X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=sfa%2Ftrust%2Fhierarchy.py;h=ce74c9f59f0250562781ddecca88f2cc0f01d8dc;hb=3d7237fa0b5f2b4a60cb97c7fb3b6aecfd94558a;hp=f3a5a0859ab1b44688be2a01f026bf83a229d102;hpb=a2e21bef1545bbb68c86ec1a84a611bde7f17a45;p=sfa.git diff --git a/sfa/trust/hierarchy.py b/sfa/trust/hierarchy.py index f3a5a085..ce74c9f5 100644 --- a/sfa/trust/hierarchy.py +++ b/sfa/trust/hierarchy.py @@ -1,6 +1,6 @@ ## # This module implements a hierarchy of authorities and performs a similar -# function as the "tree" module of the original geniwrapper prototype. An HRN +# function as the "tree" module of the original SFA prototype. An HRN # is assumed to be a string of authorities separated by dots. For example, # "planetlab.us.arizona.bakers". Each component of the HRN is a different # authority, with the last component being a leaf in the tree. @@ -16,21 +16,20 @@ ### $URL$ import os -import report +from sfa.util.report import * from sfa.trust.certificate import Keypair from sfa.trust.credential import * -from sfa.trust.gid import * - -from sfa.util.misc import * -from sfa.util.config import * -from sfa.util.geniticket import * +from sfa.trust.gid import GID, create_uuid +from sfa.util.namespace import * +from sfa.util.config import Config +from sfa.util.sfaticket import SfaTicket ## # The AuthInfo class contains the information for an authority. This information # includes the GID, private key, and database connection information. -class AuthInfo(): +class AuthInfo: hrn = None gid_object = None gid_filename = None @@ -102,7 +101,7 @@ class AuthInfo(): # contains the GID, pkey, and dbinfo files for that authority (as well as # subdirectories for each sub-authority) -class Hierarchy(): +class Hierarchy: ## # Create the hierarchy object. # @@ -110,8 +109,8 @@ class Hierarchy(): def __init__(self, basedir = None): if not basedir: - config = Config() - basedir = config.config_path + os.sep + "authorities" + self.config = Config() + basedir = os.path.join(self.config.SFA_DATA_DIR, "authorities") self.basedir = basedir ## # Given a hrn, return the filenames of the GID, private key, and dbinfo @@ -152,7 +151,7 @@ class Hierarchy(): # @param create_parents if true, also create the parents if they do not exist def create_auth(self, hrn, create_parents=False): - report.trace("Hierarchy: creating authority: " + hrn) + trace("Hierarchy: creating authority: " + hrn) # create the parent authority if necessary parent_hrn = get_authority(hrn) @@ -182,7 +181,7 @@ class Hierarchy(): # XXX TODO: think up a better way for the dbinfo to work - dbinfo = get_default_dbinfo() + dbinfo = Config().get_plc_dbinfo() dbinfo_file = file(dbinfo_filename, "w") dbinfo_file.write(str(dbinfo)) dbinfo_file.close() @@ -195,7 +194,7 @@ class Hierarchy(): # @param hrn the human readable name of the authority to create. def get_auth_info(self, hrn): - #report.trace("Hierarchy: getting authority: " + hrn) + #trace("Hierarchy: getting authority: " + hrn) if not self.auth_exists(hrn): raise MissingAuthority(hrn) @@ -226,7 +225,7 @@ class Hierarchy(): gid = GID(subject=hrn, uuid=uuid, hrn=hrn) parent_hrn = get_authority(hrn) - if not parent_hrn: + if not parent_hrn or hrn == self.config.SFA_INTERFACE_HRN: # if there is no parent hrn, then it must be self-signed. this # is where we terminate the recursion gid.set_issuer(pkey, hrn) @@ -289,7 +288,7 @@ class Hierarchy(): cred.set_pubkey(auth_info.get_gid_object().get_pubkey()) parent_hrn = get_authority(hrn) - if not parent_hrn: + if not parent_hrn or hrn == self.config.SFA_INTERFACE_HRN: # if there is no parent hrn, then it must be self-signed. this # is where we terminate the recursion cred.set_issuer(auth_info.get_pkey_object(), hrn) @@ -318,7 +317,7 @@ class Hierarchy(): auth_info = self.get_auth_info(hrn) gid = auth_info.get_gid_object() - ticket = Ticket(subject=hrn) + ticket = SfaTicket(subject=hrn) ticket.set_gid_caller(gid) ticket.set_gid_object(gid) ticket.set_delegate(True)