else:
self.logger.warn("OpenstackImporter: person %s does not have a PL public key"%hrn)
pkey = Keypair(create=True)
- user_gid = self.auth_hierarchy.create_gid(urn, create_uuid(), pkey)
+ user_gid = self.auth_hierarchy.create_gid(urn, create_uuid(), pkey, email=user.email)
user_record = RegUser ()
user_record.type='user'
user_record.hrn=hrn
plc_keys = keys_by_person_id.get(person['person_id'],[])
if not user_record:
(pubkey,pkey) = init_person_key (person, plc_keys )
- person_gid = self.auth_hierarchy.create_gid(person_urn, create_uuid(), pkey)
- person_gid.set_email(person['email'])
+ person_gid = self.auth_hierarchy.create_gid(person_urn, create_uuid(), pkey, email=person['email'])
user_record = RegUser (hrn=person_hrn, gid=person_gid,
pointer=person['person_id'],
authority=get_authority(person_hrn),
'geni_slivers': geni_slivers
}
- def ListSlices(self, api, creds, options):
- call_id = options.get('call_id')
- if Callids().already_handled(call_id): return []
-
- def _ListSlices(server, creds, options):
- return server.ListSlices(creds, options)
-
- # look in cache first
- # xxx is this really frequent enough that it is worth being cached ?
- if self.cache:
- slices = self.cache.get('slices')
- if slices:
- api.logger.debug("SliceManager.ListSlices returns from cache")
- return slices
-
- # get the callers hrn
- valid_cred = api.auth.checkCredentials(creds, 'listslices', None)[0]
- caller_hrn = Credential(cred=valid_cred).get_gid_caller().get_hrn()
-
- # attempt to use delegated credential first
- cred= api.getDelegatedCredential(creds)
- if not cred:
- cred = api.getCredential()
- threads = ThreadManager()
- # fetch from aggregates
- for aggregate in api.aggregates:
- # prevent infinite loop. Dont send request back to caller
- # unless the caller is the aggregate's SM
- if caller_hrn == aggregate and aggregate != api.hrn:
- continue
- interface = api.aggregates[aggregate]
- server = api.server_proxy(interface, cred)
- threads.run(_ListSlices, server, [cred], options)
-
- # combime results
- results = [ReturnValue.get_value(result) for result in threads.get_results()]
- slices = []
- for result in results:
- slices.extend(result)
-
- # cache the result
- if self.cache:
- api.logger.debug("SliceManager.ListSlices caches value")
- self.cache.add('slices', slices)
-
- return slices
-
def GetTicket(self, api, xrn, creds, rspec, users, options):
slice_hrn, type = urn_to_hrn(xrn)
ticket.sign()
return ticket.save_to_string(save_parents=True)
- def start_slice(self, api, xrn, creds):
- hrn, type = urn_to_hrn(xrn)
-
+ def PerformOperationalAction(self, api, xrn, creds, action, options):
# get the callers hrn
- valid_cred = api.auth.checkCredentials(creds, 'startslice', hrn)[0]
+ valid_cred = api.auth.checkCredentials(creds, 'createsliver', xrn)[0]
caller_hrn = Credential(cred=valid_cred).get_gid_caller().get_hrn()
# attempt to use delegated credential first
continue
interface = api.aggregates[aggregate]
server = api.server_proxy(interface, cred)
- threads.run(server.Start, xrn, cred)
+ threads.run(server.PerformOperationalAction, xrn, cred, action, options)
threads.get_results()
return 1
# @param filename If filename!=None, load the certficiate from the file.
# @param isCA If !=None, set whether this cert is for a CA
- def __init__(self, lifeDays=1825, create=False, subject=None, string=None, filename=None, isCA=None):
+ def __init__(self, lifeDays=1825, create=False, subject=None, string=None, filename=None, isCA=None, email=None):
self.data = {}
if create or subject:
self.create(lifeDays)
self.load_from_string(string)
if filename:
self.load_from_file(filename)
+ if email:
+ self.set_email(email)
# Set the CA bit if a value was supplied
if isCA != None:
# @param filename If filename!=None, load the GID from a file
# @param lifeDays life of GID in days - default is 1825==5 years
- def __init__(self, create=False, subject=None, string=None, filename=None, uuid=None, hrn=None, urn=None, lifeDays=1825):
+ def __init__(self, create=False, subject=None, string=None, filename=None, uuid=None, hrn=None, urn=None, lifeDays=1825, email=None):
- Certificate.__init__(self, lifeDays, create, subject, string, filename)
+ Certificate.__init__(self, lifeDays, create, subject, string, filename, email=email)
if subject:
logger.debug("Creating GID for subject: %s" % subject)
if uuid:
# @param uuid the unique identifier to store in the GID
# @param pkey the public key to store in the GID
- def create_gid(self, xrn, uuid, pkey, CA=False):
+ def create_gid(self, xrn, uuid, pkey, CA=False, email=None):
hrn, type = urn_to_hrn(xrn)
if not type:
type = 'authority'
# If xrn was a hrn instead of a urn, then the gid's urn will be
# of type None
urn = hrn_to_urn(hrn, type)
- gid = GID(subject=hrn, uuid=uuid, hrn=hrn, urn=urn)
+ gid = GID(subject=hrn, uuid=uuid, hrn=hrn, urn=urn, email=email)
+
# is this a CA cert
if hrn == self.config.SFA_INTERFACE_HRN or not parent_hrn:
# root or sub authority