X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;ds=sidebyside;f=sfa%2Fmanagers%2Fregistry_manager_openstack.py;h=6340bbe7ad335230ec491eb106d2ff4abe88a36e;hb=600a3c5f747edd45e95cdf2877fae089415ab6b2;hp=b5c10fae353835434df0946c452e19c493e5bc3e;hpb=78e76c153ab3f03992ef3b219b1d453a533ee4c5;p=sfa.git

diff --git a/sfa/managers/registry_manager_openstack.py b/sfa/managers/registry_manager_openstack.py
index b5c10fae..6340bbe7 100644
--- a/sfa/managers/registry_manager_openstack.py
+++ b/sfa/managers/registry_manager_openstack.py
@@ -9,7 +9,6 @@ from sfa.util.faults import RecordNotFound, AccountNotEnabled, PermissionError,
 from sfa.util.sfatime import utcparse, datetime_to_epoch
 from sfa.util.prefixTree import prefixTree
 from sfa.util.xrn import Xrn, get_authority, hrn_to_urn, urn_to_hrn
-from sfa.util.plxrn import hrn_to_pl_login_base
 from sfa.util.version import version_core
 from sfa.util.sfalogging import logger
 
@@ -38,9 +37,10 @@ class RegistryManager(RegistryManager):
             auth_hrn = hrn
         auth_info = api.auth.get_auth_info(auth_hrn)
         # get record info
-        record=dbsession.query(RegRecord).filter_by(hrn=hrn).first()
+        filter = {'hrn': hrn}
         if type:
-            record = record.filter_by(type=type)
+            filter['type'] = type
+        record=dbsession.query(RegRecord).filter_by(**filter).first()
         if not record:
             raise RecordNotFound("hrn=%s, type=%s"%(hrn,type))
     
@@ -60,15 +60,16 @@ class RegistryManager(RegistryManager):
             caller_gid = record.get_gid_object()
         else:
             caller_hrn, caller_type = urn_to_hrn(caller_xrn)
-            caller_record = dbsession.query(RegRecord).filter_by(hrn=caller_hrn).first()
+            caller_filter = {'hrn': caller_hrn}
             if caller_type:
-                caller_record = caller_record.filter_by(type=caller_type)
+                caller_filter['type'] = caller_type 
+            caller_record = dbsession.query(RegRecord).filter_by(**caller_filter).first()
             if not caller_record:
                 raise RecordNotFound("Unable to associated caller (hrn=%s, type=%s) with credential for (hrn: %s, type: %s)"%(caller_hrn, caller_type, hrn, type))
             caller_gid = GID(string=caller_record.gid) 
         
         object_hrn = record.get_gid_object().get_hrn()
-        rights = api.auth.determine_user_rights(caller_hrn, record)
+        rights = api.auth.determine_user_rights(caller_hrn, record.todict())
         # make sure caller has rights to this object
         if rights.is_empty():
             raise PermissionError(caller_hrn + " has no rights to " + record.hrn)