1 from types import StringTypes
2 from collections import defaultdict
4 from sfa.util.sfatime import utcparse, datetime_to_epoch
5 from sfa.util.sfalogging import logger
6 from sfa.util.xrn import Xrn, get_leaf, get_authority, urn_to_hrn
8 from sfa.rspecs.rspec import RSpec
10 from sfa.dummy.dummyxrn import DummyXrn, hrn_to_dummy_slicename
17 def __init__(self, driver):
20 def get_slivers(self, xrn, node=None):
21 hrn, type = urn_to_hrn(xrn)
23 slice_name = hrn_to_dummy_slicename(hrn)
25 slices = self.driver.shell.GetSlices({'slice_name': slice_name})
27 # Build up list of users and slice attributes
28 user_ids = slice['user_ids']
29 # Get user information
30 all_users_list = self.driver.shell.GetUsers({'user_id':user_ids})
32 for user in all_users_list:
33 all_users[user['user_id']] = user
35 # Build up list of keys
37 for user in all_users_list:
38 all_keys.extend(user['keys'])
43 # XXX Sanity check; though technically this should be a system invariant
44 # checked with an assertion
45 if slice['expires'] > MAXINT: slice['expires']= MAXINT
49 'name': slice['name'],
50 'slice_id': slice['slice_id'],
51 'expires': slice['expires'],
57 def get_sfa_peer(self, xrn):
58 hrn, type = urn_to_hrn(xrn)
60 # return the authority for this hrn or None if we are the authority
62 slice_authority = get_authority(hrn)
63 site_authority = get_authority(slice_authority)
65 if site_authority != self.driver.hrn:
66 sfa_peer = site_authority
71 def verify_slice_nodes(self, slice, requested_slivers):
72 if 'node_ids' not in slice.keys():
74 nodes = self.driver.shell.GetNodes({'node_ids': slice['node_ids']})
75 current_slivers = [node['node_id'] for node in nodes]
77 # remove nodes not in rspec
78 deleted_nodes = list(set(current_slivers).difference(requested_slivers))
80 # add nodes from rspec
81 added_nodes = list(set(requested_slivers).difference(current_slivers))
84 self.driver.shell.AddSliceToNodes({'slice_id': slice['slice_id'], 'node_ids': added_nodes})
85 self.driver.shell.DeleteSliceFromNodes({'slice_id': slice['slice_id'], 'node_ids': deleted_nodes})
88 logger.log_exc('Failed to add/remove slice from nodes')
93 def verify_slice(self, slice_hrn, slice_record, sfa_peer, options={}):
94 slicename = hrn_to_dummy_slicename(slice_hrn)
95 parts = slicename.split("_")
97 slices = self.driver.shell.GetSlices({'slice_name': slicename})
99 slice = {'slice_name': slicename}
101 slice['slice_id'] = self.driver.shell.AddSlice(slice)
102 slice['node_ids'] = []
103 slice['user_ids'] = []
106 if slice_record.get('expires'):
107 requested_expires = int(datetime_to_epoch(utcparse(slice_record['expires'])))
108 if requested_expires and slice['expires'] != requested_expires:
109 self.driver.shell.UpdateSlice( {'slice_id': slice['slice_id'], 'fields':{'expires' : requested_expires}})
113 def verify_users(self, slice_hrn, slice_record, users, sfa_peer, options={}):
118 user['urn'] = user['urn'].lower()
119 hrn, type = urn_to_hrn(user['urn'])
120 username = get_leaf(hrn)
121 login_base = DummyXrn(xrn=user['urn']).dummy_login_base()
122 user['username'] = username
123 user['site'] = login_base
126 user['email'] = user['email'].lower()
127 users_by_email[user['email']] = user
128 users_dict[user['email']] = user
130 users_by_site[user['site']].append(user)
132 # start building a list of existing users
133 existing_user_ids = []
134 existing_user_ids_filter = []
136 existing_user_ids_filter.extend(users_by_email.keys())
138 for login_base in users_by_site:
139 users = users_by_site[login_base]
141 existing_user_ids_filter.append(user['username']+'@geni.net')
142 if existing_user_ids_filter:
143 # get existing users by email
144 existing_users = self.driver.shell.GetPersons({'email': existing_user_ids_filter},
145 ['person_id', 'key_ids', 'email'])
146 existing_user_ids.extend([user['email'] for user in existing_users])
149 # get a list of user sites (based on requeste user urns
150 site_list = self.driver.shell.GetSites(users_by_site.keys(), \
151 ['site_id', 'login_base', 'person_ids'])
152 # get all existing users at these sites
155 for site in site_list:
156 sites[site['site_id']] = site
157 site_user_ids.extend(site['person_ids'])
159 existing_site_persons_list = self.driver.shell.GetPersons(site_user_ids,
160 ['person_id', 'key_ids', 'email', 'site_ids'])
162 # all requested users are either existing users or new (added) users
163 for login_base in users_by_site:
164 requested_site_users = users_by_site[login_base]
165 for requested_user in requested_site_users:
167 for existing_user in existing_site_persons_list:
168 for site_id in existing_user['site_ids']:
170 site = sites[site_id]
171 if login_base == site['login_base'] and \
172 existing_user['email'].startswith(requested_user['username']+'@'):
173 existing_user_ids.append(existing_user['email'])
174 requested_user['email'] = existing_user['email']
175 users_dict[existing_user['email']] = requested_user
181 if user_found == False:
182 fake_email = requested_user['username'] + '@geni.net'
183 requested_user['email'] = fake_email
184 users_dict[fake_email] = requested_user
186 # requested slice users
187 requested_user_ids = users_dict.keys()
188 # existing slice users
189 existing_slice_users_filter = {'person_id': slice_record.get('person_ids', [])}
190 existing_slice_users = self.driver.shell.GetPersons(existing_slice_users_filter,
191 ['person_id', 'key_ids', 'email'])
192 existing_slice_user_ids = [user['email'] for user in existing_slice_users]
194 # users to be added, removed or updated
195 added_user_ids = set(requested_user_ids).difference(existing_user_ids)
196 added_slice_user_ids = set(requested_user_ids).difference(existing_slice_user_ids)
197 removed_user_ids = set(existing_slice_user_ids).difference(requested_user_ids)
198 updated_user_ids = set(existing_slice_user_ids).intersection(requested_user_ids)
200 # Remove stale users (only if we are not appending).
202 append = options.get('append', True)
204 for removed_user_id in removed_user_ids:
205 self.driver.shell.DeletePersonFromSlice(removed_user_id, slice_record['name'])
206 # update_existing users
207 updated_users_list = [user for user in users_dict.values() if user['email'] in \
209 self.verify_keys(existing_slice_users, updated_users_list, options)
213 for added_user_id in added_user_ids:
214 added_user = users_dict[added_user_id]
215 hrn, type = urn_to_hrn(added_user['urn'])
217 'first_name': added_user.get('first_name', hrn),
218 'last_name': added_user.get('last_name', hrn),
219 'email': added_user_id,
220 'peer_person_id': None,
222 'key_ids': added_user.get('key_ids', []),
224 person['person_id'] = self.driver.shell.AddPerson(person)
225 added_persons.append(person)
228 self.driver.shell.UpdatePerson(person['person_id'], {'enabled': True})
231 self.driver.shell.AddPersonToSite(added_user_id, added_user['site'])
233 for key_string in added_user.get('keys', []):
234 key = {'key':key_string, 'key_type':'ssh'}
235 key['key_id'] = self.driver.shell.AddPersonKey(person['person_id'], key)
236 person['keys'].append(key)
238 # add the registry record
240 # peer_dict = {'type': 'user', 'hrn': hrn, 'peer_authority': sfa_peer, \
241 # 'pointer': person['person_id']}
242 # self.registry.register_peer_object(self.credential, peer_dict)
244 for added_slice_user_id in added_slice_user_ids.union(added_user_ids):
245 # add person to the slice
246 self.driver.shell.AddPersonToSlice(added_slice_user_id, slice_record['name'])
247 # if this is a peer record then it should already be bound to a peer.
248 # no need to return worry about it getting bound later
253 def verify_keys(self, old_users, new_users, options={}):
256 for user in old_users:
257 existing_keys.append(user['keys'])
259 for user in old_users:
260 userdict[user['email']] = user
265 for user in new_users:
266 user_keys = user.get('keys', [])
267 updated_users.append(user)
268 for key_string in user_keys:
269 requested_keys.append(key_string)
270 if key_string not in existing_keys:
273 self.driver.shell.AddUserKey({'user_id': user['user_id'], 'key':key})
277 # remove old keys (only if we are not appending)
278 append = options.get('append', True)
280 removed_keys = set(existing_keys).difference(requested_keys)
281 for key in removed_keys:
283 self.driver.shell.DeleteKey({'key': key})