X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=sfa%2Ftrust%2Fgid.py;h=b7fad178e424d386ab6a633d6892c89f2a302bdc;hb=fad16c7d54b658b37a9b42fbee47b0d4f51cb8ec;hp=3b1f96c25240e5fccba86712e6728c92a0bf92f6;hpb=1785f865295b24d33e54ca63206a7a634e0546f0;p=sfa.git diff --git a/sfa/trust/gid.py b/sfa/trust/gid.py index 3b1f96c2..b7fad178 100644 --- a/sfa/trust/gid.py +++ b/sfa/trust/gid.py @@ -25,6 +25,8 @@ # descendant of the certificate class. ## +from __future__ import print_function + import xmlrpclib import uuid @@ -76,12 +78,14 @@ class GID(Certificate): # @param lifeDays life of GID in days - default is 1825==5 years # @param email Email address to put in subjectAltName - default is None - def __init__(self, create=False, subject=None, string=None, filename=None, uuid=None, hrn=None, urn=None, lifeDays=1825, email=None): + def __init__(self, create=False, subject=None, string=None, filename=None, + uuid=None, hrn=None, urn=None, lifeDays=1825, email=None): self.uuid = None self.hrn = None self.urn = None self.email = None # for adding to the SubjectAltName Certificate.__init__(self, lifeDays, create, subject, string, filename) + if subject: logger.debug("Creating GID for subject: %s" % subject) if uuid: @@ -92,7 +96,9 @@ class GID(Certificate): if urn: self.urn = urn self.hrn, type = urn_to_hrn(urn) + if email: + logger.debug("Creating GID for subject using email: %s" % email) self.set_email(email) def set_uuid(self, uuid): @@ -197,7 +203,7 @@ class GID(Certificate): # @param dump_parents If true, also dump the parents of the GID def dump(self, *args, **kwargs): - print self.dump_string(*args,**kwargs) + print(self.dump_string(*args,**kwargs)) def dump_string(self, indent=0, dump_parents=False): result=" "*(indent-2) + "GID\n" @@ -231,12 +237,16 @@ class GID(Certificate): if self.parent: # make sure the parent's hrn is a prefix of the child's hrn if not hrn_authfor_hrn(self.parent.get_hrn(), self.get_hrn()): - raise GidParentHrn("This cert HRN %s isn't in the namespace for parent HRN %s" % (self.get_hrn(), self.parent.get_hrn())) + raise GidParentHrn( + "This cert HRN {} isn't in the namespace for parent HRN {}" + .format(self.get_hrn(), self.parent.get_hrn())) # Parent must also be an authority (of some type) to sign a GID # There are multiple types of authority - accept them all here if not self.parent.get_type().find('authority') == 0: - raise GidInvalidParentHrn("This cert %s's parent %s is not an authority (is a %s)" % (self.get_hrn(), self.parent.get_hrn(), self.parent.get_type())) + raise GidInvalidParentHrn( + "This cert {}'s parent {} is not an authority (is a %{})" + .format(self.get_hrn(), self.parent.get_hrn(), self.parent.get_type())) # Then recurse up the chain - ensure the parent is a trusted # root or is in the namespace of a trusted root @@ -250,10 +260,12 @@ class GID(Certificate): # trusted_hrn = trusted_hrn[:trusted_hrn.rindex('.')] cur_hrn = self.get_hrn() if not hrn_authfor_hrn(trusted_hrn, cur_hrn): - raise GidParentHrn("Trusted root with HRN %s isn't a namespace authority for this cert: %s" % (trusted_hrn, cur_hrn)) + raise GidParentHrn( + "Trusted root with HRN {} isn't a namespace authority for this cert: {}" + .format(trusted_hrn, cur_hrn)) # There are multiple types of authority - accept them all here if not trusted_type.find('authority') == 0: - raise GidInvalidParentHrn("This cert %s's trusted root signer %s is not an authority (is a %s)" % (self.get_hrn(), trusted_hrn, trusted_type)) - - return + raise GidInvalidParentHrn( + "This cert {}'s trusted root signer {} is not an authority (is a {})" + .format(self.get_hrn(), trusted_hrn, trusted_type))