sfa/methods/Renew.py

   1 import datetime
   2
   3 from sfa.util.faults import InsufficientRights
   4 from sfa.util.xrn import urn_to_hrn
   5 from sfa.util.method import Method
   6 from sfa.util.sfatime import utcparse, add_datetime
   7
   8 from sfa.trust.credential import Credential
   9
  10 from sfa.storage.parameter import Parameter
  11
  12
  13 class Renew(Method):
  14     """
  15     Renews the resources in the specified slice or slivers by
  16     extending the lifetime.
  17
  18     @param urns ([string]) List of URNs of to renew
  19     @param credentials ([string]) of credentials
  20     @param expiration_time (string) requested time of expiration
  21     @param options (dict) options
  22     """
  23     interfaces = ['aggregate', 'slicemgr']
  24     accepts = [
  25         Parameter(type([str]), "Slice URN"),
  26         Parameter(type([str]), "List of credentials"),
  27         Parameter(str, "Expiration time in RFC 3339 format"),
  28         Parameter(dict, "Options"),
  29     ]
  30     returns = Parameter(bool, "Success or Failure")
  31
  32     def call(self, urns, creds, expiration_time, options):
  33
  34         # Find the valid credentials
  35         valid_creds = self.api.auth.checkCredentialsSpeaksFor(creds, 'renewsliver', urns,
  36                                                               check_sliver_callback=self.api.driver.check_sliver_credentials,
  37                                                               options=options)
  38         the_credential = Credential(cred=valid_creds[0])
  39         actual_caller_hrn = the_credential.actual_caller_hrn()
  40         self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-urns: %s\texpiration:%s\tmethod-name: %s" %
  41                              (self.api.interface, actual_caller_hrn, urns, expiration_time, self.name))
  42
  43         # extend as long as possible : take the min of requested and
  44         # now+SFA_MAX_SLICE_RENEW
  45         if options.get('geni_extend_alap'):
  46             # ignore requested time and set to max
  47             expiration_time = add_datetime(datetime.datetime.utcnow(
  48             ), days=int(self.api.config.SFA_MAX_SLICE_RENEW))
  49
  50         # Validate that the time does not go beyond the credential's expiration
  51         # time
  52         requested_expire = utcparse(expiration_time)
  53         self.api.logger.info("requested_expire = %s" % requested_expire)
  54         credential_expire = the_credential.get_expiration()
  55         self.api.logger.info("credential_expire = %s" % credential_expire)
  56         max_renew_days = int(self.api.config.SFA_MAX_SLICE_RENEW)
  57         max_expire = datetime.datetime.utcnow() + datetime.timedelta(days=max_renew_days)
  58         if requested_expire > credential_expire:
  59             # used to throw an InsufficientRights exception here, this was not
  60             # right
  61             self.api.logger.warning("Requested expiration %s, after credential expiration (%s) -> trimming to the latter/sooner" %
  62                                     (requested_expire, credential_expire))
  63             requested_expire = credential_expire
  64         if requested_expire > max_expire:
  65             # likewise
  66             self.api.logger.warning("Requested expiration %s, after maximal expiration %s days (%s) -> trimming to the latter/sooner" %
  67                                     (requested_expire, self.api.config.SFA_MAX_SLICE_RENEW, max_expire))
  68             requested_expire = max_expire
  69
  70         return self.api.manager.Renew(self.api, urns, creds, requested_expire, options)