hashrequest = False
def create_cmd_parser(self, command, additional_cmdargs=None):
- cmdargs = {"gid": "",
- "list": "name",
+ cmdargs = {"list": "name",
"show": "name",
"remove": "name",
"add": "record",
cert.save_to_file(file)
return file
- def get_gid(self):
- #file = os.path.join(self.options.sfi_dir, get_leaf(self.user) + ".gid")
- file = os.path.join(self.options.sfi_dir, self.user.replace(self.authority + '.', '') + ".gid")
- if (os.path.isfile(file)):
- gid = GID(filename=file)
- return gid
- else:
- cert_str = self.cert.save_to_string(save_parents=True)
- gid_str = self.registry.get_gid(cert_str, self.user, "user")
- gid = GID(string=gid_str)
- if self.options.verbose:
- print "Writing user gid to", file
- gid.save_to_file(file, save_parents=True)
- return gid
-
def get_cached_credential(self, file):
"""
Return a cached credential only if it hasn't expired.
def dispatch(self, command, cmd_opts, cmd_args):
getattr(self, command)(cmd_opts, cmd_args)
- def gid(self, opts, args):
- gid = self.get_gid()
- print "GID: %s" % (gid.save_to_string(save_parents=True))
- return
-
# list entires in named authority registry
def list(self, opts, args):
user_cred = self.get_user_cred().save_to_string(save_parents=True)
+++ /dev/null
-from sfa.util.faults import *
-from sfa.util.namespace import *
-from sfa.util.method import Method
-from sfa.util.parameter import Parameter, Mixed
-from sfa.trust.auth import Auth
-from sfa.trust.gid import GID
-from sfa.trust.certificate import Certificate
-
-class get_gid(Method):
- """
- Returns the client's gid if one exists
-
- @param cert certificate string
- @param xrn human readable name (hrn or urn)
- @param type object type
- @return client gid
- """
-
- interfaces = ['registry']
-
- accepts = [
- Parameter(str, "Certificate string"),
- Parameter(str, "Human readable name (hrn or urn)"),
- Parameter(str, "Object type")
- ]
-
- returns = Parameter(str, "GID string")
-
- def call(self, cert, xrn, type):
-
- # convert xrn to hrn
- if type:
- hrn = urn_to_hrn(xrn)[0]
- else:
- hrn, type = urn_to_hrn(xrn)
-
- self.api.auth.verify_object_belongs_to_me(hrn)
-
- # resolve the record
- manager_base = 'sfa.managers'
- mgr_type = self.api.config.SFA_REGISTRY_TYPE
- manager_module = manager_base + ".registry_manager_%s" % mgr_type
- manager = __import__(manager_module, fromlist=[manager_base])
- records = manager.resolve(self.api, xrn, type, origin_hrn=hrn)
- if not records:
- raise RecordNotFound(hrn)
- record = records[0]
-
- # make sure client's certificate is the gid's pub key
- gid = GID(string=record['gid'])
- certificate = Certificate(string=cert)
- if not certificate.is_pubkey(gid.get_pubkey()):
- raise ConnectionKeyGIDMismatch(gid.get_subject())
-
- return record['gid']
-