From 11d02cbfd5e91784119bb9377fceb4fa6adae621 Mon Sep 17 00:00:00 2001 From: Tony Mack Date: Thu, 7 Jan 2010 03:33:24 +0000 Subject: [PATCH] added support for urn name format. urn is the default name format used over the wire --- sfa/managers/aggregate_manager_pl.py | 29 +++++++++------ sfa/managers/component_manager_pl.py | 16 ++++++-- sfa/managers/registry_manager_pl.py | 46 ++++++++++++++--------- sfa/managers/slice_manager_pl.py | 42 ++++++++++++--------- sfa/methods/create_gid.py | 8 ++-- sfa/methods/create_slice.py | 13 ++++--- sfa/methods/delete_slice.py | 14 ++++--- sfa/methods/get_aggregates.py | 8 ++-- sfa/methods/get_credential.py | 13 +++++-- sfa/methods/get_gid.py | 17 +++++++-- sfa/methods/get_gids.py | 8 ++-- sfa/methods/get_key.py | 3 +- sfa/methods/get_registries.py | 8 ++-- sfa/methods/get_resources.py | 10 +++-- sfa/methods/get_self_credential.py | 15 +++++--- sfa/methods/get_ticket.py | 10 +++-- sfa/methods/list.py | 10 +++-- sfa/methods/remove.py | 17 ++++++--- sfa/methods/remove_peer_object.py | 6 +-- sfa/methods/reset_slice.py | 14 ++++--- sfa/methods/resolve.py | 8 ++-- sfa/methods/start_slice.py | 12 +++--- sfa/methods/stop_slice.py | 13 ++++--- sfa/plc/nodes.py | 22 +++++------ sfa/plc/sfa-import-plc.py | 2 +- sfa/plc/slices.py | 17 ++++++--- sfa/trust/gid.py | 27 ++++++++++++-- sfa/trust/hierarchy.py | 55 +++++++++++++++++----------- 28 files changed, 288 insertions(+), 175 deletions(-) diff --git a/sfa/managers/aggregate_manager_pl.py b/sfa/managers/aggregate_manager_pl.py index f890a697..2a1fe0b0 100644 --- a/sfa/managers/aggregate_manager_pl.py +++ b/sfa/managers/aggregate_manager_pl.py @@ -20,7 +20,8 @@ from sfa.util.debug import log from sfa.plc.slices import Slices import sfa.plc.peers as peers -def delete_slice(api, hrn): +def delete_slice(api, xrn): + hrn, type = urn_to_hrn(xrn) slicename = hrn_to_pl_slicename(hrn) slices = api.plshell.GetSlices(api.plauth, {'name': slicename}) if not slices: @@ -36,19 +37,21 @@ def delete_slice(api, hrn): api.plshell.BindObjectToPeer(api.plauth, 'slice', slice['slice_id'], peer, slice['peer_slice_id']) return 1 -def create_slice(api, hrn, rspec): +def create_slice(api, xrn, rspec): + hrn, type = urn_to_hrn(xrn) # XX just import the legacy module and excute that until # we transition the code to this module from sfa.plc.slices import Slices slices = Slices(api) slices.create_slice_aggregate(hrn, rspec) -def get_ticket(api, slice_hrn, rspec, origin_hrn=None): +def get_ticket(api, xrn, rspec, origin_hrn=None): + slice_hrn, type = urn_to_hrn(xrn) # the the slice record registries = Registries(api) registry = registries[api.hrn] credential = api.getCredential() - records = registry.resolve(credential, slice_hrn) + records = registry.resolve(credential, xrn) # make sure we get a local slice record record = None @@ -87,7 +90,8 @@ def get_ticket(api, slice_hrn, rspec, origin_hrn=None): return new_ticket.save_to_string(save_parents=True) -def start_slice(api, hrn): +def start_slice(api, xrn): + hrn, type = urn_to_hrn(xrn) slicename = hrn_to_pl_slicename(hrn) slices = api.plshell.GetSlices(api.plauth, {'name': slicename}, ['slice_id']) if not slices: @@ -99,7 +103,8 @@ def start_slice(api, hrn): return 1 -def stop_slice(api, hrn): +def stop_slice(api, xrn): + hrn, type = urn_to_hrn(xrn) slicename = hrn_to_pl_slicename(hrn) slices = api.plshell.GetSlices(api.plauth, {'name': slicename}, ['slice_id']) if not slices: @@ -110,7 +115,7 @@ def stop_slice(api, hrn): api.plshell.UpdateSliceTag(api.plauth, attribute_id, "0") return 1 -def reset_slice(api, hrn): +def reset_slice(api, xrn): # XX not implemented at this interface return 1 @@ -120,14 +125,14 @@ def get_slices(api): from sfa.plc.slices import Slices slices = Slices(api) slices.refresh() - return slices['hrn'] + return [hrn_to_urn(slice_hrn, 'slice') for slice_hrn in slices['hrn']] -def get_rspec(api, hrn=None, origin_hrn=None): +def get_rspec(api, xrn=None, origin_hrn=None): from sfa.plc.nodes import Nodes nodes = Nodes(api, origin_hrn=origin_hrn) if hrn: - rspec = nodes.get_rspec(hrn) + rspec = nodes.get_rspec(xrn) else: nodes.refresh() rspec = nodes['rspec'] @@ -139,7 +144,9 @@ Returns the request context required by sfatables. At some point, this mechanism to refer to "contexts", which is the information that sfatables is requesting. But for now, we just return the basic information needed in a dict. """ -def fetch_context(slice_hrn, user_hrn, contexts): +def fetch_context(slice_xrn, user_xrn, contexts): + slice_hrn = urn_to_hrn(slice_xrn)[0] + user_hrn = urn_to_hrn(user_xrn)[0] base_context = {'sfa':{'user':{'hrn':user_hrn}}} return base_context diff --git a/sfa/managers/component_manager_pl.py b/sfa/managers/component_manager_pl.py index 3a6df6cc..ae1fc138 100644 --- a/sfa/managers/component_manager_pl.py +++ b/sfa/managers/component_manager_pl.py @@ -17,16 +17,24 @@ def init_server(): -def start_slice(api, slicename): +def start_slice(api, xrn): + hrn, type = urn_to_hrn(xrn) + slicename = hrn_to_pl_slicename(hrn) api.nodemanger.Start(slicename) -def stop_slice(api, slicename): +def stop_slice(api, xrn): + hrn, type = urn_to_hrn(xrn) + slicename = hrn_to_pl_slicename(hrn) api.nodemanager.Stop(slicename) -def delete_slice(api, slicename): +def delete_slice(api, xrn): + hrn, type = urn_to_hrn(xrn) + slicename = hrn_to_pl_slicename(hrn) api.nodemanager.Destroy(slicename) -def reset_slice(api, slicename): +def reset_slice(api, xrn): + hrn, type = urn_to_hrn(xrn) + slicename = hrn_to_pl_slicename(hrn) if not api.sliver_exists(slicename): raise SliverDoesNotExist(slicename) api.nodemanager.ReCreate(slicename) diff --git a/sfa/managers/registry_manager_pl.py b/sfa/managers/registry_manager_pl.py index 584f580a..985cd319 100644 --- a/sfa/managers/registry_manager_pl.py +++ b/sfa/managers/registry_manager_pl.py @@ -11,7 +11,12 @@ from sfa.trust.credential import * from sfa.trust.certificate import * from sfa.util.faults import * -def get_credential(api, hrn, type, is_self=False): +def get_credential(api, xrn, type, is_self=False): + # convert xrn to hrn + if type: + hrn = urn_to_hrn(xrn)[0] + else: + hrn, type = urn_to_hrn(xrn) # Is this a root or sub authority auth_hrn = api.auth.get_authority(hrn) if not auth_hrn or hrn == api.config.SFA_INTERFACE_HRN: @@ -58,28 +63,28 @@ def get_credential(api, hrn, type, is_self=False): return new_cred.save_to_string(save_parents=True) -def resolve(api, hrns, type=None, origin_hrn=None): +def resolve(api, xrns, type=None, origin_hrn=None): # load all know registry names into a prefix tree and attempt to find # the longest matching prefix if not isinstance(hrns, types.ListType): - hrns = [hrns] + xrns = [xrns] # create a dict whre key is an registry hrn and its value is a # hrns at that registry (determined by the known prefix tree). - hrn_dict = {} + xrn_dict = {} registries = Registries(api) tree = prefixTree() registry_hrns = registries.keys() tree.load(registry_hrns) - for hrn in hrns: - registry_hrn = tree.best_match(hrn) + for xrn in xrns: + registry_hrn = tree.best_match(urn_to_hrn(xrn)[0]) if registry_hrn not in hrn_dict: - hrn_dict[registry_hrn] = [] - hrn_dict[registry_hrn].append(hrn) + xrn_dict[registry_hrn] = [] + xrn_dict[registry_hrn].append(xrn) records = [] - for registry_hrn in hrn_dict: + for registry_hrn in xrn_dict: # skip the hrn without a registry hrn # XX should we let the user know the authority is unknown? if not registry_hrn: @@ -87,10 +92,10 @@ def resolve(api, hrns, type=None, origin_hrn=None): # if the best match (longest matching hrn) is not the local registry, # forward the request - hrns = hrn_dict[registry_hrn] + xrns = xrn_dict[registry_hrn] if registry_hrn != api.hrn: credential = api.getCredential() - peer_records = registries[registry_hrn].resolve(credential, hrn, origin_hrn) + peer_records = registries[registry_hrn].resolve(credential, xrns, origin_hrn) records.extend([SfaRecord(dict=record).as_dict() for record in peer_records]) # try resolving the remaining unfound records at the local registry @@ -116,26 +121,27 @@ def resolve(api, hrns, type=None, origin_hrn=None): return records -def list(api, hrn): +def list(api, xrn): + hrn, type = hrn_to_urn(xrn) # load all know registry names into a prefix tree and attempt to find # the longest matching prefix records = [] registries = Registries(api) - hrns = registries.keys() + registry_hrns = registries.keys() tree = prefixTree() - tree.load(hrns) + tree.load(registry_hrns) registry_hrn = tree.best_match(hrn) #if there was no match then this record belongs to an unknow registry if not registry_hrn: - raise MissingAuthority(hrn) + raise MissingAuthority(xrn) # if the best match (longest matching hrn) is not the local registry, # forward the request records = [] if registry_hrn != api.hrn: credential = api.getCredential() - record_list = registries[registry_hrn].list(credential, hrn, origin_hrn) + record_list = registries[registry_hrn].list(credential, xrn, origin_hrn) records = [SfaRecord(dict=record).as_dict() for record in record_list] # if we still havnt found the record yet, try the local registry @@ -343,7 +349,13 @@ def update(api, record_dict): return 1 -def remove(api, hrn, type, origin_hrn=None): +def remove(api, xrn, type, origin_hrn=None): + # convert xrn to hrn + if type: + hrn = urn_to_hrn(xrn)[0] + else: + hrn, type = urn_to_hrn(xrn) + table = SfaTable() filter = {'hrn': hrn} if type not in ['all', '*']: diff --git a/sfa/managers/slice_manager_pl.py b/sfa/managers/slice_manager_pl.py index dd80ddd7..a897f8d1 100644 --- a/sfa/managers/slice_manager_pl.py +++ b/sfa/managers/slice_manager_pl.py @@ -21,21 +21,22 @@ from sfa.server.registry import Registries from sfa.server.aggregate import Aggregates import sfa.plc.peers as peers -def delete_slice(api, hrn, origin_hrn=None): +def delete_slice(api, xrn, origin_hrn=None): credential = api.getCredential() aggregates = Aggregates(api) for aggregate in aggregates: success = False # request hash is optional so lets try the call without it try: - aggregates[aggregate].delete_slice(credential, hrn, origin_hrn) + aggregates[aggregate].delete_slice(credential, xrn, origin_hrn) success = True except: print >> log, "%s" % (traceback.format_exc()) print >> log, "Error calling delete slice at aggregate %s" % aggregate return 1 -def create_slice(api, hrn, rspec, origin_hrn=None): +def create_slice(api, xrn, rspec, origin_hrn=None): + hrn, type = urn_to_hrn(xrn) spec = RSpec() tempspec = RSpec() spec.parseString(rspec) @@ -63,6 +64,7 @@ def create_slice(api, hrn, rspec, origin_hrn=None): #print "aggregates:", aggregates.keys() # send each rspec to the appropriate aggregate/sm for net_hrn in rspecs: + net_urn = hrn_to_urn(net_hrn, 'authority') try: # if we are directly connected to the aggregate then we can just # send them the rspec. if not, then we may be connected to an sm @@ -70,17 +72,17 @@ def create_slice(api, hrn, rspec, origin_hrn=None): if net_hrn in aggregates: # send the whloe rspec to the local aggregate if net_hrn in [api.hrn]: - aggregates[net_hrn].create_slice(credential, hrn, rspec, \ + aggregates[net_hrn].create_slice(credential, xrn, rspec, \ origin_hrn) else: - aggregates[net_hrn].create_slice(credential, hrn, \ + aggregates[net_hrn].create_slice(credential, xrn, \ rspecs[net_hrn], origin_hrn) else: # lets forward this rspec to a sm that knows about the network for aggregate in aggregates: network_found = aggregates[aggregate].get_aggregates(credential, net_hrn) if network_found: - aggregates[aggregate].create_slice(credential, hrn, \ + aggregates[aggregate].create_slice(credential, xrn, \ rspecs[net_hrn], origin_hrn) except: @@ -89,8 +91,8 @@ def create_slice(api, hrn, rspec, origin_hrn=None): traceback.print_exc() return 1 -def get_ticket(api, slice_hrn, rspec, origin_hrn=None): - +def get_ticket(api, xrn, rspec, origin_hrn=None): + slice_hrn, type = urn_to_hrn(xrn) # get the netspecs contained within the clients rspec client_rspec = RSpec(xml=rspec) netspecs = client_rspec.getDictsByTagName('NetSpec') @@ -110,19 +112,20 @@ def get_ticket(api, slice_hrn, rspec, origin_hrn=None): aggregates = Aggregates(api) credential = api.getCredential() tickets = {} - for net_hrn in rspecs: + for net_hrn in rspecs: + net_urn = urn_to_hrn(net_hrn, 'authority') try: # if we are directly connected to the aggregate then we can just # send them the request. if not, then we may be connected to an sm # thats connected to the aggregate if net_hrn in aggregates: - ticket = aggregates[net_hrn].get_ticket(credential, slice_hrn, \ + ticket = aggregates[net_hrn].get_ticket(credential, xrn, \ rspecs[net_hrn], origin_hrn) tickets[net_hrn] = ticket else: # lets forward this rspec to a sm that knows about the network for agg in aggregates: - network_found = aggregates[agg].get_aggregates(credential, net_hrn) + network_found = aggregates[agg].get_aggregates(credential, )net_urn if network_found: ticket = aggregates[aggregate].get_ticket(credential, \ slice_hrn, rspecs[net_hrn], origin_hrn) @@ -160,7 +163,8 @@ def get_ticket(api, slice_hrn, rspec, origin_hrn=None): new_ticket.sign() return new_ticket.save_to_string(save_parents=True) -def start_slice(api, hrn): +def start_slice(api, xrn): + hrn, type = urn_to_hrn(xrn) slicename = hrn_to_pl_slicename(hrn) slices = api.plshell.GetSlices(api.plauth, {'name': slicename}, ['slice_id']) if not slices: @@ -172,7 +176,8 @@ def start_slice(api, hrn): return 1 -def stop_slice(api, hrn): +def stop_slice(api, xrn): + hrn, type = urn_to_hrn(xrn) slicename = hrn_to_pl_slicename(hrn) slices = api.plshell.GetSlices(api.plauth, {'name': slicename}, ['slice_id']) if not slices: @@ -183,7 +188,7 @@ def stop_slice(api, hrn): api.plshell.UpdateSliceTag(api.plauth, attribute_id, "0") return 1 -def reset_slice(api, hrn): +def reset_slice(api, xrn): # XX not implemented at this interface return 1 @@ -193,13 +198,14 @@ def get_slices(api): from sfa.plc.slices import Slices slices = Slices(api) slices.refresh() - return slices['hrn'] + return [hrn_to_urn(slice_hrn, 'slice') for slice_hrn in slices['hrn']] -def get_rspec(api, hrn=None, origin_hrn=None): +def get_rspec(api, xrn=None, origin_hrn=None): + from sfa.plc.nodes import Nodes nodes = Nodes(api, origin_hrn=origin_hrn) if hrn: - rspec = nodes.get_rspec(hrn) + rspec = nodes.get_rspec(xrn) else: nodes.refresh() rspec = nodes['rspec'] @@ -212,6 +218,8 @@ to refer to "contexts", which is the information that sfatables is requesting. B return the basic information needed in a dict. """ def fetch_context(slice_hrn, user_hrn, contexts): + slice_hrn = urn_to_hrn(slice_xrn)[0] + user_hrn = urn_to_hrn(user_xrn)[0] base_context = {'sfa':{'user':{'hrn':user_hrn}}} return base_context diff --git a/sfa/methods/create_gid.py b/sfa/methods/create_gid.py index 594d09e7..c9272045 100644 --- a/sfa/methods/create_gid.py +++ b/sfa/methods/create_gid.py @@ -28,7 +28,7 @@ class create_gid(Method): accepts = [ Parameter(str, "Credential string"), - Parameter(str, "Human readable name (hrn) or (urn)"), + Parameter(str, "Human readable name (hrn or urn)"), Mixed(Parameter(str, "Unique identifier for new GID (uuid)"), Parameter(None, "Unique identifier (uuid) not specified")), Parameter(str, "public-key string") @@ -36,10 +36,10 @@ class create_gid(Method): returns = Parameter(str, "String represeneation of a GID object") - def call(self, cred, hrn_or_urn, uuid, pubkey_str): + def call(self, cred, xrn, uuid, pubkey_str): # convert urn to hrn - hrn, type = hrn_to_urn(hrn_or_urn) + hrn, type = hrn_to_urn(xrn) # validate the credential self.api.auth.check(cred, "getcredential") @@ -51,6 +51,6 @@ class create_gid(Method): pkey = Keypair() pkey.load_pubkey_from_string(pubkey_str) - gid = self.api.auth.hierarchy.create_gid(hrn, uuid, pkey) + gid = self.api.auth.hierarchy.create_gid(xrn, uuid, pkey) return gid.save_to_string(save_parents=True) diff --git a/sfa/methods/create_slice.py b/sfa/methods/create_slice.py index 5bad7f8a..7c837405 100644 --- a/sfa/methods/create_slice.py +++ b/sfa/methods/create_slice.py @@ -2,6 +2,7 @@ ### $URL$ from sfa.util.faults import * +from sfa.util.namespace import * from sfa.util.method import Method from sfa.util.parameter import Parameter, Mixed from sfa.trust.auth import Auth @@ -18,7 +19,7 @@ class create_slice(Method): Instantiate the specified slice according to whats defined in the specified rspec @param cred credential string specifying the rights of the caller - @param hrn human readable name of slice to instantiate + @param hrn human readable name of slice to instantiate (hrn or xrn) @param rspec resource specification @return 1 is successful, faults otherwise """ @@ -27,7 +28,7 @@ class create_slice(Method): accepts = [ Parameter(str, "Credential string"), - Parameter(str, "Human readable name of slice to instantiate"), + Parameter(str, "Human readable name of slice to instantiate (hrn or xrn)"), Parameter(str, "Resource specification"), Mixed(Parameter(str, "Human readable name of the original caller"), Parameter(None, "Origin hrn not specified")) @@ -35,9 +36,9 @@ class create_slice(Method): returns = Parameter(int, "1 if successful") - def call(self, cred, hrn, requested_rspec, origin_hrn=None): + def call(self, cred, xrn, requested_rspec, origin_hrn=None): + hrn, type = urn_to_hrn(xrn) user_cred = Credential(string=cred) - #log the call if not origin_hrn: origin_hrn = user_cred.get_gid_caller().get_hrn() @@ -75,11 +76,11 @@ class create_slice(Method): mgr_type = self.api.config.SFA_AGGREGATE_TYPE manager_module = manager_base + ".aggregate_manager_%s" % mgr_type manager = __import__(manager_module, fromlist=[manager_base]) - manager.create_slice(self.api, hrn, rspec) + manager.create_slice(self.api, xrn, rspec) elif self.api.interface in ['slicemgr']: mgr_type = self.api.config.SFA_SM_TYPE manager_module = manager_base + ".slice_manager_%s" % mgr_type manager = __import__(manager_module, fromlist=[manager_base]) - manager.create_slice(self.api, hrn, rspec, origin_hrn) + manager.create_slice(self.api, xrn, rspec, origin_hrn) return 1 diff --git a/sfa/methods/delete_slice.py b/sfa/methods/delete_slice.py index 8e413c12..78baafac 100644 --- a/sfa/methods/delete_slice.py +++ b/sfa/methods/delete_slice.py @@ -2,6 +2,7 @@ ### $URL$ from sfa.util.faults import * +from sfa.util.namespace import * from sfa.util.method import Method from sfa.util.parameter import Parameter, Mixed from sfa.trust.auth import Auth @@ -12,7 +13,7 @@ class delete_slice(Method): Remove the slice from all nodes. @param cred credential string specifying the rights of the caller - @param hrn human readable name specifying the slice to delete + @param xrn human readable name specifying the slice to delete (hrn or urn) @return 1 if successful, faults otherwise """ @@ -20,14 +21,15 @@ class delete_slice(Method): accepts = [ Parameter(str, "Credential string"), - Parameter(str, "Human readable name of slice to delete"), + Parameter(str, "Human readable name of slice to delete (hrn or urn)"), Mixed(Parameter(str, "Human readable name of the original caller"), Parameter(None, "Origin hrn not specified")) ] returns = Parameter(int, "1 if successful") - def call(self, cred, hrn, origin_hrn=None): + def call(self, cred, xrn, origin_hrn=None): + hrn, type = urn_to_hrn(xrn) user_cred = Credential(string=cred) #log the call @@ -44,16 +46,16 @@ class delete_slice(Method): mgr_type = self.api.config.SFA_CM_TYPE manager_module = manager_base + ".component_manager_%s" % mgr_type manager = __import__(manager_module, fromlist=[manager_base]) - manager.delete_slice(self.api, hrn) + manager.delete_slice(self.api, xrn) elif self.api.interface in ['aggregate']: mgr_type = self.api.config.SFA_AGGREGATE_TYPE manager_module = manager_base + ".aggregate_manager_%s" % mgr_type manager = __import__(manager_module, fromlist=[manager_base]) - manager.delete_slice(self.api, hrn) + manager.delete_slice(self.api, xrn) elif self.api.interface in ['slicemgr']: mgr_type = self.api.config.SFA_SM_TYPE manager_module = manager_base + ".slice_manager_%s" % mgr_type manager = __import__(manager_module, fromlist=[manager_base]) - manager.delete_slice(self.api, hrn, origin_hrn) + manager.delete_slice(self.api, xrn, origin_hrn) return 1 diff --git a/sfa/methods/get_aggregates.py b/sfa/methods/get_aggregates.py index 66720d2c..da9859a9 100644 --- a/sfa/methods/get_aggregates.py +++ b/sfa/methods/get_aggregates.py @@ -2,6 +2,7 @@ ### $URL: https://svn.planet-lab.org/svn/sfa/trunk/sfa/methods/get_aggregates.py $ from types import StringTypes from sfa.util.faults import * +from sfa.util.namespace import * from sfa.util.method import Method from sfa.util.parameter import Parameter, Mixed from sfa.trust.auth import Auth @@ -12,7 +13,7 @@ class get_aggregates(Method): Get a list of connection information for all known aggregates. @param cred credential string specifying the rights of the caller - @param a Human readable name (hrn), or list of hrns or None + @param a Human readable name (hrn or urn), or list of hrns or None @return list of dictionaries with aggregate information. """ @@ -20,13 +21,14 @@ class get_aggregates(Method): accepts = [ Parameter(str, "Credential string"), - Mixed(Parameter(str, "Human readable name (hrn)"), + Mixed(Parameter(str, "Human readable name (hrn or urn)"), Parameter(None, "hrn not specified")) ] returns = [Parameter(dict, "Aggregate interface information")] - def call(self, cred, hrn = None): + def call(self, cred, xrn = None): + hrn, type = urn_to_hrn(xrn) self.api.auth.check(cred, 'list') aggregates = Aggregates(self.api) hrn_list = [] diff --git a/sfa/methods/get_credential.py b/sfa/methods/get_credential.py index c11c5671..fd3e7bb9 100644 --- a/sfa/methods/get_credential.py +++ b/sfa/methods/get_credential.py @@ -4,6 +4,7 @@ from sfa.trust.credential import * from sfa.trust.rights import * from sfa.util.faults import * +from sfa.util.namespace import * from sfa.util.method import Method from sfa.util.parameter import Parameter, Mixed from sfa.util.debug import log @@ -15,7 +16,7 @@ class get_credential(Method): @param cred credential object specifying rights of the caller @param type type of object (user | slice | sa | ma | node) - @param hrn human readable name of object + @param hrn human readable name of object (hrn or urn) @return the string representation of a credential object """ @@ -25,12 +26,16 @@ class get_credential(Method): accepts = [ Mixed(Parameter(str, "credential"), Parameter(None, "No credential")), - Parameter(str, "Human readable name (hrn)") + Parameter(str, "Human readable name (hrn or urn)") ] returns = Parameter(str, "String representation of a credential object") - def call(self, cred, type, hrn): + def call(self, cred, type, xrn): + if type: + hrn = urn_to_hrn(xrn)[0] + else: + hrn, type = urn_to_hrn(xrn) self.api.auth.check(cred, 'getcredential') self.api.auth.verify_object_belongs_to_me(hrn) @@ -40,4 +45,4 @@ class get_credential(Method): mgr_type = self.api.config.SFA_REGISTRY_TYPE manager_module = manager_base + ".registry_manager_%s" % mgr_type manager = __import__(manager_module, fromlist=[manager_base]) - return manager.get_credential(self.api, hrn, type) + return manager.get_credential(self.api, xrn, type) diff --git a/sfa/methods/get_gid.py b/sfa/methods/get_gid.py index b3d7c6f1..630221d0 100644 --- a/sfa/methods/get_gid.py +++ b/sfa/methods/get_gid.py @@ -6,6 +6,7 @@ # raise ConnectionKeyGIDMismatch(gid.get_subject()) from sfa.util.faults import * +from sfa.util.namespace import * from sfa.util.method import Method from sfa.util.parameter import Parameter, Mixed from sfa.trust.auth import Auth @@ -17,6 +18,8 @@ class get_gid(Method): Returns the client's gid if one exists @param cert certificate string + @param xrn human readable name (hrn or urn) + @param type object type @return client gid """ @@ -24,14 +27,20 @@ class get_gid(Method): accepts = [ Parameter(str, "Certificate string"), - Parameter(str, "Human readable name (hrn)"), + Parameter(str, "Human readable name (hrn or urn)"), Parameter(str, "Object type") ] returns = Parameter(str, "GID string") - def call(self, cert, hrn, type): - + def call(self, cert, xrn, type): + + # convert xrn to hrn + if type: + hrn = urn_to_hrn(xrn)[0] + else: + hrn, type = urn_to_hrn(xrn) + self.api.auth.verify_object_belongs_to_me(hrn) # resolve the record @@ -39,7 +48,7 @@ class get_gid(Method): mgr_type = self.api.config.SFA_REGISTRY_TYPE manager_module = manager_base + ".registry_manager_%s" % mgr_type manager = __import__(manager_module, fromlist=[manager_base]) - records = manager.resolve(self.api, hrn, type, origin_hrn=hrn) + records = manager.resolve(self.api, xrn, type, origin_hrn=hrn) if not records: raise RecordNotFound(hrn) record = records[0] diff --git a/sfa/methods/get_gids.py b/sfa/methods/get_gids.py index 51590870..1273402d 100644 --- a/sfa/methods/get_gids.py +++ b/sfa/methods/get_gids.py @@ -27,13 +27,13 @@ class get_gids(Method): accepts = [ Parameter(str, "Certificate string"), - Mixed(Parameter(str, "Human readable name (hrn)"), - Parameter(type([str]), "List of Human readable names (hrn)")) + Mixed(Parameter(str, "Human readable name (hrn or xrn)"), + Parameter(type([str]), "List of Human readable names (hrn or xrn)")) ] returns = [Parameter(dict, "Dictionary of gids keyed on hrn")] - def call(self, cred, hrns): + def call(self, cred, xrns): # validate the credential self.api.auth.check(cred, 'getgids') user_cred = Credential(string=cred) @@ -44,7 +44,7 @@ class get_gids(Method): mgr_type = self.api.config.SFA_REGISTRY_TYPE manager_module = manager_base + ".registry_manager_%s" % mgr_type manager = __import__(manager_module, fromlist=[manager_base]) - records = manager.resolve(self.api, hrns, None, origin_hrn=origin_hrn) + records = manager.resolve(self.api, xrns, None, origin_hrn=origin_hrn) if not records: raise RecordNotFound(hrns) diff --git a/sfa/methods/get_key.py b/sfa/methods/get_key.py index c641985b..dc83593d 100644 --- a/sfa/methods/get_key.py +++ b/sfa/methods/get_key.py @@ -45,7 +45,8 @@ class get_key(Method): # generate a new keypair and gid uuid = create_uuid() pkey = Keypair(create=True) - gid_object = self.api.auth.hierarchy.create_gid(record['hrn'], uuid, pkey) + urn = hrn_to_urn(record['hrn'], record['type']) + gid_object = self.api.auth.hierarchy.create_gid(urn, uuid, pkey) gid = gid_object.save_to_string(save_parents=True) record['gid'] = gid record.set_gid(gid) diff --git a/sfa/methods/get_registries.py b/sfa/methods/get_registries.py index dcc259a8..9cbba391 100644 --- a/sfa/methods/get_registries.py +++ b/sfa/methods/get_registries.py @@ -2,6 +2,7 @@ ### $URL: https://svn.planet-lab.org/svn/sfa/trunk/sfa/methods/get_registries.py $ from types import StringTypes from sfa.util.faults import * +from sfa.util.namespace import * from sfa.util.method import Method from sfa.util.parameter import Parameter, Mixed from sfa.trust.auth import Auth @@ -12,7 +13,7 @@ class get_registries(Method): Get a list of connection information for all known registries. @param cred credential string specifying the rights of the caller - @param a Human readable name (hrn), or list of hrns or None + @param a Human readable name (hrn or urn), or list of names or None @return list of dictionaries with aggregate information. """ @@ -20,13 +21,14 @@ class get_registries(Method): accepts = [ Parameter(str, "Credential string"), - Mixed(Parameter(str, "Human readable name (hrn)"), + Mixed(Parameter(str, "Human readable name (hrn or urn)"), Parameter(None, "hrn not specified")) ] returns = [Parameter(dict, "Registry interface information")] - def call(self, cred, hrn = None): + def call(self, cred, xrn = None): + hrn, type = urn_to_hrn(xrn) self.api.auth.check(cred, 'list') registries = Registries(self.api) hrn_list = [] diff --git a/sfa/methods/get_resources.py b/sfa/methods/get_resources.py index a2d945b8..6e93926f 100644 --- a/sfa/methods/get_resources.py +++ b/sfa/methods/get_resources.py @@ -2,6 +2,7 @@ ### $URL$ from sfa.util.faults import * +from sfa.util.namespace import * from sfa.util.method import Method from sfa.util.parameter import Parameter, Mixed from sfa.trust.auth import Auth @@ -26,7 +27,7 @@ class get_resources(Method): accepts = [ Parameter(str, "Credential string"), - Mixed(Parameter(str, "Human readable name (hrn)"), + Mixed(Parameter(str, "Human readable name (hrn or urn)"), Parameter(None, "hrn not specified")), Mixed(Parameter(str, "Human readable name of the original caller"), Parameter(None, "Origin hrn not specified")) @@ -34,7 +35,8 @@ class get_resources(Method): returns = Parameter(str, "String representatin of an rspec") - def call(self, cred, hrn=None, origin_hrn=None): + def call(self, cred, xrn=None, origin_hrn=None): + hrn, type = urn_to_hrn(xrn) user_cred = Credential(string=cred) #log the call @@ -51,13 +53,13 @@ class get_resources(Method): mgr_type = self.api.config.SFA_AGGREGATE_TYPE manager_module = manager_base + ".aggregate_manager_%s" % mgr_type manager = __import__(manager_module, fromlist=[manager_base]) - rspec = manager.get_rspec(self.api, hrn, origin_hrn) + rspec = manager.get_rspec(self.api, xrn, origin_hrn) outgoing_rules = SFATablesRules('OUTGOING') elif self.api.interface in ['slicemgr']: mgr_type = self.api.config.SFA_SM_TYPE manager_module = manager_base + ".slice_manager_%s" % mgr_type manager = __import__(manager_module, fromlist=[manager_base]) - rspec = manager.get_rspec(self.api, hrn, origin_hrn) + rspec = manager.get_rspec(self.api, xrn, origin_hrn) outgoing_rules = SFATablesRules('FORWARD-OUTGOING') filtered_rspec = rspec diff --git a/sfa/methods/get_self_credential.py b/sfa/methods/get_self_credential.py index 49bad017..d200e319 100644 --- a/sfa/methods/get_self_credential.py +++ b/sfa/methods/get_self_credential.py @@ -4,6 +4,7 @@ from sfa.trust.credential import * from sfa.trust.rights import * from sfa.util.faults import * +from sfa.util.namespace import * from sfa.util.method import Method from sfa.util.parameter import Parameter, Mixed from sfa.util.record import SfaRecord @@ -14,7 +15,7 @@ class get_self_credential(Method): Retrive a credential for an object @param cert certificate string @param type type of object (user | slice | sa | ma | node) - @param hrn human readable name of object + @param hrn human readable name of object (hrn or urn) @return the string representation of a credential object """ @@ -23,14 +24,14 @@ class get_self_credential(Method): accepts = [ Parameter(str, "certificate"), - Parameter(str, "Human readable name (hrn)"), + Parameter(str, "Human readable name (hrn or urn)"), Mixed(Parameter(str, "Request hash"), Parameter(None, "Request hash not specified")) ] returns = Parameter(str, "String representation of a credential object") - def call(self, cert, type, hrn, request_hash=None): + def call(self, cert, type, xrn, request_hash=None): """ get_self_credential a degenerate version of get_credential used by a client to get his initial credential when de doesnt have one. This is the same as @@ -46,6 +47,10 @@ class get_self_credential(Method): @param hrn human readable name of authority to list @return string representation of a credential object """ + if type: + hrn = urn_to_hrn(xrn)[0] + else: + hrn, type = urn_to_hrn(xrn) self.api.auth.verify_object_belongs_to_me(hrn) # send the call to the right manager @@ -55,7 +60,7 @@ class get_self_credential(Method): manager = __import__(manager_module, fromlist=[manager_base]) # authenticate the gid - records = manager.resolve(self.api, hrn, type) + records = manager.resolve(self.api, xrn, type) if not records: raise RecordNotFound(hrn) record = SfaRecord(dict=records[0]) @@ -67,4 +72,4 @@ class get_self_credential(Method): if not certificate.is_pubkey(gid.get_pubkey()): raise ConnectionKeyGIDMismatch(gid.get_subject()) - return manager.get_credential(self.api, hrn, type, is_self=True) + return manager.get_credential(self.api, xrn, type, is_self=True) diff --git a/sfa/methods/get_ticket.py b/sfa/methods/get_ticket.py index 314e3595..489bbea4 100644 --- a/sfa/methods/get_ticket.py +++ b/sfa/methods/get_ticket.py @@ -2,6 +2,7 @@ ### $URL$ import time from sfa.util.faults import * +from sfa.util.namespace import * from sfa.util.method import Method from sfa.util.parameter import Parameter, Mixed from sfa.trust.auth import Auth @@ -24,7 +25,7 @@ class get_ticket(Method): initscripts. @param cred credential string - @param name name of the slice to retrieve a ticket for + @param name name of the slice to retrieve a ticket for (hrn or urn) @param rspec resource specification dictionary @return the string representation of a ticket object @@ -34,7 +35,7 @@ class get_ticket(Method): accepts = [ Parameter(str, "Credential string"), - Parameter(str, "Human readable name of slice to retrive a ticket for (hrn)"), + Parameter(str, "Human readable name of slice to retrive a ticket for (hrn or urn)"), Parameter(str, "Resource specification (rspec)"), Mixed(Parameter(str, "Human readable name of the original caller"), Parameter(None, "Origin hrn not specified")) @@ -42,7 +43,8 @@ class get_ticket(Method): returns = Parameter(str, "String represeneation of a ticket object") - def call(self, cred, hrn, rspec, origin_hrn=None): + def call(self, cred, xrn, rspec, origin_hrn=None): + hrn, type = urn_to_hrn(xrn) user_cred = Credential(string=cred) #log the call @@ -81,7 +83,7 @@ class get_ticket(Method): rspec_object = RSpec(xml=rspec) rspec_object.filter(tagname='NodeSpec', attribute='name', whitelist=valid_hostnames) rspec = rspec_object.toxml() - ticket = manager.get_ticket(self.api, hrn, rspec, origin_hrn) + ticket = manager.get_ticket(self.api, xrn, rspec, origin_hrn) return ticket diff --git a/sfa/methods/list.py b/sfa/methods/list.py index 489c0831..9dd54a3d 100644 --- a/sfa/methods/list.py +++ b/sfa/methods/list.py @@ -2,6 +2,7 @@ ### $URL$ from sfa.util.faults import * +from sfa.util.namespace import * from sfa.util.method import Method from sfa.util.parameter import Parameter, Mixed from sfa.util.record import SfaRecord @@ -12,21 +13,22 @@ class list(Method): List the records in an authority. @param cred credential string specifying the rights of the caller - @param hrn human readable name of authority to list + @param hrn human readable name of authority to list (hrn or urn) @return list of record dictionaries """ interfaces = ['registry'] accepts = [ Parameter(str, "Credential string"), - Parameter(str, "Human readable name (hrn)"), + Parameter(str, "Human readable name (hrn or urn)"), Mixed(Parameter(str, "Human readable name of the original caller"), Parameter(None, "Origin hrn not specified")) ] returns = [SfaRecord] - def call(self, cred, hrn, origin_hrn=None): + def call(self, cred, xrn, origin_hrn=None): + hrn, type = urn_to_hrn(xrn) user_cred = Credential(string=cred) #log the call if not origin_hrn: @@ -41,4 +43,4 @@ class list(Method): mgr_type = self.api.config.SFA_REGISTRY_TYPE manager_module = manager_base + ".registry_manager_%s" % mgr_type manager = __import__(manager_module, fromlist=[manager_base]) - return manager.list(self.api, hrn) + return manager.list(self.api, xrn) diff --git a/sfa/methods/remove.py b/sfa/methods/remove.py index 1b1ae989..384b1cfb 100644 --- a/sfa/methods/remove.py +++ b/sfa/methods/remove.py @@ -2,6 +2,7 @@ ### $URL$ from sfa.util.faults import * +from sfa.util.namespace import * from sfa.util.method import Method from sfa.util.parameter import Parameter, Mixed from sfa.util.debug import log @@ -14,7 +15,7 @@ class remove(Method): @param cred credential string @param type record type - @param hrn human readable name of record to remove + @param xrn human readable name of record to remove (hrn or urn) @return 1 if successful, faults otherwise """ @@ -24,16 +25,22 @@ class remove(Method): accepts = [ Parameter(str, "Credential string"), Parameter(str, "Record type"), - Parameter(str, "Human readable name of slice to instantiate"), + Parameter(str, "Human readable name of slice to instantiate (hrn or urn)"), Mixed(Parameter(str, "Human readable name of the original caller"), Parameter(None, "Origin hrn not specified")) ] returns = Parameter(int, "1 if successful") - def call(self, cred, type, hrn, origin_hrn=None): + def call(self, cred, type, xrn, origin_hrn=None): user_cred = Credential(string=cred) - + + # convert xrn to hrn + if type: + hrn = urn_to_hrn(xrn)[0] + else: + hrn, type = urn_to_hrn(xrn) + #log the call if not origin_hrn: origin_hrn = user_cred.get_gid_caller().get_hrn() @@ -48,4 +55,4 @@ class remove(Method): mgr_type = self.api.config.SFA_REGISTRY_TYPE manager_module = manager_base + ".registry_manager_%s" % mgr_type manager = __import__(manager_module, fromlist=[manager_base]) - return manager.remove(self.api, hrn, type, origin_hrn) + return manager.remove(self.api, xrn, type, origin_hrn) diff --git a/sfa/methods/remove_peer_object.py b/sfa/methods/remove_peer_object.py index 32b756ac..b079ff01 100644 --- a/sfa/methods/remove_peer_object.py +++ b/sfa/methods/remove_peer_object.py @@ -50,9 +50,9 @@ class remove_peer_object(Method): hrn, type = record['hrn'], record['type'] records = table.find({'hrn': hrn, 'type': type }) for record in records: - if record['peer_authority']: - self.remove_plc_record(record) - table.remove(record) + if record['peer_authority']: + self.remove_plc_record(record) + table.remove(record) return 1 diff --git a/sfa/methods/reset_slice.py b/sfa/methods/reset_slice.py index 8bb47307..9d0e0f09 100644 --- a/sfa/methods/reset_slice.py +++ b/sfa/methods/reset_slice.py @@ -2,6 +2,7 @@ ### $URL: https://svn.planet-lab.org/svn/sfa/trunk/sfa/methods/reset_slices.py $ from sfa.util.faults import * +from sfa.util.namespace import * from sfa.util.method import Method from sfa.util.parameter import Parameter, Mixed from sfa.trust.auth import Auth @@ -12,7 +13,7 @@ class reset_slice(Method): Reset the specified slice @param cred credential string specifying the rights of the caller - @param hrn human readable name of slice to instantiate + @param xrn human readable name of slice to instantiate (hrn or urn) @return 1 is successful, faults otherwise """ @@ -20,14 +21,15 @@ class reset_slice(Method): accepts = [ Parameter(str, "Credential string"), - Parameter(str, "Human readable name of slice to instantiate"), + Parameter(str, "Human readable name of slice to instantiate (hrn or urn)"), Mixed(Parameter(str, "Human readable name of the original caller"), Parameter(None, "Origin hrn not specified")) ] returns = Parameter(int, "1 if successful") - def call(self, cred, hrn, origin_hrn=None): + def call(self, cred, xrn, origin_hrn=None): + hrn, type = urn_to_hrn(xrn) self.api.auth.check(cred, 'resetslice') # send the call to the right manager manager_base = 'sfa.managers' @@ -35,16 +37,16 @@ class reset_slice(Method): mgr_type = self.api.config.SFA_CM_TYPE manager_module = manager_base + ".component_manager_%s" % mgr_type manager = __import__(manager_module, fromlist=[manager_base]) - manager.reset_slice(self.api, hrn) + manager.reset_slice(self.api, xrn) elif self.api.interface in ['aggregate']: mgr_type = self.api.config.SFA_AGGREGATE_TYPE manager_module = manager_base + ".aggregate_manager_%s" % mgr_type manager = __import__(manager_module, fromlist=[manager_base]) - manager.reset_slice(self.api, hrn) + manager.reset_slice(self.api, xrn) elif self.api.interface in ['slicemgr']: mgr_type = self.api.config.SFA_SM_TYPE manager_module = manager_base + ".slice_manager_%s" % mgr_type manager = __import__(manager_module, fromlist=[manager_base]) - manager.reset_slice(self.api, hrn) + manager.reset_slice(self.api, xrn) return 1 diff --git a/sfa/methods/resolve.py b/sfa/methods/resolve.py index b854d656..1746b4bd 100644 --- a/sfa/methods/resolve.py +++ b/sfa/methods/resolve.py @@ -13,7 +13,7 @@ class resolve(Method): Resolve a record. @param cred credential string authorizing the caller - @param hrn human readable name to resolve + @param hrn human readable name to resolve (hrn or urn) @return a list of record dictionaries or empty list """ @@ -21,13 +21,13 @@ class resolve(Method): accepts = [ Parameter(str, "Credential string"), - Mixed(Parameter(str, "Human readable name (hrn)"), + Mixed(Parameter(str, "Human readable name (hrn or urn)"), Parameter(list, "List of Human readable names ([hrn])")) ] returns = [SfaRecord] - def call(self, cred, hrn, origin_hrn=None): + def call(self, cred, xrn, origin_hrn=None): user_cred = Credential(string=cred) #log the call @@ -42,7 +42,7 @@ class resolve(Method): mgr_type = self.api.config.SFA_REGISTRY_TYPE manager_module = manager_base + ".registry_manager_%s" % mgr_type manager = __import__(manager_module, fromlist=[manager_base]) - return manager.resolve(self.api, hrn, origin_hrn=origin_hrn) + return manager.resolve(self.api, xrn, origin_hrn=origin_hrn) diff --git a/sfa/methods/start_slice.py b/sfa/methods/start_slice.py index f145f282..cbd7f4d5 100644 --- a/sfa/methods/start_slice.py +++ b/sfa/methods/start_slice.py @@ -13,7 +13,7 @@ class start_slice(Method): Start the specified slice @param cred credential string specifying the rights of the caller - @param hrn human readable name of slice to instantiate + @param hrn human readable name of slice to instantiate (urn or hrn) @return 1 is successful, faults otherwise """ @@ -21,14 +21,14 @@ class start_slice(Method): accepts = [ Parameter(str, "Credential string"), - Parameter(str, "Human readable name of slice to instantiate"), + Parameter(str, "Human readable name of slice to instantiate (urn or hrn)"), Mixed(Parameter(str, "Human readable name of the original caller"), Parameter(None, "Origin hrn not specified")) ] returns = [Parameter(int, "1 if successful")] - def call(self, cred, hrn, origin_hrn=None): + def call(self, cred, xrn, origin_hrn=None): user_cred = Credential(string=cred) #log the call @@ -45,16 +45,16 @@ class start_slice(Method): mgr_type = self.api.config.SFA_CM_TYPE manager_module = manager_base + ".component_manager_%s" % mgr_type manager = __import__(manager_module, fromlist=[manager_base]) - manager.start_slice(self.api, hrn) + manager.start_slice(self.api, xrn) elif self.api.interface in ['aggregate']: mgr_type = self.api.config.SFA_AGGREGATE_TYPE manager_module = manager_base + ".aggregate_manager_%s" % mgr_type manager = __import__(manager_module, fromlist=[manager_base]) - manager.start_slice(self.api, hrn) + manager.start_slice(self.api, xrn) elif self.api.interface in ['slicemgr']: mgr_type = self.api.config.SFA_SM_TYPE manager_module = manager_base + ".slice_manager_%s" % mgr_type manager = __import__(manager_module, fromlist=[manager_base]) - manager.start_slice(self.api, hrn) + manager.start_slice(self.api, xrn) return 1 diff --git a/sfa/methods/stop_slice.py b/sfa/methods/stop_slice.py index f34c1bc8..e1110983 100644 --- a/sfa/methods/stop_slice.py +++ b/sfa/methods/stop_slice.py @@ -13,7 +13,7 @@ class stop_slice(Method): Stop the specified slice @param cred credential string specifying the rights of the caller - @param hrn human readable name of slice to instantiate + @param xrn human readable name of slice to instantiate (hrn or urn) @return 1 is successful, faults otherwise """ @@ -21,14 +21,15 @@ class stop_slice(Method): accepts = [ Parameter(str, "Credential string"), - Parameter(str, "Human readable name of slice to instantiate"), + Parameter(str, "Human readable name of slice to instantiate (hrn or urn)"), Mixed(Parameter(str, "Human readable name of the original caller"), Parameter(None, "Origin hrn not specified")) ] returns = Parameter(int, "1 if successful") - def call(self, cred, hrn, origin_hrn=None): + def call(self, cred, xrn, origin_hrn=None): + hrn, type = urn_to_hrn(xrn) user_cred = Credential(string=cred) #log the call @@ -45,16 +46,16 @@ class stop_slice(Method): mgr_type = self.api.config.SFA_CM_TYPE manager_module = manager_base + ".component_manager_%s" % mgr_type manager = __import__(manager_module, fromlist=[manager_base]) - manager.stop_slice(self.api, hrn) + manager.stop_slice(self.api, xrn) elif self.api.interface in ['aggregate']: mgr_type = self.api.config.SFA_AGGREGATE_TYPE manager_module = manager_base + ".aggregate_manager_%s" % mgr_type manager = __import__(manager_module, fromlist=[manager_base]) - manager.stop_slice(self.api, hrn) + manager.stop_slice(self.api, xrn) elif self.api.interface in ['slicemgr']: mgr_type = self.api.config.SFA_SM_TYPE manager_module = manager_base + ".slice_manager_%s" % mgr_type manager = __import__(manager_module, fromlist=[manager_base]) - manager.stop_slice(self.api, hrn) + manager.stop_slice(self.api, xrn) return 1 diff --git a/sfa/plc/nodes.py b/sfa/plc/nodes.py index f80bd1ab..94e73230 100644 --- a/sfa/plc/nodes.py +++ b/sfa/plc/nodes.py @@ -88,7 +88,8 @@ class Nodes(SimpleStorage): self.update(node_details) self.write() - def get_remote_resources(self, hrn = None): + def get_rspec_smgr(self, xrn = None): + hrn, type = urn_to_hrn(xrn) # convert and threshold to ints if self.has_key('timestamp') and self['timestamp']: hr_timestamp = self['timestamp'] @@ -116,7 +117,7 @@ class Nodes(SimpleStorage): if aggregate not in [self.api.auth.client_cred.get_gid_caller().get_hrn()]: try: # get the rspec from the aggregate - agg_rspec = aggregates[aggregate].get_resources(credential, hrn, origin_hrn) + agg_rspec = aggregates[aggregate].get_resources(credential, xrn, origin_hrn) # extract the netspec from each aggregates rspec rspec.parseString(agg_rspec) networks.extend([{'NetSpec': rspec.getDictsByTagName('NetSpec')}]) @@ -130,7 +131,7 @@ class Nodes(SimpleStorage): resourceDict = {'RSpec': resources} # convert rspec dict to xml rspec.parseDict(resourceDict) - return rspec + return rspec.toxml() def refresh_nodes_smgr(self): @@ -154,23 +155,18 @@ class Nodes(SimpleStorage): self.update(nodedict) self.write() - def get_rspec(self, hrn = None): + def get_rspec(self, xrn = None): if self.api.interface in ['slicemgr']: - return self.get_rspec_smgr(hrn) + return self.get_rspec_smgr(xrn) elif self.api.interface in ['aggregate']: - return self.get_rspec_aggregate(hrn) + return self.get_rspec_aggregate(xrn) - def get_rspec_smgr(self, hrn = None): - - rspec = self.get_remote_resources(hrn) - return rspec.toxml() - - def get_rspec_aggregate(self, hrn = None): + def get_rspec_aggregate(self, xrn = None): """ Get resource information from PLC """ - + hrn, type = urn_to_hrn(xrn) slicename = None # Get the required nodes if not hrn: diff --git a/sfa/plc/sfa-import-plc.py b/sfa/plc/sfa-import-plc.py index cf2fa4ab..160ce77c 100755 --- a/sfa/plc/sfa-import-plc.py +++ b/sfa/plc/sfa-import-plc.py @@ -97,7 +97,7 @@ def main(): sfaImporter.create_top_level_auth_records(level1_auth) import_auth = level1_auth - trace("Import: adding" + import_auth + "to trusted list", logger) + trace("Import: adding " + import_auth + " to trusted list", logger) authority = AuthHierarchy.get_auth_info(import_auth) TrustedRoots.add_gid(authority.get_gid_object()) diff --git a/sfa/plc/slices.py b/sfa/plc/slices.py index cfeed465..18c75840 100644 --- a/sfa/plc/slices.py +++ b/sfa/plc/slices.py @@ -38,7 +38,8 @@ class Slices(SimpleStorage): self.load() self.origin_hrn = origin_hrn - def get_slivers(self, hrn, node=None): + def get_slivers(self, xrn, node=None): + hrn, type = urn_to_hrn(xrn) slice_name = hrn_to_pl_slicename(hrn) # XX Should we just call PLCAPI.GetSliceTicket(slice_name) instead @@ -142,7 +143,8 @@ class Slices(SimpleStorage): return slivers - def get_peer(self, hrn): + def get_peer(self, xrn): + hrn, type = urn_to_hrn(xrn) # Becaues of myplc federation, we first need to determine if this # slice belongs to out local plc or a myplc peer. We will assume it # is a local site, unless we find out otherwise @@ -163,7 +165,9 @@ class Slices(SimpleStorage): return peer - def get_sfa_peer(self, hrn): + def get_sfa_peer(self, xrn): + hrn, type = urn_to_hrn(xrn) + # return the authority for this hrn or None if we are the authority sfa_peer = None slice_authority = get_authority(hrn) @@ -249,7 +253,8 @@ class Slices(SimpleStorage): def verify_site(self, registry, credential, slice_hrn, peer, sfa_peer): authority = get_authority(slice_hrn) - site_records = registry.resolve(credential, authority) + authority_urn = hrn_to_urn(authority, 'authority') + site_records = registry.resolve(credential, authority_urn) site = {} for site_record in site_records: @@ -401,8 +406,8 @@ class Slices(SimpleStorage): except: pass - def create_slice_aggregate(self, hrn, rspec): - + def create_slice_aggregate(self, xrn, rspec): + hrn, type = urn_to_hrn(xrn) # Determine if this is a peer slice peer = self.get_peer(hrn) sfa_peer = self.get_sfa_peer(hrn) diff --git a/sfa/trust/gid.py b/sfa/trust/gid.py index a87b3dfb..fa35f8aa 100644 --- a/sfa/trust/gid.py +++ b/sfa/trust/gid.py @@ -10,7 +10,7 @@ import xmlrpclib import uuid from sfa.trust.certificate import Certificate - +from sfa.util.namespace import * ## # Create a new uuid. Returns the UUID as a string. @@ -27,6 +27,10 @@ def create_uuid(): # HRN is a human readable name. It is a dotted form similar to a backward domain # name. For example, planetlab.us.arizona.bakers. # +# URN is a human readable identifier of form: +# "urn:publicid:IDN+toplevelauthority[:sub-auth.]*[\res. type]\ +object name" +# For example, urn:publicid:IDN+planetlab:us:arizona+user+bakers +# # PUBLIC_KEY is the public key of the principal identified by the UUID/HRN. # It is a Keypair object as defined in the cert.py module. # @@ -41,6 +45,7 @@ def create_uuid(): class GID(Certificate): uuid = None hrn = None + urn = None ## # Create a new GID object @@ -50,12 +55,16 @@ class GID(Certificate): # @param string If string!=None, load the GID from a string # @param filename If filename!=None, load the GID from a file - def __init__(self, create=False, subject=None, string=None, filename=None, uuid=None, hrn=None): + def __init__(self, create=False, subject=None, string=None, filename=None, uuid=None, hrn=None, urn=None): + Certificate.__init__(self, create, subject, string, filename) if uuid: self.uuid = uuid if hrn: self.hrn = hrn + if urn: + self.urn = urn + self.hrn, type = urn_to_hrn(urn) def set_uuid(self, uuid): self.uuid = uuid @@ -73,6 +82,15 @@ class GID(Certificate): self.decode() return self.hrn + def set_urn(self, urn): + self.urn = urn + self.hrn, type = urn_to_hrn(urn) + + def get_urn(self): + if not self.urn: + self.decode() + return self.urn + ## # Encode the GID fields and package them into the subject-alt-name field # of the X509 certificate. This must be called prior to signing the @@ -80,7 +98,8 @@ class GID(Certificate): def encode(self): dict = {"uuid": self.uuid, - "hrn": self.hrn} + "hrn": self.hrn, + "urn": self.urn} str = xmlrpclib.dumps((dict,)) self.set_data(str) @@ -98,6 +117,7 @@ class GID(Certificate): self.uuid = dict.get("uuid", None) self.hrn = dict.get("hrn", None) + self.urn = dict.get("urn", None) ## # Dump the credential to stdout. @@ -107,6 +127,7 @@ class GID(Certificate): def dump(self, indent=0, dump_parents=False): print " "*indent, " hrn:", self.get_hrn() + print " "*indent, " urn:", self.get_urn() print " "*indent, "uuid:", self.get_uuid() if self.parent and dump_parents: diff --git a/sfa/trust/hierarchy.py b/sfa/trust/hierarchy.py index ce74c9f5..ad4de78d 100644 --- a/sfa/trust/hierarchy.py +++ b/sfa/trust/hierarchy.py @@ -39,12 +39,13 @@ class AuthInfo: ## # Initialize and authority object. # - # @param hrn the human readable name of the authority + # @param xrn the human readable name of the authority (urn will be converted to hrn) # @param gid_filename the filename containing the GID # @param privkey_filename the filename containing the private key # @param dbinfo_filename the filename containing the database info - def __init__(self, hrn, gid_filename, privkey_filename, dbinfo_filename): + def __init__(self, xrn, gid_filename, privkey_filename, dbinfo_filename): + hrn, type = urn_to_hrn(xrn) self.hrn = hrn self.set_gid_filename(gid_filename) self.privkey_filename = privkey_filename @@ -116,9 +117,10 @@ class Hierarchy: # Given a hrn, return the filenames of the GID, private key, and dbinfo # files. # - # @param hrn the human readable name of the authority + # @param xrn the human readable name of the authority (urn will be convertd to hrn) - def get_auth_filenames(self, hrn): + def get_auth_filenames(self, xrn): + hrn, type = urn_to_hrn(xrn) leaf = get_leaf(hrn) parent_hrn = get_authority(hrn) directory = os.path.join(self.basedir, hrn.replace(".", "/")) @@ -135,7 +137,8 @@ class Hierarchy: # # @param the human readable name of the authority to check - def auth_exists(self, hrn): + def auth_exists(self, xrn): + hrn, type = urn_to_hrn(xrn) (directory, gid_filename, privkey_filename, dbinfo_filename) = \ self.get_auth_filenames(hrn) @@ -147,10 +150,11 @@ class Hierarchy: # Create an authority. A private key for the authority and the associated # GID are created and signed by the parent authority. # - # @param hrn the human readable name of the authority to create + # @param xrn the human readable name of the authority to create (urn will be converted to hrn) # @param create_parents if true, also create the parents if they do not exist - def create_auth(self, hrn, create_parents=False): + def create_auth(self, xrn, create_parents=False): + hrn, type = urn_to_hrn(xrn) trace("Hierarchy: creating authority: " + hrn) # create the parent authority if necessary @@ -191,11 +195,12 @@ class Hierarchy: # does not exist, then an exception is thrown. As a side effect, disk files # and a subdirectory may be created to store the authority. # - # @param hrn the human readable name of the authority to create. + # @param xrn the human readable name of the authority to create (urn will be converted to hrn). - def get_auth_info(self, hrn): + def get_auth_info(self, xrn): + #trace("Hierarchy: getting authority: " + hrn) - + hrn, type = urn_to_hrn(xrn) if not self.auth_exists(hrn): raise MissingAuthority(hrn) @@ -221,8 +226,13 @@ class Hierarchy: # @param uuid the unique identifier to store in the GID # @param pkey the public key to store in the GID - def create_gid(self, hrn, uuid, pkey): - gid = GID(subject=hrn, uuid=uuid, hrn=hrn) + def create_gid(self, xrn, uuid, pkey): + hrn, type = urn_to_hrn(xrn) + # Using hrn_to_urn() here to make sure the urn is in the right format + # If xrn was a hrn instead of a urn, then the gid's urn will be + # of type None + urn = hrn_to_urn(hrn, type) + gid = GID(subject=hrn, uuid=uuid, hrn=hrn, urn=urn) parent_hrn = get_authority(hrn) if not parent_hrn or hrn == self.config.SFA_INTERFACE_HRN: @@ -251,20 +261,21 @@ class Hierarchy: # @param uuid if !=None, change the uuid # @param pubkey if !=None, change the public key - def refresh_gid(self, gid, hrn=None, uuid=None, pubkey=None): + def refresh_gid(self, gid, xrn=None, uuid=None, pubkey=None): # TODO: compute expiration time of GID, refresh it if necessary gid_is_expired = False # update the gid if we need to - if gid_is_expired or hrn or uuid or pubkey: - if not hrn: - hrn = gid.get_hrn() + if gid_is_expired or xrn or uuid or pubkey: + + if not xrn: + xrn = gid.get_urn() if not uuid: uuid = gid.get_uuid() if not pubkey: pubkey = gid.get_pubkey() - gid = self.create_gid(hrn, uuid, pubkey) + gid = self.create_gid(xrn, uuid, pubkey) return gid @@ -273,10 +284,11 @@ class Hierarchy: # credential will contain the authority privilege and will be signed by # the authority's parent. # - # @param hrn the human readable name of the authority + # @param hrn the human readable name of the authority (urn is converted to hrn) # @param authority type of credential to return (authority | sa | ma) - def get_auth_cred(self, hrn, kind="authority"): + def get_auth_cred(self, xrn, kind="authority"): + hrn, type = urn_to_hrn(xrn) auth_info = self.get_auth_info(hrn) gid = auth_info.get_gid_object() @@ -311,9 +323,10 @@ class Hierarchy: # This looks almost the same as get_auth_cred, but works for tickets # XXX does similarity imply there should be more code re-use? # - # @param hrn the human readable name of the authority + # @param xrn the human readable name of the authority (urn is converted to hrn) - def get_auth_ticket(self, hrn): + def get_auth_ticket(self, xrn): + hrn, type = urn_to_hrn(xrn) auth_info = self.get_auth_info(hrn) gid = auth_info.get_gid_object() -- 2.43.0