allow the interface to get authority rights

author Tony Mack <tmack@cs.princeton.edu>

Thu, 29 Oct 2009 18:00:22 +0000 (18:00 +0000)

committer Tony Mack <tmack@cs.princeton.edu>

Thu, 29 Oct 2009 18:00:22 +0000 (18:00 +0000)
author Tony Mack <tmack@cs.princeton.edu>
Thu, 29 Oct 2009 18:00:22 +0000 (18:00 +0000)
committer Tony Mack <tmack@cs.princeton.edu>
Thu, 29 Oct 2009 18:00:22 +0000 (18:00 +0000)
diff --git a/sfa/trust/auth.py b/sfa/trust/auth.py

index c6e0d9d..2f1cd2a 100644 (file)
--- a/sfa/trust/auth.py
+++ b/sfa/trust/auth.py
@@ -238,9 +238,10 @@ class Auth:
                  rl.add("info")
  
          elif type == "authority":
-            rl.add("authority")
              pis = record.get("pi", [])
              operators = record.get("operator", [])
+            if (cred_object_hrn == config.SFA_INTERFACE_HRN):
+                rl.add("authority")
              if (cred_object_hrn in pis):
                  rl.add("authority,sa")
              if (cred_object_hrn in operators):
author	Tony Mack <tmack@cs.princeton.edu>
	Thu, 29 Oct 2009 18:00:22 +0000 (18:00 +0000)
committer	Tony Mack <tmack@cs.princeton.edu>
	Thu, 29 Oct 2009 18:00:22 +0000 (18:00 +0000)