git://git.onelab.eu / sfa.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
check the specified hrn against the target hrn in the credential
[sfa.git] / sfa / methods / get_ticket.py
diff --git a/sfa/methods/get_ticket.py b/sfa/methods/get_ticket.py
index 94b9e9e..bbcfdf6 100644 (file)
--- a/sfa/methods/get_ticket.py
+++ b/sfa/methods/get_ticket.py
@@ -2,12 +2,13 @@
 ### $URL$
 import time
 from sfa.util.faults import *
+from sfa.util.namespace import *
 from sfa.util.method import Method
 from sfa.util.parameter import Parameter, Mixed
 from sfa.trust.auth import Auth
 from sfa.util.config import Config
 from sfa.trust.credential import Credential
-from sfa.util.genitable import GeniTable
+from sfa.util.table import SfaTable
 from sfa.util.sfaticket import SfaTicket
 from sfa.plc.slices import Slices
 from sfatables.runtime import SFATablesRules
@@ -24,7 +25,7 @@ class get_ticket(Method):
     initscripts.
     
     @param cred credential string
-    @param name name of the slice to retrieve a ticket for
+    @param name name of the slice to retrieve a ticket for (hrn or urn)
     @param rspec resource specification dictionary
     
     @return the string representation of a ticket object
@@ -34,26 +35,26 @@ class get_ticket(Method):
     
     accepts = [
         Parameter(str, "Credential string"),
-        Parameter(str, "Human readable name of slice to retrive a ticket for (hrn)"),
+        Parameter(str, "Human readable name of slice to retrive a ticket for (hrn or urn)"),
         Parameter(str, "Resource specification (rspec)"),
-        Mixed(Parameter(str, "Request hash"),
-              Parameter(None, "Request hash not specified"))
+        Mixed(Parameter(str, "Human readable name of the original caller"),
+              Parameter(None, "Origin hrn not specified"))
         ]
 
     returns = Parameter(str, "String represeneation of a ticket object")
     
-    def call(self, cred, hrn, rspec, request_hash=None, origin_hrn=None):
-        self.api.auth.authenticateCred(cred, [cred, hrn, rspec], request_hash)
-        self.api.auth.check(cred, "getticket")
-        self.api.auth.verify_object_belongs_to_me(hrn)
-        self.api.auth.verify_object_permission(hrn)
-       
-       if origin_hrn==None:
-           origin_hrn=Credential(string=cred).get_gid_caller().get_hrn()
+    def call(self, cred, xrn, rspec, origin_hrn=None):
+        hrn, type = urn_to_hrn(xrn)
+        user_cred = Credential(string=cred)
 
-       #log the call
+        #log the call
+        if not origin_hrn:
+            origin_hrn = user_cred.get_gid_caller().get_hrn()
         self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, hrn, self.name))
-   
+
+        # validate the cred
+        self.api.auth.check(cred, "getticket", hrn)
+       
         # set the right outgoing rules
         manager_base = 'sfa.managers'
         if self.api.interface in ['aggregate']:
@@ -82,7 +83,7 @@ class get_ticket(Method):
         rspec_object = RSpec(xml=rspec)
         rspec_object.filter(tagname='NodeSpec', attribute='name', whitelist=valid_hostnames)
         rspec = rspec_object.toxml() 
-        ticket = manager.get_ticket(self.api, hrn, rspec, origin_hrn)
+        ticket = manager.get_ticket(self.api, xrn, rspec, origin_hrn)
         
         return ticket
         
sfa