From: Thierry Parmentelat Date: Wed, 9 May 2012 12:54:59 +0000 (+0200) Subject: determine_user_rights to use slice.reg_researchers and X-Git-Tag: sfa-2.1-6~15 X-Git-Url: http://git.onelab.eu/?a=commitdiff_plain;h=d35a75bfcb731e89600e2dbe94f59d5d2f09adca;hp=f29faa95cf008ff761d6f6c4a709e292c4333f3a;p=sfa.git determine_user_rights to use slice.reg_researchers and authority.reg_pis --- diff --git a/sfa/trust/auth.py b/sfa/trust/auth.py index 31ba051a..2f2afb0b 100644 --- a/sfa/trust/auth.py +++ b/sfa/trust/auth.py @@ -246,11 +246,13 @@ class Auth: rl = Rights() type = reg_record.type + logger.debug("entering determine_user_rights with record %s and caller_hrn %s"%(reg_record, caller_hrn)) if type=='slice': - researchers = reg_record.get('researcher',[]) - pis = reg_record.get('PI',[]) - if (caller_hrn in researchers + pis): + researcher_hrns = [ user.hrn for user in reg_record.reg_researchers ] + # xxx need a means to compute pi_hrns from the registry db + pi_hrns = reg_record.get('PI',[]) + if (caller_hrn in researcher_hrns + pi_hrns): rl.add('refresh') rl.add('embed') rl.add('bind') @@ -258,16 +260,17 @@ class Auth: rl.add('info') elif type == 'authority': - pis = reg_record.get('PI',[]) - operators = reg_record.get('operator',[]) + pi_hrns = [ user.hrn for user in reg_record.reg_pis ] + # xxx need a means to compute operator_hrns from the registry db + operator_hrns = reg_record.get('operator',[]) if (caller_hrn == self.config.SFA_INTERFACE_HRN): rl.add('authority') rl.add('sa') rl.add('ma') - if (caller_hrn in pis): + if (caller_hrn in pi_hrns): rl.add('authority') rl.add('sa') - if (caller_hrn in operators): + if (caller_hrn in operator_hrns): rl.add('authority') rl.add('ma')