From: Josh Karlin Date: Wed, 6 Oct 2010 17:47:49 +0000 (-0400) Subject: merged namespace X-Git-Tag: sfa-1.0-2~7^2 X-Git-Url: http://git.onelab.eu/?p=sfa.git;a=commitdiff_plain;h=eababa96fb603cdd552bc03091813544b099befd;hp=a8a91083ea1868971c7884a405ce3fe89010eede merged namespace --- diff --git a/.gitignore b/.gitignore new file mode 100644 index 00000000..302bd964 --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +build/* +*.pyc \ No newline at end of file diff --git a/Makefile b/Makefile index fbd2a0e9..1e0992b3 100644 --- a/Makefile +++ b/Makefile @@ -57,6 +57,8 @@ tags: # (*) otherwise, entering through the root context # make sync PLCHOST=testbox1.inria.fr GUEST=vplc03.inria.fr +PLCHOST ?= testplc.onelab.eu + ifdef GUEST ifdef PLCHOST SSHURL:=root@$(PLCHOST):/vservers/$(GUEST) @@ -86,6 +88,7 @@ ifeq (,$(SSHURL)) @exit 1 else +$(RSYNC) ./sfa/ $(SSHURL)/usr/lib/python2.5/site-packages/sfa/ + +$(RSYNC) ./tests/ $(SSHURL)/root/tests-sfa +$(RSYNC) $(BINS) $(SSHURL)/usr/bin $(SSHCOMMAND) exec service sfa restart endif diff --git a/sfa.spec b/sfa.spec index d2e1f19a..ef13aeb5 100644 --- a/sfa.spec +++ b/sfa.spec @@ -6,7 +6,7 @@ %define name sfa %define version 1.0 -%define taglevel 0 +%define taglevel 1 %define release %{taglevel}%{?pldistro:.%{pldistro}}%{?date:.%{date}} %global python_sitearch %( python -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)" ) @@ -175,6 +175,9 @@ fi %changelog +* Mon Oct 04 2010 Thierry Parmentelat - sfa-1.0-1 +- various bugfixes and cleanup, improved/harmonized logging + * Tue Sep 07 2010 Tony Mack - sfa-0.9-16 - truncate login base of external (ProtoGeni, etc) slices to 20 characters to avoid returning a PLCAPI exception that might confuse users. @@ -207,6 +210,9 @@ fi cache and use in more general ways. %changelog +* Mon Oct 04 2010 Thierry Parmentelat - sfa-1.0-1 +- various bugfixes and cleanup, improved/harmonized logging + * Thu May 11 2010 Tony Mack - sfa-0.9-11 - SfaServer now uses a pool of threads to handle requests concurrently - sfa.util.rspec no longer used to process/manage rspecs (deprecated). This is now handled by sfa.plc.network and is not backwards compatible diff --git a/sfa/client/sfi.py b/sfa/client/sfi.py index f3b84906..f7eecb3d 100755 --- a/sfa/client/sfi.py +++ b/sfa/client/sfi.py @@ -14,15 +14,19 @@ from lxml import etree from StringIO import StringIO from types import StringTypes, ListType from optparse import OptionParser +import zlib +import logging + from sfa.trust.certificate import Keypair, Certificate from sfa.trust.credential import Credential from sfa.util.sfaticket import SfaTicket -from sfa.util.record import * -from sfa.util.namespace import * +from sfa.util.record import SfaRecord, UserRecord, SliceRecord, NodeRecord, AuthorityRecord +from sfa.util.namespace import get_leaf, get_authority, hrn_to_urn from sfa.util.xmlrpcprotocol import ServerException import sfa.util.xmlrpcprotocol as xmlrpcprotocol from sfa.util.config import Config -import zlib +from sfa.util.sfalogging import console_logger + AGGREGATE_PORT=12346 CM_PORT=12346 @@ -117,12 +121,14 @@ def load_record_from_file(filename): class Sfi: - slicemgr = None - registry = None - user = None - authority = None - options = None - hashrequest = False + def __init__ (self): + self.slicemgr = None + self.registry = None + self.user = None + self.authority = None + self.options = None + self.hashrequest = False + self.logger=console_logger def create_cmd_parser(self, command, additional_cmdargs=None): cmdargs = {"list": "name", @@ -154,11 +160,10 @@ class Sfi: cmdargs.update(additional_cmdargs) if command not in cmdargs: - print "Invalid command\n" - print "Commands: ", - for key in cmdargs.keys(): - print key + ",", - print "" + msg="Invalid command\n" + msg+="Commands: " + msg += ','.join(cmdargs.keys()) + self.logger.critical(msg) sys.exit(2) parser = OptionParser(usage="sfi [sfi_options] %s [options] %s" \ @@ -251,12 +256,12 @@ class Sfi: try: config = Config (config_file) except: - print "Failed to read configuration file", config_file - print "Make sure to remove the export clauses and to add quotes" + self.logger.critical("Failed to read configuration file %s"%config_file) + self.logger.info("Make sure to remove the export clauses and to add quotes") if not self.options.verbose: - print "Re-run with -v for more details" + self.logger.info("Re-run with -v for more details") else: - traceback.print_exc() + self.logger.log_exc("Could not read config file %s"%config_file) sys.exit(1) errors = 0 @@ -266,7 +271,7 @@ class Sfi: elif hasattr(config, "SFI_SM"): sm_url = config.SFI_SM else: - print "You need to set e.g. SFI_SM='http://your.slicemanager.url:12347/' in %s" % config_file + self.logger.error("You need to set e.g. SFI_SM='http://your.slicemanager.url:12347/' in %s" % config_file) errors += 1 # Set Registry URL @@ -275,7 +280,7 @@ class Sfi: elif hasattr(config, "SFI_REGISTRY"): reg_url = config.SFI_REGISTRY else: - print "You need to set e.g. SFI_REGISTRY='http://your.registry.url:12345/' in %s" % config_file + self.logger.errors("You need to set e.g. SFI_REGISTRY='http://your.registry.url:12345/' in %s" % config_file) errors += 1 @@ -285,7 +290,7 @@ class Sfi: elif hasattr(config, "SFI_USER"): self.user = config.SFI_USER else: - print "You need to set e.g. SFI_USER='plc.princeton.username' in %s" % config_file + self.logger.errors("You need to set e.g. SFI_USER='plc.princeton.username' in %s" % config_file) errors += 1 # Set authority HRN @@ -294,7 +299,7 @@ class Sfi: elif hasattr(config, "SFI_AUTH"): self.authority = config.SFI_AUTH else: - print "You need to set e.g. SFI_AUTH='plc.princeton' in %s" % config_file + self.logger.error("You need to set e.g. SFI_AUTH='plc.princeton' in %s" % config_file) errors += 1 if errors: @@ -308,11 +313,13 @@ class Sfi: self.key_file = key_file self.cert_file = cert_file self.cert = Certificate(filename=cert_file) + # instruct xmlrpcprotocol to redirect logs to console_logger + self.options.client=True # Establish connection to server(s) - if self.options.verbose : print "Contacting Registry at:", reg_url - self.registry = xmlrpcprotocol.get_server(reg_url, key_file, cert_file, self.options.debug) - if self.options.verbose : print "Contacting Slice Manager at:", sm_url - self.slicemgr = xmlrpcprotocol.get_server(sm_url, key_file, cert_file, self.options.debug) + self.logger.info("Contacting Registry at: %s"%reg_url) + self.registry = xmlrpcprotocol.get_server(reg_url, key_file, cert_file, self.options) + self.logger.info("Contacting Slice Manager at: %s"%sm_url) + self.slicemgr = xmlrpcprotocol.get_server(sm_url, key_file, cert_file, self.options) return @@ -336,7 +343,7 @@ class Sfi: if (os.path.isfile(file)): return file else: - print "Key file", file, "does not exist" + self.logger.error("Key file %s does not exist"%file) sys.exit(-1) return @@ -352,8 +359,7 @@ class Sfi: cert.set_pubkey(k) cert.set_issuer(k, self.user) cert.sign() - if self.options.verbose : - print "Writing self-signed certificate to", file + self.logger.info("Writing self-signed certificate to %s"%file) cert.save_to_file(file) return file @@ -371,7 +377,7 @@ class Sfi: if args: hrn = args[0] gid = self._get_gid(hrn) - print gid.save_to_string(save_parents=True) + self.logger.debug("Sfi.get_gid-> %s",gid.save_to_string(save_parents=True)) return gid def _get_gid(self, hrn=None): @@ -386,8 +392,7 @@ class Sfi: if not records: raise RecordNotFound(args[0]) gid = GID(string=records[0]['gid']) - if self.options.verbose: - print "Writing gid to ", gidfile + self.logger.info("Writing gid to %s"%gidfile) gid.save_to_file(filename=gidfile) return gid @@ -411,7 +416,7 @@ class Sfi: def get_auth_cred(self): if not self.authority: - print "no authority specified. Use -a or set SF_AUTH" + self.logger.critical("no authority specified. Use -a or set SF_AUTH") sys.exit(-1) file = os.path.join(self.options.sfi_dir, get_leaf("authority") + ".cred") return self.get_cred(file, 'authority', self.authority) @@ -430,20 +435,19 @@ class Sfi: if user_name.count(".") > 0: user_name = user_name.replace(".", '_') self.user = self.authority + "." + user_name - cred_str = self.registry.get_self_credential(cert_string, "user", hrn) + cred_str = self.registry.GetSelfCredential(cert_string, hrn, "user") else: # bootstrap slice credential from user credential user_cred = self.get_user_cred().save_to_string(save_parents=True) - cred_str = self.registry.get_credential(user_cred, type, hrn) + cred_str = self.registry.GetCredential(user_cred, hrn, type) if not cred_str: - print "Failed to get %s credential" % (type) + self.logger.critical("Failed to get %s credential" % type) sys.exit(-1) cred = Credential(string=cred_str) cred.save_to_file(file, save_parents=True) - if self.options.verbose: - print "Writing %s credential to %s" %(type, file) + self.logger.info("Writing %s credential to %s" %(type, file)) return cred @@ -456,7 +460,7 @@ class Sfi: if (os.path.isfile(file)): return file else: - print "No such rspec file", rspec + self.logger.critical("No such rspec file"%rspec) sys.exit(1) def get_record_file(self, record): @@ -467,7 +471,7 @@ class Sfi: if (os.path.isfile(file)): return file else: - print "No such registry record file", record + self.logger.critical("No such registry record file %s"%record) sys.exit(1) def load_publickey_string(self, fn): @@ -491,18 +495,18 @@ class Sfi: records = self.registry.Resolve(hrn, user_cred) records = filter_records('node', records) if not records: - print "No such component:", opts.component + self.logger.warning("No such component:%r"% opts.component) record = records[0] return self.get_server(record['hostname'], CM_PORT, self.key_file, \ - self.cert_file, self.options.debug) + self.cert_file, self.options) - def get_server(self, host, port, keyfile, certfile, debug): + def get_server(self, host, port, keyfile, certfile): """ Return an instnace of an xmlrpc server connection """ url = "http://%s:%s" % (host, port) - return xmlrpcprotocol.get_server(url, keyfile, certfile, debug) + return xmlrpcprotocol.get_server(url, keyfile, certfile, self.options) def get_server_from_opts(self, opts): """ @@ -512,8 +516,7 @@ class Sfi: server = self.slicemgr # direct connection to an aggregate if hasattr(opts, 'aggregate') and opts.aggregate: - server = self.get_server(opts.aggregate, opts.port, self.key_file, \ - self.cert_file, self.options.debug) + server = self.get_server(opts.aggregate, opts.port, self.key_file, self.cert_file) # direct connection to the nodes component manager interface if hasattr(opts, 'component') and opts.component: server = self.get_component_server_from_hrn(opts.component) @@ -526,7 +529,7 @@ class Sfi: #========================================================================== def dispatch(self, command, cmd_opts, cmd_args): - getattr(self, command)(cmd_opts, cmd_args) + return getattr(self, command)(cmd_opts, cmd_args) # list entires in named authority registry def list(self, opts, args): @@ -590,7 +593,7 @@ class Sfi: slice_cred = self.get_slice_cred(opts.delegate_slice) cred = self.delegate_cred(slice_cred, delegee_hrn) else: - print "Must specify either --user or --slice " + self.logger.warning("Must specify either --user or --slice ") return delegated_cred = Credential(string=cred) object_hrn = delegated_cred.get_gid_object().get_hrn() @@ -603,7 +606,7 @@ class Sfi: delegated_cred.save_to_file(dest_fn, save_parents=True) - print "delegated credential for", object_hrn, "to", delegee_hrn, "and wrote to", dest_fn + self.logger.info("delegated credential for %s to %s and wrote to %s"%(object_hrn, delegee_hrn,dest_fn)) def delegate_cred(self, object_cred, hrn): # the gid and hrn of the object we are delegating @@ -613,7 +616,7 @@ class Sfi: object_hrn = object_gid.get_hrn() if not object_cred.get_privileges().get_all_delegate(): - print "Error: Object credential", object_hrn, "does not have delegate bit set" + self.logger.error("Object credential %s does not have delegate bit set"%object_hrn) return # the delegating user's gid @@ -682,7 +685,7 @@ class Sfi: trusted_certs = self.registry.get_trusted_certs() for trusted_cert in trusted_certs: cert = Certificate(string=trusted_cert) - print cert.get_subject() + self.logger.debug('Sfi.get_trusted_certs -> %r'%cert.get_subject()) return def aggregates(self, opts, args): @@ -797,7 +800,7 @@ class Sfi: server = self.get_server_from_opts(opts) ticket_string = server.GetTicket(slice_urn, creds, rspec, []) file = os.path.join(self.options.sfi_dir, get_leaf(slice_hrn) + ".ticket") - print "writing ticket to ", file + self.logger.info("writing ticket to %s"%file) ticket = SfaTicket(string=ticket_string) ticket.save_to_file(filename=file, save_parents=True) @@ -824,16 +827,15 @@ class Sfi: connections = {} for hostname in hostnames: try: - print "Calling redeem_ticket at %(hostname)s " % locals(), + self.logger.info("Calling redeem_ticket at %(hostname)s " % locals()) server = self.get_server(hostname, CM_PORT, self.key_file, \ self.cert_file, self.options.debug) server.RedeemTicket(ticket.save_to_string(save_parents=True), slice_cred) - print "Success" + self.logger.info("Success") except socket.gaierror: - print "Failed:", - print "Componet Manager not accepting requests" + self.logger.error("redeem_ticket failed: Component Manager not accepting requests") except Exception, e: - print "Failed:", e.message + self.logger.log_exc(e.message) return # delete named slice @@ -920,6 +922,7 @@ class Sfi: server = self.get_server_from_opts(opts) return server.Shutdown(slice_urn, creds) + # # Main: parse arguments and dispatch to command # @@ -927,34 +930,34 @@ class Sfi: parser = self.create_parser() (options, args) = parser.parse_args() self.options = options - + + if self.options.verbose: self.logger.setLevel(logging.DEBUG) if options.hashrequest: self.hashrequest = True if len(args) <= 0: - print "No command given. Use -h for help." - return - 1 + self.logger.critical("No command given. Use -h for help.") + return -1 command = args[0] (cmd_opts, cmd_args) = self.create_cmd_parser(command).parse_args(args[1:]) - if self.options.verbose : - print "Registry %s, sm %s, dir %s, user %s, auth %s" % (options.registry, options.sm, - options.sfi_dir, options.user, - options.auth) - print "Command %s" % command - if command in ("resources"): - print "resources cmd_opts %s" % cmd_opts.format - elif command in ("list", "show", "remove"): - print "cmd_opts.type %s" % cmd_opts.type - print "cmd_args %s" % cmd_args - + self.set_servers() + self.logger.info("Command %s" % command) + self.logger.info("dir %s, user %s, auth %s, reg %s, sm %s" % ( + self. options.sfi_dir, self.options.user,self.options.auth, + self.options.registry, self.options.sm)) + if command in ("resources"): + self.logger.debug("resources cmd_opts %s" % cmd_opts.format) + elif command in ("list", "show", "remove"): + self.logger.debug("cmd_opts.type %s" % cmd_opts.type) + self.logger.debug('cmd_args %s',cmd_args) + try: self.dispatch(command, cmd_opts, cmd_args) except KeyError: - raise - print "Command not found:", command + self.logger.critical ("Unknown command %s"%command) sys.exit(1) return diff --git a/sfa/client/sfiAddAttribute.py b/sfa/client/sfiAddAttribute.py index 33b94a3a..f4e613c7 100755 --- a/sfa/client/sfiAddAttribute.py +++ b/sfa/client/sfiAddAttribute.py @@ -31,6 +31,3 @@ for name in attrs: print >> sys.stderr, "FAILED: on node %s: %s=%s" % (node, name, value) print command.rspec - - - diff --git a/sfa/client/sfiDeleteAttribute.py b/sfa/client/sfiDeleteAttribute.py index 8e8f0a28..f248e495 100755 --- a/sfa/client/sfiDeleteAttribute.py +++ b/sfa/client/sfiDeleteAttribute.py @@ -32,6 +32,3 @@ for name in attrs: print >> sys.stderr, "FAILED: on node %s: %s=%s" % (node, name, value) print command.rspec - - - diff --git a/sfa/managers/aggregate_manager_max.py b/sfa/managers/aggregate_manager_max.py index d7aed8e3..14168a0d 100644 --- a/sfa/managers/aggregate_manager_max.py +++ b/sfa/managers/aggregate_manager_max.py @@ -9,7 +9,6 @@ from sfa.util.specdict import * from sfa.util.faults import * from sfa.util.storage import * from sfa.util.policy import Policy -from sfa.util.debug import log from sfa.server.aggregate import Aggregates from sfa.server.registry import Registries from sfa.util.faults import * diff --git a/sfa/managers/aggregate_manager_pl.py b/sfa/managers/aggregate_manager_pl.py index ff11270a..ae4215a8 100644 --- a/sfa/managers/aggregate_manager_pl.py +++ b/sfa/managers/aggregate_manager_pl.py @@ -15,7 +15,6 @@ from sfa.util.record import SfaRecord from sfa.util.policy import Policy from sfa.util.record import * from sfa.util.sfaticket import SfaTicket -from sfa.util.debug import log from sfa.plc.slices import Slices from sfa.trust.credential import Credential import sfa.plc.peers as peers diff --git a/sfa/managers/aggregate_manager_vini.py b/sfa/managers/aggregate_manager_vini.py index ee693786..2ec4999a 100644 --- a/sfa/managers/aggregate_manager_vini.py +++ b/sfa/managers/aggregate_manager_vini.py @@ -16,7 +16,6 @@ from sfa.util.policy import Policy from sfa.util.record import * from sfa.util.sfaticket import SfaTicket from sfa.server.registry import Registries -from sfa.util.debug import log from sfa.plc.slices import Slices import sfa.plc.peers as peers from sfa.managers.vini.vini_network import * diff --git a/sfa/managers/registry_manager_pl.py b/sfa/managers/registry_manager_pl.py index 1636eda3..f5f4b48f 100644 --- a/sfa/managers/registry_manager_pl.py +++ b/sfa/managers/registry_manager_pl.py @@ -9,6 +9,7 @@ from sfa.util.namespace import * from sfa.trust.credential import * from sfa.trust.certificate import * from sfa.util.faults import * +from sfa.trust.gid import create_uuid def get_version(api): version = {} diff --git a/sfa/managers/slice_manager_pl.py b/sfa/managers/slice_manager_pl.py index 05cd043a..915b60cf 100644 --- a/sfa/managers/slice_manager_pl.py +++ b/sfa/managers/slice_manager_pl.py @@ -21,7 +21,6 @@ from sfa.util.sfaticket import * from sfa.trust.credential import Credential from sfa.util.threadmanager import ThreadManager import sfa.util.xmlrpcprotocol as xmlrpcprotocol -from sfa.util.debug import log import sfa.plc.peers as peers from copy import copy @@ -84,6 +83,8 @@ def create_slice(api, xrn, creds, rspec, users): return merged_rspec def renew_slice(api, xrn, creds, expiration_time): + hrn, type = urn_to_hrn(xrn) + # get the callers hrn valid_cred = api.auth.checkCredentials(creds, 'renewesliver', hrn)[0] caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn() @@ -115,7 +116,7 @@ def get_ticket(api, xrn, creds, rspec, users): aggregate_rspecs[aggregate_hrn] = rspec # get the callers hrn - valid_cred = api.auth.checkCredentials(creds, 'getticket', hrn)[0] + valid_cred = api.auth.checkCredentials(creds, 'getticket', slice_hrn)[0] caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn() # attempt to use delegated credential first @@ -183,6 +184,8 @@ def get_ticket(api, xrn, creds, rspec, users): def delete_slice(api, xrn, creds): + hrn, type = urn_to_hrn(xrn) + # get the callers hrn valid_cred = api.auth.checkCredentials(creds, 'deletesliver', hrn)[0] caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn() @@ -203,6 +206,8 @@ def delete_slice(api, xrn, creds): return 1 def start_slice(api, xrn, creds): + hrn, type = urn_to_hrn(xrn) + # get the callers hrn valid_cred = api.auth.checkCredentials(creds, 'startslice', hrn)[0] caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn() @@ -223,6 +228,8 @@ def start_slice(api, xrn, creds): return 1 def stop_slice(api, xrn, creds): + hrn, type = urn_to_hrn(xrn) + # get the callers hrn valid_cred = api.auth.checkCredentials(creds, 'stopslice', hrn)[0] caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn() @@ -269,7 +276,7 @@ def get_slices(api, creds): return slices # get the callers hrn - valid_cred = api.auth.checkCredentials(creds, 'listslices', hrn)[0] + valid_cred = api.auth.checkCredentials(creds, 'listslices', None)[0] caller_hrn = Credential(string=valid_cred).get_gid_caller().get_hrn() # attempt to use delegated credential first diff --git a/sfa/methods/CreateSliver.py b/sfa/methods/CreateSliver.py index 7c7a00ec..8b45917e 100644 --- a/sfa/methods/CreateSliver.py +++ b/sfa/methods/CreateSliver.py @@ -3,7 +3,6 @@ from sfa.util.namespace import * from sfa.util.method import Method from sfa.util.parameter import Parameter, Mixed from sfa.util.sfatablesRuntime import run_sfatables -import sys from sfa.trust.credential import Credential class CreateSliver(Method): @@ -48,4 +47,3 @@ class CreateSliver(Method): allocated = manager.create_slice(self.api, slice_xrn, creds, rspec, users) return rspec - diff --git a/sfa/methods/GetCredential.py b/sfa/methods/GetCredential.py index 1f8c71a0..9bd5cd14 100644 --- a/sfa/methods/GetCredential.py +++ b/sfa/methods/GetCredential.py @@ -1,19 +1,16 @@ -### $Id: get_credential.py 17576 2010-04-05 20:56:15Z tmack $ -### $URL: https://svn.planet-lab.org/svn/sfa/trunk/sfa/methods/get_credential.py $ - +# from sfa.trust.credential import * from sfa.trust.rights import * from sfa.util.faults import * from sfa.util.namespace import * from sfa.util.method import Method from sfa.util.parameter import Parameter, Mixed -from sfa.util.debug import log from sfa.trust.credential import Credential class GetCredential(Method): """ Retrive a credential for an object - If cred == None then the behavior reverts to get_self_credential + If cred == None then the behavior reverts to GetSelfCredential @param hrn human readable name of object (hrn or urn) @param cred credential object specifying rights of the caller diff --git a/sfa/methods/GetSelfCredential.py b/sfa/methods/GetSelfCredential.py index a5c7d400..fa8c3a1a 100644 --- a/sfa/methods/GetSelfCredential.py +++ b/sfa/methods/GetSelfCredential.py @@ -1,5 +1,3 @@ -### $Id: get_credential.py 15321 2009-10-15 05:01:21Z tmack $ -### $URL: https://svn.planet-lab.org/svn/sfa/trunk/sfa/methods/get_credential.py $ from sfa.trust.credential import * from sfa.trust.rights import * @@ -8,7 +6,6 @@ from sfa.util.namespace import * from sfa.util.method import Method from sfa.util.parameter import Parameter, Mixed from sfa.util.record import SfaRecord -from sfa.util.debug import log from sfa.trust.certificate import Certificate class GetSelfCredential(Method): @@ -34,7 +31,7 @@ class GetSelfCredential(Method): def call(self, cert, xrn, type): """ - get_self_credential a degenerate version of get_credential used by a client + GetSelfCredential a degenerate version of GetCredential used by a client to get his initial credential when de doesnt have one. This is the same as get_credetial(..., cred = None, ...) diff --git a/sfa/methods/RedeemTicket.py b/sfa/methods/RedeemTicket.py index c471d5a6..f66e90cf 100644 --- a/sfa/methods/RedeemTicket.py +++ b/sfa/methods/RedeemTicket.py @@ -7,7 +7,6 @@ from sfa.util.parameter import Parameter, Mixed class RedeemTicket(Method): """ - Deprecated. Use RedeemTicket instead. @param cred credential string specifying the rights of the caller @param ticket diff --git a/sfa/methods/Register.py b/sfa/methods/Register.py index 4f5a452c..1233fa82 100644 --- a/sfa/methods/Register.py +++ b/sfa/methods/Register.py @@ -7,7 +7,6 @@ from sfa.util.faults import * from sfa.util.method import Method from sfa.util.parameter import Parameter, Mixed from sfa.util.record import SfaRecord -from sfa.util.debug import log from sfa.trust.auth import Auth from sfa.trust.gid import create_uuid from sfa.trust.credential import Credential diff --git a/sfa/methods/RegisterPeerObject.py b/sfa/methods/RegisterPeerObject.py index 68b3105c..dae8f6e1 100644 --- a/sfa/methods/RegisterPeerObject.py +++ b/sfa/methods/RegisterPeerObject.py @@ -10,7 +10,6 @@ from sfa.util.method import Method from sfa.util.parameter import Parameter, Mixed from sfa.util.record import SfaRecord from sfa.util.table import SfaTable -from sfa.util.debug import log from sfa.trust.auth import Auth from sfa.trust.gid import create_uuid from sfa.trust.credential import Credential diff --git a/sfa/methods/Remove.py b/sfa/methods/Remove.py index 82050b40..d9911592 100644 --- a/sfa/methods/Remove.py +++ b/sfa/methods/Remove.py @@ -5,7 +5,6 @@ from sfa.util.faults import * from sfa.util.namespace import * from sfa.util.method import Method from sfa.util.parameter import Parameter, Mixed -from sfa.util.debug import log from sfa.trust.credential import Credential class Remove(Method): diff --git a/sfa/methods/RemovePeerObject.py b/sfa/methods/RemovePeerObject.py index ed46ea71..866122d4 100644 --- a/sfa/methods/RemovePeerObject.py +++ b/sfa/methods/RemovePeerObject.py @@ -4,7 +4,6 @@ from sfa.util.parameter import Parameter, Mixed from sfa.trust.auth import Auth from sfa.util.record import SfaRecord from sfa.util.table import SfaTable -from sfa.util.debug import log from sfa.trust.credential import Credential from types import StringTypes diff --git a/sfa/methods/Resolve.py b/sfa/methods/Resolve.py index ec47e41b..3f7a61ab 100644 --- a/sfa/methods/Resolve.py +++ b/sfa/methods/Resolve.py @@ -6,7 +6,6 @@ from sfa.util.faults import * from sfa.util.namespace import * from sfa.util.method import Method from sfa.util.parameter import Parameter, Mixed -from sfa.util.debug import log from sfa.trust.credential import Credential from sfa.util.record import SfaRecord diff --git a/sfa/methods/Update.py b/sfa/methods/Update.py index 3b8b55a2..d36ea367 100644 --- a/sfa/methods/Update.py +++ b/sfa/methods/Update.py @@ -5,7 +5,6 @@ import time from sfa.util.faults import * from sfa.util.method import Method from sfa.util.parameter import Parameter, Mixed -from sfa.util.debug import log from sfa.trust.credential import Credential class Update(Method): diff --git a/sfa/methods/__init__.py b/sfa/methods/__init__.py index 2bd195fd..7c5ecf5a 100644 --- a/sfa/methods/__init__.py +++ b/sfa/methods/__init__.py @@ -1,32 +1,18 @@ -## Please use make index to update this file all = """ -create_slice -delete_slice +GetCredential +GetSelfCredential +GetGids get_aggregates -get_credential -get_gids get_key get_registries -get_resources -get_self_credential -get_slices -get_ticket get_trusted_certs -list List -redeem_ticket RedeemTicket -register Register register_peer_object -remove Remove reset_slice -resolve Resolve -start_slice -stop_slice -update Update remove_peer_object GetTicket diff --git a/sfa/methods/create_slice.py b/sfa/methods/create_slice.py deleted file mode 100644 index e7dc1119..00000000 --- a/sfa/methods/create_slice.py +++ /dev/null @@ -1,35 +0,0 @@ -### $Id$ -### $URL$ - -from sfa.util.faults import * -from sfa.util.namespace import * -from sfa.util.method import Method -from sfa.util.parameter import Parameter, Mixed -from sfa.methods.CreateSliver import CreateSliver - -class create_slice(CreateSliver): - """ - Deprecated. Use CreateSliver instead. - Instantiate the specified slice according to whats defined in the specified rspec - - @param cred credential string specifying the rights of the caller - @param hrn human readable name of slice to instantiate (hrn or xrn) - @param rspec resource specification - @return 1 is successful, faults otherwise - """ - - interfaces = ['aggregate', 'slicemgr'] - - accepts = [ - Parameter(str, "Credential string"), - Parameter(str, "Human readable name of slice to instantiate (hrn or xrn)"), - Parameter(str, "Resource specification"), - Mixed(Parameter(str, "Human readable name of the original caller"), - Parameter(None, "Origin hrn not specified")) - ] - - returns = Parameter(int, "1 if successful") - - def call(self, cred, xrn, requested_rspec, origin_hrn=None): - - return CreateSliver.call(self, xrn, cred, requested_rspec, []) diff --git a/sfa/methods/delete_slice.py b/sfa/methods/delete_slice.py deleted file mode 100644 index 5a6b0153..00000000 --- a/sfa/methods/delete_slice.py +++ /dev/null @@ -1,34 +0,0 @@ -### $Id$ -### $URL$ - -from sfa.util.faults import * -from sfa.util.namespace import * -from sfa.util.method import Method -from sfa.util.parameter import Parameter, Mixed -from sfa.methods.DeleteSliver import DeleteSliver - -class delete_slice(DeleteSliver): - """ - Deprecated. Use delete instead. - - Remove the slice from all nodes. - - @param cred credential string specifying the rights of the caller - @param xrn human readable name specifying the slice to delete (hrn or urn) - @return 1 if successful, faults otherwise - """ - - interfaces = ['aggregate', 'slicemgr', 'component'] - - accepts = [ - Parameter(str, "Credential string"), - Parameter(str, "Human readable name of slice to delete (hrn or urn)"), - Mixed(Parameter(str, "Human readable name of the original caller"), - Parameter(None, "Origin hrn not specified")) - ] - - returns = Parameter(int, "1 if successful") - - def call(self, cred, xrn, origin_hrn=None): - - return DeleteSliver.call(self, xrn, cred) diff --git a/sfa/methods/get_credential.py b/sfa/methods/get_credential.py deleted file mode 100644 index 51f4410b..00000000 --- a/sfa/methods/get_credential.py +++ /dev/null @@ -1,37 +0,0 @@ -### $Id$ -### $URL$ - -from sfa.trust.credential import * -from sfa.trust.rights import * -from sfa.util.faults import * -from sfa.util.namespace import * -from sfa.util.method import Method -from sfa.util.parameter import Parameter, Mixed -from sfa.methods.GetCredential import GetCredential - -class get_credential(GetCredential): - """ - Deprecated. Use GetCredential instead. - - Retrive a credential for an object - If cred == Nonee then the behavior reverts to get_self_credential - - @param cred credential object specifying rights of the caller - @param type type of object (user | slice | sa | ma | node) - @param hrn human readable name of object (hrn or urn) - - @return the string representation of a credential object - """ - - interfaces = ['registry'] - - accepts = [ - Mixed(Parameter(str, "credential"), - Parameter(None, "No credential")), - Parameter(str, "Human readable name (hrn or urn)") - ] - - returns = Parameter(str, "String representation of a credential object") - - def call(self, cred, type, xrn, origin_hrn=None): - return GetCredential.call(self, cred, xrn, type) diff --git a/sfa/methods/get_gids.py b/sfa/methods/get_gids.py deleted file mode 100644 index c54af0a3..00000000 --- a/sfa/methods/get_gids.py +++ /dev/null @@ -1,30 +0,0 @@ -from sfa.util.faults import * -from sfa.util.method import Method -from sfa.util.parameter import Parameter, Mixed -from sfa.methods.GetGids import GetGids - -class get_gids(GetGids): - """ - Deprecated. Use GetGids instead. - - Get a list of record information (hrn, gid and type) for - the specified hrns. - - @param cred credential string - @param cert certificate string - @return - """ - - interfaces = ['registry'] - - accepts = [ - Parameter(str, "Certificate string"), - Mixed(Parameter(str, "Human readable name (hrn or xrn)"), - Parameter(type([str]), "List of Human readable names (hrn or xrn)")) - ] - - returns = [Parameter(dict, "Dictionary of gids keyed on hrn")] - - def call(self, cred, xrns): - - return GetGids.call(self, xrns, cred) diff --git a/sfa/methods/get_resources.py b/sfa/methods/get_resources.py deleted file mode 100644 index 8ebebcde..00000000 --- a/sfa/methods/get_resources.py +++ /dev/null @@ -1,40 +0,0 @@ -### $Id$ -### $URL$ - -from sfa.util.faults import * -from sfa.util.method import Method -from sfa.util.parameter import Parameter, Mixed -from sfa.methods.ListResources import ListResources -# RSpecManager_pl is not used. This line is a check that ensures that everything is in place for the import to work. -import sfa.rspecs.aggregates.rspec_manager_pl - -class get_resources(ListResources): - """ - Deprecated. Use ListResources instead. - - Get an resource specification (rspec). The rspec may describe the resources - available at an authority or the resources being used by a slice. - - @param cred credential string specifying the rights of the caller - @param hrn human readable name of the slice we are interesed in or None - for an authority. - """ - - interfaces = ['aggregate', 'slicemgr'] - - accepts = [ - Parameter(str, "Credential string"), - Mixed(Parameter(str, "Human readable name (hrn or urn)"), - Parameter(None, "hrn not specified")), - Mixed(Parameter(str, "Human readable name of the original caller"), - Parameter(None, "Origin hrn not specified")) - ] - - returns = Parameter(str, "String representatin of an rspec") - - def call(self, cred, xrn=None, origin_hrn=None): - options = {'geni_slice_urn': xrn, - 'origin_hrn': origin_hrn - } - - return ListResources.call(self, cred, options) diff --git a/sfa/methods/get_self_credential.py b/sfa/methods/get_self_credential.py deleted file mode 100644 index 3bdaecc7..00000000 --- a/sfa/methods/get_self_credential.py +++ /dev/null @@ -1,53 +0,0 @@ -### $Id: get_credential.py 15321 2009-10-15 05:01:21Z tmack $ -### $URL: https://svn.planet-lab.org/svn/sfa/trunk/sfa/methods/get_credential.py $ - -from sfa.trust.credential import * -from sfa.trust.rights import * -from sfa.util.faults import * -from sfa.util.namespace import * -from sfa.util.method import Method -from sfa.util.parameter import Parameter, Mixed -from sfa.util.record import SfaRecord -from sfa.util.debug import log -from sfa.methods.GetSelfCredential import GetSelfCredential - -class get_self_credential(GetSelfCredential): - """ - Deprecated. Use GetSelfCredential instead. - - Retrive a credential for an object - @param cert certificate string - @param type type of object (user | slice | sa | ma | node) - @param hrn human readable name of object (hrn or urn) - - @return the string representation of a credential object - """ - - interfaces = ['registry'] - - accepts = [ - Parameter(str, "Human readable name (hrn or urn)"), - Parameter(str, "certificate"), - Mixed(Parameter(str, "Request hash"), - Parameter(None, "Request hash not specified")) - ] - - returns = Parameter(str, "String representation of a credential object") - - def call(self, cert, type, xrn, origin_hrn=None): - """ - get_self_credential a degenerate version of get_credential used by a client - to get his initial credential when de doesnt have one. This is the same as - get_credetial(..., cred = None, ...) - - The registry ensures that the client is the principal that is named by - (type, name) by comparing the public key in the record's GID to the - private key used to encrypt the client side of the HTTPS connection. Thus - it is impossible for one principal to retrive another principal's - credential without having the appropriate private key. - - @param type type of object (user | slice | sa | ma | node) - @param hrn human readable name of authority to list - @return string representation of a credential object - """ - return GetSelfCredential.call(self, cert, xrn, type) diff --git a/sfa/methods/get_slices.py b/sfa/methods/get_slices.py deleted file mode 100644 index 87aad948..00000000 --- a/sfa/methods/get_slices.py +++ /dev/null @@ -1,30 +0,0 @@ -### $Id$ -### $URL$ - -from sfa.util.faults import * -from sfa.util.method import Method -from sfa.util.parameter import Parameter, Mixed -from sfa.methods.ListSlices import ListSlices - -class get_slices(ListSlices): - """ - Deprecated. Use ListSlices instead. - Get a list of instantiated slices at this authority. - - @param cred credential string specifying the rights of the caller - @return list of human readable slice names (hrn). - """ - - interfaces = ['aggregate', 'slicemgr', 'component'] - - accepts = [ - Parameter(str, "Credential string"), - Mixed(Parameter(str, "Human readable name of the original caller"), - Parameter(None, "Origin hrn not specified")) - ] - - returns = [Parameter(str, "Human readable slice name (hrn)")] - - def call(self, cred, origin_hrn=None): - - return ListSlices.call(self, cred) diff --git a/sfa/methods/get_ticket.py b/sfa/methods/get_ticket.py deleted file mode 100644 index 1a215eaf..00000000 --- a/sfa/methods/get_ticket.py +++ /dev/null @@ -1,43 +0,0 @@ -### $Id$ -### $URL$ -import time -from sfa.util.faults import * -from sfa.util.namespace import * -from sfa.util.method import Method -from sfa.util.parameter import Parameter, Mixed -from sfa.methods.GetTicket import GetTicket - -class get_ticket(GetTicket): - """ - Deprecated. Use GetTicket instead. - - Retrieve a ticket. This operation is currently implemented on PLC - only (see SFA, engineering decisions); it is not implemented on - components. - - The ticket is filled in with information from the PLC database. This - information includes resources, and attributes such as user keys and - initscripts. - - @param cred credential string - @param name name of the slice to retrieve a ticket for (hrn or urn) - @param rspec resource specification dictionary - - @return the string representation of a ticket object - """ - - interfaces = ['aggregate', 'slicemgr'] - - accepts = [ - Parameter(str, "Credential string"), - Parameter(str, "Human readable name of slice to retrive a ticket for (hrn or urn)"), - Parameter(str, "Resource specification (rspec)"), - Mixed(Parameter(str, "Human readable name of the original caller"), - Parameter(None, "Origin hrn not specified")) - ] - - returns = Parameter(str, "String represeneation of a ticket object") - - def call(self, cred, xrn, rspec, origin_hrn=None): - - return GetTicket.call(self, xrn, cred, rspec, None) diff --git a/sfa/methods/get_trusted_certs.py b/sfa/methods/get_trusted_certs.py index 6ae4d50e..704fd429 100644 --- a/sfa/methods/get_trusted_certs.py +++ b/sfa/methods/get_trusted_certs.py @@ -1,12 +1,10 @@ - -### $URL: https://svn.planet-lab.org/svn/sfa/trunk/sfa/methods/reset_slices.py $ - from sfa.util.faults import * from sfa.util.method import Method from sfa.util.parameter import Parameter, Mixed from sfa.trust.auth import Auth from sfa.trust.credential import Credential + class get_trusted_certs(Method): """ @param cred credential string specifying the rights of the caller @@ -26,7 +24,7 @@ class get_trusted_certs(Method): # If cred is not specified just return the gid for this interface. # This is true when when a peer is attempting to initiate federation # with this interface - print cred + self.api.logger.debug("get_trusted_certs: %r"%cred) if not cred: gid_strings = [] for gid in self.api.auth.trusted_cert_list: diff --git a/sfa/methods/list.py b/sfa/methods/list.py deleted file mode 100644 index 206b5a52..00000000 --- a/sfa/methods/list.py +++ /dev/null @@ -1,34 +0,0 @@ -### $Id$ -### $URL$ - -from sfa.util.faults import * -from sfa.util.namespace import * -from sfa.util.method import Method -from sfa.util.parameter import Parameter, Mixed -from sfa.util.record import SfaRecord -from sfa.methods.List import List - -class list(List): - """ - Deprecated. Use List instead. - - List the records in an authority. - - @param cred credential string specifying the rights of the caller - @param hrn human readable name of authority to list (hrn or urn) - @return list of record dictionaries - """ - interfaces = ['registry'] - - accepts = [ - Parameter(str, "Credential string"), - Parameter(str, "Human readable name (hrn or urn)"), - Mixed(Parameter(str, "Human readable name of the original caller"), - Parameter(None, "Origin hrn not specified")) - ] - - returns = [SfaRecord] - - def call(self, cred, xrn, origin_hrn=None): - - return List.call(self, xrn, cred) diff --git a/sfa/methods/redeem_ticket.py b/sfa/methods/redeem_ticket.py deleted file mode 100644 index 82985e7c..00000000 --- a/sfa/methods/redeem_ticket.py +++ /dev/null @@ -1,31 +0,0 @@ -### $Id: reset_slice.py 15428 2009-10-23 15:28:03Z tmack $ -### $URL: https://svn.planet-lab.org/svn/sfa/trunk/sfacomponent/methods/reset_slice.py $ -import xmlrpclib -from sfa.util.faults import * -from sfa.util.method import Method -from sfa.util.parameter import Parameter, Mixed -from sfa.methods.RedeemTicket import RedeemTicket - -class redeem_ticket(RedeemTicket): - """ - Deprecated. Use RedeemTicket instead. - - Redeem a approved set of resource allocations (ticket). - - @param cred credential string specifying the rights of the caller - @param ticket - @return 1 is successful, faults otherwise - """ - - interfaces = ['component'] - - accepts = [ - Parameter(str, "Credential string representation of SFA credential"), - Parameter(str, "Ticket string representation of SFA ticket") - ] - - returns = [Parameter(int, "1 if successful")] - - def call(self, cred, ticket): - - return RedeemTicket.call(self, ticket, cred) diff --git a/sfa/methods/register.py b/sfa/methods/register.py deleted file mode 100644 index 494b969c..00000000 --- a/sfa/methods/register.py +++ /dev/null @@ -1,36 +0,0 @@ -### $Id$ -### $URL$ - -from sfa.trust.certificate import Keypair, convert_public_key -from sfa.trust.gid import * -from sfa.util.faults import * -from sfa.util.method import Method -from sfa.util.parameter import Parameter, Mixed -from sfa.methods.Register import Register - -class register(Register): - """ - Deprecated. Used Register instead. - - Register an object with the registry. In addition to being stored in the - SFA database, the appropriate records will also be created in the - PLC databases - - @param cred credential string - @param record_dict dictionary containing record fields - - @return gid string representation - """ - - interfaces = ['registry'] - - accepts = [ - Parameter(str, "Credential string"), - Parameter(dict, "Record dictionary containing record fields") - ] - - returns = Parameter(int, "String representation of gid object") - - def call(self, cred, record, origin_hrn=None): - - return Register.call(self, record, cred) diff --git a/sfa/methods/register_peer_object.py b/sfa/methods/register_peer_object.py index 68b3105c..dae8f6e1 100644 --- a/sfa/methods/register_peer_object.py +++ b/sfa/methods/register_peer_object.py @@ -10,7 +10,6 @@ from sfa.util.method import Method from sfa.util.parameter import Parameter, Mixed from sfa.util.record import SfaRecord from sfa.util.table import SfaTable -from sfa.util.debug import log from sfa.trust.auth import Auth from sfa.trust.gid import create_uuid from sfa.trust.credential import Credential diff --git a/sfa/methods/remove.py b/sfa/methods/remove.py deleted file mode 100644 index 3419603d..00000000 --- a/sfa/methods/remove.py +++ /dev/null @@ -1,38 +0,0 @@ -### $Id$ -### $URL$ - -from sfa.util.faults import * -from sfa.util.namespace import * -from sfa.util.method import Method -from sfa.util.parameter import Parameter, Mixed -from sfa.methods.Remove import Remove - -class remove(Remove): - """ - Deprecated. Use Remove instead. - - Remove an object from the registry. If the object represents a PLC object, - then the PLC records will also be removed. - - @param cred credential string - @param type record type - @param xrn human readable name of record to remove (hrn or urn) - - @return 1 if successful, faults otherwise - """ - - interfaces = ['registry'] - - accepts = [ - Parameter(str, "Credential string"), - Parameter(str, "Record type"), - Parameter(str, "Human readable name of slice to instantiate (hrn or urn)"), - Mixed(Parameter(str, "Human readable name of the original caller"), - Parameter(None, "Origin hrn not specified")) - ] - - returns = Parameter(int, "1 if successful") - - def call(self, cred, type, xrn, origin_hrn=None): - - return Remove.call(self, xrn, cred, type) diff --git a/sfa/methods/remove_peer_object.py b/sfa/methods/remove_peer_object.py index ed46ea71..866122d4 100644 --- a/sfa/methods/remove_peer_object.py +++ b/sfa/methods/remove_peer_object.py @@ -4,7 +4,6 @@ from sfa.util.parameter import Parameter, Mixed from sfa.trust.auth import Auth from sfa.util.record import SfaRecord from sfa.util.table import SfaTable -from sfa.util.debug import log from sfa.trust.credential import Credential from types import StringTypes diff --git a/sfa/methods/resolve.py b/sfa/methods/resolve.py deleted file mode 100644 index d26625e4..00000000 --- a/sfa/methods/resolve.py +++ /dev/null @@ -1,36 +0,0 @@ -### $Id$ -### $URL$ -import traceback -import types -from sfa.util.faults import * -from sfa.util.namespace import * -from sfa.util.method import Method -from sfa.util.parameter import Parameter, Mixed -from sfa.util.record import SfaRecord -from sfa.methods.Resolve import Resolve - -class resolve(Resolve): - """ - Deprecated. Use Resolve instead - Resolve a record. - - @param cred credential string authorizing the caller - @param hrn human readable name to resolve (hrn or urn) - @return a list of record dictionaries or empty list - """ - - interfaces = ['registry'] - - accepts = [ - Parameter(str, "Credential string"), - Mixed(Parameter(str, "Human readable name (hrn or urn)"), - Parameter(list, "List of Human readable names ([hrn])")) - ] - - returns = [SfaRecord] - - def call(self, cred, xrns, origin_hrn=None): - return Resolve.call(self, xrns, cred) - - - diff --git a/sfa/methods/start_slice.py b/sfa/methods/start_slice.py deleted file mode 100644 index cd4bd5f1..00000000 --- a/sfa/methods/start_slice.py +++ /dev/null @@ -1,34 +0,0 @@ -### $Id$ -### $URL$ - -from sfa.util.faults import * -from sfa.util.namespace import * -from sfa.util.method import Method -from sfa.util.parameter import Parameter, Mixed -from sfa.methods.Start import Start - -class start_slice(Start): - """ - Deprecated. Use Start instead - - Start the specified slice - - @param cred credential string specifying the rights of the caller - @param hrn human readable name of slice to instantiate (urn or hrn) - @return 1 is successful, faults otherwise - """ - - interfaces = ['aggregate', 'slicemgr', 'component'] - - accepts = [ - Parameter(str, "Credential string"), - Parameter(str, "Human readable name of slice to instantiate (urn or hrn)"), - Mixed(Parameter(str, "Human readable name of the original caller"), - Parameter(None, "Origin hrn not specified")) - ] - - returns = [Parameter(int, "1 if successful")] - - def call(self, cred, xrn, origin_hrn=None): - - return Start.call(self, xrn, cred) diff --git a/sfa/methods/stop_slice.py b/sfa/methods/stop_slice.py deleted file mode 100644 index 14d17f20..00000000 --- a/sfa/methods/stop_slice.py +++ /dev/null @@ -1,33 +0,0 @@ -### $Id$ -### $URL$ - -from sfa.util.faults import * -from sfa.util.namespace import * -from sfa.util.method import Method -from sfa.util.parameter import Parameter, Mixed -from sfa.methods.Stop import Stop - -class stop_slice(Stop): - """ - Deprecated. Use Stop instead - Stop the specified slice - - @param cred credential string specifying the rights of the caller - @param xrn human readable name of slice to instantiate (hrn or urn) - @return 1 is successful, faults otherwise - """ - - interfaces = ['aggregate', 'slicemgr', 'component'] - - accepts = [ - Parameter(str, "Credential string"), - Parameter(str, "Human readable name of slice to instantiate (hrn or urn)"), - Mixed(Parameter(str, "Human readable name of the original caller"), - Parameter(None, "Origin hrn not specified")) - ] - - returns = Parameter(int, "1 if successful") - - def call(self, cred, xrn, origin_hrn=None): - - return Stop.call(self, xrn, cred) diff --git a/sfa/methods/update.py b/sfa/methods/update.py deleted file mode 100644 index 861bb09f..00000000 --- a/sfa/methods/update.py +++ /dev/null @@ -1,38 +0,0 @@ -### $Id$ -### $URL$ - -import time -from sfa.util.faults import * -from sfa.util.method import Method -from sfa.util.parameter import Parameter, Mixed -from sfa.methods.Update import Update - -class update(Update): - """ - Deprecated. Use Update instead. - - Update an object in the registry. Currently, this only updates the - PLC information associated with the record. The SFA fields (name, type, - GID) are fixed. - - @param cred credential string specifying rights of the caller - @param record a record dictionary to be updated - - @return 1 if successful, faults otherwise - """ - - interfaces = ['registry'] - - accepts = [ - Parameter(str, "Credential string"), - Parameter(dict, "Record dictionary to be updated"), - Mixed(Parameter(str, "Human readable name of the original caller"), - Parameter(None, "Origin hrn not specified")) - ] - - returns = Parameter(int, "1 if successful") - - def call(self, cred, record_dict, origin_hrn=None): - - return Update.call(self, record_dict, cred) - diff --git a/sfa/plc/api-dev.py b/sfa/plc/api-dev.py index 724d8076..4a6d7a20 100644 --- a/sfa/plc/api-dev.py +++ b/sfa/plc/api-dev.py @@ -11,11 +11,10 @@ import traceback import string import xmlrpclib -import sfa.util.sfalogging +from sfa.util.sfalogging import sfa_logger from sfa.trust.auth import Auth from sfa.util.config import * from sfa.util.faults import * -from sfa.util.debug import * from sfa.trust.rights import * from sfa.trust.credential import * from sfa.trust.certificate import * @@ -325,7 +324,7 @@ class SfaAPI(BaseAPI): self.hrn = self.config.SFA_INTERFACE_HRN self.time_format = "%Y-%m-%d %H:%M:%S" - self.logger=sfa.util.sfalogging.logger + self.logger=sfa_logger def getPLCShell(self): self.plauth = {'Username': self.config.SFA_PLC_USER, @@ -361,9 +360,9 @@ class SfaAPI(BaseAPI): registry = registries[self.hrn] cert_string=self.cert.save_to_string(save_parents=True) # get self credential - self_cred = registry.get_self_credential(cert_string, type, self.hrn) + self_cred = registry.GetSelfCredential(cert_string, self.hrn, type) # get credential - cred = registry.get_credential(self_cred, type, self.hrn) + cred = registry.GetCredential(self_cred, type, self.hrn) # save cred to file Credential(string=cred).save_to_file(cred_filename, save_parents=True) diff --git a/sfa/plc/api.py b/sfa/plc/api.py index 79555c45..8707405a 100644 --- a/sfa/plc/api.py +++ b/sfa/plc/api.py @@ -11,12 +11,11 @@ import traceback import string import xmlrpclib -import sfa.util.sfalogging +from sfa.util.sfalogging import sfa_logger import sfa.util.xmlrpcprotocol as xmlrpcprotocol from sfa.trust.auth import Auth from sfa.util.config import * from sfa.util.faults import * -from sfa.util.debug import * from sfa.trust.rights import * from sfa.trust.credential import * from sfa.trust.certificate import * @@ -107,7 +106,7 @@ class SfaAPI(BaseAPI): self.hrn = self.config.SFA_INTERFACE_HRN self.time_format = "%Y-%m-%d %H:%M:%S" - self.logger=sfa.util.sfalogging.logger + self.logger=sfa_logger def getPLCShell(self): self.plauth = {'Username': self.config.SFA_PLC_USER, @@ -127,7 +126,7 @@ class SfaAPI(BaseAPI): def getCredential(self): """ - Retrun a valid credential for this interface. + Return a valid credential for this interface. """ if self.interface in ['registry']: return self.getCredentialFromLocalRegistry() @@ -163,9 +162,9 @@ class SfaAPI(BaseAPI): registry = registries[self.hrn] cert_string=self.cert.save_to_string(save_parents=True) # get self credential - self_cred = registry.get_self_credential(cert_string, type, self.hrn) + self_cred = registry.GetSelfCredential(cert_string, self.hrn, type) # get credential - cred = registry.get_credential(self_cred, type, self.hrn) + cred = registry.GetCredential(self_cred, self.hrn, type) # save cred to file Credential(string=cred).save_to_file(cred_filename, save_parents=True) @@ -655,7 +654,7 @@ class ComponentAPI(BaseAPI): # get credential from registry cert_str = Certificate(filename=cert_filename).save_to_string(save_parents=True) registry = self.get_registry() - cred = registry.get_self_credential(cert_str, 'node', hrn) + cred = registry.GetSelfCredential(cert_str, hrn, 'node') Credential(string=cred).save_to_file(credfile, save_parents=True) return cred @@ -671,7 +670,7 @@ class ComponentAPI(BaseAPI): os.unlink(f) # install the new key pair - # get_credential will take care of generating the new keypair + # GetCredential will take care of generating the new keypair # and credential self.get_node_key() self.getCredential() diff --git a/sfa/plc/network.py b/sfa/plc/network.py index 1553e3ba..3e9603b2 100644 --- a/sfa/plc/network.py +++ b/sfa/plc/network.py @@ -30,10 +30,10 @@ class Iface: self.hostname = iface['hostname'] self.primary = iface['is_primary'] - """ - Just print out bwlimit right now - """ def toxml(self, xml): + """ + Just print out bwlimit right now + """ if self.bwlimit: with xml.bw_limit(units="kbps"): xml << str(self.bwlimit / 1000) diff --git a/sfa/plc/remoteshell.py b/sfa/plc/remoteshell.py index 14cd629a..6ec59959 100644 --- a/sfa/plc/remoteshell.py +++ b/sfa/plc/remoteshell.py @@ -12,14 +12,16 @@ import xmlrpclib class RemoteShell: - def __init__(self): + def __init__(self,logger): self.servers = {} + self.logger=logger def call(self, name, pl_auth, *args): key = pl_auth["Url"] + "#" + pl_auth["Username"] if not (key in self.servers): + self.logger.info("Connecting to PLCAPI at url %s"%pl_auth['Url']) server = xmlrpclib.Server(pl_auth["Url"], verbose = 0, allow_none=True) #server.AdmAuthCheck(pl_auth) server.AuthCheck(pl_auth) diff --git a/sfa/plc/sfa-import-plc.py b/sfa/plc/sfa-import-plc.py index 786d57ac..18727c6a 100755 --- a/sfa/plc/sfa-import-plc.py +++ b/sfa/plc/sfa-import-plc.py @@ -1,8 +1,5 @@ #!/usr/bin/python # -### $Id$ -### $URL$ -# ## # Import PLC records into the SFA database. It is indended that this tool be # run once to create SFA records that reflect the current state of the @@ -20,8 +17,8 @@ import getopt import sys import tempfile -import logging.handlers import logging + from sfa.util.record import * from sfa.util.table import SfaTable from sfa.util.namespace import * @@ -31,11 +28,9 @@ from sfa.trust.trustedroot import * from sfa.trust.hierarchy import * from sfa.plc.api import * from sfa.trust.gid import create_uuid -from sfa.plc.sfaImport import * -from sfa.util.report import trace, error +from sfa.plc.sfaImport import sfaImport def process_options(): - global hrn (options, args) = getopt.getopt(sys.argv[1:], '', []) for opt in options: @@ -60,15 +55,7 @@ def save_keys(filename, keys): f.close() def main(): - # setup the logger - LOGFILE='/var/log/sfa_import_plc.log' - logging.basicConfig(level=logging.INFO, - format='%(asctime)s - %(message)s', - filename=LOGFILE) - rotate_handler = logging.handlers.RotatingFileHandler(LOGFILE, maxBytes=1000000, backupCount=5) - logger = logging.getLogger() - logger.addHandler(rotate_handler) - + process_options() config = Config() if not config.SFA_REGISTRY_ENABLED: @@ -76,11 +63,10 @@ def main(): root_auth = config.SFA_REGISTRY_ROOT_AUTH interface_hrn = config.SFA_INTERFACE_HRN keys_filename = config.config_path + os.sep + 'person_keys.py' - sfaImporter = sfaImport(logger) + sfaImporter = sfaImport() + if config.SFA_API_DEBUG: sfaImporter.logger.setLevel(logging.DEBUG) shell = sfaImporter.shell plc_auth = sfaImporter.plc_auth - AuthHierarchy = sfaImporter.AuthHierarchy - TrustedRoots = sfaImporter.TrustedRoots table = SfaTable() if not table.exists(): @@ -91,9 +77,9 @@ def main(): if not root_auth == interface_hrn: sfaImporter.create_top_level_auth_records(interface_hrn) - trace("Import: adding " + interface_hrn + " to trusted list", logger) - authority = AuthHierarchy.get_auth_info(interface_hrn) - TrustedRoots.add_gid(authority.get_gid_object()) + sfaImporter.logger.info("Import: adding " + interface_hrn + " to trusted list") + authority = sfaImporter.AuthHierarchy.get_auth_info(interface_hrn) + sfaImporter.TrustedRoots.add_gid(authority.get_gid_object()) if ".vini" in interface_hrn and interface_hrn.endswith('vini'): # create a fake internet2 site first @@ -266,7 +252,7 @@ def main(): sfaImporter.delete_record(record_hrn, type) # save pub keys - trace('Import: saving current pub keys', logger) + sfaImporter.logger.info('Import: saving current pub keys') save_keys(keys_filename, person_keys) if __name__ == "__main__": diff --git a/sfa/plc/sfa-nuke-plc.py b/sfa/plc/sfa-nuke-plc.py index 2b1b41f5..4bbf003b 100755 --- a/sfa/plc/sfa-nuke-plc.py +++ b/sfa/plc/sfa-nuke-plc.py @@ -13,6 +13,7 @@ import sys from sfa.trust.hierarchy import * from sfa.util.record import * from sfa.util.table import SfaTable +from sfa.util.sfalogging import sfa_import_logger def process_options(): @@ -24,7 +25,7 @@ def process_options(): def main(): process_options() - print "Purging SFA records from database" + sfa_import_logger.info("Purging SFA records from database") table = SfaTable() table.sfa_records_purge() diff --git a/sfa/plc/sfaImport.py b/sfa/plc/sfaImport.py index 98f6b799..82dc17c4 100644 --- a/sfa/plc/sfaImport.py +++ b/sfa/plc/sfaImport.py @@ -12,24 +12,24 @@ import getopt import sys import tempfile +from sfa.util.sfalogging import sfa_import_logger from sfa.util.record import * from sfa.util.table import SfaTable from sfa.util.namespace import * from sfa.util.config import Config -from sfa.util.report import trace, error from sfa.trust.certificate import convert_public_key, Keypair from sfa.trust.trustedroot import * from sfa.trust.hierarchy import * from sfa.trust.gid import create_uuid -def un_unicode(str): +def _un_unicode(str): if isinstance(str, unicode): return str.encode("ascii", "ignore") else: return str -def cleanup_string(str): +def _cleanup_string(str): # pgsql has a fit with strings that have high ascii in them, so filter it # out when generating the hrns. tmp = "" @@ -38,7 +38,7 @@ def cleanup_string(str): tmp = tmp + c str = tmp - str = un_unicode(str) + str = _un_unicode(str) str = str.replace(" ", "_") str = str.replace(".", "_") str = str.replace("(", "_") @@ -49,8 +49,8 @@ def cleanup_string(str): class sfaImport: - def __init__(self, logger=None): - self.logger = logger + def __init__(self): + self.logger = sfa_import_logger self.AuthHierarchy = Hierarchy() self.config = Config() self.TrustedRoots = TrustedRootList(Config.get_trustedroots_dir(self.config)) @@ -61,14 +61,13 @@ class sfaImport: self.shell = None if "Url" in self.plc_auth: from sfa.plc.remoteshell import RemoteShell - self.shell = RemoteShell() + self.shell = RemoteShell(self.logger) else: import PLC.Shell self.shell = PLC.Shell.Shell(globals = globals()) def create_top_level_auth_records(self, hrn): - AuthHierarchy = self.AuthHierarchy urn = hrn_to_urn(hrn, 'authority') # make sure parent exists parent_hrn = get_authority(hrn) @@ -78,31 +77,30 @@ class sfaImport: self.create_top_level_auth_records(parent_hrn) # create the authority if it doesnt already exist - if not AuthHierarchy.auth_exists(urn): - trace("Import: creating top level authorites", self.logger) - AuthHierarchy.create_auth(urn) + if not self.AuthHierarchy.auth_exists(urn): + self.logger.info("Import: creating top level authorites") + self.AuthHierarchy.create_auth(urn) # create the db record if it doesnt already exist - auth_info = AuthHierarchy.get_auth_info(hrn) + auth_info = self.AuthHierarchy.get_auth_info(hrn) table = SfaTable() auth_record = table.find({'type': 'authority', 'hrn': hrn}) if not auth_record: auth_record = SfaRecord(hrn=hrn, gid=auth_info.get_gid_object(), type="authority", pointer=-1) auth_record['authority'] = get_authority(auth_record['hrn']) - trace("Import: inserting authority record for " + hrn, self.logger) + self.logger.info("Import: inserting authority record for " + hrn) table.insert(auth_record) def import_person(self, parent_hrn, person): - AuthHierarchy = self.AuthHierarchy hrn = email_to_hrn(parent_hrn, person['email']) # ASN.1 will have problems with hrn's longer than 64 characters if len(hrn) > 64: hrn = hrn[:64] - trace("Import: importing person " + hrn, self.logger) + self.logger.info("Import: importing person " + hrn) key_ids = [] if 'key_ids' in person and person['key_ids']: key_ids = person["key_ids"] @@ -115,14 +113,14 @@ class sfaImport: pkey = Keypair(create=True) else: # the user has no keys - trace(" person " + hrn + " does not have a PL public key", self.logger) + self.logger.info(" person " + hrn + " does not have a PL public key") # if a key is unavailable, then we still need to put something in the # user's GID. So make one up. pkey = Keypair(create=True) # create the gid urn = hrn_to_urn(hrn, 'user') - person_gid = AuthHierarchy.create_gid(urn, create_uuid(), pkey) + person_gid = self.AuthHierarchy.create_gid(urn, create_uuid(), pkey) table = SfaTable() person_record = SfaRecord(hrn=hrn, gid=person_gid, type="user", pointer=person['person_id']) person_record['authority'] = get_authority(person_record['hrn']) @@ -130,26 +128,25 @@ class sfaImport: if not existing_records: table.insert(person_record) else: - trace("Import: %s exists, updating " % hrn, self.logger) + self.logger.info("Import: %s exists, updating " % hrn) existing_record = existing_records[0] person_record['record_id'] = existing_record['record_id'] table.update(person_record) def import_slice(self, parent_hrn, slice): - AuthHierarchy = self.AuthHierarchy slicename = slice['name'].split("_",1)[-1] - slicename = cleanup_string(slicename) + slicename = _cleanup_string(slicename) if not slicename: - error("Import_Slice: failed to parse slice name " + slice['name'], self.logger) + self.logger.error("Import_Slice: failed to parse slice name " + slice['name']) return hrn = parent_hrn + "." + slicename - trace("Import: importing slice " + hrn, self.logger) + self.logger.info("Import: importing slice " + hrn) pkey = Keypair(create=True) urn = hrn_to_urn(hrn, 'slice') - slice_gid = AuthHierarchy.create_gid(urn, create_uuid(), pkey) + slice_gid = self.AuthHierarchy.create_gid(urn, create_uuid(), pkey) slice_record = SfaRecord(hrn=hrn, gid=slice_gid, type="slice", pointer=slice['slice_id']) slice_record['authority'] = get_authority(slice_record['hrn']) table = SfaTable() @@ -157,22 +154,21 @@ class sfaImport: if not existing_records: table.insert(slice_record) else: - trace("Import: %s exists, updating " % hrn, self.logger) + self.logger.info("Import: %s exists, updating " % hrn) existing_record = existing_records[0] slice_record['record_id'] = existing_record['record_id'] table.update(slice_record) def import_node(self, parent_hrn, node): - AuthHierarchy = self.AuthHierarchy nodename = node['hostname'].split(".")[0] - nodename = cleanup_string(nodename) + nodename = _cleanup_string(nodename) if not nodename: - error("Import_node: failed to parse node name " + node['hostname'], self.logger) + self.logger.error("Import_node: failed to parse node name " + node['hostname']) return hrn = parent_hrn + "." + nodename - trace("Import: importing node " + hrn, self.logger) + self.logger.info("Import: importing node " + hrn) # ASN.1 will have problems with hrn's longer than 64 characters if len(hrn) > 64: hrn = hrn[:64] @@ -181,25 +177,24 @@ class sfaImport: node_record = table.find({'type': 'node', 'hrn': hrn}) pkey = Keypair(create=True) urn = hrn_to_urn(hrn, 'node') - node_gid = AuthHierarchy.create_gid(urn, create_uuid(), pkey) + node_gid = self.AuthHierarchy.create_gid(urn, create_uuid(), pkey) node_record = SfaRecord(hrn=hrn, gid=node_gid, type="node", pointer=node['node_id']) node_record['authority'] = get_authority(node_record['hrn']) existing_records = table.find({'hrn': hrn, 'type': 'node', 'pointer': node['node_id']}) if not existing_records: table.insert(node_record) else: - trace("Import: %s exists, updating " % hrn, self.logger) + self.logger.info("Import: %s exists, updating " % hrn) existing_record = existing_records[0] node_record['record_id'] = existing_record['record_id'] table.update(node_record) def import_site(self, parent_hrn, site): - AuthHierarchy = self.AuthHierarchy shell = self.shell plc_auth = self.plc_auth sitename = site['login_base'] - sitename = cleanup_string(sitename) + sitename = _cleanup_string(sitename) print 'importing site %s' % sitename hrn = parent_hrn + "." + sitename # Hardcode 'internet2' into the hrn for sites hosting @@ -214,13 +209,13 @@ class sfaImport: hrn = ".".join([parent_hrn, "internet2", sitename]) urn = hrn_to_urn(hrn, 'authority') - trace("Import: importing site " + hrn, self.logger) + self.logger.info("Import: importing site " + hrn) # create the authority - if not AuthHierarchy.auth_exists(urn): - AuthHierarchy.create_auth(urn) + if not self.AuthHierarchy.auth_exists(urn): + self.AuthHierarchy.create_auth(urn) - auth_info = AuthHierarchy.get_auth_info(urn) + auth_info = self.AuthHierarchy.get_auth_info(urn) table = SfaTable() auth_record = SfaRecord(hrn=hrn, gid=auth_info.get_gid_object(), type="authority", pointer=site['site_id']) @@ -229,7 +224,7 @@ class sfaImport: if not existing_records: table.insert(auth_record) else: - trace("Import: %s exists, updating " % hrn, self.logger) + self.logger.info("Import: %s exists, updating " % hrn) existing_record = existing_records[0] auth_record['record_id'] = existing_record['record_id'] table.update(auth_record) @@ -242,5 +237,5 @@ class sfaImport: table = SfaTable() record_list = table.find({'type': type, 'hrn': hrn}) for record in record_list: - trace("Import: Removing record %s %s" % (type, hrn), self.logger) + self.logger.info("Import: Removing record %s %s" % (type, hrn)) table.remove(record) diff --git a/sfa/plc/slices.py b/sfa/plc/slices.py index 041a5625..a3c7c1a0 100644 --- a/sfa/plc/slices.py +++ b/sfa/plc/slices.py @@ -14,7 +14,6 @@ from sfa.util.faults import * from sfa.util.record import SfaRecord from sfa.util.policy import Policy from sfa.util.prefixTree import prefixTree -from sfa.util.debug import log MAXINT = 2L**31-1 diff --git a/sfa/rspecs/aggregates/rspec_manager_max.py b/sfa/rspecs/aggregates/rspec_manager_max.py index c6504b99..51d7d14c 100644 --- a/sfa/rspecs/aggregates/rspec_manager_max.py +++ b/sfa/rspecs/aggregates/rspec_manager_max.py @@ -9,7 +9,6 @@ from sfa.util.specdict import * from sfa.util.faults import * from sfa.util.storage import * from sfa.util.policy import Policy -from sfa.util.debug import log from sfa.server.aggregate import Aggregates from sfa.server.registry import Registries from sfa.util.faults import * diff --git a/sfa/server/interface.py b/sfa/server/interface.py index dbc54891..9a1ceeaa 100644 --- a/sfa/server/interface.py +++ b/sfa/server/interface.py @@ -12,7 +12,6 @@ import traceback import sfa.util.xmlrpcprotocol as xmlrpcprotocol import sfa.util.soapprotocol as soapprotocol - # GeniLight client support is optional try: from egeni.geniLight_client import * @@ -136,8 +135,7 @@ class Interfaces(dict): except: message = "interface: %s\tunable to install trusted gid for %s" % \ (self.api.interface, new_hrn) - self.api.logger.info(message) - traceback.print_exc() + self.api.logger.log_exc(message) # reload the trusted certs list self.api.auth.load_trusted_certs() @@ -149,7 +147,7 @@ class Interfaces(dict): defined in the config file (registries.xml). Removes old records from the db. """ - # import SfaTable here so this module can be loaded by CompoenetAPI + # import SfaTable here so this module can be loaded by ComponentAPI from sfa.util.table import SfaTable if not gids: return diff --git a/sfa/server/modpython/SfaAggregateModPython.py b/sfa/server/modpython/SfaAggregateModPython.py index e1ab86dc..502fea63 100755 --- a/sfa/server/modpython/SfaAggregateModPython.py +++ b/sfa/server/modpython/SfaAggregateModPython.py @@ -13,23 +13,10 @@ import xmlrpclib from mod_python import apache from sfa.plc.api import SfaAPI -from sfa.util.debug import log +from sfa.util.sfalogging import sfa_logger api = SfaAPI(interface='aggregate') -class unbuffered: - """ - Write to /var/log/httpd/error_log. See - - http://www.modpython.org/FAQ/faqw.py?req=edit&file=faq02.003.htp - """ - - def write(self, data): - sys.stderr.write(data) - sys.stderr.flush() - -#log = unbuffered() - def handler(req): try: if req.method != "POST": @@ -66,5 +53,5 @@ def handler(req): except Exception, err: # Log error in /var/log/httpd/(ssl_)?error_log - print >> log, err, traceback.format_exc() + sfa_logger.log_exc('%r'%err) return apache.HTTP_INTERNAL_SERVER_ERROR diff --git a/sfa/server/modpython/SfaRegistryModPython.py b/sfa/server/modpython/SfaRegistryModPython.py index a9044ebb..276005e8 100755 --- a/sfa/server/modpython/SfaRegistryModPython.py +++ b/sfa/server/modpython/SfaRegistryModPython.py @@ -11,24 +11,12 @@ import sys import traceback import xmlrpclib from mod_python import apache -from sfa.util.debug import log + from sfa.plc.api import SfaAPI +from sfa.util.sfalogging import sfa_logger api = SfaAPI(interface='registry') -class unbuffered: - """ - Write to /var/log/httpd/error_log. See - - http://www.modpython.org/FAQ/faqw.py?req=edit&file=faq02.003.htp - """ - - def write(self, data): - sys.stderr.write(data) - sys.stderr.flush() - -#log = unbuffered() - def handler(req): try: if req.method != "POST": @@ -65,5 +53,5 @@ def handler(req): except Exception, err: # Log error in /var/log/httpd/(ssl_)?error_log - print >> log, err, traceback.format_exc() + sfa_logger.log_exc('%r'%err) return apache.HTTP_INTERNAL_SERVER_ERROR diff --git a/sfa/server/modpython/SfaSliceMgrModPython.py b/sfa/server/modpython/SfaSliceMgrModPython.py index 7ad8e0d4..1560c801 100755 --- a/sfa/server/modpython/SfaSliceMgrModPython.py +++ b/sfa/server/modpython/SfaSliceMgrModPython.py @@ -13,23 +13,10 @@ import xmlrpclib from mod_python import apache from sfa.plc.api import SfaAPI -from sfa.util.debug import log +from sfa.util.sfalogging import sfa_logger api = SfaAPI(interface='slicemgr') -class unbuffered: - """ - Write to /var/log/httpd/error_log. See - - http://www.modpython.org/FAQ/faqw.py?req=edit&file=faq02.003.htp - """ - - def write(self, data): - sys.stderr.write(data) - sys.stderr.flush() - -#log = unbuffered() - def handler(req): try: if req.method != "POST": @@ -66,5 +53,5 @@ def handler(req): except Exception, err: # Log error in /var/log/httpd/(ssl_)?error_log - print >> log, err, traceback.format_exc() + sfa_logger.log_exc('%r'%err) return apache.HTTP_INTERNAL_SERVER_ERROR diff --git a/sfa/server/modpythonapi/BaseClient.py b/sfa/server/modpythonapi/BaseClient.py index 448f9346..56d72860 100755 --- a/sfa/server/modpythonapi/BaseClient.py +++ b/sfa/server/modpythonapi/BaseClient.py @@ -2,45 +2,47 @@ import xmlrpclib from ApiExceptionCodes import * -VerboseExceptions = False - -def EnableVerboseExceptions(x=True): - global VerboseExceptions - VerboseExceptions = x - class ExceptionUnmarshaller(xmlrpclib.Unmarshaller): def close(self): - try: - return xmlrpclib.Unmarshaller.close(self) - except xmlrpclib.Fault, e: - # if the server tagged some traceback info onto the end of the - # exception text, then print it out on the client. - - if "\nFAULT_TRACEBACK:" in e.faultString: - parts = e.faultString.split("\nFAULT_TRACEBACK:") - e.faultString = parts[0] - if VerboseExceptions: - print "\n|Server Traceback:", "\n|".join(parts[1].split("\n")) - - raise e - + try: + return xmlrpclib.Unmarshaller.close(self) + except xmlrpclib.Fault, e: + # if the server tagged some traceback info onto the end of the + # exception text, then print it out on the client. + + if "\nFAULT_TRACEBACK:" in e.faultString: + parts = e.faultString.split("\nFAULT_TRACEBACK:") + e.faultString = parts[0] + if BaseClient.VerboseExceptions: + print "\n|Server Traceback:", "\n|".join(parts[1].split("\n")) + + raise e + class ExceptionReportingTransport(xmlrpclib.Transport): def make_connection(self, host): - import httplib - if host.startswith("https:"): - return httplib.HTTPS(host) - else: - return httplib.HTTP(host) - - def getparser(self): - unmarshaller = ExceptionUnmarshaller() - parser = xmlrpclib.ExpatParser(unmarshaller) + import httplib + if host.startswith("https:"): + return httplib.HTTPS(host) + else: + return httplib.HTTP(host) + + def getparser(self): + unmarshaller = ExceptionUnmarshaller() + parser = xmlrpclib.ExpatParser(unmarshaller) return parser, unmarshaller class BaseClient(): + + VerboseExceptions = False + def __init__(self, url): self.url = url self.server = xmlrpclib.ServerProxy(self.url, ExceptionReportingTransport()) def noop(self, value): return self.server.noop(value) + + @staticmethod + def EnableVerboseExceptions(x=True): + BaseClient.VerboseExceptions = x + diff --git a/sfa/server/modpythonapi/ModPython.py b/sfa/server/modpythonapi/ModPython.py index 64ceb990..4e5f80a7 100755 --- a/sfa/server/modpythonapi/ModPython.py +++ b/sfa/server/modpythonapi/ModPython.py @@ -12,22 +12,10 @@ import traceback import xmlrpclib from mod_python import apache +from sfa.util.logging import sfa_logger from API import RemoteApi api = RemoteApi() -class unbuffered: - """ - Write to /var/log/httpd/error_log. See - - http://www.modpython.org/FAQ/faqw.py?req=edit&file=faq02.003.htp - """ - - def write(self, data): - sys.stderr.write(data) - sys.stderr.flush() - -#log = unbuffered() - def handler(req): try: if req.method != "POST": @@ -64,5 +52,5 @@ def handler(req): except Exception, err: # Log error in /var/log/httpd/(ssl_)?error_log - print >> log, err, traceback.format_exc() + sfa_logger.log_exc("%r"%e) return apache.HTTP_INTERNAL_SERVER_ERROR diff --git a/sfa/server/modpythonapi/test.py b/sfa/server/modpythonapi/test.py index d3fafed9..941cb052 100755 --- a/sfa/server/modpythonapi/test.py +++ b/sfa/server/modpythonapi/test.py @@ -1,10 +1,10 @@ import sys import traceback -from BaseClient import BaseClient, EnableVerboseExceptions +from BaseClient import BaseClient from AuthenticatedClient import AuthenticatedClient -EnableVerboseExceptions(True) +BaseClient.EnableVerboseExceptions(True) HOST = "localhost" URL = "http://" + HOST + "/TESTAPI/" diff --git a/sfa/server/sfa-clean-peer-records.py b/sfa/server/sfa-clean-peer-records.py index 5edb3f36..e3d81289 100644 --- a/sfa/server/sfa-clean-peer-records.py +++ b/sfa/server/sfa-clean-peer-records.py @@ -10,7 +10,6 @@ from sfa.plc.api import SfaAPI from sfa.util.config import Config from sfa.trust.certificate import Keypair from sfa.trust.hierarchy import Hierarchy -from sfa.util.report import trace, error from sfa.server.registry import Registries import sfa.util.xmlrpcprotocol as xmlrpcprotocol import socket diff --git a/sfa/server/sfa-server.py b/sfa/server/sfa-server.py index 326258ed..e3ad1a29 100755 --- a/sfa/server/sfa-server.py +++ b/sfa/server/sfa-server.py @@ -1,8 +1,5 @@ #!/usr/bin/python # -### $Id$ -### $URL$ -# # SFA PLC Wrapper # # This wrapper implements the SFA Registry and Slice Interfaces on PLC. @@ -30,18 +27,21 @@ ## # TCP ports for the three servers -registry_port=12345 -aggregate_port=12346 -slicemgr_port=12347 +#registry_port=12345 +#aggregate_port=12346 +#slicemgr_port=12347 +### xxx todo not in the config yet component_port=12346 import os, os.path import sys from optparse import OptionParser +import logging + +from sfa.util.sfalogging import sfa_logger from sfa.trust.trustedroot import TrustedRootList from sfa.trust.certificate import Keypair, Certificate from sfa.trust.hierarchy import Hierarchy from sfa.util.config import Config -from sfa.util.report import trace from sfa.plc.api import SfaAPI from sfa.server.registry import Registries from sfa.server.aggregate import Aggregates @@ -56,7 +56,7 @@ def daemon(): devnull = os.open(os.devnull, os.O_RDWR) os.dup2(devnull, 0) # xxx fixme - this is just to make sure that nothing gets stupidly lost - should use devnull - crashlog = os.open('/var/log/sfa.daemon', os.O_RDWR | os.O_APPEND | os.O_CREAT, 0644) + crashlog = os.open('/var/log/httpd/sfa_access_log', os.O_RDWR | os.O_APPEND | os.O_CREAT, 0644) os.dup2(crashlog, 1) os.dup2(crashlog, 2) @@ -82,8 +82,8 @@ def init_server_key(server_key_file, server_cert_file, config, hierarchy): if not os.path.exists(key_file): # if it doesnt exist then this is probably a fresh interface # with no records. Generate a random keypair for now - trace("server's public key not found in %s" % key_file) - trace("generating a random server key pair") + sfa_logger.debug("server's public key not found in %s" % key_file) + sfa_logger.debug("generating a random server key pair") key = Keypair(create=True) key.save_to_file(server_key_file) cert = Certificate(subject=subject) @@ -160,13 +160,6 @@ def sync_interfaces(server_key_file, server_cert_file): aggregates.sync_interfaces() def main(): - # xxx get rid of globals - name consistently CamelCase or under_score - global AuthHierarchy - global TrustedRoots - global registry_port - global aggregate_port - global slicemgr_port - # Generate command line parser parser = OptionParser(usage="sfa-server [options]") parser.add_option("-r", "--registry", dest="registry", action="store_true", @@ -182,9 +175,10 @@ def main(): parser.add_option("-d", "--daemon", dest="daemon", action="store_true", help="Run as daemon.", default=False) (options, args) = parser.parse_args() - + if options.verbose: sfa_logger.setLevel(logging.DEBUG) config = Config() + if config.SFA_API_DEBUG: sfa_logger.setLevel(logging.DEBUG) hierarchy = Hierarchy() server_key_file = os.path.join(hierarchy.basedir, "server.key") server_cert_file = os.path.join(hierarchy.basedir, "server.cert") @@ -197,25 +191,29 @@ def main(): # start registry server if (options.registry): from sfa.server.registry import Registry - r = Registry("", registry_port, server_key_file, server_cert_file) + r = Registry("", config.SFA_REGISTRY_PORT, server_key_file, server_cert_file) r.start() # start aggregate manager if (options.am): from sfa.server.aggregate import Aggregate - a = Aggregate("", aggregate_port, server_key_file, server_cert_file) + a = Aggregate("", config.SFA_AGGREGATE_PORT, server_key_file, server_cert_file) a.start() # start slice manager if (options.sm): from sfa.server.slicemgr import SliceMgr - s = SliceMgr("", slicemgr_port, server_key_file, server_cert_file) + s = SliceMgr("", config.SFA_SM_PORT, server_key_file, server_cert_file) s.start() if (options.cm): from sfa.server.component import Component - c = Component("", component_port, server_key_file, server_cert_file) + c = Component("", config.component_port, server_key_file, server_cert_file) +# c = Component("", config.SFA_COMPONENT_PORT, server_key_file, server_cert_file) c.start() if __name__ == "__main__": - main() + try: + main() + except: + sfa_logger.log_exc_critical("SFA server is exiting") diff --git a/sfa/server/sfa_component_setup.py b/sfa/server/sfa_component_setup.py index 628ae7a8..db1c965d 100755 --- a/sfa/server/sfa_component_setup.py +++ b/sfa/server/sfa_component_setup.py @@ -146,7 +146,7 @@ def get_credential(registry=None, force=False, verbose=False): registry = get_server(url=registry, keyfile=keyfile, certfile=certfile) cert = Certificate(filename=certfile) cert_str = cert.save_to_string(save_parents=True) - cred = registry.GetSelfCredential(cert_str, hrn, 'node') + cred = registry.GetSelfCredential(cert_str, 'node', hrn) Credential(string=cred).save_to_file(credfile, save_parents=True) return cred diff --git a/sfa/trust/Makefile b/sfa/trust/Makefile new file mode 100644 index 00000000..efa3ca9d --- /dev/null +++ b/sfa/trust/Makefile @@ -0,0 +1,2 @@ +tags: + etags *.py diff --git a/sfa/trust/auth.py b/sfa/trust/auth.py index d0d4abf4..b596d8d4 100644 --- a/sfa/trust/auth.py +++ b/sfa/trust/auth.py @@ -6,7 +6,6 @@ # -#import sfa.util.sfalogging from sfa.trust.certificate import Keypair, Certificate from sfa.trust.credential import Credential from sfa.trust.trustedroot import TrustedRootList @@ -238,7 +237,7 @@ class Auth: verify_cancreate_credential() """ - rl = RightList() + rl = Rights() type = record['type'] diff --git a/sfa/trust/certificate.py b/sfa/trust/certificate.py index ca4858bb..64ac865f 100644 --- a/sfa/trust/certificate.py +++ b/sfa/trust/certificate.py @@ -48,7 +48,7 @@ from OpenSSL import crypto import M2Crypto from M2Crypto import X509 -import sfa.util.sfalogging +from sfa.util.sfalogging import sfa_logger from sfa.util.namespace import urn_to_hrn from sfa.util.faults import * @@ -79,7 +79,7 @@ def convert_public_key(key): try: k.load_pubkey_from_file(ssl_fn) except: - traceback.print_exc() + sfa_logger.log_exc("convert_public_key caught exception") k = None # remove the temporary files @@ -585,21 +585,21 @@ class Certificate: # if this cert is signed by a trusted_cert, then we are set for trusted_cert in trusted_certs: if self.is_signed_by_cert(trusted_cert): - sfa.util.sfalogging.logger.debug("Cert %s signed by trusted cert %s", self.get_subject(), trusted_cert.get_subject()) + sfa_logger.debug("Cert %s signed by trusted cert %s", self.get_subject(), trusted_cert.get_subject()) # verify expiration of trusted_cert ? if not trusted_cert.cert.has_expired(): return trusted_cert else: - sfa.util.sfalogging.logger.debug("Trusted cert %s is expired", trusted_cert.get_subject()) + sfa_logger.debug("Trusted cert %s is expired", trusted_cert.get_subject()) # if there is no parent, then no way to verify the chain if not self.parent: - #print self.get_subject(), "has no parent" + sfa_logger.debug("%r has no parent"%self.get_subject()) raise CertMissingParent(self.get_subject()) # if it wasn't signed by the parent... if not self.is_signed_by_cert(self.parent): - #print self.get_subject(), "is not signed by parent" + sfa_logger.debug("%r is not signed by parent"%self.get_subject()) return CertNotSignedByParent(self.get_subject()) # if the parent isn't verified... diff --git a/sfa/trust/credential.py b/sfa/trust/credential.py index 6384afcc..ebecedb0 100644 --- a/sfa/trust/credential.py +++ b/sfa/trust/credential.py @@ -35,15 +35,12 @@ from tempfile import mkstemp from xml.dom.minidom import Document, parseString from dateutil.parser import parse -import sfa.util.sfalogging +from sfa.util.faults import * +from sfa.util.sfalogging import sfa_logger from sfa.trust.certificate import Keypair from sfa.trust.credential_legacy import CredentialLegacy -from sfa.trust.rights import * -from sfa.trust.gid import * -from sfa.util.faults import * - - - +from sfa.trust.rights import Right, Rights +from sfa.trust.gid import GID # Two years, in seconds DEFAULT_CREDENTIAL_LIFETIME = 60 * 60 * 24 * 365 * 2 @@ -342,17 +339,17 @@ class Credential(object): ## # set the privileges # - # @param privs either a comma-separated list of privileges of a RightList object + # @param privs either a comma-separated list of privileges of a Rights object def set_privileges(self, privs): if isinstance(privs, str): - self.privileges = RightList(string = privs) + self.privileges = Rights(string = privs) else: self.privileges = privs ## - # return the privileges as a RightList object + # return the privileges as a Rights object def get_privileges(self): if not self.privileges: @@ -590,7 +587,7 @@ class Credential(object): # Process privileges privs = cred.getElementsByTagName("privileges")[0] - rlist = RightList() + rlist = Rights() for priv in privs.getElementsByTagName("privilege"): kind = getTextNode(priv, "name") deleg = str2bool(getTextNode(priv, "can_delegate")) @@ -662,7 +659,7 @@ class Credential(object): trusted_cert_objects.append(GID(filename=f)) ok_trusted_certs.append(f) except Exception, exc: - sfa.util.sfalogging.logger.error("Failed to load trusted cert from %s: %r", f, exc) + sfa_logger.error("Failed to load trusted cert from %s: %r", f, exc) trusted_certs = ok_trusted_certs # Use legacy verification if this is a legacy credential @@ -745,7 +742,7 @@ class Credential(object): # Maybe should be (hrn, type) = urn_to_hrn(root_cred_signer.get_urn()) root_cred_signer_type = root_cred_signer.get_type() if (root_cred_signer_type == 'authority'): - #sfa.util.sfalogging.logger.debug('Cred signer is an authority') + #sfa_logger.debug('Cred signer is an authority') # signer is an authority, see if target is in authority's domain hrn = root_cred_signer.get_hrn() if root_target_gid.get_hrn().startswith(hrn): diff --git a/sfa/trust/credential_legacy.py b/sfa/trust/credential_legacy.py index dc02941d..b868f2da 100644 --- a/sfa/trust/credential_legacy.py +++ b/sfa/trust/credential_legacy.py @@ -10,10 +10,10 @@ import xmlrpclib -from sfa.trust.certificate import Certificate -from sfa.trust.rights import * -from sfa.trust.gid import * from sfa.util.faults import * +from sfa.trust.certificate import Certificate +from sfa.trust.rights import Right,Rights +from sfa.trust.gid import GID ## # Credential is a tuple: @@ -110,16 +110,16 @@ class CredentialLegacy(Certificate): ## # set the privileges # - # @param privs either a comma-separated list of privileges of a RightList object + # @param privs either a comma-separated list of privileges of a Rights object def set_privileges(self, privs): if isinstance(privs, str): - self.privileges = RightList(string = privs) + self.privileges = Rights(string = privs) else: self.privileges = privs ## - # return the privileges as a RightList object + # return the privileges as a Rights object def get_privileges(self): if not self.privileges: @@ -176,7 +176,7 @@ class CredentialLegacy(Certificate): privStr = dict.get("privileges", None) if privStr: - self.privileges = RightList(string = privStr) + self.privileges = Rights(string = privStr) else: self.privileges = None diff --git a/sfa/trust/gid.py b/sfa/trust/gid.py index 678c1a3f..6adfec5f 100644 --- a/sfa/trust/gid.py +++ b/sfa/trust/gid.py @@ -30,7 +30,7 @@ import xmlrpclib import uuid -import sfa.util.sfalogging +from sfa.util.sfalogging import sfa_logger from sfa.trust.certificate import Certificate from sfa.util.namespace import * @@ -82,7 +82,7 @@ class GID(Certificate): Certificate.__init__(self, create, subject, string, filename) if subject: - sfa.util.sfalogging.logger.debug("Creating GID for subject: %s" % subject) + sfa_logger.debug("Creating GID for subject: %s" % subject) if uuid: self.uuid = int(uuid) if hrn: @@ -204,8 +204,7 @@ class GID(Certificate): if self.parent: # make sure the parent's hrn is a prefix of the child's hrn if not self.get_hrn().startswith(self.parent.get_hrn()): - #print self.get_hrn(), " ", self.parent.get_hrn() - raise GidParentHrn("This cert %s HRN doesnt start with parent HRN %s" % (self.get_hrn(), self.parent.get_hrn())) + raise GidParentHrn("This cert HRN %s doesnt start with parent HRN %s" % (self.get_hrn(), self.parent.get_hrn())) else: # make sure that the trusted root's hrn is a prefix of the child's trusted_gid = GID(string=trusted_root.save_to_string()) diff --git a/sfa/trust/hierarchy.py b/sfa/trust/hierarchy.py index 6ab509e1..1f8afcf0 100644 --- a/sfa/trust/hierarchy.py +++ b/sfa/trust/hierarchy.py @@ -17,7 +17,7 @@ import os -from sfa.util.report import * +from sfa.util.sfalogging import sfa_logger from sfa.trust.certificate import Keypair from sfa.trust.credential import * from sfa.trust.gid import GID, create_uuid @@ -161,7 +161,7 @@ class Hierarchy: def create_auth(self, xrn, create_parents=False): hrn, type = urn_to_hrn(xrn) - trace("Hierarchy: creating authority: " + hrn) + sfa_logger.debug("Hierarchy: creating authority: " + hrn) # create the parent authority if necessary parent_hrn = get_authority(hrn) @@ -181,7 +181,7 @@ class Hierarchy: pass if os.path.exists(privkey_filename): - print "using existing key", privkey_filename, "for authority", hrn + sfa_logger.debug("using existing key %r for authority %r"%(privkey_filename,hrn)) pkey = Keypair(filename = privkey_filename) else: pkey = Keypair(create = True) @@ -205,9 +205,8 @@ class Hierarchy: # @param xrn the human readable name of the authority to create (urn will be converted to hrn). def get_auth_info(self, xrn): - - #trace("Hierarchy: getting authority: " + hrn) hrn, type = urn_to_hrn(xrn) + sfa_logger.debug("Hierarchy: xrn=%s, getting authority for hrn=%s"%(xrn,hrn)) if not self.auth_exists(hrn): raise MissingAuthority(hrn) diff --git a/sfa/trust/rights.py b/sfa/trust/rights.py index 59324e8d..bb4dffe6 100644 --- a/sfa/trust/rights.py +++ b/sfa/trust/rights.py @@ -4,7 +4,7 @@ # # Right - represents a single right # -# RightList - represents a list of rights +# Rights - represents a list of rights # # A right may allow several different operations. For example, the "info" right # allows "listslices", "listcomponentresources", etc. @@ -24,9 +24,11 @@ privilege_table = {"authority": ["register", "remove", "update", "resolve", "lis "sa": ["getticket", "redeemslice", "redeemticket", "createslice", "createsliver", "deleteslice", "deletesliver", "updateslice", "getsliceresources", "getticket", "loanresources", "stopslice", "startslice", "renewsliver", "deleteslice", "deletesliver", "resetslice", "listslices", "listnodes", "getpolicy", "sliverstatus"], - "embed": ["getticket", "redeemslice", "redeemticket", "createslice", "createsliver", "renewsliver", "deleteslice", "deletesliver", "updateslice", "sliverstatus", "getsliceresources", "shutdown"], + "embed": ["getticket", "redeemslice", "redeemticket", "createslice", "createsliver", "renewsliver", "deleteslice", + "deletesliver", "updateslice", "sliverstatus", "getsliceresources", "shutdown"], "bind": ["getticket", "loanresources", "redeemticket"], - "control": ["updateslice", "createslice", "createsliver", "renewsliver", "sliverstatus", "stopslice", "startslice", "deleteslice", "deletesliver", "resetslice", "getsliceresources", "getgids"], + "control": ["updateslice", "createslice", "createsliver", "renewsliver", "sliverstatus", "stopslice", "startslice", + "deleteslice", "deletesliver", "resetslice", "getsliceresources", "getgids"], "info": ["listslices", "listnodes", "getpolicy"], "ma": ["setbootstate", "getbootstate", "reboot", "getgids", "gettrustedcerts"], "operator": ["gettrustedcerts", "getgids"], @@ -35,17 +37,17 @@ privilege_table = {"authority": ["register", "remove", "update", "resolve", "lis ## -# Determine tje rights that an object should have. The rights are entirely +# Determine the rights that an object should have. The rights are entirely # dependent on the type of the object. For example, users automatically # get "refresh", "resolve", and "info". # # @param type the type of the object (user | sa | ma | slice | node) # @param name human readable name of the object (not used at this time) # -# @return RightList object containing rights +# @return Rights object containing rights def determine_rights(type, name): - rl = RightList() + rl = Rights() # rights seem to be somewhat redundant with the type of the credential. # For example, a "sa" credential implies the authority right, because @@ -132,9 +134,9 @@ class Right: return True ## -# A RightList object represents a list of privileges. +# A Rights object represents a list of privileges. -class RightList: +class Rights: ## # Create a new rightlist object, containing no rights. # @@ -252,10 +254,10 @@ class RightList: # @param type the type of the object (user | sa | ma | slice | node) # @param name human readable name of the object (not used at this time) # - # @return RightList object containing rights + # @return Rights object containing rights def determine_rights(self, type, name): - rl = RightList() + rl = Rights() # rights seem to be somewhat redundant with the type of the credential. # For example, a "sa" credential implies the authority right, because diff --git a/sfa/util/PostgreSQL.py b/sfa/util/PostgreSQL.py index 984e5149..7ae94426 100644 --- a/sfa/util/PostgreSQL.py +++ b/sfa/util/PostgreSQL.py @@ -18,7 +18,7 @@ import re from pprint import pformat from sfa.util.faults import * -from sfa.util.debug import * +from sfa.util.sfalogging import sfa_logger if not psycopg2: is8bit = re.compile("[\x80-\xff]").search @@ -179,21 +179,21 @@ class PostgreSQL: if not params: if self.debug: - print >> log,'execute0',query + sfa_logger.debug('execute0 %r'%query) cursor.execute(query) elif isinstance(params,dict): if self.debug: - print >> log,'execute-dict: params',params,'query',query%params + sfa_logger.debug('execute-dict: params=[%r] query=[%r]'%(params,query%params)) cursor.execute(query,params) elif isinstance(params,tuple) and len(params)==1: if self.debug: - print >> log,'execute-tuple',query%params[0] + sfa_logger.debug('execute-tuple %r'%(query%params[0])) cursor.execute(query,params[0]) else: param_seq=(params,) if self.debug: for params in param_seq: - print >> log,'executemany',query%params + sfa_logger.debug('executemany %r'%(query%params)) cursor.executemany(query, param_seq) (self.rowcount, self.description, self.lastrowid) = \ (cursor.rowcount, cursor.description, cursor.lastrowid) @@ -203,12 +203,11 @@ class PostgreSQL: except: pass uuid = commands.getoutput("uuidgen") - print >> log, "Database error %s:" % uuid - print >> log, e - print >> log, "Query:" - print >> log, query - print >> log, "Params:" - print >> log, pformat(params) + sfa_logger.error("Database error %s:" % uuid) + sfa_logger.error("Exception=%r"%e) + sfa_logger.error("Query=%r"%query) + sfa_logger.error("Params=%r"%pformat(params)) + sfa_logger.log_exc("PostgreSQL.execute caught exception") raise SfaDBError("Please contact support: %s" % str(e)) return cursor diff --git a/sfa/util/api.py b/sfa/util/api.py index 65ccc88b..1e131be4 100644 --- a/sfa/util/api.py +++ b/sfa/util/api.py @@ -11,11 +11,10 @@ import traceback import string import xmlrpclib -import sfa.util.sfalogging +from sfa.util.sfalogging import sfa_logger from sfa.trust.auth import Auth from sfa.util.config import * from sfa.util.faults import * -from sfa.util.debug import * from sfa.trust.credential import * from sfa.trust.certificate import * from sfa.util.namespace import * @@ -148,7 +147,7 @@ class BaseAPI: self.credential = None self.source = None self.time_format = "%Y-%m-%d %H:%M:%S" - self.logger=sfa.util.sfalogging.logger + self.logger=sfa_logger # load registries from sfa.server.registry import Registries @@ -243,7 +242,7 @@ class BaseAPI: except SfaFault, fault: result = fault except Exception, fault: - traceback.print_exc(file = log) + sfa_logger.log_exc("BaseAPI.handle has caught Exception") result = SfaAPIError(fault) diff --git a/sfa/util/client.py b/sfa/util/client.py deleted file mode 100644 index ed3ec812..00000000 --- a/sfa/util/client.py +++ /dev/null @@ -1,382 +0,0 @@ -## -# This module implements the client-side of the SFA API. Stubs are provided -# that convert the supplied parameters to the necessary format and send them -# via XMLRPC to an SFA Server. -# -# TODO: Investigate ways to combine this with existing PLC API? -## - -### $Id$ -### $URL$ - -from sfa.trust.certificate import * -from sfa.trust.gid import * -from sfa.trust.credential import * -from sfa.util.record import * -from sfa.util.sfaticket import SfaTicket - -## -# The GeniClient class provides stubs for executing SFA operations. A given -# client object connects to one server. To connect to multiple servers, create -# multiple GeniClient objects. -# -# The SFA protocol uses an HTTPS connection, and the client's side of the -# connection uses his private key. Generally, this private key must match the -# public key that is containing in the GID that the client is providing for -# those functions that take a GID. - -class GeniClient: - ## - # Create a new GeniClient object. - # - # @param url is the url of the server - # @param key_file = private key file of client - # @param cert_file = x.509 cert containing the client's public key. This - # could be a GID certificate, or any x.509 cert. - # @param protocol The ORPC protocol to use. Can be "soap" or "xmlrpc" - - def __init__(self, url, key_file, cert_file, protocol="xmlrpc"): - self.url = url - self.key_file = key_file - self.cert_file = cert_file - self.key = Keypair(filename = self.key_file) - - - if (protocol=="xmlrpc"): - import xmlrpcprotocol - self.server = xmlrpcprotocol.get_server(self.url, self.key_file, self.cert_file) - elif (protocol=="soap"): - import soapprotocol - self.server = soapprotocol.get_server(self.url, self.key_file, self.cert_file) - else: - raise Exception("Attempted use of undefined protocol %s"%protocol) - - - # ------------------------------------------------------------------------- - # Registry Interface - # ------------------------------------------------------------------------- - - ## - # Create a new GID. For MAs and SAs that are physically located on the - # registry, this allows a owner/operator/PI to create a new GID and have it - # signed by his respective authority. - # - # @param cred credential of caller - # @param name hrn for new GID - # @param uuid unique identifier for new GID - # @param pkey_string public-key string (TODO: why is this a string and not a keypair object?) - # - # @return a GID object - - def create_gid(self, cred, name, uuid, pkey_string): - gid_str = self.server.create_gid(cred.save_to_string(save_parents=True), name, uuid, pkey_string) - return GID(string=gid_str) - - ## - # Retrieve the GID for an object. This function looks up a record in the - # registry and returns the GID of the record if it exists. - # TODO: Is this function needed? It's a shortcut for Resolve() - # - # @param name hrn to look up - # - # @return a GID object - - #def get_gid(self, name): - # gid_str_list = self.server.get_gid(name) - # gid_list = [] - # for str in gid_str_list: - # gid_list.append(GID(string=str)) - # return gid_list - - - def get_gid(self, cert, hrn, type, request_hash): - cert_string = cert.save_to_string(save_parents=True) - gid_str = self.server.get_gid(cert_string, hrn, type, request_hash) - return GID(string=gid_str) - ## - # Get_self_credential a degenerate version of get_credential used by a - # client to get his initial credential when he doesn't have one. This is - # the same as get_credential(..., cred=None,...). - # - # The registry ensures that the client is the principal that is named by - # (type, name) by comparing the public key in the record's GID to the - # private key used to encrypt the client-side of the HTTPS connection. Thus - # it is impossible for one principal to retrieve another principal's - # credential without having the appropriate private key. - # - # @param type type of object (user | slice | sa | ma | node - # @param name human readable name of object - # - # @return a credential object - - def get_self_credential(self, type, name): - cred_str = self.server.get_self_credential(type, name) - return Credential(string = cred_str) - - ## - # Retrieve a credential for an object. - # - # If cred==None, then the behavior reverts to get_self_credential() - # - # @param cred credential object specifying rights of the caller - # @param type type of object (user | slice | sa | ma | node) - # @param name human readable name of object - # - # @return a credental object - - def get_credential(self, cred, type, name): - if cred: - cred = cred.save_to_string(save_parents=True) - cred_str = self.server.get_credential(cred, type, name) - return Credential(string = cred_str) - - ## - # List the records in an authority. The objectGID in the supplied credential - # should name the authority that will be listed. - # - # @param cred credential object specifying rights of the caller - # - # @return list of record objects - - def list(self, cred, auth_hrn, caller_cred=None): - result_dict_list = self.server.list(cred.save_to_string(save_parents=True), auth_hrn, caller_cred) - result_rec_list = [] - for dict in result_dict_list: - result_rec_list.append(SfaRecord(dict=dict)) - return result_rec_list - - ## - # Register an object with the registry. In addition to being stored in the - # SFA database, the appropriate records will also be created in the - # PLC databases. - # - # - # - # @param cred credential object specifying rights of the caller - # @param record to register - # - # @return GID object for the newly-registered record - - def register(self, cred, record, caller_cred=None): - gid_str = self.server.register(cred.save_to_string(save_parents=True), record.as_dict(), caller_cred) - return GID(string = gid_str) - - - ## - # Register a peer object with the registry. - # - # - # @param cred credential object specifying rights of the caller - # @param record to register - # - # @return GID object for the newly-registered record - - def register_peer_object(self, cred, record, caller_cred=None): - return self.server.register_peer_object(cred.save_to_string(save_parents=True), record, caller_cred) - - ## - # Remove an object from the registry. If the object represents a PLC object, - # then the PLC records will also be removed. - # - # @param cred credential object specifying rights of the caller - # @param type - # @param hrn - - def remove(self, cred, type, hrn, caller_cred=None): - return self.server.remove(cred.save_to_string(save_parents=True), type, hrn, caller_cred) - - ## - # Remove a peer object from the registry. If the object represents a PLC object, - # then the PLC records will also be removed. - # - # @param cred credential object specifying rights of the caller - # @param type - # @param hrn - - def remove_peer_object(self, cred, record, caller_cred=None): - result = self.server.remove_peer_object(cred.save_to_string(save_parents=True), record, caller_cred) - return result - - ## - # Resolve an object in the registry. A given HRN may have multiple records - # associated with it, and therefore multiple records may be returned. The - # caller should check the type fields of the records to find the one that - # he is interested in. - # - # @param cred credential object specifying rights of the caller - # @param name human readable name of object - - def resolve(self, cred, name, caller_cred=None): - result_dict_list = self.server.resolve(cred.save_to_string(save_parents=True), name, caller_cred) - result_rec_list = [] - for dict in result_dict_list: - if dict['type'] in ['authority']: - result_rec_list.append(AuthorityRecord(dict=dict)) - elif dict['type'] in ['node']: - result_rec_list.append(NodeRecord(dict=dict)) - elif dict['type'] in ['slice']: - result_rec_list.append(SliceRecord(dict=dict)) - elif dict['type'] in ['user']: - result_rec_list.append(UserRecord(dict=dict)) - else: - result_rec_list.append(SfaRecord(dict=dict)) - return result_rec_list - - ## - # Update an object in the registry. Currently, this only updates the - # PLC information associated with the record. The SFA fields (name, type, - # GID) are fixed. - # - # - # - # @param cred credential object specifying rights of the caller - # @param record a record object to be updated - - def update(self, cred, record, caller_cred=None): - result = self.server.update(cred.save_to_string(save_parents=True), record.as_dict(), caller_cred) - return result - - - #------------------------------------------------------------------------- - # Aggregate Interface - #------------------------------------------------------------------------- - - ## list resources - # - # @param cred a credential - # @param hrn slice hrn - - def get_resources(self, cred, hrn=None, caller_cred=None): - result = self.server.get_resources(cred.save_to_string(save_parents=True), hrn, caller_cred) - return result - - def get_aggregates(self, cred, hrn=None): - result = self.server.get_aggregates(cred.save_to_string(save_parents=True), hrn) - return result - - def get_registries(self, cred, hrn=None): - result = self.server.get_registries(cred.save_to_string(save_parents=True), hrn) - return result - - ## get policy - # - # @param cred a credential - - def get_policy(self, cred): - result = self.server.get_policy(cred.save_to_string(save_parents=True)) - return result - - ## create slice - # - # @param cred a credential - # @param rspec resource specification defining how to instantiate the slice - - def create_slice(self, cred, hrn, rspec, caller_cred=None): - result = self.server.create_slice(cred.save_to_string(save_parents=True), hrn, rspec, caller_cred) - return result - - - ## delete slice - # - # @param cred a credential - # @param hrn slice to delete - def delete_slice(self, cred, hrn, caller_cred=None): - result = self.server.delete_slice(cred.save_to_string(save_parents=True), hrn, caller_cred) - return result - - # ------------------------------------------------------------------------ - # Slice Interface - # ------------------------------------------------------------------------ - - ## - # Start a slice. - # - # @param cred a credential identifying the caller (callerGID) and the slice - # (objectGID) - - def start_slice(self, cred, hrn): - result = self.server.start_slice(cred.save_to_string(save_parents=True), hrn) - return result - - ## - # Stop a slice. - # - # @param cred a credential identifying the caller (callerGID) and the slice - # (objectGID) - - def stop_slice(self, cred, hrn): - result = self.server.stop_slice(cred.save_to_string(save_parents=True), hrn) - return result - - ## - # Reset a slice. - # - # @param cred a credential identifying the caller (callerGID) and the slice - # (objectGID) - - def reset_slice(self, cred, hrn): - result = self.server.reset_slice(cred.save_to_string(save_parents=True), hrn) - return result - - ## - # Delete a slice. - # - # @param cred a credential identifying the caller (callerGID) and the slice - # (objectGID) - - def delete_slice(self, cred, hrn, caller_cred=None): - result = self.server.delete_slice(cred.save_to_string(save_parents=True), hrn, caller_cred) - return result - - ## - # List the slices on a component. - # - # @param cred credential object that authorizes the caller - # - # @return a list of slice names - - def get_slices(self, cred): - result = self.server.get_slices(cred.save_to_string(save_parents=True)) - return result - - ## - # Retrieve a ticket. This operation is currently implemented on the - # registry (see SFA, engineering decisions), and is not implemented on - # components. - # - # The ticket is filled in with information from the PLC database. This - # information includes resources, and attributes such as user keys and - # initscripts. - # - # @param cred credential object - # @param name name of the slice to retrieve a ticket for - # @param rspec resource specification dictionary - # - # @return a ticket object - - def get_ticket(self, cred, name, rspec): - ticket_str = self.server.get_ticket(cred.save_to_string(save_parents=True), name, rspec) - ticket = SfaTicket(string=ticket_str) - return ticket - - ## - # Redeem a ticket. This operation is currently implemented on the - # component. - # - # The ticket is submitted to the node manager, and the slice is instantiated - # or updated as appropriate. - # - # TODO: This operation should return a sliver credential and indicate - # whether or not the component will accept only sliver credentials, or - # will accept both sliver and slice credentials. - # - # @param ticket a ticket object containing the ticket - - def redeem_ticket(self, ticket): - result = self.server.redeem_ticket(ticket.save_to_string(save_parents=True)) - return result - - - def remove_remote_object(self, cred, hrn, record): - result = self.server.remove_remote_object(cred.save_to_string(save_parents=True), hrn, record) - return result diff --git a/sfa/util/componentserver.py b/sfa/util/componentserver.py index 542b4be0..50c312e0 100644 --- a/sfa/util/componentserver.py +++ b/sfa/util/componentserver.py @@ -18,12 +18,13 @@ import BaseHTTPServer import SimpleHTTPServer import SimpleXMLRPCServer from OpenSSL import SSL + +from sfa.util.sfalogging import sfa_logger from sfa.trust.certificate import Keypair, Certificate from sfa.trust.credential import * from sfa.util.faults import * from sfa.plc.api import ComponentAPI from sfa.util.server import verify_callback, ThreadedServer -from sfa.util.debug import log ## @@ -73,7 +74,7 @@ class SecureXMLRpcRequestHandler(SimpleXMLRPCServer.SimpleXMLRPCRequestHandler): # internal error, report as HTTP server error self.send_response(500) self.end_headers() - traceback.print_exc() + sfa_logger.log_exc("componentserver.SecureXMLRpcRequestHandler.do_POST") else: # got a valid XML RPC response self.send_response(200) diff --git a/sfa/util/config.py b/sfa/util/config.py index 923df4f4..a3fe098e 100644 --- a/sfa/util/config.py +++ b/sfa/util/config.py @@ -20,8 +20,6 @@ import os.path import traceback -from sfa.util.debug import log - class Config: """ Parse the bash/Python/PHP version of the configuration file. Very diff --git a/sfa/util/debug.py b/sfa/util/debug.py deleted file mode 100644 index e5f6f3fb..00000000 --- a/sfa/util/debug.py +++ /dev/null @@ -1,57 +0,0 @@ -### $Id$ -### $URL$ - -import time -import sys -import syslog - -class unbuffered: - """ - Write to /var/log/httpd/error_log. See - - http://www.modpython.org/FAQ/faqw.py?req=edit&file=faq02.003.htp - """ - - def write(self, data): - sys.stderr.write(data) - sys.stderr.flush() - -log = unbuffered() - -def profile(callable): - """ - Prints the runtime of the specified callable. Use as a decorator, e.g., - - @profile - def foo(...): - ... - - Or, equivalently, - - def foo(...): - ... - foo = profile(foo) - - Or inline: - - result = profile(foo)(...) - """ - - def wrapper(*args, **kwds): - start = time.time() - result = callable(*args, **kwds) - end = time.time() - args = map(str, args) - args += ["%s = %s" % (name, str(value)) for (name, value) in kwds.items()] - print >> log, "%s (%s): %f s" % (callable.__name__, ", ".join(args), end - start) - return result - - return wrapper - -if __name__ == "__main__": - def sleep(seconds = 1): - time.sleep(seconds) - - sleep = profile(sleep) - - sleep(1) diff --git a/sfa/util/filter.py b/sfa/util/filter.py index bc22f1b5..2a3b8953 100644 --- a/sfa/util/filter.py +++ b/sfa/util/filter.py @@ -214,5 +214,4 @@ class Filter(Parameter, dict): clip_part += " ORDER BY " + ",".join(sorts) if clips: clip_part += " " + " ".join(clips) -# print 'where_part=',where_part,'clip_part',clip_part return (where_part,clip_part) diff --git a/sfa/util/method.py b/sfa/util/method.py index 484b77b3..ec9440e5 100644 --- a/sfa/util/method.py +++ b/sfa/util/method.py @@ -14,11 +14,10 @@ import textwrap import xmlrpclib -import sfa.util.sfalogging +from sfa.util.sfalogging import sfa_logger from sfa.util.faults import * from sfa.util.parameter import Parameter, Mixed, python_type, xmlrpc_type from sfa.trust.auth import Auth -#from sfa.util.debug import profile, log # we inherit object because we use new-style classes for legacy methods class Method (object): @@ -92,10 +91,8 @@ class Method (object): runtime = time.time() - start if self.api.config.SFA_API_DEBUG or hasattr(self, 'message'): - msg=getattr(self,'message',"method %s completed"%methodname) - sfa.util.sfalogging.logger.info(msg) - # XX print to some log file - # print >> log, "some output" + msg=getattr(self,'message',"method %s completed in %02f s"%(methodname,runtime)) + sfa_logger.info(msg) return result @@ -106,9 +103,7 @@ class Method (object): # Prepend caller and method name to expected faults fault.faultString = caller + ": " + self.name + ": " + fault.faultString runtime = time.time() - start -# if self.api.config.SFA_API_DEBUG: -# traceback.print_exc() - sfa.util.sfalogging.log_exc("Method %s raised an exception"%self.name) + sfa_logger.log_exc("Method %s raised an exception"%self.name) raise fault diff --git a/sfa/util/namespace.py b/sfa/util/namespace.py index 89a9903d..93186c96 100644 --- a/sfa/util/namespace.py +++ b/sfa/util/namespace.py @@ -19,9 +19,9 @@ def get_authority(xrn): def hrn_to_pl_slicename(hrn): # remove any escaped no alpah numeric characters #hrn = re.sub('\\\[^a-zA-Z0-9]', '', hrn) - # remove any escaped '.' (i.e. '\.') - hrn = hrn.replace('\\.', '') - parts = hrn.split(".") + # remove any escaped '.' (i.e. '\.') + hrn = hrn.replace('\\.', '') + parts = hrn.split(".") return parts[-2] + "_" + parts[-1] # assuming hrn is the hrn of an authority, return the plc authority name diff --git a/sfa/util/policy.py b/sfa/util/policy.py index 2ff4fc42..aa68f430 100644 --- a/sfa/util/policy.py +++ b/sfa/util/policy.py @@ -4,7 +4,6 @@ import os from sfa.util.storage import * -from sfa.util.debug import log class Policy(SimpleStorage): diff --git a/sfa/util/record.py b/sfa/util/record.py index 6af31197..87360be6 100644 --- a/sfa/util/record.py +++ b/sfa/util/record.py @@ -11,7 +11,6 @@ from types import StringTypes from sfa.trust.gid import * -import sfa.util.report from sfa.util.rspec import * from sfa.util.parameter import * from sfa.util.namespace import * diff --git a/sfa/util/report.py b/sfa/util/report.py deleted file mode 100644 index 9a882f07..00000000 --- a/sfa/util/report.py +++ /dev/null @@ -1,11 +0,0 @@ -def trace(x, logger=None): - if logger: - logger.info(x) - else: - print x - -def error(x, logger=None): - if logger: - logger.error(x) - else: - print x diff --git a/sfa/util/rspec.py b/sfa/util/rspec.py index eedc7f5b..aab5592e 100644 --- a/sfa/util/rspec.py +++ b/sfa/util/rspec.py @@ -10,6 +10,7 @@ from types import StringTypes, ListType from lxml import etree from StringIO import StringIO +from sfa.util.sfalogging import sfa_logger class RSpec: @@ -234,15 +235,14 @@ class RSpec: except Exception, e: # logging.debug("%s: web file not found" % xsdURI) # logging.debug("Using local file %s" % self.xsd") - print e - print "Can't find %s on the web. Continuing." % xsdURI + sfa_logger.log_exc("rspec.parseXSD: can't find %s on the web. Continuing." % xsdURI) if not schemaDom: if os.path.exists(xsdURI): # logging.debug("using local copy.") - print "Using local %s" % xsdURI + sfa_logger.debug("rspec.parseXSD: Using local %s" % xsdURI) schemaDom = minidom.parse(xsdURI) else: - raise Exception("Can't find xsd locally") + raise Exception("rspec.parseXSD: can't find xsd locally") self.schemaDict = self.toDict(schemaDom.childNodes[0]) diff --git a/sfa/util/server.py b/sfa/util/server.py index 505c7889..2d8e13b2 100644 --- a/sfa/util/server.py +++ b/sfa/util/server.py @@ -20,13 +20,11 @@ import SimpleXMLRPCServer from OpenSSL import SSL from Queue import Queue -#import sfa.util.sfalogging from sfa.trust.certificate import Keypair, Certificate from sfa.trust.credential import * from sfa.util.faults import * from sfa.plc.api import SfaAPI from sfa.util.cache import Cache -#from sfa.util.debug import log ## # Verification callback for pyOpenSSL. We do our own checking of keys because # we have our own authentication spec. Thus we disable several of the normal @@ -111,7 +109,7 @@ class SecureXMLRpcRequestHandler(SimpleXMLRPCServer.SimpleXMLRPCRequestHandler): except Exception, fault: # This should only happen if the module is buggy # internal error, report as HTTP server error - traceback.print_exc() + sfa_error.log_exc("server.do_POST") response = self.api.prepare_response(fault) #self.send_response(500) #self.end_headers() diff --git a/sfa/util/sfalogging.py b/sfa/util/sfalogging.py old mode 100644 new mode 100755 index 006250c3..720e57d3 --- a/sfa/util/sfalogging.py +++ b/sfa/util/sfalogging.py @@ -1,38 +1,116 @@ -import logging +#!/usr/bin/python + import os import traceback +import logging, logging.handlers + +# a logger that can handle tracebacks +class _SfaLogger: + def __init__ (self,logfile=None,loggername=None,level=logging.INFO): + # default is to locate loggername from the logfile if avail. + if not logfile: + loggername='console' + handler=logging.StreamHandler() + handler.setFormatter(logging.Formatter("%(message)s")) + else: + if not loggername: + loggername=os.path.basename(logfile) + try: + handler=logging.handlers.RotatingFileHandler(logfile,maxBytes=1000000, backupCount=5) + except IOError: + # This is usually a permissions error becaue the file is + # owned by root, but httpd is trying to access it. + tmplogfile=os.getenv("TMPDIR", "/tmp") + os.path.sep + os.path.basename(logfile) + handler=logging.handlers.RotatingFileHandler(tmplogfile,maxBytes=1000000, backupCount=5) + handler.setFormatter(logging.Formatter("%(asctime)s - %(levelname)s - %(message)s")) + + self.logger=logging.getLogger(loggername) + self.logger.setLevel(level) + self.logger.addHandler(handler) -#SFA access log initialization -TMPDIR = os.getenv("TMPDIR", "/tmp") -SFA_HTTPD_ACCESS_LOGFILE = TMPDIR + "/" + 'sfa_httpd_access.log' -SFA_ACCESS_LOGFILE='/var/log/sfa_access.log' -logger=logging.getLogger() -#logger.setLevel(logging.INFO) -logger.setLevel(logging.DEBUG) - -try: - logfile=logging.FileHandler(SFA_ACCESS_LOGFILE) -except IOError: - # This is usually a permissions error becaue the file is - # owned by root, but httpd is trying to access it. - logfile=logging.FileHandler(SFA_HTTPD_ACCESS_LOGFILE) + def setLevel(self,level): + self.logger.setLevel(level) + + #################### + def wrap(fun): + def wrapped(self,msg,*args,**kwds): + native=getattr(self.logger,fun.__name__) + return native(msg,*args,**kwds) + #wrapped.__doc__=native.__doc__ + return wrapped + + @wrap + def critical(): pass + @wrap + def error(): pass + @wrap + def warning(): pass + @wrap + def info(): pass + @wrap + def debug(): pass + + # logs an exception - use in an except statement + def log_exc(self,message): + self.error("%s BEG TRACEBACK"%message+"\n"+traceback.format_exc().strip("\n")) + self.error("%s END TRACEBACK"%message) -formatter = logging.Formatter("%(asctime)s - %(levelname)s - %(message)s") -logfile.setFormatter(formatter) -logger.addHandler(logfile) -def get_sfa_logger(): - return logger - -# logs an exception - use in an except statement -def log_exc(message): - logger.error("%s BEG TRACEBACK"%message+"\n"+traceback.format_exc().strip("\n")) - logger.error("%s END TRACEBACK"%message) + def log_exc_critical(self,message): + self.critical("%s BEG TRACEBACK"%message+"\n"+traceback.format_exc().strip("\n")) + self.critical("%s END TRACEBACK"%message) + # for investigation purposes, can be placed anywhere + def log_stack(self,message): + to_log="".join(traceback.format_stack()) + self.debug("%s BEG STACK"%message+"\n"+to_log) + self.debug("%s END STACK"%message) -# for investigation purposes, can be placed anywhere -def log_stack(message): - to_log="".join(traceback.format_stack()) - logger.debug("%s BEG STACK"%message+"\n"+to_log) - logger.debug("%s END STACK"%message) +sfa_logger=_SfaLogger(logfile='/var/log/sfa.log') +sfa_import_logger=_SfaLogger(logfile='/var/log/sfa_import.log') +console_logger=_SfaLogger() + +######################################## +import time + +def profile(logger): + """ + Prints the runtime of the specified callable. Use as a decorator, e.g., + + @profile(logger) + def foo(...): + ... + """ + def logger_profile(callable): + def wrapper(*args, **kwds): + start = time.time() + result = callable(*args, **kwds) + end = time.time() + args = map(str, args) + args += ["%s = %s" % (name, str(value)) for (name, value) in kwds.items()] + # should probably use debug, but then debug is not always enabled + logger.info("PROFILED %s (%s): %.02f s" % (callable.__name__, ", ".join(args), end - start)) + return result + return wrapper + return logger_profile + + +if __name__ == '__main__': + print 'testing sfalogging into logger.log' + logger=_SfaLogger('logger.log') + logger.critical("logger.critical") + logger.error("logger.error") + logger.warning("logger.warning") + logger.info("logger.info") + logger.debug("logger.debug") + logger.setLevel(logging.DEBUG) + logger.debug("logger.debug again") + @profile(console_logger) + def sleep(seconds = 1): + time.sleep(seconds) + + console_logger.info('console.info') + sleep(0.5) + console_logger.setLevel(logging.DEBUG) + sleep(0.25) diff --git a/sfa/util/table.py b/sfa/util/table.py index 6c68776d..44d0b869 100644 --- a/sfa/util/table.py +++ b/sfa/util/table.py @@ -5,13 +5,11 @@ # # TODO: Use existing PLC database methods? or keep this separate? -import report import pgdb from sfa.util.PostgreSQL import * from sfa.trust.gid import * from sfa.util.record import * -from sfa.util.debug import * from sfa.util.config import * from sfa.util.filter import * diff --git a/sfa/util/xmlrpcprotocol.py b/sfa/util/xmlrpcprotocol.py index 11a4317d..d1fbe1e4 100644 --- a/sfa/util/xmlrpcprotocol.py +++ b/sfa/util/xmlrpcprotocol.py @@ -2,6 +2,8 @@ import xmlrpclib +from sfa.util.sfalogging import sfa_logger, console_logger + ## # ServerException, ExceptionUnmarshaller # @@ -45,10 +47,27 @@ class XMLRPCTransport(xmlrpclib.Transport): parser = xmlrpclib.ExpatParser(unmarshaller) return parser, unmarshaller -def get_server(url, key_file, cert_file, debug=False): +class XMLRPCServerProxy(xmlrpclib.ServerProxy): + def __init__(self, url, transport, allow_none=True, options=None): + self.options = options + verbose = False + if self.options and self.options.debug: + verbose = True + if self.options and hasattr(self.options,'client'): + XMLRPCServerProxy.logger=console_logger + else: + XMLRPCServerProxy.logger=sfa_logger + xmlrpclib.ServerProxy.__init__(self, url, transport, allow_none=allow_none, verbose=verbose) + + def __getattr__(self, attr): + XMLRPCServerProxy.logger.debug("Calling xml-rpc method:%s"%attr) + return xmlrpclib.ServerProxy.__getattr__(self, attr) + + +def get_server(url, key_file, cert_file, options=None): transport = XMLRPCTransport() transport.key_file = key_file transport.cert_file = cert_file - return xmlrpclib.ServerProxy(url, transport, allow_none=True, verbose=debug) + return XMLRPCServerProxy(url, transport, allow_none=True, options=options) diff --git a/tests/testAll.py b/tests/testAll.py index 9990ffce..ac3d47a9 100755 --- a/tests/testAll.py +++ b/tests/testAll.py @@ -1,12 +1,18 @@ -from testRights import * -from testCert import * -from testGid import * -from testCred import * +#!/usr/bin/python +from testNamespace import * +# xxx broken-test +#from testRights import * +# xxx broken-test +#from testCert import * +# xxx broken-test +#from testGid import * +# xxx broken-test +#from testCred import * from testKeypair import * from testMisc import * -from testHierarchy import * +# xxx broken-test +#from testHierarchy import * from testRecord import * -from testTable import * if __name__ == "__main__": unittest.main() diff --git a/tests/testNamespace.py b/tests/testNamespace.py new file mode 100755 index 00000000..7fc5e3c1 --- /dev/null +++ b/tests/testNamespace.py @@ -0,0 +1,38 @@ +#!/usr/bin/python +import sys +import unittest + +from sfa.util.namespace import * + +class TestNamespace(unittest.TestCase): + + hrns=[ + ('plc.princeton.tmack','user'), + ('ple.inria.baris','user'), + ('emulab\.net.slice.jktest','slice'), + ] + + urns=[ + 'urn:publicid:IDN+emulab:net+slice+jktest', + 'urn:publicid:IDN+emulab.net+slice+jktest', + + ] + + def test_hrns(self): + for (h,t) in TestNamespace.hrns: + print 'testing hrn',h,t + urn=hrn_to_urn(h,t) + (h1,t1) = urn_to_hrn(urn) + self.assertEqual(h1,h) + self.assertEqual(t1,t) + if h1!=h or t1!=t: + print "hrn->urn->hrn : MISMATCH with in=(%s,%s) -- out=(%s,%s) -- urn=%s"%(h,t,h1,t1,urn) + + def test_urns(self): + for urn in TestNamespace.urns: + print 'testing urn',urn + (h,t)=urn_to_hrn(urn) + urn1 = hrn_to_urn(h,t) + self.assertEqual(urn1,urn) + if urn1!=urn: + print "urn->hrn->urn : MISMATCH with in=(%s) -- out=(%s) -- hrn=(%s,%s)"%(urn,urn1,h,t) diff --git a/tests/testRecord.py b/tests/testRecord.py index 081a9bf9..0eff8e84 100755 --- a/tests/testRecord.py +++ b/tests/testRecord.py @@ -1,7 +1,7 @@ import unittest import xmlrpclib from sfa.trust.gid import * -from sfa.trust.config import * +from sfa.util.config import * from sfa.util.record import * class TestRecord(unittest.TestCase): diff --git a/tests/testRights.py b/tests/testRights.py index a67a25ff..a65c9ddb 100755 --- a/tests/testRights.py +++ b/tests/testRights.py @@ -30,56 +30,56 @@ class TestRight(unittest.TestCase): self.assert_(not pright.is_superset(cright)) self.assert_(not cright.is_superset(pright)) -class TestRightList(unittest.TestCase): +class TestRights(unittest.TestCase): def setUp(self): pass def testInit(self): # create a blank right list - rightList = RightList() + rightList = Rights() # create a right list with "embed" in it - rightList = RightList(string="embed") + rightList = Rights(string="embed") def testAsString(self): - rightList = RightList() + rightList = Rights() self.assertEqual(rightList.save_to_string(), "") - rightList = RightList(string="embed") + rightList = Rights(string="embed") self.assertEqual(rightList.save_to_string(), "embed") - rightList = RightList(string="embed,resolve") + rightList = Rights(string="embed,resolve") self.assertEqual(rightList.save_to_string(), "embed,resolve") def testCanPerform(self): - rightList = RightList(string="embed") + rightList = Rights(string="embed") self.assert_(rightList.can_perform("getticket")) self.assert_(not rightList.can_perform("resolve")) - rightList = RightList(string="embed,resolve") + rightList = Rights(string="embed,resolve") self.assert_(rightList.can_perform("getticket")) self.assert_(rightList.can_perform("resolve")) def testIsSuperset(self): - pRightList = RightList(string="sa") - cRightList = RightList(string="embed") - self.assert_(pRightList.is_superset(cRightList)) - self.assert_(not cRightList.is_superset(pRightList)) - - pRightList = RightList(string="embed") - cRightList = RightList(string="embed") - self.assert_(pRightList.is_superset(cRightList)) - self.assert_(cRightList.is_superset(pRightList)) - - pRightList = RightList(string="control") - cRightList = RightList(string="embed") - self.assert_(not pRightList.is_superset(cRightList)) - self.assert_(not cRightList.is_superset(pRightList)) - - pRightList = RightList(string="control,sa") - cRightList = RightList(string="embed") - self.assert_(pRightList.is_superset(cRightList)) - self.assert_(not cRightList.is_superset(pRightList)) + pRights = Rights(string="sa") + cRights = Rights(string="embed") + self.assert_(pRights.is_superset(cRights)) + self.assert_(not cRights.is_superset(pRights)) + + pRights = Rights(string="embed") + cRights = Rights(string="embed") + self.assert_(pRights.is_superset(cRights)) + self.assert_(cRights.is_superset(pRights)) + + pRights = Rights(string="control") + cRights = Rights(string="embed") + self.assert_(not pRights.is_superset(cRights)) + self.assert_(not cRights.is_superset(pRights)) + + pRights = Rights(string="control,sa") + cRights = Rights(string="embed") + self.assert_(pRights.is_superset(cRights)) + self.assert_(not cRights.is_superset(pRights)) if __name__ == "__main__":