Changeset ef36c1e
- Timestamp:
- Aug 1, 2008 11:41:39 AM (16 years ago)
- Branches:
- axis_example, compt_changes, info-ops, master, version-1.30, version-2.00, version-3.01, version-3.02
- Children:
- 808889e
- Parents:
- 7da9da6
- Location:
- fedd
- Files:
-
- 1 added
- 5 edited
Legend:
- Unmodified
- Added
- Removed
-
fedd/fedd_allocate_project.py
r7da9da6 ref36c1e 21 21 from fedd_util import * 22 22 import parse_detail 23 from service_error import * 23 24 24 25 class fedd_allocate_project_local: 25 def __init__(self, dp=False, url=None ):26 def __init__(self, dp=False, url=None, certs=None): 26 27 """ 27 28 Initializer. Parses a configuration if one is given. … … 58 59 59 60 60 def dynamic_project(self, req ):61 def dynamic_project(self, req, fedid=None): 61 62 """ 62 63 Create a dynamic project with ssh access … … 70 71 dir="/tmp") 71 72 72 print userfile 73 proj = req['project'] 73 if req.has_key('AllocateProjectRequestBody') and \ 74 req['AllocateProjectRequestBody'].has_key('project'): 75 proj = req['AllocateProjectRequestBody']['project'] 76 else: 77 raise service_error(service_error.req, 78 "Badly formed allocation request") 74 79 # Take the first user and ssh key 75 80 name = proj.get('name', None) or self.random_string("proj",4) … … 91 96 access = user.get('access', None) 92 97 if access != None: 93 ssh = access .get('sshPubkey', None)98 ssh = access[0].get('sshPubkey', None) 94 99 if ssh == None: 95 100 raise fedd_proj.service_error(fedd_proj.service_error.req, … … 177 182 } 178 183 return rv 184 185 186 class fedd_allocate_project_remote: 187 def __init__(self, dp=False, url=None, certs=None): 188 """ 189 Initializer. Parses a configuration if one is given. 190 """ 191 192 self.dynamic_projects = dp 193 self.url = url 194 195 if certs != None and isinstance(certs, type(tuple())): 196 self.cert_file, self.trusted_certs, self.cert_pwd = certs 197 # self.cert_file = certs[0] 198 # self.trusted_certs = certs[1] 199 # self.cert_pwd = certs[2] 200 else: 201 self.cert_file = None 202 self.trusted_certs = None 203 self.cert_pwd = None 204 205 def dynamic_project(self, req, fedid=None): 206 """ 207 Send req on to a remote project instantiator. 208 209 Req is just the projectAllocType object. This function re-wraps it. 210 It also rethrows any faults. 211 """ 212 # No retry loop here. Proxy servers must correctly authenticate 213 # themselves without help 214 try: 215 ctx = fedd_ssl_context(self.cert_file, self.trusted_certs, 216 password=self.cert_pwd) 217 except SSL.SSLError: 218 raise service_error(service_error.server_config, 219 "Server certificates misconfigured") 220 221 loc = feddServiceLocator(); 222 port = loc.getfeddPortType(self.url, 223 transport=M2Crypto.httpslib.HTTPSConnection, 224 transdict={ 'ssl_context' : ctx }) 225 226 if req.has_key('AllocateProjectRequestBody'): 227 req = req['AllocateProjectRequestBody'] 228 else: 229 raise service_error(service_error.req, "Bad formated request"); 230 231 # Reconstruct the full request message 232 msg = AllocateProjectRequestMessage() 233 msg.set_element_AllocateProjectRequestBody( 234 pack_soap(msg, "AllocateProjectRequestBody", req)) 235 try: 236 resp = port.AllocateProject(msg) 237 except ZSI.ParseException, e: 238 raise service_error(service_error.proxy, 239 "Bad format message (XMLRPC??): %s" % str(e)) 240 r = unpack_soap(resp) 241 242 if r.has_key('AllocateProjectResponseBody'): 243 return r['AllocateProjectResponseBody'] 244 else: 245 raise service_error(service_error.proxy, "Bad proxy response") 246 -
fedd/fedd_messages.wsdl
r7da9da6 ref36c1e 24 24 25 25 <message name="AllocateProjectResponseMessage"> 26 <part name="AllocateProjectResponseBody" type="xsd1:projectType"/> 26 <part name="AllocateProjectResponseBody" 27 type="xsd1:projectAllocResponseType"/> 27 28 </message> 28 29 -
fedd/fedd_proj.py
r7da9da6 ref36c1e 33 33 bool_attrs = ("dynamic_projects", "project_priority") 34 34 emulab_attrs = ("boss", "ops", "domain", "fileserver", "eventserver") 35 id_attrs = ("testbed", "cert_file", "trusted_certs", "proxy", 36 "proxy_trusted_certs", "cert_pwd") 35 id_attrs = ("testbed", "cert_file", "cert_pwd", "trusted_certs", "proxy", 36 "proxy_cert_file", "proxy_cert_pwd", "proxy_trusted_certs", 37 "dynamic_projects_url", "dynamic_projects_cert_file", 38 "dynamic_projects_cert_pwd", "dynamic_projects_trusted_certs") 37 39 38 40 # Used by the SOAP caller … … 92 94 if config != None: 93 95 self.read_config(config) 94 self.allocate_project = \ 95 fedd_allocate_project_local(self.dynamic_projects) 96 97 # Certs are promoted from the generic to the specific, so without a 98 # specific proxy certificate, the main certificates are used for proxy 99 # interactions. If no dynamic project certificates, then proxy certs 100 # are used, and if none of those the main certs. 101 102 # init proxy certs 103 if self.proxy_cert_file == None: 104 self.proxy_cert_file = self.cert_file 105 self.proxy_cert_pwd = self.cert_pwd 106 107 if self.proxy_trusted_certs == None: 108 self.proxy_trusted_certs = self.trusted_certs 109 110 # init dynamic project certs 111 if self.dynamic_projects_cert_file == None: 112 self.dynamic_projects_cert_file = self.proxy_cert_file 113 self.dynamic_projects_cert_pwd = self.proxy_cert_pwd 114 115 if self.dynamic_projects_trusted_certs == None: 116 self.dynamic_projects_trusted_certs = self.proxy_trusted_certs 117 118 proj_certs = (self.dynamic_projects_cert_file, 119 self.dynamic_projects_trusted_certs, 120 self.dynamic_projects_cert_pwd) 121 122 if self.dynamic_projects_url == None: 123 self.allocate_project = \ 124 fedd_allocate_project_local(self.dynamic_projects, 125 self.dynamic_projects_url, proj_certs) 126 fedd_proj.soap_methods['AllocateProject'] = 'soap_AllocateProject' 127 else: 128 self.allocate_project = \ 129 fedd_allocate_project_remote(self.dynamic_projects, 130 self.dynamic_projects_url, proj_certs) 96 131 97 132 def dump_state(self): … … 138 173 def proxy_xmlrpc_request(self, dt, req): 139 174 """Send an XMLRPC proxy request. Called if the SOAP RPC fails""" 140 tc = self.proxy_trusted_certs or self.trusted_certs141 175 142 176 # No retry loop here. Proxy servers must correctly authenticate 143 177 # themselves without help 144 178 try: 145 ctx = fedd_ssl_context(self.cert_file, tc, password=self.cert_pwd) 179 ctx = fedd_ssl_context(self.proxy_cert_file, 180 self.proxy_trusted_certs, password=self.proxy_cert_pwd) 146 181 except SSL.SSLError: 147 182 raise service_error(service_error.server_config, … … 186 221 also rethrows any faults. 187 222 """ 188 tc = self.proxy_trusted_certs or self.trusted_certs189 190 223 # No retry loop here. Proxy servers must correctly authenticate 191 224 # themselves without help 192 225 try: 193 ctx = fedd_ssl_context(self.cert_file, tc, password=self.cert_pwd) 226 ctx = fedd_ssl_context(self.proxy_cert_file, 227 self.proxy_trusted_certs, password=self.proxy_cert_pwd) 194 228 except SSL.SSLError: 195 229 raise service_error(service_error.server_config, … … 401 435 # Compose the dynamic project request 402 436 # (only dynamic, dynamic currently allowed) 403 preq = { 'project' : {\ 437 preq = { 'AllocateProjectRequestBody': \ 438 { 'project' : {\ 404 439 'user': [ \ 405 { 'access': { 'sshPubkey': s }} \440 { 'access': [ { 'sshPubkey': s } ] } \ 406 441 for s in ssh ] \ 442 }\ 407 443 }\ 408 444 } 409 445 if restricted != None and len(restricted) > 0: 410 preq['resources'] = [ {'node': { 'hardware' : [ h ]\ 411 } } for h in restricted ] 446 preq['AllocateProjectRequestBody']['resources'] = \ 447 [ {'node': { 'hardware' : [ h ] } } \ 448 for h in restricted ] 412 449 413 414 #self.dynamic_project(found, ssh)415 450 ap = self.allocate_project.dynamic_project(preq) 416 # XXX: fill in response values into the real response417 451 else: pass # SSH key additions 418 452 else: … … 449 483 service_error.proxy, 450 484 "Undefined fault from proxy??"); 485 486 487 def soap_AllocateProject(self, ps, fid): 488 req = ps.Parse(AllocateProjectRequestMessage.typecode) 489 490 msg = self.allocate_project.dynamic_project(unpack_soap(req), fedid) 491 492 resp = AllocateProjectResponseMessage() 493 resp.set_element_AllocateProjectResponseBody( 494 pack_soap(resp, "AllocateProjectResponseBody", msg)) 495 496 return resp 451 497 452 498 def soap_RequestAccess(self, ps, fid): -
fedd/fedd_types.xsd
r7da9da6 ref36c1e 118 118 </xsd:annotation> 119 119 <xsd:sequence> 120 <xsd:element name="name" type="tns:IDType" />120 <xsd:element name="name" type="tns:IDType" minOccurs="0" maxOccurs="1"/> 121 121 <xsd:element name="user" type="tns:userType" minOccurs="0" 122 122 maxOccurs="unbounded"/> … … 152 152 <xsd:element name="resources" type="tns:resourcesType" 153 153 minOccurs="0" maxOccurs="1"/> 154 </xsd:sequence> 155 </xsd:complexType> 156 157 <xsd:complexType name="projectAllocResponseType"> 158 <xsd:annotation> 159 <xsd:documentation> 160 The information needed to create a dynamic project 161 </xsd:documentation> 162 </xsd:annotation> 163 <xsd:sequence> 164 <xsd:element name="project" type="tns:projectType"/> 154 165 </xsd:sequence> 155 166 </xsd:complexType> -
fedd/fedd_util.py
r7da9da6 ref36c1e 181 181 """ 182 182 if getattr(contents, "__iter__", None) != None: 183 obj = getattr(container, "new_%s" % name, None)() 183 try: 184 obj = getattr(container, "new_%s" % name, None)() 185 except: 186 print "%s has no method new_%s" % (container, name) 187 raise 184 188 for e, v in contents.iteritems(): 185 189 assign = getattr(obj, "set_element_%s" % e, None) or \
Note: See TracChangeset
for help on using the changeset viewer.