1 from sfa.util.faults import *
2 from sfa.util.namespace import *
3 from sfa.util.method import Method
4 from sfa.util.parameter import Parameter, Mixed
5 from sfa.trust.auth import Auth
6 from sfa.trust.gid import GID
7 from sfa.trust.certificate import Certificate
11 Returns the client's gid if one exists
13 @param cert certificate string
14 @param xrn human readable name (hrn or urn)
15 @param type object type
19 interfaces = ['registry']
22 Parameter(str, "Certificate string"),
23 Parameter(str, "Human readable name (hrn or urn)"),
24 Parameter(str, "Object type")
27 returns = Parameter(str, "GID string")
29 def call(self, cert, xrn, type):
33 hrn = urn_to_hrn(xrn)[0]
35 hrn, type = urn_to_hrn(xrn)
37 self.api.auth.verify_object_belongs_to_me(hrn)
40 manager_base = 'sfa.managers'
41 mgr_type = self.api.config.SFA_REGISTRY_TYPE
42 manager_module = manager_base + ".registry_manager_%s" % mgr_type
43 manager = __import__(manager_module, fromlist=[manager_base])
44 records = manager.resolve(self.api, xrn, type, origin_hrn=hrn)
46 raise RecordNotFound(hrn)
49 # make sure client's certificate is the gid's pub key
50 gid = GID(string=record['gid'])
51 certificate = Certificate(string=cert)
52 if not certificate.is_pubkey(gid.get_pubkey()):
53 raise ConnectionKeyGIDMismatch(gid.get_subject())