From 9b3c8b915aac0b8c863470f12bd41d32b82b17a7 Mon Sep 17 00:00:00 2001
From: Tony Mack <tmack@paris.CS.Princeton.EDU>
Date: Fri, 29 Jun 2012 13:58:33 -0400
Subject: [PATCH] import records from keystone instead of default auth_manager

---
 sfa/importer/openstackimporter.py | 115 ++++++++++++++++++------------
 1 file changed, 70 insertions(+), 45 deletions(-)

diff --git a/sfa/importer/openstackimporter.py b/sfa/importer/openstackimporter.py
index b12ef03b..dd28728f 100644
--- a/sfa/importer/openstackimporter.py
+++ b/sfa/importer/openstackimporter.py
@@ -2,14 +2,12 @@ import os
 
 from sfa.util.config import Config
 from sfa.util.xrn import Xrn, get_leaf, get_authority, hrn_to_urn
-
 from sfa.trust.gid import create_uuid    
 from sfa.trust.certificate import convert_public_key, Keypair
 from sfa.storage.alchemy import dbsession
 from sfa.storage.model import RegRecord, RegAuthority, RegUser, RegSlice, RegNode
-
-from sfa.planetlab.plxrn import hostname_to_hrn, slicename_to_hrn, email_to_hrn
-from sfa.openstack.nova_shell import NovaShell    
+from sfa.openstack.osxrn import OSXrn
+from sfa.openstack.shell import Shell    
 
 def load_keys(filename):
     keys = {}
@@ -44,7 +42,7 @@ class OpenstackImporter:
         config = Config ()
         interface_hrn = config.SFA_INTERFACE_HRN
         root_auth = config.SFA_REGISTRY_ROOT_AUTH
-        shell = NovaShell (config)
+        shell = Shell (config)
 
         # create dict of all existing sfa records
         existing_records = {}
@@ -55,23 +53,27 @@ class OpenstackImporter:
             existing_hrns.append(record.hrn) 
             
         # Get all users
-        persons = shell.auth_manager.get_users()
-        persons_dict = {}
+        users = shell.auth_manager.users.list()
+        users_dict = {}
         keys_filename = config.config_path + os.sep + 'person_keys.py' 
-        old_person_keys = load_keys(keys_filename)
-        person_keys = {} 
-        for person in persons:
-            hrn = config.SFA_INTERFACE_HRN + "." + person.id
-            persons_dict[hrn] = person
-            old_keys = old_person_keys.get(person.id, [])
-            keys = [k.public_key for k in shell.db.key_pair_get_all_by_user(person.id)]
-            person_keys[person.id] = keys
+        old_user_keys = load_keys(keys_filename)
+        user_keys = {} 
+        for user in users:
+            auth_hrn = config.SFA_INTERFACE_HRN 
+            if user.tenantId is not None:
+                tenant = shell.auth_manager.tenants.find(id=user.tenantId)
+                auth_hrn = OSXrn(name=tenant.name, auth=config.SFA_INTERFACE_HRN).get_hrn()
+            hrn = OSXrn(name=user.name, auth=auth_hrn).get_hrn() 
+            users_dict[hrn] = user
+            old_keys = old_user_keys.get(hrn, [])
+            keys = [k.public_key for k in shell.nova_manager.keypairs.findall(name=hrn)]
+            user_keys[hrn] = keys
             update_record = False
             if old_keys != keys:
                 update_record = True
             if hrn not in existing_hrns or \
                    (hrn, 'user') not in existing_records or update_record:    
-                urn = hrn_to_urn(hrn, 'user')
+                urn = OSXrn(xrn=hrn, type='user').get_urn()
             
                 if keys:
                     try:
@@ -82,36 +84,59 @@ class OpenstackImporter:
                 else:
                     self.logger.warn("OpenstackImporter: person %s does not have a PL public key"%hrn)
                     pkey = Keypair(create=True) 
-                person_gid = self.auth_hierarchy.create_gid(urn, create_uuid(), pkey)
-                person_record = RegUser ()
-                person_record.type='user'
-                person_record.hrn=hrn
-                person_record.gid=person_gid
-                person_record.authority=get_authority(hrn)
-                dbsession.add(person_record)
+                user_gid = self.auth_hierarchy.create_gid(urn, create_uuid(), pkey)
+                user_record = RegUser ()
+                user_record.type='user'
+                user_record.hrn=hrn
+                user_record.gid=user_gid
+                user_record.authority=get_authority(hrn)
+                dbsession.add(user_record)
                 dbsession.commit()
-                self.logger.info("OpenstackImporter: imported person %s" % person_record)
+                self.logger.info("OpenstackImporter: imported person %s" % user_record)
 
-        # Get all projects
-        projects = shell.auth_manager.get_projects()
-        projects_dict = {}
-        for project in projects:
-            hrn = config.SFA_INTERFACE_HRN + '.' + project.id
-            projects_dict[hrn] = project
-            if hrn not in existing_hrns or \
-            (hrn, 'slice') not in existing_records:
+        # Get all tenants 
+        # A tenant can represent an organizational group (site) or a 
+        # slice. If a tenant's authorty/parent matches the root authority it is 
+        # considered a group/site. All other tenants are considered slices.         
+        tenants = shell.auth_manager.tenants.list()
+        tenants_dict = {}
+        for tenant in tenants:
+            hrn = config.SFA_INTERFACE_HRN + '.' + tenant.name
+            tenants_dict[hrn] = tenant
+            authority_hrn = OSXrn(xrn=hrn).get_authority_hrn()
+
+            if hrn in existing_hrns:
+                continue
+            
+            if authority_hrn == config.SFA_INTERFACE_HRN:
+                # import group/site
+                record = RegAuthority()
+                urn = OSXrn(xrn=hrn, type='authority').get_urn()
+                if not self.auth_hierarchy.auth_exists(urn):
+                    self.auth_hierarchy.create_auth(urn)
+                auth_info = self.auth_hierarchy.get_auth_info(urn)
+                gid = auth_info.get_gid_object()
+                record.type='authority'
+                record.hrn=hrn
+                record.gid=gid
+                record.authority=get_authority(hrn)
+                dbsession.add(record)
+                dbsession.commit()
+                self.logger.info("OpenstackImporter: imported authority: %s" % record)
+                
+            else:
+                record = RegSlice ()
+                urn = OSXrn(xrn=hrn, type='slice').get_urn()
                 pkey = Keypair(create=True)
-                urn = hrn_to_urn(hrn, 'slice')
-                project_gid = self.auth_hierarchy.create_gid(urn, create_uuid(), pkey)
-                project_record = RegSlice ()
-                project_record.type='slice'
-                project_record.hrn=hrn
-                project_record.gid=project_gid
-                project_record.authority=get_authority(hrn)
-                dbsession.add(project_record)
+                gid = self.auth_hierarchy.create_gid(urn, create_uuid(), pkey)
+                record.type='slice'
+                record.hrn=hrn
+                record.gid=gid
+                record.authority=get_authority(hrn)
+                dbsession.add(record)
                 dbsession.commit()
-                self.logger.info("OpenstackImporter: imported slice: %s" % project_record)  
-    
+                self.logger.info("OpenstackImporter: imported slice: %s" % record)
+                
         # remove stale records    
         system_records = [interface_hrn, root_auth, interface_hrn + '.slicemanager']
         for (record_hrn, type) in existing_records.keys():
@@ -123,10 +148,10 @@ class OpenstackImporter:
                 continue
 
             if type == 'user':
-                if record_hrn in persons_dict:
+                if record_hrn in users_dict:
                     continue  
             elif type == 'slice':
-                if record_hrn in projects_dict:
+                if record_hrn in tenants_dict:
                     continue
             else:
                 continue 
@@ -138,5 +163,5 @@ class OpenstackImporter:
                                    
         # save pub keys
         self.logger.info('OpenstackImporter: saving current pub keys')
-        save_keys(keys_filename, person_keys)                
+        save_keys(keys_filename, user_keys)                
         
-- 
2.47.0