version['geni_api'] = 1
return version
-
-
-# The GENI resolve call
-def Resolve(api, xrn, creds):
- records = resolve(api, xrn)
-
- if len(records) == 0:
- return {}
-
- record = records[0]
- if record.type == 'slice':
- return {'geni_urn': xrn, 'geni_creator': " ".join(record.PI)}
- if record.type == 'user':
- return {'geni_urn': xrn, 'geni_certificate': record.gid}
-
-
-
-def resolve(api, xrns, type=None, origin_hrn=None, full=True):
+def resolve(api, xrns, creds, type=None, full=True):
# load all know registry names into a prefix tree and attempt to find
# the longest matching prefix
xrns = xrn_dict[registry_hrn]
if registry_hrn != api.hrn:
credential = api.getCredential()
- peer_records = registries[registry_hrn].resolve(credential, xrns, origin_hrn)
+ peer_records = registries[registry_hrn].Resolve(xrns, credential)
records.extend([SfaRecord(dict=record).as_dict() for record in peer_records])
# try resolving the remaining unfound records at the local registry
--- /dev/null
+### $Id: get_credential.py 17576 2010-04-05 20:56:15Z tmack $
+### $URL: https://svn.planet-lab.org/svn/sfa/trunk/sfa/methods/get_credential.py $
+
+from sfa.trust.credential import *
+from sfa.trust.rights import *
+from sfa.util.faults import *
+from sfa.util.namespace import *
+from sfa.util.method import Method
+from sfa.util.parameter import Parameter, Mixed
+from sfa.util.debug import log
+from sfa.trust.credential import Credential
+
+class get_credential(Method):
+ """
+ Retrive a credential for an object
+ If cred == Nonee then the behavior reverts to get_self_credential
+
+ @param cred credential object specifying rights of the caller
+ @param type type of object (user | slice | sa | ma | node)
+ @param hrn human readable name of object (hrn or urn)
+
+ @return the string representation of a credential object
+ """
+
+ interfaces = ['registry']
+
+ accepts = [
+ Mixed(Parameter(str, "credential"),
+ Parameter(None, "No credential")),
+ Parameter(str, "Human readable name (hrn or urn)")
+ ]
+
+ returns = Parameter(str, "String representation of a credential object")
+
+ def call(self, cred, type, xrn, origin_hrn=None):
+ if type:
+ hrn = urn_to_hrn(xrn)[0]
+ else:
+ hrn, type = urn_to_hrn(xrn)
+
+ #log the call
+ if not origin_hrn:
+ origin_hrn = Credential(string=cred).get_gid_caller().get_hrn()
+ self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, hrn, self.name))
+ self.api.auth.check(cred, 'getcredential')
+ self.api.auth.verify_object_belongs_to_me(hrn)
+
+ # send the call to the right manager
+ manager_base = 'sfa.managers'
+ mgr_type = self.api.config.SFA_REGISTRY_TYPE
+ manager_module = manager_base + ".registry_manager_%s" % mgr_type
+ manager = __import__(manager_module, fromlist=[manager_base])
+ return manager.get_credential(self.api, xrn, type)
--- /dev/null
+from sfa.util.faults import *
+from sfa.util.method import Method
+from sfa.util.parameter import Parameter, Mixed
+from sfa.trust.auth import Auth
+from sfa.trust.gid import GID
+from sfa.trust.certificate import Certificate
+from sfa.trust.credential import Credential
+
+class get_gids(Method):
+ """
+ Get a list of record information (hrn, gid and type) for
+ the specified hrns.
+
+ @param cred credential string
+ @param cert certificate string
+ @return
+ """
+
+ interfaces = ['registry']
+
+ accepts = [
+ Parameter(str, "Certificate string"),
+ Mixed(Parameter(str, "Human readable name (hrn or xrn)"),
+ Parameter(type([str]), "List of Human readable names (hrn or xrn)"))
+ ]
+
+ returns = [Parameter(dict, "Dictionary of gids keyed on hrn")]
+
+ def call(self, cred, xrns):
+ # validate the credential
+ self.api.auth.check(cred, 'getgids')
+ user_cred = Credential(string=cred)
+ origin_hrn = user_cred.get_gid_caller().get_hrn()
+
+ # resolve the record
+ manager_base = 'sfa.managers'
+ mgr_type = self.api.config.SFA_REGISTRY_TYPE
+ manager_module = manager_base + ".registry_manager_%s" % mgr_type
+ manager = __import__(manager_module, fromlist=[manager_base])
+ records = manager.resolve(self.api, xrns, None, origin_hrn=origin_hrn, full = False)
+ if not records:
+ raise RecordNotFound(hrns)
+
+ gids = []
+ allowed_fields = ['hrn', 'type', 'gid']
+ for record in records:
+ for key in record.keys():
+ if key not in allowed_fields:
+ del(record[key])
+ return records
--- /dev/null
+### $Id: get_credential.py 15321 2009-10-15 05:01:21Z tmack $
+### $URL: https://svn.planet-lab.org/svn/sfa/trunk/sfa/methods/get_credential.py $
+
+from sfa.trust.credential import *
+from sfa.trust.rights import *
+from sfa.util.faults import *
+from sfa.util.namespace import *
+from sfa.util.method import Method
+from sfa.util.parameter import Parameter, Mixed
+from sfa.util.record import SfaRecord
+from sfa.util.debug import log
+
+class get_self_credential(Method):
+ """
+ Retrive a credential for an object
+ @param cert certificate string
+ @param type type of object (user | slice | sa | ma | node)
+ @param hrn human readable name of object (hrn or urn)
+
+ @return the string representation of a credential object
+ """
+
+ interfaces = ['registry']
+
+ accepts = [
+ Parameter(str, "certificate"),
+ Parameter(str, "Human readable name (hrn or urn)"),
+ Mixed(Parameter(str, "Request hash"),
+ Parameter(None, "Request hash not specified"))
+ ]
+
+ returns = Parameter(str, "String representation of a credential object")
+
+ def call(self, cert, type, xrn, origin_hrn=None):
+ """
+ get_self_credential a degenerate version of get_credential used by a client
+ to get his initial credential when de doesnt have one. This is the same as
+ get_credetial(..., cred = None, ...)
+
+ The registry ensures that the client is the principal that is named by
+ (type, name) by comparing the public key in the record's GID to the
+ private key used to encrypt the client side of the HTTPS connection. Thus
+ it is impossible for one principal to retrive another principal's
+ credential without having the appropriate private key.
+
+ @param type type of object (user | slice | sa | ma | node)
+ @param hrn human readable name of authority to list
+ @return string representation of a credential object
+ """
+ if type:
+ hrn = urn_to_hrn(xrn)[0]
+ else:
+ hrn, type = urn_to_hrn(xrn)
+ self.api.auth.verify_object_belongs_to_me(hrn)
+
+ #log the call
+ if not origin_hrn:
+ origin_hrn = hrn
+ self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, hrn, self.name))
+
+ # send the call to the right manager
+ manager_base = 'sfa.managers'
+ mgr_type = self.api.config.SFA_REGISTRY_TYPE
+ manager_module = manager_base + ".registry_manager_%s" % mgr_type
+ manager = __import__(manager_module, fromlist=[manager_base])
+
+ # authenticate the gid
+ records = manager.resolve(self.api, xrn, type)
+ if not records:
+ raise RecordNotFound(hrn)
+ record = SfaRecord(dict=records[0])
+ gid = record.get_gid_object()
+ gid_str = gid.save_to_string(save_parents=True)
+ self.api.auth.authenticateGid(gid_str, [cert, type, hrn])
+ # authenticate the certificate against the gid in the db
+ certificate = Certificate(string=cert)
+ if not certificate.is_pubkey(gid.get_pubkey()):
+ raise ConnectionKeyGIDMismatch(gid.get_subject())
+
+ return manager.get_credential(self.api, xrn, type, is_self=True)
--- /dev/null
+### $Id: get_ticket.py 17732 2010-04-19 21:10:45Z tmack $
+### $URL: https://svn.planet-lab.org/svn/sfa/trunk/sfa/methods/get_ticket.py $
+import time
+from sfa.util.faults import *
+from sfa.util.namespace import *
+from sfa.util.method import Method
+from sfa.util.parameter import Parameter, Mixed
+from sfa.trust.auth import Auth
+from sfa.util.config import Config
+from sfa.trust.credential import Credential
+from sfa.util.sfatablesRuntime import run_sfatables
+
+class GetTicket(Method):
+ """
+ Retrieve a ticket. This operation is currently implemented on PLC
+ only (see SFA, engineering decisions); it is not implemented on
+ components.
+
+ The ticket is filled in with information from the PLC database. This
+ information includes resources, and attributes such as user keys and
+ initscripts.
+
+ @param cred credential string
+ @param name name of the slice to retrieve a ticket for (hrn or urn)
+ @param rspec resource specification dictionary
+
+ @return the string representation of a ticket object
+ """
+
+ interfaces = ['aggregate', 'slicemgr']
+
+ accepts = [
+ Parameter(str, "Human readable name of slice to retrive a ticket for (hrn or urn)"),
+ Mixed(Parameter(str, "Credential string"),
+ Parameter(type([str]), "List of credentials")),
+ Parameter(str, "Resource specification (rspec)"),
+ Mixed(Parameter(str, "Human readable name of the original caller"),
+ Parameter(None, "Origin hrn not specified")),
+ Parameter(type([]), "List of user information")
+ ]
+
+ returns = Parameter(str, "String represeneation of a ticket object")
+
+ def call(self, xrn, creds, rspec, users):
+ hrn, type = urn_to_hrn(xrn)
+ # Find the valid credentials
+ valid_creds = self.api.auth.checkCredentials(creds, 'createsliver', hrn)
+ origin_hrn = Credential(string=valid_creds[0]).get_gid_caller().get_hrn()
+
+ #log the call
+ self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, hrn, self.name))
+
+ manager = self.api.get_interface_manager()
+
+ # flter rspec through sfatables
+ if self.api.interface in ['aggregate']:
+ chain_name = 'OUTGOING'
+ elif self.api.interface in ['slicemgr']:
+ chain_name = 'FORWARD-OUTGOING'
+ rspec = run_sfatables(chain_name, hrn, origin_hrn, rspec)
+
+ # remove nodes that are not available at this interface from the rspec
+ ticket = manager.get_ticket(self.api, xrn, creds, rspec, users)
+
+ return ticket
+
--- /dev/null
+### $Id: list.py 16588 2010-01-13 17:53:44Z anil $
+### $URL: https://svn.planet-lab.org/svn/sfa/trunk/sfa/methods/list.py $
+
+from sfa.util.faults import *
+from sfa.util.namespace import *
+from sfa.util.method import Method
+from sfa.util.parameter import Parameter, Mixed
+from sfa.util.record import SfaRecord
+from sfa.trust.credential import Credential
+
+class list(Method):
+ """
+ List the records in an authority.
+
+ @param cred credential string specifying the rights of the caller
+ @param hrn human readable name of authority to list (hrn or urn)
+ @return list of record dictionaries
+ """
+ interfaces = ['registry']
+
+ accepts = [
+ Parameter(str, "Credential string"),
+ Parameter(str, "Human readable name (hrn or urn)"),
+ Mixed(Parameter(str, "Human readable name of the original caller"),
+ Parameter(None, "Origin hrn not specified"))
+ ]
+
+ returns = [SfaRecord]
+
+ def call(self, cred, xrn, origin_hrn=None):
+ hrn, type = urn_to_hrn(xrn)
+ user_cred = Credential(string=cred)
+ #log the call
+ if not origin_hrn:
+ origin_hrn = user_cred.get_gid_caller().get_hrn()
+ self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, hrn, self.name))
+
+ # validate the cred
+ self.api.auth.check(cred, 'list')
+
+ # send the call to the right manager
+ manager_base = 'sfa.managers'
+ mgr_type = self.api.config.SFA_REGISTRY_TYPE
+ manager_module = manager_base + ".registry_manager_%s" % mgr_type
+ manager = __import__(manager_module, fromlist=[manager_base])
+ return manager.list(self.api, xrn, origin_hrn)
--- /dev/null
+### $Id: reset_slice.py 15428 2009-10-23 15:28:03Z tmack $
+### $URL: https://svn.planet-lab.org/svn/sfa/trunk/sfacomponent/methods/reset_slice.py $
+import xmlrpclib
+from sfa.util.faults import *
+from sfa.util.method import Method
+from sfa.util.parameter import Parameter, Mixed
+
+class RedeemTicket(Method):
+ """
+ Deprecated. Use RedeemTicket instead.
+
+ @param cred credential string specifying the rights of the caller
+ @param ticket
+ @return 1 is successful, faults otherwise
+ """
+
+ interfaces = ['component']
+
+ accepts = [
+ Parameter(str, "Ticket string representation of SFA ticket"),
+ Mixed(Parameter(str, "Credential string"),
+ Parameter(type([str]), "List of credentials")),
+ ]
+
+ returns = [Parameter(int, "1 if successful")]
+
+ def call(self, ticket, creds):
+ valid_creds = self.api.auth.checkCredentials(cred, 'redeemticket')
+ self.api.auth.check_ticket(ticket)
+
+
+ # send the call to the right manager
+ manager = self.api.get_interface_manager()
+ manager.redeem_ticket(self.api, ticket)
+ return 1
--- /dev/null
+### $Id: register.py 16477 2010-01-05 16:31:37Z thierry $
+### $URL: https://svn.planet-lab.org/svn/sfa/trunk/sfa/methods/register.py $
+
+from sfa.trust.certificate import Keypair, convert_public_key
+from sfa.trust.gid import *
+from sfa.util.faults import *
+from sfa.util.method import Method
+from sfa.util.parameter import Parameter, Mixed
+from sfa.util.record import SfaRecord
+from sfa.util.debug import log
+from sfa.trust.auth import Auth
+from sfa.trust.gid import create_uuid
+from sfa.trust.credential import Credential
+
+class register(Method):
+ """
+ Register an object with the registry. In addition to being stored in the
+ SFA database, the appropriate records will also be created in the
+ PLC databases
+
+ @param cred credential string
+ @param record_dict dictionary containing record fields
+
+ @return gid string representation
+ """
+
+ interfaces = ['registry']
+
+ accepts = [
+ Parameter(str, "Credential string"),
+ Parameter(dict, "Record dictionary containing record fields")
+ ]
+
+ returns = Parameter(int, "String representation of gid object")
+
+ def call(self, cred, record, origin_hrn=None):
+ user_cred = Credential(string=cred)
+
+ #log the call
+ if not origin_hrn:
+ origin_hrn = user_cred.get_gid_caller().get_hrn()
+ hrn = None
+ if 'hrn' in record:
+ hrn = record['hrn']
+ self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, hrn, self.name))
+
+ # validate the cred
+ self.api.auth.check(cred, "register")
+
+ #send the call to the right manager
+ manager_base = 'sfa.managers'
+ mgr_type = self.api.config.SFA_REGISTRY_TYPE
+ manager_module = manager_base + ".registry_manager_%s" % mgr_type
+ manager = __import__(manager_module, fromlist=[manager_base])
+ return manager.register(self.api, record)
--- /dev/null
+### $Id: register.py 15001 2009-09-11 20:18:54Z tmack $
+### $URL: https://svn.planet-lab.org/svn/sfa/trunk/sfa/methods/register.py $
+
+from sfa.trust.certificate import Keypair, convert_public_key
+from sfa.trust.gid import *
+
+from sfa.util.faults import *
+from sfa.util.namespace import *
+from sfa.util.method import Method
+from sfa.util.parameter import Parameter, Mixed
+from sfa.util.record import SfaRecord
+from sfa.util.table import SfaTable
+from sfa.util.debug import log
+from sfa.trust.auth import Auth
+from sfa.trust.gid import create_uuid
+from sfa.trust.credential import Credential
+
+class register_peer_object(Method):
+ """
+ Register a peer object with the registry. In addition to being stored in the
+ SFA database, the appropriate records will also be created in the
+ PLC databases
+
+ @param cred credential string
+ @param record_dict dictionary containing record fields
+ @return gid string representation
+ """
+
+ interfaces = ['registry']
+
+ accepts = [
+ Parameter(str, "Credential string"),
+ Parameter(dict, "Record dictionary containing record fields"),
+ Mixed(Parameter(str, "Human readable name of the original caller"),
+ Parameter(None, "Origin hrn not specified"))
+ ]
+
+ returns = Parameter(int, "1 if successful")
+
+ def call(self, cred, record_dict, origin_hrn=None):
+ user_cred = Credential(string=cred)
+
+ #log the call
+ if not origin_hrn:
+ origin_hrn = user_cred.get_gid_caller().get_hrn()
+ self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, None, self.name))
+
+ # validate the cred
+ self.api.auth.check(cred, "register")
+
+ # make sure this is a peer record
+ if 'peer_authority' not in record_dict or \
+ not record_dict['peer_authority']:
+ raise SfaInvalidArgument, "peer_authority must be specified"
+
+ record = SfaRecord(dict = record_dict)
+ type, hrn, peer_authority = record['type'], record['hrn'], record['peer_authority']
+ record['authority'] = get_authority(record['hrn'])
+ # verify permissions
+ self.api.auth.verify_cred_is_me(cred)
+
+ # check if record already exists
+ table = SfaTable()
+ existing_records = table.find({'type': type, 'hrn': hrn, 'peer_authority': peer_authority})
+ if existing_records:
+ for existing_record in existing_records:
+ if existing_record['pointer'] != record['pointer']:
+ record['record_id'] = existing_record['record_id']
+ table.update(record)
+ else:
+ record_id = table.insert(record)
+
+ return 1
--- /dev/null
+### $Id: remove.py 16497 2010-01-07 03:33:24Z tmack $
+### $URL: https://svn.planet-lab.org/svn/sfa/trunk/sfa/methods/remove.py $
+
+from sfa.util.faults import *
+from sfa.util.namespace import *
+from sfa.util.method import Method
+from sfa.util.parameter import Parameter, Mixed
+from sfa.util.debug import log
+from sfa.trust.credential import Credential
+
+class remove(Method):
+ """
+ Remove an object from the registry. If the object represents a PLC object,
+ then the PLC records will also be removed.
+
+ @param cred credential string
+ @param type record type
+ @param xrn human readable name of record to remove (hrn or urn)
+
+ @return 1 if successful, faults otherwise
+ """
+
+ interfaces = ['registry']
+
+ accepts = [
+ Parameter(str, "Credential string"),
+ Parameter(str, "Record type"),
+ Parameter(str, "Human readable name of slice to instantiate (hrn or urn)"),
+ Mixed(Parameter(str, "Human readable name of the original caller"),
+ Parameter(None, "Origin hrn not specified"))
+ ]
+
+ returns = Parameter(int, "1 if successful")
+
+ def call(self, cred, type, xrn, origin_hrn=None):
+ user_cred = Credential(string=cred)
+
+ # convert xrn to hrn
+ if type:
+ hrn = urn_to_hrn(xrn)[0]
+ else:
+ hrn, type = urn_to_hrn(xrn)
+
+ #log the call
+ if not origin_hrn:
+ origin_hrn = user_cred.get_gid_caller().get_hrn()
+ self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, hrn, self.name))
+
+ # validate the cred
+ self.api.auth.check(cred, "remove")
+ self.api.auth.verify_object_permission(hrn)
+
+ # send the call to the right manager
+ manager_base = 'sfa.managers'
+ mgr_type = self.api.config.SFA_REGISTRY_TYPE
+ manager_module = manager_base + ".registry_manager_%s" % mgr_type
+ manager = __import__(manager_module, fromlist=[manager_base])
+ return manager.remove(self.api, xrn, type, origin_hrn)
--- /dev/null
+from sfa.util.faults import *
+from sfa.util.method import Method
+from sfa.util.parameter import Parameter, Mixed
+from sfa.trust.auth import Auth
+from sfa.util.record import SfaRecord
+from sfa.util.table import SfaTable
+from sfa.util.debug import log
+from sfa.trust.credential import Credential
+from types import StringTypes
+
+class remove_peer_object(Method):
+ """
+ Remove an peer object from the PLC records of a local aggregate.
+ This method will be called by registry.remove() while removing
+ a record from the local aggreage's PLCDB and sfa table. This
+ method need not be directly called by end-user.
+
+ @param cred credential string
+ @param record record as stored in the local registry
+
+ @return 1 if successful, faults otherwise
+ """
+
+ interfaces = ['registry']
+
+ accepts = [
+ Parameter(str, "Credential string"),
+ Parameter(dict, "Record dictionary"),
+ Mixed(Parameter(str, "Human readable name of the original caller"),
+ Parameter(None, "Origin hrn not specified"))
+ ]
+
+ returns = Parameter(int, "1 if successful")
+
+ def call(self, cred, record, origin_hrn=None):
+ user_cred = Credential(string=cred)
+
+ #log the call
+ if not origin_hrn:
+ origin_hrn = user_cred.get_gid_caller().get_hrn()
+ self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, record['hrn'], self.name))
+
+ self.api.auth.check(cred, "remove")
+
+ # Only allow the local interface or record owner to delete peer_records
+ try: self.api.auth.verify_object_permission(record['hrn'])
+ except: self.api.auth.verify_cred_is_me(cred)
+
+ table = SfaTable()
+ hrn, type = record['hrn'], record['type']
+ records = table.find({'hrn': hrn, 'type': type })
+ for record in records:
+ if record['peer_authority']:
+ self.remove_plc_record(record)
+ table.remove(record)
+
+ return 1
+
+ def remove_plc_record(self, record):
+ type = record['type']
+ if type == "user":
+ persons = self.api.plshell.GetPersons(self.api.plauth, {'person_id' : record['pointer']})
+ if not persons:
+ return 1
+ person = persons[0]
+ if person['peer_id']:
+ peer = self.get_peer_name(person['peer_id'])
+ self.api.plshell.UnBindObjectFromPeer(self.api.plauth, 'person', person['person_id'], peer)
+ self.api.plshell.DeletePerson(self.api.plauth, person['person_id'])
+
+ elif type == "slice":
+ slices=self.api.plshell.GetSlices(self.api.plauth, {'slice_id' : record['pointer']})
+ if not slices:
+ return 1
+ slice=slices[0]
+ if slice['peer_id']:
+ peer = self.get_peer_name(slice['peer_id'])
+ self.api.plshell.UnBindObjectFromPeer(self.api.plauth, 'slice', slice['slice_id'], peer)
+ self.api.plshell.DeleteSlice(self.api.plauth, slice['slice_id'])
+ elif type == "authority":
+ sites=self.api.plshell.GetSites(self.api.plauth, {'site_id' : record['pointer']})
+ if not sites:
+ return 1
+ site=sites[0]
+ if site['peer_id']:
+ peer = self.get_peer_name(site['peer_id'])
+ self.api.plshell.UnBindObjectFromPeer(self.api.plauth, 'site', site['site_id'], peer)
+ self.api.plshell.DeleteSite(self.api.plauth, site['site_id'])
+
+ else:
+ raise UnknownSfaType(type)
+
+ return 1
+
+ def get_peer_name(self, peer_id):
+ peers = self.api.plshell.GetPeers(self.api.plauth, [peer_id], ['peername', 'shortname', 'hrn_root'])
+ if not peers:
+ raise SfaInvalidArgument, "No such peer"
+ peer = peers[0]
+ return peer['shortname']
+
+
+
--- /dev/null
+### $Id: resolve.py 17157 2010-02-21 04:19:34Z tmack $
+### $URL: https://svn.planet-lab.org/svn/sfa/trunk/sfa/methods/resolve.py $
+import traceback
+import types
+from sfa.util.faults import *
+from sfa.util.namespace import *
+from sfa.util.method import Method
+from sfa.util.parameter import Parameter, Mixed
+from sfa.util.debug import log
+from sfa.trust.credential import Credential
+from sfa.util.record import SfaRecord
+
+class Resolve(Method):
+ """
+ Resolve a record.
+
+ @param cred credential string authorizing the caller
+ @param hrn human readable name to resolve (hrn or urn)
+ @return a list of record dictionaries or empty list
+ """
+
+ interfaces = ['registry']
+
+ accepts = [
+ Mixed(Parameter(str, "Human readable name (hrn or urn)"),
+ Parameter(list, "List of Human readable names ([hrn])")),
+ Mixed(Parameter(str, "Credential string"),
+ Parameter(list, "List of credentials)"))
+ ]
+
+ returns = [SfaRecord]
+
+ def call(self, xrns, creds):
+ if not isinstance(xrns, types.ListType):
+ xrns=[xrns]
+ hrns = [urn_to_hrn(xrn)[0] for xrn in xrns]
+
+ #find valid credentials
+ valid_creds = self.api.auth.checkCredentials(creds, 'resolve')
+
+ #log the call
+ origin_hrn = Credential(string=valid_creds[0]).get_gid_caller().get_hrn()
+ self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, hrns, self.name))
+
+ # send the call to the right manager
+ manager = self.api.get_interface_manager()
+ return manager.resolve(self.api, xrns, creds)
+
+
+
from sfa.util.parameter import Parameter
from sfa.trust.credential import Credential
-class ResolveGENI(Method):
+class Resolve(Method):
"""
Lookup a URN and return information about the corresponding object.
@param urn
-
"""
+
interfaces = ['registry']
accepts = [
Parameter(str, "URN"),
manager = __import__(manager_module, fromlist=[manager_base])
return manager.Resolve(self.api, xrn, '')
- return {}
\ No newline at end of file
+ return {}
--- /dev/null
+### $Id: update.py 16477 2010-01-05 16:31:37Z thierry $
+### $URL: https://svn.planet-lab.org/svn/sfa/trunk/sfa/methods/update.py $
+
+import time
+from sfa.util.faults import *
+from sfa.util.method import Method
+from sfa.util.parameter import Parameter, Mixed
+from sfa.util.debug import log
+from sfa.trust.credential import Credential
+
+class update(Method):
+ """
+ Update an object in the registry. Currently, this only updates the
+ PLC information associated with the record. The SFA fields (name, type,
+ GID) are fixed.
+
+ @param cred credential string specifying rights of the caller
+ @param record a record dictionary to be updated
+
+ @return 1 if successful, faults otherwise
+ """
+
+ interfaces = ['registry']
+
+ accepts = [
+ Parameter(str, "Credential string"),
+ Parameter(dict, "Record dictionary to be updated"),
+ Mixed(Parameter(str, "Human readable name of the original caller"),
+ Parameter(None, "Origin hrn not specified"))
+ ]
+
+ returns = Parameter(int, "1 if successful")
+
+ def call(self, cred, record_dict, origin_hrn=None):
+ user_cred = Credential(string=cred)
+
+ #log the call
+ if not origin_hrn:
+ origin_hrn = user_cred.get_gid_caller().get_hrn()
+ self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, None, self.name))
+
+ # validate the cred
+ self.api.auth.check(cred, "update")
+
+ # send the call to the right manager
+ manager_base = 'sfa.managers'
+ mgr_type = self.api.config.SFA_REGISTRY_TYPE
+ manager_module = manager_base + ".registry_manager_%s" % mgr_type
+ manager = __import__(manager_module, fromlist=[manager_base])
+ return manager.update(self.api, record_dict)
+
get_ticket
get_trusted_certs
list
+List
redeem_ticket
+RedeemTicket
register
+Register
register_peer_object
remove
+Remove
reset_slice
resolve
+Resolve
start_slice
stop_slice
update
+Update
remove_peer_object
GetTicket
GetVersion
from sfa.util.namespace import *
from sfa.util.method import Method
from sfa.util.parameter import Parameter, Mixed
-from sfa.util.debug import log
-from sfa.trust.credential import Credential
from sfa.util.record import SfaRecord
+from sfa.methods.Resolve import Resolve
-class resolve(Method):
+class resolve(Resolve):
"""
+ Deprecated. Use Resolve instead
Resolve a record.
@param cred credential string authorizing the caller
returns = [SfaRecord]
def call(self, cred, xrns, origin_hrn=None):
- user_cred = Credential(string=cred)
- if not isinstance(xrns, types.ListType):
- xrns=[xrns]
- hrns = [urn_to_hrn(xrn)[0] for xrn in xrns]
-
- #log the call
- if not origin_hrn:
- origin_hrn = user_cred.get_gid_caller().get_hrn()
- self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, hrns, self.name))
-
- # validate the cred
- self.api.auth.check(cred, 'resolve')
- # send the call to the right manager
- manager_base = 'sfa.managers'
- mgr_type = self.api.config.SFA_REGISTRY_TYPE
- manager_module = manager_base + ".registry_manager_%s" % mgr_type
- manager = __import__(manager_module, fromlist=[manager_base])
- return manager.resolve(self.api, xrns, origin_hrn=origin_hrn)
+ return Resolve.call(self, xrns, cred)
for person_id in pi_ids:
hrns = [person['hrn'] for person in persons[person_id]]
record['PI'].extend(hrns)
+ record['geni_urn'] = hrn_to_urn(record['hrn'], 'slice')
+ record['geni_creator'] = record['PI']
elif (type == "authority"):
record['PI'] = []
elif (type == "user"):
sfa_info['email'] = record.get("email", "")
+ sfa_info['geni_urn'] = hrn_to_urn(record['hrn'], 'user')
+ sfa_info['geni_certificate'] = record['gid']
# xxx TODO: PostalAddress, Phone
record.update(sfa_info)
git://git.onelab.eu / sfa.git / commitdiff