From: Tony Mack Date: Wed, 9 Dec 2009 21:25:29 +0000 (+0000) Subject: no need for get_signed ticket. The aggregagte will sign the ticket with its pkey X-Git-Tag: sfa-0.9-7~167 X-Git-Url: http://git.onelab.eu/?p=sfa.git;a=commitdiff_plain;h=c52f50e9150e322283530abb58106b531e017711 no need for get_signed ticket. The aggregagte will sign the ticket with its pkey --- diff --git a/sfa/methods/__init__.py b/sfa/methods/__init__.py index ad7fe510..f4c1dae1 100644 --- a/sfa/methods/__init__.py +++ b/sfa/methods/__init__.py @@ -13,7 +13,6 @@ get_resources get_self_credential get_slices get_ticket -get_signed_ticket get_trusted_certs list reboot diff --git a/sfa/methods/get_signed_ticket.py b/sfa/methods/get_signed_ticket.py deleted file mode 100644 index b0e9ce6f..00000000 --- a/sfa/methods/get_signed_ticket.py +++ /dev/null @@ -1,72 +0,0 @@ -### $Id: get_ticket.py 15823 2009-11-20 19:45:52Z tmack $ -### $URL: https://svn.planet-lab.org/svn/sfa/trunk/sfa/methods/get_ticket.py $ -import time -from sfa.util.faults import * -from sfa.util.method import Method -from sfa.util.parameter import Parameter, Mixed -from sfa.trust.auth import Auth -from sfa.util.config import Config -from sfa.trust.credential import Credential -from sfa.util.genitable import GeniTable -from sfa.util.sfaticket import SfaTicket -from sfa.plc.slices import Slices - -class get_signed_ticket(Method): - """ - Retrieve a ticket. This operation is currently implemented on PLC - only (see SFA, engineering decisions); it is not implemented on - components. - - The ticket is filled in with information from the PLC database. This - information includes resources, and attributes such as user keys and - initscripts. - - @param cred credential string - @param hrn human readable name (hrn) of slice - @param rspec resource specification string - @param data extra data - - @return the string representation of a signed ticket object - """ - - interfaces = ['registry'] - - accepts = [ - Parameter(str, "Credential string"), - Parameter(str, "human readable name (hrn) of slice"), - Parameter(str, "resource specification string"), - Parameter(dict, "extra data"), - Mixed(Parameter(str, "Request hash"), - Parameter(None, "Request hash not specified")) - ] - - returns = Parameter(str, "String represeneation of a signed ticket object") - - def call(self, cred, hrn, rspec, data, request_hash=None): - self.api.auth.authenticateCred(cred, [cred, hrn, rspec], request_hash) - self.api.auth.check(cred, "signticket") - self.api.auth.verify_object_belongs_to_me(hrn) - self.api.auth.verify_object_permission(hrn) - - # get the record info - table = GeniTable() - records = table.findObjects({'hrn': hrn, 'type': 'slice', 'peer_authority': None}) - if not records: - raise RecordNotFound(hrn) - record = records[0] - auth_hrn = record['authority'] - auth_info = self.api.auth.get_auth_info(auth_hrn) - object_gid = record.get_gid_object() - new_ticket = SfaTicket(subject = object_gid.get_subject()) - new_ticket.set_gid_caller(self.api.auth.client_gid) - new_ticket.set_gid_object(object_gid) - new_ticket.set_issuer(key=auth_info.get_pkey_object(), subject=auth_hrn) - new_ticket.set_pubkey(object_gid.get_pubkey()) - newticket.set_attributes(data) - new_ticket.set_rspec(rspec) - new_ticket.set_parent(self.api.auth.hierarchy.get_auth_ticket(auth_hrn)) - new_ticket.encode() - new_ticket.sign() - - return new_ticket.save_to_string(save_parents=True) -