Upon further analysis: Roots and Turtles don't need handles, only

Parents do, because Roots will be uniquely named by reference to their
associated Parent.  So move the handle back to Parent.

svn path=/branches/tk705/; revision=6370

7 files changed, 27 insertions, 54 deletions

diff --git a/rpki/rpkid.py b/rpki/rpkid.py
index dc5c7422..bafad8a9 100644
--- a/rpki/rpkid.py
+++ b/rpki/rpkid.py
@@ -471,7 +471,7 @@ class main(object):
         if msg_tag is not None:
             kw.update(tag = msg_tag)
 
-        for ca_detail in rpki.rpkidb.models.CADetail.objects.filter(ca__parent__tenant__tenant_handle = tenant_handle, state = "active"):
+        for ca_detail in rpki.rpkidb.models.CADetail.objects.filter(ca__turtle__tenant__tenant_handle = tenant_handle, state = "active"):
             SubElement(r_msg, rpki.left_right.tag_list_published_objects,
                        uri = ca_detail.crl_uri, **kw).text = ca_detail.latest_crl.get_Base64()
             SubElement(r_msg, rpki.left_right.tag_list_published_objects,
@@ -497,13 +497,13 @@ class main(object):
         logger.debug(".handle_list_received_resources() %s", ElementToString(q_pdu))
         tenant_handle = q_pdu.get("tenant_handle")
         msg_tag       = q_pdu.get("tag")
-        for ca_detail in rpki.rpkidb.models.CADetail.objects.filter(ca__parent__tenant__tenant_handle = tenant_handle,
+        for ca_detail in rpki.rpkidb.models.CADetail.objects.filter(ca__turtle__tenant__tenant_handle = tenant_handle,
                                                                     state = "active", latest_ca_cert__isnull = False):
             cert      = ca_detail.latest_ca_cert
             resources = cert.get_3779resources()
             r_pdu = SubElement(r_msg, rpki.left_right.tag_list_received_resources,
                                tenant_handle      = tenant_handle,
-                               parent_handle      = ca_detail.ca.turtle.turtle_handle,
+                               parent_handle      = ca_detail.ca.turtle.parent.parent_handle,
                                uri                = ca_detail.ca_cert_uri,
                                notBefore          = str(cert.getNotBefore()),
                                notAfter           = str(cert.getNotAfter()),
@@ -751,7 +751,7 @@ class publication_queue(object):
 
         our_objs = []
         for ca_detail in rpki.rpkidb.models.CADetail.objects.filter(
-                ca__parent__tenant = repository.tenant, state = "active"):
+                ca__turtle__tenant = repository.tenant, state = "active"):
             our_objs = [(ca_detail.crl_uri,      ca_detail.latest_crl),
                         (ca_detail.manifest_uri, ca_detail.latest_manifest)]
             our_objs.extend((c.uri, c.cert)      for c in ca_detail.child_certs.all())
diff --git a/rpki/rpkid_tasks.py b/rpki/rpkid_tasks.py
index 6a19503f..e101f1d1 100644
--- a/rpki/rpkid_tasks.py
+++ b/rpki/rpkid_tasks.py
@@ -225,7 +225,7 @@ class PollParentTask(AbstractTask):
 
         if not ca_details:
             logger.warning("Existing resource class %s to %s from %s with no certificates, rekeying",
-                           class_name, parent.tenant.tenant_handle, parent.turtle_handle)
+                           class_name, parent.tenant.tenant_handle, parent.parent_handle)
             yield ca.rekey(rpkid = self.rpkid)
             return
 
@@ -236,7 +236,7 @@ class PollParentTask(AbstractTask):
             if rc_cert is None:
                 logger.warning("g(SKI) %s in resource class %s is in database but missing from list_response to %s from %s, "
                                "maybe parent certificate went away?",
-                               ca_detail.public_key.gSKI(), class_name, parent.tenant.tenant_handle, parent.turtle_handle)
+                               ca_detail.public_key.gSKI(), class_name, parent.tenant.tenant_handle, parent.parent_handle)
                 publisher = rpki.rpkid.publication_queue(rpkid = self.rpkid)
                 ca_detail.destroy(publisher = publisher)
                 yield publisher.call_pubd()
@@ -272,7 +272,7 @@ class PollParentTask(AbstractTask):
 
         if cert_map:
             logger.warning("Unknown certificate g(SKI)%s %s in resource class %s in list_response to %s from %s, maybe you want to \"revoke_forgotten\"?",
-                           "" if len(cert_map) == 1 else "s", ", ".join(cert_map), class_name, parent.tenant.tenant_handle, parent.turtle_handle)
+                           "" if len(cert_map) == 1 else "s", ", ".join(cert_map), class_name, parent.tenant.tenant_handle, parent.parent_handle)
 
 
 @queue_task
@@ -469,7 +469,7 @@ class UpdateGhostbustersTask(AbstractTask):
     @tornado.gen.coroutine
     def main(self):
         logger.debug("%r: Updating Ghostbuster records", self)
-        parent_handles = set(t.turtle_handle for t in self.tenant.turtles.all())
+        parent_handles = set(p.parent_handle for p in rpki.rpkidb.models.Parent.objects.filter(tenant = self.tenant))
 
         try:
             r_msg = yield self.rpkid.irdb_query_ghostbuster_requests(self.tenant.tenant_handle, parent_handles)
@@ -488,9 +488,7 @@ class UpdateGhostbustersTask(AbstractTask):
                     ghostbusters[k] = ghostbuster
 
             for r_pdu in r_msg:
-                try:
-                    self.tenant.turtles.get(turtle_handle = r_pdu.get("parent_handle"))
-                except rpki.rpkidb.models.Parent.DoesNotExist:
+                if not rpki.rpkidb.models.Parent.objects.filter(tenant = self.tenant, parent_handle  = r_pdu.get("parent_handle")).exists():
                     logger.warning("%r: Unknown parent_handle %r in Ghostbuster request, skipping", self, r_pdu.get("parent_handle"))
                     continue
                 k = (r_pdu.get("parent_handle"), r_pdu.text)
@@ -498,7 +496,7 @@ class UpdateGhostbustersTask(AbstractTask):
                     logger.warning("%r: Skipping duplicate Ghostbuster request %r", self, r_pdu)
                     continue
                 seen.add(k)
-                for ca_detail in rpki.rpkidb.models.CADetail.objects.filter(ca__turtle__turtle_handle = r_pdu.get("parent_handle"), ca__turtle__tenant = self.tenant, state = "active"):
+                for ca_detail in rpki.rpkidb.models.CADetail.objects.filter(ca__turtle__parent__parent_handle = r_pdu.get("parent_handle"), ca__turtle__tenant = self.tenant, state = "active"):
                     ghostbuster = ghostbusters.pop((ca_detail.pk, r_pdu.text), None)
                     if ghostbuster is None:
                         ghostbuster = rpki.rpkidb.models.Ghostbuster(tenant = self.tenant, ca_detail = ca_detail, vcard = r_pdu.text)
diff --git a/rpki/rpkidb/migrations/0002_add_turtle.py b/rpki/rpkidb/migrations/0002_add_turtle.py
index e898f43a..fc45c46e 100644
--- a/rpki/rpkidb/migrations/0002_add_turtle.py
+++ b/rpki/rpkidb/migrations/0002_add_turtle.py
@@ -15,7 +15,6 @@ class Migration(migrations.Migration):
             name='Turtle',
             fields=[
                 ('id', models.AutoField(verbose_name='ID', serialize=False, auto_created=True, primary_key=True)),
-                ('parent_handle', models.SlugField(max_length=255)),
                 ('repository', models.ForeignKey(related_name='parents', to='rpkidb.Repository')),
                 ('tenant', models.ForeignKey(related_name='parents', to='rpkidb.Tenant')),
             ],
@@ -30,11 +29,6 @@ class Migration(migrations.Migration):
         ),
         migrations.RenameField(
             model_name='parent',
-            old_name='parent_handle',
-            new_name='old_parent_handle',
-        ),
-        migrations.RenameField(
-            model_name='parent',
             old_name='repository',
             new_name='old_repository',
         ),
@@ -49,8 +43,4 @@ class Migration(migrations.Migration):
             field=models.OneToOneField(parent_link=True, auto_created=True, primary_key=True, default=0, serialize=False, to='rpkidb.Turtle'),
             preserve_default=False,
         ),
-        migrations.AlterUniqueTogether(
-            name='turtle',
-            unique_together=set([('tenant', 'parent_handle')]),
-        ),
     ]
diff --git a/rpki/rpkidb/migrations/0003_turtle_data.py b/rpki/rpkidb/migrations/0003_turtle_data.py
index dbf3b211..90bc8854 100644
--- a/rpki/rpkidb/migrations/0003_turtle_data.py
+++ b/rpki/rpkidb/migrations/0003_turtle_data.py
@@ -10,7 +10,6 @@ def turtle_forward(apps, schema_editor):
     db_alias = schema_editor.connection.alias
     for parent in Parent.objects.using(db_alias).all():
         turtle = Turtle.objects.using(db_alias).create(
-            parent_handle = parent.old_parent_handle,
             tenant        = parent.old_tenant,
             repository    = parent.old_repository)
         parent.turtle_ptr = turtle
@@ -22,7 +21,6 @@ def turtle_reverse(apps, schema_editor):
     Parent = apps.get_model("rpkidb", "Parent")
     db_alias = schema_editor.connection.alias
     for parent in Parent.objects.using(db_alias).all():
-        parent.old_parent_handle = parent.turtle_ptr.parent_handle
         parent.old_tenant        = parent.turtle_ptr.tenant
         parent.old_repository    = parent.turtle_ptr.repository
         parent.turtle_ptr        = None
diff --git a/rpki/rpkidb/migrations/0004_turtle_cleanup.py b/rpki/rpkidb/migrations/0004_turtle_cleanup.py
index 5d2d78ec..58a664a0 100644
--- a/rpki/rpkidb/migrations/0004_turtle_cleanup.py
+++ b/rpki/rpkidb/migrations/0004_turtle_cleanup.py
@@ -13,14 +13,14 @@ class Migration(migrations.Migration):
     operations = [
         migrations.RemoveField(
             model_name='parent',
-            name='old_parent_handle',
-        ),
-        migrations.RemoveField(
-            model_name='parent',
             name='old_repository',
         ),
         migrations.RemoveField(
             model_name='parent',
             name='old_tenant',
         ),
+        migrations.AlterUniqueTogether(
+            name='parent',
+            unique_together=set([('turtle_ptr', 'parent_handle')]),
+        ),
     ]
diff --git a/rpki/rpkidb/migrations/0005_turtle_rehome.py b/rpki/rpkidb/migrations/0005_turtle_rehome.py
index 0724ceaa..a3e6586f 100644
--- a/rpki/rpkidb/migrations/0005_turtle_rehome.py
+++ b/rpki/rpkidb/migrations/0005_turtle_rehome.py
@@ -11,11 +11,6 @@ class Migration(migrations.Migration):
     ]
 
     operations = [
-        migrations.RenameField(
-            model_name='turtle',
-            old_name='parent_handle',
-            new_name='turtle_handle',
-        ),
         migrations.AlterField(
             model_name='ca',
             name='parent',
@@ -31,8 +26,4 @@ class Migration(migrations.Migration):
             name='tenant',
             field=models.ForeignKey(related_name='turtles', to='rpkidb.Tenant'),
         ),
-        migrations.AlterUniqueTogether(
-            name='turtle',
-            unique_together=set([('tenant', 'turtle_handle')]),
-        ),
     ]
diff --git a/rpki/rpkidb/models.py b/rpki/rpkidb/models.py
index 848c691a..4bb95932 100644
--- a/rpki/rpkidb/models.py
+++ b/rpki/rpkidb/models.py
@@ -544,16 +544,22 @@ class Repository(models.Model):
 # single place to hang a relationship with the CA model.
 
 class Turtle(models.Model):
-    turtle_handle = models.SlugField(max_length = 255)
     tenant = models.ForeignKey(Tenant, related_name = "turtles")
     repository = models.ForeignKey(Repository, related_name = "turtles")
 
-    class Meta:
-        unique_together = ("tenant", "turtle_handle")
+    @property
+    def turtle_handle(self):
+        try:
+            return self.parent.parent_handle
+        except Parent.DoesNotExist:
+            return "<Root>"
+        except:
+            return "<???>"
 
 
 @xml_hooks
 class Parent(Turtle):
+    parent_handle = models.SlugField(max_length = 255)
     bpki_cert = CertificateField(null = True)
     bpki_glue = CertificateField(null = True)
     peer_contact_uri = models.TextField(null = True)
@@ -564,6 +570,8 @@ class Parent(Turtle):
     bsc = models.ForeignKey(BSC, related_name = "parents")
     objects = XMLManager()
 
+    class Meta:
+        unique_together = ("turtle_ptr", "parent_handle")
 
     xml_template = XMLTemplate(
         name       = "parent",
@@ -578,23 +586,11 @@ class Parent(Turtle):
         except:
             uri = ""
         try:
-            return "<Parent: {}.{}{}>".format(self.tenant.tenant_handle, self.turtle_handle, uri)
+            return "<Parent: {}.{}{}>".format(self.tenant.tenant_handle, self.parent_handle, uri)
         except:
             return "<Parent: Parent object>"
 
 
-    # We need to preserve the name "parent_handle" to keep the XML
-    # code simple, so just pass it through to turtle_handle.
-
-    @property
-    def parent_handle(self):
-        return self.turtle_handle
-
-    @parent_handle.setter
-    def parent_handle(self, value):
-        self.turtle_handle = value
-
-
     @tornado.gen.coroutine
     def xml_pre_delete_hook(self, rpkid):
         trace_call_chain()
@@ -693,7 +689,7 @@ class Parent(Turtle):
         trace_call_chain()
         skis_from_parent = yield self.get_skis(rpkid = rpkid)
         for rc_name, skis_to_revoke in skis_from_parent.iteritems():
-            for ca_detail in CADetail.objects.filter(ca__parent = self).exclude(state = "revoked"):
+            for ca_detail in CADetail.objects.filter(ca__turtle = self).exclude(state = "revoked"):
                 skis_to_revoke.discard(ca_detail.latest_ca_cert.gSKI())
             yield self.revoke_skis(rpkid, rc_name, skis_to_revoke)