Changeset 05191a6

Timestamp:

Dec 1, 2008 3:07:40 PM (15 years ago)

Author:

Ted Faber <faber@…>

Branches:

axis_example, compt_changes, info-ops, master, version-1.30, version-2.00, version-3.01, version-3.02

Children:

f816079

Parents:

f069052

Message:

All services use authorizer. Global authorization file, shared routine to read simple authorization files. Fixes some more partial state errors in experiment_control.

Location:

fedd/fedd

Files:

• access.py (modified) (1 diff)
• allocate_project.py (modified) (12 diffs)
• authorizer.py (modified) (4 diffs)
• deter_impl.py (modified) (2 diffs)
• experiment_control.py (modified) (2 diffs)
• remote_service.py (modified) (1 diff)
• server.py (modified) (1 diff)
• split.py (modified) (4 diffs)
• util.py (modified) (2 diffs)

fedd/fedd/access.py

@@ -157 +157 @@
 
 
-        if not config.has_option("access", "project_allocation_uri"):
+        if not config.has_option("allocate", "uri"):
             self.allocate_project = \
                 allocate_project_local(config, auth)

fedd/fedd/allocate_project.py

@@ -48 +48 @@
         """
 
-        self.debug = config.get("access", "debug_project", False)
-        self.wap = config.get('access', 'wap', '/usr/testbed/sbin/wap')
-        self.newproj = config.get('access', 'newproj',
+        self.debug = config.get("allocate", "debug", False)
+        self.wap = config.get('allocate', 'wap', '/usr/testbed/sbin/wap')
+        self.newproj = config.get('allocate', 'newproj',
                 '/usr/testbed/sbin/newproj')
-        self.mkproj = config.get('access', 'mkproj', '/usr/testbed/sbin/mkproj')
-        self.rmproj = config.get('access', 'rmproj', '/usr/testbed/sbin/rmproj')
-        self.addpubkey = config.get('access', 'addpubkey', 
+        self.mkproj = config.get('allocate', 'mkproj', 
+                '/usr/testbed/sbin/mkproj')
+        self.rmproj = config.get('allocate', 'rmproj',
+                '/usr/testbed/sbin/rmproj')
+        self.addpubkey = config.get('allocate', 'addpubkey', 
                 '/usr/testbed/sbin/taddpubkey')
-        self.grantnodetype = config.get('access', 'grantnodetype', 
+        self.grantnodetype = config.get('allocate', 'grantnodetype', 
                 '/usr/testbed/sbin/grantnodetype')
-        self.confirmkey = config.get('access', 'confirmkey', 
+        self.confirmkey = config.get('allocate', 'confirmkey', 
                 '/usr/testbed/sbin/taddpubkey')
-        self.allocation_level = config.get("access", "allocation_level", "none")
+        self.allocation_level = config.get("allocate", "allocation_level", 
+                "none")
         self.log = logging.getLogger("fedd.allocate.local")
+        set_log_level(config, "allocate", self.log)
+
+        if auth:
+            self.auth = auth
+        else:
+            auth = authorizer()
+            log.warn("[allocate] No authorizer passed in, using local one")
 
         try:
@@ -71 +81 @@
             self.allocation_level = self.none
 
-
-        set_log_level(config, "access", self.log)
-        fixed_key_db = config.get("access", "fixed_keys", None)
-        fixed_project_db = config.get("access", "fixed_projects", None)
+        access_db = config.get("allocate", "accessdb")
+        if access_db:
+            try:
+                read_simple_accessdb(access_db, self.auth, 'allocate')
+            except IOError, e:
+                raise service_error(service_error.internal,
+                        "Error reading accessDB %s: %s" % (access_db, e))
+            except ValueError:
+                raise service_error(service_error.internal, "%s" % e)
+
+
+        fixed_key_db = config.get("allocate", "fixed_keys", None)
+        fixed_project_db = config.get("allocate", "fixed_projects", None)
         self.fixed_keys = set()
         self.fixed_projects = set()
@@ -129 +148 @@
         Req includes the project and resources as a dictionary
         """
+
+        # Internal calls do not have a fedid parameter (i.e., local calls on
+        # behalf of already vetted fedids)
+        if fedid and not self.auth.check_attribute(fedid, "allocate"):
+            self.log.debug("[allocate] Access denied (%s)" % fedid)
+            raise service_error(service_error.access, "Access Denied")
 
         if self.allocation_level < self.dynamic_projects:
@@ -256 +281 @@
         cmds =  []
 
+        # Internal calls do not have a fedid parameter (i.e., local calls on
+        # behalf of already vetted fedids)
+        if fedid and not self.auth.check_attribute(fedid, "allocate"):
+            self.log.debug("[allocate] Access denied (%s)" % fedid)
+            raise service_error(service_error.access, "Access Denied")
         # While we should be more careful about this, for the short term, add
         # the keys to the specified users.
@@ -321 +351 @@
         similar protections for projects.
         """
+        # Internal calls do not have a fedid parameter (i.e., local calls on
+        # behalf of already vetted fedids)
+        if fedid and not self.auth.check_attribute(fedid, "allocate"):
+            self.log.debug("[allocate] Access denied (%s)" % fedid)
+            raise service_error(service_error.access, "Access Denied")
 
         cmds = []
@@ -380 +415 @@
         """
 
-        def __init__(self, url, cert_file, cert_pwd, trusted_certs, method):
+        def __init__(self, url, cert_file, cert_pwd, trusted_certs, auth, 
+                method):
             service_caller.__init__(self, method)
             self.url = url
@@ -386 +422 @@
             self.cert_pwd = cert_pwd
             self.trusted_certs = trusted_certs
-            self.resp_name = resp_name
+            self.request_body__name = "%sRequestBody" % method
+            self.resp_name = "%sResponseBody" % method
+            self.auth = auth
             # Calling the proxy object directly invokes the proxy_call method,
             # not the service_call method.
@@ -394 +432 @@
         # Define the proxy, NB, the parameters to make_proxy are visible to the
         # definition of proxy.
-        def proxy_call(self, req, fedid=None):
+        def proxy_call(self, req, fid=None):
             """
             Send req on to a remote project instantiator.
@@ -405 +443 @@
                 req = req[self.request_body_name]
             else:
+                print "request error"
                 raise service_error(service_error.req, "Bad formated request");
 
@@ -412 +451 @@
                 return r[self.resp_name]
             else:
+                print "response error"
                 raise service_error(service_error.protocol, 
                         "Bad proxy response")
@@ -421 +461 @@
         """
 
-        self.debug = config.get("access", "debug_project", False)
-        self.url = config.get("access", "project_allocation_uri", "")
-
-        self.cert_file = config.get("access", "cert_file", None)
-        self.cert_pwd = config.get("access", "cert_pwd", None)
-        self.trusted_certs = config.get("access", "trusted_certs", None)
+        self.debug = config.get("allocate", "debug", False)
+        self.url = config.get("allocate", "uri", "")
+
+        self.cert_file = config.get("allocate", "cert_file", None)
+        self.cert_pwd = config.get("allocate", "cert_pwd", None)
+        self.trusted_certs = config.get("allocate", "trusted_certs", None)
 
         # Certs are promoted from the generic to the specific, so without a if
@@ -457 +497 @@
         self.xmlrpc_services = { }
         self.log = logging.getLogger("fedd.allocate.remote")
-        set_log_level(config, "access", self.log)
+        set_log_level(config, "allocate", self.log)
+
+        if auth:
+            self.auth = auth
+        else:
+            auth = authorizer()
+            log.warn("[allocate] No authorizer passed in, using local one")
 
         # The specializations of the proxy functions
         self.dynamic_project = self.proxy(self.url, self.cert_file, 
-                self.cert_pwd, self.trusted_certs, "AllocateProject")
+                self.cert_pwd, self.trusted_certs, self.auth, 
+                "AllocateProject")
         self.static_project = self.proxy(self.url, self.cert_file, 
-                self.cert_pwd, self.trusted_certs, "StaticProject")
+                self.cert_pwd, self.trusted_certs, self.auth, 
+                "StaticProject")
         self.release_project = self.proxy(self.url, self.cert_file,
-                self.cert_pwd, self.trusted_certs, "ReleaseProject")
-
+                self.cert_pwd, self.trusted_certs, self.auth, 
+                "ReleaseProject")
+

fedd/fedd/authorizer.py

@@ -14 +14 @@
     def __init__(self, def_attr="testbed"):
         self.attrs = { }
+        self.globals=set()
 
     @staticmethod
@@ -86 +87 @@
     def check_attribute(self, name, attr):
         """
-        Return True if name has attr.  Tuple names match any tuple name that
-        matches all names present and has None entries in other fileds.  For
-        tuple names True implies that there is a matching tuple name with the
-        attribute.
+        Return True if name has attr (or if attr is global).  Tuple names match
+        any tuple name that matches all names present and has None entries in
+        other fileds.  For tuple names True implies that there is a matching
+        tuple name with the attribute.
         """
         def tup(tup, i, p):
@@ -97 +98 @@
 
         self.valid_name(name)
+        if attr in self.globals:
+            return True
 
         if isinstance(name, tuple):
@@ -107 +110 @@
             return  attr in self.attrs.get(self.auth_name(name), set())
 
+    def set_global_attribute(self, attr):
+        """
+        Set a global attribute.  All names, even those otherwise unknown to the
+        authorizer have this attribute.
+        """
+        self.globals.add(attr)
 
+    def unset_global_attribute(self, attr):
+        """
+        Remove a global attribute
+        """
+
+        self.globals.discard(attr)
+

fedd/fedd/deter_impl.py

@@ -4 +4 @@
 from experiment_control import experiment_control_local
 from split import split_local
+from util import read_simple_accessdb
 
 from authorizer import authorizer
@@ -32 +33 @@
             self.trusted_certs = config.get("globals", "trusted_certs");
 
+            access_db = config.get("globals", "accessdb")
+
+            if access_db:
+                try:
+                    read_simple_accessdb(access_db, self.auth)
+                except IOError, e:
+                    raise service_error(service_error.internal,
+                            "Error reading accessDB %s: %s" % (access_db, e))
+                except ValueError:
+                    raise service_error(service_error.internal, "%s" % e)
+
             if config.has_section("access"):
                 self.access = access(config, self.auth)

fedd/fedd/experiment_control.py

@@ -1537 +1537 @@
             self.state_lock.release()
 
-        try:
-            self.generate_ssh_keys(gw_secretkey, self.ssh_type)
-        except ValueError:
-            raise service_error(service_error.server_config, 
-                    "Bad key type (%s)" % self.ssh_type)
-
-        user = req.get('user', None)
-        if user == None:
-            raise service_error(service_error.req, "No user")
-
-        master = req.get('master', None)
-        if not master:
-            raise service_error(service_error.req, "No master testbed label")
-        export_project = req.get('exportProject', None)
-        if not export_project:
-            raise service_error(service_error.req, "No export project")
-        
-        if self.splitter_url:
-            self.log.debug("Calling remote splitter at %s" % self.splitter_url)
-            split_data = self.remote_splitter(self.splitter_url, file_content,
-                    master)
-        else:
-            tclcmd = [self.tclsh, self.tcl_splitter, '-s', '-x', 
-                str(self.muxmax), '-m', master]
-
-            if self.fedkit:
-                tclcmd.append('-k')
-
-            tclcmd.extend([pid, gid, eid, tclfile])
-
-            self.log.debug("running local splitter %s", " ".join(tclcmd))
-            tclparser = Popen(tclcmd, stdout=PIPE)
-            split_data = tclparser.stdout
-
-        allocated = { }     # Testbeds we can access
-        started = { }       # Testbeds where a sub-experiment started 
-                            # successfully
-
-        # Objects to parse the splitter output (defined above)
-        parse_current_testbed = self.current_testbed(eid, tmpdir, self.fedkit)
-        parse_allbeds = self.allbeds(self.get_access)
-        parse_gateways = self.gateways(eid, master, tmpdir,
-                gw_pubkey_base, gw_secretkey_base, self.copy_file, self.fedkit)
-        parse_vtopo = self.shunt_to_string("^#\s+Begin\s+Vtopo",
-                    "^#\s+End\s+Vtopo")
-        parse_hostnames = self.shunt_to_file("^#\s+Begin\s+hostnames",
-                    "^#\s+End\s+hostnames", tmpdir + "/hosts")
-        parse_tarfiles = self.shunt_to_list("^#\s+Begin\s+tarfiles",
-                "^#\s+End\s+tarfiles")
-        parse_rpms = self.shunt_to_list("^#\s+Begin\s+rpms",
-                "^#\s+End\s+rpms")
-
         try: 
+            # This catches exceptions to clear the placeholder if necessary
+            try:
+                self.generate_ssh_keys(gw_secretkey, self.ssh_type)
+            except ValueError:
+                raise service_error(service_error.server_config, 
+                        "Bad key type (%s)" % self.ssh_type)
+
+            user = req.get('user', None)
+            if user == None:
+                raise service_error(service_error.req, "No user")
+
+            master = req.get('master', None)
+            if not master:
+                raise service_error(service_error.req,
+                        "No master testbed label")
+            export_project = req.get('exportProject', None)
+            if not export_project:
+                raise service_error(service_error.req, "No export project")
+            
+            if self.splitter_url:
+                self.log.debug("Calling remote splitter at %s" % \
+                        self.splitter_url)
+                split_data = self.remote_splitter(self.splitter_url,
+                        file_content, master)
+            else:
+                tclcmd = [self.tclsh, self.tcl_splitter, '-s', '-x', 
+                    str(self.muxmax), '-m', master]
+
+                if self.fedkit:
+                    tclcmd.append('-k')
+
+                tclcmd.extend([pid, gid, eid, tclfile])
+
+                self.log.debug("running local splitter %s", " ".join(tclcmd))
+                tclparser = Popen(tclcmd, stdout=PIPE)
+                split_data = tclparser.stdout
+
+            allocated = { }         # Testbeds we can access
+            started = { }           # Testbeds where a sub-experiment started 
+                                # successfully
+
+            # Objects to parse the splitter output (defined above)
+            parse_current_testbed = self.current_testbed(eid, tmpdir,
+                    self.fedkit)
+            parse_allbeds = self.allbeds(self.get_access)
+            parse_gateways = self.gateways(eid, master, tmpdir,
+                    gw_pubkey_base, gw_secretkey_base, self.copy_file,
+                    self.fedkit)
+            parse_vtopo = self.shunt_to_string("^#\s+Begin\s+Vtopo",
+                        "^#\s+End\s+Vtopo")
+            parse_hostnames = self.shunt_to_file("^#\s+Begin\s+hostnames",
+                        "^#\s+End\s+hostnames", tmpdir + "/hosts")
+            parse_tarfiles = self.shunt_to_list("^#\s+Begin\s+tarfiles",
+                    "^#\s+End\s+tarfiles")
+            parse_rpms = self.shunt_to_list("^#\s+Begin\s+rpms",
+                    "^#\s+End\s+rpms")
+
             # Working on the split data
             for line in split_data:
@@ -1611 +1616 @@
                     raise service_error(service_error.internal, 
                             "Bad tcl parse? %s" % line)
+            # Virtual topology and visualization
+            vtopo = self.gentopo(parse_vtopo.str)
+            if not vtopo:
+                raise service_error(service_error.internal, 
+                        "Failed to generate virtual topology")
+
+            vis = self.genviz(vtopo)
+            if not vis:
+                raise service_error(service_error.internal, 
+                        "Failed to generate visualization")
+            
+            # save federant information
+            for k in allocated.keys():
+                tbparams[k]['federant'] = {\
+                        'name': [ { 'localname' : eid} ],\
+                        'emulab': tbparams[k]['emulab'],\
+                        'allocID' : tbparams[k]['allocID'],\
+                        'master' : k == master,\
+                    }
+
+
+            # Copy tarfiles and rpms needed at remote sites into a staging area
+            try:
+                if self.fedkit:
+                    parse_tarfiles.list.append(self.fedkit)
+                for t in parse_tarfiles.list:
+                    if not os.path.exists("%s/tarfiles" % tmpdir):
+                        os.mkdir("%s/tarfiles" % tmpdir)
+                    self.copy_file(t, "%s/tarfiles/%s" % \
+                            (tmpdir, os.path.basename(t)))
+                for r in parse_rpms.list:
+                    if not os.path.exists("%s/rpms" % tmpdir):
+                        os.mkdir("%s/rpms" % tmpdir)
+                    self.copy_file(r, "%s/rpms/%s" % \
+                            (tmpdir, os.path.basename(r)))
+            except IOError, e:
+                raise service_error(service_error.internal, 
+                        "Cannot stage tarfile/rpm: %s" % e.strerror)
+
         except service_error, e:
             # If something goes wrong in the parse (usually an access error)
-            # clear the placeholder state
+            # clear the placeholder state.  From here on out the code delays
+            # exceptions.
             self.state_lock.acquire()
             del self.state[eid]
             self.state_lock.release()
             raise e
-        
-        # Virtual topology and visualization
-        vtopo = self.gentopo(parse_vtopo.str)
-        if not vtopo:
-            raise service_error(service_error.internal, 
-                    "Failed to generate virtual topology")
-
-        vis = self.genviz(vtopo)
-        if not vis:
-            raise service_error(service_error.internal, 
-                    "Failed to generate visualization")
-
-        # save federant information
-        for k in allocated.keys():
-            tbparams[k]['federant'] = {\
-                    'name': [ { 'localname' : eid} ],\
-                    'emulab': tbparams[k]['emulab'],\
-                    'allocID' : tbparams[k]['allocID'],\
-                    'master' : k == master,\
-                }
-
-
-        # Copy tarfiles and rpms needed at remote sites into a staging area
-        try:
-            if self.fedkit:
-                parse_tarfiles.list.append(self.fedkit)
-            for t in parse_tarfiles.list:
-                if not os.path.exists("%s/tarfiles" % tmpdir):
-                    os.mkdir("%s/tarfiles" % tmpdir)
-                self.copy_file(t, "%s/tarfiles/%s" % \
-                        (tmpdir, os.path.basename(t)))
-            for r in parse_rpms.list:
-                if not os.path.exists("%s/rpms" % tmpdir):
-                    os.mkdir("%s/rpms" % tmpdir)
-                self.copy_file(r, "%s/rpms/%s" % \
-                        (tmpdir, os.path.basename(r)))
-        except IOError, e:
-            raise service_error(service_error.internal, 
-                    "Cannot stage tarfile/rpm: %s" % e.strerror)
 
         thread_pool_info = self.thread_pool()

fedd/fedd/remote_service.py

@@ -227 +227 @@
         resp = self.constructor()
         set_element = getattr(resp, "set_element_%s" % self.body_name, None)
-        print "set_element_%s" % self.body_name
         if set_element and callable(set_element):
             try:

fedd/fedd/server.py

@@ -40 +40 @@
         self.log = logging.getLogger("fedd")
 
-    def handle_error(self, request, address):
+    def ahandle_error(self, request, address):
         """
         The default SSLServer prints a stack trace here.  This is a little

fedd/fedd/split.py

@@ -10 +10 @@
 from remote_service import xmlrpc_handler, soap_handler
 from service_error import *
+from authorizer import authorizer
 
 
@@ -23 +24 @@
         Intialize the various attributes, most from the config object
         """
-        if config.has_section("splitter"):
-            self.debug = config.getboolean("splitter", "debug")
-            self.muxmax = config.getint("splitter", "muxmax", 3)
-            self.tclsh = config.get("splitter", "tclsh", 
-                    "/usr/local/bin/otclsh")
-            self.tcl_splitter = config.get("splitter", "tcl_splitter",
-                    "/usr/testbed/lib/ns2ir/parse.tcl")
-        else:
-            self.debug = False
-            self.muxmax = 3
-            self.tclsh = "/usr/local/bin/otclsh"
-            self.tcl_splitter = "/usr/testbed/lib/ns2ir/parse.tcl"
+        self.debug = config.getboolean("splitter", "debug")
+        self.muxmax = config.getint("splitter", "muxmax", 3)
+        self.tclsh = config.get("splitter", "tclsh", 
+                "/usr/local/bin/otclsh")
+        self.tcl_splitter = config.get("splitter", "tcl_splitter",
+                "/usr/testbed/lib/ns2ir/parse.tcl")
+        access_db = config.get("splitter", "access_db", None)
+        allow_any = config.getboolean("splitter", "allow_any", False)
 
         self.log = logging.getLogger("fedd.splitter")
@@ -41 +38 @@
 
         set_log_level(config, "splitter", self.log)
+
+        if auth:
+            self.auth= auth
+        else:
+            self.auth = authorizer()
+            self.log.warning("[splitter] No authorizer passed in, " +\
+                    "using local one")
+
+        if access_db and allow_any: 
+            raise service_error(service_error.internal, 
+                    "Cannot specify both an access database and allow_any " +\
+                            "for splitter")
+        
+        if access_db:
+            try:
+                read_simple_accessdb(access_db, self.auth, 'split')
+            except IOError, e:
+                raise service_error(service_error.internal,
+                        "Error reading accessDB %s: %s" % (access_db, e))
+            except ValueError:
+                raise service_error(service_error.internal, "%s" % e)
+        elif allow_any:
+            auth.set_global_attribute("split")
+
+
         # Dispatch tables
         self.soap_services = {\
@@ -60 +82 @@
         to instantiate them and start it all up.
         """
+
+        if not self.auth.check_attribute(fid, 'split'):
+            raise service_error(service_error.access, "Access Denied")
+
         try:
             tmpdir = tempfile.mkdtemp(prefix="split-")

fedd/fedd/util.py

@@ -1 +1 @@
 #!/usr/local/bin/python
 
+import re
+import string
 import logging
 
@@ -44 +46 @@
                 callback=SSL.cb.ssl_verify_callback_allow_unknown_ca)
 
+def read_simple_accessdb(fn, auth, mask=[]):
+    """
+    Read a simple access database.  Each line is a fedid (of the form
+    fedid:hexstring) and a comma separated list of atributes to be assigned to
+    it.  This parses out the fedids and adds the attributes to the authorizer.
+    comments (preceded with a #) and blank lines are ignored.  Exceptions (e.g.
+    file exceptions and ValueErrors from badly parsed lines) are propagated.
+    """
+
+    rv = [ ]
+    lineno = 0
+    fedid_line = re.compile("fedid:([" + string.hexdigits + "]+)\s+" +\
+            "(\w+\s*(,\s*\w+)*)")
+
+    # If a single string came in, make it a list
+    if isinstance(mask, basestring): mask = [ mask ]
+
+    f = open(fn, 'r')
+    for line in f:
+        lineno += 1
+        line = line.strip()
+        if line.startswith('#') or len(line) == 0: 
+            continue
+        m = fedid_line.match(line)
+        if m :
+            fid = fedid(hexstr=m.group(1))
+            for a in [ a.strip() for a in m.group(2).split(",") \
+                    if not mask or a.strip() in mask ]:
+                auth.set_attribute(fid, a.strip())
+        else:
+            raise ValueError("Badly formatted line in accessdb: %s line %d" %\
+                    (nf, lineno))
+    f.close()
+    return rv
+        
+
 def pack_id(id):
     """