X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;ds=sidebyside;f=sfa%2Fmethods%2Fget_trusted_certs.py;h=1b26d468c5e588d11c0bb9100cdc690179d46e17;hb=HEAD;hp=628950bc234789faaa26985799624983727446c8;hpb=60207453d2a26671c5e7f33f8d112972adcfe99b;p=sfa.git

diff --git a/sfa/methods/get_trusted_certs.py b/sfa/methods/get_trusted_certs.py
index 628950bc..1b26d468 100644
--- a/sfa/methods/get_trusted_certs.py
+++ b/sfa/methods/get_trusted_certs.py
@@ -1,37 +1,42 @@
-### $Id: reset_slices.py 15428 2009-10-23 15:28:03Z tmack $
-### $URL: https://svn.planet-lab.org/svn/sfa/trunk/sfa/methods/reset_slices.py $
-
-from sfa.util.faults import *
-from sfa.util.misc import *
 from sfa.util.method import Method
-from sfa.util.parameter import Parameter, Mixed
+from sfa.util.sfalogging import logger
+
 from sfa.trust.auth import Auth
+from sfa.trust.credential import Credential
+
+from sfa.storage.parameter import Parameter, Mixed
+
 
 class get_trusted_certs(Method):
     """
     @param cred credential string specifying the rights of the caller
-    @param request_hash hash of the request
-    @return 1 is successful, faults otherwise  
+    @return list of gid strings
     """
 
-    interfaces = ['registry']
-    
+    interfaces = ['registry', 'aggregate']
+
     accepts = [
-        Parameter(str, "Credential string"),
-        Mixed(Parameter(str, "Request hash"),
-              Parameter(None, "Request hash not specified"))
-        ]
-
-    returns = Parameter(int, "1 if successful")
-    
-    def call(self, cred, request_hash=None):
+        Mixed(Parameter(str, "Credential string"),
+              Parameter(None, "Credential not specified"))
+    ]
+
+    returns = Parameter(type([str]), "List of GID strings")
+
+    def call(self, cred=None):
+        # If cred is not specified just return the gid for this interface.
+        # This is true when when a peer is attempting to initiate federation
+        # with this interface
+        logger.debug("get_trusted_certs: %r" % cred)
+        if not cred:
+            gid_strings = []
+            for gid in self.api.auth.trusted_cert_list:
+                if gid.get_hrn() == self.api.config.SFA_INTERFACE_HRN:
+                    gid_strings.append(gid.save_to_string(save_parents=True))
+            return gid_strings
+
         # authenticate the cred
-        client_gid = Credential(string=cred).get_gid_caller()
-        client_gid_str = client_gid.save_to_string(save_parents=True)
-        self.api.auth.authenticateGid(client_gid_str, [cred, hrn], request_hash) 
         self.api.auth.check(cred, 'gettrustedcerts')
+        gid_strings = [gid.save_to_string(save_parents=True) for
+                       gid in self.api.auth.trusted_cert_list]
 
-        trusted_cert_strings = [gid.save_to_string(save_parents=True) for \
-                                gid in self.api.auth.trusted_cert_list] 
-        
-        return trusted_cert_strings 
+        return gid_strings