Initial version of rpki.irdb.models.Root. May end up folding this

into an expanded rpki.irdb.models.Parent, as the two are more alike
than I expected them to be, but archive this version first.

svn path=/branches/tk705/; revision=6375

3 files changed, 66 insertions, 5 deletions

diff --git a/rpki/irdb/migrations/0002_root.py b/rpki/irdb/migrations/0002_root.py
new file mode 100644
index 00000000..73c08dde
--- /dev/null
+++ b/rpki/irdb/migrations/0002_root.py
@@ -0,0 +1,34 @@
+# -*- coding: utf-8 -*-
+from __future__ import unicode_literals
+
+from django.db import migrations, models
+import rpki.irdb.models
+import rpki.fields
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('irdb', '0001_initial'),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='Root',
+            fields=[
+                ('turtle_ptr', models.OneToOneField(parent_link=True, auto_created=True, primary_key=True, serialize=False, to='irdb.Turtle')),
+                ('certificate', rpki.fields.CertificateField()),
+                ('handle', rpki.irdb.models.HandleField(max_length=120)),
+                ('ta', rpki.fields.CertificateField()),
+                ('asn_resources', models.TextField()),
+                ('ipv4_resources', models.TextField()),
+                ('ipv6_resources', models.TextField()),
+                ('issuer', models.OneToOneField(related_name='root', to='irdb.ResourceHolderCA')),
+            ],
+            bases=('irdb.turtle', models.Model),
+        ),
+        migrations.AlterUniqueTogether(
+            name='root',
+            unique_together=set([('issuer', 'handle')]),
+        ),
+    ]
diff --git a/rpki/irdb/models.py b/rpki/irdb/models.py
index a663c36f..dc3723d8 100644
--- a/rpki/irdb/models.py
+++ b/rpki/irdb/models.py
@@ -457,6 +457,22 @@ class Parent(CrossCertification, Turtle):
     class Meta:
         unique_together = ("issuer", "handle")
 
+class Root(CrossCertification, Turtle):
+    #
+    # This is sort of a cross between a Rootd and a Parent with extra
+    # fields for the root resources.  As with Parent, the private key
+    # comes from a BSC rather than from a server EE cert as with
+    # Rootd, so this looks looks to us like a cross certification (of
+    # ourself).  We may want to revisit this.
+    #
+    issuer = django.db.models.OneToOneField(ResourceHolderCA, related_name = "root")
+    asn_resources = django.db.models.TextField()
+    ipv4_resources = django.db.models.TextField()
+    ipv6_resources = django.db.models.TextField()
+
+    class Meta:
+        unique_together = ("issuer", "handle")
+
 class ROARequest(django.db.models.Model):
     issuer = django.db.models.ForeignKey(ResourceHolderCA, related_name = "roa_requests")
     asn = django.db.models.BigIntegerField()
@@ -485,9 +501,11 @@ class ROARequestPrefix(django.db.models.Model):
 
     def as_roa_prefix(self):
         if self.version == 'IPv4':
-            return rpki.resource_set.roa_prefix_ipv4(rpki.POW.IPAddress(self.prefix), self.prefixlen, self.max_prefixlen)
+            return rpki.resource_set.roa_prefix_ipv4(rpki.POW.IPAddress(self.prefix), 
+                                                     self.prefixlen, self.max_prefixlen)
         else:
-            return rpki.resource_set.roa_prefix_ipv6(rpki.POW.IPAddress(self.prefix), self.prefixlen, self.max_prefixlen)
+            return rpki.resource_set.roa_prefix_ipv6(rpki.POW.IPAddress(self.prefix), 
+                                                     self.prefixlen, self.max_prefixlen)
 
     def as_resource_range(self):
         return self.as_roa_prefix().to_resource_range()
diff --git a/rpki/irdb/zookeeper.py b/rpki/irdb/zookeeper.py
index 5bfed98b..7446e7c7 100644
--- a/rpki/irdb/zookeeper.py
+++ b/rpki/irdb/zookeeper.py
@@ -365,8 +365,9 @@ class Zookeeper(object):
 
 
     @django.db.transaction.atomic
-    def configure_rootd(self):
+    def configure_root(self, handle, resources):
 
+        # XXX This should be some other exception, not an assertion
         assert self.run_rpkid and self.run_pubd and self.run_rootd
 
         rpki.irdb.models.Rootd.objects.get_or_certify(
@@ -374,10 +375,18 @@ class Zookeeper(object):
             service_uri = "http://localhost:%s/" % self.cfg.get("rootd_server_port",
                                                                 section = myrpki_section))
 
-        return self.generate_rootd_repository_offer()
+        rpki.irdb.models.Root.objects.get_or_certify(
+            handle         = handle or self.handle,
+            issuer         = self.resource_ca,
+            ta             = self.resource_ca.certificate,
+            asn_resources  = str(resources.asn),
+            ipv4_resources = str(resources.v4),
+            ipv6_resources = str(resources.v6))
 
+        return self.generate_root_repository_offer()
 
-    def generate_rootd_repository_offer(self):
+
+    def generate_root_repository_offer(self):
         """
         Generate repository offer for rootd.  Split out of
         configure_rootd() because that's easier for the GUI.