cernbox · ebocchi · Jun 5, 2018 · Jun 5, 2018 · Jun 5, 2018 · Jun 5, 2018
diff --git a/cernbox-share b/cernbox-share
@@ -42,6 +42,14 @@ def print_json(obj):
 def print_json_error(msg):
       print_json({"error" : str(msg)})
 
+def secure_server_url(url):
+      if url.startswith('http://'):
+         return url.replace('http://', 'https://')
+      if url.startswith('https://'):
+         return url
+      return 'https://'+url
+
+
 
 import os, os.path, sys
 import subprocess
@@ -79,6 +87,72 @@ def main():
 
    # TODO: OC_INTEGRATION add update command to update permissions by share id
 
+
+   # FEDERATED SHARING COMMANDS
+
+   subcmd = subparser.add_parser('add-external-share', help="add a share from a federated server")
+   subcmd.add_argument("remote", help="remote server url")
+   subcmd.add_argument("remote_id", help="server url")
+   subcmd.add_argument("share_token", help="server url")
+   subcmd.add_argument("password", help="server url")
+   subcmd.add_argument("name", help="name of the shared resource")
+   subcmd.add_argument("owner", help="remote owner of the resource")
+   subcmd.add_argument("user", help="local sharee")
+   #subcmd.add_argument("mountpoint", help="local mountpoint where to show the shared resource")
+   #subcmd.add_argument("mountpoint-hash", help="hash of the local mountpoint")
+   #subcmd.add_argument("accepted", help="local sharee has accepted the share")
+
+   subcmd = subparser.add_parser('accept-external-share', help="accept a share from a federated server")
+   subcmd.add_argument("remote", help="remote server url")
+   #subcmd.add_argument("remote_id", help="server url")
+   #subcmd.add_argument("share_token", help="server url")
+   subcmd.add_argument("name", help="name of the shared resource")
+   subcmd.add_argument("owner", help="remote owner of the resource")
+   subcmd.add_argument("user", help="local sharee")
+   subcmd.add_argument("mountpoint", help="local mountpoint where to show the shared resource")
+
+   subcmd = subparser.add_parser('remove-external-share', help="remove a share from a federated server")
+   subcmd.add_argument("remote", help="remote server url")
+   #subcmd.add_argument("remote_id", help="server url")
+   #subcmd.add_argument("share_token", help="server url")
+   subcmd.add_argument("name", help="name of the shared resource")
+   subcmd.add_argument("owner", help="remote owner of the resource")
+   subcmd.add_argument("user", help="local sharee")
+
+   subcmd = subparser.add_parser('list-external-shared-by', help="list all federated shares created by a remote user from a trusted server")
+   subcmd.add_argument("remote", help="remote server url")
+   subcmd.add_argument("owner", help="remote owner of the resource")
+
+   subcmd = subparser.add_parser('list-external-shared-from', help="list all federated shares from a trusted server")
+   subcmd.add_argument("remote", help="remote server url")
+
+   subcmd = subparser.add_parser('list-external-shared-with', help="list all federated shares given to a local user")
+   subcmd.add_argument("user", help="local sharee")
+
+
+   subcmd = subparser.add_parser('add-trusted-server', help="add a trusted server")
+   subcmd.add_argument("url", help="server url")
+   subcmd.add_argument("token", help="server token")
+   #subcmd.add_argument("shared_secret", help="server shared secret")
+   #subcmd.add_argument("status", help="trusted server configuration status")
+   #subcmd.add_argument("sync_token", help="syncronization token")
+
+   subcmd = subparser.add_parser('set-trusted-server-shared-secret', help="set the shared secret for trusted server")
+   subcmd.add_argument("url", help="server url")
+   subcmd.add_argument("shared_secret", help="server shared secret")
+
+   subcmd = subparser.add_parser('set-trusted-server-sync-token', help="set the sync token for trusted server")
+   subcmd.add_argument("url", help="server url")
+   subcmd.add_argument("sync_token", help="syncronization token")
+
+   subcmd = subparser.add_parser('remove-trusted-server', help="remove a trusted server to the system")
+   subcmd.add_argument("url", help="server url")
+   #subcmd.add_argument("token", help="server token")
+   #subcmd.add_argument("shared-secred", help="server shared secred")
+
+   subcmd = subparser.add_parser('list-trusted-servers', help="list all trusted servers for federated shares")
+
+
    # ADMIN COMMANDS
 
    subcmd = subparser.add_parser('acl_update', help="update the sharing ACL for a path and all subdirectories")
@@ -110,7 +184,7 @@ def main():
    global args
    args = parser.parse_args()
 
-   config = cernbox_utils.script.configure(args.config)
+   config = cernbox_utils.script.configure(args.configfile)
 
    logger = cernbox_utils.script.getLogger(level=args.loglevel)
 
@@ -127,10 +201,6 @@ def main():
 
    import cernbox_utils.sharing
 
-   if args.cmd == "acl_update":
-      import cernbox_utils.cmd_share_admin
-      cernbox_utils.cmd_share_admin.acl_update(args,config,eos,db)
-
    if args.cmd == "remove":
 
       try:
@@ -160,24 +230,96 @@ def main():
          sys.exit(2)
 
 
+   # Federated Sharing: External shares
+   if args.cmd == "add-external-share":
+      try:
+         print_json(cmd_add_external_share(args))
+      except CmdError:
+         sys.exit(2)
+
+   if args.cmd == "accept-external-share":
+      try:
+         print_json(cmd_accept_external_share(args))
+      except CmdError:
+         sys.exit(2)
+
+   if args.cmd == "remove-external-share":
+      try:
+         print_json(cmd_remove_external_share(args))
+      except CmdError:
+         sys.exit(2)
+
+   if args.cmd == "list-external-shared-by":
+      try:
+         print_json(cmd_list_external_shared(args))
+      except CmdError:
+         sys.exit(2)
+
+   if args.cmd == "list-external-shared-from":
+      try:
+         print_json(cmd_list_external_shared(args))
+      except CmdError:
+         sys.exit(2)
+
+   if args.cmd == "list-external-shared-with":
+      try:
+         print_json(cmd_list_external_shared(args))
+      except CmdError:
+         sys.exit(2)
+
+
+   # Federated Sharing: Trusted servers
+   if args.cmd == "add-trusted-server":
+      try:
+         print_json(cmd_add_trusted_server(args))
+      except CmdError:
+         sys.exit(2)
+
+   if args.cmd == "set-trusted-server-shared-secret":
+      try:
+         print_json(cmd_set_trusted_server_shared_secret(args))
+      except CmdError:
+         sys.exit(2)
+
+   if args.cmd == "set-trusted-server-sync-token":
+      try:
+         print_json(cmd_set_trusted_server_sync_token(args))
+      except CmdError:
+         sys.exit(2)
+
+   if args.cmd == "remove-trusted-server":
+      try:
+         print_json(cmd_remove_trusted_server(args))
+      except CmdError:
+         sys.exit(2)
+
+   if args.cmd == "list-trusted-servers":
+      try:
+         print_json(cmd_list_trusted_servers(args))
+      except CmdError:
+         sys.exit(2)
+
+
+   # Admin commands
+   if args.cmd == "acl_update":
+      import cernbox_utils.cmd_share_admin
+      cernbox_utils.cmd_share_admin.acl_update(args,config,eos,db)
+
    if args.cmd == "show-other-acls":
       import cernbox_utils.cmd_share_admin
       cernbox_utils.cmd_share_admin.show_other_acl(args,config,eos,db)
 
    if args.cmd == "remove-orphan-xbits":
       import cernbox_utils.cmd_share_admin
-
       cernbox_utils.cmd_share_admin.remove_orphan_xbits(args,config,eos,db)
-      
+
 
    if args.cmd == "summary":
       import cernbox_utils.cmd_share_admin
-
       cernbox_utils.cmd_share_admin.summary(args,config,eos,db)
 
    if args.cmd == "verify":
       import cernbox_utils.cmd_share_admin
-
       cernbox_utils.cmd_share_admin.verify(args,config,eos,db)
 
 
@@ -187,13 +329,13 @@ class CmdError(Exception):
 
 def cmd_remove(args):
 
-      from cernbox_utils.sharing import split_sharee
+      from cernbox_utils.sharing import split_sharee, check_share_target
 
       share_with_entity,share_with_who = split_sharee(args.sharee)
 
       path = args.path #split_path(args.path)
 
-      f = check_share_target(path, args.owner)
+      f = check_share_target(path, args.owner, eos, config)
 
       shares=db.get_share(sharee=share_with_who,owner=args.owner,fid=f.ino)
 
@@ -225,15 +367,82 @@ def cmd_remove(args):
 
 def cmd_add(args):
    import cernbox_utils.sharing
-   return cernbox_utils.sharing.add_share(args.owner,args.path,args.sharee,args.acl)
+   return cernbox_utils.sharing.add_share(args.owner,args.path,args.sharee,args.acl,eos,db,config)
 
-def cmd_list_shares(args,role):
 
+def cmd_list_shares(args,role):
    import cernbox_utils.sharing 
    groups={}
-   retobj = cernbox_utils.sharing.list_shares(args.user,role,groups,None,args.flat_list,False,db,eos)
+   retobj = cernbox_utils.sharing.list_shares(args.user,role,groups,None,None,args.flat_list,False,db,eos)
    return {'shares':retobj}
 
 
+
+# Federated Sharing: External shares
+def cmd_add_external_share(args):
+   import cernbox_utils.sharing
+   return cernbox_utils.sharing.add_external_share(args.remote,args.remote_id,args.share_token,args.password,args.name,args.owner,args.user,db)
+
+
+def cmd_accept_external_share(args):
+   import cernbox_utils.sharing
+   #return cernbox_utils.sharing.accept_external_share(args.remote,args.remote_id,args.share_token,args.name,args.owner,args.user,args.mountpoint,db)
+   return cernbox_utils.sharing.accept_external_share(args.remote,args.name,args.owner,args.user,args.mountpoint,db)
+
+
+def cmd_remove_external_share(args):
+   import cernbox_utils.sharing
+   return cernbox_utils.sharing.remove_external_share(args.remote,args.name,args.owner,args.user,db)
+
+
+def cmd_list_external_shared(args):
+   if all('remote' and 'owner') in dir(args):
+      retobj = cernbox_utils.sharing.list_external_shares(db,remote=args.remote,owner=args.owner)
+      return {'external_shared_by':retobj}
+   elif 'remote' in dir(args):
+      retobj = cernbox_utils.sharing.list_external_shares(db,remote=args.remote)
+      return {'external_shared_from':retobj}
+   elif 'user' in dir(args):
+      retobj = cernbox_utils.sharing.list_external_shares(db,user=args.user)
+      return {'external_shares_with':retobj}
+   else:
+      msg="Unsopported type of listing external shares"
+      logger.error(msg)
+      raise ValueError(msg) # TODO: BAD REQUEST
+
+
+
+# Federated Sharing: Trusted servers
+def cmd_add_trusted_server(args):
+   import cernbox_utils.sharing
+   server_url = secure_server_url(args.url)
+   return cernbox_utils.sharing.add_trusted_server(server_url,args.token,db)
+
+
+def cmd_set_trusted_server_shared_secret(args):
+   import cernbox_utils.sharing
+   server_url = secure_server_url(args.url)
+   return cernbox_utils.sharing.set_trusted_server_shared_secret(server_url,args.shared_secret,db)
+
+
+def cmd_set_trusted_server_sync_token(args):
+   import cernbox_utils.sharing
+   server_url = secure_server_url(args.url)
+   return cernbox_utils.sharing.set_trusted_server_sync_token(server_url,args.sync_token,db)
+
+
+def cmd_remove_trusted_server(args):
+   import cernbox_utils.sharing
+   server_url = secure_server_url(args.url)
+   return cernbox_utils.sharing.remove_trusted_server(server_url,db)
+
+
+def cmd_list_trusted_servers(args):
+   import cernbox_utils.sharing
+   retobj = cernbox_utils.sharing.list_trusted_servers(db)
+   return {'trusted_servers_list':retobj}
+
+
+
 if __name__ == "__main__":
    sys.exit(main())