iotlab driver: Merge allowing to validate delegated credentials, Fix of Allocate...
Loic Baron [Wed, 30 Jul 2014 12:05:03 +0000 (14:05 +0200)]
sfa/iotlab/LDAPapi.py
sfa/iotlab/iotlabdriver.py
sfa/iotlab/iotlabslices.py

index 15067ac..d01c82b 100644 (file)
@@ -944,7 +944,10 @@ class LDAPapi:
 
         parent_hrn = None
         peer_authority = None
-        if 'hrn' in record:
+        # If the user is coming from External authority (e.g. OneLab)
+        # Then hrn is None, it should be filled in by the creation of Ldap User
+        # XXX LOIC !!! What if a user email is in 2 authorities? 
+        if 'hrn' in record and record['hrn'] is not None:
             hrn = record['hrn']
             parent_hrn = get_authority(hrn)
             if parent_hrn != self.authname:
@@ -955,25 +958,39 @@ class LDAPapi:
             #then the login is different from the one found in its hrn
             if tmpname != hrn.split('.')[1]:
                 hrn = None
+            results = {
+                'type': 'user',
+                'pkey': ldapentry['sshPublicKey'],
+                #'uid': ldapentry[1]['uid'][0],
+                'uid': tmpname,
+                'email': tmpemail,
+                #'email': ldapentry[1]['mail'][0],
+                'first_name': ldapentry['givenName'][0],
+                'last_name': ldapentry['sn'][0],
+                #'phone': 'none',
+                'serial': 'none',
+                'authority': parent_hrn,
+                'peer_authority': peer_authority,
+                'pointer': -1,
+                'hrn': hrn,
+             }
         else:
-            hrn = None
-
-        results = {
-            'type': 'user',
-            'pkey': ldapentry['sshPublicKey'],
-            #'uid': ldapentry[1]['uid'][0],
-            'uid': tmpname,
-            'email': tmpemail,
-            #'email': ldapentry[1]['mail'][0],
-            'first_name': ldapentry['givenName'][0],
-            'last_name': ldapentry['sn'][0],
-            #'phone': 'none',
-            'serial': 'none',
-            'authority': parent_hrn,
-            'peer_authority': peer_authority,
-            'pointer': -1,
-            'hrn': hrn,
-                    }
+            #hrn = None
+            results = {
+                'type': 'user',
+                'pkey': ldapentry['sshPublicKey'],
+                #'uid': ldapentry[1]['uid'][0],
+                'uid': tmpname,
+                'email': tmpemail,
+                #'email': ldapentry[1]['mail'][0],
+                'first_name': ldapentry['givenName'][0],
+                'last_name': ldapentry['sn'][0],
+                #'phone': 'none',
+                'serial': 'none',
+                'authority': parent_hrn,
+                'peer_authority': peer_authority,
+                'pointer': -1,
+            }
         return results
 
     def LdapFindUser(self, record=None, is_user_enabled=None,
@@ -1016,9 +1033,10 @@ class LDAPapi:
             return None
         #Asked for a specific user
         if record is not None:
+            logger.debug("LOIC - record = %s" % record)
             results = self._process_ldap_info_for_one_user(record, result_data)
 
         else:
         #Asked for all users in ldap
             results = self._process_ldap_info_for_all_users(result_data)
-        return results
\ No newline at end of file
+        return results
index 797f156..adcf8a1 100644 (file)
@@ -704,7 +704,7 @@ class IotlabDriver(Driver):
 
         sfa_record = RegSlice(hrn=slice_record['hrn'],
                               gid=slice_record['gid'],
-                              pointer=slice_record['slice_id'],
+                              #pointer=slice_record['slice_id'],
                               authority=slice_record['authority'])
         logger.debug("IOTLAB_API.PY AddSlice  sfa_record %s user_record %s"
                      % (sfa_record, user_record))
@@ -1405,8 +1405,7 @@ class IotlabDriver(Driver):
         rspec =  aggregate.list_resources(version=version, options=options)
         return rspec
 
-    def describe(self, urns, version, options=None):
-        if options is None: options={}
+    def describe(self, urns, version, options={}):
         aggregate = IotlabAggregate(self)
         return aggregate.describe(urns, version=version, options=options)
 
@@ -1470,20 +1469,39 @@ class IotlabDriver(Driver):
 
         # ensure site record exists
 
-        # ensure slice record exists
-
-        current_slice = slices.verify_slice(xrn.hrn, slice_record, sfa_peer)
-        logger.debug("IOTLABDRIVER.PY \t ===============allocate \t\
-                            \r\n \r\n  current_slice %s" % (current_slice))
         # ensure person records exists
+        for user in users:
+            # XXX LOIC using hrn is a workaround because the function 
+            # Xrn.get_urn returns 'urn:publicid:IDN+onelab:upmc+timur_friedman'
+            # Instead of this     'urn:publicid:IDN+onelab:upmc+user+timur_friedman'
+            user['hrn'] = urn_to_hrn(user['urn'])[0]
+            # XXX LOIC adding the users of the slice to reg-researchers
+            # reg-researchers is used in iotlabslices.py verify_slice in order to add the slice
+            if 'reg-researchers' not in slice_record:
+                slice_record['reg-researchers'] = list()
+            slice_record['reg-researchers'].append(user['hrn'])
+            if caller_hrn == user['hrn']:
+                #hierarchical_user = user['hrn'].split(".")
+                #user['login'] = hierarchical_user[-1]            
+                #slice_record['login'] = user['login']
+                slice_record['user']=user
 
         # oui c'est degueulasse, le slice_record se retrouve modifie
         # dans la methode avec les infos du user, els infos sont propagees
         # dans verify_slice_leases
         logger.debug("IOTLABDRIVER.PY  BEFORE slices.verify_persons")
+        logger.debug("LOIC - slice_record[user] = %s" % slice_record['user'])
         persons = slices.verify_persons(xrn.hrn, slice_record, users,
                                         options=options)
         logger.debug("IOTLABDRIVER.PY  AFTER slices.verify_persons")
+        logger.debug("LOIC - slice_record[user] = %s" % slice_record['user'])
+
+        # ensure slice record exists
+        current_slice = slices.verify_slice(xrn.hrn, slice_record, sfa_peer)
+        logger.debug("LOIC - AFTER verify_slice - slice_record[user] = %s" % slice_record['user'])
+        logger.debug("IOTLABDRIVER.PY \t ===============allocate \t\
+                            \r\n \r\n  current_slice %s" % (current_slice))
+
         # ensure slice attributes exists
         # slices.verify_slice_attributes(slice, requested_attributes,
                                     # options=options)
@@ -1494,6 +1512,9 @@ class IotlabDriver(Driver):
         logger.debug("IOTLABDRIVER.PY \tallocate  requested_xp_dict %s "
                      % (requested_xp_dict))
         request_nodes = rspec.version.get_nodes_with_slivers()
+
+
+        # JORDAN: nodes_list will contain a list of newly allocated nodes
         nodes_list = []
         for start_time in requested_xp_dict:
             lease = requested_xp_dict[start_time]
@@ -1520,18 +1541,25 @@ class IotlabDriver(Driver):
                 slice_urn = current_slice['reg-urn']
             else:
                 slice_urn = current_slice['urn']
+
+            # JORDAN: We loop over leases previously in the slice
             for lease in leases:
                 if hostname in lease['reserved_nodes']:
                     index = lease['reserved_nodes'].index(hostname)
                     sliver_hrn = '%s.%s-%s' % (self.hrn, lease['lease_id'],
                                    lease['resource_ids'][index] )
-            sliver_id = Xrn(sliver_hrn, type='sliver').urn
-            record = SliverAllocation(sliver_id=sliver_id, client_id=client_id,
+                    sliver_id = Xrn(sliver_hrn, type='sliver').urn
+                    record = SliverAllocation(sliver_id=sliver_id, client_id=client_id,
                                       component_id=component_id,
                                       slice_urn = slice_urn,
                                       allocation_state='geni_allocated')
-            record.sync(self.api.dbsession())
+                    record.sync(self.api.dbsession())
 
+        # JORDAN : added describe_options which was not specified at all
+        describe_options = {
+            'geni_slice_urn': urn,
+            'list_leases': 'all',
+        }
         return aggregate.describe([xrn.get_urn()], version=rspec.version)
 
     def provision(self, urns, options=None):
@@ -1555,4 +1583,10 @@ class IotlabDriver(Driver):
         version_manager = VersionManager()
         rspec_version = version_manager.get_version(options[
                                                         'geni_rspec_version'])
+        # JORDAN : added describe_options instead of options
+        # urns at the begining ???
+        describe_options = {
+            'geni_slice_urn': current_slice['urn'],
+            'list_leases': 'all',
+        }
         return self.describe(urns, rspec_version, options=options)
index 966a26b..05a8e03 100644 (file)
@@ -335,8 +335,9 @@ class IotlabSlices:
                          'node_list': [],
                          'authority': slice_record['authority'],
                          'gid': slice_record['gid'],
-                         'slice_id': slice_record['record_id'],
-                         #'reg-researchers': slice_record['reg-researchers'],
+                         #'slice_id': slice_record['record_id'],
+                         'reg-researchers': slice_record['reg-researchers'],
+                         'urn': hrn_to_urn(slicename,'slice'),
                          #'peer_authority': str(sfa_peer)
                          }
 
@@ -382,6 +383,8 @@ class IotlabSlices:
 
 
         """
+        slice_user = slice_record['user']
+
         if options is None: options={}
         logger.debug("IOTLABSLICES \tverify_persons \tslice_hrn  %s  \
                     \t slice_record %s\r\n users %s \t  "
@@ -422,6 +425,7 @@ class IotlabSlices:
             #Check user i in LDAP with GetPersons
             #Needed because what if the user has been deleted in LDAP but
             #is still in SFA?
+            # GetPersons -> LdapFindUser -> _process_ldap_info_for_one_user
             existing_users = self.driver.testbed_shell.GetPersons(filter_user)
             logger.debug(" \r\n IOTLABSLICES.PY \tverify_person  filter_user %s\
                        existing_users %s  "
@@ -433,7 +437,7 @@ class IotlabSlices:
                     users_dict[user['email']].update(user)
                     existing_user_emails.append(
                         users_dict[user['email']]['email'])
-
+                logger.debug("User is in iotlab LDAP slice_record[user] = %s" % slice_user)
 
             # User from another known trusted federated site. Check
             # if a iotlab account matching the email has already been created.
@@ -444,13 +448,13 @@ class IotlabSlices:
                 else:
                     req += users['email']
                 ldap_reslt = self.driver.testbed_shell.ldap.LdapSearch(req)
-
+                logger.debug("LdapSearch slice_record[user] = %s" % slice_user)
                 if ldap_reslt:
                     logger.debug(" IOTLABSLICES.PY \tverify_person users \
                                 USER already in Iotlab \t ldap_reslt %s \
                                 " % (ldap_reslt))
                     existing_users.append(ldap_reslt[1])
-
+                    logger.debug("ldap_reslt slice_record[user] = %s" % slice_user)
                 else:
                     #User not existing in LDAP
                     logger.debug("IOTLABSLICES.PY \tverify_person users \