- # Try to remove the object from the PLCDB of federated agg.
- # This is attempted before removing the object from the local agg's PLCDB and sfa table
- if hrn.startswith(self.api.hrn) and type in ['user', 'slice', 'authority']:
- for registry in registries:
- if registry not in [self.api.hrn]:
- try:
- request_hash=None
- result=registries[registry].remove_peer_object(credential, record, request_hash, origin_hrn)
- except:
- pass
- if type == "user":
- persons = self.api.plshell.GetPersons(self.api.plauth, record['pointer'])
- # only delete this person if he has site ids. if he doesnt, it probably means
- # he was just removed from a site, not actually deleted
- if persons and persons[0]['site_ids']:
- self.api.plshell.DeletePerson(self.api.plauth, record['pointer'])
- elif type == "slice":
- if self.api.plshell.GetSlices(self.api.plauth, record['pointer']):
- self.api.plshell.DeleteSlice(self.api.plauth, record['pointer'])
- elif type == "node":
- if self.api.plshell.GetNodes(self.api.plauth, record['pointer']):
- self.api.plshell.DeleteNode(self.api.plauth, record['pointer'])
- elif type == "authority":
- if self.api.plshell.GetSites(self.api.plauth, record['pointer']):
- self.api.plshell.DeleteSite(self.api.plauth, record['pointer'])
- else:
- raise UnknownGeniType(type)
-
- table.remove(record)
-
- # forward the call after replacing the root hrn
-
- return 1
+ # validate the cred
+ self.api.auth.check(cred, "remove")
+ self.api.auth.verify_object_permission(hrn)
+
+ # send the call to the right manager
+ manager_base = 'sfa.managers'
+ mgr_type = self.api.config.SFA_REGISTRY_TYPE
+ manager_module = manager_base + ".registry_manager_%s" % mgr_type
+ manager = __import__(manager_module, fromlist=[manager_base])
+ return manager.remove(self.api, xrn, type, origin_hrn)