3 # pylint: disable=c0111, c0103, w0402, w0622
5 from __future__ import print_function
10 from pprint import PrettyPrinter
11 from optparse import OptionParser
13 from sfa.generic import Generic
14 from sfa.util.xrn import Xrn
15 from sfa.util.sfalogging import logger, init_logger
17 from sfa.storage.record import Record
19 from sfa.trust.hierarchy import Hierarchy
20 from sfa.trust.gid import GID
21 from sfa.trust.certificate import convert_public_key
23 from sfa.client.common import (optparse_listvalue_callback,
24 optparse_dictvalue_callback,
25 terminal_render, filter_records)
26 from sfa.client.candidates import Candidates
27 from sfa.client.sfi import save_records_to_file
29 pprinter = PrettyPrinter(indent=4)
32 help_basedir = Hierarchy().basedir
34 help_basedir = '*unable to locate Hierarchy().basedir'
37 def add_options(*args, **kwargs):
39 func.__dict__.setdefault('add_options', []).insert(0, (args, kwargs))
44 class Commands(object):
46 def _get_commands(self):
48 for attrib in dir(self):
49 if callable(getattr(self, attrib)) and not attrib.startswith('_'):
50 command_names.append(attrib)
54 class RegistryCommands(Commands):
56 def __init__(self, *args, **kwds):
57 self.api = Generic.the_flavour().make_api(interface='registry')
60 """Display the Registry version"""
61 version = self.api.manager.GetVersion(self.api, {})
62 pprinter.pprint(version)
64 @add_options('-x', '--xrn', dest='xrn', metavar='<xrn>',
65 help='authority to list (hrn/urn - mandatory)')
66 @add_options('-t', '--type', dest='type', metavar='<type>',
67 help='object type', default='all')
68 @add_options('-r', '--recursive', dest='recursive', metavar='<recursive>',
69 help='list all child records',
70 action='store_true', default=False)
71 @add_options('-v', '--verbose', dest='verbose',
72 action='store_true', default=False)
73 def list(self, xrn, type=None, recursive=False, verbose=False):
75 List names registered at a given authority, possibly filtered by type
78 options_dict = {'recursive': recursive}
79 records = self.api.manager.List(
80 self.api, xrn.get_hrn(), options=options_dict)
81 list = filter_records(type, records)
82 # terminal_render expects an options object
84 class Options: # pylint: disable=r0903
85 def __init__(self, verbose):
86 self.verbose = verbose
88 options = Options(verbose)
89 terminal_render(list, options)
91 @add_options('-x', '--xrn', dest='xrn', metavar='<xrn>',
92 help='object hrn/urn (mandatory)')
93 @add_options('-t', '--type', dest='type', metavar='<type>',
94 help='object type', default=None)
95 @add_options('-o', '--outfile', dest='outfile', metavar='<outfile>',
96 help='save record to file')
97 @add_options('-f', '--format', dest='format', metavar='<display>',
98 type='choice', choices=('text', 'xml', 'simple'),
99 help='display record in different formats')
100 def show(self, xrn, type=None, format=None, outfile=None):
101 """Display details for a registered object"""
102 records = self.api.manager.Resolve(self.api, xrn, type, details=True)
103 for record in records:
104 sfa_record = Record(dict=record)
105 sfa_record.dump(format)
107 save_records_to_file(outfile, records)
110 def _record_dict(xrn, type, email, key,
111 slices, researchers, pis,
112 url, description, extras):
119 record_dict['urn'] = xrn.get_urn()
120 record_dict['hrn'] = xrn.get_hrn()
121 record_dict['type'] = xrn.get_type()
123 record_dict['url'] = url
125 record_dict['description'] = description
128 pubkey = open(key, 'r').read()
131 record_dict['reg-keys'] = [pubkey]
133 record_dict['slices'] = slices
135 record_dict['reg-researchers'] = researchers
137 record_dict['email'] = email
139 record_dict['reg-pis'] = pis
141 record_dict.update(extras)
144 @add_options('-x', '--xrn', dest='xrn', metavar='<xrn>',
145 help='object hrn/urn', default=None)
146 @add_options('-t', '--type', dest='type', metavar='<type>',
147 help='object type (mandatory)')
148 @add_options('-a', '--all', dest='all', metavar='<all>',
149 action='store_true', default=False,
150 help='check all users GID')
151 @add_options('-v', '--verbose', dest='verbose', metavar='<verbose>',
152 action='store_true', default=False,
153 help='verbose mode: display user\'s hrn ')
154 def check_gid(self, xrn=None, type=None, all=None, verbose=None):
155 """Check the correspondance between the GID and the PubKey"""
158 from sfa.storage.model import RegRecord
159 db_query = self.api.dbsession().query(RegRecord).filter_by(type=type)
161 hrn = Xrn(xrn).get_hrn()
162 db_query = db_query.filter_by(hrn=hrn)
164 print("Use either -a or -x <xrn>, not both !!!")
166 elif not all and not xrn:
167 print("Use either -a or -x <xrn>, one of them is mandatory !!!")
170 records = db_query.all()
172 print("No Record found")
179 for record in records:
180 # get the pubkey stored in SFA DB
182 db_pubkey_str = record.reg_keys[0].key
184 db_pubkey_obj = convert_public_key(db_pubkey_str)
186 ERROR.append(record.hrn)
189 NOKEY.append(record.hrn)
192 # get the pubkey from the gid
194 gid_obj = GID(string=gid_str)
195 gid_pubkey_obj = gid_obj.get_pubkey()
197 # Check if gid_pubkey_obj and db_pubkey_obj are the same
198 check = gid_pubkey_obj.is_same(db_pubkey_obj)
200 OK.append(record.hrn)
202 NOK.append(record.hrn)
205 print("Users NOT having a PubKey: %s\n\
206 Users having a non RSA PubKey: %s\n\
207 Users having a GID/PubKey correpondence OK: %s\n\
208 Users having a GID/PubKey correpondence Not OK: %s\n"
209 % (len(NOKEY), len(ERROR), len(OK), len(NOK)))
211 print("Users NOT having a PubKey: %s and are: \n%s\n\n\
212 Users having a non RSA PubKey: %s and are: \n%s\n\n\
213 Users having a GID/PubKey correpondence OK: %s and are: \n%s\n\n\
214 Users having a GID/PubKey correpondence NOT OK: %s and are: \n%s\n\n"
215 % (len(NOKEY), NOKEY, len(ERROR), ERROR,
216 len(OK), OK, len(NOK), NOK))
219 @add_options('-x', '--xrn', dest='xrn', metavar='<xrn>',
220 help='object hrn/urn (mandatory)')
221 @add_options('-t', '--type', dest='type', metavar='<type>',
222 help='object type', default=None)
223 @add_options('-e', '--email', dest='email', default="",
224 help="email (mandatory for users)")
225 @add_options('-u', '--url', dest='url', metavar='<url>', default=None,
226 help="URL, useful for slices")
227 @add_options('-d', '--description', dest='description',
228 metavar='<description>',
229 help='Description, useful for slices', default=None)
230 @add_options('-k', '--key', dest='key', metavar='<key>',
231 help='public key string or file',
233 @add_options('-s', '--slices', dest='slices', metavar='<slices>',
234 help='Set/replace slice xrns',
235 default='', type="str", action='callback',
236 callback=optparse_listvalue_callback)
237 @add_options('-r', '--researchers', dest='researchers',
238 metavar='<researchers>', help='Set/replace slice researchers',
239 default='', type="str", action='callback',
240 callback=optparse_listvalue_callback)
241 @add_options('-p', '--pis', dest='pis', metavar='<PIs>',
242 help='Set/replace Principal Investigators/Project Managers',
243 default='', type="str", action='callback',
244 callback=optparse_listvalue_callback)
245 @add_options('-X', '--extra', dest='extras',
246 default={}, type='str', metavar="<EXTRA_ASSIGNS>",
247 action="callback", callback=optparse_dictvalue_callback,
249 help="set extra/testbed-dependent flags,"
250 " e.g. --extra enabled=true")
251 def register(self, xrn, type=None, email='', key=None,
252 slices='', pis='', researchers='',
253 url=None, description=None, extras={}):
254 """Create a new Registry record"""
255 record_dict = self._record_dict(
256 xrn=xrn, type=type, email=email, key=key,
257 slices=slices, researchers=researchers, pis=pis,
258 url=url, description=description, extras=extras)
259 self.api.manager.Register(self.api, record_dict)
261 @add_options('-x', '--xrn', dest='xrn', metavar='<xrn>',
262 help='object hrn/urn (mandatory)')
263 @add_options('-t', '--type', dest='type', metavar='<type>',
264 help='object type', default=None)
265 @add_options('-u', '--url', dest='url', metavar='<url>',
266 help='URL', default=None)
267 @add_options('-d', '--description', dest='description',
268 metavar='<description>',
269 help='Description', default=None)
270 @add_options('-k', '--key', dest='key', metavar='<key>',
271 help='public key string or file',
273 @add_options('-s', '--slices', dest='slices', metavar='<slices>',
274 help='Set/replace slice xrns',
275 default='', type="str", action='callback',
276 callback=optparse_listvalue_callback)
277 @add_options('-r', '--researchers', dest='researchers',
278 metavar='<researchers>', help='Set/replace slice researchers',
279 default='', type="str", action='callback',
280 callback=optparse_listvalue_callback)
281 @add_options('-p', '--pis', dest='pis', metavar='<PIs>',
282 help='Set/replace Principal Investigators/Project Managers',
283 default='', type="str", action='callback',
284 callback=optparse_listvalue_callback)
285 @add_options('-X', '--extra', dest='extras', default={}, type='str',
286 metavar="<EXTRA_ASSIGNS>", nargs=1,
287 action="callback", callback=optparse_dictvalue_callback,
288 help="set extra/testbed-dependent flags,"
289 " e.g. --extra enabled=true")
290 def update(self, xrn, type=None, email='', key=None,
291 slices='', pis='', researchers='',
292 url=None, description=None, extras={}):
293 """Update an existing Registry record"""
294 record_dict = self._record_dict(
295 xrn=xrn, type=type, email=email, key=key,
296 slices=slices, researchers=researchers, pis=pis,
297 url=url, description=description, extras=extras)
298 self.api.manager.Update(self.api, record_dict)
300 @add_options('-x', '--xrn', dest='xrn', metavar='<xrn>',
301 help='object hrn/urn (mandatory)')
302 @add_options('-t', '--type', dest='type', metavar='<type>',
303 help='object type', default=None)
304 def remove(self, xrn, type=None):
305 """Remove given object from the registry"""
307 self.api.manager.Remove(self.api, xrn)
309 @add_options('-x', '--xrn', dest='xrn', metavar='<xrn>',
310 help='object hrn/urn (mandatory)')
311 @add_options('-t', '--type', dest='type', metavar='<type>',
312 help='object type', default=None)
313 def credential(self, xrn, type=None):
314 """Invoke GetCredential"""
315 cred = self.api.manager.GetCredential(
316 self.api, xrn, type, self.api.hrn)
320 def import_registry(self):
321 """Run the importer"""
322 init_logger('import')
323 from sfa.importer import Importer
324 importer = Importer()
329 """Initialize or upgrade the db"""
330 from sfa.storage.dbschema import DBSchema
331 dbschema = DBSchema()
332 dbschema.init_or_upgrade()
335 @add_options('-a', '--all', dest='all', metavar='<all>',
336 action='store_true', default=False,
337 help='Remove all registry records and all files in %s area'
339 @add_options('-c', '--certs', dest='certs',
340 metavar='<certs>', action='store_true', default=False,
341 help='Remove all cached certs/gids found in %s'
343 @add_options('-0', '--no-reinit', dest='reinit', metavar='<reinit>',
344 action='store_false', default=True,
345 help="Prevents new DB schema"
346 " from being installed after cleanup")
347 def nuke(self, all=False, certs=False, reinit=True):
349 Cleanup local registry DB, plus various additional
350 filesystem cleanups optionally
352 from sfa.storage.dbschema import DBSchema
353 from sfa.util.sfalogging import init_logger, logger
354 init_logger('import')
355 logger.setLevelFromOptVerbose(self.api.config.SFA_API_LOGLEVEL)
356 logger.info("Purging SFA records from database")
357 dbschema = DBSchema()
360 # for convenience we re-create the schema here,
361 # so there's no need for an explicit
362 # service sfa restart
363 # however in some (upgrade) scenarios this might be wrong
365 logger.info("re-creating empty schema")
366 dbschema.init_or_upgrade()
368 # remove the server certificate and all gids found in
369 # /var/lib/sfa/authorities
371 logger.info("Purging cached certificates")
372 for (dir, _, files) in os.walk('/var/lib/sfa/authorities'):
374 if file.endswith('.gid') or file == 'server.cert':
375 path = dir + os.sep + file
378 # just remove all files that do not match 'server.key' or 'server.cert'
380 logger.info("Purging registry filesystem cache")
381 preserved_files = ['server.key', 'server.cert']
382 for dir, _, files in os.walk(Hierarchy().basedir):
384 if file in preserved_files:
386 path = dir + os.sep + file
390 class CertCommands(Commands):
392 def __init__(self, *args, **kwds):
393 self.api = Generic.the_flavour().make_api(interface='registry')
395 def import_gid(self, xrn):
398 @add_options('-x', '--xrn', dest='xrn', metavar='<xrn>',
399 help='object hrn/urn (mandatory)')
400 @add_options('-t', '--type', dest='type', metavar='<type>',
401 help='object type', default=None)
402 @add_options('-o', '--outfile', dest='outfile', metavar='<outfile>',
403 help='output file', default=None)
404 def export(self, xrn, type=None, outfile=None):
405 """Fetch an object's GID from the Registry"""
406 from sfa.storage.model import RegRecord
407 hrn = Xrn(xrn).get_hrn()
408 request = self.api.dbsession().query(RegRecord).filter_by(hrn=hrn)
410 request = request.filter_by(type=type)
411 record = request.first()
413 gid = GID(string=record.gid)
415 # check the authorities hierarchy
416 hierarchy = Hierarchy()
418 auth_info = hierarchy.get_auth_info(hrn)
419 gid = auth_info.gid_object
421 print("Record: %s not found" % hrn)
425 outfile = os.path.abspath('./%s.gid' % gid.get_hrn())
426 gid.save_to_file(outfile, save_parents=True)
428 @add_options('-g', '--gidfile', dest='gid', metavar='<gid>',
429 help='path of gid file to display (mandatory)')
430 def display(self, gidfile):
431 """Print contents of a GID file"""
432 gid_path = os.path.abspath(gidfile)
433 if not gid_path or not os.path.isfile(gid_path):
434 print("No such gid file: %s" % gidfile)
436 gid = GID(filename=gid_path)
437 gid.dump(dump_parents=True)
440 class AggregateCommands(Commands):
442 def __init__(self, *args, **kwds):
443 self.api = Generic.the_flavour().make_api(interface='aggregate')
446 """Display the Aggregate version"""
447 version = self.api.manager.GetVersion(self.api, {})
448 pprinter.pprint(version)
450 @add_options('-x', '--xrn', dest='xrn', metavar='<xrn>',
451 help='object hrn/urn (mandatory)')
452 def status(self, xrn):
454 Retrieve the status of the slivers
455 belonging to the named slice (Status)
457 urns = [Xrn(xrn, 'slice').get_urn()]
458 status = self.api.manager.Status(self.api, urns, [], {})
459 pprinter.pprint(status)
461 @add_options('-r', '--rspec-version', dest='rspec_version',
462 metavar='<rspec_version>', default='GENI',
463 help='version/format of the resulting rspec response')
464 def resources(self, rspec_version='GENI'):
465 """Display the available resources at an aggregate"""
466 options = {'geni_rspec_version': rspec_version}
468 resources = self.api.manager.ListResources(self.api, [], options)
471 @add_options('-x', '--xrn', dest='xrn', metavar='<xrn>',
472 help='slice hrn/urn (mandatory)')
473 @add_options('-r', '--rspec', dest='rspec', metavar='<rspec>',
474 help='rspec file (mandatory)')
475 def allocate(self, xrn, rspec):
476 """Allocate slivers"""
477 xrn = Xrn(xrn, 'slice')
478 slice_urn = xrn.get_urn()
479 rspec_string = open(rspec).read()
481 manifest = self.api.manager.Allocate(
482 self.api, slice_urn, [], rspec_string, options)
485 @add_options('-x', '--xrn', dest='xrn', metavar='<xrn>',
486 help='slice hrn/urn (mandatory)')
487 def provision(self, xrn):
488 """Provision slivers"""
489 xrn = Xrn(xrn, 'slice')
490 slice_urn = xrn.get_urn()
492 manifest = self.api.manager.provision(
493 self.api, [slice_urn], [], options)
496 @add_options('-x', '--xrn', dest='xrn', metavar='<xrn>',
497 help='slice hrn/urn (mandatory)')
498 def delete(self, xrn):
500 self.api.manager.Delete(self.api, [xrn], [], {})
503 class SliceManagerCommands(AggregateCommands):
505 def __init__(self, *args, **kwds):
506 self.api = Generic.the_flavour().make_api(interface='slicemgr')
511 CATEGORIES = {'certificate': CertCommands,
512 'registry': RegistryCommands,
513 'aggregate': AggregateCommands,
514 'slicemgr': SliceManagerCommands}
516 # returns (name,class) or (None,None)
517 def find_category(self, input):
518 full_name = Candidates(SfaAdmin.CATEGORIES.keys()).only_match(input)
521 return (full_name, SfaAdmin.CATEGORIES[full_name])
523 def summary_usage(self, category=None):
524 print("Usage:", self.script_name + " category command [<options>]")
525 if category and category in SfaAdmin.CATEGORIES:
526 categories = [category]
528 categories = SfaAdmin.CATEGORIES
530 cls = SfaAdmin.CATEGORIES[c]
531 print("==================== category=%s" % c)
532 names = cls.__dict__.keys()
535 method = cls.__dict__[name]
536 if name.startswith('_'):
539 print("%-15s" % name, end=' ')
540 doc = getattr(method, '__doc__', None)
542 print("<missing __doc__>")
544 lines = [line.strip() for line in doc.split("\n")]
547 for extra_line in lines:
548 print(margin * " ", extra_line)
552 argv = copy.deepcopy(sys.argv)
553 self.script_name = argv.pop(0)
554 # ensure category is specified
558 # ensure category is valid
559 category_input = argv.pop(0)
560 (category_name, category_class) = self.find_category(category_input)
561 if not category_name or not category_class:
562 self.summary_usage(category_name)
564 usage = "%%prog %s command [options]" % (category_name)
565 parser = OptionParser(usage=usage)
567 # ensure command is valid
568 category_instance = category_class()
569 commands = category_instance._get_commands()
571 # xxx what is this about ?
572 command_name = '__call__'
574 command_input = argv.pop(0)
575 command_name = Candidates(commands).only_match(command_input)
577 if command_name and hasattr(category_instance, command_name):
578 command = getattr(category_instance, command_name)
580 self.summary_usage(category_name)
582 # ensure options are valid
583 usage = "%%prog %s %s [options]" % (category_name, command_name)
584 parser = OptionParser(usage=usage)
585 for args, kwdargs in getattr(command, 'add_options', []):
586 parser.add_option(*args, **kwdargs)
587 (opts, cmd_args) = parser.parse_args(argv)
588 cmd_kwds = vars(opts)
590 # dont overrride meth
591 for k, v in cmd_kwds.items():
597 # print "invoking %s *=%s **=%s"%(command.__name__, cmd_args,
599 command(*cmd_args, **cmd_kwds)
602 print("Possible wrong number of arguments supplied")
603 print(command.__doc__)
608 print("Command failed, please check log for more info")