sfa/importer/__init__.py

   1 #!/usr/bin/python
   2
   3 import sys
   4
   5 from sfa.util.xrn import get_authority, hrn_to_urn
   6 from sfa.generic import Generic
   7 from sfa.util.config import Config
   8 from sfa.util.sfalogging import _SfaLogger
   9 from sfa.trust.hierarchy import Hierarchy
  10 #from sfa.trust.trustedroots import TrustedRoots
  11 from sfa.trust.gid import create_uuid
  12 from sfa.storage.alchemy import dbsession
  13 from sfa.storage.model import RegRecord, RegAuthority, RegUser
  14 from sfa.trust.certificate import convert_public_key, Keypair
  15
  16
  17 class Importer:
  18
  19     def __init__(self,auth_hierarchy=None,logger=None):
  20         self.config = Config()
  21         if auth_hierarchy is not None:
  22             self.auth_hierarchy=auth_hierarchy
  23         else:
  24             self.auth_hierarchy = Hierarchy ()
  25         if logger is not None:
  26             self.logger=logger
  27         else:
  28             self.logger = _SfaLogger(logfile='/var/log/sfa_import.log', loggername='importlog')
  29             self.logger.setLevelFromOptVerbose(self.config.SFA_API_LOGLEVEL)
  30 #        self.TrustedRoots = TrustedRoots(self.config.get_trustedroots_dir())
  31
  32     # check before creating a RegRecord entry as we run this over and over
  33     def record_exists (self, type, hrn):
  34        return dbsession.query(RegRecord).filter_by(hrn=hrn,type=type).count()!=0
  35
  36     def create_top_level_auth_records(self, hrn):
  37         """
  38         Create top level db records (includes root and sub authorities (local/remote)
  39         """
  40         # make sure parent exists
  41         parent_hrn = get_authority(hrn)
  42         if not parent_hrn:
  43             parent_hrn = hrn
  44         if not parent_hrn == hrn:
  45             self.create_top_level_auth_records(parent_hrn)
  46
  47         # ensure key and cert exists:
  48         self.auth_hierarchy.create_top_level_auth(hrn)
  49         # create the db record if it doesnt already exist
  50         if not self.record_exists ('authority',hrn):
  51             auth_info = self.auth_hierarchy.get_auth_info(hrn)
  52             auth_record = RegAuthority(hrn=hrn, gid=auth_info.get_gid_object(),
  53                                        authority=get_authority(hrn))
  54             auth_record.just_created()
  55             dbsession.add (auth_record)
  56             dbsession.commit()
  57             self.logger.info("SfaImporter: imported authority (parent) %s " % auth_record)
  58
  59
  60     def create_sm_client_record(self):
  61         """
  62         Create a user record for the Slicemanager service.
  63         """
  64         hrn = self.interface_hrn + '.slicemanager'
  65         urn = hrn_to_urn(hrn, 'user')
  66         if not self.auth_hierarchy.auth_exists(urn):
  67             self.logger.info("SfaImporter: creating Slice Manager user")
  68             self.auth_hierarchy.create_auth(urn)
  69
  70         if self.record_exists ('user',hrn): return
  71         auth_info = self.auth_hierarchy.get_auth_info(hrn)
  72         user_record = RegUser(hrn=hrn, gid=auth_info.get_gid_object(),
  73                               authority=get_authority(hrn))
  74         user_record.just_created()
  75         dbsession.add (user_record)
  76         dbsession.commit()
  77         self.logger.info("SfaImporter: importing user (slicemanager) %s " % user_record)
  78
  79
  80     def create_interface_records(self):
  81         """
  82         Create a record for each SFA interface
  83         """
  84         # just create certs for all sfa interfaces even if they
  85         # aren't enabled
  86         auth_info = self.auth_hierarchy.get_auth_info(self.config.SFA_INTERFACE_HRN)
  87         pkey = auth_info.get_pkey_object()
  88         hrn=self.config.SFA_INTERFACE_HRN
  89         for type in  [ 'authority+sa', 'authority+am', 'authority+sm', ]:
  90             urn = hrn_to_urn(hrn, type)
  91             gid = self.auth_hierarchy.create_gid(urn, create_uuid(), pkey)
  92             # for now we have to preserve the authority+<> stuff
  93             if self.record_exists (type,hrn): continue
  94             interface_record = RegAuthority(type=type, hrn=hrn, gid=gid,
  95                                             authority=get_authority(hrn))
  96             interface_record.just_created()
  97             dbsession.add (interface_record)
  98             dbsession.commit()
  99             self.logger.info("SfaImporter: imported authority (%s) %s " % (type,interface_record))
 100
 101     def run(self, options=None):
 102         if not self.config.SFA_REGISTRY_ENABLED:
 103             self.logger.critical("Importer: need SFA_REGISTRY_ENABLED to run import")
 104
 105         # testbed-neutral : create local certificates and the like
 106         auth_hierarchy = Hierarchy ()
 107         self.create_top_level_auth_records(self.config.SFA_INTERFACE_HRN)
 108         self.create_interface_records()
 109
 110         # testbed-specific
 111         testbed_importer = None
 112         generic=Generic.the_flavour()
 113         importer_class = generic.importer_class()
 114         if importer_class:
 115             self.logger.info ("Using flavour %s for importing (class %s)"%\
 116                          (generic.flavour,importer_class.__name__))
 117             testbed_importer = importer_class (auth_hierarchy, self.logger)
 118             if testbed_importer:
 119                 testbed_importer.add_options(options)
 120                 testbed_importer.run (options)