# the gid and hrn of the object we are delegating
object_gid = cred.get_gid_object()
object_hrn = object_gid.get_hrn()
-
- if not object_cred.get_delegate():
+ cred.set_delegate(True)
+ if not cred.get_delegate():
raise Exception, "Error: Object credential %(object_hrn)s does not have delegate bit set" % locals()
- records = registry.resolve(user_cred, hrn)
+ records = registry.resolve(cred, hrn)
records = filter_records(type, records)
if not records:
dcred = Credential(subject=object_hrn + " delegated to " + delegee_hrn)
dcred.set_gid_caller(delegee_gid)
dcred.set_gid_object(object_gid)
- dcred.set_privileges(object_cred.get_privileges())
+ dcred.set_privileges(cred.get_privileges())
dcred.set_delegate(True)
dcred.set_pubkey(object_gid.get_pubkey())
dcred.set_issuer(user_key, user_hrn)
- dcred.set_parent(object_cred)
+ dcred.set_parent(cred)
dcred.encode()
dcred.sign()
os.remove(outfn)
return key_string
-
#
# Generate sub-command parser
#
if record.get_name() == user_cred.get_gid_object().get_hrn():
cred = user_cred
else:
- create = get_auth_cred()
+ cred = get_auth_cred()
elif record.get_type() in ["slice"]:
try:
cred = get_slice_cred(record.get_name())
raise
elif record.get_type() in ["authority"]:
cred = get_auth_cred()
+ elif record.get_type() == 'node':
+ cred = get_auth_cred()
else:
raise "unknown record type" + record.get_type()
return registry.update(cred, record)
format = opts.format
display_rspec(result, format)
if (opts.file is not None):
- save_rspec_to_file(opts.file, result)
+ save_rspec_to_file(result, opts.file)
return
# created named slice with given rspec