- # re-sign all existing gids signed by this authority
- # create a dictionary of records keyed on the record's authority
- record_dict = defaultdict(list)
- # only get regords that belong to this authority
- # or any of its sub authorities
- all_records = table.find({'hrn': '%s*' % gid.get_hrn()})
- for record in records:
- record_dict[record['authority']].append(record)
-
- # start with the authority we just imported
- authorities = [gid.get_hrn()]
- while authorities:
- next_authorities = []
- for authority in authorities:
- # create a new signed gid for each record at this authority
- # and update the registry
- auth_info = hierarchy.get_auth_info(authority)
- records = record_dict[authority]
- for record in records:
- record_gid = GID(string=record['gid'])
- parent_pkey = Keypair(filename=auth_info.privkey_filename)
- parent_gid = GID(filename=auth_info.gid_filename)
- signed_gid = sign_gid(record_gid, parent_pkey, parent_gid)
- record['gid'] = signed_gid.save_to_string(save_parents=True)
- table.update(record)
-
- # if this is an authority then update the hierarchy
- if record['type'] == 'authority':
- record_info = hierarchy.get_auth_info(record['hrn'])
- signed_gid.save_to_file(filename=record_info.gid_filename, save_parents=True)
-
- # update list of next authorities
- tmp_authorities = set([record['hrn'] for record in records \
- if record['type'] == 'authority'])
- next_authorities.extend(tmp_authorities)
-
- # move on to next set of authorities
- authorities = next_authorities