- table = GeniTable()
- records = table.findObjects({'hrn': hrn, 'type': 'slice'})
- if not records:
- raise RecordNotFound(hrn)
- record = records
- object_gid = record.get_gid_object()
- new_ticket = SfaTicket(subject = object_gid.get_subject())
- new_ticket.set_gid_caller(self.client_gid)
- new_ticket.set_gid_object(object_gid)
- new_ticket.set_issuer(key=auth_info.get_pkey_object(), subject=auth_hrn)
- new_ticket.set_pubkey(object_gid.get_pubkey())
-
- # get sliver info
- slivers = Slices(self.api).get_slivers(hrn)
- if not slivers:
- raise SliverDoesNotExist(hrn)
- sliver = slivers[0]
-
- # get initscripts
- initscripts = None
- sliver['initscripts'] = initscripts
-
- # get rspec info
- # conver plc slice tags to rspec attributes
- rspec = None
+ # Filter the incoming rspec using sfatables
+ incoming_rules = SFATablesRules('INCOMING')
+ #incoming_rules.set_slice(hrn) # This is a temporary kludge. Eventually, we'd like to fetch the context requested by the match/target
+ contexts = incoming_rules.contexts
+ caller_hrn = Credential(string=cred).get_gid_caller().get_hrn()
+ request_context = manager.fetch_context(hrn, caller_hrn, contexts)
+ incoming_rules.set_context(request_context)
+ rspec = incoming_rules.apply(rspec)
+ # remove nodes that are not available at this interface from the rspec
+ valid_rspec = RSpec(xml=manager.get_rspec(self.api))
+ valid_nodes = valid_rspec.getDictsByTagName('NodeSpec')
+ valid_hostnames = [node['name'] for node in valid_nodes]
+ rspec_object = RSpec(xml=rspec)
+ rspec_object.filter(tagname='NodeSpec', attribute='name', whitelist=valid_hostnames)
+ rspec = rspec_object.toxml()
+ ticket = manager.get_ticket(self.api, hrn, rspec)