from sfa.trust.certificate import Certificate, Keypair, convert_public_key
from sfa.trust.gid import create_uuid
-from sfa.storage.model import make_record,RegRecord
+from sfa.storage.model import make_record, RegRecord, RegUser
from sfa.storage.alchemy import dbsession
class RegistryManager:
rights = api.auth.determine_user_rights(caller_hrn, record.__dict__)
# make sure caller has rights to this object
if rights.is_empty():
- raise PermissionError(caller_hrn + " has no rights to " + record.hrn)
-
+ raise PermissionError("%s has no rights to %s (%s)" % \
+ (caller_hrn, object_hrn, xrn))
object_gid = GID(string=record.gid)
new_cred = Credential(subject = object_gid.get_subject())
new_cred.set_gid_caller(caller_gid)
gid = auth_info.get_gid_object()
record.gid=gid.save_to_string(save_parents=True)
+ # post-process / cleanup for relation ships
+ if isinstance (record, RegUser):
+ record.normalize_xml()
+
# update testbed-specific data if needed
pointer = self.driver.register (record.__dict__, hrn, pub_key)