --- a/sfa/methods/__init__.py +++ b/sfa/methods/__init__.py @@ -31,4 +31,6 @@ ListResources CreateSliver get_geni_aggregates DeleteSliver +SliverStatus +RenewSliver """.split() diff --git a/sfa/trust/credential.py b/sfa/trust/credential.py index bff19f4c..c72817b5 100644 --- a/sfa/trust/credential.py +++ b/sfa/trust/credential.py @@ -18,11 +18,12 @@ from sfa.trust.gid import * from sfa.util.faults import * from sfa.util.sfalogging import logger +from dateutil.parser import parse -# Two years, in minutes -DEFAULT_CREDENTIAL_LIFETIME = 1051200 +# Two years, in seconds +DEFAULT_CREDENTIAL_LIFETIME = 60 * 60 * 24 * 365 * 2 # TODO: @@ -287,17 +288,17 @@ class Credential(object): # # @param lifetime lifetime of credential # . if lifeTime is a datetime object, it is used for the expiration time - # . if lifeTime is an integer value, it is considered the number of minutes + # . if lifeTime is an integer value, it is considered the number of seconds # remaining before expiration def set_lifetime(self, lifeTime): if isinstance(lifeTime, int): - self.expiration = datetime.timedelta(seconds=lifeTime*60) + datetime.datetime.utcnow() + self.expiration = datetime.timedelta(seconds=lifeTime) + datetime.datetime.utcnow() else: self.expiration = lifeTime ## - # get the lifetime of the credential (in minutes) + # get the lifetime of the credential (in datetime format) def get_lifetime(self): if not self.expiration: @@ -366,7 +367,7 @@ class Credential(object): append_sub(doc, cred, "target_urn", self.gidObject.get_urn()) append_sub(doc, cred, "uuid", "") if not self.expiration: - self.set_lifetime(3600) + self.set_lifetime(DEFAULT_CREDENTIAL_LIFETIME) self.expiration = self.expiration.replace(microsecond=0) append_sub(doc, cred, "expires", self.expiration.isoformat()) privileges = doc.createElement("privileges") @@ -558,10 +559,7 @@ class Credential(object): self.set_refid(cred.getAttribute("xml:id")) - sz_expires = getTextNode(cred, "expires") - if sz_expires != '': - self.expiration = datetime.datetime.strptime(sz_expires, '%Y-%m-%dT%H:%M:%S') - self.lifeTime = getTextNode(cred, "expires") + self.set_lifetime(parse(getTextNode(cred, "expires"))) self.gidCaller = GID(string=getTextNode(cred, "owner_gid")) self.gidObject = GID(string=getTextNode(cred, "target_gid")) diff --git a/sfa/trust/rights.py b/sfa/trust/rights.py index 4862a79a..36006376 100644 --- a/sfa/trust/rights.py +++ b/sfa/trust/rights.py @@ -20,8 +20,8 @@ privilege_table = {"authority": ["register", "remove", "update", "resolve", "lis "refresh": ["remove", "update"], "resolve": ["resolve", "list", "getcredential", "listresources", "getversion"], "sa": ["getticket", "redeemslice", "redeemticket", "createslice", "deleteslice", "updateslice", - "getsliceresources", "getticket", "loanresources", "stopslice", "startslice", - "deleteslice", "resetslice", "listslices", "listnodes", "getpolicy", "createsliver"], + "getsliceresources", "getticket", "loanresources", "stopslice", "startslice", "renewsliver", + "deleteslice", "resetslice", "listslices", "listnodes", "getpolicy", "createsliver", "sliverestatus"], "embed": ["getticket", "redeemslice", "redeemticket", "createslice", "createsliver", "deleteslice", "updateslice", "getsliceresources"], "bind": ["getticket", "loanresources", "redeemticket"], "control": ["updateslice", "createslice", "createsliver", "stopslice", "startslice", "deleteslice", "resetslice", "getsliceresources", "getgids"], diff --git a/sfa/util/client.py b/sfa/util/client.py index ed3ec812..bcba540f 100644 --- a/sfa/util/client.py +++ b/sfa/util/client.py @@ -276,13 +276,7 @@ class GeniClient: return result - ## delete slice - # - # @param cred a credential - # @param hrn slice to delete - def delete_slice(self, cred, hrn, caller_cred=None): - result = self.server.delete_slice(cred.save_to_string(save_parents=True), hrn, caller_cred) - return result + # ------------------------------------------------------------------------ # Slice Interface