git://git.onelab.eu / sfa.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
support recursive by inlcuding '*' at the end of the hrn
[sfa.git] / sfa / managers / registry_manager.py
diff --git a/sfa/managers/registry_manager.py b/sfa/managers/registry_manager.py
index 518072b..78aecfd 100644 (file)
--- a/sfa/managers/registry_manager.py
+++ b/sfa/managers/registry_manager.py
@@ -53,14 +53,13 @@ class RegistryManager:
         record=dbsession.query(RegRecord).filter_by(type=type,hrn=hrn).first()
         if not record:
             raise RecordNotFound("hrn=%s, type=%s"%(hrn,type))
-    
-        # verify_cancreate_credential requires that the member lists
-        # (researchers, pis, etc) be filled in
-        logger.debug("get credential before augment dict, keys=%s"%record.__dict__.keys())
-        self.driver.augment_records_with_testbed_info (record.__dict__)
-        logger.debug("get credential after augment dict, keys=%s"%record.__dict__.keys())
-        if not self.driver.is_enabled (record.__dict__):
-              raise AccountNotEnabled(": PlanetLab account %s is not enabled. Please contact your site PI" %(record.email))
+
+        # xxx for the record only
+        # used to call this, which was wrong, now all needed data is natively is our DB
+        # self.driver.augment_records_with_testbed_info (record.__dict__)
+        # likewise, we deprecate is_enabled which was not really useful
+        # if not self.driver.is_enabled (record.__dict__): ...
+        # xxx for the record only
     
         # get the callers gid
         # if caller_xrn is not specified assume the caller is the record
@@ -79,7 +78,8 @@ class RegistryManager:
             caller_gid = GID(string=caller_record.gid)
  
         object_hrn = record.get_gid_object().get_hrn()
-        rights = api.auth.determine_user_rights(caller_hrn, record.__dict__)
+        # call the builtin authorization/credential generation engine
+        rights = api.auth.determine_user_rights(caller_hrn, record)
         # make sure caller has rights to this object
         if rights.is_empty():
             raise PermissionError("%s has no rights to %s (%s)" % \
@@ -187,6 +187,10 @@ class RegistryManager:
     
     def List (self, api, xrn, origin_hrn=None):
         hrn, type = urn_to_hrn(xrn)
+        recursive = False
+        if hrn.endswith('*'):
+            hrn = hrn[:-1]
+            recursive = True
         # load all know registry names into a prefix tree and attempt to find
         # the longest matching prefix
         registries = api.registries
@@ -214,7 +218,10 @@ class RegistryManager:
         if not record_dicts:
             if not api.auth.hierarchy.auth_exists(hrn):
                 raise MissingAuthority(hrn)
-            records = dbsession.query(RegRecord).filter_by(authority=hrn)
+            if recursive:
+                records = dbsession.query(RegRecord).filter(RegRecord.hrn.startswith(hrn))
+            else:
+                records = dbsession.query(RegRecord).filter_by(authority=hrn)
             record_dicts=[ record.todict() for record in records ]
     
         return record_dicts
sfa