Parameter(str, "Credential string"),
Parameter(str, "Human readable name of slice to instantiate"),
Parameter(str, "Resource specification"),
+ Mixed(Parameter(str, "Request hash"),
+ Parameter(None, "Request hash not specified"))
]
returns = Parameter(int, "1 if successful")
- def call(self, cred, hrn, requested_rspec, caller_cred=None):
+ def call(self, cred, hrn, requested_rspec, request_hash=None, caller_cred=None):
if caller_cred==None:
caller_cred=cred
+ # This cred will be an slice cred, not a user, so we cant use it to
+ # authenticate the caller's request_hash. Let just get the caller's gid
+ # from the cred and authenticate using that
+ client_gid = Credential(string=cred).get_gid_caller()
+ client_gid_str = client_gid.save_to_string(save_parents=True)
+ self.api.auth.authenticateGid(client_gid_str, [cred, hrn, requested_rspec], request_hash)
self.api.auth.check(cred, 'createslice')
#log the call
sfa_aggregate_type = Config().get_aggregate_rspec_type()
rspec_manager = __import__("sfa.rspecs.aggregates.rspec_manager_"+sfa_aggregate_type, fromlist = ["sfa.rspecs.aggregates"])
#Filter the incoming rspec using sfatables
- incoming_rules = SFATablesRules('OUTGOING')
+ incoming_rules = SFATablesRules('INCOMING')
#incoming_rules.set_slice(hrn) # This is a temporary kludge. Eventually, we'd like to fetch the context requested by the match/target
git://git.onelab.eu / sfa.git / blobdiff