sfa/methods/get_ticket.py

   1 ### $Id$
   2 ### $URL$
   3
   4 from sfa.util.faults import *
   5 from sfa.util.method import Method
   6 from sfa.util.parameter import Parameter, Mixed
   7 from sfa.trust.auth import Auth
   8 from sfa.util.genitable import GeniTable
   9 from sfa.util.sfaticket import SfaTicket
  10 from sfa.util.slices import
  11
  12 class get_ticket(Method):
  13     """
  14     Retrieve a ticket. This operation is currently implemented on PLC
  15     only (see SFA, engineering decisions); it is not implemented on
  16     components.
  17
  18     The ticket is filled in with information from the PLC database. This
  19     information includes resources, and attributes such as user keys and
  20     initscripts.
  21
  22     @param cred credential string
  23     @param name name of the slice to retrieve a ticket for
  24     @param rspec resource specification dictionary
  25
  26     @return the string representation of a ticket object
  27     """
  28
  29     interfaces = ['registry']
  30
  31     accepts = [
  32         Parameter(str, "Credential string"),
  33         Parameter(str, "Human readable name of slice to retrive a ticket for (hrn)"),
  34         Parameter(str, "Resource specification (rspec)"),
  35         Mixed(Parameter(str, "Request hash"),
  36               Parameter(None, "Request hash not specified"))
  37         ]
  38
  39     returns = Parameter(str, "String represeneation of a ticket object")
  40
  41     def call(self, cred, hrn, request_hash=None):
  42         self.api.auth.authenticateCred(cred, [cred, hrn], request_hash)
  43         self.api.auth.check(cred, "getticket")
  44         self.api.auth.verify_object_belongs_to_me(hrn)
  45         self.api.auth.verify_object_permission(hrn)
  46
  47         table = GeniTable()
  48         records = table.findObjects({'hrn': hrn, 'type': 'slice'})
  49         if not records:
  50             raise RecordNotFound(hrn)
  51         record = records
  52         object_gid = record.get_gid_object()
  53         new_ticket = SfaTicket(subject = object_gid.get_subject())
  54         new_ticket.set_gid_caller(self.client_gid)
  55         new_ticket.set_gid_object(object_gid)
  56         new_ticket.set_issuer(key=auth_info.get_pkey_object(), subject=auth_hrn)
  57         new_ticket.set_pubkey(object_gid.get_pubkey())
  58
  59         # get sliver info
  60         slivers = Slices(self.api).get_slivers(hrn)
  61         if not slivers:
  62             raise SliverDoesNotExist(hrn)
  63         sliver = slivers[0]
  64
  65         # get initscripts
  66         initscripts = None
  67         sliver['initscripts'] = initscripts
  68
  69         # get rspec info
  70         # conver plc slice tags to rspec attributes
  71         rspec = None
  72
  73         new_ticket.set_attributes(sliver)
  74         new_ticket.set_rspec(rspec)
  75
  76         new_ticket.set_parent(self.api.auth.hierarchy.get_auth_ticket(auth_hrn))
  77
  78         new_ticket.encode()
  79         new_ticket.sign()
  80
  81         return new_ticket.save_to_string(save_parents=True)
  82