# removed named registry record
# - have to first retrieve the record to be removed
def remove(self,opts, args):
- auth_cred = self.get_auth_cred()
+ auth_cred = self.get_auth_cred().save_to_string(save_parents=True)
+ hrn = args[0]
type = opts.type
if type in ['all']:
- type = '*'
- return self.registry.remove(auth_cred, type, args[0])
+ type = '*'
+ arg_list = [auth_cred, type, hrn]
+ request_hash = self.key.compute_hash(arg_list)
+ return self.registry.remove(auth_cred, type, hrn, request_hash)
# add named registry record
def add(self,opts, args):
record_filepath = args[0]
rec_file = self.get_record_file(record_filepath)
record = self.load_record_from_file(rec_file).as_dict()
- request_hash = self.key.compute_hash([auth_cred, record])
-
+ arg_list = [auth_cred]
+ request_hash = self.key.compute_hash(arg_list)
return self.registry.register(auth_cred, record, request_hash)
# update named registry entry
user_cred = self.get_user_cred()
rec_file = self.get_record_file(args[0])
record = self.load_record_from_file(rec_file)
- if record.get_type() == "user":
+ if record['type'] == "user":
if record.get_name() == user_cred.get_gid_object().get_hrn():
- cred = user_cred
+ cred = user_cred.save_to_string(save_parents=True)
else:
- cred = self.get_auth_cred()
- elif record.get_type() in ["slice"]:
+ cred = self.get_auth_cred().save_to_string(save_parents=True)
+ elif record['type'] in ["slice"]:
try:
- cred = self.get_slice_cred(record.get_name())
+ cred = self.get_slice_cred(record.get_name()).save_to_string(save_parents=True)
except ServerException, e:
# XXX smbaker -- once we have better error return codes, update this
# to do something better than a string compare
if "Permission error" in e.args[0]:
- cred = self.get_auth_cred()
+ cred = self.get_auth_cred().save_to_string(save_parents=True)
else:
raise
elif record.get_type() in ["authority"]:
- cred = self.get_auth_cred()
+ cred = self.get_auth_cred().save_to_string(save_parents=True)
elif record.get_type() == 'node':
- cred = self.get_auth_cred()
+ cred = self.get_auth_cred().save_to_string(save_parents=True)
else:
raise "unknown record type" + record.get_type()
- return self.registry.update(cred, record)
+ record = record.as_dict()
+ arg_list = [cred]
+ request_hash = self.key.compute_hash(arg_list)
+ return self.registry.update(cred, record, request_hash)
def aggregates(self, opts, args):
# authenticate the caller's request_hash. Let just get the caller's gid
# from the cred and authenticate using that
client_gid = Credential(string=cred).get_gid_caller()
- client_gid_str = client_gid.save_to_string()
- self.api.auth.authenticateGid(cred, [cred, record_dict], request_hash)
+ client_gid_str = client_gid.save_to_string(save_parents=True)
+ self.api.auth.authenticateGid(client_gid_str, [cred], request_hash)
self.api.auth.check(cred, "register")
if caller_cred==None:
caller_cred=cred
accepts = [
Parameter(str, "Credential string"),
Parameter(str, "Record type"),
- Parameter(str, "Human readable name (hrn) of record to be removed")
+ Parameter(str, "Human readable name (hrn) of record to be removed"),
+ Parameter(str, "Request hash")
]
returns = Parameter(int, "1 if successful")
- def call(self, cred, type, hrn, caller_cred=None):
+ def call(self, cred, type, hrn, request_hash, caller_cred=None):
+
if caller_cred==None:
caller_cred=cred
#log the call
self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, Credential(string=caller_cred).get_gid_caller().get_hrn(), hrn, self.name))
-
+ # This cred will be an authority cred, not a user, so we cant use it to
+ # authenticate the caller's request_hash. Let just get the caller's gid
+ # from the cred and authenticate using that
+ client_gid = Credential(string=cred).get_gid_caller()
+ client_gid_str = client_gid.save_to_string(save_parents=True)
+ self.api.auth.authenticateGid(client_gid_str, [cred, type, hrn], request_hash)
self.api.auth.check(cred, "remove")
self.api.auth.verify_object_permission(hrn)
table = GeniTable()
accepts = [
Parameter(str, "Credential string"),
- Parameter(dict, "Record dictionary to be updated")
+ Parameter(dict, "Record dictionary to be updated"),
+ Parameter(str, "Request hash")
]
returns = Parameter(int, "1 if successful")
- def call(self, cred, record_dict, caller_cred=None):
+ def call(self, cred, record_dict, request_hash, caller_cred=None):
+ if caller_cred==None:
+ caller_cred=cred
+
+ #log the call
+ self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, Credential(string=caller_cred).get_gid_caller().get_hrn(), None, self.name))
+ # This cred might be an authority cred, not a user, so we cant use it to
+ # authenticate the caller's request_hash. Let just get the caller's gid
+ # from the cred and authenticate using that
+ client_gid = Credential(string=cred).get_gid_caller()
+ client_gid_str = client_gid.save_to_string(save_parents=True)
+ self.api.auth.authenticateGid(client_gid_str, [cred], request_hash)
self.api.auth.check(cred, "update")
- if caller_cred==None:
- caller_cred=cred
-
- #log the call
- self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, Credential(string=caller_cred).get_gid_caller().get_hrn(), None, self.name))
new_record = GeniRecord(dict = record_dict)
type = new_record['type']
hrn = new_record['hrn']
git://git.onelab.eu / sfa.git / commitdiff