- Timestamp:
- Dec 8, 2009 5:45:03 PM (15 years ago)
- Branches:
- axis_example, compt_changes, info-ops, master, version-3.01, version-3.02
- Children:
- 99eb8cf
- Parents:
- 7d2814a
- Location:
- fedd/federation
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
fedd/federation/emulab_access.py
r7d2814a r3bddd24 68 68 self.certdir = config.get("access","certdir") 69 69 self.ssh_privkey_file = config.get("access","ssh_privkey_file") 70 self.ssh_pubkey_file = config.get("access","ssh_pubkey_file") 70 71 self.create_debug = config.getboolean("access", "create_debug") 71 72 self.cleanup = not config.getboolean("access", "leave_tmpfiles") … … 365 366 The fedid is needed to construct the request 366 367 """ 368 user_re = re.compile("user:\s(.*)") 369 project_re = re.compile("project:\s(.*)") 370 367 371 # Search keys 368 372 tb = None … … 373 377 ru = None 374 378 375 if req.has_key('project'): 376 p = req['project'] 377 if p.has_key('name'): 378 project = unpack_id(p['name']) 379 user = self.get_users(p) 380 else: 381 user = self.get_users(req) 379 user = [ user_re.findall(x)[0] for x in req.get('credential', []) \ 380 if user_re.match(x)] 381 project = [ project_re.findall(x)[0] \ 382 for x in req.get('credential', []) \ 383 if project_re.match(x)] 384 385 if len(project) == 1: project = project[0] 386 elif len(project) == 0: project = None 387 else: 388 raise service_error(service_error.req, 389 "More than one project credential") 390 382 391 383 392 user_fedids = [ u for u in user if isinstance(u, fedid)] … … 553 562 "Access denied (nodetypes %s)" % \ 554 563 str(', ').join(inaccessible)) 555 # These collect the keys for the two roles into single sets, one 556 # for creation and one for service. The sets are a simple way to 557 # eliminate duplicates 558 create_ssh = set([ x['sshPubkey'] \ 559 for x in req['createAccess'] \ 560 if x.has_key('sshPubkey')]) 561 562 service_ssh = set([ x['sshPubkey'] \ 563 for x in req['serviceAccess'] \ 564 if x.has_key('sshPubkey')]) 564 565 # These were passed around before, but now are hidden from users 566 # and configurators alike, beyond a configuration file entry. 567 create_ssh = [ self.ssh_pubkey_file ] 568 service_ssh = [ self.ssh_pubkey_file ] 565 569 566 570 if len(create_ssh) > 0 and len(service_ssh) >0: -
fedd/federation/experiment_control.py
r7d2814a r3bddd24 762 762 req = {\ 763 763 'destinationTestbed' : { 'uri' : uri }, 764 'project': { 765 'name': {'localname': p}, 766 'user': [ {'userID': { 'localname': u } } ], 767 }, 768 'user': user, 764 'credential': [ "project: %s" % p, "user: %s" % u], 769 765 'allocID' : { 'localname': 'test' }, 770 'createAccess' : [ { 'sshPubkey' : self.ssh_pubkey } ],771 'serviceAccess' : service_keys772 766 } 773 767 else: … … 775 769 req = {\ 776 770 'destinationTestbed' : { 'uri' : uri }, 771 'credential': [ 'user: %s' % u ], 777 772 'user': [ {'userID': { 'localname': u } } ], 778 773 'allocID' : { 'localname': 'test' }, 779 'createAccess' : [ { 'sshPubkey' : self.ssh_pubkey } ],780 'serviceAccess' : service_keys781 774 } 782 775
Note: See TracChangeset
for help on using the changeset viewer.