X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=PLC%2FAuth.py;h=bb62c0919bad7a27758a7c4858636e49e7843eda;hb=e25d1555c7f4854e71f3082da697eb0b0f3c7733;hp=be54b1262bf9c8bf4d152be9604ba3cd4bc5d1ec;hpb=8aef0711f071e10868c1ac5d6d987d92c6f00781;p=plcapi.git diff --git a/PLC/Auth.py b/PLC/Auth.py index be54b12..bb62c09 100644 --- a/PLC/Auth.py +++ b/PLC/Auth.py @@ -4,7 +4,7 @@ # Mark Huang # Copyright (C) 2006 The Trustees of Princeton University # -# $Id: Auth.py,v 1.8 2006/11/09 19:43:55 mlhuang Exp $ +# $Id: Auth.py,v 1.10 2007/01/04 16:01:28 mlhuang Exp $ # import crypt @@ -18,7 +18,6 @@ from PLC.Persons import Persons from PLC.Nodes import Node, Nodes from PLC.Sessions import Session, Sessions from PLC.Peers import Peer, Peers -from PLC.GPG import gpg_verify class Auth(Parameter): """ @@ -57,21 +56,22 @@ class GPGAuth(Auth): method.caller = peer = peers[0] keys = [peer['key']] else: - persons = Persons(method.api, {'email': auth['name'], 'enabled': True}) + persons = Persons(method.api, {'email': auth['name'], 'enabled': True, 'peer_id': None}) if not persons: - raise PLCAuthenticationFailure, "No such peer or user '%s'" % auth['name'] + raise PLCAuthenticationFailure, "No such user '%s'" % auth['name'] if not set(person['roles']).intersection(method.roles): raise PLCAuthenticationFailure, "Not allowed to call method" method.caller = person = persons[0] - keys = Keys(method.api, {'key_id': person['key_ids'], 'key_type': "gpg"}) + keys = Keys(method.api, {'key_id': person['key_ids'], 'key_type': "gpg", 'peer_id': None}) if not keys: raise PLCAuthenticationFailure, "No GPG key on record for peer or user '%s'" for key in keys: try: + from PLC.GPG import gpg_verify gpg_verify(method.name, args, auth['signature'], key) return except PLCAuthenticationFailure, fault: @@ -109,7 +109,7 @@ class SessionAuth(Auth): try: if session['node_id'] is not None: - nodes = Nodes(method.api, [session['node_id']]) + nodes = Nodes(method.api, {'node_id': session['node_id'], 'peer_id': None}) if not nodes: raise PLCAuthenticationFailure, "No such node" node = nodes[0] @@ -120,7 +120,7 @@ class SessionAuth(Auth): method.caller = node elif session['person_id'] is not None and session['expires'] > time.time(): - persons = Persons(method.api, {'person_id': session['person_id'], 'enabled': True}) + persons = Persons(method.api, {'person_id': session['person_id'], 'enabled': True, 'peer_id': None}) if not persons: raise PLCAuthenticationFailure, "No such account" person = persons[0] @@ -182,7 +182,7 @@ class BootAuth(Auth): assert auth.has_key('node_id') try: - nodes = Nodes(method.api, [auth['node_id']]) + nodes = Nodes(method.api, {'node_id': auth['node_id'], 'peer_id': None}) if not nodes: raise PLCAuthenticationFailure, "No such node" node = nodes[0] @@ -269,7 +269,7 @@ class PasswordAuth(Auth): assert auth.has_key('Username') # Get record (must be enabled) - persons = Persons(method.api, {'email': auth['Username'], 'enabled': True}) + persons = Persons(method.api, {'email': auth['Username'], 'enabled': True, 'peer_id': None}) if len(persons) != 1: raise PLCAuthenticationFailure, "No such account"