4 from sfa.trust.certificate import Keypair, convert_public_key
5 from sfa.trust.gid import *
7 from sfa.util.faults import *
8 from sfa.util.misc import *
9 from sfa.util.method import Method
10 from sfa.util.parameter import Parameter, Mixed
11 from sfa.util.record import GeniRecord
12 from sfa.util.genitable import GeniTable
13 from sfa.util.debug import log
14 from sfa.trust.auth import Auth
15 from sfa.trust.gid import create_uuid
16 from sfa.trust.credential import Credential
18 class register(Method):
20 Register an object with the registry. In addition to being stored in the
21 Geni database, the appropriate records will also be created in the
24 @param cred credential string
25 @param record_dict dictionary containing record fields
27 @return gid string representation
30 interfaces = ['registry']
33 Parameter(str, "Credential string"),
34 Parameter(dict, "Record dictionary containing record fields")
37 returns = Parameter(int, "String representation of gid object")
39 def call(self, cred, record_dict, caller_cred=None):
40 self.api.auth.check(cred, "register")
45 self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, Credential(string=caller_cred).get_gid_caller().get_hrn(), None, self.name))
46 record = GeniRecord(dict = record_dict)
50 auth_name = get_authority(hrn)
51 self.api.auth.verify_object_permission(hrn)
52 auth_info = self.api.auth.get_auth_info(auth_name)
54 # make sure record has a gid
55 if 'gid' not in record:
57 pkey = Keypair(create=True)
58 if 'key' in record and record['key']:
59 if isinstance(record['key'], list):
60 pub_key = record['key'][0]
62 pub_key = record['key']
63 pkey = convert_public_key(pub_key)
65 gid_object = self.api.auth.hierarchy.create_gid(hrn, uuid, pkey)
66 gid = gid_object.save_to_string(save_parents=True)
70 # check if record already exists
71 existing_records = table.find({'type': type, 'hrn': hrn})
73 raise ExistingRecord(hrn)
75 if type in ["authority"]:
77 if not self.api.auth.hierarchy.auth_exists(hrn):
78 self.api.auth.hierarchy.create_auth(hrn)
80 # authorities are special since they are managed by the registry
81 # rather than by the caller. We create our own GID for the
82 # authority rather than relying on the caller to supply one.
84 # get the GID from the newly created authority
85 gid = auth_info.get_gid_object()
86 record.set_gid(gid.save_to_string(save_parents=True))
88 pl_record = self.api.geni_fields_to_pl_fields(type, hrn, record)
89 sites = self.api.plshell.GetSites(self.api.plauth, [pl_record['login_base']])
91 pointer = self.api.plshell.AddSite(self.api.plauth, pl_record)
93 pointer = sites[0]['site_id']
95 record.set_pointer(pointer)
97 elif (type == "slice"):
98 pl_record = self.api.geni_fields_to_pl_fields(type, hrn, record)
99 slices = self.api.plshell.GetSlices(self.api.plauth, [pl_record['name']])
101 pointer = self.api.plshell.AddSlice(self.api.plauth, pl_record)
103 pointer = slices[0]['slice_id']
104 record.set_pointer(pointer)
106 elif (type == "user"):
107 persons = self.api.plshell.GetPersons(self.api.plauth, [record['email']])
109 pointer = self.api.plshell.AddPerson(self.api.plauth, dict(record))
111 pointer = persons[0]['person_id']
113 if 'enabled' in record and record['enabled']:
114 self.api.plshell.UpdatePerson(self.api.plauth, pointer, {'enabled': record['enabled']})
115 login_base = get_leaf(auth_name)
116 self.api.plshell.AddPersonToSite(self.api.plauth, pointer, login_base)
117 # What roles should this user have?
118 self.api.plshell.AddRoleToPerson(self.api.plauth, 'user', pointer)
119 record.set_pointer(pointer)
123 self.api.plshell.AddPersonKey(self.api.plauth, pointer, {'key_type' : 'ssh', 'key' : pub_key})
125 elif (type == "node"):
126 pl_record = self.api.geni_fields_to_pl_fields(type, hrn, record)
127 login_base = hrn_to_pl_login_base(auth_name)
128 nodes = self.api.plshell.GetNodes(self.api.plauth, [pl_record['hostname']])
130 pointer = self.api.plshell.AddNode(self.api.plauth, login_base, pl_record)
132 pointer = nodes[0]['node_id']
133 record.set_pointer(pointer)
136 raise UnknownGeniType(type)
138 # SFA upcalls may exist in PLCAPI and they could have already added the
139 # record for us. Lets check if the record already exists
140 existing_records = table.find({'type': type, 'hrn': hrn})
141 if not existing_records:
144 # update membership for researchers, pis, owners, operators
145 self.api.update_membership(None, record)
147 return record.get_gid_object().save_to_string(save_parents=True)