sfa/importer/__init__.py

   1 #!/usr/bin/python
   2
   3 import sys
   4
   5 from sfa.util.xrn import get_authority, hrn_to_urn
   6 from sfa.util.plxrn import email_to_hrn
   7 from sfa.generic import Generic
   8 from sfa.util.config import Config
   9 from sfa.util.sfalogging import _SfaLogger
  10 from sfa.trust.hierarchy import Hierarchy
  11 from sfa.trust.trustedroots import TrustedRoots
  12 from sfa.trust.gid import create_uuid
  13 from sfa.storage.alchemy import dbsession
  14 from sfa.storage.model import RegRecord, RegAuthority, RegUser
  15 from sfa.trust.certificate import convert_public_key, Keypair
  16
  17
  18 class Importer:
  19     def __init__(self):
  20         self.config = Config()
  21         self.logger = _SfaLogger(logfile='/var/log/sfa_import.log', loggername='importlog')
  22         self.logger.setLevelFromOptVerbose(self.config.SFA_API_LOGLEVEL)
  23         self.auth_hierarchy = Hierarchy ()
  24         self.TrustedRoots = TrustedRoots(self.config.get_trustedroots_dir())
  25
  26     # check before creating a RegRecord entry as we run this over and over
  27     def record_exists (self, type, hrn):
  28        return dbsession.query(RegRecord).filter_by(hrn=hrn,type=type).count()!=0
  29
  30     def create_top_level_auth_records(self, hrn):
  31         """
  32         Create top level db records (includes root and sub authorities (local/remote)
  33         """
  34         # make sure parent exists
  35         parent_hrn = get_authority(hrn)
  36         if not parent_hrn:
  37             parent_hrn = hrn
  38         if not parent_hrn == hrn:
  39             self.create_top_level_auth_records(parent_hrn)
  40
  41         # ensure key and cert exists:
  42         self.auth_hierarchy.create_top_level_auth(hrn)
  43         # create the db record if it doesnt already exist
  44         if not self.record_exists ('authority',hrn):
  45             auth_info = self.auth_hierarchy.get_auth_info(hrn)
  46             auth_record = RegAuthority(hrn=hrn, gid=auth_info.get_gid_object(),
  47                                        authority=get_authority(hrn))
  48             auth_record.just_created()
  49             dbsession.add (auth_record)
  50             dbsession.commit()
  51             self.logger.info("SfaImporter: imported authority (parent) %s " % auth_record)
  52
  53
  54     def create_sm_client_record(self):
  55         """
  56         Create a user record for the Slicemanager service.
  57         """
  58         hrn = self.interface_hrn + '.slicemanager'
  59         urn = hrn_to_urn(hrn, 'user')
  60         if not self.auth_hierarchy.auth_exists(urn):
  61             self.logger.info("SfaImporter: creating Slice Manager user")
  62             self.auth_hierarchy.create_auth(urn)
  63
  64         if self.record_exists ('user',hrn): return
  65         auth_info = self.auth_hierarchy.get_auth_info(hrn)
  66         user_record = RegUser(hrn=hrn, gid=auth_info.get_gid_object(),
  67                               authority=get_authority(hrn))
  68         user_record.just_created()
  69         dbsession.add (user_record)
  70         dbsession.commit()
  71         self.logger.info("SfaImporter: importing user (slicemanager) %s " % user_record)
  72
  73
  74     def create_interface_records(self):
  75         """
  76         Create a record for each SFA interface
  77         """
  78         # just create certs for all sfa interfaces even if they
  79         # aren't enabled
  80         auth_info = self.auth_hierarchy.get_auth_info(self.interface_hrn)
  81         pkey = auth_info.get_pkey_object()
  82         hrn=self.interface_hrn
  83         for type in  [ 'authority+sa', 'authority+am', 'authority+sm', ]:
  84             urn = hrn_to_urn(hrn, type)
  85             gid = self.auth_hierarchy.create_gid(urn, create_uuid(), pkey)
  86             # for now we have to preserve the authority+<> stuff
  87             if self.record_exists (type,hrn): continue
  88             interface_record = RegAuthority(type=type, hrn=hrn, gid=gid,
  89                                             authority=get_authority(hrn))
  90             interface_record.just_created()
  91             dbsession.add (interface_record)
  92             dbsession.commit()
  93             self.logger.info("SfaImporter: imported authority (%s) %s " % (type,interface_record))
  94
  95     def run(self, options=None):
  96         if not self.config.SFA_REGISTRY_ENABLED:
  97             self.logger.critical("Importer: need SFA_REGISTRY_ENABLED to run import")
  98
  99         # testbed-neutral : create local certificates and the like
 100         auth_hierarchy = Hierarchy ()
 101         self.create_top_level_auth_records(self.config.SFA_INTERFACE_HRN)
 102
 103         # testbed-specific
 104         testbed_importer = None
 105         generic=Generic.the_flavour()
 106         importer_class = generic.importer_class()
 107         if importer_class:
 108             self.logger.info ("Using flavour %s for importing (class %s)"%\
 109                          (generic.flavour,importer_class.__name__))
 110             testbed_importer = importer_class (auth_hierarchy, self.logger)
 111             if testbed_importer:
 112                 testbed_importer.add_options(options)
 113                 testbed_importer.run (options)
 114
 115