sfa/methods/register.py

   1 ### $Id$
   2 ### $URL$
   3
   4 from sfa.trust.certificate import Keypair, convert_public_key
   5 from sfa.trust.gid import *
   6
   7 from sfa.util.faults import *
   8 from sfa.util.misc import *
   9 from sfa.util.method import Method
  10 from sfa.util.parameter import Parameter, Mixed
  11 from sfa.util.record import GeniRecord
  12 from sfa.util.debug import log
  13
  14 from sfa.trust.auth import Auth
  15 from sfa.trust.gid import create_uuid
  16
  17 class register(Method):
  18     """
  19     Register an object with the registry. In addition to being stored in the
  20     Geni database, the appropriate records will also be created in the
  21     PLC databases
  22
  23     @param cred credential string
  24     @param record_dict dictionary containing record fields
  25
  26     @return gid string representation
  27     """
  28
  29     interfaces = ['registry']
  30
  31     accepts = [
  32         Parameter(str, "Credential string"),
  33         Parameter(dict, "Record dictionary containing record fields")
  34         ]
  35
  36     returns = Parameter(int, "String representation of gid object")
  37
  38     def call(self, cred, record_dict):
  39         self.api.auth.check(cred, "register")
  40         record = GeniRecord(dict = record_dict)
  41         type = record.get_type()
  42         name = record.get_name()
  43         self.api.auth.verify_object_permission(name)
  44         auth_name = self.api.auth.get_authority(name)
  45         auth_info = self.api.auth.get_auth_info(auth_name)
  46         table = self.api.auth.get_auth_table(auth_name)
  47
  48         # make sure record has a gid
  49         if 'gid' not in record:
  50             uuid = create_uuid()
  51             pkey = Keypair(create=True)
  52             if 'keys' in record and record['keys']:
  53                 pkey = convert_public_key(record['keys'][0])
  54
  55             gid_object = self.api.auth.hierarchy.create_gid(name, uuid, pkey)
  56             gid = gid_object.save_to_string(save_parents=True)
  57             record['gid'] = gid
  58             record.set_gid(gid)
  59
  60         # check if record already exists
  61         existing_records = table.resolve(type, name)
  62         if existing_records:
  63             raise ExistingRecord(name)
  64
  65         if (type == "sa") or (type=="ma"):
  66             # update the tree
  67             if not self.api.auth.hierarchy.auth_exists(name):
  68                 self.api.auth.hierarchy.create_auth(name)
  69
  70             # authorities are special since they are managed by the registry
  71             # rather than by the caller. We create our own GID for the
  72             # authority rather than relying on the caller to supply one.
  73
  74             # get the GID from the newly created authority
  75             child_auth_info = self.api.auth.get_auth_info(name)
  76             gid = auth_info.get_gid_object()
  77             record.set_gid(gid.save_to_string(save_parents=True))
  78
  79             # if registering a sa, see if a ma already exists
  80             # if registering a ma, see if a sa already exists
  81             if (type == "sa"):
  82                 other_rec = table.resolve("ma", record.get_name())
  83             elif (type == "ma"):
  84                 other_rec = table.resolve("sa", record.get_name())
  85
  86             if other_rec:
  87                 print >> log, "linking ma and sa to the same plc site"
  88                 pointer = other_rec[0].get_pointer()
  89             else:
  90                 pl_record = self.api.geni_fields_to_pl_fields(type, name, record)
  91                 print >> log, "adding site with fields", pl_record
  92                 pointer = self.api.plshell.AddSite(self.api.plauth, pl_record)
  93
  94             record.set_pointer(pointer)
  95
  96         elif (type == "slice"):
  97             pl_record = self.api.geni_fields_to_pl_fields(type, name, record)
  98             pointer = self.api.plshell.AddSlice(self.api.plauth, pl_record)
  99             record.set_pointer(pointer)
 100
 101         elif (type == "user"):
 102             pointer = self.api.plshell.AddPerson(self.api.plauth, dict(record))
 103             if 'enabled' in record and record['enabled']:
 104                 self.api.plshell.UpdatePerson(self.api.plauth, pointer, {'enabled': record['enabled']})
 105             login_base = get_leaf(auth_info.hrn)
 106             self.api.plshell.AddPersonToSite(self.api.plauth, pointer, login_base)
 107             # What roles should this user have?
 108             self.api.plshell.AddRoleToPerson(self.api.plauth, 'user', pointer)
 109             record.set_pointer(pointer)
 110
 111             # Add the user's key
 112             if record['keys']:
 113                 self.api.plshell.AddPersonKey(self.api.plauth, pointer, {'key_type' : 'ssh', 'key' : record['keys'][0]})
 114
 115         elif (type == "node"):
 116             pl_record = self.api.geni_fields_to_pl_fields(type, name, record)
 117             login_base = hrn_to_pl_login_base(auth_name)
 118             pointer = self.api.plshell.AddNode(self.api.plauth, login_base, pl_record)
 119             record.set_pointer(pointer)
 120
 121         else:
 122             raise UnknownGeniType(type)
 123
 124         table.insert(record)
 125
 126         # update membership for researchers, pis, owners, operators
 127         self.api.update_membership(None, record)
 128
 129         return record.get_gid_object().save_to_string(save_parents=True)