sfa/methods/get_ticket.py

   1 ### $Id$
   2 ### $URL$
   3
   4 from sfa.util.faults import *
   5 from sfa.util.method import Method
   6 from sfa.util.parameter import Parameter, Mixed
   7 from sfa.util.auth import Auth
   8 from sfa.util.geniticket import *
   9
  10 class get_ticket(Method):
  11     """
  12     Retrieve a ticket. This operation is currently implemented on PLC
  13     only (see SFA, engineering decisions); it is not implemented on
  14     components.
  15
  16     The ticket is filled in with information from the PLC database. This
  17     information includes resources, and attributes such as user keys and
  18     initscripts.
  19
  20     @param cred credential string
  21     @param name name of the slice to retrieve a ticket for
  22     @param rspec resource specification dictionary
  23
  24     @return the string representation of a ticket object
  25     """
  26
  27     interfaces = ['registry']
  28
  29     accepts = [
  30         Parameter(str, "Credential string"),
  31         Parameter(str, "Human readable name of slice to retrive a ticket for (hrn)"),
  32         Parameter(str, "Resource specification (rspec)")
  33         ]
  34
  35     returns = Parameter(str, "String represeneation of a ticket object")
  36
  37     def call(self, cred, hrn, rspec):
  38         self.api.auth.check(cred, "getticket")
  39         self.api.auth.verify_object_belongs_to_me(hrn)
  40         self.api.auth.verify_object_permission(name)
  41
  42         # XXX much of this code looks like get_credential... are they so similar
  43         # that they should be combined?
  44
  45         auth_hrn = self.api.auth.get_authority(hrn)
  46         if not auth_hrn:
  47             auth_hrn = hrn
  48         auth_info = self.api.auth.get_auth_info(auth_hrn)
  49         record = None
  50         table = self.api.auth.get_auth_table(auth_hrn)
  51         record = table.resolve('slice', hrn)
  52
  53         object_gid = record.get_gid_object()
  54         new_ticket = Ticket(subject = object_gid.get_subject())
  55         new_ticket.set_gid_caller(self.client_gid)
  56         new_ticket.set_gid_object(object_gid)
  57         new_ticket.set_issuer(key=auth_info.get_pkey_object(), subject=auth_hrn)
  58         new_ticket.set_pubkey(object_gid.get_pubkey())
  59
  60         self.api.fill_record_info(record)
  61
  62         (attributes, rspec) = self.api.record_to_slice_info(record)
  63
  64         new_ticket.set_attributes(attributes)
  65         new_ticket.set_rspec(rspec)
  66
  67         new_ticket.set_parent(self.api.auth.hierarchy.get_auth_ticket(auth_hrn))
  68
  69         new_ticket.encode()
  70         new_ticket.sign()
  71
  72         return new_ticket.save_to_string(save_parents=True)
  73