return 1
- # This is a PLC-specific thing...
+ # This is a PLC-specific thing, won't work with other platforms
def get_key_from_incoming_ip (self, api):
# verify that the callers's ip address exist in the db and is an interface
# for a node in the db
node = nodes[0]
# look up the sfa record
- table = SfaTable()
- records = table.findObjects({'type': 'node', 'pointer': node['node_id']})
- if not records:
- raise RecordNotFound("pointer:" + str(node['node_id']))
- record = records[0]
+ record=dbsession.query(RegRecord).filter_by(type='node',pointer=node['node_id']).first()
+ if not record:
+ raise RecordNotFound("node with pointer %s"%node['node_id'])
# generate a new keypair and gid
uuid = create_uuid()
pkey = Keypair(create=True)
- urn = hrn_to_urn(record['hrn'], record['type'])
+ urn = hrn_to_urn(record.hrn, record.type)
gid_object = api.auth.hierarchy.create_gid(urn, uuid, pkey)
gid = gid_object.save_to_string(save_parents=True)
- record['gid'] = gid
- record.set_gid(gid)
+ record.gid = gid
# update the record
- table.update(record)
+ dbsession.commit()
# attempt the scp the key
# and gid onto the node
from sfa.trust.gid import GID, create_uuid
from sfa.trust.hierarchy import Hierarchy
-from sfa.storage.table import SfaTable
+from sfa.storage.alchemy import dbsession
+from sfa.storage.persistentobjs import RegRecord
def main():
args = sys.argv
hrn = options.export
type = options.type
# check sfa table first
- filter = {'hrn': hrn}
- if type:
- filter['type'] = type
- table = SfaTable()
- records = table.find(filter)
- if not records:
+ request=dbsession.query(RegRecord).filter_by(hrn=hrn)
+ if type: request = request.filter_by(type=type)
+ record=request.first()
+ if not record:
# check the authorities hierarchy
hierarchy = Hierarchy()
try:
print "Record: %s not found" % hrn
sys.exit(1)
else:
- record = records[0]
- gid = GID(string=record['gid'])
+ gid = GID(string=record.gid)
# get the outfile
outfile = options.outfile
sys.exit(1)
# check if record exists in db
- table = SfaTable()
- records = table.find({'hrn': gid.get_hrn(), 'type': 'authority'})
- if not records:
+ record = dbsession.query(RegRecord).filter_by(type='authority',hrn=gid.get_hrn()).first()
+ if not record:
print "%s not found in record database" % gid.get_hrn()
sys.exit(1)
# update the database record
- record = records[0]
- record['gid'] = gid.save_to_string(save_parents=True)
- table.update(record)
+ record.gid = gid.save_to_string(save_parents=True)
+ dbsession.commit()
if options.verbose:
print "Imported %s gid into db" % record['hrn']
from sfa.trust.hierarchy import Hierarchy
from sfa.server.registry import Registries
-from sfa.storage.table import SfaTable
+from sfa.storage.alchemy import dbsession
+from sfa.storage.persistentobjs import RegRecord
from sfa.client.sfaserverproxy import SfaServerProxy
tree.load(registries.keys())
# get local peer records
- table = SfaTable()
- peer_records = table.find({'~peer_authority': None})
+ peer_records=dbsession.query(RegRecord).filter (RegRecord.peer_authority != None).all()
found_records = []
hrn_dict = {}
for record in peer_records:
- registry_hrn = tree.best_match(record['hrn'])
+ registry_hrn = tree.best_match(record.hrn)
if registry_hrn not in hrn_dict:
hrn_dict[registry_hrn] = []
- hrn_dict[registry_hrn].append(record['hrn'])
+ hrn_dict[registry_hrn].append(record.hrn)
# attempt to resolve the record at the authoritative interface
for registry_hrn in hrn_dict:
# remove what wasnt found
for peer_record in peer_records:
- if peer_record['hrn'] not in found_records:
- registries[sfa_api.hrn].Remove(peer_record['hrn'], credential, peer_record['type'])
+ if peer_record.hrn not in found_records:
+ registries[sfa_api.hrn].Remove(peer_record.hrn, credential, peer_record.type)
if __name__ == '__main__':
main()
Removes old records from the db.
"""
# import SfaTable here so this module can be loaded by PlcComponentApi
- from sfa.storage.table import SfaTable
- from sfa.storage.record import SfaRecord
+ from sfa.storage.alchemy import dbsession
+ from sfa.storage.persistentobjs import RegRecord
if not gids:
return
- table = SfaTable()
# get records that actually exist in the db
gid_urns = [gid.get_urn() for gid in gids]
hrns_expected = [gid.get_hrn() for gid in gids]
- records_found = table.find({'hrn': hrns_expected, 'pointer': -1})
+ records_found = dbsession.query(RegRecord).\
+ filter_by(pointer=-1)filter(RegRecord.hrn.in_(hrns_expected)).all()
# remove old records
for record in records_found:
- if record['hrn'] not in hrns_expected and \
- record['hrn'] != self.api.config.SFA_INTERFACE_HRN:
- table.remove(record)
+ if record.hrn not in hrns_expected and \
+ record.hrn != self.api.config.SFA_INTERFACE_HRN:
+ del record
# TODO: store urn in the db so we do this in 1 query
for gid in gids:
hrn, type = gid.get_hrn(), gid.get_type()
- record = table.find({'hrn': hrn, 'type': type, 'pointer': -1})
+ record = dbsession.query(RegRecord).filter_by(hrn=hrn, type=type,pointer=-1).first()
if not record:
- record = {
- 'hrn': hrn, 'type': type, 'pointer': -1,
- 'authority': get_authority(hrn),
- 'gid': gid.save_to_string(save_parents=True),
- }
- record = SfaRecord(dict=record)
- table.insert(record)
+ record = RegRecord (type=type)
+ record.set_from_dict (
+ { 'hrn': hrn,
+ 'authority': get_authority(hrn),
+ 'gid': gid.save_to_string(save_parents=True),
+ })
+ dbsession.add(record)
+ dbsession.commit()
def main():
# Generate command line parser
if not auth_hrn or hrn == self.config.SFA_INTERFACE_HRN:
auth_hrn = hrn
auth_info = self.auth.get_auth_info(auth_hrn)
- # xxx thgen fixme - use SfaTable hardwired for now
- # thgen xxx fixme this is wrong all right, but temporary, will use generic
- from sfa.storage.table import SfaTable
- table = SfaTable()
- records = table.findObjects({'hrn': hrn, 'type': 'authority+sa'})
- if not records:
- raise RecordNotFound
- record = records[0]
- type = record['type']
+ from sfa.storage.alchemy import dbsession
+ from sfa.storage.persistentobjs import RegRecord
+ record = dbsession.query(RegRecord).filter_by(type='authority+sa', hrn=hrn).first()
+ if not record:
+ raise RecordNotFound(hrn)
+ type = record.type
object_gid = record.get_gid_object()
new_cred = Credential(subject = object_gid.get_subject())
new_cred.set_gid_caller(object_gid)