from sfa.util.xrn import Xrn
from sfa.storage.record import Record
from sfa.client.sfi import save_records_to_file
-pprinter = PrettyPrinter(indent=4)
+from sfa.trust.hierarchy import Hierarchy
+from sfa.trust.gid import GID
+pprinter = PrettyPrinter(indent=4)
def args(*args, **kwargs):
def _decorator(func):
available_methods.append(attrib)
return available_methods
-class RegistryCommands(Commands):
+class RegistryCommands(Commands):
def __init__(self, *args, **kwds):
self.api= Generic.the_flavour().make_api(interface='registry')
def credential(self, xrn, type=None):
cred = self.api.manager.GetCredential(self.api, xrn, type, self.api.hrn)
print cred
+
+
+ def import_registry(self):
+ pass
+
+ @args('-a', '--all', dest='all', metavar='<all>', action='store_true', default=False,
+ help='Remove all registry records and all files in %s area' % Hierarchy().basedir)
+ @args('-c', '--certs', dest='certs', metavar='<certs>', action='store_true', default=False,
+ help='Remove all cached certs/gids found in %s' % Hierarchy().basedir )
+ @args('-0', '--no-reinit', dest='reinit', metavar='<reinit>', action='store_false', default=True,
+ help='By default a new DB schema is installed after the cleanup; this option prevents that')
+ def nuke(self, all=False, certs=False, reinit=True):
+ from sfa.storage.dbschema import DBSchema
+ from sfa.util.sfalogging import _SfaLogger
+ logger = _SfaLogger(logfile='/var/log/sfa_import.log', loggername='importlog')
+ logger.setLevelFromOptVerbose(self.api.config.SFA_API_LOGLEVEL)
+ logger.info("Purging SFA records from database")
+ dbschema=DBSchema()
+ dbschema.nuke()
+
+ # for convenience we re-create the schema here, so there's no need for an explicit
+ # service sfa restart
+ # however in some (upgrade) scenarios this might be wrong
+ if options.reinit:
+ logger.info("re-creating empty schema")
+ dbschema.init_or_upgrade()
+
+ # remove the server certificate and all gids found in /var/lib/sfa/authorities
+ if options.clean_certs:
+ logger.info("Purging cached certificates")
+ for (dir, _, files) in os.walk('/var/lib/sfa/authorities'):
+ for file in files:
+ if file.endswith('.gid') or file == 'server.cert':
+ path=dir+os.sep+file
+ os.unlink(path)
+
+ # just remove all files that do not match 'server.key' or 'server.cert'
+ if options.all:
+ logger.info("Purging registry filesystem cache")
+ preserved_files = [ 'server.key', 'server.cert']
+ for (dir,_,files) in os.walk(Hierarchy().basedir):
+ for file in files:
+ if file in preserved_files: continue
+ path=dir+os.sep+file
+ os.unlink(path)
+
class CerficiateCommands(Commands):
- def import_records(self, xrn):
+ def import_gid(self, xrn):
pass
- def export(self, xrn):
- pass
-
- def display(self, xrn):
- pass
-
- def nuke(self):
- pass
+ @args('-x', '--xrn', dest='xrn', metavar='<xrn>', help='object hrn/urn')
+ @args('-t', '--type', dest='type', metavar='<type>', help='object type', default=None)
+ @args('-o', '--outfile', dest='outfile', metavar='<outfile>', help='output file', default=None)
+ def export(self, xrn, type=None, outfile=None):
+ request=dbsession.query(RegRecord).filter_by(hrn=hrn)
+ if type: request = request.filter_by(type=type)
+ record=request.first()
+ if record:
+ gid = GID(string=record.gid)
+ else:
+ # check the authorities hierarchy
+ hierarchy = Hierarchy()
+ try:
+ auth_info = hierarchy.get_auth_info(hrn)
+ gid = auth_info.gid_object
+ except:
+ print "Record: %s not found" % hrn
+ sys.exit(1)
+ # save to file
+ if not outfile:
+ outfile = os.path.abspath('./%s.gid' % gid.get_hrn())
+ gid.save_to_file(outfile, save_parents=True)
+
+ @args('-g', '--gidfile', dest='gid', metavar='<gid>', help='path of gid file to display')
+ def display(self, gidfile):
+ gid_path = os.path.abspath(gidfile)
+ if not gid_path or not os.path.isfile(gid_path):
+ print "No such gid file: %s" % gidfile
+ sys.exit(1)
+ gid = GID(filename=gid_path)
+ gid.dump(dump_parents=True)
+
class AggregateCommands(Commands):
@args('-x', '--xrn', dest='xrn', metavar='<xrn>', help='object hrn/urn', default=None)
@args('-r', '--rspec', dest='rspec', metavar='<rspec>', help='rspec file')
- def create(self, xrn, rspec):
- pass
+ @args('-u', '--user', dest='user', metavar='<user>', help='hrn/urn of slice user')
+ @args('-k', '--key', dest='key', metavar='<key>', help="path to user's public key file")
+ def create(self, xrn, rspec, user, key):
+ xrn = Xrn(xrn)
+ slice_urn=xrn.get_urn()
+ slice_hrn=xrn.get_hrn()
+ rspec_string = open(rspec).read()
+ user_xrn = Xrn(user, 'user')
+ user_urn = user_xrn.get_urn()
+ user_key_string = open(key).read()
+ users = [{'urn': user_urn, 'keys': [user_key_string]}]
+ options={}
+ self.api.manager.CreateSliver(self, slice_urn, slice_hrn, [], rspec_string, users, options)
@args('-x', '--xrn', dest='xrn', metavar='<xrn>', help='object hrn/urn', default=None)
def delete(self, xrn):
pass
+
class SliceManagerCommands(AggregateCommands):
def __init__(self, *args, **kwds):
git://git.onelab.eu / sfa.git / commitdiff