Skip to content

GitLab

Commit 3920faf4 authored by Lukas Burgey's avatar Lukas Burgey
Browse files

Adapt to the changes of the client service config

parent 844200d8
Hide whitespace changes
Inline Side-by-side
feudal/backend/auth/v1/views/clients.py
View file @ 3920faf4
......@@ -229,54 +229,47 @@ def topic_endpoint_apiclient(request, apiclient):
name = request.POST.get('name', '')
routing_key = request.POST.get('routing_key', '')
if name == 'groups' or name == 'entitlements':
try:
vo = None
if name == 'groups':
vo = Group.objects.get(name=routing_key)
elif name == 'entitlements':
vo = Entitlement.objects.get(
# we strip the group authority from the routing key if it was included
name=Entitlement.extract_name(routing_key),
)
try:
if name == 'groups' or name == 'entitlements':
try:
vo = None
if name == 'groups':
vo = Group.objects.get(name=routing_key)
elif name == 'entitlements':
vo = Entitlement.objects.get(
# we strip the group authority from the routing key if it was included
name=Entitlement.extract_name(routing_key),
)
models.Site.objects.get(
services__vos=vo,
client=apiclient,
)
return topic_auth_decision(request, ALLOW)
except models.Site.MultipleObjectsReturned:
return topic_auth_decision(request, ALLOW)
except models.Site.DoesNotExist:
except (Group.DoesNotExist, Entitlement.DoesNotExist):
LOGGER.error('VO does not exist: %s', routing_key)
return topic_auth_decision(request, DENY)
except (Group.DoesNotExist, Entitlement.DoesNotExist):
LOGGER.error('VO does not exist: %s', routing_key)
return topic_auth_decision(request, DENY)
elif name == 'services':
try:
service = models.Service.objects.get(name=routing_key)
elif name == 'services':
try:
service = models.Service.objects.get(name=routing_key)
models.Site.objects.get(
services=service,
client=apiclient,
)
return topic_auth_decision(request, ALLOW)
except models.Site.MultipleObjectsReturned:
return topic_auth_decision(request, ALLOW)
except models.Site.DoesNotExist:
except models.Service.DoesNotExist:
LOGGER.error('Service does not exist: %s', routing_key)
return topic_auth_decision(request, DENY)
except models.Service.DoesNotExist:
LOGGER.error('Service does not exist: %s', routing_key)
return topic_auth_decision(request, DENY)
except models.Site.MultipleObjectsReturned:
return topic_auth_decision(request, ALLOW)
except models.Site.DoesNotExist:
return topic_auth_decision(request, DENY)
return topic_auth_decision(request, DENY)
......
feudal/backend/models/deployments.py
View file @ 3920faf4
......@@ -53,12 +53,18 @@ def get_deployment(user, vo=None, service=None):
raise ValueError('Cannot create deployment for both vo and service')
if vo is not None:
# get_deployment updates automatically
return VODeployment.get_deployment(user, vo)
if service is not None:
# get_deployment updates automatically
return ServiceDeployment.get_deployment(user, service)
raise ValueError('Need vo or service to create deployment')
deps = Deployment.objects.filter(user=user)
for dep in deps:
dep.update()
return deps
class Deployment(PolymorphicModel):
......@@ -222,7 +228,10 @@ class VODeployment(Deployment):
def routing_key(self):
return self.vo.name
def create_states(self):
def update(self):
self._create_states()
def _create_states(self):
for service in self.services:
DeploymentState.get_state_item(
self.user,
......@@ -238,7 +247,7 @@ class VODeployment(Deployment):
user=user,
vo=vo,
)
deployment.create_states()
deployment.update()
return deployment
......@@ -249,7 +258,7 @@ class VODeployment(Deployment):
)
deployment.save()
deployment.create_states()
deployment.update()
LOGGER.debug(deployment.msg('Created'))
return deployment
......@@ -295,7 +304,7 @@ class ServiceDeployment(Deployment):
def routing_key(self):
return self.service.name
def create_state_item(self):
def _create_state(self):
DeploymentState.get_state_item(
self.user,
self.service.site,
......@@ -303,6 +312,9 @@ class ServiceDeployment(Deployment):
deployments=[self],
)
def update(self):
self._create_state()
@classmethod
def get_deployment(cls, user, service):
try:
......@@ -310,7 +322,7 @@ class ServiceDeployment(Deployment):
user=user,
service=service,
)
deployment.create_state_item()
deployment.update()
return deployment
......@@ -319,9 +331,8 @@ class ServiceDeployment(Deployment):
user=user,
service=service
)
deployment.save()
deployment.create_state_item()
deployment.update()
LOGGER.debug(deployment.msg('Created'))
return deployment
......
feudal/backend/models/users.py
View file @ 3920faf4
......@@ -368,7 +368,8 @@ class User(AbstractUser):
def user_changed_key_added(self, key):
LOGGER.debug(self.msg('Added: {}'.format(key)))
for dep in self.deployments.all():
from . import deployments
for dep in deployments.get_deployment(self):
dep.user_credential_added(key)
def user_remove_key(self, key):
......@@ -377,7 +378,8 @@ class User(AbstractUser):
if key.delete_key():
return
for dep in self.deployments.all():
from . import deployments
for dep in deployments.get_deployment(self):
dep.user_credential_removed(key)
def user_changed_vo_added(self, vo):
......
feudal/backend/views/clients.py
View file @ 3920faf4
......@@ -61,7 +61,6 @@ class ResponseView(views.APIView):
# find the corresponding DeploymentState for this response
try:
deployment_state = client_site.states.get(
# TODO this query might not work
deployments__id=int(deployment_id),
site=client_site,
service=service,
......@@ -73,7 +72,12 @@ class ResponseView(views.APIView):
return Response({})
except DeploymentState.DoesNotExist:
LOGGER.error('[ResponseView] No matching DStateItem')
LOGGER.error(
'[ResponseView] No DeploymentState for service %s at site %s; deployment id %s',
service,
client_site,
deployment_id,
)
return response_view_error('no matching DeploymentState')
......@@ -82,59 +86,13 @@ class ConfigurationView(views.APIView):
authentication_classes = AUTHENTICATION_CLASSES
@staticmethod
def handle_group_to_services(site, group_to_services):
for group_name, group_service_list in group_to_services.items():
group = Group.get_group(
name=group_name,
)
for group_service in group_service_list:
name = group_service.get('name', None)
if name is None:
LOGGER.error('Client pushed invalid service: %s', group_service)
continue
description = group_service.get('description', None)
service = Service.get_service(
name,
site,
description=description,
)
# add group to the services VOs
try:
service.vos.get(name=group_name)
except VO.DoesNotExist:
service.vos.add(group)
@staticmethod
def handle_entitlement_to_services(site, entitlement_to_services):
for entitlement_name, entitlement_service_list in entitlement_to_services.items():
entitlement = Entitlement.get_entitlement(
name=entitlement_name,
)
for entitlement_service in entitlement_service_list:
name = entitlement_service.get('name', None)
if name is None:
LOGGER.error('Client pushed invalid service: %s', entitlement_service)
continue
description = entitlement_service.get('description', '')
service = Service.get_service(
name,
site,
description=description,
)
# add entitlement to the services VOs
try:
service.vos.get(name=entitlement_name)
except VO.DoesNotExist:
service.vos.add(entitlement)
def add_vo_to_service(service, vo):
try:
service.vos.get(name=vo.name)
except VO.DoesNotExist:
service.vos.add(vo)
# the client puts its (stripped) config
def put(self, request):
# the site where client is located
......@@ -144,27 +102,47 @@ class ConfigurationView(views.APIView):
except Site.DoesNotExist:
raise ImproperlyConfigured("client has no site")
group_to_services = request.data.get('group_to_services', None)
if group_to_services is not None:
self.handle_group_to_services(client_site, group_to_services)
entitlement_to_services = request.data.get('entitlement_to_services', {})
if entitlement_to_services is not None:
self.handle_entitlement_to_services(client_site, entitlement_to_services)
# TODO deactivate vanished services
# create the services
sid_to_service = {}
if 'services' in request.data:
services = request.data['services']
for service_id in services:
service_descriptor = services[service_id]
if 'name' in service_descriptor:
sid_to_service[service_id] = Service.get_service(
service_descriptor['name'],
client_site,
description=service_descriptor.get('description', ''),
)
# TODO remove vanished services
# apply groups / entitlements to the services
if 'group_to_service_ids' in request.data:
group_to_service_ids = request.data['group_to_service_ids']
for group_name in group_to_service_ids:
group = Group.get_group(name=group_name)
for service_id in group_to_service_ids[group_name]:
self.add_vo_to_service(sid_to_service[service_id], group)
if 'entitlement_to_service_ids' in request.data:
entitlement_to_service_ids = request.data['entitlement_to_service_ids']
for entitlement_name in entitlement_to_service_ids:
entitlement = Entitlement.get_entitlement(name=entitlement_name)
for service_id in entitlement_to_service_ids[entitlement_name]:
self.add_vo_to_service(sid_to_service[service_id], entitlement)
# initialize the broker, just in case
broker = RabbitMQInstance.load()
broker.initialize()
response = {
return Response({
'rabbitmq_config': clients.RabbitMQInstanceSerializer(
broker,
).data,
'site': request.user.site.name,
}
return Response(response)
})
class DeregisterView(views.APIView):
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment