From d35a75bfcb731e89600e2dbe94f59d5d2f09adca Mon Sep 17 00:00:00 2001 From: Thierry Parmentelat Date: Wed, 9 May 2012 14:54:59 +0200 Subject: [PATCH] determine_user_rights to use slice.reg_researchers and authority.reg_pis --- sfa/trust/auth.py | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/sfa/trust/auth.py b/sfa/trust/auth.py index 31ba051a..2f2afb0b 100644 --- a/sfa/trust/auth.py +++ b/sfa/trust/auth.py @@ -246,11 +246,13 @@ class Auth: rl = Rights() type = reg_record.type + logger.debug("entering determine_user_rights with record %s and caller_hrn %s"%(reg_record, caller_hrn)) if type=='slice': - researchers = reg_record.get('researcher',[]) - pis = reg_record.get('PI',[]) - if (caller_hrn in researchers + pis): + researcher_hrns = [ user.hrn for user in reg_record.reg_researchers ] + # xxx need a means to compute pi_hrns from the registry db + pi_hrns = reg_record.get('PI',[]) + if (caller_hrn in researcher_hrns + pi_hrns): rl.add('refresh') rl.add('embed') rl.add('bind') @@ -258,16 +260,17 @@ class Auth: rl.add('info') elif type == 'authority': - pis = reg_record.get('PI',[]) - operators = reg_record.get('operator',[]) + pi_hrns = [ user.hrn for user in reg_record.reg_pis ] + # xxx need a means to compute operator_hrns from the registry db + operator_hrns = reg_record.get('operator',[]) if (caller_hrn == self.config.SFA_INTERFACE_HRN): rl.add('authority') rl.add('sa') rl.add('ma') - if (caller_hrn in pis): + if (caller_hrn in pi_hrns): rl.add('authority') rl.add('sa') - if (caller_hrn in operators): + if (caller_hrn in operator_hrns): rl.add('authority') rl.add('ma') -- 2.47.0