X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=sfa%2Ftrust%2Fcredential.py;h=1290532dcc8fa66b7de8343b664b278b205616e0;hb=dbce495b6f2e7d8dccbfb18c5507907d784c143b;hp=4971cdd0cebd6e49973284d2630432ba01950560;hpb=71691622ac72ca684be69e971f6d58c6a2ccb8ee;p=sfa.git diff --git a/sfa/trust/credential.py b/sfa/trust/credential.py index 4971cdd0..1290532d 100644 --- a/sfa/trust/credential.py +++ b/sfa/trust/credential.py @@ -41,7 +41,7 @@ from sfa.trust.certificate import Keypair from sfa.trust.credential_legacy import CredentialLegacy from sfa.trust.rights import Right, Rights from sfa.trust.gid import GID -from sfa.util.namespace import * +from sfa.util.namespace import urn_to_hrn # Two years, in seconds DEFAULT_CREDENTIAL_LIFETIME = 60 * 60 * 24 * 365 * 2 @@ -215,6 +215,7 @@ class Credential(object): str = string elif filename: str = file(filename).read() + self.filename=filename if str.strip().startswith("-----"): self.legacy = CredentialLegacy(False,string=str) @@ -451,6 +452,7 @@ class Credential(object): f = open(filename, "w") f.write(self.xml) f.close() + self.filename=filename def save_to_string(self, save_parents=True): if not self.xml: @@ -660,7 +662,7 @@ class Credential(object): trusted_cert_objects.append(GID(filename=f)) ok_trusted_certs.append(f) except Exception, exc: - sfa_logger.error("Failed to load trusted cert from %s: %r", f, exc) + sfa_logger().error("Failed to load trusted cert from %s: %r", f, exc) trusted_certs = ok_trusted_certs # Use legacy verification if this is a legacy credential @@ -743,7 +745,7 @@ class Credential(object): # Maybe should be (hrn, type) = urn_to_hrn(root_cred_signer.get_urn()) root_cred_signer_type = root_cred_signer.get_type() if (root_cred_signer_type == 'authority'): - #sfa_logger.debug('Cred signer is an authority') + #sfa_logger().debug('Cred signer is an authority') # signer is an authority, see if target is in authority's domain hrn = root_cred_signer.get_hrn() if root_target_gid.get_hrn().startswith(hrn): @@ -823,28 +825,33 @@ class Credential(object): dcred.sign() return dcred - ## - # Dump the contents of a credential to stdout in human-readable format - # - # @param dump_parents If true, also dump the parent certificates - def dump(self, dump_parents=False): - print "CREDENTIAL", self.get_subject() + # only informative + def get_filename(self): + return getattr(self,'filename',None) - print " privs:", self.get_privileges().save_to_string() - - print " gidCaller:" + # @param dump_parents If true, also dump the parent certificates + def dump (self, *args, **kwargs): + print self.dump_string(*args, **kwargs) + + def dump_string(self, dump_parents=False): + result="" + result += "CREDENTIAL %s\n" % self.get_subject() + filename=self.get_filename() + if filename: result += "Filename %s\n"%filename + result += " privs: %s\n" % self.get_privileges().save_to_string() gidCaller = self.get_gid_caller() if gidCaller: - gidCaller.dump(8, dump_parents) + result += " gidCaller:\n" + result += gidCaller.dump_string(8, dump_parents) - print " gidObject:" gidObject = self.get_gid_object() if gidObject: - gidObject.dump(8, dump_parents) - + result += " gidObject:\n" + result += gidObject.dump_string(8, dump_parents) if self.parent and dump_parents: - print "PARENT", - self.parent.dump_parents() + result += "PARENT" + result += self.parent.dump_string(dump_parents) + return result