import os
-from sfa.util.faults import *
+from sfa.util.faults import MissingAuthority
from sfa.util.sfalogging import logger
from sfa.util.xrn import get_leaf, get_authority, hrn_to_urn, urn_to_hrn
from sfa.trust.certificate import Keypair
from sfa.trust.credential import Credential
from sfa.trust.gid import GID, create_uuid
from sfa.util.config import Config
-from sfa.util.sfaticket import SfaTicket
+from sfa.trust.sfaticket import SfaTicket
##
# The AuthInfo class contains the information for an authority. This information
# @param basedir the base directory to store the hierarchy in
def __init__(self, basedir = None):
+ self.config = Config()
if not basedir:
- self.config = Config()
basedir = os.path.join(self.config.SFA_DATA_DIR, "authorities")
self.basedir = basedir
##
parent_urn = hrn_to_urn(parent_hrn, 'authority')
if (parent_hrn) and (not self.auth_exists(parent_urn)) and (create_parents):
self.create_auth(parent_urn, create_parents)
-
(directory, gid_filename, privkey_filename, dbinfo_filename) = \
self.get_auth_filenames(hrn)
dbinfo_file.write(str(dbinfo))
dbinfo_file.close()
+ def create_top_level_auth(self, hrn=None):
+ """
+ Create top level records (includes root and sub authorities (local/remote)
+ """
+ if not hrn:
+ hrn = self.config.SFA_INTERFACE_HRN
+ # make sure parent exists
+ parent_hrn = get_authority(hrn)
+ if not parent_hrn:
+ parent_hrn = hrn
+ if not parent_hrn == hrn:
+ self.create_top_level_auth(parent_hrn)
+
+ # create the authority if it doesnt alrady exist
+ if not self.auth_exists(hrn):
+ self.create_auth(hrn)
+
+
+ def get_interface_auth_info(self, create=True):
+ hrn = self.config.SFA_INTERFACE_HRN
+ if not self.auth_exists(hrn):
+ if create==True:
+ self.create_top_level_auth(hrn)
+ else:
+ raise MissingAuthority(hrn)
+ return self.get_auth_info(hrn)
##
# Return the AuthInfo object for the specified authority. If the authority
# does not exist, then an exception is thrown. As a side effect, disk files
def get_auth_info(self, xrn):
hrn, type = urn_to_hrn(xrn)
if not self.auth_exists(hrn):
- logger.warning("Hierarchy: mising authority - xrn=%s, hrn=%s"%(xrn,hrn))
+ logger.warning("Hierarchy: missing authority - xrn=%s, hrn=%s"%(xrn,hrn))
raise MissingAuthority(hrn)
(directory, gid_filename, privkey_filename, dbinfo_filename) = \
def create_gid(self, xrn, uuid, pkey, CA=False):
hrn, type = urn_to_hrn(xrn)
+ if not type:
+ type = 'authority'
parent_hrn = get_authority(hrn)
# Using hrn_to_urn() here to make sure the urn is in the right format
# If xrn was a hrn instead of a urn, then the gid's urn will be
# of type None
urn = hrn_to_urn(hrn, type)
gid = GID(subject=hrn, uuid=uuid, hrn=hrn, urn=urn)
-
# is this a CA cert
if hrn == self.config.SFA_INTERFACE_HRN or not parent_hrn:
# root or sub authority