From fd8cac7d5f321443fe93a4f39f3f3e318c1a339c Mon Sep 17 00:00:00 2001
From: Scott Baker <bakers@cs.arizona.edu>
Date: Tue, 23 Sep 2008 05:44:45 +0000
Subject: [PATCH] added redeemticket

---
 registry/registry.py | 88 +++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 87 insertions(+), 1 deletion(-)

diff --git a/registry/registry.py b/registry/registry.py
index 1ab5ef30..976e0657 100644
--- a/registry/registry.py
+++ b/registry/registry.py
@@ -1,6 +1,6 @@
 import tempfile
 import os
-
+import time
 import sys
 
 from cert import *
@@ -12,6 +12,7 @@ from hierarchy import *
 from misc import *
 from record import *
 from genitable import *
+from geniticket import *
 
 def geni_fields_to_pl_fields(type, hrn, geni_fields, pl_fields):
     if type == "user":
@@ -81,6 +82,7 @@ class Registry(GeniServer):
 
     def register_functions(self):
         GeniServer.register_functions(self)
+        # registry interface
         self.server.register_function(self.create_gid)
         self.server.register_function(self.get_self_credential)
         self.server.register_function(self.get_credential)
@@ -90,6 +92,8 @@ class Registry(GeniServer):
         self.server.register_function(self.update)
         self.server.register_function(self.list)
         self.server.register_function(self.resolve)
+        # component interface
+        self.server.register_function(self.get_ticket)
 
     def get_auth_info(self, name):
         return AuthHierarchy.get_auth_info(name)
@@ -418,6 +422,7 @@ class Registry(GeniServer):
         if type == "user":
             rl.add("refresh")
             rl.add("resolve")
+            rl.add("info")
         elif type == "sa":
             rl.add("authority")
         elif type == "ma":
@@ -426,6 +431,7 @@ class Registry(GeniServer):
             rl.add("embed")
             rl.add("bind")
             rl.add("control")
+            rl.add("info")
         elif type == "component":
             rl.add("operator")
 
@@ -514,6 +520,86 @@ class Registry(GeniServer):
 
         return gid.save_to_string(save_parents=True)
 
+    # ------------------------------------------------------------------------
+    # Component Interface
+
+    def record_to_slice_info(self, record):
+
+        # get the user keys from the slice
+        keys = []
+        persons = self.shell.GetPersons(self.pl_auth, record.pl_info['person_ids'])
+        for person in persons:
+            person_keys = self.shell.GetKeys(self.pl_auth, person["key_ids"])
+            for person_key in person_keys:
+                keys = keys + [person_key['key']]
+
+        attributes={}
+        attributes['name'] = record.pl_info['name']
+        attributes['keys'] = keys
+        attributes['instantiation'] = record.pl_info['instantiation']
+        attributes['vref'] = 'default'
+        attributes['timestamp'] = time.time()
+
+        rspec = {}
+
+        # get the PLC attributes and separate them into slice attributes and
+        # rspec attributes
+        filter = {}
+        filter['slice_id'] = record.pl_info['slice_id']
+        plc_attrs = self.shell.GetSliceAttributes(self.pl_auth, filter)
+        for attr in plc_attrs:
+            name = attr['name']
+
+            # initscripts: lookup the contents of the initscript and store it
+            # in the ticket attributes
+            if (name == "initscript"):
+                filter={'name': attr['value']}
+                initscripts = self.shell.GetInitScripts(self.pl_auth, filter)
+                if initscripts:
+                    attributes['initscript'] = initscripts[0]['script']
+            else:
+                rspec[name] = attr['value']
+
+        return (attributes, rspec)
+
+
+    def get_ticket(self, cred, name, rspec):
+        self.decode_authentication(cred, "getticket")
+
+        self.verify_object_belongs_to_me(name)
+
+        self.verify_object_permission(name)
+
+        # XXX much of this code looks like get_credential... are they so similar
+        # that they should be combined?
+
+        auth_hrn = get_authority(name)
+        auth_info = self.get_auth_info(auth_hrn)
+
+        records = self.resolve_raw("slice", name, must_exist=True)
+        record = records[0]
+
+        object_gid = record.get_gid_object()
+        new_ticket = Ticket(subject = object_gid.get_subject())
+        new_ticket.set_gid_caller(self.client_gid)
+        new_ticket.set_gid_object(object_gid)
+        new_ticket.set_issuer(key=auth_info.get_pkey_object(), subject=auth_hrn)
+        new_ticket.set_pubkey(object_gid.get_pubkey())
+
+        self.fill_record_info(record)
+
+        (attributes, rspec) = self.record_to_slice_info(record)
+
+        new_ticket.set_attributes(attributes)
+        new_ticket.set_rspec(rspec)
+
+        new_ticket.set_parent(AuthHierarchy.get_auth_ticket(auth_hrn))
+
+        new_ticket.encode()
+        new_ticket.sign()
+
+        return new_ticket.save_to_string(save_parents=True)
+
 
 if __name__ == "__main__":
     global AuthHierarchy
-- 
2.43.0