added origin_hrn as argument fro getCredential()

diff --git a/sfa/plc/api.py b/sfa/plc/api.py
index 7d5fe83..ffcacfb 100644 (file)
--- a/sfa/plc/api.py
+++ b/sfa/plc/api.py
@@ -92,13 +92,13 @@ class GeniAPI(BaseAPI):
             return '4.2'
             
 
-    def getCredential(self):
+    def getCredential(self, origin_hrn=None):
         if self.interface in ['registry']:
-            return self.getCredentialFromLocalRegistry()
+            return self.getCredentialFromLocalRegistry(origin_hrn)
         else:
-            return self.getCredentialFromRegistry()
+            return self.getCredentialFromRegistry(origin_hrn)
     
-    def getCredentialFromRegistry(self):
+    def getCredentialFromRegistry(self, origin_hrn=None):
         """ 
         Get our credential from a remote registry using a geniclient connection
         """
@@ -113,21 +113,21 @@ class GeniAPI(BaseAPI):
             from sfa.server.registry import Registries
             registries = Registries(self)
             registry = registries[self.hrn]
-           cert_string=self.cert.save_to_string(save_parents=True)
+            cert_string=self.cert.save_to_string(save_parents=True)
             # get self credential
             arg_list = [cert_string,type,self.hrn]
             request_hash=self.key.compute_hash(arg_list)
             self_cred = registry.get_self_credential(cert_string, type, self.hrn, request_hash)
             # get credential
-            arg_list = [self_cred,type,self.hrn]
+            arg_list = [self_cred,type,self.hrn,origin_hrn]
             request_hash=self.key.compute_hash(arg_list)
-            cred = registry.get_credential(self_cred, type, self.hrn, request_hash)
+            cred = registry.get_credential(self_cred, type, self.hrn, origin_hrn, request_hash)
             
             # save cred to file
             Credential(string=cred).save_to_file(cred_filename, save_parents=True)
             return cred
 
-    def getCredentialFromLocalRegistry(self):
+    def getCredentialFromLocalRegistry(self, origin_hrn=None):
         """
         Get our current credential directly from the local registry.
         """
@@ -147,6 +147,17 @@ class GeniAPI(BaseAPI):
         record = records[0]
         type = record['type']
         object_gid = record.get_gid_object()
+        
+        # get the origin caller's gid (this is the caller's gid by default)
+        if origin_hrn:
+            orgin_records = table.find({'hrn': origin_hrn})
+            if not origin_records:
+                raise RecordNotFound(origin_hrn)
+            origin_record = origin_records[0]
+            origin_caller_gid_object = GID(string = record['gid'])
+        else:
+            origin_caller_gid_object = object_gid
+
         new_cred = Credential(subject = object_gid.get_subject())
         new_cred.set_gid_caller(object_gid)
         new_cred.set_gid_object(object_gid)