Commit 71159201 authored by Jonathon Duerig's avatar Jonathon Duerig

More pre-GEC fixes to the GENI SA.

parent 9ea87020
...@@ -71,6 +71,7 @@ CREATE TABLE `geni_slices` ( ...@@ -71,6 +71,7 @@ CREATE TABLE `geni_slices` (
`monitor_pid` int(11) default '0', `monitor_pid` int(11) default '0',
`expiration_max` datetime default NULL, `expiration_max` datetime default NULL,
`renew_limit` time default NULL, `renew_limit` time default NULL,
`description` mediumtext default NULL,
PRIMARY KEY (`idx`), PRIMARY KEY (`idx`),
UNIQUE KEY `hrn` (`hrn`), UNIQUE KEY `hrn` (`hrn`),
UNIQUE KEY `uuid` (`uuid`) UNIQUE KEY `uuid` (`uuid`)
......
...@@ -314,6 +314,7 @@ sub speaksfor_urn($) { return field($_[0], "speaksfor_urn"); } ...@@ -314,6 +314,7 @@ sub speaksfor_urn($) { return field($_[0], "speaksfor_urn"); }
sub speaksfor_uuid($) { return field($_[0], "speaksfor_uuid"); } sub speaksfor_uuid($) { return field($_[0], "speaksfor_uuid"); }
sub expiration_max($) { return field($_[0], "expiration_max"); } sub expiration_max($) { return field($_[0], "expiration_max"); }
sub renew_limit($) { return field($_[0], "renew_limit"); } sub renew_limit($) { return field($_[0], "renew_limit"); }
sub description($) { return field($_[0], "description"); }
sub cert($) { return $_[0]->{'CERT'}->cert(); } sub cert($) { return $_[0]->{'CERT'}->cert(); }
sub GetCertificate($) { return $_[0]->{'CERT'}; } sub GetCertificate($) { return $_[0]->{'CERT'}; }
sub LOCKED($) { return $_[0]->{'LOCKED'}; } sub LOCKED($) { return $_[0]->{'LOCKED'}; }
...@@ -430,6 +431,26 @@ sub LookupByCreator($$) ...@@ -430,6 +431,26 @@ sub LookupByCreator($$)
return @result; return @result;
} }
sub BoundToUser($$)
{
my ($class, $user) = @_;
my $uuid = $user->uuid();
my $query_result =
DBQueryWarn("select slice_uuid from geni_bindings ".
"where user_uuid='$uuid'");
return undef unless defined($query_result);
my @result = ();
while (my ($slice_uuid) = $query_result->fetchrow_array()) {
my $slice = GeniSlice->Lookup($slice_uuid);
push(@result, $slice)
if (defined($slice));
}
return @result;
}
# #
# We lock at a very coarse grain, mostly in the CM. When a slice is busy # We lock at a very coarse grain, mostly in the CM. When a slice is busy
# we cannot expire things from it. # we cannot expire things from it.
...@@ -956,6 +977,22 @@ sub SetSpeaksFor($$) ...@@ -956,6 +977,22 @@ sub SetSpeaksFor($$)
return 0; return 0;
} }
sub SetDescription($$)
{
my ($self, $description) = @_;
my $uuid = $self->uuid();
my $safe_description = DBQuoteSpecial($description);
return -w
if (!DBQueryWarn("update geni_slices set " .
" description=$safe_description ".
"where uuid='$uuid'"));
$self->{'SLICE'}->{'description'} = $description;
return 0;
}
sub SetRenewLimit($$) sub SetRenewLimit($$)
{ {
my ($self, $limit) = @_; my ($self, $limit) = @_;
......
...@@ -91,6 +91,12 @@ sub CreateSlice($$) ...@@ -91,6 +91,12 @@ sub CreateSlice($$)
} }
my $sliceCred = GeniCredential->CreateFromSigned(GeniResponse::value($response)); my $sliceCred = GeniCredential->CreateFromSigned(GeniResponse::value($response));
my $slice = GeniSlice->Lookup($sliceCred->target_urn());
if (exists($options->{'fields'}->{'SLICE_DESCRIPTION'})) {
my $description = $options->{'fields'}->{'SLICE_DESCRIPTION'};
$slice->SetDescription($description);
}
my $blob = { my $blob = {
"SLICE_URN" => $sliceCred->target_urn(), "SLICE_URN" => $sliceCred->target_urn(),
"SLICE_EXPIRATION" => $sliceCred->expires() "SLICE_EXPIRATION" => $sliceCred->expires()
...@@ -107,6 +113,7 @@ sub LookupSlices() ...@@ -107,6 +113,7 @@ sub LookupSlices()
return $credential return $credential
if (GeniResponse::IsResponse($credential)); if (GeniResponse::IsResponse($credential));
# TODO: Make sure that slice URN is the same as the credential URN
$credential->HasPrivilege( "authority" ) or $credential->HasPrivilege( "authority" ) or
$credential->HasPrivilege( "resolve" ) or $credential->HasPrivilege( "resolve" ) or
return GeniResponse->Create( GENIRESPONSE_FORBIDDEN, undef, return GeniResponse->Create( GENIRESPONSE_FORBIDDEN, undef,
...@@ -116,20 +123,26 @@ sub LookupSlices() ...@@ -116,20 +123,26 @@ sub LookupSlices()
my $members = {}; my $members = {};
if (defined($match)) { if (defined($match)) {
print STDERR "-- DEFINED\n";
foreach my $key (@{ $match }) { foreach my $key (@{ $match }) {
print STDERR "-- foreach\n";
my $slice = GeniSlice->Lookup($key); my $slice = GeniSlice->Lookup($key);
if (defined($slice)) { if (defined($slice)) {
print STDERR "-- found slice\n"; my $description = '';
if (defined($slice->description())) {
$description = $slice->description();
}
my $isExpired = 'False';
if ($slice->IsExpired()) {
$isExpired = 'True';
}
my $completeblob = { my $completeblob = {
"SLICE_URN" => $slice->urn(), "SLICE_URN" => $slice->urn(),
"SLICE_UID" => $slice->uuid(), "SLICE_UID" => $slice->uuid(),
"SLICE_CREATION" => $slice->created(), "SLICE_CREATION" => $slice->created(),
"SLICE_EXPIRATION" => $slice->expires(), "SLICE_EXPIRATION" => $slice->expires(),
"SLICE_EXPIRED" => "False", "SLICE_EXPIRED" => $isExpired,
"SLICE_NAME" => $slice->hrn(), "SLICE_NAME" => $slice->hrn(),
"SLICE_DESCRIPTION" => "A Slice", "SLICE_DESCRIPTION" => $description,
"SLICE_PROJECT_URN" => "Unimplemented" "SLICE_PROJECT_URN" => "Unimplemented"
}; };
my $blob = GeniStd::FilterFields($completeblob, $filter); my $blob = GeniStd::FilterFields($completeblob, $filter);
...@@ -143,8 +156,28 @@ sub LookupSlices() ...@@ -143,8 +156,28 @@ sub LookupSlices()
sub UpdateSlice() sub UpdateSlice()
{ {
my ($slice_urn, $credential_args, $options) = @_; my ($slice_urn, $credential_args, $options) = @_;
return GeniResponse->Create(GENIRESPONSE_NOT_IMPLEMENTED, undef, my $credential = GeniStd::CheckCredentials(GeniStd::FilterCredentials($credential_args));
"Update Slice is not implemented"); return $credential
if (GeniResponse::IsResponse($credential));
# TODO: Make sure that slice URN is the same as the credential URN
my $slice = GeniSlice->Lookup($slice_urn);
my $response;
if (exists($options->{'fields'}->{'SLICE_DESCRIPTION'})) {
$slice->SetDescription($options->{'fields'}->{'SLICE_DESCRIPTION'});
}
if (exists($options->{'fields'}->{'SLICE_EXPIRES'})) {
my $args = {
"credential" => $credential->asString(),
"expiration" => $options->{'fields'}->{'SLICE_EXPIRES'}
};
$response = GeniSA::RenewSlice($args);
}
return $response
if (GeniResponse::IsError($response));
return GeniResponse->Create(GENIRESPONSE_SUCCESS, {});
} }
sub GetCredentials() sub GetCredentials()
...@@ -243,12 +276,13 @@ sub LookupSliceMembers() ...@@ -243,12 +276,13 @@ sub LookupSliceMembers()
"Who are you? No local record"); "Who are you? No local record");
} }
if ($credential->target_urn() ne $slice_urn) { # TODO: How do we validate slice urn?
return GeniResponse->Create(GENIRESPONSE_BADARGS, undef, # if ($credential->target_urn() ne $slice_urn) {
"Slice URN does not match credential URN"); # return GeniResponse->Create(GENIRESPONSE_BADARGS, undef,
} # "Slice URN does not match credential URN");
# }
my $slice = GeniSlice->Lookup($credential->target_urn()); my $slice = GeniSlice->Lookup($slice_urn);
if (!defined($slice)) { if (!defined($slice)) {
return GeniResponse->Create(GENIRESPONSE_SEARCHFAILED, undef, return GeniResponse->Create(GENIRESPONSE_SEARCHFAILED, undef,
"Unknown slice for this credential"); "Unknown slice for this credential");
...@@ -260,6 +294,7 @@ sub LookupSliceMembers() ...@@ -260,6 +294,7 @@ sub LookupSliceMembers()
return GeniResponse->Create(GENIRESPONSE_ERROR, undef, return GeniResponse->Create(GENIRESPONSE_ERROR, undef,
"Failed to lookup member bindings"); "Failed to lookup member bindings");
} }
push(@{ $uuids }, $this_user->uuid());
my $result = []; my $result = [];
foreach my $id (@{ $uuids }) { foreach my $id (@{ $uuids }) {
...@@ -269,14 +304,59 @@ sub LookupSliceMembers() ...@@ -269,14 +304,59 @@ sub LookupSliceMembers()
'SLICE_ROLE' => 'MEMBER' }); 'SLICE_ROLE' => 'MEMBER' });
} }
} }
return GeniResposne->CREATE(GENIRESPONSE_SUCCESS, $result); return GeniResponse->Create(GENIRESPONSE_SUCCESS, $result);
} }
sub LookupSlicesForMember() sub LookupSlicesForMember($$$)
{ {
my ($member_urn, $credential_args, $options) = @_; my ($member_urn, $credential_args, $options) = @_;
return GeniResponse->Create(GENIRESPONSE_NOT_IMPLEMENTED, undef, if (! defined($member_urn) ||
"Lookup Slices for Member is not implemented"); ! defined($credential_args) ||
! defined($options))
{
return GeniResponse->MalformedArgsResponse('Requires a member urn, a list of credentials, and an options field');
}
my ($cred) = GeniStd::CheckCredentials(GeniStd::FilterCredentials($credential_args));
my $credential = GeniCredential::CheckCredential($cred->asString());
return $credential
if (GeniResponse::IsResponse($credential));
if ($ENV{'GENIURN'} ne $member_urn) {
return GeniResponse->Create(GENIRESPONSE_FORBIDDEN, undef,
"You are not allowed to lookup slices for other members");
}
my $this_user = GeniUser->Lookup($ENV{'GENIURN'}, 1);
if (!defined($this_user)) {
return GeniResponse->Create(GENIRESPONSE_FORBIDDEN, undef,
"Who are you? No local record");
}
my $result = [];
my @created = GeniSlice->LookupByCreator($this_user);
my @bound = GeniSlice->BoundToUser($this_user);
addSlicesToMemberList(\@created, $result)
if (defined(@created));
addSlicesToMemberList(\@bound, $result)
if (defined(@bound));
return GeniResponse->Create(GENIRESPONSE_SUCCESS, $result);
}
sub addSlicesToMemberList($$)
{
my ($slices, $result) = @_;
foreach my $slice (@{ $slices }) {
my $blob = {
'SLICE_URN' => $slice->urn(),
'SLICE_ROLE' => 'MEMBER'
};
push(@{ $result }, $blob);
}
} }
sub CreateSliverInfo($$$$) sub CreateSliverInfo($$$$)
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment