Changeset f77a256
- Timestamp:
- Jan 11, 2012 4:02:07 PM (13 years ago)
- Branches:
- compt_changes, info-ops, master
- Children:
- 6886c5a
- Parents:
- ee950c2
- Location:
- fedd
- Files:
-
- 2 added
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
fedd/access_to_abac.py
ree950c2 rf77a256 71 71 # All the local parsing functions get the unparsed remainder of the line 72 72 # (after the three-name and the attribute it maps to), the credential list to 73 # add the new ABAC credential(s) that will be mapped into the lo acl73 # add the new ABAC credential(s) that will be mapped into the local 74 74 # credentials, the fedid of this entity, a dict mapping the local credentials 75 75 # to ABAC credentials that are required to exercise those local rights and the … … 77 77 def parse_emulab(l, creds, me, to_id, p, gp, gu, lr): 78 78 ''' 79 Parse the emulab (project, allocation_user, access_user) format. Access 80 users are deprecates and allocation users used for both. This fuction 81 collapses them. 82 ''' 83 right_side_str = '\s*,\s*\(\s*%s\s*,\s*%s\s*,\s*%s\s*\)' % \ 84 (proj_same_str, id_same_str,id_same_str) 79 Parse the emulab (project, allocation_user, cert_file) format. 80 ''' 81 right_side_str = '\s*,\s*\(\s*%s\s*,\s*%s\s*,\s*(%s)\s*\)' % \ 82 (proj_same_str, id_same_str,path_str) 85 83 86 84 m = re.match(right_side_str, l) 87 85 if m: 88 project, user = m.group(1,2)86 project, user, cert = m.group(1,2,3) 89 87 # Resolve "<same>"s in project and user 90 88 if project == '<same>': … … 114 112 [attribute(p, x, lr) for x in (gp, gu) if x is not None]) 115 113 creds.add(c) 116 if (project, user ) in to_id: to_id[(project,user)].append(c)117 else: to_id[(project,user )] = [ c ]114 if (project, user,cert) in to_id: to_id[(project,user,cert)].append(c) 115 else: to_id[(project,user,cert)] = [ c ] 118 116 else: 119 117 raise parse_error("Badly formatted local mapping: %s" % l) … … 320 318 id_str = '[a-zA-Z][\w_-]*' 321 319 proj_str = '[a-zA-Z][\w_/-]*' 322 path_str = '[a-zA-Z _/\.-]+'320 path_str = '[a-zA-Z0-9_/\.-]+' 323 321 id_any_str = '(%s|<any>)' % id_str 324 322 proj_any_str = '(%s|<any>)' % proj_str -
fedd/federation/emulab_access.py
ree950c2 rf77a256 176 176 def access_tuple(str): 177 177 """ 178 Convert a string of the form (id, id ) into an access_project. Thisis179 called by read_access to convert to local attributes. It returns180 a tuple of the form (project, user).178 Convert a string of the form (id, id, id) into an access_project. This 179 is called by read_access to convert to local attributes. It returns a 180 tuple of the form (project, user, certificate_file). 181 181 """ 182 182 183 183 str = str.strip() 184 if str.startswith('(') and str.endswith(')') and str.count(',') == 1:184 if str.startswith('(') and str.endswith(')') and str.count(',') == 2: 185 185 # The slice takes the parens off the string. 186 proj, user = str[1:-1].split(',')187 return (proj.strip(), user.strip() )186 proj, user, cert = str[1:-1].split(',') 187 return (proj.strip(), user.strip(), cert.strip()) 188 188 else: 189 189 raise self.parse_error( 190 'Bad mapping (unbalanced parens or more than 1 comma)')190 'Bad mapping (unbalanced parens or more than 2 commas)') 191 191 192 192 # RequestAccess support routines 193 193 194 def save_project_state(self, aid, pname, uname, owners):194 def save_project_state(self, aid, pname, uname, certf, owners): 195 195 """ 196 196 Save the project, user, and owners associated with this allocation. … … 201 201 self.allocation[aid]['project'] = pname 202 202 self.allocation[aid]['user'] = uname 203 self.allocation[aid]['cert'] = certf 203 204 self.allocation[aid]['owners'] = owners 204 205 self.write_state() … … 272 273 aid = unicode(allocID) 273 274 274 pname, uname = self.save_project_state(aid, found[0], found[1], owners) 275 pname, uname = self.save_project_state(aid, found[0], found[1], 276 found[2], owners) 275 277 276 278 services, svc_state = self.export_services(req.get('service',[]), … … 690 692 if aid in self.allocation: 691 693 user = self.allocation[aid].get('user', None) 694 cert = self.allocation[aid].get('cert', None) 692 695 self.allocation[aid]['experiment'] = ename 693 696 self.allocation[aid]['nonce'] = nonce_experiment … … 711 714 "Can't find creation user for %s" %aid) 712 715 713 return (ename, proj, user, pubkey_base, secretkey_base, alloc_log)716 return (ename, proj, user, cert, pubkey_base, secretkey_base, alloc_log) 714 717 715 718 def decorate_topology(self, info, t): … … 853 856 try: 854 857 self.retrieve_software(topo, certfile, softdir) 855 ename, proj, user, pubkey_base, secretkey_base, alloc_log =\856 857 858 ename, proj, user, xmlrpc_cert, pubkey_base, secretkey_base, \ 859 alloc_log = self.initialize_experiment_info(attrs, aid, 860 certfile, tmpdir) 858 861 859 862 if '/' in proj: proj, gid = proj.split('/') … … 877 880 starter = self.start_segment(keyfile=self.ssh_privkey_file, 878 881 debug=self.create_debug, log=alloc_log, boss=self.boss, 879 ops=self.ops, cert= self.xmlrpc_cert)882 ops=self.ops, cert=xmlrpc_cert) 880 883 rv = starter(self, ename, proj, user, expfile, tmpdir, gid=gid) 881 884 except service_error, e: … … 918 921 proj = self.allocation[aid].get('project', None) 919 922 user = self.allocation[aid].get('user', None) 923 xmlrpc_cert = self.allocation[aid].get('cert', None) 920 924 ename = self.allocation[aid].get('experiment', None) 921 925 nonce = self.allocation[aid].get('nonce', False) … … 925 929 ename = None 926 930 nonce = False 931 xmlrpc_cert = None 927 932 self.state_lock.release() 928 933 … … 942 947 stopper = self.stop_segment(keyfile=self.ssh_privkey_file, 943 948 debug=self.create_debug, boss=self.boss, ops=self.ops, 944 cert= self.xmlrpc_cert)949 cert=xmlrpc_cert) 945 950 stopper(self, user, proj, ename, gid, nonce) 946 951 return { 'allocID': req['allocID'], 'proof': proof.to_dict() } … … 966 971 proj = self.allocation[aid].get('project', None) 967 972 user = self.allocation[aid].get('user', None) 973 xmlrpc_cert = self.allocation[aid].get('cert', None) 968 974 ename = self.allocation[aid].get('experiment', None) 969 975 else: … … 972 978 ename = None 973 979 topo = None 980 xmlrpc_cert = None 974 981 self.state_lock.release() 975 982 … … 989 996 info = self.info_segment(keyfile=self.ssh_privkey_file, 990 997 debug=self.create_debug, boss=self.boss, ops=self.ops, 991 cert= self.xmlrpc_cert)998 cert=xmlrpc_cert) 992 999 info(self, user, proj, ename) 993 1000 self.decorate_topology(info, topo) … … 1038 1045 raise service_error(service_error.req, "no targets") 1039 1046 1047 self.state_lock.acquire() 1040 1048 if aid in self.allocation: 1041 1049 topo = self.allocation[aid].get('topo', None) 1042 1050 if topo: topo = topo.clone() 1051 xmlrpc_cert = self.allocation[aid].get('cert', None) 1043 1052 else: 1044 1053 topo = None 1054 xmlrpc_cert = None 1055 self.state_lock.release() 1045 1056 1046 1057 targets = copy.copy(targets) … … 1058 1069 ops = self.operation_segment(keyfile=self.ssh_privkey_file, 1059 1070 debug=self.create_debug, boss=self.boss, ops=self.ops, 1060 cert= self.xmlrpc_cert)1071 cert=xmlrpc_cert) 1061 1072 ops(self, op, ptargets, params, topo) 1062 1073
Note: See TracChangeset
for help on using the changeset viewer.