-
- # Add persons or add persons to slice
- for person_hrn in persons_to_add:
- person_email = users_by_hrn[person_hrn].get('email', "%s@geni.net"%person_hrn.split('.')[-1])
- if person_email and person_email in persons_by_email.keys():
- # check if the user already exist in PL
- person_id = persons_by_email[person_email]['person_id']
- self.driver.shell.AddPersonToSlice(person_id, slice_id)
- persons_to_verify_keys[person_id] = users_by_hrn[person_hrn]
-
- else:
- person = {
- 'first_name': person_hrn,
- 'last_name': person_hrn,
- 'email': users_by_hrn[person_hrn].get('email', "%s@geni.net"%person_hrn.split('.')[-1]),
- }
-
- person_id = self.driver.shell.AddPerson(person)
- self.driver.shell.AddRoleToPerson('user', int(person_id))
- # enable the account
- self.driver.shell.UpdatePerson(int(person_id), {'enabled': True})
- self.driver.shell.SetPersonSfaCreated(int(person_id), 'True')
- self.driver.shell.AddPersonToSite(int(person_id), site['site_id'])
- self.driver.shell.AddPersonToSlice(int(person_id), slice_id)
- self.driver.shell.SetPersonHrn(int(person_id), person_hrn)
-
- # Add keys
- for key in users_by_hrn[person_hrn].get('keys', []):
- key = {'key':key, 'key_type':'ssh'}
- self.driver.shell.AddPersonKey(person_id, key)
-
-
- # Delete persons from slice
- for person_hrn in persons_to_delete:
- person_id = slice_persons_by_hrn[person_hrn].get('person_id')
- self.driver.shell.DeletePersonFromSlice(person_id, slice_id)
-
-
+ slice_person_ids = slice['person_ids']
+
+ # the common set of attributes for our calls to GetPersons
+ person_fields = ['person_id','email','hrn']
+
+ # for the intended set of hrns, locate existing persons
+ target_hrns = [ user['hrn'] for user in users ]
+ target_existing_persons = self.driver.shell.GetPersons ({'peer_id':None, 'hrn': target_hrns}, person_fields)
+ target_existing_person_ids = [ person ['person_id'] for person in target_existing_persons ]
+ # find out the hrns that *do not* have a corresponding person
+ existing_hrns = [ person['hrn'] for person in target_existing_persons ]
+ tocreate_hrns = set (target_hrns) - set (existing_hrns)
+ # create these
+ target_created_person_ids = [ create_person (users_by_hrn[hrn], site_id) for hrn in tocreate_hrns ]
+
+ # we can partition the persons of interest into one of these 3 classes
+ add_person_ids = set(target_created_person_ids) | set(target_existing_person_ids) - set(slice_person_ids)
+ keep_person_ids = set(target_existing_person_ids) & set(slice_person_ids)
+ del_person_ids = set(slice_person_ids) - set(target_existing_person_ids)
+
+ # delete
+ for person_id in del_person_ids:
+ self.driver.shell.DeletePersonFromSlice (person_id, slice_id)
+
+ # about the last 2 sets, for managing keys, we need to trace back person_id -> user
+ # and for this we need all the Person objects; we already have the target_existing ones
+ target_created_persons = self.driver.shell.GetPersons ({'peer_id':None, 'person_id':target_created_person_ids},person_fields)
+ persons_by_person_id = { person['person_id'] : person for person in target_existing_persons + target_created_persons }
+
+ def user_by_person_id (person_id):
+ person = persons_by_person_id [person_id]
+ hrn = person ['hrn']
+ return users_by_hrn [hrn]
+
+ persons_to_verify_keys = {}
+ # add
+ for person_id in add_person_ids:
+ self.driver.shell.AddPersonToSlice(person_id, slice_id)
+ persons_to_verify_keys[person_id] = user_by_person_id(person_id)