4 from sfa.trust.certificate import Keypair
6 from sfa.util.faults import *
7 from sfa.util.method import Method
8 from sfa.util.parameter import Parameter, Mixed
10 from sfa.trust.gid import create_uuid
11 from sfa.trust.auth import Auth
13 class create_gid(Method):
15 Create a new GID. For MAs and SAs that are physically located on the
16 registry, this allows a owner/operator/PI to create a new GID and have it
17 signed by his respective authority.
19 @param cred credential of caller
20 @param name hrn for new GID
21 @param uuid unique identifier for new GID
22 @param pkey_string public-key string (TODO: why is this a string and not a keypair object?)
24 @return the string representation of a GID object
27 interfaces = ['registry']
30 Parameter(str, "Credential string"),
31 Parameter(str, "Human readable name (hrn)"),
32 Mixed(Parameter(str, "Unique identifier for new GID (uuid)"),
33 Parameter(None, "Unique identifier (uuid) not specified")),
34 Parameter(str, "public-key string"),
35 Mixed(Parameter(str, "Request hash"),
36 Parameter(None, "Request hash not specified"))
39 returns = Parameter(str, "String represeneation of a GID object")
41 def call(self, cred, hrn, uuid, pubkey_str, request_hash=None):
42 # request hash is optional
43 self.api.auth.authenticateCred(cred, [cred, hrn, uuid, pubkey_str], request_hash)
44 self.api.auth.check(cred, "getcredential")
45 self.api.auth.verify_object_belongs_to_me(hrn)
46 self.api.auth.verify_object_permission(hrn)
52 pkey.load_pubkey_from_string(pubkey_str)
53 gid = self.api.auth.hierarchy.create_gid(hrn, uuid, pkey)
55 return gid.save_to_string(save_parents=True)