Commit 506a1679 authored by Leigh B. Stoller's avatar Leigh B. Stoller
Browse files

Checkpoint more of version two API.

parent 27aed939
...@@ -348,6 +348,10 @@ sub GetTicket($;$) ...@@ -348,6 +348,10 @@ sub GetTicket($;$)
if (!defined($rspecstr)) { if (!defined($rspecstr)) {
return GeniResponse->MalformedArgsResponse(); return GeniResponse->MalformedArgsResponse();
} }
if (! ($rspecstr =~ /^[\040-\176\012\015\011]+$/)) {
return GeniResponse->Create(GENIRESPONSE_BADARGS, undef,
"Improper characters in rspec");
}
my $credential = GeniCredential->CreateFromSigned($credstr); my $credential = GeniCredential->CreateFromSigned($credstr);
if (!defined($credential)) { if (!defined($credential)) {
return GeniResponse->Create(GENIRESPONSE_ERROR, undef, return GeniResponse->Create(GENIRESPONSE_ERROR, undef,
...@@ -369,16 +373,13 @@ sub GetTicket($;$) ...@@ -369,16 +373,13 @@ sub GetTicket($;$)
$ticket->SetSlice($credential->target_uuid()); $ticket->SetSlice($credential->target_uuid());
} }
return GetTicketAux($credential, return GetTicketAux($credential,
$rspecstr, $isupdate, $impotent, 0, $ticket); $rspecstr, $isupdate, $impotent, 0, 1, $ticket);
} }
sub GetTicketAux($$$$$$) sub GetTicketAux($$$$$$$)
{ {
my ($credential, $rspec_string, $isupdate, $impotent, $v2, $ticket) = @_; my ($credential, $rspecstr, $isupdate, $impotent, $v2, $level,
my $owner_uuid = $ENV{'GENIUSER'}; $ticket) = @_;
my $response = undef;
my $restorevirt = 0; # Flag to restore virtual state
my $restorephys = 0; # Flag to restore physical state
defined($credential) && defined($credential) &&
($credential->HasPrivilege( "pi" ) or ($credential->HasPrivilege( "pi" ) or
...@@ -386,35 +387,10 @@ sub GetTicketAux($$$$$$) ...@@ -386,35 +387,10 @@ sub GetTicketAux($$$$$$)
$credential->HasPrivilege( "bind" ) or $credential->HasPrivilege( "bind" ) or
return GeniResponse->Create( GENIRESPONSE_FORBIDDEN, undef, return GeniResponse->Create( GENIRESPONSE_FORBIDDEN, undef,
"Insufficient privilege" )); "Insufficient privilege" ));
if (! ($rspec_string =~ /^[\040-\176\012\015\011]+$/)) {
return GeniResponse->Create(GENIRESPONSE_BADARGS, undef,
"Improper characters in rspec");
}
my $rspec =
eval { XMLin($rspec_string, KeyAttr => [],
ForceArray => ["node", "link", "interface",
"interface_ref", "linkendpoints"]) };
if ($@) {
print STDERR "XMLin error: $@\n";
return GeniResponse->Create(GENIRESPONSE_BADARGS, undef,
"XML error in rspec");
}
my $slice_uuid = $credential->target_uuid(); my $slice_uuid = $credential->target_uuid();
my $user_uuid = $credential->owner_uuid(); my $user_uuid = $credential->owner_uuid();
print STDERR $credential->target_cert() . "\n";
print STDERR $credential->owner_cert() . "\n";
#
# We need this below to sign the ticket.
#
my $authority = GeniCertificate->LoadFromFile($EMULAB_PEMFILE);
if (!defined($authority)) {
print STDERR " Could not get uuid from $EMULAB_PEMFILE\n";
return GeniResponse->Create(GENIRESPONSE_ERROR);
}
# #
# Create slice from the certificate. # Create slice from the certificate.
# #
...@@ -450,6 +426,35 @@ sub GetTicketAux($$$$$$) ...@@ -450,6 +426,35 @@ sub GetTicketAux($$$$$$)
"Could not get user info from ClearingHouse"); "Could not get user info from ClearingHouse");
} }
} }
return GetTicketAuxAux($slice, $user, $rspecstr,
$isupdate, $impotent, $v2, $level, $ticket);
}
sub GetTicketAuxAux($$$$$$$$)
{
my ($slice, $user,
$rspecstr, $isupdate, $impotent, $v2, $level, $ticket) = @_;
my $response = undef;
my $restorevirt = 0; # Flag to restore virtual state
my $restorephys = 0; # Flag to restore physical state
#
# We need this below to sign the ticket.
#
my $authority = GeniCertificate->LoadFromFile($EMULAB_PEMFILE);
if (!defined($authority)) {
print STDERR " Could not get uuid from $EMULAB_PEMFILE\n";
return GeniResponse->Create(GENIRESPONSE_ERROR);
}
my $rspec =
eval { XMLin($rspecstr, KeyAttr => [],
ForceArray => ["node", "link", "interface",
"interface_ref", "linkendpoints"]) };
if ($@) {
print STDERR "XMLin error: $@\n";
return GeniResponse->Create(GENIRESPONSE_BADARGS, undef,
"XML error in rspec");
}
# #
# A sitevar controls whether external users can get any nodes. # A sitevar controls whether external users can get any nodes.
...@@ -526,14 +531,19 @@ sub GetTicketAux($$$$$$) ...@@ -526,14 +531,19 @@ sub GetTicketAux($$$$$$)
# For now, there can be only a single toplevel aggregate per slice. # For now, there can be only a single toplevel aggregate per slice.
# The existence of an aggregate means the slice is active here. # The existence of an aggregate means the slice is active here.
# #
my $aggregate = GeniAggregate->SliceAggregate($slice);
if (!$isupdate) { if (!$isupdate) {
my $aggregate = GeniAggregate->SliceAggregate($slice);
if (defined($aggregate)) { if (defined($aggregate)) {
$response = GeniResponse->Create(GENIRESPONSE_BADARGS, undef, $response = GeniResponse->Create(GENIRESPONSE_BADARGS, undef,
"Already have an aggregate for slice"); "Already have an aggregate for slice");
goto bad; goto bad;
} }
} }
elsif ($v2 && $level && !defined($ticket) && !defined($aggregate)) {
print STDERR "No aggregate for $slice in version two API\n";
$response = GeniResponse->Create(GENIRESPONSE_ERROR);
goto bad;
}
# #
# Firewall hack; just a flag in the rspec for now. # Firewall hack; just a flag in the rspec for now.
...@@ -623,8 +633,15 @@ sub GetTicketAux($$$$$$) ...@@ -623,8 +633,15 @@ sub GetTicketAux($$$$$$)
$response = GeniResponse->Create(GENIRESPONSE_ERROR); $response = GeniResponse->Create(GENIRESPONSE_ERROR);
goto bad; goto bad;
} }
my $oldrspec;
if ($v2 && defined($aggregate)) {
$oldrspec = $aggregate->GetManifest(0);
}
else {
$oldrspec = $ticket->rspec();
}
foreach my $ref (@{$ticket->rspec()->{'node'}}) { foreach my $ref (@{$oldrspec->{'node'}}) {
my $resource_uuid = $ref->{'component_uuid'} || $ref->{'uuid'}; my $resource_uuid = $ref->{'component_uuid'} || $ref->{'uuid'};
my $manager_uuid = $ref->{'component_manager_uuid'}; my $manager_uuid = $ref->{'component_manager_uuid'};
my $node_nickname = $ref->{'virtual_id'} || $ref->{'nickname'}; my $node_nickname = $ref->{'virtual_id'} || $ref->{'nickname'};
...@@ -1155,9 +1172,9 @@ sub GetTicketAux($$$$$$) ...@@ -1155,9 +1172,9 @@ sub GetTicketAux($$$$$$)
} }
# #
# For the version 2 API, just return the annotated rspec. # For the version 2 minimal API, just return the annotated rspec.
# #
if ($v2) { if ($v2 && $level == 0) {
# Bad, should leave it locked, but Redeem below would fail, and # Bad, should leave it locked, but Redeem below would fail, and
# this whole arrangement is temporary, so lets not worry about it. # this whole arrangement is temporary, so lets not worry about it.
$slice->UnLock(); $slice->UnLock();
...@@ -1174,7 +1191,7 @@ sub GetTicketAux($$$$$$) ...@@ -1174,7 +1191,7 @@ sub GetTicketAux($$$$$$)
"Could not create GeniTicket object"); "Could not create GeniTicket object");
goto bad; goto bad;
} }
$newticket->SetSlice($slice_uuid); $newticket->SetSlice($slice->uuid());
if ($newticket->Sign()) { if ($newticket->Sign()) {
$response = GeniResponse->Create(GENIRESPONSE_ERROR, undef, $response = GeniResponse->Create(GENIRESPONSE_ERROR, undef,
...@@ -1187,7 +1204,7 @@ sub GetTicketAux($$$$$$) ...@@ -1187,7 +1204,7 @@ sub GetTicketAux($$$$$$)
goto bad; goto bad;
} }
if ($isupdate) { if ($isupdate && defined($ticket)) {
# #
# Delete (not release) the old ticket. # Delete (not release) the old ticket.
# #
...@@ -1234,7 +1251,7 @@ sub GetTicketAux($$$$$$) ...@@ -1234,7 +1251,7 @@ sub GetTicketAux($$$$$$)
$slice_experiment->RemoveVirtualState() $slice_experiment->RemoveVirtualState()
if (defined($slice_experiment)); if (defined($slice_experiment));
} }
if ($v2) { if ($v2 && $level == 0) {
CleanupDeadSlice($slice, 1) CleanupDeadSlice($slice, 1)
if (defined($slice)); if (defined($slice));
return $response; return $response;
...@@ -1316,19 +1333,20 @@ sub SliverWork($$) ...@@ -1316,19 +1333,20 @@ sub SliverWork($$)
return GeniResponse->Create(GENIRESPONSE_FORBIDDEN, undef, return GeniResponse->Create(GENIRESPONSE_FORBIDDEN, undef,
"This ticket is for another authority!"); "This ticket is for another authority!");
} }
return SliverWorkAux($credential, $ticket, $keys, $isupdate, $impotent, 0); return SliverWorkAux($credential, $ticket,
$keys, $isupdate, $impotent, 0, 0);
} }
sub SliverWorkAux($$$$$$) sub SliverWorkAux($$$$$$$)
{ {
my ($credential, $object, $keys, $isupdate, $impotent, $v2) = @_; my ($credential, $object, $keys, $isupdate, $impotent, $v2, $level) = @_;
my $didfwsetup = 0; my $didfwsetup = 0;
my $restorephys = 0; # Flag to restore physical state my $restorephys = 0; # Flag to restore physical state
my $ticket; my $ticket;
my $rspec; my $rspec;
# V2 API support. # V2 API support.
if ($v2) { if ($v2 && $level == 0) {
$rspec = $object; $rspec = $object;
} }
else { else {
...@@ -2502,19 +2520,6 @@ sub DeleteSliverAux($$$) ...@@ -2502,19 +2520,6 @@ sub DeleteSliverAux($$$)
return GeniResponse->BusyResponse(); return GeniResponse->BusyResponse();
} }
#
# In the V2 api, cleanup the entire slice and return.
#
if ($v2) {
if (CleanupDeadSlice($slice) != 0) {
$slice->UnLock();
print STDERR "DeleteSliver: CleanupDeadSlice failed\n";
return GeniResponse->Create(GENIRESPONSE_ERROR, undef,
"Could not delete sliver");
}
return GeniResponse->Create(GENIRESPONSE_SUCCESS);
}
my $experiment = $slice->GetExperiment(); my $experiment = $slice->GetExperiment();
my $pid = $experiment->pid(); my $pid = $experiment->pid();
my $eid = $experiment->eid(); my $eid = $experiment->eid();
...@@ -2540,7 +2545,7 @@ sub DeleteSliverAux($$$) ...@@ -2540,7 +2545,7 @@ sub DeleteSliverAux($$$)
goto bad; goto bad;
} }
} }
if ($aggregate->UnProvision() != 0) { if ($aggregate->UnProvision($v2) != 0) {
$response = $response =
GeniResponse->Create(GENIRESPONSE_ERROR, undef, GeniResponse->Create(GENIRESPONSE_ERROR, undef,
"Could not unprovision sliver"); "Could not unprovision sliver");
...@@ -2551,13 +2556,28 @@ sub DeleteSliverAux($$$) ...@@ -2551,13 +2556,28 @@ sub DeleteSliverAux($$$)
"Could not delete sliver"); "Could not delete sliver");
goto bad; goto bad;
} }
DBQueryWarn("delete from geni_manifests ". $experiment->RemovePhysicalState();
"where slice_uuid='$slice_uuid'"); $experiment->SetState(EXPTSTATE_SWAPPED());
if (system("$EXPORTS_SETUP")) {
print STDERR "$EXPORTS_SETUP failed\n";
}
if (system("$NAMEDSETUP")) {
print STDERR "$NAMEDSETUP failed\n";
}
#
# In the v2 API, caller returns a new ticket for the resources
# (which were not released).
#
if ($v2) {
# Slice still locked.
return 0;
}
$experiment->RemoveVirtualState(); $experiment->RemoveVirtualState();
$experiment->RemovePhysicalState(); DBQueryWarn("delete from geni_manifests ".
"where slice_uuid='$slice_uuid'");
} }
$experiment->SetState(EXPTSTATE_SWAPPED());
$slice->UnLock(); $slice->UnLock();
return GeniResponse->Create(GENIRESPONSE_SUCCESS); return GeniResponse->Create(GENIRESPONSE_SUCCESS);
......
This diff is collapsed.
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment