4 from sfa.trust.certificate import Keypair, convert_public_key
5 from sfa.trust.gid import *
7 from sfa.util.faults import *
8 from sfa.util.misc import *
9 from sfa.util.method import Method
10 from sfa.util.parameter import Parameter, Mixed
11 from sfa.util.record import GeniRecord
12 from sfa.util.genitable import GeniTable
13 from sfa.util.debug import log
14 from sfa.trust.auth import Auth
15 from sfa.trust.gid import create_uuid
16 from sfa.trust.credential import Credential
18 class register(Method):
20 Register an object with the registry. In addition to being stored in the
21 Geni database, the appropriate records will also be created in the
24 @param cred credential string
25 @param record_dict dictionary containing record fields
27 @return gid string representation
30 interfaces = ['registry']
33 Parameter(str, "Credential string"),
34 Parameter(dict, "Record dictionary containing record fields")
37 returns = Parameter(int, "String representation of gid object")
39 def call(self, cred, record_dict, origin_hrn=None):
40 user_cred = Credential(string=cred)
44 origin_hrn = user_cred.get_gid_caller().get_hrn()
45 self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, hrn, self.name))
48 self.api.auth.check(cred, "register")
50 record = GeniRecord(dict = record_dict)
51 record['authority'] = get_authority(record['hrn'])
54 self.api.auth.verify_object_permission(hrn)
55 auth_info = self.api.auth.get_auth_info(record['authority'])
57 # make sure record has a gid
58 if 'gid' not in record:
60 pkey = Keypair(create=True)
61 if 'key' in record and record['key']:
62 if isinstance(record['key'], list):
63 pub_key = record['key'][0]
65 pub_key = record['key']
66 pkey = convert_public_key(pub_key)
68 gid_object = self.api.auth.hierarchy.create_gid(hrn, uuid, pkey)
69 gid = gid_object.save_to_string(save_parents=True)
73 # check if record already exists
75 existing_records = table.find({'type': type, 'hrn': hrn})
77 raise ExistingRecord(hrn)
79 if type in ["authority"]:
81 if not self.api.auth.hierarchy.auth_exists(hrn):
82 self.api.auth.hierarchy.create_auth(hrn)
84 # authorities are special since they are managed by the registry
85 # rather than by the caller. We create our own GID for the
86 # authority rather than relying on the caller to supply one.
88 # get the GID from the newly created authority
89 gid = auth_info.get_gid_object()
90 record.set_gid(gid.save_to_string(save_parents=True))
92 pl_record = self.api.geni_fields_to_pl_fields(type, hrn, record)
93 sites = self.api.plshell.GetSites(self.api.plauth, [pl_record['login_base']])
95 pointer = self.api.plshell.AddSite(self.api.plauth, pl_record)
97 pointer = sites[0]['site_id']
99 record.set_pointer(pointer)
100 record['pointer'] = pointer
102 elif (type == "slice"):
103 acceptable_fields=['url', 'instantiation', 'name', 'description']
104 pl_record = self.api.geni_fields_to_pl_fields(type, hrn, record)
105 for key in pl_record.keys():
106 if key not in acceptable_fields:
108 slices = self.api.plshell.GetSlices(self.api.plauth, [pl_record['name']])
110 pointer = self.api.plshell.AddSlice(self.api.plauth, pl_record)
112 pointer = slices[0]['slice_id']
113 record.set_pointer(pointer)
114 record['pointer'] = pointer
116 elif (type == "user"):
117 persons = self.api.plshell.GetPersons(self.api.plauth, [record['email']])
119 pointer = self.api.plshell.AddPerson(self.api.plauth, dict(record))
121 raise ExistingRecord(record['email'])
123 if 'enabled' in record and record['enabled']:
124 self.api.plshell.UpdatePerson(self.api.plauth, pointer, {'enabled': record['enabled']})
125 # add this persons to the site only if he is being added for the first
126 # time by sfa and doesont already exist in plc
127 if not persons or not persons[0]['site_ids']:
128 login_base = get_leaf(record['authority'])
129 self.api.plshell.AddPersonToSite(self.api.plauth, pointer, login_base)
131 # What roles should this user have?
132 self.api.plshell.AddRoleToPerson(self.api.plauth, 'user', pointer)
133 record.set_pointer(pointer)
134 record['pointer'] = pointer
137 self.api.plshell.AddPersonKey(self.api.plauth, pointer, {'key_type' : 'ssh', 'key' : pub_key})
139 elif (type == "node"):
140 pl_record = self.api.geni_fields_to_pl_fields(type, hrn, record)
141 login_base = hrn_to_pl_login_base(record['authority'])
142 nodes = self.api.plshell.GetNodes(self.api.plauth, [pl_record['hostname']])
144 pointer = self.api.plshell.AddNode(self.api.plauth, login_base, pl_record)
146 pointer = nodes[0]['node_id']
147 record['pointer'] = pointer
148 record.set_pointer(pointer)
151 raise UnknownGeniType(type)
153 record_id = table.insert(record)
154 record['record_id'] = record_id
156 # update membership for researchers, pis, owners, operators
157 self.api.update_membership(None, record)
159 return record.get_gid_object().save_to_string(save_parents=True)