def delete_record(self, hrn, type):
# delete the record
table = SfaTable()
record_list = table.find({'type': type, 'hrn': hrn})
for record in record_list:
self.logger.info("Import: removing record %s %s" % (type, hrn))
table.remove(record)
def remove(api, xrn, origin_hrn=None):
table = SfaTable()
filter = {'hrn': xrn.get_hrn()}
hrn=xrn.get_hrn()
type=xrn.get_type()
if type and type not in ['all', '*']:
filter['type'] = type
records = table.find(filter)
if not records: raise RecordNotFound(hrn)
record = records[0]
type = record['type']
credential = api.getCredential()
registries = api.registries
# Try to remove the object from the PLCDB of federated agg.
# This is attempted before removing the object from the local agg's PLCDB and sfa table
if hrn.startswith(api.hrn) and type in ['user', 'slice', 'authority']:
for registry in registries:
if registry not in [api.hrn]:
try:
result=registries[registry].remove_peer_object(credential, record, origin_hrn)
except:
pass
if type == "user":
persons = api.plshell.GetPersons(api.plauth, record['pointer'])
# only delete this person if he has site ids. if he doesnt, it probably means
# he was just removed from a site, not actually deleted
if persons and persons[0]['site_ids']:
api.plshell.DeletePerson(api.plauth, record['pointer'])
elif type == "slice":
if api.plshell.GetSlices(api.plauth, record['pointer']):
api.plshell.DeleteSlice(api.plauth, record['pointer'])
elif type == "node":
if api.plshell.GetNodes(api.plauth, record['pointer']):
api.plshell.DeleteNode(api.plauth, record['pointer'])
elif type == "authority":
if api.plshell.GetSites(api.plauth, record['pointer']):
api.plshell.DeleteSite(api.plauth, record['pointer'])
else:
raise UnknownSfaType(type)
table.remove(record)
return 1
def call(self, cred, record, origin_hrn=None):
user_cred = Credential(string=cred)
#log the call
if not origin_hrn:
origin_hrn = user_cred.get_gid_caller().get_hrn()
self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, record['hrn'], self.name))
self.api.auth.check(cred, "remove")
# Only allow the local interface or record owner to delete peer_records
try: self.api.auth.verify_object_permission(record['hrn'])
except: self.api.auth.verify_cred_is_me(cred)
table = SfaTable()
hrn, type = record['hrn'], record['type']
records = table.find({'hrn': hrn, 'type': type })
for record in records:
if record['peer_authority']:
self.remove_plc_record(record)
table.remove(record)
return 1
def update_cert_records(gids):
"""
Make sure there is a record in the registry for the specified gids.
Removes old records from the db.
"""
# import SfaTable here so this module can be loaded by ComponentAPI
from sfa.util.table import SfaTable
from sfa.util.record import SfaRecord
if not gids:
return
table = SfaTable()
# get records that actually exist in the db
gid_urns = [gid.get_urn() for gid in gids]
hrns_expected = [gid.get_hrn() for gid in gids]
records_found = table.find({"hrn": hrns_expected, "pointer": -1})
# remove old records
for record in records_found:
if record["hrn"] not in hrns_expected and record["hrn"] != self.api.config.SFA_INTERFACE_HRN:
table.remove(record)
# TODO: store urn in the db so we do this in 1 query
for gid in gids:
hrn, type = gid.get_hrn(), gid.get_type()
record = table.find({"hrn": hrn, "type": type, "pointer": -1})
if not record:
record = {
"hrn": hrn,
"type": type,
"pointer": -1,
"authority": get_authority(hrn),
"gid": gid.save_to_string(save_parents=True),
}
record = SfaRecord(dict=record)
table.insert(record)
