Commit 0b65e129 authored by Leigh Stoller's avatar Leigh Stoller

Minor changes to support speaksfor (non-abac) operation.

Add -S option to supply a speaksfor credential.
Other small changes to prevent superfluous calls to SA, which
does not support speaksfor.
parent 4a49f89c
#! /usr/bin/env python
#
# Copyright (c) 2008-2011 University of Utah and the Flux Group.
# Copyright (c) 2008-2013 University of Utah and the Flux Group.
#
# {{{GENIPUBLIC-LICENSE
#
......@@ -40,7 +40,8 @@ import re
ACCEPTSLICENAME=1
debug = 0
impotent = 1
impotent = 0
dokeys = 1
execfile( "test-common.py" )
......@@ -72,14 +73,16 @@ print "Got my SA credential"
#
# Lookup my ssh keys.
#
params = {}
params["credential"] = mycredential
rval,response = do_method("sa", "GetKeys", params)
if rval:
Fatal("Could not get my keys")
if dokeys:
params = {}
params["credential"] = mycredential
rval,response = do_method("sa", "GetKeys", params)
if rval:
Fatal("Could not get my keys")
pass
mykeys = response["value"]
if debug: print str(mykeys)
pass
mykeys = response["value"]
if debug: print str(mykeys)
#
# Lookup slice and get credential.
......@@ -98,7 +101,9 @@ params = {}
params["credentials"] = (slicecredential,)
params["slice_urn"] = myslice["urn"]
params["rspec"] = rspec
params["keys"] = mykeys
if dokeys:
params["keys"] = mykeys
pass
params["impotent"] = impotent
rval,response = do_method("cm", "CreateSliver", params, version="2.0")
if rval:
......
#! /usr/bin/env python
#
# Copyright (c) 2008-2011 University of Utah and the Flux Group.
# Copyright (c) 2008-2013 University of Utah and the Flux Group.
#
# {{{GENIPUBLIC-LICENSE
#
......@@ -40,7 +40,8 @@ import re
ACCEPTSLICENAME=1
debug = 0
impotent = 1
impotent = 0
dokeys = 1
execfile( "test-common.py" )
......@@ -63,36 +64,29 @@ if len(REQARGS) == 1:
#
# Lookup my ssh keys.
#
params = {}
params["credential"] = mycredential
params["version"] = 2
rval,response = do_method("sa", "GetKeys", params)
if rval:
if dokeys:
params = {}
params["credential"] = mycredential
params["version"] = 2
rval,response = do_method("sa", "GetKeys", params)
if rval:
Fatal("Could not get my keys")
pass
mykeys = response["value"]
if debug: print str(mykeys)
mykeys = response["value"]
if debug: print str(mykeys)
pass
#
# Lookup slice.
# Lookup slice and get credential.
#
params = {}
params["credential"] = mycredential
params["type"] = "Slice"
params["hrn"] = SLICENAME
rval,response = do_method("sa", "Resolve", params)
if rval:
Fatal("No such slice at SA");
pass
else:
#
# Get the slice credential.
#
print "Asking for slice credential for " + SLICENAME
myslice = response["value"]
slicecred = get_slice_credential( myslice, mycredential )
print "Got the slice credential"
pass
myslice = resolve_slice( SLICENAME, mycredential )
#
# Get the slice credential.
#
print "Asking for slice credential for " + SLICENAME
slicecred = get_slice_credential( myslice, mycredential )
print "Got the slice credential"
if ticket == "":
#
......@@ -148,7 +142,9 @@ params = {}
params["credentials"] = (redeemcred,)
params["ticket"] = ticket
params["slice_urn"] = myslice["urn"]
params["keys"] = mykeys
if dokeys:
params["keys"] = mykeys
pass
rval,response = do_method("cm", "RedeemTicket", params, version="2.0")
if rval:
Fatal("Could not redeem the ticket")
......
#! /usr/bin/env python
#
# Copyright (c) 2008-2010 University of Utah and the Flux Group.
# Copyright (c) 2008-2013 University of Utah and the Flux Group.
#
# {{{GENIPUBLIC-LICENSE
#
......@@ -51,25 +51,16 @@ mycredential = get_self_credential()
print "Got my SA credential"
#
# Lookup slice.
# Lookup slice and get credential.
#
params = {}
params["credential"] = mycredential
params["type"] = "Slice"
params["hrn"] = SLICENAME
rval,response = do_method("sa", "Resolve", params)
if rval:
Fatal("No such slice at SA");
pass
else:
#
# Get the slice credential.
#
print "Asking for slice credential for " + SLICENAME
myslice = response["value"]
slicecred = get_slice_credential( myslice, mycredential )
print "Got the slice credential"
pass
myslice = resolve_slice( SLICENAME, mycredential )
#
# Get the slice credential.
#
print "Asking for slice credential for " + SLICENAME
slicecred = get_slice_credential( myslice, mycredential )
print "Got the slice credential"
#
# Do a resolve to get the ticket urn.
......
......@@ -58,6 +58,7 @@ DELETE = 0
selfcredentialfile = None
slicecredentialfile = None
admincredentialfile = None
speaksforcredential = None
if "Usage" not in dir():
def Usage():
......@@ -88,15 +89,17 @@ def BaseOptions():
[default: ~/.ssl/password]
-r file, --read-commands=file specify additional configuration file
-s file, --slicecredentials=file read slice credentials from file
[default: query from SA]"""
[default: query from SA]
-S file, --speaksfor=file read speaksfor credential from file"""
pass
try:
opts, REQARGS = getopt.gnu_getopt( sys.argv[ 1: ], "a:c:df:hl:m:n:p:r:s:",
opts, REQARGS = getopt.gnu_getopt( sys.argv[ 1: ], "a:c:df:hl:m:n:p:r:s:S:",
[ "admincredentials=", "credentials=",
"debug", "certificate=",
"help", "sa=", "cm=", "slicename=",
"passphrase=", "read-commands=",
"speaksfor=",
"slicecredentials=", "delete" ] )
except getopt.GetoptError, err:
print >> sys.stderr, str( err )
......@@ -142,6 +145,10 @@ for opt, arg in opts:
EXTRACONF = arg
elif opt in ( "-s", "--slicecredentials" ):
slicecredentialfile = arg
elif opt in ( "-S", "--speaksfor" ):
f = open(arg)
speaksforcredential = f.read()
f.close()
elif opt in ( "--delete" ):
DELETE = 1
......@@ -230,6 +237,15 @@ def geni_am_response_handler(method, method_args):
#
def do_method(module, method, params, URI=None, quiet=False, version=None,
response_handler=None):
#
# Add speaksforcredential for credentials list.
#
if "credentials" in params and speaksforcredential:
if 1 or type(params["credentials"]) is tuple:
params["credentials"] = list(params["credentials"])
pass
params["credentials"].append(speaksforcredential);
pass
if URI == None and CMURI and (module == "cm" or module == "cmv2"):
URI = CMURI
......@@ -358,6 +374,10 @@ def get_self_credential():
return response["value"]
def resolve_slice( name, selfcredential ):
if slicecredentialfile:
myslice = {}
myslice["urn"] = SLICEURN
return myslice
params = {}
params["credential"] = mycredential
params["type"] = "Slice"
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment