passing the hrn of the initial caller instead of its credentail

[sfa.git] / sfa / methods / get_resources.py
diff --git a/sfa/methods/get_resources.py b/sfa/methods/get_resources.py

index 7b56374..399f0e8 100644 (file)
--- a/sfa/methods/get_resources.py
+++ b/sfa/methods/get_resources.py
@@ -7,8 +7,10 @@ from sfa.util.parameter import Parameter, Mixed
  from sfa.trust.auth import Auth
  from sfa.util.config import Config
  from sfa.plc.nodes import Nodes
-# RSpecManager_pl is not used. This is just to resolve issues with the dynamic __import__ that comes later.
+# RSpecManager_pl is not used. This line is a check that ensures that everything is in place for the import to work.
  import sfa.rspecs.aggregates.rspec_manager_pl
+from sfa.trust.credential import Credential
+from sfatables.runtime import SFATablesRules
  
  class get_resources(Method):
      """
@@ -25,25 +27,51 @@ class get_resources(Method):
      accepts = [
          Parameter(str, "Credential string"),
          Mixed(Parameter(str, "Human readable name (hrn)"),
-              Parameter(None, "hrn not specified"))
+              Parameter(None, "hrn not specified")),
+        Mixed(Parameter(str, "Request hash"),
+              Parameter(None, "Request hash not specified")),
+        Parameter(str, "Callers credential string")
          ]
  
      returns = Parameter(str, "String representatin of an rspec")
      
-    def call(self, cred, hrn=None):
+    def call(self, cred, hrn=None, request_hash = None, origin_hrn=None):
          sfa_aggregate_type = Config().get_aggregate_rspec_type()
  
+        # This cred will be an authority cred, not a user, so we cant use it to 
+        # authenticate the caller's request_hash. Let just get the caller's gid
+        # from the cred and authenticate using that 
+        client_gid = Credential(string=cred).get_gid_caller()
+        client_gid_str = client_gid.save_to_string(save_parents=True)
+        self.api.auth.authenticateGid(client_gid_str, [cred,hrn], request_hash)
          self.api.auth.check(cred, 'listnodes')
-        if (sfa_aggregate_type == 'pl'):
-            nodes = Nodes(self.api)
-            if hrn:
-                rspec = nodes.get_rspec(hrn)
-            else:
-                nodes.refresh()
-                rspec = nodes['rspec']
-        else:
-            # To clean up after July 21 - SB    
-            rspec_manager = __import__("sfa.rspecs.aggregates.rspec_manager_"+sfa_aggregate_type, fromlist = ["sfa.rspecs.aggregates"])
-            rspec = rspec_manager.get_rspec(hrn)
-        
-        return rspec
+        if origin_hrn==None:
+            origin_hrn=Credential(string=cred).get_gid_caller().get_hrn()
+
+        #log the call
+        self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, hrn, self.name))
+
+
+
+        # send the call to the right manager
+        manager_base = 'sfa.managers'
+        if self.api.interface in ['aggregate']:
+            mgr_type = self.api.config.SFA_AGGREGATE_TYPE
+            manager_module = manager_base + ".aggregate_manager_%s" % mgr_type
+            manager = __import__(manager_module, fromlist=[manager_base])
+            rspec = manager.get_rspec(self.api, hrn, origin_hrn)
+            outgoing_rules = SFATablesRules('OUTGOING')
+        elif self.api.interface in ['slicemgr']:
+            mgr_type = self.api.config.SFA_SM_TYPE
+            manager_module = manager_base + ".slice_manager_%s" % mgr_type
+            manager = __import__(manager_module, fromlist=[manager_base])
+            rspec = manager.get_rspec(self.api, hrn, origin_hrn)
+            outgoing_rules = SFATablesRules('FORWARD-OUTGOING')
+
+        filtered_rspec = rspec
+        if outgoing_rules.sorted_rule_list:
+           request_context = manager.fetch_context(hrn, origin_hrn, outgoing_rules.contexts)
+           outgoing_rules.set_context(request_context)
+           filtered_rspec = outgoing_rules.apply(rspec)
+
+        return filtered_rspec