Handle foreign URN lookups for all relevant object types.

2c8f6f04 · Gary Wong · 3ba97465 · 2c8f6f04 · 2c8f6f04 · 2c8f6f04
Commit 2c8f6f04 authored Mar 09, 2010 by Gary Wong
--- a/protogeni/lib/GeniAggregate.pm.in
+++ b/protogeni/lib/GeniAggregate.pm.in
@@ -61,7 +61,7 @@ my %aggregates     = ();
 BEGIN { use GeniUtil; GeniUtil::AddCache(\%aggregates); }

 #
-# Lookup by idx, or uuid.
+# Lookup by URN, idx, or uuid.
 #
 sub Lookup($$)
 {
@@ -70,11 +70,26 @@ sub Lookup($$)
    my $idx;

    if (GeniHRN::IsValid($token)) {
-	return undef if !GeniHRN::Authoritative($token, "@OURDOMAIN@");
-
 	my ($authority, $type, $id) = GeniHRN::Parse($token);
 	return undef if $type ne "sliver";
-	$idx = $id;
+
+	if( GeniHRN::Authoritative($token, "@OURDOMAIN@") ) {
+	    # Very simple: we put the index of our own aggregates right
+	    # in the name.
+	    $idx = $id;
+	} else {
+	    # Look up the aggregate's certificate.
+	    $token = GeniHRN::Normalise( $token );
+	    $query_result = DBQueryWarn(
+		"SELECT geni_aggregates.idx FROM geni_aggregates, " .
+		"geni_certificates WHERE geni_aggregates.uuid = " .
+		"geni_certificates.uuid AND " .
+		"geni_certificates.urn='$token';" );
+
+	    return undef if (! $query_result || !$query_result->numrows);
+
+	    ($idx) = $query_result->fetchrow_array();
+	}
    }
    elsif ($token =~ /^\d+$/) {
 	$idx = $token;

--- a/protogeni/lib/GeniRegistry.pm.in
+++ b/protogeni/lib/GeniRegistry.pm.in
@@ -34,7 +34,7 @@ use Data::Dumper;
 use overload ('""' => 'Stringify');

 #
-# Lookup by idx or uuid.
+# Lookup by URN, idx or uuid.
 #
 sub Lookup($$)
 {
@@ -286,9 +286,8 @@ sub Lookup($$)
    my $idx;

    if( GeniHRN::IsValid( $token ) ) {
-	return undef if !GeniHRN::Authoritative($token, "@OURDOMAIN@");
+	$token = GeniHRN::Normalise( $token );

-	my ($authority, $type, $id) = GeniHRN::Parse($token);
 	return undef if $type ne "sliver";
 	
 	$query_result = 

--- a/protogeni/lib/GeniSliver.pm.in
+++ b/protogeni/lib/GeniSliver.pm.in
@@ -57,7 +57,7 @@ my %slivers      = ();
 BEGIN { use GeniUtil; GeniUtil::AddCache(\%slivers); }

 #
-# Lookup by idx, or uuid.
+# Lookup by URN, idx, or uuid.
 #
 sub Lookup($$)
 {
@@ -66,11 +66,26 @@ sub Lookup($$)
    my $idx;

    if (GeniHRN::IsValid($token)) {
-	return undef if !GeniHRN::Authoritative($token, "@OURDOMAIN@");
-
 	my ($authority, $type, $id) = GeniHRN::Parse($token);
 	return undef if $type ne "sliver";
-	$idx = $id;
+
+	if( GeniHRN::Authoritative($token, "@OURDOMAIN@") ) {
+	    # Very simple: we put the index of our own slivers right
+	    # in the name.
+	    $idx = $id;
+	} else {
+	    # Look up the slivers's certificate.
+	    $token = GeniHRN::Normalise( $token );
+	    $query_result = DBQueryWarn(
+		"SELECT geni_slivers.idx FROM geni_slivers, " .
+		"geni_certificates WHERE geni_slivers.uuid = " .
+		"geni_certificates.uuid AND " .
+		"geni_certificates.urn='$token';" );
+
+	    return undef if (! $query_result || !$query_result->numrows);
+
+	    ($idx) = $query_result->fetchrow_array();
+	}
    }
    elsif ($token =~ /^\d+$/) {
 	$idx = $token;

--- a/protogeni/lib/GeniTicket.pm.in
+++ b/protogeni/lib/GeniTicket.pm.in
@@ -76,6 +76,7 @@ sub Lookup($$)
    my $query_result;

    if (GeniHRN::IsValid($token)) {
+	# We don't attempt to handle tickets for foreign authorities.
 	return undef if !GeniHRN::Authoritative($token, "@OURDOMAIN@");

 	my ($authority, $type, $id) = GeniHRN::Parse($token);

--- a/protogeni/lib/GeniUser.pm.in
+++ b/protogeni/lib/GeniUser.pm.in
@@ -57,7 +57,7 @@ sub mysystem($)
 }

 #
-# Lookup by idx, or uuid.
+# Lookup by URN, idx, or uuid.
 #
 sub Lookup($$;$)
 {
@@ -69,30 +69,40 @@ sub Lookup($$;$)
 	if (!defined($includelocal));

    if( GeniHRN::IsValid( $token ) ) {
-	return undef if !GeniHRN::Authoritative( $token, $OURDOMAIN );
-
+	$token = GeniHRN::Normalise( $token );
 	my ($authority, $type, $id) = GeniHRN::Parse( $token );

 	return undef if $type ne "user";

-	$query_result =
-	    DBQueryWarn("select idx from geni_users ".
-			"where hrn='${PGENIDOMAIN}.$id' and status='active'");
-
-	return undef
-	    if (!$query_result);
-
-	if (!$query_result->numrows) {
-	    return undef
-		if (!$includelocal);
+	if( GeniHRN::Authoritative( $token, "@OURDOMAIN@" ) ) {
+	    # A local name, so look only for local users...
+	    $query_result =
+		DBQueryWarn("select idx from geni_users ".
+			    "where hrn='${PGENIDOMAIN}.$id' " .
+			    "and status='active'");

-	    #
-	    # Check Emulab users table. 
-	    #
-	    my $user = User->Lookup($id);
 	    return undef
-		if (!defined($user));
-	    return GeniUser->CreateFromLocal($user);
+		if (!$query_result);
+
+	    if (!$query_result->numrows) {
+		return undef
+		    if (!$includelocal);
+
+		#
+		# Check Emulab users table. 
+		#
+		my $user = User->Lookup($id);
+		return undef
+		    if (!defined($user));
+		return GeniUser->CreateFromLocal($user);
+	    }
+	} else {
+	    # A foreign name: check against names in certificates.
+	    $query_result = DBQueryWarn(
+		"SELECT geni_users.idx FROM geni_users, geni_certificates " .
+		"WHERE geni_users.uuid = geni_certificates.uuid AND " .
+		"geni_certificates.urn = '$token';" );
+	    return undef unless $query_result and $query_result->numrows;
 	}
 	($idx) = $query_result->fetchrow_array();	
    }