sfa/importer/__init__.py

   1 #!/usr/bin/python
   2
   3 import sys
   4
   5 from sfa.util.xrn import get_authority, hrn_to_urn
   6 from sfa.generic import Generic
   7 from sfa.util.config import Config
   8 from sfa.util.sfalogging import _SfaLogger
   9 from sfa.trust.hierarchy import Hierarchy
  10 from sfa.trust.trustedroots import TrustedRoots
  11 from sfa.trust.gid import create_uuid
  12 from sfa.storage.alchemy import dbsession
  13 from sfa.storage.model import RegRecord, RegAuthority, RegUser
  14 from sfa.trust.certificate import convert_public_key, Keypair
  15
  16
  17 class Importer:
  18     def __init__(self):
  19         self.config = Config()
  20         self.logger = _SfaLogger(logfile='/var/log/sfa_import.log', loggername='importlog')
  21         self.logger.setLevelFromOptVerbose(self.config.SFA_API_LOGLEVEL)
  22         self.auth_hierarchy = Hierarchy ()
  23         self.TrustedRoots = TrustedRoots(self.config.get_trustedroots_dir())
  24
  25     # check before creating a RegRecord entry as we run this over and over
  26     def record_exists (self, type, hrn):
  27        return dbsession.query(RegRecord).filter_by(hrn=hrn,type=type).count()!=0
  28
  29     def create_top_level_auth_records(self, hrn):
  30         """
  31         Create top level db records (includes root and sub authorities (local/remote)
  32         """
  33         # make sure parent exists
  34         parent_hrn = get_authority(hrn)
  35         if not parent_hrn:
  36             parent_hrn = hrn
  37         if not parent_hrn == hrn:
  38             self.create_top_level_auth_records(parent_hrn)
  39
  40         # ensure key and cert exists:
  41         self.auth_hierarchy.create_top_level_auth(hrn)
  42         # create the db record if it doesnt already exist
  43         if not self.record_exists ('authority',hrn):
  44             auth_info = self.auth_hierarchy.get_auth_info(hrn)
  45             auth_record = RegAuthority(hrn=hrn, gid=auth_info.get_gid_object(),
  46                                        authority=get_authority(hrn))
  47             auth_record.just_created()
  48             dbsession.add (auth_record)
  49             dbsession.commit()
  50             self.logger.info("SfaImporter: imported authority (parent) %s " % auth_record)
  51
  52
  53     def create_sm_client_record(self):
  54         """
  55         Create a user record for the Slicemanager service.
  56         """
  57         hrn = self.interface_hrn + '.slicemanager'
  58         urn = hrn_to_urn(hrn, 'user')
  59         if not self.auth_hierarchy.auth_exists(urn):
  60             self.logger.info("SfaImporter: creating Slice Manager user")
  61             self.auth_hierarchy.create_auth(urn)
  62
  63         if self.record_exists ('user',hrn): return
  64         auth_info = self.auth_hierarchy.get_auth_info(hrn)
  65         user_record = RegUser(hrn=hrn, gid=auth_info.get_gid_object(),
  66                               authority=get_authority(hrn))
  67         user_record.just_created()
  68         dbsession.add (user_record)
  69         dbsession.commit()
  70         self.logger.info("SfaImporter: importing user (slicemanager) %s " % user_record)
  71
  72
  73     def create_interface_records(self):
  74         """
  75         Create a record for each SFA interface
  76         """
  77         # just create certs for all sfa interfaces even if they
  78         # aren't enabled
  79         auth_info = self.auth_hierarchy.get_auth_info(self.config.SFA_INTERFACE_HRN)
  80         pkey = auth_info.get_pkey_object()
  81         hrn=self.config.SFA_INTERFACE_HRN
  82         for type in  [ 'authority+sa', 'authority+am', 'authority+sm', ]:
  83             urn = hrn_to_urn(hrn, type)
  84             gid = self.auth_hierarchy.create_gid(urn, create_uuid(), pkey)
  85             # for now we have to preserve the authority+<> stuff
  86             if self.record_exists (type,hrn): continue
  87             interface_record = RegAuthority(type=type, hrn=hrn, gid=gid,
  88                                             authority=get_authority(hrn))
  89             interface_record.just_created()
  90             dbsession.add (interface_record)
  91             dbsession.commit()
  92             self.logger.info("SfaImporter: imported authority (%s) %s " % (type,interface_record))
  93
  94     def run(self, options=None):
  95         if not self.config.SFA_REGISTRY_ENABLED:
  96             self.logger.critical("Importer: need SFA_REGISTRY_ENABLED to run import")
  97
  98         # testbed-neutral : create local certificates and the like
  99         auth_hierarchy = Hierarchy ()
 100         self.create_top_level_auth_records(self.config.SFA_INTERFACE_HRN)
 101         self.create_interface_records()
 102
 103         # testbed-specific
 104         testbed_importer = None
 105         generic=Generic.the_flavour()
 106         importer_class = generic.importer_class()
 107         if importer_class:
 108             self.logger.info ("Using flavour %s for importing (class %s)"%\
 109                          (generic.flavour,importer_class.__name__))
 110             testbed_importer = importer_class (auth_hierarchy, self.logger)
 111             if testbed_importer:
 112                 testbed_importer.add_options(options)
 113                 testbed_importer.run (options)
 114
 115