##
# This module implements a hierarchy of authorities and performs a similar
-# function as the "tree" module of the original geniwrapper prototype. An HRN
+# function as the "tree" module of the original SFA prototype. An HRN
# is assumed to be a string of authorities separated by dots. For example,
# "planetlab.us.arizona.bakers". Each component of the HRN is a different
# authority, with the last component being a leaf in the tree.
### $URL$
import os
-import report
+from sfa.util.report import *
from sfa.trust.certificate import Keypair
from sfa.trust.credential import *
-from sfa.trust.gid import *
-
-from sfa.util.misc import *
-from sfa.util.config import *
-from sfa.util.geniticket import *
+from sfa.trust.gid import GID, create_uuid
+from sfa.util.namespace import *
+from sfa.util.config import Config
+from sfa.util.sfaticket import SfaTicket
##
# The AuthInfo class contains the information for an authority. This information
# includes the GID, private key, and database connection information.
-class AuthInfo():
+class AuthInfo:
hrn = None
gid_object = None
gid_filename = None
# contains the GID, pkey, and dbinfo files for that authority (as well as
# subdirectories for each sub-authority)
-class Hierarchy():
+class Hierarchy:
##
# Create the hierarchy object.
#
def __init__(self, basedir = None):
if not basedir:
- config = Config()
- basedir = config.config_path + os.sep + "authorities"
+ self.config = Config()
+ basedir = os.path.join(self.config.SFA_DATA_DIR, "authorities")
self.basedir = basedir
##
# Given a hrn, return the filenames of the GID, private key, and dbinfo
# @param create_parents if true, also create the parents if they do not exist
def create_auth(self, hrn, create_parents=False):
- report.trace("Hierarchy: creating authority: " + hrn)
+ trace("Hierarchy: creating authority: " + hrn)
# create the parent authority if necessary
parent_hrn = get_authority(hrn)
# XXX TODO: think up a better way for the dbinfo to work
- dbinfo = get_default_dbinfo()
+ dbinfo = Config().get_plc_dbinfo()
dbinfo_file = file(dbinfo_filename, "w")
dbinfo_file.write(str(dbinfo))
dbinfo_file.close()
# @param hrn the human readable name of the authority to create.
def get_auth_info(self, hrn):
- #report.trace("Hierarchy: getting authority: " + hrn)
+ #trace("Hierarchy: getting authority: " + hrn)
if not self.auth_exists(hrn):
raise MissingAuthority(hrn)
gid = GID(subject=hrn, uuid=uuid, hrn=hrn)
parent_hrn = get_authority(hrn)
- if not parent_hrn:
+ if not parent_hrn or hrn == self.config.SFA_INTERFACE_HRN:
# if there is no parent hrn, then it must be self-signed. this
# is where we terminate the recursion
gid.set_issuer(pkey, hrn)
cred.set_pubkey(auth_info.get_gid_object().get_pubkey())
parent_hrn = get_authority(hrn)
- if not parent_hrn:
+ if not parent_hrn or hrn == self.config.SFA_INTERFACE_HRN:
# if there is no parent hrn, then it must be self-signed. this
# is where we terminate the recursion
cred.set_issuer(auth_info.get_pkey_object(), hrn)
auth_info = self.get_auth_info(hrn)
gid = auth_info.get_gid_object()
- ticket = Ticket(subject=hrn)
+ ticket = SfaTicket(subject=hrn)
ticket.set_gid_caller(gid)
ticket.set_gid_object(gid)
ticket.set_delegate(True)
git://git.onelab.eu / sfa.git / blobdiff