handling admin credentials

protogeni/lib/GeniCMV2.pm.in

@@ -571,6 +571,21 @@ sub SliverAction($$$$)
     # For now, only allow top level aggregate or the slice
     #
     my ($slice, $aggregate) = Credential2SliceAggregate($credential);
+    # find out the component manager URN.
+    my $cm_urn = GeniHRN::Generate($OURDOMAIN, "authority", "cm");
+
+    if ((!defined($slice)) && ($credential->target_urn() =~ "+authority+cm")) {
+        # administrative credentials are presented.
+        if ($cm_urn != $credential->target_urn() {
+            return GeniResponse->Create(GENIRESPONSE_FORBIDDEN(), undef,
+		"Credential target does not match CM URN");
+        }
+    	if(!defined($slice_urn)){
+    	    return GeniResponse->MalformedArgsResponse("Missing arguments");
+    	}
+	$slice = GeniSlice->Lookup($slice_urn);
+    }
+
     if (! (defined($slice) && defined($aggregate))) {
 	return GeniResponse->Create(GENIRESPONSE_BADARGS, undef,
 				    "No slice or aggregate here");