From 94b83a51072033cd1391fc2b120d87c3374d8042 Mon Sep 17 00:00:00 2001
From: Tony Mack <tmack@cs.princeton.edu>
Date: Fri, 6 Aug 2010 20:58:41 +0000
Subject: [PATCH] Replaced get_credential with GetCredential and
 get_self_credential with GetSelfCredential

---
 sfa/methods/GetCredential.py       | 33 +++++++++++++------------
 sfa/methods/GetSelfCredential.py   | 22 ++++++-----------
 sfa/methods/get_credential.py      | 26 ++++----------------
 sfa/methods/get_self_credential.py | 39 +++++-------------------------
 4 files changed, 36 insertions(+), 84 deletions(-)

diff --git a/sfa/methods/GetCredential.py b/sfa/methods/GetCredential.py
index d047a068..a604ea0d 100644
--- a/sfa/methods/GetCredential.py
+++ b/sfa/methods/GetCredential.py
@@ -10,14 +10,14 @@ from sfa.util.parameter import Parameter, Mixed
 from sfa.util.debug import log
 from sfa.trust.credential import Credential
 
-class get_credential(Method):
+class GetCredential(Method):
     """
     Retrive a credential for an object
     If cred == Nonee then the behavior reverts to get_self_credential
 
-    @param cred credential object specifying rights of the caller
-    @param type type of object (user | slice | sa | ma | node)
     @param hrn human readable name of object (hrn or urn)
+    @param cred credential object specifying rights of the caller
+    @param type type of object (user | slice | node | authority )
 
     @return the string representation of a credential object  
     """
@@ -25,29 +25,30 @@ class get_credential(Method):
     interfaces = ['registry']
     
     accepts = [
-        Mixed(Parameter(str, "credential"),
-              Parameter(None, "No credential")),  
-        Parameter(str, "Human readable name (hrn or urn)")
+        Mixed(Parameter(str, "Credential string"),
+              Parameter(type([str]), "List of credentials")), 
+        Parameter(str, "Human readable name (hrn or urn)"),
+        Parameter(str, "Object type")
         ]
 
     returns = Parameter(str, "String representation of a credential object")
 
-    def call(self, cred, type, xrn, origin_hrn=None):
+    def call(self, creds, xrn, type):
+    
         if type:
             hrn = urn_to_hrn(xrn)[0]
         else:
             hrn, type = urn_to_hrn(xrn)
 
+        # check creds
+        valid_creds = self.api.auth.checkCredentials(creds, 'getcredential', hrn)
+        self.api.auth.verify_object_belongs_to_me(hrn)
+
         #log the call
-        if not origin_hrn:
-            origin_hrn = Credential(string=cred).get_gid_caller().get_hrn()
+        origin_hrn = Credential(string=valid_creds[0]).get_gid_caller().get_hrn()
         self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, hrn, self.name))	
-        self.api.auth.check(cred, 'getcredential')
-        self.api.auth.verify_object_belongs_to_me(hrn)
 
-        # send the call to the right manager
-        manager_base = 'sfa.managers'
-        mgr_type = self.api.config.SFA_REGISTRY_TYPE
-        manager_module = manager_base + ".registry_manager_%s" % mgr_type
-        manager = __import__(manager_module, fromlist=[manager_base])
+        manager = self.api.get_interface_manager()
+        
         return manager.get_credential(self.api, xrn, type)
+
diff --git a/sfa/methods/GetSelfCredential.py b/sfa/methods/GetSelfCredential.py
index e0ac5692..fcee97cc 100644
--- a/sfa/methods/GetSelfCredential.py
+++ b/sfa/methods/GetSelfCredential.py
@@ -9,8 +9,9 @@ from sfa.util.method import Method
 from sfa.util.parameter import Parameter, Mixed
 from sfa.util.record import SfaRecord
 from sfa.util.debug import log
+from sfa.trust.certificate import Certificate
 
-class get_self_credential(Method):
+class GetSelfCredential(Method):
     """
     Retrive a credential for an object
     @param cert certificate string 
@@ -25,13 +26,12 @@ class get_self_credential(Method):
     accepts = [
         Parameter(str, "certificate"),
         Parameter(str, "Human readable name (hrn or urn)"),
-        Mixed(Parameter(str, "Request hash"),
-              Parameter(None, "Request hash not specified"))
+        Parameter(str, "Object type"),
         ]
 
     returns = Parameter(str, "String representation of a credential object")
 
-    def call(self, cert, type, xrn, origin_hrn=None):
+    def call(self, cert, xrn, type):
         """
         get_self_credential a degenerate version of get_credential used by a client
         to get his initial credential when de doesnt have one. This is the same as
@@ -53,17 +53,11 @@ class get_self_credential(Method):
             hrn, type = urn_to_hrn(xrn) 
         self.api.auth.verify_object_belongs_to_me(hrn)
 
-	#log the call
-        if not origin_hrn:
-            origin_hrn = hrn
-	self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, hrn, self.name))
+        origin_hrn = Certificate(string=cert).get_subject()
+        self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, hrn, self.name))
         
-        # send the call to the right manager
-        manager_base = 'sfa.managers'
-        mgr_type = self.api.config.SFA_REGISTRY_TYPE
-        manager_module = manager_base + ".registry_manager_%s" % mgr_type
-        manager = __import__(manager_module, fromlist=[manager_base])
-
+        manager = self.api.get_interface_manager()
+ 
         # authenticate the gid
         records = manager.resolve(self.api, xrn, type)
         if not records:
diff --git a/sfa/methods/get_credential.py b/sfa/methods/get_credential.py
index c624b1b6..51f4410b 100644
--- a/sfa/methods/get_credential.py
+++ b/sfa/methods/get_credential.py
@@ -7,11 +7,12 @@ from sfa.util.faults import *
 from sfa.util.namespace import *
 from sfa.util.method import Method
 from sfa.util.parameter import Parameter, Mixed
-from sfa.util.debug import log
-from sfa.trust.credential import Credential
+from sfa.methods.GetCredential import GetCredential
 
-class get_credential(Method):
+class get_credential(GetCredential):
     """
+    Deprecated. Use GetCredential instead.
+
     Retrive a credential for an object
     If cred == Nonee then the behavior reverts to get_self_credential
 
@@ -33,21 +34,4 @@ class get_credential(Method):
     returns = Parameter(str, "String representation of a credential object")
 
     def call(self, cred, type, xrn, origin_hrn=None):
-        if type:
-            hrn = urn_to_hrn(xrn)[0]
-        else:
-            hrn, type = urn_to_hrn(xrn)
-
-        #log the call
-        if not origin_hrn:
-            origin_hrn = Credential(string=cred).get_gid_caller().get_hrn()
-        self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, hrn, self.name))	
-        self.api.auth.check(cred, 'getcredential')
-        self.api.auth.verify_object_belongs_to_me(hrn)
-
-        # send the call to the right manager
-        manager_base = 'sfa.managers'
-        mgr_type = self.api.config.SFA_REGISTRY_TYPE
-        manager_module = manager_base + ".registry_manager_%s" % mgr_type
-        manager = __import__(manager_module, fromlist=[manager_base])
-        return manager.get_credential(self.api, xrn, type)
+        return GetCredential.call(self, cred, xrn, type)
diff --git a/sfa/methods/get_self_credential.py b/sfa/methods/get_self_credential.py
index e0ac5692..3bdaecc7 100644
--- a/sfa/methods/get_self_credential.py
+++ b/sfa/methods/get_self_credential.py
@@ -9,9 +9,12 @@ from sfa.util.method import Method
 from sfa.util.parameter import Parameter, Mixed
 from sfa.util.record import SfaRecord
 from sfa.util.debug import log
+from sfa.methods.GetSelfCredential import GetSelfCredential
 
-class get_self_credential(Method):
+class get_self_credential(GetSelfCredential):
     """
+    Deprecated. Use GetSelfCredential instead.
+
     Retrive a credential for an object
     @param cert certificate string 
     @param type type of object (user | slice | sa | ma | node)
@@ -23,8 +26,8 @@ class get_self_credential(Method):
     interfaces = ['registry']
     
     accepts = [
-        Parameter(str, "certificate"),
         Parameter(str, "Human readable name (hrn or urn)"),
+        Parameter(str, "certificate"),
         Mixed(Parameter(str, "Request hash"),
               Parameter(None, "Request hash not specified"))
         ]
@@ -47,34 +50,4 @@ class get_self_credential(Method):
         @param hrn human readable name of authority to list
         @return string representation of a credential object
         """
-        if type:
-            hrn = urn_to_hrn(xrn)[0]
-        else:
-            hrn, type = urn_to_hrn(xrn) 
-        self.api.auth.verify_object_belongs_to_me(hrn)
-
-	#log the call
-        if not origin_hrn:
-            origin_hrn = hrn
-	self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, hrn, self.name))
-        
-        # send the call to the right manager
-        manager_base = 'sfa.managers'
-        mgr_type = self.api.config.SFA_REGISTRY_TYPE
-        manager_module = manager_base + ".registry_manager_%s" % mgr_type
-        manager = __import__(manager_module, fromlist=[manager_base])
-
-        # authenticate the gid
-        records = manager.resolve(self.api, xrn, type)
-        if not records:
-            raise RecordNotFound(hrn)
-        record = SfaRecord(dict=records[0])
-        gid = record.get_gid_object()
-        gid_str = gid.save_to_string(save_parents=True)
-        self.api.auth.authenticateGid(gid_str, [cert, type, hrn])
-        # authenticate the certificate against the gid in the db
-        certificate = Certificate(string=cert)
-        if not certificate.is_pubkey(gid.get_pubkey()):
-            raise ConnectionKeyGIDMismatch(gid.get_subject())
-        
-        return manager.get_credential(self.api, xrn, type, is_self=True)
+        return GetSelfCredential.call(self, cert, xrn, type)
-- 
2.47.0