import tempfile
import os
-
+import time
import sys
from cert import *
from misc import *
from record import *
from genitable import *
+from geniticket import *
def geni_fields_to_pl_fields(type, hrn, geni_fields, pl_fields):
if type == "user":
def register_functions(self):
GeniServer.register_functions(self)
+ # registry interface
self.server.register_function(self.create_gid)
self.server.register_function(self.get_self_credential)
self.server.register_function(self.get_credential)
self.server.register_function(self.update)
self.server.register_function(self.list)
self.server.register_function(self.resolve)
+ # component interface
+ self.server.register_function(self.get_ticket)
def get_auth_info(self, name):
return AuthHierarchy.get_auth_info(name)
if type == "user":
rl.add("refresh")
rl.add("resolve")
+ rl.add("info")
elif type == "sa":
rl.add("authority")
elif type == "ma":
rl.add("embed")
rl.add("bind")
rl.add("control")
+ rl.add("info")
elif type == "component":
rl.add("operator")
return gid.save_to_string(save_parents=True)
+ # ------------------------------------------------------------------------
+ # Component Interface
+
+ def record_to_slice_info(self, record):
+
+ # get the user keys from the slice
+ keys = []
+ persons = self.shell.GetPersons(self.pl_auth, record.pl_info['person_ids'])
+ for person in persons:
+ person_keys = self.shell.GetKeys(self.pl_auth, person["key_ids"])
+ for person_key in person_keys:
+ keys = keys + [person_key['key']]
+
+ attributes={}
+ attributes['name'] = record.pl_info['name']
+ attributes['keys'] = keys
+ attributes['instantiation'] = record.pl_info['instantiation']
+ attributes['vref'] = 'default'
+ attributes['timestamp'] = time.time()
+
+ rspec = {}
+
+ # get the PLC attributes and separate them into slice attributes and
+ # rspec attributes
+ filter = {}
+ filter['slice_id'] = record.pl_info['slice_id']
+ plc_attrs = self.shell.GetSliceAttributes(self.pl_auth, filter)
+ for attr in plc_attrs:
+ name = attr['name']
+
+ # initscripts: lookup the contents of the initscript and store it
+ # in the ticket attributes
+ if (name == "initscript"):
+ filter={'name': attr['value']}
+ initscripts = self.shell.GetInitScripts(self.pl_auth, filter)
+ if initscripts:
+ attributes['initscript'] = initscripts[0]['script']
+ else:
+ rspec[name] = attr['value']
+
+ return (attributes, rspec)
+
+
+ def get_ticket(self, cred, name, rspec):
+ self.decode_authentication(cred, "getticket")
+
+ self.verify_object_belongs_to_me(name)
+
+ self.verify_object_permission(name)
+
+ # XXX much of this code looks like get_credential... are they so similar
+ # that they should be combined?
+
+ auth_hrn = get_authority(name)
+ auth_info = self.get_auth_info(auth_hrn)
+
+ records = self.resolve_raw("slice", name, must_exist=True)
+ record = records[0]
+
+ object_gid = record.get_gid_object()
+ new_ticket = Ticket(subject = object_gid.get_subject())
+ new_ticket.set_gid_caller(self.client_gid)
+ new_ticket.set_gid_object(object_gid)
+ new_ticket.set_issuer(key=auth_info.get_pkey_object(), subject=auth_hrn)
+ new_ticket.set_pubkey(object_gid.get_pubkey())
+
+ self.fill_record_info(record)
+
+ (attributes, rspec) = self.record_to_slice_info(record)
+
+ new_ticket.set_attributes(attributes)
+ new_ticket.set_rspec(rspec)
+
+ new_ticket.set_parent(AuthHierarchy.get_auth_ticket(auth_hrn))
+
+ new_ticket.encode()
+ new_ticket.sign()
+
+ return new_ticket.save_to_string(save_parents=True)
+
if __name__ == "__main__":
global AuthHierarchy
git://git.onelab.eu / sfa.git / commitdiff