Changeset c65b7e4
- Timestamp:
- Dec 10, 2010 6:25:50 PM (14 years ago)
- Branches:
- axis_example, compt_changes, info-ops, master
- Children:
- 9973d57
- Parents:
- b16cfc0
- Location:
- fedd/federation
- Files:
-
- 6 edited
Legend:
- Unmodified
- Added
- Removed
-
fedd/federation/access.py
rb16cfc0 rc65b7e4 233 233 self.log.warning(("[read_state]: No saved state: " + \ 234 234 "Unpickling failed: %s") % e) 235 236 def append_allocation_authorization(self, aid, attrs, 237 need_state_lock=False, write_state_file=False, state_attr='state'): 238 """ 239 Append the authorization information to system state. By default we 240 assume this is called with the state lock and with a write of the state 241 file in the near future, need_state_lock and write_state_file can 242 override this. The state_attr is the attribute in the access class 243 that holds the per allocation information. Some complex classes use 244 different names for the dict. 245 """ 246 247 for p, a in attrs: 248 self.auth.set_attribute(p, a) 249 self.auth.save() 250 251 if need_state_lock: self.state_lock.acquire() 252 d = getattr(self, state_attr) 253 if aid in d and 'auth' in d[aid]: 254 d[aid]['auth'].update(attrs) 255 if write_state_file: self.write_state() 256 if need_state_lock: self.state_lock.release() 257 258 def clear_allocation_authorization(self, aid, need_state_lock=False, 259 write_state_file=False, state_attr='state'): 260 """ 261 Attrs is a set of attribute principal pairs that need to be removed 262 from the authenticator. Remove them and save the authenticator. See 263 append_allocation_authorization for the various overrides. 264 """ 265 266 if need_state_lock: self.state_lock.acquire() 267 d = getattr(self, state_attr) 268 if aid in d and 'auth' in d[aid]: 269 for p, a in d[aid]['auth']: 270 self.auth.unset_attribute(p, a) 271 d[aid]['auth'] = set() 272 if write_state_file: self.write_state() 273 if need_state_lock: self.state_lock.release() 274 self.auth.save() 235 275 236 276 def lookup_access(self, req, fid, filter=None, compare=None): -
fedd/federation/deter_internal_access.py
rb16cfc0 rc65b7e4 166 166 self.state[aid]['owners'] = owners 167 167 self.state[aid]['vlan'] = None 168 self.state[aid]['auth'] = set() 169 self.append_allocation_authorization(aid, 170 ((fid, allocID),(allocID, allocID))) 168 171 self.write_state() 169 172 self.state_lock.release() 170 self.auth.set_attribute(fid, allocID)171 self.auth.set_attribute(allocID, allocID)172 self.auth.save()173 173 174 174 try: … … 209 209 if self.state.has_key(aid): 210 210 self.log.debug("Found allocation for %s" %aid) 211 self.clear_allocation_authorization(aid) 211 212 del self.state[aid] 212 213 self.write_state() -
fedd/federation/dragon_access.py
rb16cfc0 rc65b7e4 149 149 self.state[aid]['user'] = found 150 150 self.state[aid]['owners'] = owners 151 self.state[aid]['auth'] = set() 152 self.append_allocation_authorization(aid, 153 ((fid, allocID),(allocID, allocID))) 151 154 self.write_state() 152 155 self.state_lock.release() 153 self.auth.set_attribute(fid, allocID)154 self.auth.set_attribute(allocID, allocID)155 self.auth.save()156 156 157 157 try: … … 191 191 if self.state.has_key(aid): 192 192 self.log.debug("Found allocation for %s" %aid) 193 self.clear_allocation_authorization(aid) 193 194 del self.state[aid] 194 195 self.write_state() -
fedd/federation/emulab_access.py
rb16cfc0 rc65b7e4 254 254 'Bad mapping (unbalanced parens or more than 1 comma)') 255 255 256 257 256 # RequestAccess support routines 258 257 … … 384 383 self.state_lock.acquire() 385 384 self.allocation[aid] = { } 385 self.allocation[aid]['auth'] = set() 386 386 try: 387 387 pname = ap['project']['name']['localname'] … … 511 511 for k, v in svc_state.items(): 512 512 self.allocation[aid][k] = v 513 self.append_allocation_authorization(aid, 514 set([(o, allocID) for o in owners]), state_attr='allocation') 513 515 self.write_state() 514 516 self.state_lock.release() 515 # Give the owners the right to change this allocation516 for o in owners:517 self.auth.set_attribute(o, allocID)518 self.auth.save()519 517 try: 520 518 f = open("%s/%s.pem" % (self.certdir, aid), "w") … … 591 589 if aid in self.allocation: 592 590 self.log.debug("Found allocation for %s" %aid) 591 self.clear_allocation_authorization(aid, state_attr='allocation') 593 592 for k in self.allocation[aid]['keys']: 594 593 kk = "%s:%s" % k -
fedd/federation/protogeni_access.py
rb16cfc0 rc65b7e4 275 275 # The list of owner FIDs 276 276 self.allocation[aid]['owners'] = owners 277 self.allocation[aid]['auth'] = set() 278 self.append_allocation_authorization(aid, 279 ((fid, allocID), (allocID, allocID)), state_attr='allocation') 277 280 self.write_state() 278 281 self.state_lock.release() 279 self.auth.set_attribute(fid, allocID)280 self.auth.set_attribute(allocID, allocID)281 self.auth.save()282 282 283 283 try: … … 319 319 if self.allocation.has_key(aid): 320 320 self.log.debug("Found allocation for %s" %aid) 321 self.clear_allocation_authorization(aid, state_attr='allocation') 321 322 del self.allocation[aid] 322 323 self.write_state() -
fedd/federation/skeleton_access.py
rb16cfc0 rc65b7e4 194 194 self.state[aid]['user'] = found 195 195 self.state[aid]['owners'] = owners 196 self.state[aid]['auth'] = set() 197 # Authorize the creating fedid and the principal representing the 198 # allocation to manipulate it. 199 self.append_allocation_authorization(aid, 200 ((fid, allocID), (allocID, allocID))) 196 201 self.write_state() 197 202 self.state_lock.release() 198 # Authorize the creating fedid and the principal representing the199 # allocation to manipulate it.200 self.auth.set_attribute(fid, allocID)201 self.auth.set_attribute(allocID, allocID)202 self.auth.save()203 203 204 204 # Create a directory to stash the certificate in, ans stash it. … … 249 249 if aid in self.state: 250 250 self.log.debug("[ReleaseAccess] Found allocation for %s" %aid) 251 self.clear_allocation_authorization(aid) 251 252 del self.state[aid] 252 253 self.write_state()
Note: See TracChangeset
for help on using the changeset viewer.