Changeset e83f2f2 for fedd/federation/experiment_control.py
- Timestamp:
- Dec 14, 2010 6:58:28 PM (14 years ago)
- Branches:
- axis_example, compt_changes, info-ops, master
- Children:
- c092b7f
- Parents:
- 2627eb3
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
fedd/federation/experiment_control.py
r2627eb3 re83f2f2 801 801 self.response = None 802 802 self.node = { } 803 self.proof = None 803 804 804 805 def make_map(self, resp): … … 850 851 self.log_collector.write(line) 851 852 self.make_map(r['StartSegmentResponseBody']) 853 if 'proof' in r: self.proof = r['proof'] 852 854 self.response = r 853 855 else: … … 1021 1023 # mapping. 1022 1024 embedding = [ ] 1025 proofs = { } 1023 1026 for s in starters: 1024 1027 for k, v in s.node.items(): … … 1028 1031 'testbed': s.testbed 1029 1032 }) 1033 if s.proof: 1034 proofs[s.testbed] = s.proof 1030 1035 log.info("[start_segment]: Experiment %s active" % eid) 1031 1036 … … 1044 1049 top.to_dict() 1045 1050 self.state[eid]['embedding'] = embedding 1051 # Append startup proofs 1052 for f in self.state[eid]['federant']: 1053 if 'name' in f and 'localname' in f['name']: 1054 if f['name']['localname'] in proofs: 1055 f['proof'].append(proofs[f['name']['localname']]) 1056 1046 1057 if self.state_filename: self.write_state() 1047 1058 self.state_lock.release() … … 1326 1337 raise service_error(service_error.protocol, 1327 1338 "Bad proxy response") 1339 if 'proof' not in r: 1340 raise service_error(service_error.protocol, 1341 "Bad access response (no access proof)") 1328 1342 1329 1343 tbparam[tb] = { 1330 1344 "allocID" : r['allocID'], 1331 1345 "uri": uri, 1346 "proof": [ r['proof'] ], 1332 1347 } 1333 1348 … … 1498 1513 self.auth.save() 1499 1514 1500 if not self.auth.check_attribute(fid, 'new'): 1501 raise service_error(service_error.access, "New access denied") 1515 access_ok, proof = self.auth.check_attribute(fid, 'new', 1516 with_proof=True) 1517 1518 if not access_ok: 1519 raise service_error(service_error.access, "New access denied", 1520 proof=[proof]) 1502 1521 1503 1522 try: … … 1543 1562 ], 1544 1563 'experimentStatus': 'empty', 1545 'experimentAccess': { 'X509' : expcert } 1564 'experimentAccess': { 'X509' : expcert }, 1565 'proof': proof.to_dict(), 1546 1566 } 1547 1567 … … 1814 1834 raise service_error(service_error.req, "No request?") 1815 1835 1816 self.check_experiment_access(fid, key)1836 proof = self.check_experiment_access(fid, key) 1817 1837 1818 1838 self.state_lock.acquire() 1819 1839 if self.state.has_key(key): 1820 1840 if self.state[key].has_key('vtopo'): 1821 rv = { 'experiment' : {keytype: key },\ 1822 'vtopo': self.state[key]['vtopo'],\ 1841 rv = { 'experiment' : {keytype: key }, 1842 'vtopo': self.state[key]['vtopo'], 1843 'proof': proof.to_dict(), 1823 1844 } 1824 1845 else: … … 1858 1879 raise service_error(service_error.req, "No request?") 1859 1880 1860 self.check_experiment_access(fid, key)1881 proof = self.check_experiment_access(fid, key) 1861 1882 1862 1883 self.state_lock.acquire() 1863 1884 if self.state.has_key(key): 1864 1885 if self.state[key].has_key('vis'): 1865 rv = { 'experiment' : {keytype: key },\ 1866 'vis': self.state[key]['vis'],\ 1886 rv = { 'experiment' : {keytype: key }, 1887 'vis': self.state[key]['vis'], 1888 'proof': proof.to_dict(), 1867 1889 } 1868 1890 else: … … 1885 1907 between when it was started and the beginning of resource allocation. 1886 1908 This is basically the information about each local allocation. This 1887 fills in the values of the placeholder allocation in the state. 1909 fills in the values of the placeholder allocation in the state. It 1910 also collects the access proofs and returns them as dicts for a 1911 response message. 1888 1912 """ 1889 1913 # save federant information … … 1893 1917 'allocID' : tbparams[k]['allocID'], 1894 1918 'uri': tbparams[k]['uri'], 1919 'proof': tbparams[k]['proof'], 1895 1920 } 1896 1921 … … 1903 1928 [ tbparams[tb]['federant'] for tb in tbparams.keys() \ 1904 1929 if tbparams[tb].has_key('federant') ] 1930 # Access proofs for the response message 1931 proofs = [copy.deepcopy(p) for k in tbparams.keys()\ 1932 for p in tbparams[k]['federant']['proof']] 1905 1933 if self.state_filename: 1906 1934 self.write_state() 1907 1935 self.state_lock.release() 1936 return proofs 1908 1937 1909 1938 def clear_placeholder(self, eid, expid, tmpdir): … … 1945 1974 1946 1975 # Make sure that the caller can talk to us 1947 self.check_experiment_access(fid, key)1976 proof = self.check_experiment_access(fid, key) 1948 1977 1949 1978 # Install the testbed map entries supplied with the request into a copy … … 2030 2059 vtopo = topdl.topology_to_vtopo(top) 2031 2060 vis = self.genviz(vtopo) 2032 self.save_federant_information(allocated, tbparams, eid, vtopo,2033 vis, top)2061 proofs = self.save_federant_information(allocated, tbparams, 2062 eid, vtopo, vis, top) 2034 2063 except service_error, e: 2035 2064 # If something goes wrong in the parse (usually an access error) … … 2042 2071 # Start the background swapper and return the starting state. From 2043 2072 # here on out, the state will stick around a while. 2044 2045 # XXX: I think this is redundant2046 # Let users touch the state2047 # self.auth.set_attribute(fid, expid)2048 # self.auth.set_attribute(expid, expid)2049 # Override fedids can manipulate state as well2050 # for o in self.overrides:2051 # self.auth.set_attribute(o, expid)2052 # self.auth.save()2053 2073 2054 2074 # Create a logger that logs to the experiment's state object as well as … … 2076 2096 ], 2077 2097 'experimentStatus': 'starting', 2098 'proof': [ proof.to_dict() ] + proofs, 2078 2099 } 2079 2100 … … 2121 2142 key = self.get_experiment_fedid(key) 2122 2143 2123 if self.auth.check_attribute(fid, key): 2124 return True 2144 access_ok, proof = self.auth.check_attribute(fid, key, with_proof=True) 2145 2146 if access_ok: 2147 return proof 2125 2148 else: 2126 raise service_error(service_error.access, "Access Denied") 2149 raise service_error(service_error.access, "Access Denied", 2150 proof) 2127 2151 2128 2152 … … 2133 2157 """ 2134 2158 self.log.info("Get handler %s %s" % (path, fid)) 2159 # XXX: log proofs? 2135 2160 if self.auth.check_attribute(fid, path): 2136 2161 return ("%s/%s" % (self.repodir, path), "application/binary") … … 2138 2163 return (None, None) 2139 2164 2140 def clean_info_response(self, rv ):2165 def clean_info_response(self, rv, proof): 2141 2166 """ 2142 2167 Remove the information in the experiment's state object that is not in … … 2162 2187 if f.has_key('allocID'): del f['allocID'] 2163 2188 if f.has_key('uri'): del f['uri'] 2189 rv['proof'] = proof.to_dict() 2164 2190 2165 2191 return rv … … 2188 2214 raise service_error(service_error.req, "No request?") 2189 2215 2190 self.check_experiment_access(fid, key)2216 proof = self.check_experiment_access(fid, key) 2191 2217 2192 2218 # The state may be massaged by the service function that called … … 2199 2225 2200 2226 if rv: 2201 return self.clean_info_response(rv )2227 return self.clean_info_response(rv, proof) 2202 2228 else: 2203 2229 raise service_error(service_error.req, "No such experiment") … … 2207 2233 Return all the stored info that this fedid can access 2208 2234 """ 2209 rv = { 'info': [ ] }2235 rv = { 'info': [ ], 'proof': [ ] } 2210 2236 2211 2237 self.state_lock.acquire() 2212 2238 for key in [ k for k in self.state.keys() if isinstance(k, fedid)]: 2213 2239 try: 2214 self.check_experiment_access(fid, key)2240 proof = self.check_experiment_access(fid, key) 2215 2241 except service_error, e: 2216 2242 if e.code == service_error.access: … … 2222 2248 if self.state.has_key(key): 2223 2249 e = copy.deepcopy(self.state[key]) 2224 e = self.clean_info_response(e )2250 e = self.clean_info_response(e, proof) 2225 2251 rv['info'].append(e) 2252 rv['proof'].append(proof.to_dict()) 2226 2253 self.state_lock.release() 2227 2254 return rv … … 2351 2378 if tmpdir: self.remove_dirs(tmpdir) 2352 2379 2353 2354 2380 def terminate_experiment(self, req, fid): 2355 2381 """ … … 2364 2390 2365 2391 key = self.get_experiment_key(req, 'experiment') 2366 self.check_experiment_access(fid, key)2392 proof = self.check_experiment_access(fid, key) 2367 2393 exp = req.get('experiment', False) 2368 2394 force = req.get('force', False) … … 2416 2442 if repo: 2417 2443 self.remove_dirs("%s/%s" % (self.repodir, repo)) 2418 2444 2419 2445 return { 2420 2446 'experiment': exp , 2421 2447 'deallocationLog': string.join(dealloc_list, ''), 2448 'proof': [proof.to_dict()], 2422 2449 } 2423 2450 else: … … 2438 2465 rv = { 'name': name } 2439 2466 2440 if name and self.auth.check_attribute(fid, name): 2467 if not name: 2468 raise service_error(service_error.req, "No name?") 2469 2470 access_ok, proof = self.auth.check_attribute(fid, name, with_proof=True) 2471 2472 if access_ok: 2441 2473 self.log.debug("[GetValue] asking for %s " % name) 2442 2474 try: … … 2448 2480 if v is not None: 2449 2481 rv['value'] = v 2482 rv['proof'] = proof.to_dict() 2450 2483 self.log.debug("[GetValue] got %s from %s" % (v, name)) 2451 2484 return rv 2452 2485 else: 2453 raise service_error(service_error.access, "Access Denied") 2486 raise service_error(service_error.access, "Access Denied", 2487 proof=proof) 2454 2488 2455 2489 … … 2466 2500 v = req.get('value', '') 2467 2501 2468 if name and self.auth.check_attribute(fid, name): 2502 if not name: 2503 raise service_error(service_error.req, "No name?") 2504 2505 access_ok, proof = self.auth.check_attribute(fid, name, with_proof=True) 2506 2507 if access_ok: 2469 2508 try: 2470 2509 self.synch_store.set_value(name, v) … … 2479 2518 raise service_error(service_error.federant, 2480 2519 "Synch key %s revoked" % name) 2481 return { 'name': name, 'value': v}2520 return { 'name': name, 'value': v, 'proof': proof.to_dict() } 2482 2521 else: 2483 raise service_error(service_error.access, "Access Denied") 2522 raise service_error(service_error.access, "Access Denied", 2523 proof=proof)
Note: See TracChangeset
for help on using the changeset viewer.