platform_myslice = get_myslice_platform(request)
account_query = Query().get('local:account').select('user_id','platform_id','auth_type','config').filter_by('platform_id','==',platform_myslice['platform_id'])
account_details = execute_query(request, account_query)
- if isinstance(account_details,list):
- for account_detail in account_details:
- return account_detail
- else:
- return None
+ for account_detail in account_details:
+ return account_detail
except Exception as e:
print e
return None
return None
-def authority_add_pis(request, authority_hrn,user_hrn):
+def authority_add_pis(request, authority_hrn, user_hrn):
try:
+ pi_list = []
# getting pis of the authority of the user
pis = authority_get_pis (request, authority_hrn)
for pi in pis:
query = Query.update('myslice:authority').filter_by('authority_hrn', '==', authority_hrn).set({'pi_users':pi_list})
results = execute_query(request,query)
newpis = authority_get_pis (request, authority_hrn)
+
+ # Add the user to the slices of the project he/she joined
+ if len(authority_hrn.split('.')) > 2:
+ # this authority_hrn is a project
+ query_slices = Query.get('myslice:slice').filter_by('parent_authority', '==', authority_hrn).select('slice_hrn')
+ results_slices = execute_query(request,query_slices)
+ for s in results_slices:
+ sfa_add_user_to_slice(request, user_hrn, s['slice_hrn'])
+ # Clear Credentials of the user
+ user_email = get_user_email(request, user_hrn)
+ clear_user_creds(request, user_email)
+
return newpis
except Exception as e:
logger.error("Exception in actions.py in authority_add_pis {}".format(e))
- return None
-
+ raise Exception, "Exception in actions.py in authority_add_pis {}".format(e)
-def authority_remove_pis(request, authority_hrn,user_hrn):
+def authority_remove_pis(request, authority_hrn, user_hrn):
try:
+ print "-"*80
+ print "remove_pis"
+ pi_list = []
# getting pis of the authority of the user
pis = authority_get_pis (request, authority_hrn)
for pi in pis:
pi_list = pi['pi_users']
updated_pi_list = pi_list.remove(user_hrn)
- query = Query.update('authority').filter_by('authority_hrn', '==', authority_hrn).set({'pi_users':pi_list})
+ query = Query.update('myslice:authority').filter_by('authority_hrn', '==', authority_hrn).set({'pi_users':pi_list})
results = execute_query(request,query)
newpis = authority_get_pis (request, authority_hrn)
+
+ # Remove the user from the slices of the project he/she left
+ if len(authority_hrn.split('.')) > 2:
+ # this authority_hrn is a project
+ query_slices = Query.get('myslice:slice').filter_by('parent_authority', '==', authority_hrn).select('slice_hrn')
+ results_slices = execute_query(request,query_slices)
+ for s in results_slices:
+ print 'remove from slice %s' % s
+ sfa_remove_user_from_slice(request, user_hrn, s['slice_hrn'])
+
+ # Clear Credentials of the user
+ user_email = get_user_email(request, user_hrn)
+ clear_user_creds(request, user_email)
+
return newpis
except Exception as e:
logger.error("Exception in actions.py in authority_remove_pis {}".format(e))
- return None
+ raise Exception, "Exception in actions.py in authority_remove_pis {}".format(e)
def authority_get_pi_emails(request, authority_hrn):
results = execute_admin_query(request, query)
return [result['user_email'] for result in results]
+def get_user_email(request, user_hrn):
+ query = Query.get('myslice:user').filter_by('user_hrn', '==', user_hrn).select('user_email')
+ results = execute_admin_query(request, query)
+ return results[0]['user_email']
+
#clear user credentials
def clear_user_creds(request, user_email):
try:
raise Exception, "Could not create %s. Already exists ?" % authority_params['hrn']
return results
-def sfa_add_user_to_slice(request, user_hrn, slice_params):
-# UPDATE myslice:slice SET researcher=['ple.upmc.jordan_auge','ple.inria.thierry_parmentelat','ple.upmc.loic_baron','ple.upmc.ciro_scognamiglio','ple.upmc.mohammed-yasin_rahman','ple.upmc.azerty'] where slice_hrn=='ple.upmc.myslicedemo'
+def sfa_add_user_to_slice(request, user_hrn, slice_hrn):
+# UPDATE myslice:slice SET users = ['fed4fire.upmc.loic_baron', 'fed4fire.upmc.mohammed-yasin_rahman', 'fed4fire.upmc.demo'] WHERE slice_hrn == 'fed4fire.upmc.project_y.test_under' SELECT slice_hrn, slice_urn
+ # REGISTRY ONLY TO BE REMOVED WITH MANIFOLD-V2
+ query_current_users = Query.get('myslice:slice').select('users').filter_by('slice_hrn','==',slice_hrn)
+ results_current_users = execute_query(request, query_current_users)
+ current_users = list()
+ for r in results_current_users:
+ current_users.extend(r['users'])
+ users = list(set([user_hrn]) | set(current_users))
+
+ # REGISTRY ONLY TO BE REMOVED WITH MANIFOLD-V2
+ query = Query.update('myslice:slice').filter_by('slice_hrn', '==', slice_hrn).set({'users':users}).select('slice_hrn')
+ results = execute_query(request, query)
+# Also possible but not supported yet
+# UPDATE myslice:user SET slice=['ple.upmc.agent','ple.upmc.myslicedemo','ple.upmc.tophat'] where user_hrn=='ple.upmc.azerty'
+ if not results:
+ raise Exception, "Could not add user %s to slice %s" % (user_hrn, slice_hrn)
+ return results
+def sfa_remove_user_from_slice(request, user_hrn, slice_hrn):
+# UPDATE myslice:slice SET users = ['fed4fire.upmc.loic_baron', 'fed4fire.upmc.demo'] WHERE slice_hrn == 'fed4fire.upmc.project_y.test_under' SELECT slice_hrn, slice_urn
# REGISTRY ONLY TO BE REMOVED WITH MANIFOLD-V2
- query_current_users = Query.get('myslice:slice').select('user').filter_by('slice_hrn','==',slice_params['hrn'])
+ query_current_users = Query.get('myslice:slice').select('users').filter_by('slice_hrn','==',slice_hrn)
results_current_users = execute_query(request, query_current_users)
- slice_params['researcher'] = slice_params['researcher'] | results_current_users
+ current_users = list()
+ for r in results_current_users:
+ current_users.extend(r['users'])
+ if user_hrn in current_users:
+ current_users.remove(user_hrn)
# REGISTRY ONLY TO BE REMOVED WITH MANIFOLD-V2
- query = Query.update('myslice:slice').filter_by('user_hrn', '==', user_hrn).set(slice_params).select('slice_hrn')
+ query = Query.update('myslice:slice').filter_by('slice_hrn', '==', slice_hrn).set({'users':current_users}).select('slice_hrn')
results = execute_query(request, query)
# Also possible but not supported yet
# UPDATE myslice:user SET slice=['ple.upmc.agent','ple.upmc.myslicedemo','ple.upmc.tophat'] where user_hrn=='ple.upmc.azerty'
if not results:
- raise Exception, "Could not create %s. Already exists ?" % slice_params['hrn']
+ raise Exception, "Could not remove user %s to slice %s" % (user_hrn, slice_hrn)
return results
# Propose hrn
'authority_hrn' : hrn
}
sfa_add_authority(wsgi_request, sfa_authority_params)
- request_status['SFA project'] = {'status': True }
- PendingProject.objects.get(id=request['id']).delete()
# Add user as a PI of the project
+ # Clear user's Credentials
authority_add_pis(wsgi_request, hrn , request['user_hrn'])
- # Clear user's Credentials
- #sfa_user = sfa_get_user(wsgi_request, request['user_hrn'])
- clear_user_creds(wsgi_request,request['email'])
+ request_status['SFA project'] = {'status': True }
+ PendingProject.objects.get(id=request['id']).delete()
except Exception, e:
request_status['SFA project'] = {'status': False, 'description': str(e)}
elif request['type'] == 'join':
try:
# Add user as a PI of the project
+ # Clear user's Credentials
authority_add_pis(wsgi_request, request['authority_hrn'] , request['user_hrn'])
request_status['SFA join'] = {'status': True }
PendingJoin.objects.get(id=request['id']).delete()
- # Clear user's Credentials
- clear_user_creds(wsgi_request,request['email'])
-
except Exception, e:
request_status['SFA join'] = {'status': False, 'description': str(e)+' - '+str(request)}
else:
if not 'number_of_nodes' in request:
request['number_of_nodes']=""
+ # Slice is under a project
+ if len(request['authority_hrn'].split('.')) > 2:
+ pi_list = []
+ pis = authority_get_pis(wsgi_request, request['authority_hrn'])
+ for pi in pis:
+ pi_list = pi['pi_users']
+ user_hrns.extend(pi_list)
+
# XXX We should create a slice with Manifold terminology
slice_params = {
'slice_hrn' : hrn,
if not results:
raise Exception, "Could not create %s. Already exists ?" % slice_params['hrn']
else:
- clear_user_creds(wsgi_request,user_email)
+ try:
+ for u_hrn in user_hrns:
+ u_email = get_user_email(wsgi_request, u_hrn)
+ clear_user_creds(wsgi_request, u_email)
+ except Exception as e:
+ logger.error("Failed clear credentials for all users")
+ clear_user_creds(wsgi_request,user_email)
# log user activity
activity.slice.validate(request, { "slice" : hrn })
try:
login(request, user)
if request.user.is_authenticated():
- env['person'] = self.request.user
- env['username'] = self.request.user
-
- # log user activity
- activity.user.login(self.request)
-
- ## check user is pi or not
- acc_auth_cred = {}
- acc_user_cred = {}
-
- account_detail = get_myslice_account(self.request)
- if 'config' in account_detail and account_detail['config'] is not '':
- account_config = json.loads(account_detail['config'])
- acc_auth_cred = account_config.get('delegated_authority_credentials','N/A')
- acc_user_cred = account_config.get('delegated_user_credential','N/A')
- # assigning values
- #if acc_auth_cred=={} or acc_auth_cred=='N/A':
- # pi = "is_not_pi"
- #else:
- # pi = "is_pi"
- user_email = str(self.request.user)
- pi = authority_check_pis(self.request, user_email)
-
- # check if the user has creds or not
- if acc_user_cred == {} or acc_user_cred == 'N/A':
- user_cred = 'no_creds'
- else:
- exp_date = get_expiration(acc_user_cred, 'timestamp')
- if exp_date < time.time():
- user_cred = 'creds_expired'
+ try:
+ env['person'] = self.request.user
+ env['username'] = self.request.user
+
+ # log user activity
+ activity.user.login(self.request)
+
+ ## check user is pi or not
+ acc_auth_cred = {}
+ acc_user_cred = {}
+
+ account_detail = get_myslice_account(self.request)
+ if 'config' in account_detail and account_detail['config'] is not '':
+ account_config = json.loads(account_detail['config'])
+ acc_auth_cred = account_config.get('delegated_authority_credentials','N/A')
+ acc_user_cred = account_config.get('delegated_user_credential','N/A')
+ # assigning values
+ #if acc_auth_cred=={} or acc_auth_cred=='N/A':
+ # pi = "is_not_pi"
+ #else:
+ # pi = "is_pi"
+ user_email = str(self.request.user)
+ pi = authority_check_pis(self.request, user_email)
+
+ # check if the user has creds or not
+ if acc_user_cred == {} or acc_user_cred == 'N/A':
+ user_cred = 'no_creds'
else:
- user_cred = 'has_creds'
-
- # list the pending slices of this user
- pending_slices = []
- for slices in PendingSlice.objects.filter(type_of_nodes__iexact=self.request.user).all():
- pending_slices.append(slices.slice_name)
-
- env['pending_slices'] = pending_slices
- env['pi'] = pi
- env['user_cred'] = user_cred
+ exp_date = get_expiration(acc_user_cred, 'timestamp')
+ if exp_date < time.time():
+ user_cred = 'creds_expired'
+ else:
+ user_cred = 'has_creds'
+
+ # list the pending slices of this user
+ pending_slices = []
+ for slices in PendingSlice.objects.filter(type_of_nodes__iexact=self.request.user).all():
+ pending_slices.append(slices.slice_name)
+
+ env['pending_slices'] = pending_slices
+ env['pi'] = pi
+ env['user_cred'] = user_cred
+ except Exception as e:
+ print e
+ env['person'] = None
+ env['state'] = "Your session has expired"
else:
env['person'] = None
else:
git://git.onelab.eu / myslice.git / commitdiff