return gid
else:
cert_str = self.cert.save_to_string(save_parents=True)
- request_hash=None
- if self.hashrequest:
- request_hash = self.key.compute_hash([cert_str, self.user, "user"])
- gid_str = self.registry.get_gid(cert_str, self.user, "user", request_hash)
+ gid_str = self.registry.get_gid(cert_str, self.user, "user")
gid = GID(string=gid_str)
if self.options.verbose:
print "Writing user gid to", file
else:
# bootstrap user credential
cert_string = self.cert.save_to_string(save_parents=True)
- request_hash=None
- if self.hashrequest:
- request_hash = self.key.compute_hash([cert_string, "user", self.user])
- user_name=self.user.replace(self.authority+".", '')
- if user_name.count(".") > 0:
- user_name = user_name.replace(".", '_')
- self.user=self.authority + "." + user_name
+ request_hash = self.key.compute_hash([cert_string, "user", self.user])
+ user_name=self.user.replace(self.authority+".", '')
+ if user_name.count(".") > 0:
+ user_name = user_name.replace(".", '_')
+ self.user=self.authority + "." + user_name
+
user_cred = self.registry.get_self_credential(cert_string, "user", self.user, request_hash)
if user_cred:
cred = Credential(string=user_cred)
else:
# bootstrap authority credential from user credential
user_cred = self.get_user_cred().save_to_string(save_parents=True)
- request_hash = None
- if self.hashrequest:
- request_hash = self.key.compute_hash([user_cred, "authority", self.authority])
- auth_cred = self.registry.get_credential(user_cred, "authority", self.authority, request_hash)
+ auth_cred = self.registry.get_credential(user_cred, "authority", self.authority)
if auth_cred:
cred = Credential(string=auth_cred)
cred.save_to_file(file, save_parents=True)
# bootstrap slice credential from user credential
user_cred = self.get_user_cred().save_to_string(save_parents=True)
arg_list = [user_cred, "slice", name]
- request_hash=None
- if self.hashrequest:
- request_hash = self.key.compute_hash(arg_list)
- slice_cred_str = self.registry.get_credential(user_cred, "slice", name, request_hash)
+ slice_cred_str = self.registry.get_credential(user_cred, "slice", name)
if slice_cred_str:
slice_cred = Credential(string=slice_cred_str)
slice_cred.save_to_file(file, save_parents=True)
def get_component_server_from_hrn(self, hrn):
# direct connection to the nodes component manager interface
user_cred = self.get_user_cred().save_to_string(save_parents=True)
- request_hash = self.key.compute_hash([user_cred, hrn])
- records = self.registry.resolve(user_cred, hrn, request_hash)
+ records = self.registry.resolve(user_cred, hrn)
records = filter_records('node', records)
if not records:
print "No such component:", opts.component
def list(self,opts, args):
user_cred = self.get_user_cred().save_to_string(save_parents=True)
hrn = args[0]
- request_hash=None
- if self.hashrequest:
- request_hash = self.key.compute_hash([user_cred, hrn])
try:
- list = self.registry.list(user_cred, hrn, request_hash)
+ list = self.registry.list(user_cred, hrn)
except IndexError:
raise Exception, "Not enough parameters for the 'list' command"
def show(self,opts, args):
user_cred = self.get_user_cred().save_to_string(save_parents=True)
hrn = args[0]
- request_hash=None
- if self.hashrequest:
- request_hash = self.key.compute_hash([user_cred, hrn])
- records = self.registry.resolve(user_cred, hrn, request_hash)
+ records = self.registry.resolve(user_cred, hrn)
records = filter_records(opts.type, records)
if not records:
print "No record of type", opts.type
type = opts.type
if type in ['all']:
type = '*'
- request_hash=None
- if self.hashrequest:
- arg_list = [auth_cred, type, hrn]
- request_hash = self.key.compute_hash(arg_list)
- return self.registry.remove(auth_cred, type, hrn, request_hash)
+ return self.registry.remove(auth_cred, type, hrn)
# add named registry record
def add(self,opts, args):
record_filepath = args[0]
rec_file = self.get_record_file(record_filepath)
record = load_record_from_file(rec_file).as_dict()
- request_hash=None
- if self.hashrequest:
- arg_list = [auth_cred]
- request_hash = self.key.compute_hash(arg_list)
- return self.registry.register(auth_cred, record, request_hash)
+ return self.registry.register(auth_cred, record)
# update named registry entry
def update(self,opts, args):
else:
raise "unknown record type" + record.get_type()
record = record.as_dict()
- request_hash=None
- if self.hashrequest:
- arg_list = [cred]
- request_hash = self.key.compute_hash(arg_list)
- return self.registry.update(cred, record, request_hash)
+ return self.registry.update(cred, record)
def get_trusted_certs(self, opts, args):
"""
hrn = None
if args:
hrn = args[0]
- request_hash=None
- if self.hashrequest:
- arg_list = [user_cred, hrn]
- request_hash = self.key.compute_hash(arg_list)
- result = self.registry.get_aggregates(user_cred, hrn, request_hash)
+ result = self.registry.get_aggregates(user_cred, hrn)
display_list(result)
return
hrn = None
if args:
hrn = args[0]
- request_hash=None
- if self.hashrequest:
- arg_list = [user_cred, hrn]
- request_hash = self.key.compute_hash(arg_list)
- result = self.registry.get_registries(user_cred, hrn, request_hash)
+ result = self.registry.get_registries(user_cred, hrn)
display_list(result)
return
# list instantiated slices
def slices(self,opts, args):
user_cred = self.get_user_cred().save_to_string(save_parents=True)
- request_hash=None
- if self.hashrequest:
- arg_list = [user_cred]
- request_hash = self.key.compute_hash(arg_list)
-
server = self.slicemgr
# direct connection to the nodes component manager interface
if opts.component:
server = self.get_component_server_from_hrn(opts.component)
- results = server.get_slices(user_cred, request_hash)
+ results = server.get_slices(user_cred)
display_list(results)
return
server = self.slicemgr
if opts.aggregate:
agg_hrn = opts.aggregate
- arg_list = [user_cred, agg_hrn]
- request_hash = self.key.compute_hash(arg_list)
- aggregates = self.registry.get_aggregates(user_cred, agg_hrn, request_hash)
+ aggregates = self.registry.get_aggregates(user_cred, agg_hrn)
if not aggregates:
raise Exception, "No such aggregate %s" % agg_hrn
aggregate = aggregates[0]
cred = user_cred
hrn = None
- request_hash=None
- if self.hashrequest:
- arg_list = [cred, hrn]
- request_hash = self.key.compute_hash(arg_list)
- result = server.get_resources(cred, hrn, request_hash)
+ result = server.get_resources(cred, hrn)
format = opts.format
display_rspec(result, format)
aggregate = aggregates[0]
url = "http://%s:%s" % (aggregate['addr'], aggregate['port'])
server = GeniClient(url, self.key_file, self.cert_file, self.options.protocol)
- request_hash=None
- if self.hashrequest:
- arg_list = [slice_cred, slice_hrn, rspec]
- request_hash = self.key.compute_hash(arg_list)
- return server.create_slice(slice_cred, slice_hrn, rspec, request_hash)
+ return server.create_slice(slice_cred, slice_hrn, rspec)
# get a ticket for the specified slice
def get_ticket(self, opts, args):
aggregate = aggregates[0]
url = "http://%s:%s" % (aggregate['addr'], aggregate['port'])
server = GeniClient(url, self.key_file, self.cert_file, self.options.protocol)
- request_hash=None
- if self.hashrequest:
- arg_list = [slice_cred, slice_hrn, rspec]
- request_hash = self.key.compute_hash(arg_list)
- ticket_string = server.get_ticket(slice_cred, slice_hrn, rspec, request_hash)
+ ticket_string = server.get_ticket(slice_cred, slice_hrn, rspec)
file = os.path.join(self.options.sfi_dir, get_leaf(slice_hrn) + ".ticket")
print "writing ticket to ", file
ticket = SfaTicket(string=ticket_string)
server = self.get_component_server_from_hrn(opts.component)
slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
- request_hash=None
- if self.hashrequest:
- arg_list = [slice_cred, slice_hrn]
- request_hash = self.key.compute_hash(arg_list)
- return server.delete_slice(slice_cred, slice_hrn, request_hash)
+ return server.delete_slice(slice_cred, slice_hrn)
# start named slice
def start(self,opts, args):
server = self.get_component_server_from_hrn(opts.component)
slice_cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True)
- request_hash=None
- if self.hashrequest:
- arg_list = [slice_cred, slice_hrn]
- request_hash = self.key.compute_hash(arg_list)
- return server.start_slice(slice_cred, slice_hrn, request_hash)
+ return server.start_slice(slice_cred, slice_hrn)
# stop named slice
def stop(self,opts, args):
server = self.get_component_server_from_hrn(opts.component)
slice_cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True)
- request_hash=None
- if self.hashrequest:
- arg_list = [slice_cred, slice_hrn]
- request_hash = self.key.compute_hash(arg_list)
- return server.stop_slice(slice_cred, slice_hrn, request_hash)
+ return server.stop_slice(slice_cred, slice_hrn)
# reset named slice
def reset(self,opts, args):
if opts.component:
server = self.get_component_server_from_hrn(opts.component)
slice_cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True)
- request_hash=None
- if self.hashrequest:
- arg_list = [slice_cred, slice_hrn]
- request_hash = self.key.compute_hash(arg_list)
- return server.reset_slice(slice_cred, slice_hrn, request_hash)
+ return server.reset_slice(slice_cred, slice_hrn)
#
# Main: parse arguments and dispatch to command
slices = Slices(api)
slices.create_slice_aggregate(hrn, rspec)
-def get_ticket(api, slice_hrn, rspec, gid_origin_caller=None):
+def get_ticket(api, slice_hrn, rspec, origin_hrn=None):
# the the slice record
registries = Registries(api)
registry = registries[api.hrn]
from sfa.server.aggregate import Aggregates
import sfa.plc.peers as peers
-def delete_slice(api, hrn, gid_origin_caller=None):
+def delete_slice(api, hrn, origin_hrn=None):
credential = api.getCredential()
- credential.set_gid_origin_caller(gid_origin_caller)
aggregates = Aggregates(api)
for aggregate in aggregates:
success = False
# request hash is optional so lets try the call without it
try:
- request_hash=None
- aggregates[aggregate].delete_slice(credential, hrn, request_hash, origin_hrn)
+ aggregates[aggregate].delete_slice(credential, hrn, origin_hrn)
success = True
except:
print >> log, "%s" % (traceback.format_exc())
print >> log, "Error calling delete slice at aggregate %s" % aggregate
-
- # try sending the request hash if the previous call failed
- if not success:
- try:
- arg_list = [credential, hrn]
- request_hash = api.key.compute_hash(arg_list)
- aggregates[aggregate].delete_slice(credential, hrn, request_hash)
- success = True
- except:
- print >> log, "%s" % (traceback.format_exc())
- print >> log, "Error calling list nodes at aggregate %s" % aggregate
return 1
-def create_slice(api, hrn, rspec, gid_origin_caller=None):
+def create_slice(api, hrn, rspec, origin_hrn=None):
spec = RSpec()
tempspec = RSpec()
spec.parseString(rspec)
rspecs = {}
aggregates = Aggregates(api)
credential = api.getCredential()
- credential.set_gid_origin_caller(gid_origin_caller)
# split the netspecs into individual rspecs
netspecs = spec.getDictsByTagName('NetSpec')
for netspec in netspecs:
if net_hrn in aggregates:
# send the whloe rspec to the local aggregate
if net_hrn in [api.hrn]:
- try:
- request_hash = None
- aggregates[net_hrn].create_slice(credential, hrn, \
- rspec, request_hash)
- except:
- arg_list = [credential,hrn,rspec]
- request_hash = api.key.compute_hash(arg_list)
- aggregates[net_hrn].create_slice(credential, hrn, \
- rspec, request_hash)
+ aggregates[net_hrn].create_slice(credential, hrn, rspec, \
+ origin_hrn)
else:
- try:
- request_hash = None
- aggregates[net_hrn].create_slice(credential, hrn, \
- rspecs[net_hrn], request_hash)
- except:
- arg_list = [credential,hrn,rspecs[net_hrn]]
- request_hash = api.key.compute_hash(arg_list)
- aggregates[net_hrn].create_slice(credential, hrn, \
- rspecs[net_hrn], request_hash)
+ aggregates[net_hrn].create_slice(credential, hrn, \
+ rspecs[net_hrn], origin_hrn)
else:
# lets forward this rspec to a sm that knows about the network
- arg_list = [credential, net_hrn]
- request_hash = api.key.compute_hash(arg_list)
for aggregate in aggregates:
- try:
- network_found = aggregates[aggregate].get_aggregates(credential, net_hrn)
- except:
- network_found = aggregates[aggregate].get_aggregates(credential, net_hrn, request_hash)
+ network_found = aggregates[aggregate].get_aggregates(credential, net_hrn)
if network_found:
- try:
- request_hash = None
- aggregates[aggregate].create_slice(credential, hrn, \
- rspecs[net_hrn], request_hash, origin_hrn)
- except:
- arg_list = [credential, hrn, rspecs[net_hrn]]
- request_hash = api.key.compute_hash(arg_list)
- aggregates[aggregate].create_slice(credential, hrn, \
- rspecs[net_hrn], request_hash, origin_hrn)
+ aggregates[aggregate].create_slice(credential, hrn, \
+ rspecs[net_hrn], origin_hrn)
except:
print >> log, "Error creating slice %(hrn)s at aggregate %(net_hrn)s" % \
traceback.print_exc()
return 1
-def get_ticket(api, slice_hrn, rspec, gid_origin_caller=None):
+def get_ticket(api, slice_hrn, rspec, origin_hrn=None):
# get the netspecs contained within the clients rspec
client_rspec = RSpec(xml=rspec)
# send the rspec to the appropiate aggregate/sm
aggregates = Aggregates(api)
credential = api.getCredential()
- credential.set_gid_origin_caller(gid_origin_caller)
tickets = {}
for net_hrn in rspecs:
try:
# send them the request. if not, then we may be connected to an sm
# thats connected to the aggregate
if net_hrn in aggregates:
- try:
- ticket = aggregates[net_hrn].get_ticket(credential, slice_hrn, \
- rspecs[net_hrn], None)
- tickets[net_hrn] = ticket
- except:
- arg_list = [credential,hrn,rspecs[net_hrn]]
- request_hash = api.key.compute_hash(arg_list)
- ticket = aggregates[net_hrn].get_ticket(credential, slice_hrn, \
- rspecs[net_hrn], request_hash)
- tickets[net_hrn] = ticket
+ ticket = aggregates[net_hrn].get_ticket(credential, slice_hrn, \
+ rspecs[net_hrn], origin_hrn)
+ tickets[net_hrn] = ticket
else:
# lets forward this rspec to a sm that knows about the network
- arg_list = [credential, net_hrn]
- request_hash = api.key.compute_hash(arg_list)
for agg in aggregates:
- try:
- network_found = aggregates[agg].get_aggregates(credential, \
- net_hrn)
- except:
- network_found = aggregates[agg].get_aggregates(credential, \
- net_hrn, request_hash)
+ network_found = aggregates[agg].get_aggregates(credential, net_hrn)
if network_found:
- try:
- ticket = aggregates[aggregate].get_ticket(credential, \
- slice_hrn, rspecs[net_hrn], None)
- tickets[aggregate] = ticket
- except:
- arg_list = [credential, hrn, rspecs[net_hrn]]
- request_hash = api.key.compute_hash(arg_list)
- aggregates[aggregate].get_ticket(credential, slice_hrn, \
- rspecs[net_hrn], request_hash)
- tickets[aggregate] = ticket
+ ticket = aggregates[aggregate].get_ticket(credential, \
+ slice_hrn, rspecs[net_hrn], origin_hrn)
+ tickets[aggregate] = ticket
except:
print >> log, "Error getting ticket for %(slice_hrn)s at aggregate %(net_hrn)s" % \
locals()
slices.refresh()
return slices['hrn']
-def get_rspec(api, hrn=None, origin_gid_caller=None):
+def get_rspec(api, hrn=None, origin_hrn=None):
from sfa.plc.nodes import Nodes
- nodes = Nodes(api, origin_gid_caller=origin_gid_caller)
+ nodes = Nodes(api, origin_hrn=origin_hrn)
if hrn:
rspec = nodes.get_rspec(hrn)
else:
Parameter(str, "Human readable name (hrn)"),
Mixed(Parameter(str, "Unique identifier for new GID (uuid)"),
Parameter(None, "Unique identifier (uuid) not specified")),
- Parameter(str, "public-key string"),
- Mixed(Parameter(str, "Request hash"),
- Parameter(None, "Request hash not specified"))
+ Parameter(str, "public-key string")
]
returns = Parameter(str, "String represeneation of a GID object")
- def call(self, cred, hrn, uuid, pubkey_str, request_hash=None):
- # request hash is optional
- self.api.auth.authenticateCred(cred, [cred, hrn, uuid, pubkey_str], request_hash)
+ def call(self, cred, hrn, uuid, pubkey_str):
+ # validate the credential
self.api.auth.check(cred, "getcredential")
self.api.auth.verify_object_belongs_to_me(hrn)
self.api.auth.verify_object_permission(hrn)
Parameter(str, "Credential string"),
Parameter(str, "Human readable name of slice to instantiate"),
Parameter(str, "Resource specification"),
- Mixed(Parameter(str, "Request hash"),
- Parameter(None, "Request hash not specified"))
+ Mixed(Parameter(str, "Human readable name of the original caller"),
+ Paramater(None, "Origin hrn not specified"))
]
returns = Parameter(int, "1 if successful")
- def call(self, cred, hrn, requested_rspec, request_hash=None):
+ def call(self, cred, hrn, requested_rspec, origin_hrn=None):
user_cred = Credential(string=cred)
#log the call
- gid_origin_caller = user_cred.get_gid_origin_caller()
- origin_hrn = gid_origin_caller.get_hrn()
+ if not origin_hrn:
+ origin_hrn = user_cred.get_gid_caller().get_hrn()
self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, hrn, self.name))
- # This cred will be an slice cred, not a user, so we cant use it to
- # authenticate the caller's request_hash. Let just get the caller's gid
- # from the cred and authenticate using that
- client_gid = user_cred.get_gid_caller()
- client_gid_str = client_gid.save_to_string(save_parents=True)
- self.api.auth.authenticateGid(client_gid_str, [cred, hrn, requested_rspec], request_hash)
+ # validate the credential
self.api.auth.check(cred, 'createslice')
sfa_aggregate_type = Config().get_aggregate_rspec_type()
mgr_type = self.api.config.SFA_SM_TYPE
manager_module = manager_base + ".slice_manager_%s" % mgr_type
manager = __import__(manager_module, fromlist=[manager_base])
- manager.create_slice(self.api, hrn, rspec, gid_origin_caller)
+ manager.create_slice(self.api, hrn, rspec, origin_hrn)
return 1
accepts = [
Parameter(str, "Credential string"),
Parameter(str, "Human readable name of slice to delete"),
- Mixed(Parameter(str, "Request hash"),
- Parameter(None, "Request hash not specified"))
+ Mixed(Parameter(str, "Human readable name of the original caller"),
+ Paramater(None, "Origin hrn not specified"))
]
returns = Parameter(int, "1 if successful")
- def call(self, cred, hrn, request_hash=None):
+ def call(self, cred, hrn, origin_hrn=None):
user_cred = Credential(string=cred)
-
+
#log the call
- gid_origin_caller = user_cred.get_gid_origin_caller()
- origin_hrn = gid_origin_caller.get_hrn()
+ if not origin_hrn:
+ origin_hrn = user_cred.get_gid_caller().get_hrn()
self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, hrn, self.name))
- # This cred will be an slice cred, not a user, so we cant use it to
- # authenticate the caller's request_hash. Let just get the caller's gid
- # from the cred and authenticate using that
- client_gid = user_cred.get_gid_caller()
- client_gid_str = client_gid.save_to_string(save_parents=True)
- self.api.auth.authenticateGid(client_gid_str, [cred, hrn], request_hash)
+ # validate the credential
self.api.auth.check(cred, 'deleteslice')
-
# send the call to the right manager
manager_base = 'sfa.managers'
if self.api.interface in ['component']:
mgr_type = self.api.config.SFA_SM_TYPE
manager_module = manager_base + ".slice_manager_%s" % mgr_type
manager = __import__(manager_module, fromlist=[manager_base])
- manager.delete_slice(self.api, hrn, gid_origin_caller)
+ manager.delete_slice(self.api, hrn, origin_hrn)
return 1
accepts = [
Parameter(str, "Credential string"),
-
Mixed(Parameter(str, "Human readable name (hrn)"),
- Parameter(None, "hrn not specified")),
- Mixed(Parameter(str, "Request hash"),
- Parameter(None, "Request hash not specified"))
+ Parameter(None, "hrn not specified"))
]
returns = [Parameter(dict, "Aggregate interface information")]
- def call(self, cred, hrn = None, request_hash=None):
- self.api.auth.authenticateCred(cred, [cred, hrn], request_hash)
+ def call(self, cred, hrn = None):
self.api.auth.check(cred, 'list')
aggregates = Aggregates(self.api)
hrn_list = []
accepts = [
Mixed(Parameter(str, "credential"),
Parameter(None, "No credential")),
- Parameter(str, "Human readable name (hrn)"),
- Mixed(Parameter(str, "Request hash"),
- Parameter(None, "Request hash not specified"))
+ Parameter(str, "Human readable name (hrn)")
]
returns = Parameter(str, "String representation of a credential object")
- def call(self, cred, type, hrn, request_hash=None):
+ def call(self, cred, type, hrn):
- self.api.auth.authenticateCred(cred, [cred, type, hrn], request_hash)
self.api.auth.check(cred, 'getcredential')
self.api.auth.verify_object_belongs_to_me(hrn)
auth_hrn = self.api.auth.get_authority(hrn)
accepts = [
Parameter(str, "Certificate string"),
Parameter(str, "Human readable name (hrn)"),
- Mixed(Parameter(str, "Request hash"),
- Parameter(None, "Request hash not specified"))
+ Parameter(str, "Object type")
]
- returns = [Parameter(dict, "Aggregate interface information")]
+ returns = Parameter(str, "GID string")
- def call(self, cert, hrn, type, request_hash=None):
+ def call(self, cert, hrn, type):
self.api.auth.verify_object_belongs_to_me(hrn)
certificate = Certificate(string=cert)
if not certificate.is_pubkey(gid.get_pubkey()):
raise ConnectionKeyGIDMismatch(gid.get_subject())
- # authenticate the gid
- self.api.auth.authenticateGid(gidStr, [cert, hrn, type], request_hash)
-
return gidStr
accepts = [
Parameter(str, "Certificate string"),
Mixed(Parameter(str, "Human readable name (hrn)"),
- Parameter(type([str]), "List of Human readable names (hrn)")),
- Mixed(Parameter(str, "Request hash"),
- Parameter(None, "Request hash not specified"))
+ Parameter(type([str]), "List of Human readable names (hrn)"))
]
returns = [Parameter(dict, "Dictionary of gids keyed on hrn")]
- def call(self, cred, hrns, request_hash=None):
- self.api.auth.authenticateCred(cred, [cred, hrns], request_hash)
+ def call(self, cred, hrns):
+ # validate the credential
self.api.auth.check(cred, 'getgids')
table = GeniTable()
if not isinstance(hrns, list):
accepts = [
Parameter(str, "Credential string"),
-
Mixed(Parameter(str, "Human readable name (hrn)"),
- Parameter(None, "hrn not specified")),
- Mixed(Parameter(str, "Request hash"),
- Parameter(None, "Request hash not specified"))
+ Parameter(None, "hrn not specified"))
]
returns = [Parameter(dict, "Registry interface information")]
- def call(self, cred, hrn = None, request_hash=None):
- self.api.auth.authenticateCred(cred, [cred, hrn], request_hash)
+ def call(self, cred, hrn = None):
self.api.auth.check(cred, 'list')
registries = Registries(self.api)
hrn_list = []
Parameter(str, "Credential string"),
Mixed(Parameter(str, "Human readable name (hrn)"),
Parameter(None, "hrn not specified")),
- Mixed(Parameter(str, "Request hash"),
- Parameter(None, "Request hash not specified"))
+ Mixed(Parameter(str, "Human readable name of the original caller"),
+ Paramater(None, "Origin hrn not specified"))
]
returns = Parameter(str, "String representatin of an rspec")
- def call(self, cred, hrn=None, request_hash = None):
+ def call(self, cred, hrn=None, origin_hrn=None):
user_cred = Credential(string=cred)
#log the call
- gid_origin_caller = user_cred.get_gid_origin_caller()
- origin_hrn = gid_origin_caller.get_hrn()
+ if not origin_hrn:
+ origin_hrn = user_cred.get_gid_caller().get_hrn()
self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, hrn, self.name))
- # This cred will be an authority cred, not a user, so we cant use it to
- # authenticate the caller's request_hash. Let just get the caller's gid
- # from the cred and authenticate using that
- client_gid = user_cred.get_gid_caller()
- client_gid_str = client_gid.save_to_string(save_parents=True)
- self.api.auth.authenticateGid(client_gid_str, [cred,hrn], request_hash)
+ # validate the cred
self.api.auth.check(cred, 'listnodes')
# send the call to the right manager
mgr_type = self.api.config.SFA_AGGREGATE_TYPE
manager_module = manager_base + ".aggregate_manager_%s" % mgr_type
manager = __import__(manager_module, fromlist=[manager_base])
- rspec = manager.get_rspec(self.api, hrn, gid_origin_caller)
+ rspec = manager.get_rspec(self.api, hrn, origin_hrn)
outgoing_rules = SFATablesRules('OUTGOING')
elif self.api.interface in ['slicemgr']:
mgr_type = self.api.config.SFA_SM_TYPE
manager_module = manager_base + ".slice_manager_%s" % mgr_type
manager = __import__(manager_module, fromlist=[manager_base])
- rspec = manager.get_rspec(self.api, hrn, gid_origin_caller)
+ rspec = manager.get_rspec(self.api, hrn, origin_hrn)
outgoing_rules = SFATablesRules('FORWARD-OUTGOING')
filtered_rspec = rspec
accepts = [
Parameter(str, "Credential string"),
- Mixed(Parameter(str, "Request hash"),
- Parameter(None, "Request hash not specified"))
+ Mixed(Parameter(str, "Human readable name of the original caller"),
+ Paramater(None, "Origin hrn not specified"))
]
returns = [Parameter(str, "Human readable slice name (hrn)")]
- def call(self, cred, request_hash=None):
+ def call(self, cred, origin_hrn=None):
user_cred = Credential(string=cred)
#log the call
- gid_origin_caller = user_cred.get_gid_origin_caller()
- origin_hrn = gid_origin_caller.get_hrn()
+ if not origin_hrn:
+ origin_hrn = user_cred.get_gid_caller().get_hrn()
self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn(), None, self.name))
- self.api.auth.authenticateCred(cred, [cred], request_hash)
+ # validate the cred
self.api.auth.check(cred, 'listslices')
slices = []
Parameter(str, "Credential string"),
Parameter(str, "Human readable name of slice to retrive a ticket for (hrn)"),
Parameter(str, "Resource specification (rspec)"),
- Mixed(Parameter(str, "Request hash"),
- Parameter(None, "Request hash not specified"))
+ Mixed(Parameter(str, "Human readable name of the original caller"),
+ Paramater(None, "Origin hrn not specified"))
]
returns = Parameter(str, "String represeneation of a ticket object")
- def call(self, cred, hrn, rspec, request_hash=None):
+ def call(self, cred, hrn, rspec, origin_hrn=None):
user_cred = Credential(string=cred)
#log the call
- gid_origin_caller = user_cred.get_gid_origin_caller()
- origin_hrn = gid_origin_caller.get_hrn()
+ if not origin_hrn:
+ origin_hrn = user_cred.get_gid_caller().get_hrn()
self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, hrn, self.name))
- self.api.auth.authenticateCred(cred, [cred, hrn, rspec], request_hash)
+ # validate the cred
self.api.auth.check(cred, "getticket")
# set the right outgoing rules
rspec_object = RSpec(xml=rspec)
rspec_object.filter(tagname='NodeSpec', attribute='name', whitelist=valid_hostnames)
rspec = rspec_object.toxml()
- ticket = manager.get_ticket(self.api, hrn, rspec, gid_origin_caller)
+ ticket = manager.get_ticket(self.api, hrn, rspec, origin_hrn)
return ticket
class get_trusted_certs(Method):
"""
@param cred credential string specifying the rights of the caller
- @param request_hash hash of the request
@return 1 is successful, faults otherwise
"""
interfaces = ['registry']
accepts = [
- Parameter(str, "Credential string"),
- Mixed(Parameter(str, "Request hash"),
- Parameter(None, "Request hash not specified"))
+ Parameter(str, "Credential string")
]
returns = Parameter(int, "1 if successful")
- def call(self, cred, request_hash=None):
+ def call(self, cred):
# authenticate the cred
- client_gid = Credential(string=cred).get_gid_caller()
- client_gid_str = client_gid.save_to_string(save_parents=True)
- self.api.auth.authenticateGid(client_gid_str, [cred], request_hash)
self.api.auth.check(cred, 'gettrustedcerts')
trusted_cert_strings = [gid.save_to_string(save_parents=True) for \
accepts = [
Parameter(str, "Credential string"),
Parameter(str, "Human readable name (hrn)"),
- Mixed(Parameter(str, "Request hash"),
- Parameter(None, "Request hash not specified"))
+ Mixed(Parameter(str, "Human readable name of the original caller"),
+ Paramater(None, "Origin hrn not specified"))
]
returns = [GeniRecord]
- def call(self, cred, hrn, request_hash=None):
+ def call(self, cred, hrn, origin_hrn=None):
#log the call
- origin_hrn=Credential(string=cred).get_gid_origin_caller().get_hrn()
+ if not origin_hrn:
+ origin_hrn = user_cred.get_gid_caller().get_hrn()
self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, hrn, self.name))
-
- self.api.auth.authenticateCred(cred, [cred, hrn], request_hash)
+
+ # validate the cred
self.api.auth.check(cred, 'list')
# load all know registry names into a prefix tree and attempt to find
# forward the request
if registry_hrn != self.api.hrn:
credential = self.api.getCredential()
- try:
- request_hash=None
- record_list = registries[registry_hrn].list(credential, hrn, request_hash)
- records = [GeniRecord(dict=record).as_dict() for record in record_list]
- except:
- arg_list = [credential, hrn]
- request_hash = self.api.key.compute_hash(arg_list)
- record_list = registries[registry_hrn].list(credential, hrn, request_hash)
- records = [GeniRecord(dict=record).as_dict() for record in record_list]
+ record_list = registries[registry_hrn].list(credential, hrn, origin_hrn)
+ records = [GeniRecord(dict=record).as_dict() for record in record_list]
if records:
return records
returns = None
- def call(self, cred, request_hash=None):
- client_gid = Credential(string=cred).get_gid_caller()
- client_gid_str = client_gid.save_to_string(save_parents=True)
- self.api.auth.authenticateGid(client_gid_str, [cred], request_hash)
+ def call(self, cred):
+ # validate the cred
self.api.auth.check(cred, 'reboot')
# send the call to the right manager
manager_base = 'sfa.managers'
accepts = [
Parameter(str, "Credential string representation of SFA credential"),
- Parameter(str, "Ticket string representation of SFA ticket"),
- Mixed(Parameter(str, "Request hash"),
- Parameter(None, "Request hash not specified"))
+ Parameter(str, "Ticket string representation of SFA ticket")
]
returns = [Parameter(int, "1 if successful")]
- def call(self, cred, ticket, request_hash=None):
- # This cred will be an slice cred, not a user, so we cant use it to
- # authenticate the caller's request_hash. Let just get the caller's gid
- # from the cred and authenticate using that
- client_gid = Credential(string=cred).get_gid_caller()
- client_gid_str = client_gid.save_to_string(save_parents=True)
- self.api.auth.authenticateGid(client_gid_str, [cred, hrn], request_hash)
+ def call(self, cred, ticket):
self.api.auth.check(cred, 'redeemticket')
self.api.auth.check_ticket(ticket)
- ticket = SfaTicket(string=ticket)
- ticket.decode()
- hrn = ticket.attributes['slivers'][0]['hrn']
- slicename = hrn_to_pl_slicename(hrn)
- if not self.api.sliver_exists(slicename):
- raise SliverDoesNotExist(slicename)
-
- # convert ticket to format nm is used to
- nm_ticket = xmlrpclib.dumps((ticket.attributes,), methodresponse=True)
- self.api.nodemanager.AdminTicket(nm_ticket)
-
+ # send the call to the right manager
+ manager_base = 'sfa.managers'
+ mgr_type = self.api.config.SFA_CM_TYPE
+ manager_module = manager_base + ".component_manager_%s" % mgr_type
+ manager = __import__(manager_module, fromlist=[manager_base])
+ manager.redeem_ticket(self.api, ticket)
return 1
accepts = [
Parameter(str, "Credential string"),
- Parameter(dict, "Record dictionary containing record fields"),
- Mixed(Parameter(str, "Request hash"),
- Parameter(None, "Request hash not specified"))
+ Parameter(dict, "Record dictionary containing record fields")
]
returns = Parameter(int, "String representation of gid object")
- def call(self, cred, record_dict, request_hash=None):
+ def call(self, cred, record_dict, origin_hrn=None):
user_cred = Credential(string=cred)
#log the call
- gid_origin_caller = user_cred.get_gid_origin_caller()
- origin_hrn = gid_origin_caller.get_hrn()
+ if not origin_hrn:
+ origin_hrn = user_cred.get_gid_caller().get_hrn()
self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, hrn, self.name))
- # This cred will be an authority cred, not a user, so we cant use it to
- # authenticate the caller's request_hash. Let just get the caller's gid
- # from the cred and authenticate using that
- client_gid = Credential(string=cred).get_gid_caller()
- client_gid_str = client_gid.save_to_string(save_parents=True)
- self.api.auth.authenticateGid(client_gid_str, [cred], request_hash)
+ # validate the cred
self.api.auth.check(cred, "register")
record = GeniRecord(dict = record_dict)
@param cred credential string
@param record_dict dictionary containing record fields
-
@return gid string representation
"""
accepts = [
Parameter(str, "Credential string"),
Parameter(dict, "Record dictionary containing record fields"),
- Mixed(Parameter(str, "Request hash"),
- Parameter(None, "Request hash not specified"))
+ Mixed(Parameter(str, "Human readable name of the original caller"),
+ Paramater(None, "Origin hrn not specified"))
]
returns = Parameter(int, "1 if successful")
- def call(self, cred, record_dict, request_hash=None):
+ def call(self, cred, record_dict, origin_hrn=None):
user_cred = Credential(string=cred)
#log the call
- gid_origin_caller = user_cred.get_gid_origin_caller()
- origin_hrn = gid_origin_caller.get_hrn()
+ if not origin_hrn:
+ origin_hrn = user_cred.get_gid_caller().get_hrn()
self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, None, self.name))
- self.api.auth.authenticateCred(cred, [cred], request_hash)
+ # validate the cred
self.api.auth.check(cred, "register")
-
# make sure this is a peer record
if 'peer_authority' not in record_dict or \
if existing_record['pointer'] != record['pointer']:
record['record_id'] = existing_record['record_id']
table.update(record)
- return 1
- record_id = table.insert(record)
+ else:
+ record_id = table.insert(record)
return 1
accepts = [
Parameter(str, "Credential string"),
Parameter(str, "Record type"),
- Parameter(str, "Human readable name (hrn) of record to be removed"),
- Mixed(Parameter(str, "Request hash"),
- Parameter(None, "Request hash not specified"))
+ Parameter(str, "Human readable name of slice to instantiate"),
+ Mixed(Parameter(str, "Human readable name of the original caller"),
+ Paramater(None, "Origin hrn not specified"))
]
returns = Parameter(int, "1 if successful")
- def call(self, cred, type, hrn, request_hash=None):
+ def call(self, cred, type, hrn, origin_hrn=None):
user_cred = Credential(string=cred)
#log the call
- gid_origin_caller = user_cred.get_gid_origin_caller()
- origin_hrn = gid_origin_caller.get_hrn()
+ if not origin_hrn:
+ origin_hrn = user_cred.get_gid_caller().get_hrn()
self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, hrn, self.name))
- # This cred will be an authority cred, not a user, so we cant use it to
- # authenticate the caller's request_hash. Let just get the caller's gid
- # from the cred and authenticate using that
- client_gid = Credential(string=cred).get_gid_caller()
- client_gid_str = client_gid.save_to_string(save_parents=True)
- self.api.auth.authenticateGid(client_gid_str, [cred, type, hrn], request_hash)
+ # validate the cred
self.api.auth.check(cred, "remove")
self.api.auth.verify_object_permission(hrn)
type = record['type']
credential = self.api.getCredential()
- credential.set_gid_origin_caller(gid_origin_caller)
registries = Registries(self.api)
# Try to remove the object from the PLCDB of federated agg.
if hrn.startswith(self.api.hrn) and type in ['user', 'slice', 'authority']:
for registry in registries:
if registry not in [self.api.hrn]:
- try:
- request_hash=None
- result=registries[registry].remove_peer_object(credential, record, request_hash)
- except:
+ result=registries[registry].remove_peer_object(credential, record, origin_hrn)
pass
if type == "user":
persons = self.api.plshell.GetPersons(self.api.plauth, record['pointer'])
accepts = [
Parameter(str, "Credential string"),
Parameter(dict, "Record dictionary"),
- Mixed(Parameter(str, "Request hash"),
- Parameter(None, "Request hash not specified"))
+ Mixed(Parameter(str, "Human readable name of the original caller"),
+ Paramater(None, "Origin hrn not specified"))
]
returns = Parameter(int, "1 if successful")
- def call(self, cred, record, request_hash=None):
+ def call(self, cred, record, origin_hrn=None):
user_cred = Credential(string=cred)
#log the call
- gid_origin_caller = user_cred.get_gid_origin_caller()
- origin_hrn = gid_origin_caller.get_hrn()
+ if not origin_hrn:
+ origin_hrn = user_cred.get_gid_caller().get_hrn()
self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, hrn, self.name))
- self.api.auth.authenticateCred(cred, [cred], request_hash)
self.api.auth.check(cred, "remove")
# Only allow the local interface or record owner to delete peer_records
accepts = [
Parameter(str, "Credential string"),
Parameter(str, "Human readable name of slice to instantiate"),
- Mixed(Parameter(str, "Request hash"),
- Parameter(None, "Request hash not specified"))
+ Mixed(Parameter(str, "Human readable name of the original caller"),
+ Paramater(None, "Origin hrn not specified"))
]
returns = Parameter(int, "1 if successful")
- def call(self, cred, hrn, request_hash=None):
- # This cred will be an authority cred, not a user, so we cant use it to
- # authenticate the caller's request_hash. Let just get the caller's gid
- # from the cred and authenticate using that
- client_gid = Credential(string=cred).get_gid_caller()
- client_gid_str = client_gid.save_to_string(save_parents=True)
- self.api.auth.authenticateGid(client_gid_str, [cred, hrn], request_hash)
+ def call(self, cred, hrn, origin_hrn=None):
self.api.auth.check(cred, 'resetslice')
# send the call to the right manager
manager_base = 'sfa.managers'
accepts = [
Parameter(str, "Credential string"),
- Parameter(str, "Human readable name (hrn)"),
- Mixed(Parameter(str, "Request hash"),
- Parameter(None, "Request hash not specified"))
+ Parameter(str, "Human readable name (hrn)")
]
returns = [GeniRecord]
- def call(self, cred, hrn, request_hash=None):
+ def call(self, cred, hrn, origin_hrn=None):
user_cred = Credential(string=cred)
#log the call
- gid_origin_caller = user_cred.get_gid_origin_caller()
- origin_hrn = gid_origin_caller.get_hrn()
+ if not origin_hrn:
+ origin_hrn = user_cred.get_gid_caller().get_hrn()
self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, hrn, self.name))
- self.api.auth.authenticateCred(cred, [cred, hrn], request_hash)
+ # validate the cred
self.api.auth.check(cred, 'resolve')
# load all know registry names into a prefix tree and attempt to find
# forward the request
if registry_hrn != self.api.hrn:
credential = self.api.getCredential()
- credential.set_gid_origin_caller(gid_origin_caller)
- try:
- request_hash=None
- records = registries[registry_hrn].resolve(credential, hrn, request_hash)
- good_records = [GeniRecord(dict=record).as_dict() for record in records]
- except:
- arg_list = [credential, hrn]
- request_hash=self.api.key.compute_hash(arg_list)
- records = registries[registry_hrn].resolve(credential, hrn, request_hash)
- good_records = [GeniRecord(dict=record).as_dict() for record in records]
-
+ records = registries[registry_hrn].resolve(credential, hrn, origin_hrn)
+ good_records = [GeniRecord(dict=record).as_dict() for record in records]
if good_records:
return good_records
accepts = [
Parameter(str, "Credential string"),
Parameter(str, "Human readable name of slice to instantiate"),
- Mixed(Parameter(str, "Request hash"),
- Parameter(None, "Request hash not specified"))
+ Mixed(Parameter(str, "Human readable name of the original caller"),
+ Paramater(None, "Origin hrn not specified"))
]
returns = [Parameter(int, "1 if successful")]
- def call(self, cred, hrn, request_hash=None):
+ def call(self, cred, hrn, origin_hrn=None):
user_cred = Credential(string=cred)
#log the call
- gid_origin_caller = user_cred.get_gid_origin_caller()
- origin_hrn = gid_origin_caller.get_hrn()
+ if not origin_hrn:
+ origin_hrn = user_cred.get_gid_caller().get_hrn()
self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, hrn, self.name))
- # This cred will be an slice cred, not a user, so we cant use it to
- # authenticate the caller's request_hash. Let just get the caller's gid
- # from the cred and authenticate using that
- client_gid = Credential(string=cred).get_gid_caller()
- client_gid_str = client_gid.save_to_string(save_parents=True)
- self.api.auth.authenticateGid(client_gid_str, [cred, hrn], request_hash)
+ # validate the cred
self.api.auth.check(cred, 'startslice')
# send the call to the right manager
accepts = [
Parameter(str, "Credential string"),
Parameter(str, "Human readable name of slice to instantiate"),
- Mixed(Parameter(str, "Request hash"),
- Parameter(None, "Request hash not specified"))
+ Mixed(Parameter(str, "Human readable name of the original caller"),
+ Paramater(None, "Origin hrn not specified"))
]
returns = Parameter(int, "1 if successful")
- def call(self, cred, hrn, request_hash=None):
+ def call(self, cred, hrn, origin_hrn=None):
user_cred = Credential(string=cred)
#log the call
- gid_origin_caller = user_cred.get_gid_origin_caller()
- origin_hrn = gid_origin_caller.get_hrn()
+ if not origin_hrn:
+ origin_hrn = user_cred.get_gid_caller().get_hrn()
self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, hrn, self.name))
- # This cred will be an slice cred, not a user, so we cant use it to
- # authenticate the caller's request_hash. Let just get the caller's gid
- # from the cred and authenticate using that
- client_gid = Credential(string=cred).get_gid_caller()
- client_gid_str = client_gid.save_to_string(save_parents=True)
- self.api.auth.authenticateGid(client_gid_str, [cred, hrn], request_hash)
+ # validate the cred
self.api.auth.check(cred, 'stopslice')
# send the call to the right manager
accepts = [
Parameter(str, "Credential string"),
Parameter(dict, "Record dictionary to be updated"),
- Mixed(Parameter(str, "Request hash"),
- Parameter(None, "Request hash not specified"))
+ Mixed(Parameter(str, "Human readable name of the original caller"),
+ Paramater(None, "Origin hrn not specified"))
]
returns = Parameter(int, "1 if successful")
- def call(self, cred, record_dict, request_hash=None, origin_hrn=None):
- if origin_hrn==None:
- origin_hrn=Credential(string=cred).get_gid_caller().get_hrn()
-
+ def call(self, cred, record_dict, origin_hrn=None):
+ user_cred = Credential(string=cred)
+
#log the call
+ if not origin_hrn:
+ origin_hrn = user_cred.get_gid_caller().get_hrn()
self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, None, self.name))
- # This cred might be an authority cred, not a user, so we cant use it to
- # authenticate the caller's request_hash. Let just get the caller's gid
- # from the cred and authenticate using that
- client_gid = Credential(string=cred).get_gid_caller()
- client_gid_str = client_gid.save_to_string(save_parents=True)
- self.api.auth.authenticateGid(client_gid_str, [cred], request_hash)
+
+ # validate the cred
self.api.auth.check(cred, "update")
+
new_record = GeniRecord(dict = record_dict)
type = new_record['type']
hrn = new_record['hrn']
registry = registries[self.hrn]
cert_string=self.cert.save_to_string(save_parents=True)
# get self credential
- arg_list = [cert_string,type,self.hrn]
- request_hash=self.key.compute_hash(arg_list)
- self_cred = registry.get_self_credential(cert_string, type, self.hrn, request_hash)
+ self_cred = registry.get_self_credential(cert_string, type, self.hrn)
# get credential
- arg_list = [self_cred,type,self.hrn]
- request_hash=self.key.compute_hash(arg_list)
- cred = registry.get_credential(self_cred, type, self.hrn, request_hash)
+ cred = registry.get_credential(self_cred, type, self.hrn)
# save cred to file
Credential(string=cred).save_to_file(cred_filename, save_parents=True)
class Nodes(SimpleStorage):
- def __init__(self, api, ttl = 1, origin_gid_caller=None):
+ def __init__(self, api, ttl = 1, origin_hrn=None):
self.api = api
self.ttl = ttl
self.threshold = None
SimpleStorage.__init__(self, self.nodes_file)
self.policy = Policy(api)
self.load()
- self.origin_gid_caller = origin_gid_caller
+ self.origin_hrn = origin_hrn
def refresh(self):
networks = []
rspec = RSpec()
credential = self.api.getCredential()
- credential.set_gid_origin_caller(self.gid_origin_caller)
for aggregate in aggregates:
if aggregate not in [self.api.auth.client_cred.get_gid_caller().get_hrn()]:
try:
# get the rspec from the aggregate
- try:
- request_hash=None
- agg_rspec = aggregates[aggregate].get_resources(credential, hrn, request_hash)
- except:
- arg_list = [credential, hrn]
- request_hash = self.api.key.compute_hash(arg_list)
- agg_rspec = aggregates[aggregate].get_resources(credential, hrn, request_hash)
+ agg_rspec = aggregates[aggregate].get_resources(credential, hrn, origin_hrn)
# extract the netspec from each aggregates rspec
rspec.parseString(agg_rspec)
networks.extend([{'NetSpec': rspec.getDictsByTagName('NetSpec')}])
rspec_to_slice_tag = {'max_rate':'net_max_rate'}
- def __init__(self, api, ttl = .5, gid_origin_caller=None):
+ def __init__(self, api, ttl = .5, origin_hrn=None):
self.api = api
self.ttl = ttl
self.threshold = None
SimpleStorage.__init__(self, self.slices_file)
self.policy = Policy(self.api)
self.load()
- self.gid_origin_caller=gid_origin_caller
+ self.origin_hrn = origin_hrn
def get_slivers(self, hrn, node=None):
success = False
# request hash is optional so lets try the call without it
try:
- request_hash=None
- slices = aggregates[aggregate].get_slices(credential, request_hash)
+ slices = aggregates[aggregate].get_slices(credential)
slice_hrns.extend(slices)
success = True
except:
# try sending the request hash if the previous call failed
if not success:
arg_list = [credential]
- request_hash = self.api.key.compute_hash(arg_list)
try:
- slices = aggregates[aggregate].get_slices(credential, request_hash)
+ slices = aggregates[aggregate].get_slices(credential)
slice_hrns.extend(slices)
success = True
except:
def verify_site(self, registry, credential, slice_hrn, peer, sfa_peer):
authority = get_authority(slice_hrn)
- try:
- site_records = registry.resolve(credential, authority)
- except:
- arg_list = [credential, authority]
- request_hash = self.api.key.compute_hash(arg_list)
- site_records = registry.resolve(credential, authority, request_hash)
+ site_records = registry.resolve(credential, authority)
site = {}
for site_record in site_records:
# mark this site as an sfa peer record
if sfa_peer:
peer_dict = {'type': 'authority', 'hrn': authority, 'peer_authority': sfa_peer, 'pointer': site_id}
- try:
- registry.register_peer_object(credential, peer_dict)
- except:
- arg_list = [credential]
- request_hash = self.api.key.compute_hash(arg_list)
- registry.register_peer_object(credential, peer_dict, request_hash)
+ registry.register_peer_object(credential, peer_dict)
else:
site_id = sites[0]['site_id']
remote_site_id = sites[0]['peer_site_id']
slice = {}
slice_record = None
authority = get_authority(slice_hrn)
- try:
- slice_records = registry.resolve(credential, slice_hrn)
- except:
- arg_list = [credential, slice_hrn]
- request_hash = self.api.key.compute_hash(arg_list)
- slice_records = registry.resolve(credential, slice_hrn, request_hash)
+ slice_records = registry.resolve(credential, slice_hrn)
for record in slice_records:
if record['type'] in ['slice']:
# mark this slice as an sfa peer record
if sfa_peer:
peer_dict = {'type': 'slice', 'hrn': slice_hrn, 'peer_authority': sfa_peer, 'pointer': slice_id}
- try:
- registry.register_peer_object(credential, peer_dict)
- except:
- arg_list = [credential]
- request_hash = self.api.key.compute_hash(arg_list)
- registry.register_peer_object(credential, peer_dict, request_hash)
+ registry.register_peer_object(credential, peer_dict)
#this belongs to a peer
if peer:
researchers = slice_record.get('researcher', [])
for researcher in researchers:
person_record = {}
- try:
- person_records = registry.resolve(credential, researcher)
- except:
- arg_list = [credential, researcher]
- request_hash = self.api.key.compute_hash(arg_list)
- person_records = registry.resolve(credential, researcher, request_hash)
+ person_records = registry.resolve(credential, researcher)
for record in person_records:
if record['type'] in ['user']:
person_record = record
# mark this person as an sfa peer record
if sfa_peer:
peer_dict = {'type': 'user', 'hrn': researcher, 'peer_authority': sfa_peer, 'pointer': person_id}
- try:
- registry.register_peer_object(credential, peer_dict)
- except:
- arg_list = [credential]
- request_hash = self.api.key.compute_hash(arg_list)
- registry.register_peer_object(credential, peer_dict, request_hash)
+ registry.register_peer_object(credential, peer_dict)
if peer:
self.api.plshell.BindObjectToPeer(self.api.plauth, 'person', person_id, peer, person_dict['pointer'])
try:
peer_record_hrn = peer_record['hrn']
arg_list = [credential, peer_record_hrn]
- request_hash = key.compute_hash(arg_list)
- records = registries[peer_auth].resolve(credential, peer_record_hrn, request_hash)
+ records = registries[peer_auth].resolve(credential, peer_record_hrn)
except ServerException:
# an exception will be thrown if the record doenst exist
# if so remove the record from the local registry
- arg_list = [credential]
- request_hash = key.compute_hash(arg_list)
- registries[sfa_api.hrn].remove_peer_object(credential, peer_record, request_hash)
+ registries[sfa_api.hrn].remove_peer_object(credential, peer_record)
except:
- traceback.print_exc()
+ traceback.print_exc()
if __name__ == '__main__':
main()