merged namespace

[sfa.git] / sfa / managers / aggregate_manager_pl.py

diff --git a/sfa/managers/aggregate_manager_pl.py b/sfa/managers/aggregate_manager_pl.py
index da5c337..ae4215a 100644 (file)
--- a/sfa/managers/aggregate_manager_pl.py
+++ b/sfa/managers/aggregate_manager_pl.py
@@ -5,7 +5,7 @@ import datetime
 import time
 import traceback
 import sys
-
+import re
 from types import StringTypes
 from sfa.util.namespace import *
 from sfa.util.rspec import *
@@ -15,7 +15,6 @@ from sfa.util.record import SfaRecord
 from sfa.util.policy import Policy
 from sfa.util.record import *
 from sfa.util.sfaticket import SfaTicket
-from sfa.util.debug import log
 from sfa.plc.slices import Slices
 from sfa.trust.credential import Credential
 import sfa.plc.peers as peers
@@ -23,41 +22,6 @@ from sfa.plc.network import *
 from sfa.plc.api import SfaAPI
 from sfa.plc.slices import *
 
-""" 
-Create a new plauth object that the Aggregate Manager can use to execute
-plshell commands as the authenticated user.
-"""
-def __get_user_plauth(api, registry, credential, creds, operation, hrn):
-    plauth = None
-
-    user_creds = api.auth.checkCredentials(creds, operation, hrn)
-    user_cred_obj = Credential(string=user_creds[0])
-
-    # If user cred has a parent then the caller is the parent's cred.
-    # This is true for delegated creds.
-    if user_cred_obj.parent:
-        user_hrn = user_cred_obj.parent.get_gid_caller().get_hrn()
-    else:
-        user_hrn = user_cred_obj.get_gid_caller().get_hrn()
-        
-    user_record = registry.Resolve(user_hrn, [credential])[0]
-    email = user_record['email']
-
-    person = api.plshell.GetPersons(api.plauth, email)
-    if person:
-        person_id = person[0]['person_id']
-        # Get the user's session if one exists, create one otherwise
-        session = api.plshell.GetSessions(api.plauth, {'person_id': person_id})
-        if not session:
-            session = api.plshell.AddSession(api.plauth, person_id)
-        else:
-            session = session[0]['session_id']
-
-        # Create new authentication token
-        plauth = {'Username':email, 'AuthMethod':'session', 'session':session}
-
-    return plauth
-
 
 def __get_registry_objects(slice_xrn, creds, users):
     """
@@ -72,26 +36,31 @@ def __get_registry_objects(slice_xrn, creds, users):
     reg_objects = None
 
     if users:
+        # dont allow special characters in the site login base
+        #only_alphanumeric = re.compile('[^a-zA-Z0-9]+')
+        #login_base = only_alphanumeric.sub('', hrn_auth[:20]).lower()
+        slicename = hrn_to_pl_slicename(hrn)
+        login_base = slicename.split('_')[0]
         reg_objects = {}
 
         site = {}
         site['site_id'] = 0
-        site['name'] = 'geni.%s' % hrn_auth[:20]
+        site['name'] = 'geni.%s' % login_base 
         site['enabled'] = True
         site['max_slices'] = 100
 
         # Note:
         # Is it okay if this login base is the same as one already at this myplc site?
         # Do we need uniqueness?  Should use hrn_auth instead of just the leaf perhaps?
-        site['login_base'] = hrn_auth[:20]
-        site['abbreviated_name'] = hrn_auth[:20]
+        site['login_base'] = login_base
+        site['abbreviated_name'] = login_base
         site['max_slivers'] = 1000
         reg_objects['site'] = site
 
         slice = {}
         slice['expires'] = int(time.mktime(Credential(string=creds[0]).get_lifetime().timetuple()))
         slice['hrn'] = hrn
-        slice['name'] = site['login_base'] + "_" +  get_leaf(hrn)
+        slice['name'] = hrn_to_pl_slicename(hrn)
         slice['url'] = hrn
         slice['description'] = hrn
         slice['pointer'] = 0
@@ -132,6 +101,7 @@ def create_slice(api, slice_xrn, creds, rspec, users):
     Create the sliver[s] (slice) at this aggregate.    
     Verify HRN and initialize the slice record in PLC if necessary.
     """
+
     reg_objects = __get_registry_objects(slice_xrn, creds, users)
 
     hrn, type = urn_to_hrn(slice_xrn)
@@ -146,12 +116,8 @@ def create_slice(api, slice_xrn, creds, rspec, users):
 
     slice_record = slices.verify_slice(registry, credential, hrn, site_id, 
                                 remote_site_id, peer, sfa_peer, reg_objects)
-
-    user_plauth = __get_user_plauth(api, registry, credential, creds, 
-                                    "createsliver", hrn)
-
-    # The Network instance will use user_plauth to call the PLCAPI
-    network = Network(api, user_plauth)
+     
+    network = Network(api)
 
     slice = network.get_slice(api, hrn)
     slice.peer_id = slice_record['peer_slice_id']
@@ -170,8 +136,8 @@ def create_slice(api, slice_xrn, creds, rspec, users):
         if peer:
             api.plshell.UnBindObjectFromPeer(api.plauth, 'slice', slice.id, peer)
 
-        api.plshell.AddSliceToNodes(user_plauth, slice.name, added_nodes) 
-        api.plshell.DeleteSliceFromNodes(user_plauth, slice.name, deleted_nodes)
+        api.plshell.AddSliceToNodes(api.plauth, slice.name, added_nodes) 
+        api.plshell.DeleteSliceFromNodes(api.plauth, slice.name, deleted_nodes)
 
         network.updateSliceTags()
 
@@ -181,6 +147,7 @@ def create_slice(api, slice_xrn, creds, rspec, users):
                                          slice.peer_id)
 
     # print network.toxml()
+
     return True
 
 
@@ -276,13 +243,7 @@ def get_rspec(api, creds, options):
         if rspec:
             return rspec 
 
-    registry = api.registries[api.hrn]
-    credential = api.getCredential()
-    user_plauth = __get_user_plauth(api, registry, credential, creds, 
-                                    "listnodes", hrn)
-
-    # The Network instance will use user_plauth to call the PLCAPI
-    network = Network(api, user_plauth)
+    network = Network(api)
     if (hrn):
         if network.get_slice(api, hrn):
             network.addSlice()
@@ -292,7 +253,7 @@ def get_rspec(api, creds, options):
     # cache the result
     if api.cache and not xrn:
         api.cache.add('nodes', rspec)
-    
+
     return rspec