Changeset 547aa3b for fedd/federation


Ignore:
Timestamp:
Nov 19, 2010 5:56:49 PM (14 years ago)
Author:
Ted Faber <faber@…>
Branches:
axis_example, compt_changes, info-ops, master
Children:
85f5d11
Parents:
66a8e6d
Message:

various fixes to abac tools to work with the new library

File:
1 edited

Legend:

Unmodified
Added
Removed
  • fedd/federation/authorizer.py

    r66a8e6d r547aa3b  
    55from subprocess import call
    66from threading import Lock
     7
     8from string import join
    79
    810from fedid import fedid
     
    200202        if me:
    201203            self.fedid = fedid(file=self.me)
    202             self.context.load_id_file(self.me)
     204            rv = self.context.load_id_file(self.me)
     205            if rv != 0:
     206                raise abac_authorizer.bad_name(
     207                        'Cannot load identity from %s' % me.cert)
    203208        else:
    204209            self.fedid = None
     
    466471        self.lock.release()
    467472
     473    @staticmethod
     474    def encode_credential(c):
     475        return '%s <- %s' % (c.head().string(), c.tail().string())
     476
     477    def get_creds_for_principal(self, fid):
     478        look_for = set(["%s" % fid])
     479        found_attrs = set()
     480        next_look = set()
     481        found = set([])
     482
     483        self.lock.acquire()
     484        while look_for:
     485            for c in self.context.credentials():
     486                tail = c.tail()
     487                # XXX: This needs to be more aggressive for linked stuff
     488                if tail.string() in look_for and c not in found:
     489                    found.add(c)
     490                    next_look.add(c.head().string())
     491
     492            look_for = next_look
     493            next_look = set()
     494       
     495        return found
     496
    468497    def __str__(self):
    469         def encode_role(r):
    470             if r.is_principal():
    471                 return "%s" % r.principal()
    472             elif r.is_role():
    473                 return "%s.%s" % (r.principal(), r.role_name())
    474             elif r.is_linking():
    475                 return "%s.%s.%s" % \
    476                         (r.principal(), r.linking_role(), r.role_name())
    477498
    478499        self.lock.acquire()
    479500        rv = "%s" % self.fedid
    480         for c in self.context.credentials():
    481             rv += '\n%s <- %s' % (encode_role(c.head()), encode_role(c.tail()))
     501        rv += join([abac_authorizer.encode_credential(c)
     502            for c in self.context.credentials()], '\n');
    482503        self.lock.release()
    483504        return rv
Note: See TracChangeset for help on using the changeset viewer.