Add a script to remove old authorities (sa,cm) from the DB.

protogeni/lib/GeniAuthority.pm.in

 #!/usr/bin/perl -wT
 #
 # EMULAB-COPYRIGHT
-# Copyright (c) 2008 University of Utah and the Flux Group.
+# Copyright (c) 2008-2009 University of Utah and the Flux Group.
 # All rights reserved.
 #
 package GeniAuthority;
@@ -154,6 +154,30 @@ sub type($)		{ return field($_[0], "type"); }
 sub cert($)		{ return $_[0]->{'CERT'}->cert(); }
 sub GetCertificate($)   { return $_[0]->{'CERT'}; }
 
+#
+# Delete from the DB.
+#
+sub Delete($)
+{
+    my ($self) = @_;
+
+    return -1
+	if (! ref($self));
+
+    if ($self->GetCertificate()->Delete() != 0) {
+	print STDERR "Could not delete certificate for $self\n";
+	return -1;
+    }
+    my $uuid = $self->uuid();
+    DBQueryWarn("delete from geni_authorities ".
+		"where uuid='$uuid'")
+	or return -1;
+
+    # Delete fromcache. 
+    delete($authorities{$uuid});
+    return 0;
+}
+
 #
 # Check to see if there is an existing authority with the same prefix.
 #

protogeni/lib/GeniComponent.pm.in

 #!/usr/bin/perl -wT
 #
 # EMULAB-COPYRIGHT
-# Copyright (c) 2008 University of Utah and the Flux Group.
+# Copyright (c) 2008-2009 University of Utah and the Flux Group.
 # All rights reserved.
 #
 package GeniComponent;
@@ -158,6 +158,31 @@ sub cert($)		{ return $_[0]->{'CERT'}->cert(); }
 sub GetCertificate($)   { return $_[0]->{'CERT'}; }
 sub GetManager($)       { return $_[0]->{'MANAGER'}; }
 
+#
+# Delete a component from the DB.
+#
+sub Delete($)
+{
+    my ($self) = @_;
+
+    return -1
+	if (! ref($self));
+
+    if ($self->GetCertificate()->Delete() != 0) {
+	print STDERR "Could not delete certificate for $self\n";
+	return -1;
+    }
+    my $uuid = $self->uuid();
+    DBQueryWarn("delete from geni_components ".
+		"where uuid='$uuid'")
+	or return -1;
+
+    # Delete from the cache. 
+    delete($components{$uuid});
+
+    return 0;
+}
+
 #
 # Compare two component refs.
 #
@@ -258,6 +283,38 @@ sub CreateFromCertificate($$;$)
     return $component;
 }
 
+#
+# Delete all components for a CM.
+#
+sub DeleteAll($$)
+{
+    my ($class, $authority) = @_;
+
+    my $uuid = $authority->uuid();
+    my $query_result =
+	DBQueryWarn("select uuid from geni_components ".
+		    "where manager_uuid='$uuid'");
+
+    return -1
+	if (! $query_result);
+    return 0
+	if (!$query_result->numrows);
+
+    while (my ($uuid) = $query_result->fetchrow_array()) {
+	my $component = GeniComponent->Lookup($uuid);
+	if (!defined($component)) {
+	    print STDERR "Could not lookup component $uuid\n";
+	    return -1;
+	}
+	if ($component->Delete() != 0) {
+	    print STDERR "Could not delete $component\n";
+	    return -1;
+	}
+    }
+
+    return 0;
+}
+
 # _Always_ make sure that this 1 is at the end of the file...
 1;
 

protogeni/lib/GeniSlice.pm.in

 #!/usr/bin/perl -wT
 #
 # EMULAB-COPYRIGHT
-# Copyright (c) 2008 University of Utah and the Flux Group.
+# Copyright (c) 2008-2009 University of Utah and the Flux Group.
 # All rights reserved.
 #
 package GeniSlice;
@@ -598,5 +598,54 @@ sub SetShutdown($$)
     return 0;
 }
 
+#
+# Delete all slices for an authority.
+#
+sub DeleteAll($$)
+{
+    my ($class, $authority) = @_;
+
+    my $uuid = $authority->uuid();
+    my $query_result =
+	DBQueryWarn("select uuid from geni_slices ".
+		    "where sa_uuid='$uuid'");
+
+    return -1
+	if (! $query_result);
+    return 0
+	if (!$query_result->numrows);
+
+    while (my ($uuid) = $query_result->fetchrow_array()) {
+	my $slice = GeniSlice->Lookup($uuid);
+	if (!defined($slice)) {
+	    print STDERR "Could not lookup slice $uuid\n";
+	    return -1;
+	}
+	#
+	# Do not allow active slices to be deleted.
+	#
+	my $aggregate = GeniAggregate->SliceAggregate($slice);
+	if (defined($aggregate)) {
+	    print STDERR "Cannot delete active slice $slice:\n";
+	    return -1;
+	}
+	my @slivers;
+	if (GeniSliver->SliceSlivers($slice, \@slivers) != 0) {
+	    print STDERR "Cannot lookup slivers for $slice:\n";
+	    return -1;
+	}
+	if (@slivers) {
+	    print STDERR "Cannot delete active slice $slice:\n";
+	    return -1;
+	}
+	if ($slice->Delete() != 0) {
+	    print STDERR "Could not delete $slice\n";
+	    return -1;
+	}
+    }
+
+    return 0;
+}
+
 # _Always_ make sure that this 1 is at the end of the file...
 1;

protogeni/lib/GeniUser.pm.in

 #!/usr/bin/perl -wT
 #
 # EMULAB-COPYRIGHT
-# Copyright (c) 2008 University of Utah and the Flux Group.
+# Copyright (c) 2008-2009 University of Utah and the Flux Group.
 # All rights reserved.
 #
 package GeniUser;
@@ -494,6 +494,59 @@ sub IsLocal($)
     return ref($self) eq "GeniUser::LocalUser";
 }
 
+#
+# Delete all slices for an authority.
+#
+sub DeleteAll($$)
+{
+    my ($class, $authority) = @_;
+
+    my $uuid = $authority->uuid();
+    my $query_result =
+	DBQueryWarn("select uuid from geni_users ".
+		    "where sa_uuid='$uuid'");
+
+    return -1
+	if (! $query_result);
+    return 0
+	if (!$query_result->numrows);
+
+    while (my ($uuid) = $query_result->fetchrow_array()) {
+	my $user = GeniUser->Lookup($uuid);
+	if (!defined($user)) {
+	    print STDERR "Could not lookup user $uuid\n";
+	    return -1;
+	}
+	#
+	# Do not allow users with active slices to be deleted.
+	#
+	my $active_result =
+	    DBQueryWarn("select uuid from geni_slices ".
+			"where creator_uuid='$uuid'");
+	return -1
+	    if (!$active_result);
+	if ($active_result->numrows()) {
+	    print STDERR "$user is heading up active slices\n";
+	}
+
+	$active_result =
+	    DBQueryWarn("select uuid from geni_slivers ".
+			"where creator_uuid='$uuid'");
+	return -1
+	    if (!$active_result);
+	if ($active_result->numrows()) {
+	    print STDERR "$user is heading up active slivers\n";
+	}
+	
+	if ($user->Delete() != 0) {
+	    print STDERR "Could not delete $user\n";
+	    return -1;
+	}
+    }
+
+    return 0;
+}
+
 ############################################################################
 #
 # Wrapper for local users.

protogeni/scripts/GNUmakefile.in

 #
 # EMULAB-COPYRIGHT
-# Copyright (c) 2000-2008 University of Utah and the Flux Group.
+# Copyright (c) 2000-2009 University of Utah and the Flux Group.
 # All rights reserved.
 #
 
@@ -14,7 +14,7 @@ include $(OBJDIR)/Makeconf
 SBIN_STUFF	= cleanupslice
 PSBIN_STUFF	= register_resources expire_daemon gencrl postcrl \
 		  createcerts initsite addauthority getcacerts \
-		  gencrlbundle shutdownslice
+		  gencrlbundle shutdownslice remauthority
 
 # These scripts installed setuid, with sudo. 
 SETUID_BIN_SCRIPTS   = 

protogeni/scripts/remauthority.in

+#!/usr/bin/perl -w
+#
+# EMULAB-COPYRIGHT
+# Copyright (c) 2008-2009 University of Utah and the Flux Group.
+# All rights reserved.
+#
+use strict;
+use English;
+use Data::Dumper;
+use Getopt::Std;
+
+#
+# Remove an authority from the DB.
+# 
+sub usage()
+{
+    print "Usage: addauthority [-c] <uuid>\n";
+    exit(1);
+}
+my $optlist    = "c";
+my $asch       = 0;
+
+sub fatal($);
+
+#
+# Check args.
+#
+my %options = ();
+if (! getopts($optlist, \%options)) {
+    usage();
+}
+if (defined($options{"c"})) {
+    $asch = 1;
+}
+usage()
+    if (@ARGV != 1);
+
+my $uuid     = $ARGV[0];
+
+use vars qw($GENI_DBNAME);
+if ($asch) {
+    $GENI_DBNAME = "geni-ch";
+}
+
+# Now we can load the libraries after setting the proper DB.
+use lib '@prefix@/lib';
+require GeniDB;
+require GeniCertificate;
+require GeniAuthority;
+require GeniSlice;
+require GeniUser;
+
+my $authority = GeniAuthority->Lookup($uuid);
+if (!defined($authority)) {
+    fatal("No such authority in DB");
+}
+if ($authority->type() eq "cm") {
+    if (GeniComponent->DeleteAll($authority) != 0) {
+	fatal("Could not delete components for $authority");
+    }
+}
+elsif ($authority->type() eq "sa") {
+    if (GeniSlice->DeleteAll($authority) != 0) {
+	fatal("Could not delete slices for $authority");
+    }
+    if (GeniUser->DeleteAll($authority) != 0) {
+	fatal("Could not delete users for $authority");
+    }
+}
+else {
+    fatal("Do not know how to delete $authority");
+}
+if ($authority->Delete() != 0) {
+    fatal("Could not delete components for $authority");
+}
+
+exit(0);
+
+sub fatal($)
+{
+    my ($msg) = @_;
+
+    die("*** $0:\n".
+	"    $msg\n");
+}