git://git.onelab.eu
/
sfa.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
1c8efd5
)
added gidOriginCaller to keep track of the original caller (useful for logging)
author
Tony Mack
<tmack@cs.princeton.edu>
Wed, 30 Dec 2009 23:31:33 +0000
(23:31 +0000)
committer
Tony Mack
<tmack@cs.princeton.edu>
Wed, 30 Dec 2009 23:31:33 +0000
(23:31 +0000)
sfa/trust/credential.py
patch
|
blob
|
history
diff --git
a/sfa/trust/credential.py
b/sfa/trust/credential.py
index
90266be
..
fbf2eca
100644
(file)
--- a/
sfa/trust/credential.py
+++ b/
sfa/trust/credential.py
@@
-24,6
+24,7
@@
from sfa.util.faults import *
# to perform this encoding.
class Credential(Certificate):
# to perform this encoding.
class Credential(Certificate):
+ gidOriginCaller = None
gidCaller = None
gidObject = None
lifeTime = None
gidCaller = None
gidObject = None
lifeTime = None
@@
-41,6
+42,20
@@
class Credential(Certificate):
def __init__(self, create=False, subject=None, string=None, filename=None):
Certificate.__init__(self, create, subject, string, filename)
def __init__(self, create=False, subject=None, string=None, filename=None):
Certificate.__init__(self, create, subject, string, filename)
+ ## set the GID of the original caller
+ #
+ # @param gid GID object of the original caller
+ def set_gid_origin_caller(self, gid):
+ self.gidOriginCaller = gid
+
+ ##
+ # get the GID of the object
+
+ def get_gid_origin_caller(self):
+ if not self.gidOriginCaller:
+ self.decode()
+ return self.gidOriginCaller
+
##
# set the GID of the caller
#
##
# set the GID of the caller
#
@@
-48,6
+63,8
@@
class Credential(Certificate):
def set_gid_caller(self, gid):
self.gidCaller = gid
def set_gid_caller(self, gid):
self.gidCaller = gid
+ # gid origin caller is the caller's gid by default
+ self.gidOriginCaller = gid
##
# get the GID of the object
##
# get the GID of the object
@@
-142,11
+159,14
@@
class Credential(Certificate):
# done immediately before signing the credential.
def encode(self):
# done immediately before signing the credential.
def encode(self):
- dict = {"gidCaller": None,
+ dict = {"gidOriginCaller": None,
+ "gidCaller": None,
"gidObject": None,
"lifeTime": self.lifeTime,
"privileges": None,
"delegate": self.delegate}
"gidObject": None,
"lifeTime": self.lifeTime,
"privileges": None,
"delegate": self.delegate}
+ if self.gidOriginCaller:
+ dict["gidOriginCaller"] = self.gidOriginCaller.save_to_string(save_parents=True)
if self.gidCaller:
dict["gidCaller"] = self.gidCaller.save_to_string(save_parents=True)
if self.gidObject:
if self.gidCaller:
dict["gidCaller"] = self.gidCaller.save_to_string(save_parents=True)
if self.gidObject:
@@
-177,6
+197,12
@@
class Credential(Certificate):
else:
self.privileges = None
else:
self.privileges = None
+ gidOriginCallerStr = dict.get("gidOriginCaller", None)
+ if gidOriginCallerStr:
+ self.gidOriginCaller = GID(string=gidOriginCallerStr)
+ else:
+ self.gidOriginCaller = None
+
gidCallerStr = dict.get("gidCaller", None)
if gidCallerStr:
self.gidCaller = GID(string=gidCallerStr)
gidCallerStr = dict.get("gidCaller", None)
if gidCallerStr:
self.gidCaller = GID(string=gidCallerStr)
@@
-225,6
+251,11
@@
class Credential(Certificate):
print " privs:", self.get_privileges().save_to_string()
print " privs:", self.get_privileges().save_to_string()
+ print " gidOriginCaller:"
+ gidOriginCaller = self.get_gid_origin_caller()
+ if gidOriginCaller:
+ gidOriginCaller.dump(8, dump_parents)
+
print " gidCaller:"
gidCaller = self.get_gid_caller()
if gidCaller:
print " gidCaller:"
gidCaller = self.get_gid_caller()
if gidCaller: