# raise ConnectionKeyGIDMismatch(gid.get_subject())
from sfa.util.faults import *
-from sfa.util.misc import *
from sfa.util.method import Method
from sfa.util.parameter import Parameter, Mixed
from sfa.trust.auth import Auth
from sfa.trust.gid import GID
from sfa.trust.certificate import Certificate
-from sfa.util.genitable import GeniTable
class get_gid(Method):
"""
accepts = [
Parameter(str, "Certificate string"),
-
- Parameter(str, "Human readable name (hrn)")
+ Parameter(str, "Human readable name (hrn)"),
+ Parameter(str, "Object type")
]
- returns = [Parameter(dict, "Aggregate interface information")]
+ returns = Parameter(str, "GID string")
- def call(self, cert, hrn, type, requestHash):
+ def call(self, cert, hrn, type):
self.api.auth.verify_object_belongs_to_me(hrn)
- certificate = Certificate(string=cert)
- table = GeniTable()
- records = table.find({'hrn': hrn, 'type': type})
+
+ # resolve the record
+ manager_base = 'sfa.managers'
+ mgr_type = self.api.config.SFA_REGISTRY_TYPE
+ manager_module = manager_base + ".registry_manager_%s" % mgr_type
+ manager = __import__(manager_module, fromlist=[manager_base])
+ records = manager.resolve(self.api, hrn, type, origin_hrn=hrn)
if not records:
raise RecordNotFound(hrn)
record = records[0]
- gidStr = record['gid']
- gid = GID(string=gidStr)
-
+
+ # make sure client's certificate is the gid's pub key
+ gid = GID(string=record['gid'])
+ certificate = Certificate(string=cert)
if not certificate.is_pubkey(gid.get_pubkey()):
raise ConnectionKeyGIDMismatch(gid.get_subject())
+
+ return record['gid']
- # authenticate the gid
- self.api.auth.authenticateGid(gidStr, [cert, hrn, type], requestHash)
-
- return gidStr
git://git.onelab.eu / sfa.git / blobdiff