Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
feudal
feudalBackend
Commits
3920faf4
Commit
3920faf4
authored
Nov 30, 2018
by
Lukas Burgey
Browse files
Adapt to the changes of the client service config
parent
844200d8
Changes
4
Hide whitespace changes
Inline
Side-by-side
feudal/backend/auth/v1/views/clients.py
View file @
3920faf4
...
...
@@ -229,54 +229,47 @@ def topic_endpoint_apiclient(request, apiclient):
name
=
request
.
POST
.
get
(
'name'
,
''
)
routing_key
=
request
.
POST
.
get
(
'routing_key'
,
''
)
if
name
==
'groups'
or
name
==
'entitlements'
:
try
:
vo
=
None
if
name
==
'groups'
:
vo
=
Group
.
objects
.
get
(
name
=
routing_key
)
elif
name
==
'entitlements'
:
vo
=
Entitlement
.
objects
.
get
(
# we strip the group authority from the routing key if it was included
name
=
Entitlement
.
extract_name
(
routing_key
),
)
try
:
if
name
==
'groups'
or
name
==
'entitlements'
:
try
:
vo
=
None
if
name
==
'groups'
:
vo
=
Group
.
objects
.
get
(
name
=
routing_key
)
elif
name
==
'entitlements'
:
vo
=
Entitlement
.
objects
.
get
(
# we strip the group authority from the routing key if it was included
name
=
Entitlement
.
extract_name
(
routing_key
),
)
models
.
Site
.
objects
.
get
(
services__vos
=
vo
,
client
=
apiclient
,
)
return
topic_auth_decision
(
request
,
ALLOW
)
except
models
.
Site
.
MultipleObjectsReturned
:
return
topic_auth_decision
(
request
,
ALLOW
)
except
models
.
Site
.
DoesNotExist
:
except
(
Group
.
DoesNotExist
,
Entitlement
.
DoesNotExist
):
LOGGER
.
error
(
'VO does not exist: %s'
,
routing_key
)
return
topic_auth_decision
(
request
,
DENY
)
except
(
Group
.
DoesNotExist
,
Entitlement
.
DoesNotExist
):
LOGGER
.
error
(
'VO does not exist: %s'
,
routing_key
)
return
topic_auth_decision
(
request
,
DENY
)
elif
name
==
'services'
:
try
:
service
=
models
.
Service
.
objects
.
get
(
name
=
routing_key
)
elif
name
==
'services'
:
try
:
service
=
models
.
Service
.
objects
.
get
(
name
=
routing_key
)
models
.
Site
.
objects
.
get
(
services
=
service
,
client
=
apiclient
,
)
return
topic_auth_decision
(
request
,
ALLOW
)
except
models
.
Site
.
MultipleObjectsReturned
:
return
topic_auth_decision
(
request
,
ALLOW
)
except
models
.
Site
.
DoesNotExist
:
except
models
.
Service
.
DoesNotExist
:
LOGGER
.
error
(
'Service does not exist: %s'
,
routing_key
)
return
topic_auth_decision
(
request
,
DENY
)
except
models
.
Service
.
DoesNotExist
:
LOGGER
.
error
(
'Service does not exist: %s'
,
routing_key
)
return
topic_auth_decision
(
request
,
DENY
)
except
models
.
Site
.
MultipleObjectsReturned
:
return
topic_auth_decision
(
request
,
ALLOW
)
except
models
.
Site
.
DoesNotExist
:
return
topic_auth_decision
(
request
,
DENY
)
return
topic_auth_decision
(
request
,
DENY
)
...
...
feudal/backend/models/deployments.py
View file @
3920faf4
...
...
@@ -53,12 +53,18 @@ def get_deployment(user, vo=None, service=None):
raise
ValueError
(
'Cannot create deployment for both vo and service'
)
if
vo
is
not
None
:
# get_deployment updates automatically
return
VODeployment
.
get_deployment
(
user
,
vo
)
if
service
is
not
None
:
# get_deployment updates automatically
return
ServiceDeployment
.
get_deployment
(
user
,
service
)
raise
ValueError
(
'Need vo or service to create deployment'
)
deps
=
Deployment
.
objects
.
filter
(
user
=
user
)
for
dep
in
deps
:
dep
.
update
()
return
deps
class
Deployment
(
PolymorphicModel
):
...
...
@@ -222,7 +228,10 @@ class VODeployment(Deployment):
def
routing_key
(
self
):
return
self
.
vo
.
name
def
create_states
(
self
):
def
update
(
self
):
self
.
_create_states
()
def
_create_states
(
self
):
for
service
in
self
.
services
:
DeploymentState
.
get_state_item
(
self
.
user
,
...
...
@@ -238,7 +247,7 @@ class VODeployment(Deployment):
user
=
user
,
vo
=
vo
,
)
deployment
.
create_states
()
deployment
.
update
()
return
deployment
...
...
@@ -249,7 +258,7 @@ class VODeployment(Deployment):
)
deployment
.
save
()
deployment
.
create_states
()
deployment
.
update
()
LOGGER
.
debug
(
deployment
.
msg
(
'Created'
))
return
deployment
...
...
@@ -295,7 +304,7 @@ class ServiceDeployment(Deployment):
def
routing_key
(
self
):
return
self
.
service
.
name
def
create_state
_item
(
self
):
def
_
create_state
(
self
):
DeploymentState
.
get_state_item
(
self
.
user
,
self
.
service
.
site
,
...
...
@@ -303,6 +312,9 @@ class ServiceDeployment(Deployment):
deployments
=
[
self
],
)
def
update
(
self
):
self
.
_create_state
()
@
classmethod
def
get_deployment
(
cls
,
user
,
service
):
try
:
...
...
@@ -310,7 +322,7 @@ class ServiceDeployment(Deployment):
user
=
user
,
service
=
service
,
)
deployment
.
create_state_item
()
deployment
.
update
()
return
deployment
...
...
@@ -319,9 +331,8 @@ class ServiceDeployment(Deployment):
user
=
user
,
service
=
service
)
deployment
.
save
()
deployment
.
create_state_item
()
deployment
.
update
()
LOGGER
.
debug
(
deployment
.
msg
(
'Created'
))
return
deployment
...
...
feudal/backend/models/users.py
View file @
3920faf4
...
...
@@ -368,7 +368,8 @@ class User(AbstractUser):
def
user_changed_key_added
(
self
,
key
):
LOGGER
.
debug
(
self
.
msg
(
'Added: {}'
.
format
(
key
)))
for
dep
in
self
.
deployments
.
all
():
from
.
import
deployments
for
dep
in
deployments
.
get_deployment
(
self
):
dep
.
user_credential_added
(
key
)
def
user_remove_key
(
self
,
key
):
...
...
@@ -377,7 +378,8 @@ class User(AbstractUser):
if
key
.
delete_key
():
return
for
dep
in
self
.
deployments
.
all
():
from
.
import
deployments
for
dep
in
deployments
.
get_deployment
(
self
):
dep
.
user_credential_removed
(
key
)
def
user_changed_vo_added
(
self
,
vo
):
...
...
feudal/backend/views/clients.py
View file @
3920faf4
...
...
@@ -61,7 +61,6 @@ class ResponseView(views.APIView):
# find the corresponding DeploymentState for this response
try
:
deployment_state
=
client_site
.
states
.
get
(
# TODO this query might not work
deployments__id
=
int
(
deployment_id
),
site
=
client_site
,
service
=
service
,
...
...
@@ -73,7 +72,12 @@ class ResponseView(views.APIView):
return
Response
({})
except
DeploymentState
.
DoesNotExist
:
LOGGER
.
error
(
'[ResponseView] No matching DStateItem'
)
LOGGER
.
error
(
'[ResponseView] No DeploymentState for service %s at site %s; deployment id %s'
,
service
,
client_site
,
deployment_id
,
)
return
response_view_error
(
'no matching DeploymentState'
)
...
...
@@ -82,59 +86,13 @@ class ConfigurationView(views.APIView):
authentication_classes
=
AUTHENTICATION_CLASSES
@
staticmethod
def
handle_group_to_services
(
site
,
group_to_services
):
for
group_name
,
group_service_list
in
group_to_services
.
items
():
group
=
Group
.
get_group
(
name
=
group_name
,
)
for
group_service
in
group_service_list
:
name
=
group_service
.
get
(
'name'
,
None
)
if
name
is
None
:
LOGGER
.
error
(
'Client pushed invalid service: %s'
,
group_service
)
continue
description
=
group_service
.
get
(
'description'
,
None
)
service
=
Service
.
get_service
(
name
,
site
,
description
=
description
,
)
# add group to the services VOs
try
:
service
.
vos
.
get
(
name
=
group_name
)
except
VO
.
DoesNotExist
:
service
.
vos
.
add
(
group
)
@
staticmethod
def
handle_entitlement_to_services
(
site
,
entitlement_to_services
):
for
entitlement_name
,
entitlement_service_list
in
entitlement_to_services
.
items
():
entitlement
=
Entitlement
.
get_entitlement
(
name
=
entitlement_name
,
)
for
entitlement_service
in
entitlement_service_list
:
name
=
entitlement_service
.
get
(
'name'
,
None
)
if
name
is
None
:
LOGGER
.
error
(
'Client pushed invalid service: %s'
,
entitlement_service
)
continue
description
=
entitlement_service
.
get
(
'description'
,
''
)
service
=
Service
.
get_service
(
name
,
site
,
description
=
description
,
)
# add entitlement to the services VOs
try
:
service
.
vos
.
get
(
name
=
entitlement_name
)
except
VO
.
DoesNotExist
:
service
.
vos
.
add
(
entitlement
)
def
add_vo_to_service
(
service
,
vo
):
try
:
service
.
vos
.
get
(
name
=
vo
.
name
)
except
VO
.
DoesNotExist
:
service
.
vos
.
add
(
vo
)
# the client puts its (stripped) config
def
put
(
self
,
request
):
# the site where client is located
...
...
@@ -144,27 +102,47 @@ class ConfigurationView(views.APIView):
except
Site
.
DoesNotExist
:
raise
ImproperlyConfigured
(
"client has no site"
)
group_to_services
=
request
.
data
.
get
(
'group_to_services'
,
None
)
if
group_to_services
is
not
None
:
self
.
handle_group_to_services
(
client_site
,
group_to_services
)
entitlement_to_services
=
request
.
data
.
get
(
'entitlement_to_services'
,
{})
if
entitlement_to_services
is
not
None
:
self
.
handle_entitlement_to_services
(
client_site
,
entitlement_to_services
)
# TODO deactivate vanished services
# create the services
sid_to_service
=
{}
if
'services'
in
request
.
data
:
services
=
request
.
data
[
'services'
]
for
service_id
in
services
:
service_descriptor
=
services
[
service_id
]
if
'name'
in
service_descriptor
:
sid_to_service
[
service_id
]
=
Service
.
get_service
(
service_descriptor
[
'name'
],
client_site
,
description
=
service_descriptor
.
get
(
'description'
,
''
),
)
# TODO remove vanished services
# apply groups / entitlements to the services
if
'group_to_service_ids'
in
request
.
data
:
group_to_service_ids
=
request
.
data
[
'group_to_service_ids'
]
for
group_name
in
group_to_service_ids
:
group
=
Group
.
get_group
(
name
=
group_name
)
for
service_id
in
group_to_service_ids
[
group_name
]:
self
.
add_vo_to_service
(
sid_to_service
[
service_id
],
group
)
if
'entitlement_to_service_ids'
in
request
.
data
:
entitlement_to_service_ids
=
request
.
data
[
'entitlement_to_service_ids'
]
for
entitlement_name
in
entitlement_to_service_ids
:
entitlement
=
Entitlement
.
get_entitlement
(
name
=
entitlement_name
)
for
service_id
in
entitlement_to_service_ids
[
entitlement_name
]:
self
.
add_vo_to_service
(
sid_to_service
[
service_id
],
entitlement
)
# initialize the broker, just in case
broker
=
RabbitMQInstance
.
load
()
broker
.
initialize
()
response
=
{
re
turn
Re
sponse
(
{
'rabbitmq_config'
:
clients
.
RabbitMQInstanceSerializer
(
broker
,
).
data
,
'site'
:
request
.
user
.
site
.
name
,
}
return
Response
(
response
)
})
class
DeregisterView
(
views
.
APIView
):
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment