From 92252375682ad2911c25dbbdcc8c64dc92e05326 Mon Sep 17 00:00:00 2001
From: Tony Mack <tmack@paris.CS.Princeton.EDU>
Date: Tue, 9 Aug 2011 11:54:20 -0400
Subject: [PATCH] added SFA_MAX_SLICE_RENEW config option now allows operators
 to configure the maximum amount day a user can extend thier slice

---
 config/default_config.xml  | 6 ++++++
 sfa/methods/RenewSliver.py | 5 +++--
 sfa/util/config.py         | 3 +++
 3 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/config/default_config.xml b/config/default_config.xml
index 35a23ab2..46e734ed 100644
--- a/config/default_config.xml
+++ b/config/default_config.xml
@@ -35,6 +35,12 @@ Thierry Parmentelat
           <value>false</value>
           <description>Flag to turn debug on.</description>
         </variable>
+    
+        <variable id="slice_max_renew" type="boolean">
+          <name>Slice Max Renew</name>
+          <value>60</value>
+          <description>Maximum amout of days a user can extend/renew their slices to</description>
+        </variable>
 
         <variable id="session_key_path" type="string">
             <name>User Session Keys Path </name>
diff --git a/sfa/methods/RenewSliver.py b/sfa/methods/RenewSliver.py
index 6cbde77c..a674b57d 100644
--- a/sfa/methods/RenewSliver.py
+++ b/sfa/methods/RenewSliver.py
@@ -34,10 +34,11 @@ class RenewSliver(Method):
 
         # Validate that the time does not go beyond the credential's expiration time
         requested_time = utcparse(expiration_time)
+        max_renew_days = int(api.config.SFA_MAX_SLICE_RENEW)
         if requested_time > Credential(string=valid_creds[0]).get_expiration():
             raise InsufficientRights('Renewsliver: Credential expires before requested expiration time')
-        if requested_time > datetime.datetime.utcnow() + datetime.timedelta(days=60):
-            raise Exception('Cannot renew > 60 days from now')
+        if requested_time > datetime.datetime.utcnow() + datetime.timedelta(days=max_renew_days):
+            raise Exception('Cannot renew > %s days from now' % max_renew_days)
         manager = self.api.get_interface_manager()
         return manager.RenewSliver(self.api, slice_xrn, valid_creds, expiration_time, call_id)    
     
diff --git a/sfa/util/config.py b/sfa/util/config.py
index 0f513ec0..42d2c87c 100644
--- a/sfa/util/config.py
+++ b/sfa/util/config.py
@@ -69,6 +69,9 @@ class Config:
             if not hasattr(self, 'SFA_CM_TYPE'):
                 self.SFA_COMPONENT_TYPE='pl'
 
+            if not hasattr(self, 'SFA_MAX_SLICE_RENEW'):
+                self.SFA_MAX_SLICE_RENEW=60
+
             # create the data directory if it doesnt exist
             if not os.path.isdir(self.SFA_DATA_DIR):
                 try:
-- 
2.43.0