- def create_gid(self, hrn, uuid, pkey):
- gid = GID(subject=hrn, uuid=uuid, hrn=hrn)
+ def create_gid(self, xrn, uuid, pkey, CA=False, email=None, force_parent=None):
+ hrn, type = urn_to_hrn(xrn)
+ if not type:
+ type = 'authority'
+ parent_hrn = force_parent if force_parent else get_authority(hrn)
+ # Using hrn_to_urn() here to make sure the urn is in the right format
+ # If xrn was a hrn instead of a urn, then the gid's urn will be
+ # of type None
+ urn = hrn_to_urn(hrn, type)
+ gid = GID(subject=hrn, uuid=uuid, hrn=hrn, urn=urn, email=email)
+ # is this a CA cert
+ if hrn == self.config.SFA_INTERFACE_HRN or not parent_hrn:
+ # root or sub authority
+ gid.set_intermediate_ca(True)
+ elif type and 'authority' in type:
+ # authority type
+ gid.set_intermediate_ca(True)
+ elif CA:
+ gid.set_intermediate_ca(True)
+ else:
+ gid.set_intermediate_ca(False)