renamed sfaticket from util/ to trust/

[sfa.git] / sfa / trust / hierarchy.py

diff --git a/sfa/trust/hierarchy.py b/sfa/trust/hierarchy.py
index 89bebcc..dc66ef8 100644 (file)
--- a/sfa/trust/hierarchy.py
+++ b/sfa/trust/hierarchy.py
@@ -21,7 +21,7 @@ from sfa.trust.certificate import Keypair
 from sfa.trust.credential import Credential
 from sfa.trust.gid import GID, create_uuid
 from sfa.util.config import Config
-from sfa.util.sfaticket import SfaTicket
+from sfa.trust.sfaticket import SfaTicket
 
 ##
 # The AuthInfo class contains the information for an authority. This information
@@ -229,7 +229,7 @@ class Hierarchy:
     # @param uuid the unique identifier to store in the GID
     # @param pkey the public key to store in the GID
 
-    def create_gid(self, xrn, uuid, pkey):
+    def create_gid(self, xrn, uuid, pkey, CA=False):
         hrn, type = urn_to_hrn(xrn)
         parent_hrn = get_authority(hrn)
         # Using hrn_to_urn() here to make sure the urn is in the right format
@@ -239,9 +239,16 @@ class Hierarchy:
         gid = GID(subject=hrn, uuid=uuid, hrn=hrn, urn=urn)
 
         # is this a CA cert
-        if hrn == self.config.SFA_INTERFACE_HRN or \
-           or not parent_hrn or 'authority' in type:
+        if hrn == self.config.SFA_INTERFACE_HRN or not parent_hrn:
+            # root or sub authority  
             gid.set_intermediate_ca(True)
+        elif type and 'authority' in type:
+            # authority type
+            gid.set_intermediate_ca(True)
+        elif CA:
+            gid.set_intermediate_ca(True)
+        else:
+            gid.set_intermediate_ca(False)
 
         # set issuer
         if not parent_hrn or hrn == self.config.SFA_INTERFACE_HRN: