X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=sfa%2Fmethods%2Fget_ticket.py;h=314e35950e1bd380d8e3baff58fbcd6edb89f008;hb=3d7237fa0b5f2b4a60cb97c7fb3b6aecfd94558a;hp=690d608526322c637670f3d649889d1f67f642aa;hpb=b17538289e0da818ddcce677f4220d82bbb67044;p=sfa.git diff --git a/sfa/methods/get_ticket.py b/sfa/methods/get_ticket.py index 690d6085..314e3595 100644 --- a/sfa/methods/get_ticket.py +++ b/sfa/methods/get_ticket.py @@ -7,10 +7,11 @@ from sfa.util.parameter import Parameter, Mixed from sfa.trust.auth import Auth from sfa.util.config import Config from sfa.trust.credential import Credential -from sfa.util.genitable import GeniTable +from sfa.util.table import SfaTable from sfa.util.sfaticket import SfaTicket from sfa.plc.slices import Slices from sfatables.runtime import SFATablesRules +from sfa.util.rspec import * class get_ticket(Method): """ @@ -35,18 +36,23 @@ class get_ticket(Method): Parameter(str, "Credential string"), Parameter(str, "Human readable name of slice to retrive a ticket for (hrn)"), Parameter(str, "Resource specification (rspec)"), - Mixed(Parameter(str, "Request hash"), - Parameter(None, "Request hash not specified")) + Mixed(Parameter(str, "Human readable name of the original caller"), + Parameter(None, "Origin hrn not specified")) ] returns = Parameter(str, "String represeneation of a ticket object") - def call(self, cred, hrn, rspec, request_hash=None): - self.api.auth.authenticateCred(cred, [cred, hrn, rspec], request_hash) + def call(self, cred, hrn, rspec, origin_hrn=None): + user_cred = Credential(string=cred) + + #log the call + if not origin_hrn: + origin_hrn = user_cred.get_gid_caller().get_hrn() + self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, hrn, self.name)) + + # validate the cred self.api.auth.check(cred, "getticket") - self.api.auth.verify_object_belongs_to_me(hrn) - self.api.auth.verify_object_permission(hrn) - + # set the right outgoing rules manager_base = 'sfa.managers' if self.api.interface in ['aggregate']: @@ -65,19 +71,17 @@ class get_ticket(Method): #incoming_rules.set_slice(hrn) # This is a temporary kludge. Eventually, we'd like to fetch the context requested by the match/target contexts = incoming_rules.contexts caller_hrn = Credential(string=cred).get_gid_caller().get_hrn() - request_context = rspec_manager.fetch_context(hrn, caller_hrn, contexts) + request_context = manager.fetch_context(hrn, caller_hrn, contexts) incoming_rules.set_context(request_context) rspec = incoming_rules.apply(rspec) - # remove nodes that are not available at this interface from the rspec - valid_rspec = RSpec(xml=manager.get_rspec(self.api)) + valid_rspec = RSpec(xml=manager.get_rspec(self.api, None, origin_hrn)) valid_nodes = valid_rspec.getDictsByTagName('NodeSpec') - vaild_hostnames = [node['name'] for node in valid_nodes] + valid_hostnames = [node['name'] for node in valid_nodes] rspec_object = RSpec(xml=rspec) rspec_object.filter(tagname='NodeSpec', attribute='name', whitelist=valid_hostnames) rspec = rspec_object.toxml() - - ticket = manager.get_ticket(self.api, hrn, rspec) + ticket = manager.get_ticket(self.api, hrn, rspec, origin_hrn) return ticket