Changeset 09b1e9d for fedd/federation


Ignore:
Timestamp:
Sep 22, 2010 6:26:04 PM (14 years ago)
Author:
Ted Faber <faber@…>
Branches:
axis_example, compt_changes, info-ops, master
Children:
7206e5a
Parents:
71461a4
Message:

Cleaner save format

File:
1 edited

Legend:

Unmodified
Added
Removed
  • fedd/federation/authorizer.py

    r71461a4 r09b1e9d  
    88from fedid import fedid
    99from remote_service import service_caller
    10 from abac_remote_service import abac_service_caller
    1110from service_error import service_error
    1211
     
    185184    clean_attr_re = re.compile('[^A-Za-z_]+')
    186185    cred_file_re = re.compile('.*\.der$')
     186    bad_name = authorizer_base.bad_name
     187    attribute_error = authorizer_base.attribute_error
    187188    ABAC.libabac_init()
    188189
    189190    def __init__(self, certs=None, me=None, key=None, loadfile=None):
    190         self.bad_name = authorizer_base.bad_name
    191         self.attribute_error = authorizer_base.attribute_error
    192191        self.creddy = '/usr/local/bin/creddy'
    193192        self.globals = set()
     
    199198            self.fedid = fedid(file=self.me)
    200199            self.context.load_id_file(self.me)
     200        else:
     201            self.fedid = None
    201202
    202203        if isinstance(certs, basestring):
     
    216217        if name and attr:
    217218            if isinstance(name, tuple):
    218                 raise self.bad_name("ABAC doesn't understand three-names")
     219                raise abac_authorizer.bad_name(
     220                        "ABAC doesn't understand three-names")
    219221            if self.me and self.key:
    220222                # Create a credential and insert it into context
     
    225227                    os.close(f)
    226228                except EnvironmentError, e:
    227                     raise self.attribute_error(
     229                    raise abac_authorizer.attribute_error(
    228230                            "Cannot create temp file: %s" %e)
    229231
     
    241243                else:
    242244                    os.unlink(fn)
    243                     raise self.attribute_error("creddy returned %s" % rv)
     245                    raise abac_authorizer.attribute_error(
     246                            "creddy returned %s" % rv)
    244247            else:
    245                 raise self.attribute_error(
     248                raise abac_authorizer.attribute_error(
    246249                        "Identity and key not specified on creation")
    247250        elif cert:
     
    251254            self.lock.release()
    252255        else:
    253             raise self.attribute_error("Neither name/attr nor cert is set")
     256            raise abac_authorizer.attribute_error(
     257                    "Neither name/attr nor cert is set")
    254258
    255259    def unset_attribute(self, name, attr):
    256260        if isinstance(name, tuple):
    257             raise self.bad_name("ABAC doesn't understand three-names")
     261            raise abac_authorizer.bad_name(
     262                    "ABAC doesn't understand three-names")
    258263        cattr = self.clean_attr(attr)
    259264        self.lock.acquire()
     
    281286        # XXX proof soon
    282287        if isinstance(name, tuple):
    283             raise self.bad_name("ABAC doesn't understand three-names")
     288            raise abac_authorizer.bad_name(
     289                    "ABAC doesn't understand three-names")
    284290        else:
    285291            # Naked attributes are attested by this principal
     
    329335            if not os.access(dir, os.F_OK):
    330336                os.mkdir(dir)
    331 
    332             f = open("%s/globals" % dir, "w")
    333             pickle.dump(self.globals, f)
     337            # These are unpicklable, so set them aside
     338            context = self.context
     339            lock = self.lock
     340            self.context = None
     341            self.lock = None
     342
     343            f = open("%s/state" % dir, "w")
     344            pickle.dump(self, f)
    334345            f.close()
    335346
    336             if self.me and self.key:
    337                 f = open("%s/me" % dir, "w")
    338                 pickle.dump(self.me, f)
    339                 f.close()
    340                 f = open("%s/key" % dir, "w")
    341                 pickle.dump(self.key, f)
    342                 f.close()
    343347            if not os.access("%s/certs" %dir, os.F_OK):
    344348                os.mkdir("%s/certs" % dir)
    345349            seenit = set()
     350
     351            #restore unpicklable state
     352            self.context = context
     353            self.lock = lock
    346354            #remove old certs
    347355            for fn in [ f for f in os.listdir("%s/certs" % dir) \
     
    367375                    ai += 1
    368376        except EnvironmentError, e:
    369             self.lock.release()
     377            # If we've mislaid self.lock, release lock (they're the same object)
     378            if self.lock: self.lock.release()
     379            elif lock: lock.release()
    370380            raise e
    371381        except pickle.PickleError, e:
    372             self.lock.release()
     382            # If we've mislaid self.lock, release lock (they're the same object)
     383            if self.lock: self.lock.release()
     384            elif lock: lock.release()
    373385            raise e
    374386        self.lock.release()
     
    377389        self.lock.acquire()
    378390        try:
    379             if os.access("%s/me" % dir, os.R_OK):
    380                 f = open("%s/me" % dir, "r")
    381                 self.me = pickle.load(f)
     391            if os.access("%s/state" % dir, os.R_OK):
     392                f = open("%s/state" % dir, "r")
     393                st = pickle.load(f)
    382394                f.close()
    383                 if self.me:
    384                     self.fedid = fedid(file=self.me)
    385             else:
    386                 self.me = None
    387             if os.access("%s/key" % dir, os.R_OK):
    388                 f = open("%s/key" % dir, "r")
    389                 self.key = pickle.load(f)
    390                 f.close()
    391             else:
    392                 self.key = None
    393             f = open("%s/globals" % dir, "r")
    394             self.globals = pickle.load(f)
    395             f.close()
     395                # Cpoy the useful attributes from the pickled state
     396                for a in ('globals', 'key', 'me', 'cert', 'fedid'):
     397                    setattr(self, a, getattr(st, a, None))
     398
     399            # Initialize the new context with the new identity
    396400            self.context = ABAC.Context()
     401            if self.me:
     402                self.context.load_id_file(self.me)
    397403            self.context.load_directory("%s/certs" % dir)
    398404        except EnvironmentError, e:
Note: See TracChangeset for help on using the changeset viewer.