git://git.onelab.eu / sfa.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
fix bug in dump() (thanks Sarah)
[sfa.git] / sfa / trust / credential.py
diff --git a/sfa/trust/credential.py b/sfa/trust/credential.py
index 5478b03..9b8d8f7 100644 (file)
--- a/sfa/trust/credential.py
+++ b/sfa/trust/credential.py
@@ -26,16 +26,14 @@
 # Credentials are signed XML files that assign a subject gid privileges to an object gid
 ##
 
-### $Id$
-### $URL$
-
 import os
 import datetime
 from tempfile import mkstemp
+import dateutil.parser
+from StringIO import StringIO 
 from xml.dom.minidom import Document, parseString
-from dateutil.parser import parse
 from lxml import etree
-from StringIO import StringIO 
+
 from sfa.util.faults import *
 from sfa.util.sfalogging import sfa_logger
 from sfa.trust.certificate import Keypair
@@ -585,7 +583,7 @@ class Credential(object):
         
 
         self.set_refid(cred.getAttribute("xml:id"))
-        self.set_expiration(parse(getTextNode(cred, "expires")))
+        self.set_expiration(dateutil.parser.parse(getTextNode(cred, "expires")))
         self.gidCaller = GID(string=getTextNode(cred, "owner_gid"))
         self.gidObject = GID(string=getTextNode(cred, "target_gid"))   
 
@@ -660,9 +658,9 @@ class Credential(object):
             if schema and os.path.exists(schema):
                 tree = etree.parse(StringIO(self.xml))
                 schema_doc = etree.parse(schema)
-                relaxng = etree.RelaxNG(schema_doc)
-                if not relaxng(tree):
-                    error = relaxng.error_log.last_error
+                xmlschema = etree.XMLSchema(schema_doc)
+                if not xmlschema.validate(tree):
+                    error = xmlschema.error_log.last_error
                     message = "%s (line %s)" % (error.message, error.line)
                     raise CredentialNotVerifiable(message) 
             
@@ -677,7 +675,7 @@ class Credential(object):
                 trusted_cert_objects.append(GID(filename=f))
                 ok_trusted_certs.append(f)
             except Exception, exc:
-                sfa_logger().error("Failed to load trusted cert from %s: %r", f, exc)
+                sfa_logger().error("Failed to load trusted cert from %s: %r"%( f, exc))
         trusted_certs = ok_trusted_certs
 
         # Use legacy verification if this is a legacy credential
@@ -861,13 +859,18 @@ class Credential(object):
             result += "  gidCaller:\n"
             result += gidCaller.dump_string(8, dump_parents)
 
+        if self.get_signature():
+            print "  gidIssuer:"
+            self.get_signature().get_issuer_gid().dump(8, dump_parents)
+
         gidObject = self.get_gid_object()
         if gidObject:
             result += "  gidObject:\n"
             result += gidObject.dump_string(8, dump_parents)
 
         if self.parent and dump_parents:
-            result += "PARENT"
-            result += self.parent.dump_string(dump_parents)
+            result += "\nPARENT"
+            result += self.parent.dump(True)
+
         return result
 
sfa