3 from sfa.util.config import Config
4 from sfa.util.xrn import Xrn, get_leaf, get_authority, hrn_to_urn
5 from sfa.trust.gid import create_uuid
6 from sfa.trust.certificate import convert_public_key, Keypair
7 from sfa.storage.alchemy import dbsession
8 from sfa.storage.model import RegRecord, RegAuthority, RegUser, RegSlice, RegNode
9 from sfa.openstack.osxrn import OSXrn
10 from sfa.openstack.shell import Shell
12 def load_keys(filename):
16 execfile(filename, tmp_dict)
17 if 'keys' in tmp_dict:
18 keys = tmp_dict['keys']
23 def save_keys(filename, keys):
24 f = open(filename, 'w')
25 f.write("keys = %s" % str(keys))
28 class OpenstackImporter:
30 def __init__ (self, auth_hierarchy, logger):
31 self.auth_hierarchy = auth_hierarchy
34 def add_options (self, parser):
35 self.logger.debug ("OpenstackImporter: no options yet")
38 def run (self, options):
39 # we don't have any options for now
40 self.logger.info ("OpenstackImporter.run : to do")
43 interface_hrn = config.SFA_INTERFACE_HRN
44 root_auth = config.SFA_REGISTRY_ROOT_AUTH
45 shell = Shell (config)
47 # create dict of all existing sfa records
51 for record in dbsession.query(RegRecord):
52 existing_records[ (record.hrn, record.type,) ] = record
53 existing_hrns.append(record.hrn)
56 users = shell.auth_manager.users.list()
58 keys_filename = config.config_path + os.sep + 'person_keys.py'
59 old_user_keys = load_keys(keys_filename)
62 auth_hrn = config.SFA_INTERFACE_HRN
63 if user.tenantId is not None:
64 tenant = shell.auth_manager.tenants.find(id=user.tenantId)
65 auth_hrn = OSXrn(name=tenant.name, auth=config.SFA_INTERFACE_HRN, type='authority').get_hrn()
66 hrn = OSXrn(name=user.name, auth=auth_hrn, type='user').get_hrn()
67 users_dict[hrn] = user
68 old_keys = old_user_keys.get(hrn, [])
69 keys = [k.public_key for k in shell.nova_manager.keypairs.findall(name=hrn)]
74 if hrn not in existing_hrns or \
75 (hrn, 'user') not in existing_records or update_record:
76 urn = OSXrn(xrn=hrn, type='user').get_urn()
80 pkey = convert_public_key(keys[0])
82 self.logger.log_exc('unable to convert public key for %s' % hrn)
83 pkey = Keypair(create=True)
85 self.logger.warn("OpenstackImporter: person %s does not have a PL public key"%hrn)
86 pkey = Keypair(create=True)
87 user_gid = self.auth_hierarchy.create_gid(urn, create_uuid(), pkey)
88 user_record = RegUser ()
89 user_record.type='user'
91 user_record.gid=user_gid
92 user_record.authority=get_authority(hrn)
93 dbsession.add(user_record)
95 self.logger.info("OpenstackImporter: imported person %s" % user_record)
98 # A tenant can represent an organizational group (site) or a
99 # slice. If a tenant's authorty/parent matches the root authority it is
100 # considered a group/site. All other tenants are considered slices.
101 tenants = shell.auth_manager.tenants.list()
103 for tenant in tenants:
104 hrn = config.SFA_INTERFACE_HRN + '.' + tenant.name
105 tenants_dict[hrn] = tenant
106 authority_hrn = OSXrn(xrn=hrn, type='authority').get_authority_hrn()
108 if hrn in existing_hrns:
111 if authority_hrn == config.SFA_INTERFACE_HRN:
113 record = RegAuthority()
114 urn = OSXrn(xrn=hrn, type='authority').get_urn()
115 if not self.auth_hierarchy.auth_exists(urn):
116 self.auth_hierarchy.create_auth(urn)
117 auth_info = self.auth_hierarchy.get_auth_info(urn)
118 gid = auth_info.get_gid_object()
119 record.type='authority'
122 record.authority=get_authority(hrn)
123 dbsession.add(record)
125 self.logger.info("OpenstackImporter: imported authority: %s" % record)
129 urn = OSXrn(xrn=hrn, type='slice').get_urn()
130 pkey = Keypair(create=True)
131 gid = self.auth_hierarchy.create_gid(urn, create_uuid(), pkey)
135 record.authority=get_authority(hrn)
136 dbsession.add(record)
138 self.logger.info("OpenstackImporter: imported slice: %s" % record)
140 # remove stale records
141 system_records = [interface_hrn, root_auth, interface_hrn + '.slicemanager']
142 for (record_hrn, type) in existing_records.keys():
143 if record_hrn in system_records:
146 record = existing_records[(record_hrn, type)]
147 if record.peer_authority:
151 if record_hrn in users_dict:
153 elif type == 'slice':
154 if record_hrn in tenants_dict:
159 record_object = existing_records[ (record_hrn, type) ]
160 self.logger.info("OpenstackImporter: removing %s " % record)
161 dbsession.delete(record_object)
165 self.logger.info('OpenstackImporter: saving current pub keys')
166 save_keys(keys_filename, user_keys)