X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=sfa%2Fmethods%2Fget_ticket.py;h=f74b6d43c3837f81bdcfe06faeeca67774e53a92;hb=2aef9724f35f7010b640dad5951d6d8b5ffedf24;hp=fa7f6b690d0334dfa2171854f5d4d5717fb3c3fe;hpb=f13173726f8382eef380f1e754f24dd2b126a77b;p=sfa.git

diff --git a/sfa/methods/get_ticket.py b/sfa/methods/get_ticket.py
index fa7f6b69..f74b6d43 100644
--- a/sfa/methods/get_ticket.py
+++ b/sfa/methods/get_ticket.py
@@ -1,11 +1,16 @@
 ### $Id$
 ### $URL$
-
+import time
 from sfa.util.faults import *
 from sfa.util.method import Method
 from sfa.util.parameter import Parameter, Mixed
-from sfa.util.auth import Auth
-from sfa.util.geniticket import *
+from sfa.trust.auth import Auth
+from sfa.util.config import Config
+from sfa.trust.credential import Credential
+from sfa.util.genitable import GeniTable
+from sfa.util.sfaticket import SfaTicket
+from sfa.plc.slices import Slices
+from sfatables.runtime import SFATablesRules
 
 class get_ticket(Method):
     """
@@ -24,50 +29,51 @@ class get_ticket(Method):
     @return the string representation of a ticket object
     """
 
-    interfaces = ['registry']
+    interfaces = ['aggregate', 'slicemgr']
     
     accepts = [
         Parameter(str, "Credential string"),
         Parameter(str, "Human readable name of slice to retrive a ticket for (hrn)"),
-        Parameter(str, "Resource specification (rspec)")
+        Parameter(str, "Resource specification (rspec)"),
+        Mixed(Parameter(str, "Request hash"),
+              Parameter(None, "Request hash not specified"))
         ]
 
     returns = Parameter(str, "String represeneation of a ticket object")
     
-    def call(self, cred, hrn, rspec):
+    def call(self, cred, hrn, rspec, request_hash=None):
+        self.api.auth.authenticateCred(cred, [cred, hrn, rspec], request_hash)
         self.api.auth.check(cred, "getticket")
         self.api.auth.verify_object_belongs_to_me(hrn)
-        self.api.auth.verify_object_permission(name)
-
-        # XXX much of this code looks like get_credential... are they so similar
-        # that they should be combined?
-
-        auth_hrn = self.api.auth.get_authority(hrn)
-        if not auth_hrn:
-            auth_hrn = hrn
-        auth_info = self.api.auth.get_auth_info(auth_hrn)
-        record = None
-        table = self.api.auth.get_auth_table(auth_hrn)
-        record = table.resolve('slice', hrn)
-
-        object_gid = record.get_gid_object()
-        new_ticket = Ticket(subject = object_gid.get_subject())
-        new_ticket.set_gid_caller(self.client_gid)
-        new_ticket.set_gid_object(object_gid)
-        new_ticket.set_issuer(key=auth_info.get_pkey_object(), subject=auth_hrn)
-        new_ticket.set_pubkey(object_gid.get_pubkey())
-
-        self.api.fill_record_info(record)
+        self.api.auth.verify_object_permission(hrn)
+   
+        # set the right outgoing rules
+        if self.api.interface in ['aggregate']:
+            outgoing_rules = SFATablesRules('OUTGOING')
+        elif self.api.interface in ['slicemgr']:
+            outgoing_rules = SFATablesRules('FORWARD-OUTGOING')
 
-        (attributes, rspec) = self.api.record_to_slice_info(record)
-
-        new_ticket.set_attributes(attributes)
-        new_ticket.set_rspec(rspec)
-
-        new_ticket.set_parent(self.api.auth.hierarchy.get_auth_ticket(auth_hrn))
-
-        new_ticket.encode()
-        new_ticket.sign()
-
-        return new_ticket.save_to_string(save_parents=True)
+        # Filter the incoming rspec using sfatables
+        incoming_rules = SFATablesRules('INCOMING')
+        #incoming_rules.set_slice(hrn) # This is a temporary kludge. Eventually, we'd like to fetch the context requested by the match/target
+        contexts = incoming_rules.contexts
+        caller_hrn = Credential(string=cred).get_gid_caller().get_hrn()
+        request_context = rspec_manager.fetch_context(hrn, caller_hrn, contexts)
+        incoming_rules.set_context(request_context)
+        rspec = incoming_rules.apply(rspec)
+ 
+        # send the call to the right manager
+        manager_base = 'sfa.managers'
+        if self.api.interface in ['aggregate']:
+            mgr_type = self.api.config.SFA_AGGREGATE_TYPE
+            manager_module = manager_base + ".aggregate_manager_%s" % mgr_type
+            manager = __import__(manager_module, fromlist=[manager_base])
+            ticket = manager.get_ticket(self.api, hrn, rspec)
+        elif self.api.interface in ['slicemgr']:
+            mgr_type = self.api.config.SFA_SM_TYPE
+            manager_module = manager_base + ".slice_manager_%s" % mgr_type
+            manager = __import__(manager_module, fromlist=[manager_base])
+            ticket = manager.get_rspec(self.api, hrn, rspec)
+        
+        return ticket