from sfa.trust.auth import Auth
from sfa.plc.slices import Slices
from sfa.util.config import Config
-# RSpecManager_pl is not used. This is just to resolve issues with the dynamic __import__ that comes later.
+# RSpecManager_pl is not used. It's used to make sure the module is in place.
import sfa.rspecs.aggregates.rspec_manager_pl
from sfa.trust.credential import Credential
+from sfatables.runtime import SFATablesRules
class create_slice(Method):
returns = Parameter(int, "1 if successful")
- def call(self, cred, hrn, rspec, caller_cred=None):
+ def call(self, cred, hrn, requested_rspec, caller_cred=None):
if caller_cred==None:
caller_cred=cred
#log the call
self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, Credential(string=caller_cred).get_gid_caller().get_hrn(), hrn, self.name))
+ # Filter the incoming rspec using sfatables
+ incoming_rules = SFATablesRules('OUTGOING')
+
+ incoming_rules.set_user_(caller_cred.callerGID.hrn) # This is a temporary kludge. Eventually, we'd like to fetch the context requested by the match/target
+
+ rspec = incoming_rules.apply(requested_rspec)
+
+
sfa_aggregate_type = Config().get_aggregate_rspec_type()
self.api.auth.check(cred, 'createslice')
if (sfa_aggregate_type == 'pl'):
# To clean up after July 21 - SB
rspec_manager = __import__("sfa.rspecs.aggregates.rspec_manager_"+sfa_aggregate_type, fromlist = ["sfa.rspecs.aggregates"])
rspec = rspec_manager.create_slice(self.api, hrn, rspec)
+
+
return 1
git://git.onelab.eu / sfa.git / blobdiff