2 # implements support for SFA records stored in db tables
4 # TODO: Use existing PLC database methods? or keep this separate?
7 from sfa.trust.gid import *
8 from sfa.util.record import *
9 from sfa.util.config import *
10 from sfa.util.filter import *
11 from sfa.trust.hierarchy import *
12 from sfa.trust.certificate import *
13 from sfa.trust.auth import *
14 from sfa.senslab.OARrestapi import *
18 def __init__(self, record_filter = None):
20 self.ldapserv=ldap.open("192.168.0.251")
21 self.senslabauth=Hierarchy()
23 self.authname=config.SFA_REGISTRY_ROOT_AUTH
24 print >>sys.stderr,"AUTHNAME : ",self.authname
25 authinfo=self.senslabauth.get_auth_info(self.authname)
28 gid=authinfo.get_gid_object()
33 def db_fields(self, obj=None):
37 def is_writable (key,value,dict):
38 # if not mentioned, assume it's writable (e.g. deleted ...)
39 if key not in dict: return True
40 # if mentioned but not linked to a Parameter object, idem
41 if not isinstance(dict[key], Parameter): return True
42 # if not marked ro, it's writable
43 if not dict[key].ro: return True
51 def remove(self, record):
54 def insert(self, record):
57 def update(self, record):
60 def quote_string(self, value):
61 return str(self.db.quote(value))
63 def quote(self, value):
64 return self.db.quote(value)
66 def ldapFind(self, record_filter = None, columns=None):
70 #first, ldap for users
72 if 'authority' in record_filter:
74 if record_filter['authority']==self.authname:
75 # which is SFA_REGISTRY_ROOT_AUTH
76 # request all records which are under our authority, ie all ldap entries
79 #which is NOT SFA_REGISTRY_ROOT_AUTH
82 if not 'hrn' in record_filter:
83 print >>sys.stderr,"find : don't know how to handle filter ",record_filter
87 h=record_filter['hrn']
88 if isinstance(h,list):
95 splited_hrn=hrn.split(".")
96 if splited_hrn[0] != "SFA_REGISTRY_ROOT_AUTH" :
97 print >>sys.stderr,"i know nothing about",hrn
106 rindex=self.ldapserv.search("ou=people,dc=senslab,dc=info",ldap.SCOPE_SUBTREE,ldapfilter, ['mail','givenName', 'sn', 'uid','sshPublicKey'])
107 ldapresponse=self.ldapserv.result(rindex,1)
108 for ldapentry in ldapresponse[1]:
109 hrn=self.authname+"."+ldapentry[1]['uid'][0]
112 RSA_KEY_STRING=ldapentry[1]['sshPublicKey'][0]
114 pkey=convert_public_key(RSA_KEY_STRING)
116 gid=self.senslabauth.create_gid("urn:publicid:IDN+"+self.authname+"+user+"+ldapentry[1]['uid'][0], uuid, pkey, CA=False)
118 parent_hrn = get_authority(hrn)
119 parent_auth_info = self.senslabauth.get_auth_info(parent_hrn)
123 # 'email': ldapentry[1]['mail'][0],
124 # 'first_name': ldapentry[1]['givenName'][0],
125 # 'last_name': ldapentry[1]['sn'][0],
127 'gid': gid.save_to_string(),
129 'authority': self.authname,
130 'peer_authority': '',
133 'date_created' : 'none',
134 'last_updated': 'none'
138 def oarFind(self, record_filter = None, columns=None):
142 if 'authority' in record_filter:
144 if record_filter['authority']== self.authname :
146 print>> sys.stderr , "ET MERDE !!!!"
149 # which is NOT senslab
152 if not 'hrn' in record_filter:
153 print >>sys.stderr,"find : don't know how to handle filter ",record_filter
157 h=record_filter['hrn']
158 if isinstance(h,list):
164 head,sep,tail=hrn.partition(".")
165 if head != self.authname :
166 print >>sys.stderr,"i know nothing about",hrn
168 node_ids.append(tail)
170 node_list = self.oar.GetNodes( node_ids)
172 for node in node_list:
173 hrn=self.authname+"."+node['hostname']
176 # 'email': ldapentry[1]['mail'][0],
177 # 'first_name': ldapentry[1]['givenName'][0],
178 # 'last_name': ldapentry[1]['sn'][0],
180 # 'gid': gid.save_to_string(),
182 'authority': self.authname,
183 'peer_authority': '',
186 'date_created' : 'none',
187 'last_updated': 'none'
192 def find(self, record_filter = None, columns=None):
193 # senslab stores its users in an ldap dictionnary
194 # and nodes in a oar scheduller database
195 # both should be interrogated.
196 print >>sys.stderr,"find : ",record_filter
197 if not isinstance(record_filter,dict):
198 print >>sys.stderr,"find : record_filter is not a dict"
199 print >>sys.stderr,record_filter.__class__
202 if 'type' in record_filter:
203 if record_filter['type'] == 'slice':
204 print >>sys.stderr,"find : don't know how to handle slices yet"
206 if record_filter['type'] == 'authority':
207 if 'hrn' in record_filter and record_filter['hrn']==self.authname:
210 print >>sys.stderr,"find which authority ?"
212 if record_filter['type'] == 'user':
213 return self.ldapFind(record_filter, columns)
214 if record_filter['type'] == 'node':
215 return self.ldapFind(record_filter, columns)
217 print >>sys.stderr,"unknown type to find : ", record_filter['type']
220 allResults = self.ldapFind(record_filter, columns)
221 allResults+= self.oarFind(record_filter, columns)
225 def findObjects(self, record_filter = None, columns=None):
227 print >>sys.stderr,"find : ",record_filter
228 # print record_filter['type']
229 # if record_filter['type'] in ['authority']:
230 # print "findObjectAuthority"
231 results = self.find(record_filter, columns)
233 for result in results:
234 if result['type'] in ['authority']:
235 result_rec_list.append(AuthorityRecord(dict=result))
236 elif result['type'] in ['node']:
237 result_rec_list.append(NodeRecord(dict=result))
238 elif result['type'] in ['slice']:
239 result_rec_list.append(SliceRecord(dict=result))
240 elif result['type'] in ['user']:
241 result_rec_list.append(UserRecord(dict=result))
243 result_rec_list.append(SfaRecord(dict=result))
245 return result_rec_list
251 def sfa_records_purge(self):
git://git.onelab.eu / sfa.git / blob