import os
import datetime
-from xml.dom.minidom import Document, parseString
from tempfile import mkstemp
+from xml.dom.minidom import Document, parseString
+from dateutil.parser import parse
+
+import sfa.util.sfalogging
from sfa.trust.certificate import Keypair
from sfa.trust.credential_legacy import CredentialLegacy
from sfa.trust.rights import *
from sfa.trust.gid import *
from sfa.util.faults import *
-from sfa.util.sfalogging import logger
-from dateutil.parser import parse
# not be changed else the signature is no longer valid. So, once
# you have loaded an existing signed credential, do not call encode() or sign() on it.
-def filter_creds_by_caller(self, creds, caller_hrn):
+def filter_creds_by_caller(creds, caller_hrn):
"""
Returns a list of creds who's gid caller matches the
specified caller hrn
trusted_cert_objects.append(GID(filename=f))
ok_trusted_certs.append(f)
except Exception, exc:
- logger.error("Failed to load trusted cert from %s: %r", f, exc)
+ sfa.util.sfalogging.logger.error("Failed to load trusted cert from %s: %r", f, exc)
trusted_certs = ok_trusted_certs
# Use legacy verification if this is a legacy credential
# Maybe should be (hrn, type) = urn_to_hrn(root_cred_signer.get_urn())
root_cred_signer_type = root_cred_signer.get_type()
if (root_cred_signer_type == 'authority'):
- #logger.debug('Cred signer is an authority')
+ #sfa.util.sfalogging.logger.debug('Cred signer is an authority')
# signer is an authority, see if target is in authority's domain
hrn = root_cred_signer.get_hrn()
if root_target_gid.get_hrn().startswith(hrn):