geni/methods/get_ticket.py

   1 from geni.util.faults import *
   2 from geni.util.excep import *
   3 from geni.util.method import Method
   4 from geni.util.parameter import Parameter, Mixed
   5 from geni.util.auth import Auth
   6 from geni.util.cert import Keypair
   7 from geni.util.geniticket import *
   8
   9 class get_ticket(Method):
  10     """
  11     Retrieve a ticket. This operation is currently implemented on PLC
  12     only (see SFA, engineering decisions); it is not implemented on
  13     components.
  14
  15     The ticket is filled in with information from the PLC database. This
  16     information includes resources, and attributes such as user keys and
  17     initscripts.
  18
  19     @param cred credential string
  20     @param name name of the slice to retrieve a ticket for
  21     @param rspec resource specification dictionary
  22
  23     @return the string representation of a ticket object
  24     """
  25
  26     interfaces = ['registry']
  27
  28     accepts = [
  29         Parameter(str, "Credential string"),
  30         Parameter(str, "Human readable name of slice to retrive a ticket for (hrn)"),
  31         Parameter(str, "Resource specification (rspec)")
  32         ]
  33
  34     returns = Parameter(str, "String represeneation of a ticket object")
  35
  36     def call(self, cred, hrn, rspec):
  37         self.api.auth.check(cred, "getticket")
  38         self.api.auth.verify_object_belongs_to_me(hrn)
  39         self.api.auth.verify_object_permission(name)
  40
  41         # XXX much of this code looks like get_credential... are they so similar
  42         # that they should be combined?
  43
  44         auth_hrn = self.api.auth.get_authority(hrn)
  45         if not auth_hrn:
  46             auth_hrn = hrn
  47         auth_info = self.api.auth.get_auth_info(auth_hrn)
  48         record = None
  49         table = self.api.auth.get_auth_table(auth_hrn)
  50         record = table.resolve('slice', hrn)
  51
  52         object_gid = record.get_gid_object()
  53         new_ticket = Ticket(subject = object_gid.get_subject())
  54         new_ticket.set_gid_caller(self.client_gid)
  55         new_ticket.set_gid_object(object_gid)
  56         new_ticket.set_issuer(key=auth_info.get_pkey_object(), subject=auth_hrn)
  57         new_ticket.set_pubkey(object_gid.get_pubkey())
  58
  59         self.api.fill_record_info(record)
  60
  61         (attributes, rspec) = self.api.record_to_slice_info(record)
  62
  63         new_ticket.set_attributes(attributes)
  64         new_ticket.set_rspec(rspec)
  65
  66         new_ticket.set_parent(self.api.auth.hierarchy.get_auth_ticket(auth_hrn))
  67
  68         new_ticket.encode()
  69         new_ticket.sign()
  70
  71         return new_ticket.save_to_string(save_parents=True)
  72