1 | #!/usr/local/bin/python |
---|
2 | |
---|
3 | from access import access |
---|
4 | from experiment_control import experiment_control_local |
---|
5 | from split import split_local |
---|
6 | from util import read_simple_accessdb |
---|
7 | |
---|
8 | from authorizer import authorizer |
---|
9 | |
---|
10 | class deter_impl: |
---|
11 | """ |
---|
12 | The implementation of access control based on mapping users to projects. |
---|
13 | |
---|
14 | Users can be mapped to existing projects or have projects created |
---|
15 | dynamically. This implements both direct requests and proxies. |
---|
16 | """ |
---|
17 | # Used by the SOAP caller |
---|
18 | soap_namespaces = ('http://www.isi.edu/faber/fedd.wsdl', |
---|
19 | 'http://www.isi.edu/faber/fedd_internal.wsdl') |
---|
20 | |
---|
21 | def __init__(self, config=None): |
---|
22 | """ |
---|
23 | Initializer. Uses the parsed configuration to create appropriate |
---|
24 | components. |
---|
25 | """ |
---|
26 | self.soap_services = { } |
---|
27 | self.xmlrpc_services = { } |
---|
28 | self.auth = authorizer() |
---|
29 | |
---|
30 | if config: |
---|
31 | self.cert_file = config.get("globals", "cert_file"); |
---|
32 | self.cert_pwd = config.get("globals", "cert_pwd"); |
---|
33 | self.trusted_certs = config.get("globals", "trusted_certs"); |
---|
34 | |
---|
35 | access_db = config.get("globals", "accessdb") |
---|
36 | |
---|
37 | if access_db: |
---|
38 | try: |
---|
39 | read_simple_accessdb(access_db, self.auth) |
---|
40 | except IOError, e: |
---|
41 | raise RuntimeError( |
---|
42 | "Error reading accessDB %s: %s" % (access_db, e)) |
---|
43 | except ValueError: |
---|
44 | raise RuntimeError("%s" % e) |
---|
45 | |
---|
46 | if config.has_section("access"): |
---|
47 | self.access = access(config, self.auth) |
---|
48 | self.soap_services.update(self.access.soap_services) |
---|
49 | self.xmlrpc_services.update(self.access.xmlrpc_services) |
---|
50 | |
---|
51 | if config.has_section("experiment_control"): |
---|
52 | self.experiment = \ |
---|
53 | experiment_control_local(config, self.auth) |
---|
54 | # Tell the experiment control where local access control is and |
---|
55 | # what testbeds it pertains to. |
---|
56 | if getattr(self, 'access', None): |
---|
57 | for t in self.access.testbed: |
---|
58 | self.experiment.local_access[t] = self.access |
---|
59 | |
---|
60 | self.soap_services.update(self.experiment.soap_services) |
---|
61 | self.xmlrpc_services.update(self.experiment.xmlrpc_services) |
---|
62 | self.get_handler = self.experiment.get_handler |
---|
63 | else: |
---|
64 | self.get_handler = self.experiment.get_handler |
---|
65 | |
---|
66 | if config.has_section("splitter"): |
---|
67 | self.splitter = split_local(config, self.auth) |
---|
68 | self.soap_services.update(self.splitter.soap_services) |
---|
69 | self.xmlrpc_services.update(self.splitter.xmlrpc_services) |
---|
70 | |
---|
71 | def new_feddservice(config): |
---|
72 | return deter_impl(config) |
---|