sfa/methods/register.py

   1 ### $Id$
   2 ### $URL$
   3
   4 from sfa.trust.certificate import Keypair, convert_public_key
   5 from sfa.trust.gid import *
   6
   7 from sfa.util.faults import *
   8 from sfa.util.misc import *
   9 from sfa.util.method import Method
  10 from sfa.util.parameter import Parameter, Mixed
  11 from sfa.util.auth import Auth
  12 from sfa.util.record import GeniRecord
  13 from sfa.util.debug import log
  14
  15 class register(Method):
  16     """
  17     Register an object with the registry. In addition to being stored in the
  18     Geni database, the appropriate records will also be created in the
  19     PLC databases
  20
  21     @param cred credential string
  22     @param record_dict dictionary containing record fields
  23
  24     @return gid string representation
  25     """
  26
  27     interfaces = ['registry']
  28
  29     accepts = [
  30         Parameter(str, "Credential string"),
  31         Parameter(dict, "Record dictionary containing record fields")
  32         ]
  33
  34     returns = Parameter(int, "String representation of gid object")
  35
  36     def call(self, cred, record_dict):
  37         self.api.auth.check(cred, "register")
  38         record = GeniRecord(dict = record_dict)
  39         type = record.get_type()
  40         name = record.get_name()
  41         self.api.auth.verify_object_permission(name)
  42         auth_name = self.api.auth.get_authority(name)
  43         auth_info = self.api.auth.get_auth_info(auth_name)
  44         table = self.api.auth.get_auth_table(auth_name)
  45
  46         # make sure record has a gid
  47         if 'gid' not in record:
  48             uuid = create_uuid()
  49             pkey = Keypair(create=True)
  50             if 'keys' in record and record['keys']:
  51                 pkey = convert_public_key(record['keys'][0])
  52
  53             gid_object = self.api.auth.hierarchy.create_gid(name, uuid, pkey)
  54             gid = gid_object.save_to_string(save_parents=True)
  55             record['gid'] = gid
  56             record.set_gid(gid)
  57
  58         # check if record already exists
  59         existing_records = table.resolve(type, name)
  60         if existing_records:
  61             raise ExistingRecord(name)
  62
  63         if (type == "sa") or (type=="ma"):
  64             # update the tree
  65             if not self.api.auth.hierarchy.auth_exists(name):
  66                 self.api.auth.hierarchy.create_auth(name)
  67
  68             # authorities are special since they are managed by the registry
  69             # rather than by the caller. We create our own GID for the
  70             # authority rather than relying on the caller to supply one.
  71
  72             # get the GID from the newly created authority
  73             child_auth_info = self.api.auth.get_auth_info(name)
  74             gid = auth_info.get_gid_object()
  75             record.set_gid(gid.save_to_string(save_parents=True))
  76
  77             # if registering a sa, see if a ma already exists
  78             # if registering a ma, see if a sa already exists
  79             if (type == "sa"):
  80                 other_rec = table.resolve("ma", record.get_name())
  81             elif (type == "ma"):
  82                 other_rec = table.resolve("sa", record.get_name())
  83
  84             if other_rec:
  85                 print >> log, "linking ma and sa to the same plc site"
  86                 pointer = other_rec[0].get_pointer()
  87             else:
  88                 pl_record = self.api.geni_fields_to_pl_fields(type, name, record)
  89                 print >> log, "adding site with fields", pl_record
  90                 pointer = self.api.plshell.AddSite(self.api.plauth, pl_record)
  91
  92             record.set_pointer(pointer)
  93
  94         elif (type == "slice"):
  95             pl_record = self.api.geni_fields_to_pl_fields(type, name, record)
  96             pointer = self.api.plshell.AddSlice(self.api.plauth, pl_record)
  97             record.set_pointer(pointer)
  98
  99         elif (type == "user"):
 100             pointer = self.api.plshell.AddPerson(self.api.plauth, dict(record))
 101             if 'enabled' in record and record['enabled']:
 102                 self.api.plshell.UpdatePerson(self.api.plauth, pointer, {'enabled': record['enabled']})
 103             login_base = get_leaf(auth_info.hrn)
 104             self.api.plshell.AddPersonToSite(self.api.plauth, pointer, login_base)
 105             # What roles should this user have?
 106             self.api.plshell.AddRoleToPerson(self.api.plauth, 'user', pointer)
 107             record.set_pointer(pointer)
 108
 109             # Add the user's key
 110             if record['keys']:
 111                 self.api.plshell.AddPersonKey(self.api.plauth, pointer, {'key_type' : 'ssh', 'key' : record['keys'][0]})
 112
 113         elif (type == "node"):
 114             pl_record = self.api.geni_fields_to_pl_fields(type, name, record)
 115             login_base = hrn_to_pl_login_base(auth_name)
 116             pointer = self.api.plshell.AddNode(self.api.plauth, login_base, pl_record)
 117             record.set_pointer(pointer)
 118
 119         else:
 120             raise UnknownGeniType(type)
 121
 122         table.insert(record)
 123
 124         # update membership for researchers, pis, owners, operators
 125         self.api.update_membership(None, record)
 126
 127         return record.get_gid_object().save_to_string(save_parents=True)