more pep8-friendly
[sfa.git] / sfa / importer / openstackimporter.py
index 27d0344..7ced620 100644 (file)
@@ -2,15 +2,15 @@ import os
 
 from sfa.util.config import Config
 from sfa.util.xrn import Xrn, get_leaf, get_authority, hrn_to_urn
-from sfa.util.plxrn import hostname_to_hrn, slicename_to_hrn, email_to_hrn, hrn_to_pl_slicename
-
-from sfa.trust.gid import create_uuid    
+from sfa.trust.gid import create_uuid
 from sfa.trust.certificate import convert_public_key, Keypair
-
-from sfa.storage.alchemy import dbsession
+# using global alchemy.session() here is fine
+# as importer is on standalone one-shot process
+from sfa.storage.alchemy import global_dbsession
 from sfa.storage.model import RegRecord, RegAuthority, RegUser, RegSlice, RegNode
+from sfa.openstack.osxrn import OSXrn
+from sfa.openstack.shell import Shell
 
-from sfa.openstack.openstack_shell import OpenstackShell    
 
 def load_keys(filename):
     keys = {}
@@ -23,121 +23,170 @@ def load_keys(filename):
     except:
         return keys
 
+
 def save_keys(filename, keys):
     f = open(filename, 'w')
     f.write("keys = %s" % str(keys))
     f.close()
 
+
 class OpenstackImporter:
 
-    def __init__ (self, auth_hierarchy, logger):
+    def __init__(self, auth_hierarchy, logger):
         self.auth_hierarchy = auth_hierarchy
-        self.logger=logger
+        self.logger = logger
+        self.config = Config()
+        self.interface_hrn = self.config.SFA_INTERFACE_HRN
+        self.root_auth = self.config.SFA_REGISTRY_ROOT_AUTH
+        self.shell = Shell(self.config)
 
-    def record_options (self, parser):
-        self.logger.debug ("PlImporter no options yet")
+    def add_options(self, parser):
+        self.logger.debug("OpenstackImporter: no options yet")
         pass
 
-    def run (self, options):
-        # we don't have any options for now
-        self.logger.info ("PlImporter.run : to do")
-
-        config = Config ()
-        interface_hrn = config.SFA_INTERFACE_HRN
-        root_auth = config.SFA_REGISTRY_ROOT_AUTH
-        shell = OpenstackShell (config)
-
-        # create dict of all existing sfa records
-        existing_records = {}
-        existing_hrns = []
-        key_ids = []
-        for record in dbsession.query(RegRecord):
-            existing_records[ (record.hrn, record.type,) ] = record
-            existing_hrns.append(record.hrn) 
-            
+    def import_users(self, existing_hrns, existing_records):
         # Get all users
-        persons = shell.user_get_all()
-        persons_dict = {}
-        keys_filename = config.config_path + os.sep + 'person_keys.py' 
-        old_person_keys = load_keys(keys_filename)
-        person_keys = {} 
-        for person in persons:
-            hrn = config.SFA_INTERFACE_HRN + "." + person.id
-            persons_dict[hrn] = person
-            old_keys = old_person_keys.get(person.id, [])
-            keys = [k.public_key for k in shell.key_pair_get_all_by_user(person.id)]
-            person_keys[person.id] = keys
+        users = self.shell.auth_manager.users.list()
+        users_dict = {}
+        keys_filename = self.config.config_path + os.sep + 'person_keys.py'
+        old_user_keys = load_keys(keys_filename)
+        user_keys = {}
+        for user in users:
+            auth_hrn = self.config.SFA_INTERFACE_HRN
+            if user.tenantId is not None:
+                tenant = self.shell.auth_manager.tenants.find(id=user.tenantId)
+                auth_hrn = OSXrn(
+                    name=tenant.name, auth=self.config.SFA_INTERFACE_HRN, type='authority').get_hrn()
+            hrn = OSXrn(name=user.name, auth=auth_hrn, type='user').get_hrn()
+            users_dict[hrn] = user
+            old_keys = old_user_keys.get(hrn, [])
+            keyname = OSXrn(xrn=hrn, type='user').get_slicename()
+            keys = [
+                k.public_key for k in self.shell.nova_manager.keypairs.findall(name=keyname)]
+            user_keys[hrn] = keys
             update_record = False
             if old_keys != keys:
                 update_record = True
             if hrn not in existing_hrns or \
-                   (hrn, 'user') not in existing_records or update_record:    
-                urn = hrn_to_urn(hrn, 'user')
-            
+                    (hrn, 'user') not in existing_records or update_record:
+                urn = OSXrn(xrn=hrn, type='user').get_urn()
+
                 if keys:
                     try:
                         pkey = convert_public_key(keys[0])
                     except:
-                        logger.log_exc('unable to convert public key for %s' % hrn)
+                        self.logger.log_exc(
+                            'unable to convert public key for %s' % hrn)
                         pkey = Keypair(create=True)
                 else:
-                    logger.warn("OpenstackImporter: person %s does not have a PL public key"%hrn)
-                    pkey = Keypair(create=True) 
-                person_gid = sfaImporter.AuthHierarchy.create_gid(urn, create_uuid(), pkey)
-                person_record = RegUser ()
-                person_record.type='user'
-                person_record.hrn=hrn
-                person_record.gid=person_gid
-                person_record.authority=get_authority(hrn)
-                dbsession.add(person_record)
-                dbsession.commit()
-                logger.info("OpenstackImporter: imported person %s" % person_record)
-
-        # Get all projects
-        projects = shell.project_get_all()
-        projects_dict = {}
-        for project in projects:
-            hrn = config.SFA_INTERFACE_HRN + '.' + project.id
-            projects_dict[hrn] = project
-            if hrn not in existing_hrns or \
-            (hrn, 'slice') not in existing_records:
+                    self.logger.warning(
+                        "OpenstackImporter: person %s does not have a PL public key" % hrn)
+                    pkey = Keypair(create=True)
+                user_gid = self.auth_hierarchy.create_gid(
+                    urn, create_uuid(), pkey, email=user.email)
+                user_record = RegUser()
+                user_record.type = 'user'
+                user_record.hrn = hrn
+                user_record.gid = user_gid
+                user_record.authority = get_authority(hrn)
+                global_dbsession.add(user_record)
+                global_dbsession.commit()
+                self.logger.info(
+                    "OpenstackImporter: imported person %s" % user_record)
+
+        return users_dict, user_keys
+
+    def import_tenants(self, existing_hrns, existing_records):
+        # Get all tenants
+        # A tenant can represent an organizational group (site) or a
+        # slice. If a tenant's authorty/parent matches the root authority it is
+        # considered a group/site. All other tenants are considered slices.
+        tenants = self.shell.auth_manager.tenants.list()
+        tenants_dict = {}
+        for tenant in tenants:
+            hrn = self.config.SFA_INTERFACE_HRN + '.' + tenant.name
+            tenants_dict[hrn] = tenant
+            authority_hrn = OSXrn(
+                xrn=hrn, type='authority').get_authority_hrn()
+
+            if hrn in existing_hrns:
+                continue
+
+            if authority_hrn == self.config.SFA_INTERFACE_HRN:
+                # import group/site
+                record = RegAuthority()
+                urn = OSXrn(xrn=hrn, type='authority').get_urn()
+                if not self.auth_hierarchy.auth_exists(urn):
+                    self.auth_hierarchy.create_auth(urn)
+                auth_info = self.auth_hierarchy.get_auth_info(urn)
+                gid = auth_info.get_gid_object()
+                record.type = 'authority'
+                record.hrn = hrn
+                record.gid = gid
+                record.authority = get_authority(hrn)
+                global_dbsession.add(record)
+                global_dbsession.commit()
+                self.logger.info(
+                    "OpenstackImporter: imported authority: %s" % record)
+
+            else:
+                record = RegSlice()
+                urn = OSXrn(xrn=hrn, type='slice').get_urn()
                 pkey = Keypair(create=True)
-                urn = hrn_to_urn(hrn, 'slice')
-                project_gid = sfaImporter.AuthHierarchy.create_gid(urn, create_uuid(), pkey)
-                project_record = RegSlice ()
-                project_record.type='slice'
-                project_record.hrn=hrn
-                project_record.gid=project_gid
-                project_record.authority=get_authority(hrn)
-                dbsession.add(project_record)
-                dbsession.commit()
-                logger.info("OpenstackImporter: imported slice: %s" % project_record)  
-    
-        # remove stale records    
-        system_records = [interface_hrn, root_auth, interface_hrn + '.slicemanager']
+                gid = self.auth_hierarchy.create_gid(urn, create_uuid(), pkey)
+                record.type = 'slice'
+                record.hrn = hrn
+                record.gid = gid
+                record.authority = get_authority(hrn)
+                global_dbsession.add(record)
+                global_dbsession.commit()
+                self.logger.info(
+                    "OpenstackImporter: imported slice: %s" % record)
+
+        return tenants_dict
+
+    def run(self, options):
+        # we don't have any options for now
+        self.logger.info("OpenstackImporter.run : to do")
+
+        # create dict of all existing sfa records
+        existing_records = {}
+        existing_hrns = []
+        key_ids = []
+        for record in global_dbsession.query(RegRecord):
+            existing_records[(record.hrn, record.type,)] = record
+            existing_hrns.append(record.hrn)
+
+        tenants_dict = self.import_tenants(existing_hrns, existing_records)
+        users_dict, user_keys = self.import_users(
+            existing_hrns, existing_records)
+
+        # remove stale records
+        system_records = [self.interface_hrn, self.root_auth,
+                          self.interface_hrn + '.slicemanager']
         for (record_hrn, type) in existing_records.keys():
             if record_hrn in system_records:
                 continue
-        
+
             record = existing_records[(record_hrn, type)]
             if record.peer_authority:
                 continue
 
             if type == 'user':
-                if record_hrn in persons_dict:
-                    continue  
-            elif type == 'slice':
-                if record_hrn in projects_dict:
+                if record_hrn in users_dict:
+                    continue
+            elif type in['slice', 'authority']:
+                if record_hrn in tenants_dict:
                     continue
             else:
-                continue 
-        
-            record_object = existing_records[ (record_hrn, type) ]
-            logger.info("OpenstackImporter: removing %s " % record)
-            dbsession.delete(record_object)
-            dbsession.commit()
-                                   
+                continue
+
+            record_object = existing_records[(record_hrn, type)]
+            self.logger.info("OpenstackImporter: removing %s " % record)
+            global_dbsession.delete(record_object)
+            global_dbsession.commit()
+
         # save pub keys
-        logger.info('OpenstackImporter: saving current pub keys')
-        save_keys(keys_filename, person_keys)                
-        
+        self.logger.info('OpenstackImporter: saving current pub keys')
+        keys_filename = self.config.config_path + os.sep + 'person_keys.py'
+        save_keys(keys_filename, user_keys)