Skip to content

F
feudalBackend
Commit 3920faf4 authored by Lukas Burgey's avatar Lukas Burgey
Browse files
Options

Adapt to the changes of the client service config

parent 844200d8
Hide whitespace changes
Inline Side-by-side
Showing with 90 additions and 106 deletions
feudal/backend/auth/v1/views/clients.py
View file @ 3920faf4
......@@ -229,54 +229,47 @@ def topic_endpoint_apiclient(request, apiclient):
name = request.POST.get('name', '')
routing_key = request.POST.get('routing_key', '')
if name == 'groups' or name == 'entitlements':
try:
vo = None
if name == 'groups':
vo = Group.objects.get(name=routing_key)
elif name == 'entitlements':
vo = Entitlement.objects.get(
# we strip the group authority from the routing key if it was included
name=Entitlement.extract_name(routing_key),
)
try:
if name == 'groups' or name == 'entitlements':
try:
vo = None
if name == 'groups':
vo = Group.objects.get(name=routing_key)
elif name == 'entitlements':
vo = Entitlement.objects.get(
# we strip the group authority from the routing key if it was included
name=Entitlement.extract_name(routing_key),
)
models.Site.objects.get(
services__vos=vo,
client=apiclient,
)
return topic_auth_decision(request, ALLOW)
except models.Site.MultipleObjectsReturned:
return topic_auth_decision(request, ALLOW)
except models.Site.DoesNotExist:
except (Group.DoesNotExist, Entitlement.DoesNotExist):
LOGGER.error('VO does not exist: %s', routing_key)
return topic_auth_decision(request, DENY)
except (Group.DoesNotExist, Entitlement.DoesNotExist):
LOGGER.error('VO does not exist: %s', routing_key)
return topic_auth_decision(request, DENY)
elif name == 'services':
try:
service = models.Service.objects.get(name=routing_key)
elif name == 'services':
try:
service = models.Service.objects.get(name=routing_key)
models.Site.objects.get(
services=service,
client=apiclient,
)
return topic_auth_decision(request, ALLOW)
except models.Site.MultipleObjectsReturned:
return topic_auth_decision(request, ALLOW)
except models.Site.DoesNotExist:
except models.Service.DoesNotExist:
LOGGER.error('Service does not exist: %s', routing_key)
return topic_auth_decision(request, DENY)
except models.Service.DoesNotExist:
LOGGER.error('Service does not exist: %s', routing_key)
return topic_auth_decision(request, DENY)
except models.Site.MultipleObjectsReturned:
return topic_auth_decision(request, ALLOW)
except models.Site.DoesNotExist:
return topic_auth_decision(request, DENY)
return topic_auth_decision(request, DENY)
......
feudal/backend/models/deployments.py
View file @ 3920faf4
......@@ -53,12 +53,18 @@ def get_deployment(user, vo=None, service=None):
raise ValueError('Cannot create deployment for both vo and service')
if vo is not None:
# get_deployment updates automatically
return VODeployment.get_deployment(user, vo)
if service is not None:
# get_deployment updates automatically
return ServiceDeployment.get_deployment(user, service)
raise ValueError('Need vo or service to create deployment')
deps = Deployment.objects.filter(user=user)
for dep in deps:
dep.update()
return deps
class Deployment(PolymorphicModel):
......@@ -222,7 +228,10 @@ class VODeployment(Deployment):
def routing_key(self):
return self.vo.name
def create_states(self):
def update(self):
self._create_states()
def _create_states(self):
for service in self.services:
DeploymentState.get_state_item(
self.user,
......@@ -238,7 +247,7 @@ class VODeployment(Deployment):
user=user,
vo=vo,
)
deployment.create_states()
deployment.update()
return deployment
......@@ -249,7 +258,7 @@ class VODeployment(Deployment):
)
deployment.save()
deployment.create_states()
deployment.update()
LOGGER.debug(deployment.msg('Created'))
return deployment
......@@ -295,7 +304,7 @@ class ServiceDeployment(Deployment):
def routing_key(self):
return self.service.name
def create_state_item(self):
def _create_state(self):
DeploymentState.get_state_item(
self.user,
self.service.site,
......@@ -303,6 +312,9 @@ class ServiceDeployment(Deployment):
deployments=[self],
)
def update(self):
self._create_state()
@classmethod
def get_deployment(cls, user, service):
try:
......@@ -310,7 +322,7 @@ class ServiceDeployment(Deployment):
user=user,
service=service,
)
deployment.create_state_item()
deployment.update()
return deployment
......@@ -319,9 +331,8 @@ class ServiceDeployment(Deployment):
user=user,
service=service
)
deployment.save()
deployment.create_state_item()
deployment.update()
LOGGER.debug(deployment.msg('Created'))
return deployment
......
feudal/backend/models/users.py
View file @ 3920faf4
......@@ -368,7 +368,8 @@ class User(AbstractUser):
def user_changed_key_added(self, key):
LOGGER.debug(self.msg('Added: {}'.format(key)))
for dep in self.deployments.all():
from . import deployments
for dep in deployments.get_deployment(self):
dep.user_credential_added(key)
def user_remove_key(self, key):
......@@ -377,7 +378,8 @@ class User(AbstractUser):
if key.delete_key():
return
for dep in self.deployments.all():
from . import deployments
for dep in deployments.get_deployment(self):
dep.user_credential_removed(key)
def user_changed_vo_added(self, vo):
......
feudal/backend/views/clients.py
View file @ 3920faf4
......@@ -61,7 +61,6 @@ class ResponseView(views.APIView):
# find the corresponding DeploymentState for this response
try:
deployment_state = client_site.states.get(
# TODO this query might not work
deployments__id=int(deployment_id),
site=client_site,
service=service,
......@@ -73,7 +72,12 @@ class ResponseView(views.APIView):
return Response({})
except DeploymentState.DoesNotExist:
LOGGER.error('[ResponseView] No matching DStateItem')
LOGGER.error(
'[ResponseView] No DeploymentState for service %s at site %s; deployment id %s',
service,
client_site,
deployment_id,
)
return response_view_error('no matching DeploymentState')
......@@ -82,59 +86,13 @@ class ConfigurationView(views.APIView):
authentication_classes = AUTHENTICATION_CLASSES
@staticmethod
def handle_group_to_services(site, group_to_services):
for group_name, group_service_list in group_to_services.items():
group = Group.get_group(
name=group_name,
)
for group_service in group_service_list:
name = group_service.get('name', None)
if name is None:
LOGGER.error('Client pushed invalid service: %s', group_service)
continue
description = group_service.get('description', None)
service = Service.get_service(
name,
site,
description=description,
)
# add group to the services VOs
try:
service.vos.get(name=group_name)
except VO.DoesNotExist:
service.vos.add(group)
@staticmethod
def handle_entitlement_to_services(site, entitlement_to_services):
for entitlement_name, entitlement_service_list in entitlement_to_services.items():
entitlement = Entitlement.get_entitlement(
name=entitlement_name,
)
for entitlement_service in entitlement_service_list:
name = entitlement_service.get('name', None)
if name is None:
LOGGER.error('Client pushed invalid service: %s', entitlement_service)
continue
description = entitlement_service.get('description', '')
service = Service.get_service(
name,
site,
description=description,
)
# add entitlement to the services VOs
try:
service.vos.get(name=entitlement_name)
except VO.DoesNotExist:
service.vos.add(entitlement)
def add_vo_to_service(service, vo):
try:
service.vos.get(name=vo.name)
except VO.DoesNotExist:
service.vos.add(vo)
# the client puts its (stripped) config
def put(self, request):
# the site where client is located
......@@ -144,27 +102,47 @@ class ConfigurationView(views.APIView):
except Site.DoesNotExist:
raise ImproperlyConfigured("client has no site")
group_to_services = request.data.get('group_to_services', None)
if group_to_services is not None:
self.handle_group_to_services(client_site, group_to_services)
entitlement_to_services = request.data.get('entitlement_to_services', {})
if entitlement_to_services is not None:
self.handle_entitlement_to_services(client_site, entitlement_to_services)
# TODO deactivate vanished services
# create the services
sid_to_service = {}
if 'services' in request.data:
services = request.data['services']
for service_id in services:
service_descriptor = services[service_id]
if 'name' in service_descriptor:
sid_to_service[service_id] = Service.get_service(
service_descriptor['name'],
client_site,
description=service_descriptor.get('description', ''),
)
# TODO remove vanished services
# apply groups / entitlements to the services
if 'group_to_service_ids' in request.data:
group_to_service_ids = request.data['group_to_service_ids']
for group_name in group_to_service_ids:
group = Group.get_group(name=group_name)
for service_id in group_to_service_ids[group_name]:
self.add_vo_to_service(sid_to_service[service_id], group)
if 'entitlement_to_service_ids' in request.data:
entitlement_to_service_ids = request.data['entitlement_to_service_ids']
for entitlement_name in entitlement_to_service_ids:
entitlement = Entitlement.get_entitlement(name=entitlement_name)
for service_id in entitlement_to_service_ids[entitlement_name]:
self.add_vo_to_service(sid_to_service[service_id], entitlement)
# initialize the broker, just in case
broker = RabbitMQInstance.load()
broker.initialize()
response = {
return Response({
'rabbitmq_config': clients.RabbitMQInstanceSerializer(
broker,
).data,
'site': request.user.site.name,
}
return Response(response)
})
class DeregisterView(views.APIView):
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment