- Timestamp:
- Nov 26, 2008 3:11:26 PM (16 years ago)
- Branches:
- axis_example, compt_changes, info-ops, master, version-1.30, version-2.00, version-3.01, version-3.02
- Children:
- 0ea5050
- Parents:
- 40eab39
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
fedd/fedd_allocate_project.py
r40eab39 r93a06fb 33 33 Allocate projects on this machine in response to an access request. 34 34 """ 35 dynamic_projects = 4 36 dynamic_keys= 2 37 confirm_keys = 1 38 none = 0 39 40 levels = { 41 'dynamic_projects': dynamic_projects, 42 'dynamic_keys': dynamic_keys, 43 'confirm_keys': confirm_keys, 44 'none': none, 45 } 46 35 47 def __init__(self, config, auth=None): 36 48 """ … … 48 60 self.grantnodetype = config.get('access', 'grantnodetype', 49 61 '/usr/testbed/sbin/grantnodetype') 62 self.confirmkey = config.get('access', 'confirmkey', 63 '/usr/testbed/sbin/taddpubkey') 64 self.allocation_level = config.get("access", "allocation_level", "none") 50 65 self.log = logging.getLogger("fedd.allocate.local") 66 67 try: 68 self.allocation_level = \ 69 self.levels[self.allocation_level.strip().lower()] 70 except KeyError: 71 self.log.error("Bad allocation_level %s. Defaulting to none" % \ 72 self.allocation_error) 73 self.allocation_level = self.none 74 75 51 76 set_log_level(config, "access", self.log) 52 77 fixed_key_db = config.get("access", "fixed_keys", None) … … 112 137 Req includes the project and resources as a dictionary 113 138 """ 139 140 if self.allocation_level < self.dynamic_projects: 141 raise service_error(service_error.access, 142 "[dynamic_project] dynamic project allocation not " + \ 143 "permitted: check allocation level") 114 144 # tempfiles for the parameter files 115 145 uf, userfile = tempfile.mkstemp(prefix="usr", suffix=".xml", … … 254 284 for sk in [ k['sshPubkey'] for k in u.get('access', []) \ 255 285 if k.has_key('sshPubkey')]: 256 cmds.append((self.wap, self.addpubkey, '-w', \ 257 '-u', name, '-k', sk)) 286 if self.allocation_level >= self.dynamic_keys: 287 cmds.append((self.wap, self.addpubkey, '-w', \ 288 '-u', name, '-k', sk)) 289 elif self.allocation_level >= self.confirm_keys: 290 cmds.append((self.wap, self.confirmkey, '-C', \ 291 '-u', name, '-k', sk)) 292 else: 293 self.log.warning("[static_project] no checking of " + \ 294 "static keys") 258 295 259 296 … … 264 301 if r.has_key('node') and r['node'].has_key('hardware')\ 265 302 for h in r['node']['hardware'] ] : 266 cmds.append((self.wap, self.grantnodetype, '-p', pname, nt)) 303 if self.allocation_level >= self.confirm_keys: 304 cmds.append((self.wap, self.grantnodetype, '-p', pname, nt)) 267 305 268 306 # Run the commands … … 314 352 if k.has_key('sshPubkey')]: 315 353 if (name.rstrip(), sk.rstrip()) not in self.fixed_keys: 316 cmds.append((self.wap, self.addpubkey, '-R', '-w', \ 317 '-u', name, '-k', sk)) 318 if pname and pname not in self.fixed_projects: 354 if self.allocation_level >= self.dynamic_keys: 355 cmds.append((self.wap, self.addpubkey, '-R', '-w', \ 356 '-u', name, '-k', sk)) 357 if pname and pname not in self.fixed_projects and \ 358 self.allocation_level >= self.dynamic_projects: 319 359 cmds.append((self.wap, self.rmproj, pname)) 320 360 … … 393 433 394 434 self.debug = config.get("access", "debug_project", False) 395 self.url = config.get("access", " dynamic_projects_url", "")435 self.url = config.get("access", "project_allocation_uri", "") 396 436 397 437 self.cert_file = config.get("access", "cert_file", None) … … 429 469 self.log = logging.getLogger("fedd.allocate.remote") 430 470 set_log_level(config, "access", self.log) 471 431 472 # The specializations of the proxy functions 432 473 self.dynamic_project = self.proxy(self.url, self.cert_file,
Note: See TracChangeset
for help on using the changeset viewer.