Changeset 05191a6 for fedd/fedd/allocate_project.py
- Timestamp:
- Dec 1, 2008 3:07:40 PM (15 years ago)
- Branches:
- axis_example, compt_changes, info-ops, master, version-1.30, version-2.00, version-3.01, version-3.02
- Children:
- f816079
- Parents:
- f069052
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
fedd/fedd/allocate_project.py
rf069052 r05191a6 48 48 """ 49 49 50 self.debug = config.get("a ccess", "debug_project", False)51 self.wap = config.get('a ccess', 'wap', '/usr/testbed/sbin/wap')52 self.newproj = config.get('a ccess', 'newproj',50 self.debug = config.get("allocate", "debug", False) 51 self.wap = config.get('allocate', 'wap', '/usr/testbed/sbin/wap') 52 self.newproj = config.get('allocate', 'newproj', 53 53 '/usr/testbed/sbin/newproj') 54 self.mkproj = config.get('access', 'mkproj', '/usr/testbed/sbin/mkproj') 55 self.rmproj = config.get('access', 'rmproj', '/usr/testbed/sbin/rmproj') 56 self.addpubkey = config.get('access', 'addpubkey', 54 self.mkproj = config.get('allocate', 'mkproj', 55 '/usr/testbed/sbin/mkproj') 56 self.rmproj = config.get('allocate', 'rmproj', 57 '/usr/testbed/sbin/rmproj') 58 self.addpubkey = config.get('allocate', 'addpubkey', 57 59 '/usr/testbed/sbin/taddpubkey') 58 self.grantnodetype = config.get('a ccess', 'grantnodetype',60 self.grantnodetype = config.get('allocate', 'grantnodetype', 59 61 '/usr/testbed/sbin/grantnodetype') 60 self.confirmkey = config.get('a ccess', 'confirmkey',62 self.confirmkey = config.get('allocate', 'confirmkey', 61 63 '/usr/testbed/sbin/taddpubkey') 62 self.allocation_level = config.get("access", "allocation_level", "none") 64 self.allocation_level = config.get("allocate", "allocation_level", 65 "none") 63 66 self.log = logging.getLogger("fedd.allocate.local") 67 set_log_level(config, "allocate", self.log) 68 69 if auth: 70 self.auth = auth 71 else: 72 auth = authorizer() 73 log.warn("[allocate] No authorizer passed in, using local one") 64 74 65 75 try: … … 71 81 self.allocation_level = self.none 72 82 73 74 set_log_level(config, "access", self.log) 75 fixed_key_db = config.get("access", "fixed_keys", None) 76 fixed_project_db = config.get("access", "fixed_projects", None) 83 access_db = config.get("allocate", "accessdb") 84 if access_db: 85 try: 86 read_simple_accessdb(access_db, self.auth, 'allocate') 87 except IOError, e: 88 raise service_error(service_error.internal, 89 "Error reading accessDB %s: %s" % (access_db, e)) 90 except ValueError: 91 raise service_error(service_error.internal, "%s" % e) 92 93 94 fixed_key_db = config.get("allocate", "fixed_keys", None) 95 fixed_project_db = config.get("allocate", "fixed_projects", None) 77 96 self.fixed_keys = set() 78 97 self.fixed_projects = set() … … 129 148 Req includes the project and resources as a dictionary 130 149 """ 150 151 # Internal calls do not have a fedid parameter (i.e., local calls on 152 # behalf of already vetted fedids) 153 if fedid and not self.auth.check_attribute(fedid, "allocate"): 154 self.log.debug("[allocate] Access denied (%s)" % fedid) 155 raise service_error(service_error.access, "Access Denied") 131 156 132 157 if self.allocation_level < self.dynamic_projects: … … 256 281 cmds = [] 257 282 283 # Internal calls do not have a fedid parameter (i.e., local calls on 284 # behalf of already vetted fedids) 285 if fedid and not self.auth.check_attribute(fedid, "allocate"): 286 self.log.debug("[allocate] Access denied (%s)" % fedid) 287 raise service_error(service_error.access, "Access Denied") 258 288 # While we should be more careful about this, for the short term, add 259 289 # the keys to the specified users. … … 321 351 similar protections for projects. 322 352 """ 353 # Internal calls do not have a fedid parameter (i.e., local calls on 354 # behalf of already vetted fedids) 355 if fedid and not self.auth.check_attribute(fedid, "allocate"): 356 self.log.debug("[allocate] Access denied (%s)" % fedid) 357 raise service_error(service_error.access, "Access Denied") 323 358 324 359 cmds = [] … … 380 415 """ 381 416 382 def __init__(self, url, cert_file, cert_pwd, trusted_certs, method): 417 def __init__(self, url, cert_file, cert_pwd, trusted_certs, auth, 418 method): 383 419 service_caller.__init__(self, method) 384 420 self.url = url … … 386 422 self.cert_pwd = cert_pwd 387 423 self.trusted_certs = trusted_certs 388 self.resp_name = resp_name 424 self.request_body__name = "%sRequestBody" % method 425 self.resp_name = "%sResponseBody" % method 426 self.auth = auth 389 427 # Calling the proxy object directly invokes the proxy_call method, 390 428 # not the service_call method. … … 394 432 # Define the proxy, NB, the parameters to make_proxy are visible to the 395 433 # definition of proxy. 396 def proxy_call(self, req, f edid=None):434 def proxy_call(self, req, fid=None): 397 435 """ 398 436 Send req on to a remote project instantiator. … … 405 443 req = req[self.request_body_name] 406 444 else: 445 print "request error" 407 446 raise service_error(service_error.req, "Bad formated request"); 408 447 … … 412 451 return r[self.resp_name] 413 452 else: 453 print "response error" 414 454 raise service_error(service_error.protocol, 415 455 "Bad proxy response") … … 421 461 """ 422 462 423 self.debug = config.get("a ccess", "debug_project", False)424 self.url = config.get("a ccess", "project_allocation_uri", "")425 426 self.cert_file = config.get("a ccess", "cert_file", None)427 self.cert_pwd = config.get("a ccess", "cert_pwd", None)428 self.trusted_certs = config.get("a ccess", "trusted_certs", None)463 self.debug = config.get("allocate", "debug", False) 464 self.url = config.get("allocate", "uri", "") 465 466 self.cert_file = config.get("allocate", "cert_file", None) 467 self.cert_pwd = config.get("allocate", "cert_pwd", None) 468 self.trusted_certs = config.get("allocate", "trusted_certs", None) 429 469 430 470 # Certs are promoted from the generic to the specific, so without a if … … 457 497 self.xmlrpc_services = { } 458 498 self.log = logging.getLogger("fedd.allocate.remote") 459 set_log_level(config, "access", self.log) 499 set_log_level(config, "allocate", self.log) 500 501 if auth: 502 self.auth = auth 503 else: 504 auth = authorizer() 505 log.warn("[allocate] No authorizer passed in, using local one") 460 506 461 507 # The specializations of the proxy functions 462 508 self.dynamic_project = self.proxy(self.url, self.cert_file, 463 self.cert_pwd, self.trusted_certs, "AllocateProject") 509 self.cert_pwd, self.trusted_certs, self.auth, 510 "AllocateProject") 464 511 self.static_project = self.proxy(self.url, self.cert_file, 465 self.cert_pwd, self.trusted_certs, "StaticProject") 512 self.cert_pwd, self.trusted_certs, self.auth, 513 "StaticProject") 466 514 self.release_project = self.proxy(self.url, self.cert_file, 467 self.cert_pwd, self.trusted_certs, "ReleaseProject") 468 515 self.cert_pwd, self.trusted_certs, self.auth, 516 "ReleaseProject") 517
Note: See TracChangeset
for help on using the changeset viewer.