if not object_cred.get_privileges().get_all_delegate():
print "Error: Object credential", object_hrn, "does not have delegate bit set"
return
-
+
+ # the delegating user's gid
+ caller_gid = self._get_gid(self.user)
+ caller_gidfile = os.path.join(self.options.sfi_dir, self.user + ".gid")
+
# the gid of the user who will be delegated to
delegee_gid = self._get_gid(hrn)
delegee_hrn = delegee_gid.get_hrn()
delegee_gidfile = os.path.join(self.options.sfi_dir, delegee_hrn + ".gid")
delegee_gid.save_to_file(filename=delegee_gidfile)
- dcred = object_cred.delegate(delegee_gidfile, self.get_key_file())
+ dcred = object_cred.delegate(delegee_gidfile, self.get_key_file(), caller_gidfile)
return dcred.save_to_string(save_parents=True)
# removed named registry record
list instantiated slices
"""
user_cred = self.get_user_cred().save_to_string(save_parents=True)
+ delegated_cred = self.delegate_cred(user_cred, get_authority(self.authority))
+ creds = [user_cred, delegated_cred]
server = self.get_server_from_opts(opts)
- results = server.ListSlices([user_cred])
+ results = server.ListSlices(creds)
display_list(results)
return
delegated_cred = self.delegate_cred(cred, get_authority(self.authority))
creds = [cred, delegated_cred]
- #creds = [delegated_cred]
result = server.ListResources(creds, call_options)
format = opts.format
display_rspec(result, format)
slice_urn = hrn_to_urn(slice_hrn, 'slice')
user_cred = self.get_user_cred()
slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
+ delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
+ creds = [slice_cred, delegated_cred]
rspec_file = self.get_rspec_file(args[1])
rspec = open(rspec_file).read()
server = self.get_server_from_opts(opts)
- result = server.CreateSliver(slice_urn, [slice_cred], rspec, [])
+ result = server.CreateSliver(slice_urn, creds, rspec, [])
print result
return result
slice_urn = hrn_to_urn(slice_hrn, 'slice')
user_cred = self.get_user_cred()
slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
+ delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
+ creds = [slice_cred, delegated_cred]
rspec_file = self.get_rspec_file(rspec_path)
rspec = open(rspec_file).read()
server = self.get_server_from_opts(opts)
- ticket_string = server.GetTicket(slice_urn, [slice_cred], rspec, [])
+ ticket_string = server.GetTicket(slice_urn, creds, rspec, [])
file = os.path.join(self.options.sfi_dir, get_leaf(slice_hrn) + ".ticket")
print "writing ticket to ", file
ticket = SfaTicket(string=ticket_string)
slice_hrn = args[0]
slice_urn = hrn_to_urn(slice_hrn, 'slice')
slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
+ delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
+ creds = [slice_cred, delegated_cred]
server = self.get_server_from_opts(opts)
- return server.DeleteSliver(slice_urn, [slice_cred])
+ return server.DeleteSliver(slice_urn, creds)
# start named slice
def start(self, opts, args):
slice_hrn = args[0]
slice_urn = hrn_to_urn(slice_hrn, 'slice')
slice_cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True)
+ delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
+ creds = [slice_cred, delegated_cred]
server = self.get_server_from_opts(opts)
- return server.Start(slice_urn, [slice_cred])
+ return server.Start(slice_urn, creds)
# stop named slice
def stop(self, opts, args):
slice_hrn = args[0]
slice_urn = hrn_to_urn(slice_hrn, 'slice')
slice_cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True)
+ delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
+ creds = [slice_cred, delegated_cred]
server = self.get_server_from_opts(opts)
- return server.Stop(slice_urn, [slice_cred])
+ return server.Stop(slice_urn, creds)
# reset named slice
def reset(self, opts, args):
slice_urn = hrn_to_urn(slice_hrn, 'slice')
server = self.get_server_from_opts(opts)
slice_cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True)
- return server.reset_slice(slice_cred, slice_urn)
+ delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
+ creds = [slice_cred, delegated_cred]
+ return server.reset_slice(creds, slice_urn)
def renew(self, opts, args):
slice_hrn = args[0]
slice_urn = hrn_to_urn(slice_hrn, 'slice')
server = self.get_server_from_opts(opts)
slice_cred = self.get_slice_cred(args[0]).save_to_string(save_parents=True)
+ delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
+ creds = [slice_cred, delegated_cred]
time = args[1]
- return server.RenewSliver(slice_urn, [slice_cred], time)
+ return server.RenewSliver(slice_urn, creds, time)
def status(self, opts, args):
slice_hrn = args[0]
slice_urn = hrn_to_urn(slice_hrn, 'slice')
slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
+ delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
+ creds = [slice_cred, delegated_cred]
server = self.get_server_from_opts(opts)
- print server.SliverStatus(slice_urn, [slice_cred])
+ print server.SliverStatus(slice_urn, creds)
def shutdown(self, opts, args):
slice_hrn = args[0]
slice_urn = hrn_to_urn(slice_hrn, 'slice')
slice_cred = self.get_slice_cred(slice_hrn).save_to_string(save_parents=True)
+ delegated_cred = self.delegate_cred(slice_cred, get_authority(self.authority))
+
server = self.get_server_from_opts(opts)
return server.Shutdown(slice_urn, [slice_cred])