arguments to Get(Self)Credential (from get_credential, need to swap hrn and type)
renamed RightList into just Rights
if user_name.count(".") > 0:
user_name = user_name.replace(".", '_')
self.user = self.authority + "." + user_name
- cred_str = self.registry.get_self_credential(cert_string, "user", hrn)
+ cred_str = self.registry.GetSelfCredential(cert_string, hrn, "user")
else:
# bootstrap slice credential from user credential
user_cred = self.get_user_cred().save_to_string(save_parents=True)
- cred_str = self.registry.get_credential(user_cred, type, hrn)
+ cred_str = self.registry.GetCredential(user_cred, hrn, type)
if not cred_str:
self.logger.critical("Failed to get %s credential" % type)
from sfa.trust.credential import *
from sfa.trust.certificate import *
from sfa.util.faults import *
+from sfa.trust.gid import create_uuid
def get_version(api):
version = {}
-### $Id: get_credential.py 17576 2010-04-05 20:56:15Z tmack $
-### $URL: https://svn.planet-lab.org/svn/sfa/trunk/sfa/methods/get_credential.py $
-
+#
from sfa.trust.credential import *
from sfa.trust.rights import *
from sfa.util.faults import *
class GetCredential(Method):
"""
Retrive a credential for an object
- If cred == None then the behavior reverts to get_self_credential
+ If cred == None then the behavior reverts to GetSelfCredential
@param hrn human readable name of object (hrn or urn)
@param cred credential object specifying rights of the caller
-### $Id: get_credential.py 15321 2009-10-15 05:01:21Z tmack $
-### $URL: https://svn.planet-lab.org/svn/sfa/trunk/sfa/methods/get_credential.py $
from sfa.trust.credential import *
from sfa.trust.rights import *
def call(self, cert, xrn, type):
"""
- get_self_credential a degenerate version of get_credential used by a client
+ GetSelfCredential a degenerate version of GetCredential used by a client
to get his initial credential when de doesnt have one. This is the same as
get_credetial(..., cred = None, ...)
all = """
+GetCredential
+GetSelfCredential
+GetGids
get_aggregates
get_key
get_registries
registry = registries[self.hrn]
cert_string=self.cert.save_to_string(save_parents=True)
# get self credential
- self_cred = registry.get_self_credential(cert_string, type, self.hrn)
+ self_cred = registry.GetSelfCredential(cert_string, self.hrn, type)
# get credential
- cred = registry.get_credential(self_cred, type, self.hrn)
+ cred = registry.GetCredential(self_cred, type, self.hrn)
# save cred to file
Credential(string=cred).save_to_file(cred_filename, save_parents=True)
registry = registries[self.hrn]
cert_string=self.cert.save_to_string(save_parents=True)
# get self credential
- self_cred = registry.get_self_credential(cert_string, type, self.hrn)
+ self_cred = registry.GetSelfCredential(cert_string, self.hrn, type)
# get credential
- cred = registry.get_credential(self_cred, type, self.hrn)
+ cred = registry.GetCredential(self_cred, self.hrn, type)
# save cred to file
Credential(string=cred).save_to_file(cred_filename, save_parents=True)
# get credential from registry
cert_str = Certificate(filename=cert_filename).save_to_string(save_parents=True)
registry = self.get_registry()
- cred = registry.get_self_credential(cert_str, 'node', hrn)
+ cred = registry.GetSelfCredential(cert_str, hrn, 'node')
Credential(string=cred).save_to_file(credfile, save_parents=True)
return cred
os.unlink(f)
# install the new key pair
- # get_credential will take care of generating the new keypair
+ # GetCredential will take care of generating the new keypair
# and credential
self.get_node_key()
self.getCredential()
registry = get_server(url=registry, keyfile=keyfile, certfile=certfile)
cert = Certificate(filename=certfile)
cert_str = cert.save_to_string(save_parents=True)
- cred = registry.GetSelfCredential(cert_str, hrn, 'node')
+ cred = registry.GetSelfCredential(cert_str, 'node', hrn)
Credential(string=cred).save_to_file(credfile, save_parents=True)
return cred
verify_cancreate_credential()
"""
- rl = RightList()
+ rl = Rights()
type = record['type']
from xml.dom.minidom import Document, parseString
from dateutil.parser import parse
+from sfa.util.faults import *
from sfa.util.sfalogging import sfa_logger
from sfa.trust.certificate import Keypair
from sfa.trust.credential_legacy import CredentialLegacy
-from sfa.trust.rights import *
-from sfa.trust.gid import *
-from sfa.util.faults import *
-
-
-
+from sfa.trust.rights import Right, Rights
+from sfa.trust.gid import GID
# Two years, in seconds
DEFAULT_CREDENTIAL_LIFETIME = 60 * 60 * 24 * 365 * 2
##
# set the privileges
#
- # @param privs either a comma-separated list of privileges of a RightList object
+ # @param privs either a comma-separated list of privileges of a Rights object
def set_privileges(self, privs):
if isinstance(privs, str):
- self.privileges = RightList(string = privs)
+ self.privileges = Rights(string = privs)
else:
self.privileges = privs
##
- # return the privileges as a RightList object
+ # return the privileges as a Rights object
def get_privileges(self):
if not self.privileges:
# Process privileges
privs = cred.getElementsByTagName("privileges")[0]
- rlist = RightList()
+ rlist = Rights()
for priv in privs.getElementsByTagName("privilege"):
kind = getTextNode(priv, "name")
deleg = str2bool(getTextNode(priv, "can_delegate"))
import xmlrpclib
-from sfa.trust.certificate import Certificate
-from sfa.trust.rights import *
-from sfa.trust.gid import *
from sfa.util.faults import *
+from sfa.trust.certificate import Certificate
+from sfa.trust.rights import Right,Rights
+from sfa.trust.gid import GID
##
# Credential is a tuple:
##
# set the privileges
#
- # @param privs either a comma-separated list of privileges of a RightList object
+ # @param privs either a comma-separated list of privileges of a Rights object
def set_privileges(self, privs):
if isinstance(privs, str):
- self.privileges = RightList(string = privs)
+ self.privileges = Rights(string = privs)
else:
self.privileges = privs
##
- # return the privileges as a RightList object
+ # return the privileges as a Rights object
def get_privileges(self):
if not self.privileges:
privStr = dict.get("privileges", None)
if privStr:
- self.privileges = RightList(string = privStr)
+ self.privileges = Rights(string = privStr)
else:
self.privileges = None
def get_auth_info(self, xrn):
hrn, type = urn_to_hrn(xrn)
- sfa_logger.debug("Hierarchy: getting authority: " + hrn)
+ sfa_logger.debug("Hierarchy: xrn=%s, getting authority for hrn=%s"%(xrn,hrn))
if not self.auth_exists(hrn):
raise MissingAuthority(hrn)
#
# Right - represents a single right
#
-# RightList - represents a list of rights
+# Rights - represents a list of rights
#
# A right may allow several different operations. For example, the "info" right
# allows "listslices", "listcomponentresources", etc.
# @param type the type of the object (user | sa | ma | slice | node)
# @param name human readable name of the object (not used at this time)
#
-# @return RightList object containing rights
+# @return Rights object containing rights
def determine_rights(type, name):
- rl = RightList()
+ rl = Rights()
# rights seem to be somewhat redundant with the type of the credential.
# For example, a "sa" credential implies the authority right, because
return True
##
-# A RightList object represents a list of privileges.
+# A Rights object represents a list of privileges.
-class RightList:
+class Rights:
##
# Create a new rightlist object, containing no rights.
#
# @param type the type of the object (user | sa | ma | slice | node)
# @param name human readable name of the object (not used at this time)
#
- # @return RightList object containing rights
+ # @return Rights object containing rights
def determine_rights(self, type, name):
- rl = RightList()
+ rl = Rights()
# rights seem to be somewhat redundant with the type of the credential.
# For example, a "sa" credential implies the authority right, because