modified sfa.manager.registry_manager.RegistryManager.GetCredential(), replaced boole...
Tony Mack [Mon, 27 Feb 2012 21:02:31 +0000 (16:02 -0500)]
sfa/managers/registry_manager.py
sfa/managers/registry_manager_openstack.py
sfa/methods/GetCredential.py
sfa/methods/GetSelfCredential.py

index 331a0f9..db4348d 100644 (file)
@@ -37,7 +37,7 @@ class RegistryManager:
                              'urn':xrn.get_urn(),
                              'peers':peers})
     
-    def GetCredential(self, api, xrn, type, is_self=False):
+    def GetCredential(self, api, xrn, type, caller_xrn=None):
         # convert xrn to hrn     
         if type:
             hrn = urn_to_hrn(xrn)[0]
@@ -63,14 +63,20 @@ class RegistryManager:
               raise AccountNotEnabled(": PlanetLab account %s is not enabled. Please contact your site PI" %(record.email))
     
         # get the callers gid
-        # if this is a self cred the record's gid is the caller's gid
-        if is_self:
+        # if caller_xrn is not specified assume the caller is the record
+        # object itself.
+        if not caller_xrn:
             caller_hrn = hrn
             caller_gid = record.get_gid_object()
         else:
-            caller_gid = api.auth.client_cred.get_gid_caller() 
-            caller_hrn = caller_gid.get_hrn()
-        
+            caller_hrn, caller_type = urn_to_hrn(caller_xrn)
+            caller_record = dbsession.query(RegRecord).filter_by(hrn=caller_hrn).first()
+            if caller_type:
+                caller_record = caller_record.filter_by(type=caller_type)
+            if not caller_record:
+                raise RecordNotFound("Unable to associated caller (hrn=%s, type=%s) with credential for (hrn: %s, type: %s)"%(caller_hrn, caller_type, hrn, type))
+            caller_gid = GID(string=caller_record.gid)
         object_hrn = record.get_gid_object().get_hrn()
         rights = api.auth.determine_user_rights(caller_hrn, record.__dict__)
         # make sure caller has rights to this object
index 6e210fa..c940e15 100644 (file)
@@ -25,7 +25,7 @@ from sfa.managers.registry_manager import RegistryManager
 
 class RegistryManager(RegistryManager):
 
-    def GetCredential(self, api, xrn, type, is_self=False):
+    def GetCredential(self, api, xrn, type, caller_xrn = None):
         # convert xrn to hrn     
         if type:
             hrn = urn_to_hrn(xrn)[0]
@@ -38,7 +38,9 @@ class RegistryManager(RegistryManager):
             auth_hrn = hrn
         auth_info = api.auth.get_auth_info(auth_hrn)
         # get record info
-        record=dbsession.query(RegRecord).filter_by(type=type,hrn=hrn).first()
+        record=dbsession.query(RegRecord).filter_by(hrn=hrn).first()
+        if type:
+            record = record.filter_by(type=type)
         if not record:
             raise RecordNotFound("hrn=%s, type=%s"%(hrn,type))
     
@@ -51,13 +53,19 @@ class RegistryManager(RegistryManager):
               raise AccountNotEnabled(": PlanetLab account %s is not enabled. Please contact your site PI" %(record.email))
     
         # get the callers gid
-        # if this is a self cred the record's gid is the caller's gid
-        if is_self:
+        # if caller_xrn is not specified assume the caller is the record
+        # object itself.  
+        if not caller_xrn:
             caller_hrn = hrn
             caller_gid = record.get_gid_object()
         else:
-            caller_gid = api.auth.client_cred.get_gid_caller() 
-            caller_hrn = caller_gid.get_hrn()
+            caller_hrn, caller_type = urn_to_hrn(caller_xrn)
+            caller_record = dbsession.query(RegRecord).filter_by(hrn=caller_hrn).first()
+            if caller_type:
+                caller_record = caller_record.filter_by(type=caller_type)
+            if not caller_record:
+                raise RecordNotFound("Unable to associated caller (hrn=%s, type=%s) with credential for (hrn: %s, type: %s)"%(caller_hrn, caller_type, hrn, type))
+            caller_gid = GID(string=caller_record.gid) 
         
         object_hrn = record.get_gid_object().get_hrn()
         rights = api.auth.determine_user_rights(caller_hrn, record.__dict__)
index 50525c2..f5344a2 100644 (file)
@@ -44,5 +44,5 @@ class GetCredential(Method):
         origin_hrn = Credential(string=valid_creds[0]).get_gid_caller().get_hrn()
         self.api.logger.info("interface: %s\tcaller-hrn: %s\ttarget-hrn: %s\tmethod-name: %s"%(self.api.interface, origin_hrn, hrn, self.name))        
 
-        return self.api.manager.GetCredential(self.api, xrn, type)
+        return self.api.manager.GetCredential(self.api, xrn, self.api.auth.client_gid.get_urn())
 
index 073ae94..c67bf4b 100644 (file)
@@ -84,4 +84,4 @@ class GetSelfCredential(Method):
                     self.api.logger.debug("ConnectionKeyGIDMismatch, %s filename: %s"%(name,obj.filename))
             raise ConnectionKeyGIDMismatch(gid.get_subject())
         
-        return self.api.manager.GetCredential(self.api, xrn, type, is_self=True)
+        return self.api.manager.GetCredential(self.api, xrn, type)