Changeset e83f2f2 for fedd/federation/protogeni_access.py
- Timestamp:
- Dec 14, 2010 6:58:28 PM (13 years ago)
- Branches:
- axis_example, compt_changes, info-ops, master
- Children:
- c092b7f
- Parents:
- 2627eb3
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
fedd/federation/protogeni_access.py
r2627eb3 re83f2f2 215 215 return (None, None) 216 216 217 def build_access_response(self, alloc_id, services ):217 def build_access_response(self, alloc_id, services, proof): 218 218 """ 219 219 Create the SOAP response. … … 230 230 'fedAttr': [ 231 231 { 'attribute': 'domain', 'value': self.domain } , 232 ] 232 ], 233 'proof': proof.to_dict() 233 234 } 234 235 if self.dragon_endpoint: … … 262 263 263 264 # Request for this fedd 264 found, match, owners = self.lookup_access(req, fid)265 found, match, owners, proof = self.lookup_access(req, fid) 265 266 services, svc_state = self.export_services(req.get('service',[]), 266 267 None, None) … … 288 289 raise service_error(service_error.internal, 289 290 "Can't open %s/%s : %s" % (self.certdir, aid, e)) 290 return self.build_access_response({ 'fedid': allocID }, None )291 return self.build_access_response({ 'fedid': allocID }, None, proof) 291 292 292 293 … … 312 313 313 314 self.log.debug("[access] deallocation requested for %s", aid) 314 if not self.auth.check_attribute(fid, auth_attr): 315 access_ok , proof = self.auth.check_attribute(fid, auth_attr, 316 with_proof=True) 317 if not access_ok: 315 318 self.log.debug("[access] deallocation denied for %s", aid) 316 319 raise service_error(service_error.access, "Access Denied") … … 327 330 self.log.debug("Removing %s" % cf) 328 331 os.remove(cf) 329 return { 'allocID': req['allocID'] }332 return { 'allocID': req['allocID'], 'proof': proof.to_dict() } 330 333 else: 331 334 self.state_lock.release() … … 1251 1254 cpw, alloc_log) 1252 1255 1253 def finalize_experiment(self, topo, nodes, aid, alloc_id ):1256 def finalize_experiment(self, topo, nodes, aid, alloc_id, proof): 1254 1257 # Copy the assigned names into the return topology 1255 1258 rvtopo = topo.clone() … … 1273 1276 'topdldescription': rvtopo.to_dict() }, 1274 1277 'embedding': embedding, 1278 'proof': proof.to_dict(), 1275 1279 } 1276 1280 retval = copy.deepcopy(self.allocation[aid]['started']) … … 1295 1299 aid = "%s" % auth_attr 1296 1300 attrs = req.get('fedAttr', []) 1297 if not self.auth.check_attribute(fid, auth_attr): 1301 access_ok, proof = self.auth.check_attribute(fid, auth_attr, 1302 with_proof=True) 1303 if not access_ok: 1298 1304 raise service_error(service_error.access, "Access denied") 1299 1305 else: … … 1356 1362 1357 1363 if rv: 1358 return self.finalize_experiment(topo, nodes, aid, req['allocID']) 1364 return self.finalize_experiment(topo, nodes, aid, req['allocID'], 1365 proof) 1359 1366 elif err: 1360 1367 raise service_error(service_error.federant, … … 1392 1399 aid = "%s" % auth_attr 1393 1400 attrs = req.get('fedAttr', []) 1394 if not self.auth.check_attribute(fid, auth_attr): 1401 access_ok, proof = self.auth.check_attribute(fid, auth_attr, 1402 with_proof=True) 1403 if not access_ok: 1395 1404 raise service_error(service_error.access, "Access denied") 1396 1405 … … 1419 1428 self.stop_segment(segment_commands, user, staging, slice_cred, 1420 1429 slice_urn, cf, cpw) 1421 return { 'allocID': req['allocID'] }1430 return { 'allocID': req['allocID'], 'proof': proof.to_dict() } 1422 1431 1423 1432 def renew_segment(self, segment_commands, name, scred, slice_urn, interval,
Note: See TracChangeset
for help on using the changeset viewer.