Commit 277f4a62 authored by Gary Wong's avatar Gary Wong

Revert "Merged Srikanth's CM admin credential changes."

This reverts commit dfaa3bc2.
parent d56c536f
......@@ -558,7 +558,6 @@ sub SliverAction($$$$)
(defined($slice_urn) || defined($sliver_urns)))) {
return GeniResponse->MalformedArgsResponse("Missing arguments");
}
my $credential = CheckCredentials($credentials);
return $credential
if (GeniResponse::IsResponse($credential));
......@@ -572,21 +571,6 @@ sub SliverAction($$$$)
# For now, only allow top level aggregate or the slice
#
my ($slice, $aggregate) = Credential2SliceAggregate($credential);
# find out the component manager URN.
my $cm_urn = GeniHRN::Generate($OURDOMAIN, "authority", "cm");
if ((!defined($slice)) && ($credential->target_urn() =~ "+authority+cm")) {
# administrative credentials are presented.
if ($cm_urn != $credential->target_urn() {
return GeniResponse->Create(GENIRESPONSE_FORBIDDEN(), undef,
"Credential target does not match CM URN");
}
if(!defined($slice_urn)){
return GeniResponse->MalformedArgsResponse("Missing arguments");
}
$slice = GeniSlice->Lookup($slice_urn);
}
if (! (defined($slice) && defined($aggregate))) {
return GeniResponse->Create(GENIRESPONSE_BADARGS, undef,
"No slice or aggregate here");
......
#!/usr/bin/perl -wT
#
# GENIPUBLIC-COPYRIGHT
# Copyright (c) 2008-2009 University of Utah and the Flux Group.
# All rights reserved.
#
use strict;
use Exporter;
use vars qw(@ISA @EXPORT);
@ISA = "Exporter";
@EXPORT = qw ( );
use GeniCredential;
use GeniCertificate;
use GeniAuthority;
use GeniHRN;
use GeniResponse;
use GeniUser;
sub CreateAdminCredential()
{
my $owner_urn = shift;
my $target_cm_urn = shift;
#
# Must be an emulab user who is talking to us.
# If any of the URN specified is invalid do not accept.
if (! (GeniHRN::IsValid($owner_urn) && GeniHRN::IsValid($target_cm_urn))) {
return GeniResponse->MalformedArgsResponse();
}
my $geniuser = GeniUser->Lookup($owner_urn);
if (!defined($geniuser)) {
return GeniResponse->Create(GENIRESPONSE_FORBIDDEN,
undef, "Who are you?");
}
my $authority = GeniAuthority->Lookup($target_cm_urn);
if (!defined($authority)) {
print STDERR "Could not find local authority object for $target_cm_urn\n";
return GeniResponse->Create(GENIRESPONSE_ERROR);
}
my $credential =
GeniCredential->CreateSigned($authority,
$geniuser,
$GeniCredential::LOCALSA_FLAG);
return GeniResponse->Create(GENIRESPONSE_ERROR)
if (!defined($credential));
return GeniResponse->Create(GENIRESPONSE_SUCCESS,
$credential->asString());
}
print CreateAdminCredential @ARGV
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment