From 4f6723c0df443599afe30721df334aa11a90acc4 Mon Sep 17 00:00:00 2001
From: Scott Baker <bakers@cs.arizona.edu>
Date: Sat, 27 Sep 2008 00:50:20 +0000
Subject: [PATCH] more comments; set geni info for slices and authorities

---
 registry/registry.py | 126 +++++++++++++++++++++++++++++++++++++++++--
 1 file changed, 123 insertions(+), 3 deletions(-)

diff --git a/registry/registry.py b/registry/registry.py
index 976e0657..01f8a105 100644
--- a/registry/registry.py
+++ b/registry/registry.py
@@ -1,3 +1,9 @@
+##
+# Geni Registry Wrapper
+#
+# This wrapper implements the Geni Registry
+##
+
 import tempfile
 import os
 import time
@@ -14,6 +20,15 @@ from record import *
 from genitable import *
 from geniticket import *
 
+##
+# Convert geni fields to PLC fields for use when registering up updating
+# registry record in the PLC database
+#
+# @params type type of record (user, slice, ...)
+# @params hrn human readable name
+# @params geni_fields dictionary of geni fields
+# @params pl_fields dictionary of PLC fields (output)
+
 def geni_fields_to_pl_fields(type, hrn, geni_fields, pl_fields):
     if type == "user":
         if not "email" in pl_fields:
@@ -59,6 +74,12 @@ def geni_fields_to_pl_fields(type, hrn, geni_fields, pl_fields):
         if not "is_public" in pl_fields:
             pl_fields["is_public"] = True
 
+##
+# Registry is a GeniServer that serves registry requests. It also serves
+# component and slice operations that are implemented on the registry
+# due to SFA engineering decisions
+#
+
 class Registry(GeniServer):
     def __init__(self, ip, port, key_file, cert_file):
         GeniServer.__init__(self, ip, port, key_file, cert_file)
@@ -72,14 +93,23 @@ class Registry(GeniServer):
         else:
             self.connect_local_shell()
 
+    ##
+    # Connect to a remote shell via XMLRPC
+
     def connect_remote_shell(self):
         import remoteshell
         self.shell = remoteshell.RemoteShell()
 
+    ##
+    # Connect to a local shell via local API functions
+
     def connect_local_shell(self):
         import PLC.Shell
         self.shell = PLC.Shell.Shell(globals = globals())
 
+    ##
+    # Register the server RPCs for the registry
+
     def register_functions(self):
         GeniServer.register_functions(self)
         # registry interface
@@ -95,8 +125,21 @@ class Registry(GeniServer):
         # component interface
         self.server.register_function(self.get_ticket)
 
-    def get_auth_info(self, name):
-        return AuthHierarchy.get_auth_info(name)
+    ##
+    # Given an authority name, return the information for that authority. This
+    # is basically a stub that calls the hierarchy module.
+    #
+    # @param auth_hrn human readable name of authority
+
+    def get_auth_info(self, auth_hrn):
+        return AuthHierarchy.get_auth_info(auth_hrn)
+
+    ##
+    # Given an authority name, return the database table for that authority. If
+    # the database table does not exist, then one will be automatically
+    # created.
+    #
+    # @param auth_name human readable name of authority
 
     def get_auth_table(self, auth_name):
         auth_info = self.get_auth_info(auth_name)
@@ -113,11 +156,26 @@ class Registry(GeniServer):
 
         return table
 
+    ##
+    # Verify that an authority belongs to this registry. This is basically left
+    # up to the implementation of the hierarchy module. If the specified name
+    # does not belong to this registry, an exception is thrown indicating the
+    # caller should contact someone else.
+    #
+    # @param auth_name human readable name of authority
+
     def verify_auth_belongs_to_me(self, name):
         # get_auth_info will throw an exception if the authority does not
         # exist
         self.get_auth_info(name)
 
+    ##
+    # Verify that an object belongs to this registry. By extension, this implies
+    # that the authority that owns the object belongs to this registry. If the
+    # object does not belong to this registry, then an exception is thrown.
+    #
+    # @param name human readable name of object
+
     def verify_object_belongs_to_me(self, name):
         auth_name = get_authority(name)
         if not auth_name:
@@ -126,6 +184,14 @@ class Registry(GeniServer):
             return
         self.verify_auth_belongs_to_me(auth_name)
 
+    ##
+    # Verify that the object_gid that was specified in the credential allows
+    # permission to the object 'name'. This is done by a simple prefix test.
+    # For example, an object_gid for planetlab.us.arizona would match the
+    # objects planetlab.us.arizona.slice1 and planetlab.us.arizona.
+    #
+    # @param name human readable name to test
+
     def verify_object_permission(self, name):
         object_hrn = self.object_gid.get_hrn()
         if object_hrn == name:
@@ -134,6 +200,15 @@ class Registry(GeniServer):
             return
         raise PermissionError(name)
 
+    ##
+    # Fill in the planetlab-specific fields of a Geni record. This involves
+    # calling the appropriate PLC methods to retrieve the database record for
+    # the object.
+    #
+    # PLC data is filled into the pl_info field of the record.
+    #
+    # @param record record to fill in fields (in/out param)
+
     def fill_record_pl_info(self, record):
         type = record.get_type()
         pointer = record.get_pointer()
@@ -162,8 +237,53 @@ class Registry(GeniServer):
 
         record.set_pl_info(pl_res[0])
 
+    def lookup_users(self, auth_table, user_id_list, role="*"):
+        record_list = []
+        for person_id in user_id_list:
+            user_records = auth_table.find("user", person_id, "pointer")
+            for user_record in user_records:
+                self.fill_record_info(user_record)
+
+                user_roles = user_record.get_pl_info().get("roles")
+                if (role=="*") or (role in user_roles):
+                    record_list.append(user_record.get_name())
+        return record_list
+
+    ##
+    # Fill in the geni-specific fields of the record.
+    #
+    # Note: It is assumed the fill_record_pl_info() has already been performed
+    # on the record.
+
     def fill_record_geni_info(self, record):
-        pass
+        geni_info = {}
+        type = record.get_type()
+
+        if (type == "slice"):
+            auth_table = self.get_auth_table(get_authority(record.get_name()))
+            person_ids = record.pl_info.get("person_ids", [])
+            researchers = self.lookup_users(auth_table, person_ids)
+            geni_info['researcher'] = researchers
+
+        elif (type == "sa"):
+            auth_table = self.get_auth_table(record.get_name())   
+            person_ids = record.pl_info.get("person_ids", [])
+            pis = self.lookup_users(auth_table, person_ids, "pi")
+            geni_info['pi'] = pis
+
+        elif (type == "ma"):
+            auth_table = self.get_auth_table(record.get_name())   
+            person_ids = record.pl_info.get("person_ids", [])
+            operators = self.lookup_users(auth_table, person_ids, "tech")
+            geni_info['operator'] = operators
+
+            auth_table = self.get_auth_table(record.get_name())
+            person_ids = record.pl_info.get("person_ids", [])
+            owners = self.lookup_users(auth_table, person_ids, "admin")
+            geni_info['owner'] = owners
+            pass
+
+        record.set_geni_info(geni_info)
 
     def fill_record_info(self, record):
         self.fill_record_pl_info(record)
-- 
2.43.0