return '4.2'
- def getCredential(self):
+ def getCredential(self, origin_hrn=None):
if self.interface in ['registry']:
- return self.getCredentialFromLocalRegistry()
+ return self.getCredentialFromLocalRegistry(origin_hrn)
else:
- return self.getCredentialFromRegistry()
+ return self.getCredentialFromRegistry(origin_hrn)
- def getCredentialFromRegistry(self):
+ def getCredentialFromRegistry(self, origin_hrn=None):
"""
Get our credential from a remote registry using a geniclient connection
"""
from sfa.server.registry import Registries
registries = Registries(self)
registry = registries[self.hrn]
- cert_string=self.cert.save_to_string(save_parents=True)
+ cert_string=self.cert.save_to_string(save_parents=True)
# get self credential
arg_list = [cert_string,type,self.hrn]
request_hash=self.key.compute_hash(arg_list)
self_cred = registry.get_self_credential(cert_string, type, self.hrn, request_hash)
# get credential
- arg_list = [self_cred,type,self.hrn]
+ arg_list = [self_cred,type,self.hrn,origin_hrn]
request_hash=self.key.compute_hash(arg_list)
- cred = registry.get_credential(self_cred, type, self.hrn, request_hash)
+ cred = registry.get_credential(self_cred, type, self.hrn, origin_hrn, request_hash)
# save cred to file
Credential(string=cred).save_to_file(cred_filename, save_parents=True)
return cred
- def getCredentialFromLocalRegistry(self):
+ def getCredentialFromLocalRegistry(self, origin_hrn=None):
"""
Get our current credential directly from the local registry.
"""
record = records[0]
type = record['type']
object_gid = record.get_gid_object()
+
+ # get the origin caller's gid (this is the caller's gid by default)
+ if origin_hrn:
+ orgin_records = table.find({'hrn': origin_hrn})
+ if not origin_records:
+ raise RecordNotFound(origin_hrn)
+ origin_record = origin_records[0]
+ origin_caller_gid_object = GID(string = record['gid'])
+ else:
+ origin_caller_gid_object = object_gid
+
new_cred = Credential(subject = object_gid.get_subject())
new_cred.set_gid_caller(object_gid)
new_cred.set_gid_object(object_gid)