### $URL$
import time
from sfa.util.faults import *
+from sfa.util.namespace import *
from sfa.util.method import Method
from sfa.util.parameter import Parameter, Mixed
from sfa.trust.auth import Auth
from sfa.util.config import Config
from sfa.trust.credential import Credential
-from sfa.util.genitable import GeniTable
+from sfa.util.table import SfaTable
from sfa.util.sfaticket import SfaTicket
from sfa.plc.slices import Slices
from sfatables.runtime import SFATablesRules
initscripts.
@param cred credential string
- @param name name of the slice to retrieve a ticket for
+ @param name name of the slice to retrieve a ticket for (hrn or urn)
@param rspec resource specification dictionary
@return the string representation of a ticket object
accepts = [
Parameter(str, "Credential string"),
- Parameter(str, "Human readable name of slice to retrive a ticket for (hrn)"),
+ Parameter(str, "Human readable name of slice to retrive a ticket for (hrn or urn)"),
Parameter(str, "Resource specification (rspec)"),
- Mixed(Parameter(str, "Request hash"),
- Parameter(None, "Request hash not specified"))
+ Mixed(Parameter(str, "Human readable name of the original caller"),
+ Parameter(None, "Origin hrn not specified"))
]
returns = Parameter(str, "String represeneation of a ticket object")
- def call(self, cred, hrn, rspec, request_hash=None, origin_hrn=None):
- self.api.auth.authenticateCred(cred, [cred, hrn, rspec], request_hash)
- self.api.auth.check(cred, "getticket")
- self.api.auth.verify_object_belongs_to_me(hrn)
- self.api.auth.verify_object_permission(hrn)
-
- if origin_hrn==None:
- origin_hrn=Credential(string=cred).get_gid_caller().get_hrn()
+ def call(self, cred, xrn, rspec, origin_hrn=None):
+ hrn, type = urn_to_hrn(xrn)
+ user_cred = Credential(string=cred)
- #log the call
+ #log the call
+ if not origin_hrn:
+ origin_hrn = user_cred.get_gid_caller().get_hrn()
self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, hrn, self.name))
-
+
+ # validate the cred
+ self.api.auth.check(cred, "getticket", hrn)
+
# set the right outgoing rules
manager_base = 'sfa.managers'
if self.api.interface in ['aggregate']:
rspec_object = RSpec(xml=rspec)
rspec_object.filter(tagname='NodeSpec', attribute='name', whitelist=valid_hostnames)
rspec = rspec_object.toxml()
- ticket = manager.get_ticket(self.api, hrn, rspec, origin_hrn)
+ ticket = manager.get_ticket(self.api, xrn, rspec, origin_hrn)
return ticket