本文整理汇总了Python中sfa.util.xrn.get_authority函数的典型用法代码示例。如果您正苦于以下问题:Python get_authority函数的具体用法?Python get_authority怎么用?Python get_authority使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了get_authority函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: create_top_level_auth_records
def create_top_level_auth_records(self, hrn):
"""
Create top level records (includes root and sub authorities (local/remote)
"""
urn = hrn_to_urn(hrn, 'authority')
# make sure parent exists
parent_hrn = get_authority(hrn)
if not parent_hrn:
parent_hrn = hrn
if not parent_hrn == hrn:
self.create_top_level_auth_records(parent_hrn)
# create the authority if it doesnt already exist
if not self.AuthHierarchy.auth_exists(urn):
self.logger.info("Import: creating top level authorities")
self.AuthHierarchy.create_auth(urn)
# create the db record if it doesnt already exist
auth_info = self.AuthHierarchy.get_auth_info(hrn)
table = SfaTable()
auth_record = table.find({'type': 'authority', 'hrn': hrn})
if not auth_record:
auth_record = SfaRecord(hrn=hrn, gid=auth_info.get_gid_object(), type="authority", pointer=-1)
auth_record['authority'] = get_authority(auth_record['hrn'])
self.logger.info("Import: inserting authority record for %s"%hrn)
table.insert(auth_record)示例2: get_sfa_peer
def get_sfa_peer(api, hrn):
# return the authority for this hrn or None if we are the authority
sfa_peer = None
slice_authority = get_authority(hrn)
site_authority = get_authority(slice_authority)
if site_authority != api.hrn:
sfa_peer = site_authority
return sfa_peer示例3: get_sfa_peer
def get_sfa_peer(self, xrn):
hrn, type = urn_to_hrn(xrn)
# return the authority for this hrn or None if we are the authority
sfa_peer = None
slice_authority = get_authority(hrn)
site_authority = get_authority(slice_authority)
if site_authority != self.api.hrn:
sfa_peer = site_authority
return sfa_peer示例4: call
def call(self, cred, record_dict, origin_hrn=None):
user_cred = Credential(string=cred)
#log the call
if not origin_hrn:
origin_hrn = user_cred.get_gid_caller().get_hrn()
self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, None, self.name))
# validate the cred
self.api.auth.check(cred, "register")
# make sure this is a peer record
if 'peer_authority' not in record_dict or \
not record_dict['peer_authority']:
raise SfaInvalidArgument, "peer_authority must be specified"
record = SfaRecord(dict = record_dict)
type, hrn, peer_authority = record['type'], record['hrn'], record['peer_authority']
record['authority'] = get_authority(record['hrn'])
# verify permissions
self.api.auth.verify_cred_is_me(cred)
# check if record already exists
table = SfaTable()
existing_records = table.find({'type': type, 'hrn': hrn, 'peer_authority': peer_authority})
if existing_records:
for existing_record in existing_records:
if existing_record['pointer'] != record['pointer']:
record['record_id'] = existing_record['record_id']
table.update(record)
else:
record_id = table.insert(record)
return 1示例5: get_slice_and_slivers
def get_slice_and_slivers(self, slice_xrn, login=None):
"""
Returns a dict of slivers keyed on the sliver's node_id
"""
slivers = {}
sfa_slice = None
if not slice_xrn:
return (sfa_slice, slivers)
slice_urn = hrn_to_urn(slice_xrn, 'slice')
slice_hrn, _ = urn_to_hrn(slice_xrn)
slice_name = slice_hrn
slices = self.driver.GetSlices(slice_filter= str(slice_name), \
slice_filter_type = 'slice_hrn', login=login)
logger.debug("Slabaggregate api \tget_slice_and_slivers \
sfa_slice %s \r\n slices %s self.driver.hrn %s" \
%(sfa_slice, slices, self.driver.hrn))
if not slices:
return (sfa_slice, slivers)
#if isinstance(sfa_slice, list):
#sfa_slice = slices[0]
#else:
#sfa_slice = slices
# sort slivers by node id , if there is a job
#and therfore, node allocated to this slice
for sfa_slice in slices:
try:
node_ids_list = sfa_slice['node_ids']
except KeyError:
logger.log_exc("SLABAGGREGATE \t \
get_slice_and_slivers KeyError ")
continue
for node in node_ids_list:
sliver_xrn = Xrn(slice_urn, type='sliver', id=node)
sliver_xrn.set_authority(self.driver.hrn)
#node_id = self.driver.root_auth + '.' + node_id
sliver = Sliver({'sliver_id':sliver_xrn.urn,
'name': sfa_slice['hrn'],
'type': 'slab-node',
'tags': []})
slivers[node] = sliver
#Add default sliver attribute :
#connection information for senslab
if get_authority (sfa_slice['hrn']) == self.driver.root_auth:
tmp = sfa_slice['hrn'].split('.')
ldap_username = tmp[1].split('_')[0]
vmaddr = 'ssh ' + ldap_username + '@grenoble.senslab.info'
slivers['default_sliver'] = {'vm': vmaddr , 'login': ldap_username}
#TODO get_slice_and_slivers Find the login of the external user
logger.debug("SLABAGGREGATE api get_slice_and_slivers slivers %s "\
%(slivers))
return (slices, slivers)示例6: get_peer
def get_peer(self, xrn):
hrn, hrn_type = urn_to_hrn(xrn)
#Does this slice belong to a local site or a peer senslab site?
peer = None
# get this slice's authority (site)
slice_authority = get_authority(hrn)
site_authority = slice_authority
# get this site's authority (sfa root authority or sub authority)
#site_authority = get_authority(slice_authority).lower()
logger.debug("SLABSLICES \ get_peer slice_authority %s \
site_authority %s hrn %s" %(slice_authority, \
site_authority, hrn))
#This slice belongs to the current site
if site_authority == self.driver.root_auth :
return None
# check if we are already peered with this site_authority, if so
#peers = self.driver.GetPeers({})
peers = self.driver.GetPeers(peer_filter = slice_authority)
for peer_record in peers:
if site_authority == peer_record.hrn:
peer = peer_record
logger.debug(" SLABSLICES \tget_peer peer %s " %(peer))
return peer示例7: import_site
def import_site(self, hrn, site):
shell = self.shell
plc_auth = self.plc_auth
urn = hrn_to_urn(hrn, 'authority')
self.logger.info("Import: site %s"%hrn)
# create the authority
if not self.AuthHierarchy.auth_exists(urn):
self.AuthHierarchy.create_auth(urn)
auth_info = self.AuthHierarchy.get_auth_info(urn)
table = SfaTable()
auth_record = SfaRecord(hrn=hrn, gid=auth_info.get_gid_object(), type="authority", pointer=site['site_id'])
auth_record['authority'] = get_authority(auth_record['hrn'])
existing_records = table.find({'hrn': hrn, 'type': 'authority', 'pointer': site['site_id']})
if not existing_records:
table.insert(auth_record)
else:
self.logger.info("Import: %s exists, updating " % hrn)
existing_record = existing_records[0]
auth_record['record_id'] = existing_record['record_id']
table.update(auth_record)
return hrn示例8: import_slice
def import_slice(self, parent_hrn, slice):
slicename = slice['name'].split("_",1)[-1]
slicename = _cleanup_string(slicename)
if not slicename:
self.logger.error("Import: failed to parse slice name %s" %slice['name'])
return
hrn = parent_hrn + "." + slicename
self.logger.info("Import: slice %s"%hrn)
pkey = Keypair(create=True)
urn = hrn_to_urn(hrn, 'slice')
slice_gid = self.AuthHierarchy.create_gid(urn, create_uuid(), pkey)
slice_record = SfaRecord(hrn=hrn, gid=slice_gid, type="slice", pointer=slice['slice_id'])
slice_record['authority'] = get_authority(slice_record['hrn'])
table = SfaTable()
existing_records = table.find({'hrn': hrn, 'type': 'slice', 'pointer': slice['slice_id']})
if not existing_records:
table.insert(slice_record)
else:
self.logger.info("Import: %s exists, updating " % hrn)
existing_record = existing_records[0]
slice_record['record_id'] = existing_record['record_id']
table.update(slice_record)示例9: testRegister
def testRegister(self):
authority = get_authority(self.hrn)
auth_cred = self.client.GetCredential(authority, 'authority')
auth_record = {'hrn': '.'.join([authority, random_string(10).lower()]),
'type': 'authority'}
node_record = {'hrn': '.'.join([authority, random_string(10)]),
'type': 'node',
'hostname': random_string(6) + '.' + random_string(6)}
slice_record = {'hrn': '.'.join([authority, random_string(10)]),
'type': 'slice', 'researcher': [self.hrn]}
user_record = {'hrn': '.'.join([authority, random_string(10)]),
'type': 'user',
'email': random_string(6) +'@'+ random_string(5) +'.'+ random_string(3),
'first_name': random_string(7),
'last_name': random_string(7)}
all_records = [auth_record, node_record, slice_record, user_record]
for record in all_records:
try:
self.registry.Register(auth_cred, record)
self.registry.Resolve(self.credential, record['hrn'])
except:
raise
finally:
try: self.registry.Remove(auth_cred, record['type'], record['hrn'])
except: pass示例10: get_pis
def get_pis (self):
# don't ruin the import of that file in a client world
from sfa.storage.alchemy import dbsession
from sfa.util.xrn import get_authority
authority_hrn = get_authority(self.hrn)
auth_record = dbsession.query(RegAuthority).filter_by(hrn=authority_hrn).first()
return auth_record.reg_pis示例11: update_cert_records
def update_cert_records(gids):
"""
Make sure there is a record in the registry for the specified gids.
Removes old records from the db.
"""
# import db stuff here here so this module can be loaded by PlcComponentApi
from sfa.storage.alchemy import dbsession
from sfa.storage.model import RegRecord
if not gids:
return
# get records that actually exist in the db
gid_urns = [gid.get_urn() for gid in gids]
hrns_expected = [gid.get_hrn() for gid in gids]
records_found = dbsession.query(RegRecord).\
filter_by(pointer=-1).filter(RegRecord.hrn.in_(hrns_expected)).all()
# remove old records
for record in records_found:
if record.hrn not in hrns_expected and \
record.hrn != self.api.config.SFA_INTERFACE_HRN:
dbsession.delete(record)
# TODO: store urn in the db so we do this in 1 query
for gid in gids:
hrn, type = gid.get_hrn(), gid.get_type()
record = dbsession.query(RegRecord).filter_by(hrn=hrn, type=type,pointer=-1).first()
if not record:
record = RegRecord (dict= {'type':type,
'hrn': hrn,
'authority': get_authority(hrn),
'gid': gid.save_to_string(save_parents=True),
})
dbsession.add(record)
dbsession.commit()示例12: testUpdate
def testUpdate(self):
authority = get_authority(self.hrn)
auth_cred = self.client.GetCredential(authority, 'authority')
records = self.registry.Resolve(self.credential, self.hrn)
if not records: assert False
record = records[0]
self.registry.update(auth_cred, record) 示例13: get_auth_cred
def get_auth_cred(self, xrn, kind="authority"):
hrn, type = urn_to_hrn(xrn)
auth_info = self.get_auth_info(hrn)
gid = auth_info.get_gid_object()
cred = Credential(subject=hrn)
cred.set_gid_caller(gid)
cred.set_gid_object(gid)
cred.set_privileges(kind)
cred.get_privileges().delegate_all_privileges(True)
#cred.set_pubkey(auth_info.get_gid_object().get_pubkey())
parent_hrn = get_authority(hrn)
if not parent_hrn or hrn == self.config.SFA_INTERFACE_HRN:
# if there is no parent hrn, then it must be self-signed. this
# is where we terminate the recursion
cred.set_issuer_keys(auth_info.get_privkey_filename(), auth_info.get_gid_filename())
else:
# we need the parent's private key in order to sign this GID
parent_auth_info = self.get_auth_info(parent_hrn)
cred.set_issuer_keys(parent_auth_info.get_privkey_filename(), parent_auth_info.get_gid_filename())
cred.set_parent(self.get_auth_cred(parent_hrn, kind))
cred.encode()
cred.sign()
return cred示例14: get_auth_ticket
def get_auth_ticket(self, xrn):
hrn, type = urn_to_hrn(xrn)
auth_info = self.get_auth_info(hrn)
gid = auth_info.get_gid_object()
ticket = SfaTicket(subject=hrn)
ticket.set_gid_caller(gid)
ticket.set_gid_object(gid)
ticket.set_delegate(True)
ticket.set_pubkey(auth_info.get_gid_object().get_pubkey())
parent_hrn = get_authority(hrn)
if not parent_hrn:
# if there is no parent hrn, then it must be self-signed. this
# is where we terminate the recursion
ticket.set_issuer(auth_info.get_pkey_object(), hrn)
else:
# we need the parent's private key in order to sign this GID
parent_auth_info = self.get_auth_info(parent_hrn)
ticket.set_issuer(parent_auth_info.get_pkey_object(), parent_auth_info.hrn)
ticket.set_parent(self.get_auth_cred(parent_hrn))
ticket.encode()
ticket.sign()
return ticket示例15: _process_ldap_info_for_one_user
def _process_ldap_info_for_one_user(self, record, result_data):
"""
Put the user's ldap data into shape. Only deals with one user
record and one user data from ldap.
:param record: user record
:param result_data: Raw ldap data coming from LdapSearch
:returns: user's data dict with 'type','pkey','uid', 'email',
'first_name' 'last_name''serial''authority''peer_authority'
'pointer''hrn'
:type record: dict
:type result_data: list
:rtype :dict
"""
#One entry only in the ldap data because we used a filter
#to find one user only
ldapentry = result_data[0][1]
logger.debug("LDAP.PY \t LdapFindUser ldapentry %s" % (ldapentry))
tmpname = ldapentry['uid'][0]
tmpemail = ldapentry['mail'][0]
if ldapentry['mail'][0] == "unknown":
tmpemail = None
parent_hrn = None
peer_authority = None
if 'hrn' in record:
hrn = record['hrn']
parent_hrn = get_authority(hrn)
if parent_hrn != self.authname:
peer_authority = parent_hrn
#In case the user was not imported from Iotlab LDAP
#but from another federated site, has an account in
#iotlab but currently using his hrn from federated site
#then the login is different from the one found in its hrn
if tmpname != hrn.split('.')[1]:
hrn = None
else:
hrn = None
results = {
'type': 'user',
'pkey': ldapentry['sshPublicKey'],
#'uid': ldapentry[1]['uid'][0],
'uid': tmpname,
'email': tmpemail,
#'email': ldapentry[1]['mail'][0],
'first_name': ldapentry['givenName'][0],
'last_name': ldapentry['sn'][0],
#'phone': 'none',
'serial': 'none',
'authority': parent_hrn,
'peer_authority': peer_authority,
'pointer': -1,
'hrn': hrn,
}
return results