from sfa.plc.slices import *
from sfa.util.sfalogging import *
-import zlib
+from lxml import etree
+from StringIO import StringIO
def GetVersion():
version = {}
rspec = manager.get_rspec(api, xrn, None)
- #outgoing_rules = SFATablesRules('OUTGOING')
- if options.has_key('geni_compressed') and options['geni_compressed'] == True:
- rspec = zlib.compress(rspec).encode('base64')
+
+ # Filter out those objects that aren't allocated
+ if xrn:
+ tree = etree.parse(StringIO(rspec))
+ used_nodes = [sliver.getparent() for sliver in tree.iterfind("./network/site/node/sliver")]
+ used_sites = [node.getparent() for node in used_nodes]
+ for node in tree.iterfind("./network/site/node"):
+ if node not in used_nodes:
+ parent = node.getparent()
+ parent.remove(node)
+ # Remove unused sites
+ for site in tree.iterfind("./network/site"):
+ if site not in used_sites:
+ parent = site.getparent()
+ parent.remove(site)
+ rspec = etree.tostring(tree)
+
return rspec
from sfa.trust.credential import Credential
from sfatables.runtime import SFATablesRules
import sys
-
+import zlib
class ListResources(Method):
"""
context = {'sfa':{'user':{'hrn':origin_hrn}, 'slice':{'hrn':None}}}
outgoing_rules.set_context(context)
filtered_rspec = outgoing_rules.apply(rspec)
+
+ if options.has_key('geni_compressed') and options['geni_compressed'] == True:
+ filtered_rspec = zlib.compress(rspec).encode('base64')
+
return filtered_rspec
if not origin_hrn:
origin_hrn = Credential(string=cred).get_gid_caller().get_hrn()
self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, hrn, self.name))
- self.api.logger.info("get_credential cred = %s" % cred)
self.api.auth.check(cred, 'getcredential')
self.api.auth.verify_object_belongs_to_me(hrn)
self.slice = node.network.slice
def toxml(self, xml):
- logger.info("sliver to xml!")
with xml.sliver:
self.slice.tags_to_xml(xml, self.node)
self.sliver = Sliver(self)
def toxml(self, xml):
- logger.info("node.toxml(I)")
slice = self.network.slice
if self.whitelist and not self.sliver:
if not slice or slice.id not in self.whitelist:
xml << (tag.tagname, tag.value)
def toxml(self, xml):
- logger.info("slice to xml!")
-
with xml.sliver_defaults:
self.tags_to_xml(xml)
# TODO:
+# . fix verify_issuer() and call it at the end of verify()
# . make privs match between PG and PL
# . Need to add support for other types of credentials, e.g. tickets
# Verify the parents (delegation)
if self.parent:
self.verify_parent(self.parent)
+
# Make sure the issuer is the target's authority
- self.verify_issuer()
+ #self.verify_issuer()
return True
# Make sure the issuer of this credential is the target's authority
def verify_issuer(self):
target_authority = get_authority(self.get_gid_object().get_urn())
-
# Find the root credential's signature
cur_cred = self
target_authority = hrn_to_urn(target_authority, 'authority')
if root_issuer != target_authority:
- raise CredentialNotVerifiable("issuer (%s) != authority of target (%s)" \
- % (root_issuer, target_authority))
+ raise CredentialNotVerifiable("issuer (%s) != authority of target (%s) for target (%s)" \
+ % (root_issuer, target_authority, self.get_gid_object().get_urn()))
##
# -- For Delegates (credentials with parents) verify that: