return True
+
+ def verify_cred_is_me(self, credential):
+ is_me = False
+ cred = Credential(string=credential)
+ caller_gid = cred.get_gid_caller()
+ caller_hrn = caller_gid.get_hrn()
+ if caller_hrn != self.config.SFA_INTERFACE_HRN:
+ raise GeniPermissionError(self.config.SFA_INTEFACE_HRN)
+
+ return
def get_auth_info(self, auth_hrn):
"""
return self.hierarchy.get_auth_info(auth_hrn)
- def get_auth_table(self, auth_name):
- """
- Given an authority name, return the database table for that authority.
- If the databse table does not exist, then one will be automatically
- created.
-
- @param auth_name human readable name of authority
- """
- auth_info = self.get_auth_info(auth_name)
- table = GeniTable(hrn=auth_name,
- cninfo=auth_info.get_dbinfo())
- # if the table doesn't exist, then it means we haven't put any records
- # into this authority yet.
-
- if not table.exists():
- print >> log, "Registry: creating table for authority", auth_name
- table.create()
-
- return table
-
def veriry_auth_belongs_to_me(self, name):
"""
Verify that an authority belongs to our hierarchy.
@param auth_name human readable name of authority
"""
+ # get auth info will throw an exception if the authority doesnt exist
self.get_auth_info(name)
"""
auth_name = self.get_authority(name)
if not auth_name:
- # the root authority belongs to the registry by default?
- # TODO: is this true?
+ auth_name = name
+ if name == self.config.SFA_INTERFACE_HRN:
return
self.verify_auth_belongs_to_me(auth_name)
return
if name.startswith(object_hrn + "."):
return
- if name.startswith(get_authority(name)):
- return
+ #if name.startswith(get_authority(name)):
+ #return
raise PermissionError(name)
verify_cancreate_credential()
"""
- type = record.get_type()
+ type = record['type']
if src_cred:
cred_object_hrn = src_cred.get_gid_object().get_hrn()
else: