git://git.onelab.eu / sfa.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Credential.actual_caller_hrn tries to find out who is really calling, for delegated...
[sfa.git] / sfa / methods / Allocate.py
diff --git a/sfa/methods/Allocate.py b/sfa/methods/Allocate.py
index b549fd6..42237a1 100644 (file)
--- a/sfa/methods/Allocate.py
+++ b/sfa/methods/Allocate.py
@@ -1,5 +1,6 @@
 from sfa.util.faults import SfaInvalidArgument, InvalidRSpec, SfatablesRejected
-from sfa.util.xrn import Xrn
+from sfa.util.sfatime import datetime_to_string 
+from sfa.util.xrn import Xrn, urn_to_hrn
 from sfa.util.method import Method
 from sfa.util.sfatablesRuntime import run_sfatables
 from sfa.trust.credential import Credential
@@ -38,7 +39,10 @@ class Allocate(Method):
         self.api.logger.info("interface: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, xrn.get_hrn(), self.name))
 
         # Find the valid credentials
-        valid_creds = self.api.auth.checkCredentials(creds, 'createsliver', xrn.get_hrn())
+        valid_creds = self.api.auth.checkCredentials(creds, 'createsliver', xrn.get_hrn(), options=options)
+        # use the expiration from the first valid credential to determine when 
+        # the slivers should expire.
+        expiration = datetime_to_string(Credential(cred=valid_creds[0]).expiration)
         
         # make sure request is not empty
         slivers = RSpec(rspec).version.get_nodes_with_slivers()
@@ -51,12 +55,14 @@ class Allocate(Method):
         elif self.api.interface in ['slicemgr']:
             chain_name = 'FORWARD-INCOMING'
         self.api.logger.debug("Allocate: sfatables on chain %s"%chain_name)
-        origin_hrn = Credential(cred=valid_creds[0]).get_gid_caller().get_hrn()
-        self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, xrns, self.name)) 
-        rspec = run_sfatables(chain_name, xrn.get_hrn(), origin_hrn, rspec)
+        actual_caller_hrn = Credential(cred=valid_creds[0]).actual_caller_hrn()
+        self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, actual_caller_hrn, xrn, self.name)) 
+        rspec = run_sfatables(chain_name, xrn.get_hrn(), actual_caller_hrn, rspec)
         slivers = RSpec(rspec).version.get_nodes_with_slivers()
         if not slivers:
             raise SfatablesRejected(slice_xrn)
 
-        result = self.api.manager.Allocate(self.api, xrn.get_urn(), creds, rspec, options)
+        # pass this to the driver code in case they need it
+        options['actual_caller_hrn'] = actual_caller_hrn
+        result = self.api.manager.Allocate(self.api, xrn.get_urn(), creds, rspec, expiration, options)
         return result
sfa