4 from sfa.trust.certificate import Keypair
6 from sfa.util.faults import *
7 from sfa.util.method import Method
8 from sfa.util.parameter import Parameter, Mixed
10 from sfa.trust.gid import create_uuid
11 from sfa.trust.auth import Auth
13 class create_gid(Method):
15 Create a new GID. For MAs and SAs that are physically located on the
16 registry, this allows a owner/operator/PI to create a new GID and have it
17 signed by his respective authority.
19 @param cred credential of caller
20 @param name hrn for new GID
21 @param uuid unique identifier for new GID
22 @param pkey_string public-key string (TODO: why is this a string and not a keypair object?)
24 @return the string representation of a GID object
27 interfaces = ['registry']
30 Parameter(str, "Credential string"),
31 Parameter(str, "Human readable name (hrn)"),
32 Mixed(Parameter(str, "Unique identifier for new GID (uuid)"),
33 Parameter(None, "Unique identifier (uuid) not specified")),
34 Parameter(str, "public-key string"),
35 Parameter(str, "Request hash"),
38 returns = Parameter(str, "String represeneation of a GID object")
40 def call(self, cred, hrn, uuid, request_hash, pubkey_str):
41 self.api.auth.authenticateCred(cred, [cred, hrn, uuid], request_hash)
42 self.api.auth.check(cred, "getcredential")
43 self.api.auth.verify_object_belongs_to_me(hrn)
44 self.api.auth.verify_object_permission(hrn)
50 pkey.load_pubkey_from_string(pubkey_str)
51 gid = self.api.auth.hierarchy.create_gid(hrn, uuid, pkey)
53 return gid.save_to_string(save_parents=True)