+ rspec = network.toxml()
+
+ # cache the result
+ if caching and api.cache and not xrn:
+ api.cache.add('nodes', rspec)
+
+ return rspec
+
+
+def get_ticket(api, xrn, creds, rspec, users):
+
+ reg_objects = __get_registry_objects(xrn, creds, users)
+
+ slice_hrn, type = urn_to_hrn(xrn)
+ slices = Slices(api)
+ peer = slices.get_peer(slice_hrn)
+ sfa_peer = slices.get_sfa_peer(slice_hrn)
+
+ # get the slice record
+ registry = api.registries[api.hrn]
+ credential = api.getCredential()
+ records = registry.Resolve(xrn, credential)
+
+ # similar to CreateSliver, we must verify that the required records exist
+ # at this aggregate before we can issue a ticket
+ site_id, remote_site_id = slices.verify_site(registry, credential, slice_hrn,
+ peer, sfa_peer, reg_objects)
+ slice = slices.verify_slice(registry, credential, slice_hrn, site_id,
+ remote_site_id, peer, sfa_peer, reg_objects)
+
+ # make sure we get a local slice record
+ record = None
+ for tmp_record in records:
+ if tmp_record['type'] == 'slice' and \
+ not tmp_record['peer_authority']:
+ record = SliceRecord(dict=tmp_record)
+ if not record:
+ raise RecordNotFound(slice_hrn)
+
+ # get sliver info
+ slivers = Slices(api).get_slivers(slice_hrn)
+ if not slivers:
+ raise SliverDoesNotExist(slice_hrn)
+
+ # get initscripts
+ initscripts = []
+ data = {
+ 'timestamp': int(time.time()),
+ 'initscripts': initscripts,
+ 'slivers': slivers
+ }
+
+ # create the ticket
+ object_gid = record.get_gid_object()
+ new_ticket = SfaTicket(subject = object_gid.get_subject())
+ new_ticket.set_gid_caller(api.auth.client_gid)
+ new_ticket.set_gid_object(object_gid)
+ new_ticket.set_issuer(key=api.key, subject=api.hrn)
+ new_ticket.set_pubkey(object_gid.get_pubkey())
+ new_ticket.set_attributes(data)
+ new_ticket.set_rspec(rspec)
+ #new_ticket.set_parent(api.auth.hierarchy.get_auth_ticket(auth_hrn))
+ new_ticket.encode()
+ new_ticket.sign()
+
+ return new_ticket.save_to_string(save_parents=True)
+