git://git.onelab.eu
/
sfa.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
c451060
)
only allow authority creds if oject_hrn in pi list
author
Tony Mack
<tmack@cs.princeton.edu>
Mon, 26 Oct 2009 14:16:42 +0000
(14:16 +0000)
committer
Tony Mack
<tmack@cs.princeton.edu>
Mon, 26 Oct 2009 14:16:42 +0000
(14:16 +0000)
sfa/trust/auth.py
patch
|
blob
|
history
diff --git
a/sfa/trust/auth.py
b/sfa/trust/auth.py
index
f3609b3
..
57583e4
100644
(file)
--- a/
sfa/trust/auth.py
+++ b/
sfa/trust/auth.py
@@
-240,11
+240,10
@@
class Auth:
elif type == "authority":
pis = record.get("pi", [])
operators = record.get("operator", [])
- rl.add("authority,sa,ma")
if (cred_object_hrn in pis):
- rl.add("sa")
+ rl.add("
authority,
sa")
if (cred_object_hrn in operators):
- rl.add("ma")
+ rl.add("
authority,
ma")
elif type == "user":
rl.add("refresh")