from sfa.storage.alchemy import dbsession
from sfa.storage.model import RegRecord, RegAuthority, RegSlice, RegNode, \
RegUser, RegKey
-
+from sfa.util.sfalogging import logger
from sqlalchemy.exc import SQLAlchemyError
class SlabImporter:
- def __init__ (self, auth_hierarchy, logger):
+ def __init__ (self, auth_hierarchy, loc_logger):
self.auth_hierarchy = auth_hierarchy
- self.logger=logger
+ self.logger = loc_logger
+ self.logger.setLevelDebug()
def hostname_to_hrn_escaped(self, root_auth, hostname):
return '.'.join( [root_auth,Xrn.escape(hostname)] )
if len(person_hrn) > 64: person_hrn = person_hrn[:64]
person_urn = hrn_to_urn(person_hrn, 'user')
- user_record = self.find_record_by_type_hrn( 'user', person_hrn)
+ user_record = self.find_record_by_type_hrn('user', person_hrn)
slice_record = self.find_record_by_type_hrn ('slice', slice_hrn)
# return a tuple pubkey (a plc key object) and pkey (a Keypair object)
def init_person_key (person, slab_key):
- pubkey=None
- if person['pkey']:
+ pubkey = None
+ if person['pkey'] and 'ssh-rsa' in person['pkey']:
# randomly pick first key in set
pubkey = slab_key
+
try:
pkey = convert_public_key(pubkey)
- except:
- self.logger.warn('SlabImporter: unable to convert public key for %s' % person_hrn)
+ except TypeError:
+ #key not good. create another pkey
+ self.logger.warn('SlabImporter: \
+ unable to convert public \
+ key for %s' % person_hrn)
pkey = Keypair(create=True)
+
else:
# the user has no keys. Creating a random keypair for the user's gid
- self.logger.warn("SlabImporter: person %s does not have a PL public key"%person_hrn)
- pkey = Keypair(create=True)
+ #self.logger.warn("SlabImporter: person %s does not have a PL public key"%person_hrn)
+ #pkey = Keypair(create=True) commented out SA 10/10/12
+ #TODO SA 10/10/12 If no valid key in ldap,user and slice
+ #not imported
+ pubkey = None
+ pkey = None
return (pubkey, pkey)
# new person
if not user_record:
(pubkey,pkey) = init_person_key (person, slab_key )
- person_gid = self.auth_hierarchy.create_gid(person_urn, create_uuid(), pkey)
- if person['email']:
- print>>sys.stderr, "\r\n \r\n SLAB IMPORTER PERSON EMAIL OK email %s " %(person['email'])
- person_gid.set_email(person['email'])
- user_record = RegUser (hrn=person_hrn, gid=person_gid,
- pointer='-1',
- authority=get_authority(person_hrn),
- email=person['email'])
- else:
- user_record = RegUser (hrn=person_hrn, gid=person_gid,
- pointer='-1',
- authority=get_authority(person_hrn))
-
- if pubkey:
- user_record.reg_keys=[RegKey (pubkey)]
- else:
- self.logger.warning("No key found for user %s"%user_record)
- user_record.just_created()
- dbsession.add (user_record)
- dbsession.commit()
- self.logger.info("SlabImporter: imported person: %s" % user_record)
- print>>sys.stderr, "\r\n \r\n SLAB IMPORTER PERSON IMPORT NOTuser_record %s " %(user_record)
- self.update_just_added_records_dict( user_record )
+ if pubkey is not None and pkey is not None :
+ person_gid = self.auth_hierarchy.create_gid(person_urn, create_uuid(), pkey)
+ if person['email']:
+ print>>sys.stderr, "\r\n \r\n SLAB IMPORTER PERSON EMAIL OK email %s " %(person['email'])
+ person_gid.set_email(person['email'])
+ user_record = RegUser (hrn=person_hrn, gid=person_gid,
+ pointer='-1',
+ authority=get_authority(person_hrn),
+ email=person['email'])
+ else:
+ user_record = RegUser (hrn=person_hrn, gid=person_gid,
+ pointer='-1',
+ authority=get_authority(person_hrn))
+
+ if pubkey:
+ user_record.reg_keys = [RegKey (pubkey)]
+ else:
+ self.logger.warning("No key found for user %s"%user_record)
+ user_record.just_created()
+ dbsession.add (user_record)
+ dbsession.commit()
+ self.logger.info("SlabImporter: imported person: %s" % user_record)
+ print>>sys.stderr, "\r\n \r\n SLAB IMPORTER PERSON IMPORT NOTuser_record %s " %(user_record)
+ self.update_just_added_records_dict( user_record )
else:
# update the record ?
# if user's primary key has changed then we need to update the
try:
slice = slices_by_userid[user_record.record_id]
except:
- self.logger.warning ("SlabImporter: cannot locate slices_by_userid[user_record.record_id] %s - ignored"%user_record.record_id )
- if not slice_record:
-
+ self.logger.warning ("SlabImporter: cannot locate slices_by_userid[user_record.record_id] %s - ignored"%user_record)
+
+ if not slice_record and user_record:
try:
pkey = Keypair(create=True)
urn = hrn_to_urn(slice_hrn, 'slice')
slab_dbsession.commit()
self.logger.info("SlabImporter: imported slice: %s" % slice_record)
self.update_just_added_records_dict ( slice_record )
+ slice_record.reg_researchers = [user_record]
+ dbsession.commit()
+ slice_record.stale=False
except:
self.logger.log_exc("SlabImporter: failed to import slice")
pass
# record current users affiliated with the slice
- slice_record.reg_researchers = [user_record]
- dbsession.commit()
- slice_record.stale=False
+ #TODO SA 10/10/12 commented out No slice if user does not have
+ #valide ssh key
+ #slice_record.reg_researchers = [user_record]
+ #dbsession.commit()
+ #slice_record.stale=False
record_avakian['first_name'] = 'sandrine'
record_avakian['mail'] = 'sandrine.avakian@inria.fr'
pubkey = "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAwSUkJ+cr3xM47h8lFkIXJoJhg4wHakTaLJmgTXkzvUmQsQeFB2MjUZ6WAelMXj/EFz2+XkK+bcWNXwfbrLptJQ+XwGpPZlu9YV/kzO63ghVrAyEg0+p7Pn1TO9f1ZYg4R6JfP/3qwH1AsE+X3PNpIewsuEIKwd2wUCJDf5RXJTpl39GizcBFemrRqgs0bdqAN/vUT9YvtWn8fCYR5EfJHVXOK8P1KmnbuGZpk7ryz21pDMlgw13+8aYB+LPkxdv5zG54A5c6o9N3zOCblvRFWaNBqathS8y04cOYWPmyu+Q0Xccwi7vM3Ktm8RoJw+raQNwsmneJOm6KXKnjoOQeiQ== savakian@sfa2.grenoble.senslab.info"
-
- record_myslice = {}
- record_myslice['hrn']= 'senslab2.myslice'
- record_myslice['last_name'] = 'myslice'
- record_myslice['first_name'] = 'myslice'
- record_myslice['mail'] = 'nturro@inria.fr'
- pubkeymyslice = "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAuyRPwn8PZxjdhu+ciRuPyM0eVBn7XS7i3tym9F30UVhaCd09a/UEmGn7WJZdfsxV3hXqG1Wc766FEst97NuzHzELSuvy/rT96J0UHG4wae4pnzOLd6NwFdZh7pkPsgHMHxK9ALVE68Puu+EDSOB5bBZ9Q624wCIGxEpmuS/+X+dDBTKgG5Hi0WA1uKJwhLSbbXb38auh4FlYgXPsdpljTIJatt+zGL0Zsy6fdrsVRc5W8kr3/SmE4OMNyabKBNyxioSEuYhRSjoQAHnYoevEjZniP8IzscKK7qwelzGUfnJEzexikhsQamhAFti2ReiFfoHBRZxnSc49ioH7Kaci5w== root@rhoecos3.ipv6.lip6.fr"
-
- pubkeytestuser = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDYS8tzufciTm6GdNUGHQc64OfTxFebMYUwh/Jl04IPTvjjr26uakbM0M2v33HxZ5Q7PnmPN9pB/w+a+f7a7J4cNs/tApOMg2hb6UrLaOrdnDMOs4KZlfElyDsF3Zx5QwxPYvzsKADAbDVoX4NF9PttuDLdm2l3nLSvm89jfla00GBg+K8grdOCHyYZVX/Wt7kxhXDK3AidQhKJgn+iD5GxvtWMBE+7S5kJGdRW1W10lSLBW3+VNsCrKJB2s8L55Xz/l2HNBScU7T0VcMQJrFxEXKzLPagZsMz0lfLzHESoGHIZ3Tz85DfECbTtMxLts/4KoAEc3EE+PYr2VDeAggDx testuser@myslice"
ret = ldap.LdapModifyUser(record_avakian, {'sshPublicKey':pubkey})
+ print "\r\n Sandrine \tChange pubkey LdapModifyUser ", ret
+ #record_myslice = {}
+ #record_myslice['hrn']= 'senslab2.myslice'
+ #record_myslice['last_name'] = 'myslice'
+ #record_myslice['first_name'] = 'myslice'
+ #record_myslice['mail'] = 'nturro@inria.fr'
+ #pubkeymyslice = "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAuyRPwn8PZxjdhu+ciRuPyM0eVBn7XS7i3tym9F30UVhaCd09a/UEmGn7WJZdfsxV3hXqG1Wc766FEst97NuzHzELSuvy/rT96J0UHG4wae4pnzOLd6NwFdZh7pkPsgHMHxK9ALVE68Puu+EDSOB5bBZ9Q624wCIGxEpmuS/+X+dDBTKgG5Hi0WA1uKJwhLSbbXb38auh4FlYgXPsdpljTIJatt+zGL0Zsy6fdrsVRc5W8kr3/SmE4OMNyabKBNyxioSEuYhRSjoQAHnYoevEjZniP8IzscKK7qwelzGUfnJEzexikhsQamhAFti2ReiFfoHBRZxnSc49ioH7Kaci5w== root@rhoecos3.ipv6.lip6.fr"
- print "\r\n Sandrine \tChange pubkey LdapModifyUser ", ret
+ #pubkeytestuser = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDYS8tzufciTm6GdNUGHQc64OfTxFebMYUwh/Jl04IPTvjjr26uakbM0M2v33HxZ5Q7PnmPN9pB/w+a+f7a7J4cNs/tApOMg2hb6UrLaOrdnDMOs4KZlfElyDsF3Zx5QwxPYvzsKADAbDVoX4NF9PttuDLdm2l3nLSvm89jfla00GBg+K8grdOCHyYZVX/Wt7kxhXDK3AidQhKJgn+iD5GxvtWMBE+7S5kJGdRW1W10lSLBW3+VNsCrKJB2s8L55Xz/l2HNBScU7T0VcMQJrFxEXKzLPagZsMz0lfLzHESoGHIZ3Tz85DfECbTtMxLts/4KoAEc3EE+PYr2VDeAggDx testuser@myslice"
- password = "ReptileFight"
- enc = ldap.encrypt_password(password)
- print "\r\n sandrine \tencrypt_password ", enc
+
+
+ #password = "ReptileFight"
+ #enc = ldap.encrypt_password(password)
+ #print "\r\n sandrine \tencrypt_password ", enc
- ret = ldap.LdapModifyUser(record_avakian, {'userPassword':enc})
- print "\r\n sandrine \tChange password LdapModifyUser ", ret
+ #ret = ldap.LdapModifyUser(record_avakian, {'userPassword':enc})
+ #print "\r\n sandrine \tChange password LdapModifyUser ", ret
return