Changeset ef36c1e for fedd/fedd_proj.py

Timestamp:

Aug 1, 2008 11:41:39 AM (16 years ago)

Author:

Ted Faber <faber@…>

Branches:

axis_example, compt_changes, info-ops, master, version-1.30, version-2.00, version-3.01, version-3.02

Children:

808889e

Parents:

7da9da6

Message:

split out project creation

File:

• fedd/fedd_proj.py (modified) (6 diffs)

fedd/fedd_proj.py

@@ -33 +33 @@
     bool_attrs = ("dynamic_projects", "project_priority")
     emulab_attrs = ("boss", "ops", "domain", "fileserver", "eventserver")
-    id_attrs = ("testbed", "cert_file", "trusted_certs", "proxy",
-            "proxy_trusted_certs", "cert_pwd")
+    id_attrs = ("testbed", "cert_file", "cert_pwd", "trusted_certs", "proxy",
+            "proxy_cert_file", "proxy_cert_pwd", "proxy_trusted_certs",
+            "dynamic_projects_url", "dynamic_projects_cert_file", 
+            "dynamic_projects_cert_pwd", "dynamic_projects_trusted_certs")
 
     # Used by the SOAP caller
@@ -92 +94 @@
         if config != None: 
             self.read_config(config)
-        self.allocate_project = \
-            fedd_allocate_project_local(self.dynamic_projects)
+
+        # Certs are promoted from the generic to the specific, so without a
+        # specific proxy certificate, the main certificates are used for proxy
+        # interactions. If no dynamic project certificates, then proxy certs
+        # are used, and if none of those the main certs.
+
+        # init proxy certs
+        if self.proxy_cert_file == None:
+            self.proxy_cert_file = self.cert_file
+            self.proxy_cert_pwd = self.cert_pwd
+
+        if self.proxy_trusted_certs == None:
+            self.proxy_trusted_certs = self.trusted_certs
+
+        # init dynamic project certs
+        if self.dynamic_projects_cert_file == None:
+            self.dynamic_projects_cert_file = self.proxy_cert_file
+            self.dynamic_projects_cert_pwd = self.proxy_cert_pwd
+
+        if self.dynamic_projects_trusted_certs == None:
+            self.dynamic_projects_trusted_certs = self.proxy_trusted_certs
+
+        proj_certs = (self.dynamic_projects_cert_file, 
+                self.dynamic_projects_trusted_certs,
+                self.dynamic_projects_cert_pwd)
+
+        if self.dynamic_projects_url == None:
+            self.allocate_project = \
+                fedd_allocate_project_local(self.dynamic_projects, 
+                        self.dynamic_projects_url, proj_certs)
+            fedd_proj.soap_methods['AllocateProject'] = 'soap_AllocateProject'
+        else:
+            self.allocate_project = \
+                fedd_allocate_project_remote(self.dynamic_projects, 
+                        self.dynamic_projects_url, proj_certs)
 
     def dump_state(self):
@@ -138 +173 @@
     def proxy_xmlrpc_request(self, dt, req):
         """Send an XMLRPC proxy request.  Called if the SOAP RPC fails"""
-        tc = self.proxy_trusted_certs or self.trusted_certs
 
         # No retry loop here.  Proxy servers must correctly authenticate
         # themselves without help
         try:
-            ctx = fedd_ssl_context(self.cert_file, tc, password=self.cert_pwd)
+            ctx = fedd_ssl_context(self.proxy_cert_file, 
+                    self.proxy_trusted_certs, password=self.proxy_cert_pwd)
         except SSL.SSLError:
             raise service_error(service_error.server_config,
@@ -186 +221 @@
         also rethrows any faults.
         """
-        tc = self.proxy_trusted_certs or self.trusted_certs
-
         # No retry loop here.  Proxy servers must correctly authenticate
         # themselves without help
         try:
-            ctx = fedd_ssl_context(self.cert_file, tc, password=self.cert_pwd)
+            ctx = fedd_ssl_context(self.proxy_cert_file, 
+                    self.proxy_trusted_certs, password=self.proxy_cert_pwd)
         except SSL.SSLError:
             raise service_error(service_error.server_config, 
@@ -401 +435 @@
                     # Compose the dynamic project request 
                     # (only dynamic, dynamic currently allowed)
-                    preq = { 'project' : {\
+                    preq = { 'AllocateProjectRequestBody': \
+                                { 'project' : {\
                                     'user': [ \
-                                    { 'access': { 'sshPubkey': s } } \
+                                    { 'access': [ { 'sshPubkey': s } ] } \
                                         for s in ssh ] \
+                                    }\
                                 }\
                             }
                     if restricted != None and len(restricted) > 0:
-                        preq['resources'] =  [ {'node': { 'hardware' :  [ h ]\
-                            } } for h in restricted ]
+                        preq['AllocateProjectRequestBody']['resources'] = \
+                            [ {'node': { 'hardware' :  [ h ] } } \
+                                    for h in restricted ]
                                 
-
-                    #self.dynamic_project(found, ssh)
                     ap = self.allocate_project.dynamic_project(preq)
-                    # XXX: fill in response values into the real response
                 else: pass    # SSH key additions
             else:
@@ -449 +483 @@
                             service_error.proxy,
                             "Undefined fault from proxy??");
+
+
+    def soap_AllocateProject(self, ps, fid):
+        req = ps.Parse(AllocateProjectRequestMessage.typecode)
+
+        msg = self.allocate_project.dynamic_project(unpack_soap(req), fedid)
+
+        resp = AllocateProjectResponseMessage()
+        resp.set_element_AllocateProjectResponseBody(
+                pack_soap(resp, "AllocateProjectResponseBody", msg))
+
+        return resp
 
     def soap_RequestAccess(self, ps, fid):