+# pylint: disable=c0111, w1202
+
from __future__ import print_function
# for get_key_from_incoming_ip
import os
import commands
-from sfa.util.faults import RecordNotFound, AccountNotEnabled, PermissionError, MissingAuthority, \
- UnknownSfaType, ExistingRecord, NonExistingRecord
+from sfa.util.faults import (
+ RecordNotFound, AccountNotEnabled, PermissionError, MissingAuthority,
+ UnknownSfaType, ExistingRecord, NonExistingRecord)
from sfa.util.sfatime import utcparse, datetime_to_epoch
from sfa.util.prefixTree import prefixTree
from sfa.util.xrn import Xrn, get_authority, hrn_to_urn, urn_to_hrn
from sfa.trust.certificate import Certificate, Keypair, convert_public_key
from sfa.trust.gid import create_uuid
-from sfa.storage.model import make_record, RegRecord, RegAuthority, RegUser, RegSlice, RegKey, \
- augment_with_sfa_builtins
+from sfa.storage.model import (
+ make_record, RegRecord, RegAuthority, RegUser, RegSlice, RegKey,
+ augment_with_sfa_builtins)
# the types that we need to exclude from sqlobjects before being able to dump
# them on the xmlrpc wire
from sqlalchemy.orm.collections import InstrumentedList
# 'researcher' or 'pi' to be set - reg-* are just ignored
#
# the '_normalize_input' helper functions below aim at ironing this out
-# however in order to break as few code as possible we essentially make sure that *both* fields are set
-# upon entering the write methods (so again register and update) for legacy, as some driver code
+# however in order to break as few code as possible we essentially
+# make sure that *both* fields are set upon entering the write methods
+# (again: register and update) for legacy, as some driver code
# might depend on the presence of, say, 'researcher'
# normalize an input record to a write method - register or update
class RegistryManager:
def __init__(self, config):
- logger.info("Creating RegistryManager[{}]".format(id(self)))
+ logger.debug("Creating RegistryManager[{}]".format(id(self)))
# The GENI GetVersion call
def GetVersion(self, api, options):
- peers = dict([(hrn, interface.get_url()) for (hrn, interface) in api.registries.iteritems()
- if hrn != api.hrn])
+ peers = {hrn: interface.get_url()
+ for (hrn, interface) in api.registries.iteritems()
+ if hrn != api.hrn}
xrn = Xrn(api.hrn, type='authority')
return version_core({'interface': 'registry',
'sfa': 3,
RegRecord).filter_by(hrn=caller_hrn).first()
if not caller_record:
raise RecordNotFound(
- "Unable to associated caller (hrn={}, type={}) with credential for (hrn: {}, type: {})"
+ "Unable to associated caller (hrn={}, type={}) "
+ "with credential for (hrn: {}, type: {})"
.format(caller_hrn, caller_type, hrn, type))
caller_gid = GID(string=caller_record.gid)
new_cred.set_expiration(int(expires))
auth_kind = "authority,ma,sa"
# Parent not necessary, verify with certs
- #new_cred.set_parent(api.auth.hierarchy.get_auth_cred(auth_hrn, kind=auth_kind))
+ # new_cred.set_parent(api.auth.hierarchy.get_auth_cred(auth_hrn, kind=auth_kind))
new_cred.encode()
new_cred.sign()
credential = api.getCredential()
interface = api.registries[registry_hrn]
server_proxy = api.server_proxy(interface, credential)
- # should propagate the details flag but that's not supported in the xmlrpc interface yet
- #peer_records = server_proxy.Resolve(xrns, credential,type, details=details)
+ # should propagate the details flag but that's not supported
+ # in the xmlrpc interface yet
+ # peer_records = server_proxy.Resolve(xrns, credential,type, details=details)
peer_records = server_proxy.Resolve(xrns, credential)
# pass foreign records as-is
# previous code used to read
record_dicts = record_list
# if we still have not found the record yet, try the local registry
-# logger.debug("before trying local records, {} foreign records".format(len(record_dicts)))
+ # logger.debug("before trying local records, {} foreign records"
+ # .format(len(record_dicts)))
if not record_dicts:
recursive = False
if ('recursive' in options and options['recursive']):
if recursive:
records = dbsession.query(RegRecord).filter(
RegRecord.hrn.startswith(hrn)).all()
-# logger.debug("recursive mode, found {} local records".format(len(records)))
+ # logger.debug("recursive mode, found {} local records".
+ # format(len(records)))
else:
records = dbsession.query(
RegRecord).filter_by(authority=hrn).all()
-# logger.debug("non recursive mode, found {} local records".format(len(records)))
+ # logger.debug("non recursive mode, found {} local records"
+ # .format(len(records)))
# so that sfi list can show more than plain names...
for record in records:
# xxx mystery - see also the bottom of model.py
# utility for handling relationships among the SFA objects
# subject_record describes the subject of the relationships
- # ref_record contains the target values for the various relationships we need to manage
- # (to begin with, this is just the slice x person (researcher) and authority x person (pi) relationships)
+ # ref_record contains the target values for the various relationships
+ # we need to manage (to begin with, this is just the
+ # slice x person (researcher) and authority x person (pi) relationships)
def update_driver_relations(self, api, subject_obj, ref_obj):
type = subject_obj.type
# for (k,v) in subject_obj.__dict__.items(): print k,'=',v
self.update_driver_relation(
api, subject_obj, ref_obj.pi, 'user', 'pi')
- # field_key is the name of one field in the record, typically 'researcher' for a 'slice' record
+ # field_key is the name of one field in the record,
+ # typically 'researcher' for a 'slice' record
# hrns is the list of hrns that should be linked to the subject from now on
# target_type would be e.g. 'user' in the 'slice' x 'researcher' example
- def update_driver_relation(self, api, record_obj, hrns, target_type, relation_name):
+ def update_driver_relation(self, api, record_obj, hrns,
+ target_type, relation_name):
dbsession = api.dbsession()
# locate the linked objects in our db
subject_type = record_obj.type
For safety this is limited to a set of hard-coded calls
"""
- direct_calls = ['AddNode', 'AddPerson', 'AddPersonKey', 'AddPersonToSite',
- 'AddPersonToSlice', 'AddRoleToPerson', 'AddSite', 'AddSiteTag', 'AddSlice',
- 'AddSliceTag', 'AddSliceToNodes', 'BindObjectToPeer', 'DeleteKey',
- 'DeleteNode', 'DeletePerson', 'DeletePersonFromSlice', 'DeleteSite',
- 'DeleteSlice', 'DeleteSliceFromNodes', 'DeleteSliceTag', 'GetInitScripts',
- 'GetInterfaces', 'GetKeys', 'GetNodeTags', 'GetPeers',
- 'GetPersons', 'GetSlices', 'GetSliceTags', 'GetTagTypes',
- 'UnBindObjectFromPeer', 'UpdateNode', 'UpdatePerson', 'UpdateSite',
- 'UpdateSlice', 'UpdateSliceTag',
- # also used as-is in importer
- 'GetSites', 'GetNodes', 'GetSiteTags',
- # Lease management methods
- 'GetLeases', 'GetLeaseGranularity', 'DeleteLeases', 'UpdateLeases',
- 'AddLeases',
- # HRN management methods
- 'SetPersonHrn', 'GetPersonHrn', 'SetSliceHrn', 'GetSliceHrn',
- 'SetNodeHrn', 'GetNodeHrn', 'GetSiteHrn', 'SetSiteHrn',
- # Tag slice/person/site created by SFA
- 'SetPersonSfaCreated', 'GetPersonSfaCreated', 'SetSliceSfaCreated',
- 'GetSliceSfaCreated', 'SetNodeSfaCreated', 'GetNodeSfaCreated',
- 'GetSiteSfaCreated', 'SetSiteSfaCreated',
- ]
+ direct_calls = [
+ 'AddNode', 'AddPerson', 'AddPersonKey', 'AddPersonToSite',
+ 'AddPersonToSlice', 'AddRoleToPerson', 'AddSite', 'AddSiteTag', 'AddSlice',
+ 'AddSliceTag', 'AddSliceToNodes', 'BindObjectToPeer', 'DeleteKey',
+ 'DeleteNode', 'DeletePerson', 'DeletePersonFromSlice', 'DeleteSite',
+ 'DeleteSlice', 'DeleteSliceFromNodes', 'DeleteSliceTag', 'GetInitScripts',
+ 'GetInterfaces', 'GetKeys', 'GetNodeTags', 'GetPeers',
+ 'GetPersons', 'GetSlices', 'GetSliceTags', 'GetTagTypes',
+ 'UnBindObjectFromPeer', 'UpdateNode', 'UpdatePerson', 'UpdateSite',
+ 'UpdateSlice', 'UpdateSliceTag',
+ # also used as-is in importer
+ 'GetSites', 'GetNodes', 'GetSiteTags',
+ # Lease management methods
+ 'GetLeases', 'GetLeaseGranularity', 'DeleteLeases', 'UpdateLeases',
+ 'AddLeases',
+ # HRN management methods
+ 'SetPersonHrn', 'GetPersonHrn', 'SetSliceHrn', 'GetSliceHrn',
+ 'SetNodeHrn', 'GetNodeHrn', 'GetSiteHrn', 'SetSiteHrn',
+ # Tag slice/person/site created by SFA
+ 'SetPersonSfaCreated', 'GetPersonSfaCreated', 'SetSliceSfaCreated',
+ 'GetSliceSfaCreated', 'SetNodeSfaCreated', 'GetNodeSfaCreated',
+ 'GetSiteSfaCreated', 'SetSiteSfaCreated',
+ ]
# support for other names - this is experimental
- alias_calls = {'get_authorities': 'GetSites',
- 'get_nodes': 'GetNodes',
- }
+ alias_calls = {
+ 'get_authorities': 'GetSites',
+ 'get_nodes': 'GetNodes',
+ }
# use the 'capability' auth mechanism for higher performance when the PLC
# db is local
except:
plc_direct_access = False
if is_local and plc_direct_access:
- logger.info('plshell access - capability')
- self.plauth = {'AuthMethod': 'capability',
- 'Username': str(config.SFA_PLC_USER),
- 'AuthString': str(config.SFA_PLC_PASSWORD),
- }
+ logger.debug('plshell access - capability')
+ self.plauth = {
+ 'AuthMethod': 'capability',
+ 'Username': str(config.SFA_PLC_USER),
+ 'AuthString': str(config.SFA_PLC_PASSWORD),
+ }
self.proxy = PLC.Shell.Shell()
else:
- logger.info('plshell access - xmlrpc')
- self.plauth = {'AuthMethod': 'password',
- 'Username': str(config.SFA_PLC_USER),
- 'AuthString': str(config.SFA_PLC_PASSWORD),
- }
+ logger.debug('plshell access - xmlrpc')
+ self.plauth = {
+ 'AuthMethod': 'password',
+ 'Username': str(config.SFA_PLC_USER),
+ 'AuthString': str(config.SFA_PLC_PASSWORD),
+ }
self.proxy = xmlrpclib.Server(url, verbose=False, allow_none=True)
def __getattr__(self, name):
git://git.onelab.eu / sfa.git / commitdiff