added SFA_MAX_SLICE_RENEW config option now allows operators to configure the maximum...

author Tony Mack <tmack@paris.CS.Princeton.EDU>

Tue, 9 Aug 2011 15:54:20 +0000 (11:54 -0400)

committer Tony Mack <tmack@paris.CS.Princeton.EDU>

Tue, 9 Aug 2011 15:54:20 +0000 (11:54 -0400)
author Tony Mack <tmack@paris.CS.Princeton.EDU>
Tue, 9 Aug 2011 15:54:20 +0000 (11:54 -0400)
committer Tony Mack <tmack@paris.CS.Princeton.EDU>
Tue, 9 Aug 2011 15:54:20 +0000 (11:54 -0400)
diff --git a/config/default_config.xml b/config/default_config.xml

index 35a23ab..46e734e 100644 (file)
--- a/config/default_config.xml
+++ b/config/default_config.xml
@@ -35,6 +35,12 @@ Thierry Parmentelat
            <value>false</value>
            <description>Flag to turn debug on.</description>
          </variable>
+    
+        <variable id="slice_max_renew" type="boolean">
+          <name>Slice Max Renew</name>
+          <value>60</value>
+          <description>Maximum amout of days a user can extend/renew their slices to</description>
+        </variable>
  
          <variable id="session_key_path" type="string">
              <name>User Session Keys Path </name>
diff --git a/sfa/methods/RenewSliver.py b/sfa/methods/RenewSliver.py

index 6cbde77..a674b57 100644 (file)
--- a/sfa/methods/RenewSliver.py
+++ b/sfa/methods/RenewSliver.py
@@ -34,10 +34,11 @@ class RenewSliver(Method):
  
          # Validate that the time does not go beyond the credential's expiration time
          requested_time = utcparse(expiration_time)
+        max_renew_days = int(api.config.SFA_MAX_SLICE_RENEW)
          if requested_time > Credential(string=valid_creds[0]).get_expiration():
              raise InsufficientRights('Renewsliver: Credential expires before requested expiration time')
-        if requested_time > datetime.datetime.utcnow() + datetime.timedelta(days=60):
-            raise Exception('Cannot renew > 60 days from now')
+        if requested_time > datetime.datetime.utcnow() + datetime.timedelta(days=max_renew_days):
+            raise Exception('Cannot renew > %s days from now' % max_renew_days)
          manager = self.api.get_interface_manager()
          return manager.RenewSliver(self.api, slice_xrn, valid_creds, expiration_time, call_id)    
      
diff --git a/sfa/util/config.py b/sfa/util/config.py

index 0f513ec..42d2c87 100644 (file)
--- a/sfa/util/config.py
+++ b/sfa/util/config.py
@@ -69,6 +69,9 @@ class Config:
              if not hasattr(self, 'SFA_CM_TYPE'):
                  self.SFA_COMPONENT_TYPE='pl'
  
+            if not hasattr(self, 'SFA_MAX_SLICE_RENEW'):
+                self.SFA_MAX_SLICE_RENEW=60
+
              # create the data directory if it doesnt exist
              if not os.path.isdir(self.SFA_DATA_DIR):
                  try:
author	Tony Mack <tmack@paris.CS.Princeton.EDU>
	Tue, 9 Aug 2011 15:54:20 +0000 (11:54 -0400)
committer	Tony Mack <tmack@paris.CS.Princeton.EDU>
	Tue, 9 Aug 2011 15:54:20 +0000 (11:54 -0400)
config/default_config.xml		patch \| blob \| history
sfa/methods/RenewSliver.py		patch \| blob \| history
sfa/util/config.py		patch \| blob \| history