def get_site_images(site_name, vo, access_token, cred, userid):
try:
domain = None
sites = getCachedSiteList()
site_url, _, site_id = sites[site_name]
creds = cred.get_cred(site_name, userid)
if creds and "project" in creds and creds["project"]:
domain = creds["project"]
else:
project_ids = getStaticSitesProjectIDs(site_id)
project_ids.update(appdb.get_project_ids(site_id))
if vo in project_ids:
domain = project_ids[vo]
OpenStack = get_driver(Provider.OPENSTACK)
driver = OpenStack('egi.eu', access_token,
ex_tenant_name='openid',
ex_force_auth_url=site_url,
ex_force_auth_version='3.x_oidc_access_token',
ex_domain_name=domain)
# Workaround to unset default service_region (RegionOne)
driver.connection.service_region = None
images = driver.list_images()
return [(image.name, image.id) for image in images]
except Exception as ex:
msg = "Error loading site images: %s!" % str(ex)
return [(msg, msg)]
def test_get_project_ids(self, appdb_call):
shares = """<virtualization:provider id="11548G0">
<provider:shares>
<vo:vo id="15527" projectid="3a8e9d966e644405bf19b536adf7743d">vo.access.egi.eu</vo:vo>
<vo:vo projectid="972298c557184a2192ebc861f3184da8">covid-19.eosc-synergy.eu</vo:vo>
</provider:shares>
</virtualization:provider>"""
appdb_call.return_value = xmltodict.parse(shares.replace('\n', ''))
res = appdb.get_project_ids("11548G0")
self.assertEquals(res, {"vo.access.egi.eu": "3a8e9d966e644405bf19b536adf7743d",
"covid-19.eosc-synergy.eu": "972298c557184a2192ebc861f3184da8"})
def getCachedProjectIDs(site_id):
res = {}
for site in getCachedSiteList().values():
if site_id == site["id"]:
if "vos" not in site:
site["vos"] = {}
if "vos_updated" not in site or not site["vos_updated"]:
try:
site["vos"].update(appdb.get_project_ids(site_id))
site["vos_updated"] = True
except Exception as ex:
print("Error loading project IDs from AppDB: %s" % ex,
file=sys.stderr)
for vo, projectid in site["vos"].items():
res[vo] = projectid
return res
def write_creds():
serviceid = request.args.get('service_id', "")
servicename = request.args.get('service_name', "")
app.logger.debug("service_id={}".format(serviceid))
if request.method == 'GET':
res = {}
projects = {}
try:
res = cred.get_cred(servicename, session["userid"])
projects = utils.getStaticSitesProjectIDs(serviceid)
projects.update(appdb.get_project_ids(serviceid))
if session["vos"]:
filter_projects = {}
for vo, project in projects.items():
if vo in session["vos"]:
filter_projects[vo] = project
projects = filter_projects
except Exception as ex:
flash("Error reading credentials %s!" % ex, 'error')
return render_template('modal_creds.html',
service_creds=res,
service_id=serviceid,
service_name=servicename,
projects=projects)
else:
app.logger.debug("Form data: " +
json.dumps(request.form.to_dict()))
creds = request.form.to_dict()
try:
cred.write_creds(servicename, session["userid"], creds)
flash("Credentials successfully written!", 'info')
except Exception as ex:
flash("Error writing credentials %s!" % ex, 'error')
return redirect(url_for('manage_creds'))
def getUserAuthData(access_token, cred, userid, vo=None, selected_site=None):
res = "type = InfrastructureManager; token = %s" % access_token
api_versions = {}
for site in _getStaticSitesInfo():
if "api_version" in site:
api_versions[site["name"]] = site["api_version"]
cont = 0
for site_name, (site_url, _, site_id) in getCachedSiteList().items():
cont += 1
creds = cred.get_cred(site_name, userid)
res += "\\nid = ost%s; type = OpenStack; username = egi.eu; " % cont
res += "tenant = openid; auth_version = 3.x_oidc_access_token;"
res += " host = %s; password = '******'" % (site_url, access_token)
projectid = None
if vo and selected_site and selected_site == site_name:
project_ids = getStaticSitesProjectIDs(site_id)
project_ids.update(appdb.get_project_ids(site_id))
if vo in project_ids:
projectid = project_ids[vo]
# Update the creds with the new projectid
try:
cred.write_creds(site_name, userid, {"project": projectid})
except Exception:
flash("Error updating Service Credentials for site %s" % site_name, 'warning')
if not projectid and creds and "project" in creds and creds["project"]:
projectid = creds["project"]
if projectid:
res += "; domain = %s" % projectid
if site_name in api_versions:
res += "; api_version = %s" % api_versions[site_name]
return res