geni/methods/get_ticket.py

   1 ### $Id$
   2 ### $URL$
   3
   4 from geni.trust.certificate import Keypair
   5 from geni.util.faults import *
   6 from geni.util.method import Method
   7 from geni.util.parameter import Parameter, Mixed
   8 from geni.util.auth import Auth
   9 from geni.util.geniticket import *
  10
  11 class get_ticket(Method):
  12     """
  13     Retrieve a ticket. This operation is currently implemented on PLC
  14     only (see SFA, engineering decisions); it is not implemented on
  15     components.
  16
  17     The ticket is filled in with information from the PLC database. This
  18     information includes resources, and attributes such as user keys and
  19     initscripts.
  20
  21     @param cred credential string
  22     @param name name of the slice to retrieve a ticket for
  23     @param rspec resource specification dictionary
  24
  25     @return the string representation of a ticket object
  26     """
  27
  28     interfaces = ['registry']
  29
  30     accepts = [
  31         Parameter(str, "Credential string"),
  32         Parameter(str, "Human readable name of slice to retrive a ticket for (hrn)"),
  33         Parameter(str, "Resource specification (rspec)")
  34         ]
  35
  36     returns = Parameter(str, "String represeneation of a ticket object")
  37
  38     def call(self, cred, hrn, rspec):
  39         self.api.auth.check(cred, "getticket")
  40         self.api.auth.verify_object_belongs_to_me(hrn)
  41         self.api.auth.verify_object_permission(name)
  42
  43         # XXX much of this code looks like get_credential... are they so similar
  44         # that they should be combined?
  45
  46         auth_hrn = self.api.auth.get_authority(hrn)
  47         if not auth_hrn:
  48             auth_hrn = hrn
  49         auth_info = self.api.auth.get_auth_info(auth_hrn)
  50         record = None
  51         table = self.api.auth.get_auth_table(auth_hrn)
  52         record = table.resolve('slice', hrn)
  53
  54         object_gid = record.get_gid_object()
  55         new_ticket = Ticket(subject = object_gid.get_subject())
  56         new_ticket.set_gid_caller(self.client_gid)
  57         new_ticket.set_gid_object(object_gid)
  58         new_ticket.set_issuer(key=auth_info.get_pkey_object(), subject=auth_hrn)
  59         new_ticket.set_pubkey(object_gid.get_pubkey())
  60
  61         self.api.fill_record_info(record)
  62
  63         (attributes, rspec) = self.api.record_to_slice_info(record)
  64
  65         new_ticket.set_attributes(attributes)
  66         new_ticket.set_rspec(rspec)
  67
  68         new_ticket.set_parent(self.api.auth.hierarchy.get_auth_ticket(auth_hrn))
  69
  70         new_ticket.encode()
  71         new_ticket.sign()
  72
  73         return new_ticket.save_to_string(save_parents=True)
  74