From: Thierry Parmentelat Date: Thu, 3 Nov 2011 14:59:18 +0000 (+0100) Subject: merged master onto senslab2, manually solved conflicts in setup.py X-Git-Tag: sfa-2.1-24~3^2~312^2~11 X-Git-Url: http://git.onelab.eu/?a=commitdiff_plain;h=70f4308757e799aeb96545f5e0a22c96dc8633c2;hp=-c;p=sfa.git merged master onto senslab2, manually solved conflicts in setup.py (under control) and rspec.py (now in sfa/rspecs), the latter being the mainstream version as is --- 70f4308757e799aeb96545f5e0a22c96dc8633c2 diff --combined setup.py index 921139c1,c28e38da..d6fd9e16 --- a/setup.py +++ b/setup.py @@@ -15,7 -15,7 +15,7 @@@ bins = 'sfa/plc/sfa-import-plc.py', 'sfa/plc/sfa-nuke-plc.py', 'sfa/server/sfa-ca.py', - 'sfa/server/sfa-server.py', + 'sfa/server/sfa-start.py', 'sfa/server/sfa-clean-peer-records.py', 'sfa/server/sfa_component_setup.py', 'sfa/client/sfi.py', @@@ -36,17 -36,18 +36,19 @@@ package_dirs = [ 'sfa', - 'sfa/client', - 'sfa/methods', - 'sfa/plc', - 'sfa/senslab', - 'sfa/server', 'sfa/trust', 'sfa/util', + 'sfa/client', + 'sfa/server', + 'sfa/methods', + 'sfa/generic', 'sfa/managers', 'sfa/managers/vini', + 'sfa/plc', ++ 'sfa/senslab', 'sfa/rspecs', 'sfa/rspecs/elements', + 'sfa/rspecs/elements/versions', 'sfa/rspecs/versions', 'sfatables', 'sfatables/commands', @@@ -59,6 -60,7 +61,7 @@@ data_files = [('/etc/sfa/', [ 'config/a 'config/registries.xml', 'config/default_config.xml', 'config/sfi_config', + 'config/topology', 'sfa/managers/pl/pl.rng', 'sfa/trust/credential.xsd', 'sfa/trust/top.xsd', diff --combined sfa/trust/auth.py index de0af99a,f6269b31..43af7403 --- a/sfa/trust/auth.py +++ b/sfa/trust/auth.py @@@ -3,16 -3,20 +3,20 @@@ # import sys + from sfa.util.faults import InsufficientRights, MissingCallerGID, MissingTrustedRoots, PermissionError, \ + BadRequestHash, ConnectionKeyGIDMismatch, SfaPermissionDenied + from sfa.util.sfalogging import logger + from sfa.util.config import Config + from sfa.util.xrn import get_authority + + from sfa.trust.gid import GID + from sfa.trust.rights import Rights from sfa.trust.certificate import Keypair, Certificate from sfa.trust.credential import Credential from sfa.trust.trustedroots import TrustedRoots - from sfa.util.faults import * from sfa.trust.hierarchy import Hierarchy - from sfa.util.config import * - from sfa.util.xrn import get_authority - from sfa.util.sfaticket import * + from sfa.trust.sfaticket import SfaTicket - from sfa.util.sfalogging import logger class Auth: """ @@@ -145,7 -149,8 +149,8 @@@ def authenticateCert(self, certStr, requestHash): cert = Certificate(string=certStr) - self.validateCert(self, cert) + # xxx should be validateCred ?? + self.validateCred(cert) def gidNoop(self, gidStr, value, requestHash): self.authenticateGid(gidStr, [gidStr, value], requestHash) @@@ -220,15 -225,13 +225,15 @@@ @param name human readable name to test """ object_hrn = self.object_gid.get_hrn() - if object_hrn == name: + strname = str(name).strip("['']") + + if object_hrn == strname: return - if name.startswith(object_hrn + "."): + if strname.startswith((object_hrn + ".")) is True: return #if name.startswith(get_authority(name)): #return - + print>>sys.stderr, " \r\n \t AUTH.PY verify_object_permission GROSECHECDELENFER " raise PermissionError(name) def determine_user_rights(self, caller_hrn, record): @@@ -313,7 -316,7 +318,7 @@@ if not isinstance(creds, list): creds = [creds] creds = [] - if not isinistance(caller_hrn_list, list): + if not isinstance(caller_hrn_list, list): caller_hrn_list = [caller_hrn_list] for cred in creds: try: