Reset GIDs in SFA DB - allows to use email in SubjectAltName of the GIDs

diff --git a/tools/reset_gids.py b/tools/reset_gids.py
new file mode 100755 (executable)
index 0000000..453af29
--- /dev/null
+++ b/tools/reset_gids.py
@@ -0,0 +1,36 @@
+#!/usr/bin/env python
+# -*- coding:utf-8 -*-
+
+import types
+
+from sfa.storage.model import *
+from sfa.storage.alchemy import *
+from sfa.trust.gid import create_uuid
+from sfa.trust.hierarchy import Hierarchy
+from sfa.util.xrn import Xrn
+from sfa.trust.certificate import Certificate, Keypair, convert_public_key
+
+def fix_users():
+    s=global_dbsession
+    hierarchy = Hierarchy()
+    users = s.query(RegRecord).filter_by(type="user")
+    for record in users:
+        record.gid = ""
+        if not record.gid:
+            uuid = create_uuid()
+            pkey = Keypair(create=True)
+            pub_key=getattr(record,'reg_keys',None)
+            if pub_key is not None:
+                # use only first key in record
+                if pub_key and isinstance(pub_key, types.ListType): pub_key = pub_key[0]
+                pub_key = pub_key.key
+                pkey = convert_public_key(pub_key)
+            urn = Xrn (xrn=record.hrn, type='user').get_urn()
+            email=getattr(record,'email',None)
+            gid_object = hierarchy.create_gid(urn, uuid, pkey, email = email)
+            gid = gid_object.save_to_string(save_parents=True)
+            record.gid = gid
+    s.commit()
+
+if __name__ == '__main__':
+    fix_users()