Commit 4a27b0ce authored by Leigh B Stoller's avatar Leigh B Stoller

Add an object definition to GeniHRN. I am getting tired of parsing URNs and

picking pieces out, so I added this:

  my $foo = GeniHRN->new("urn:publicid:IDN+emulab.net:testbed+slice+myexp3");

and provides:

  $foo->domain();
  $foo->type();
  $foo->id();
  $foo->urn();

and has a stringify method that returns the urn, so that existing code all
works.

The problem though is the XML::RPC and Frontier libraries provide no hooks
to catch this, and rather then using a stringification, they both convert
all blessed references into structs, and so anyplace that puts a urn into
something to go out on the wire, has to be changed to force to the string.

Damn, how disappointing! So all the code is here but basically disabled
until I find time to go through all the code.
parent 7700c6cf
#!/usr/bin/perl -wT #!/usr/bin/perl -wT
# #
# Copyright (c) 2008-2013 University of Utah and the Flux Group. # Copyright (c) 2008-2015 University of Utah and the Flux Group.
# #
# {{{GENIPUBLIC-LICENSE # {{{GENIPUBLIC-LICENSE
# #
...@@ -162,7 +162,10 @@ sub Lookup($$) ...@@ -162,7 +162,10 @@ sub Lookup($$)
# Get the domain as a convenience. # Get the domain as a convenience.
my ($domain,undef,undef) = GeniHRN::Parse($self->{'AUTHORITY'}->{'urn'}); my ($domain,undef,undef) = GeniHRN::Parse($self->{'AUTHORITY'}->{'urn'});
$self->{'DOMAIN'} = $domain; $self->{'DOMAIN'} = $domain;
# Convert URNs to objects.
$self->{'AUTHORITY'}->{'urnOBJ'} = GeniHRN->new($self->urn());
return $self; return $self;
} }
...@@ -228,6 +231,7 @@ sub expires($) { return field($_[0], "expires"); } ...@@ -228,6 +231,7 @@ sub expires($) { return field($_[0], "expires"); }
sub created($) { return field($_[0], "created"); } sub created($) { return field($_[0], "created"); }
sub uuid_prefix($) { return field($_[0], "uuid_prefix"); } sub uuid_prefix($) { return field($_[0], "uuid_prefix"); }
sub urn($) { return field($_[0], "urn"); } sub urn($) { return field($_[0], "urn"); }
sub urnOBJ($) { return field($_[0], "urnOBJ"); }
sub url($) { return field($_[0], "url"); } sub url($) { return field($_[0], "url"); }
sub hrn($) { return field($_[0], "hrn"); } sub hrn($) { return field($_[0], "hrn"); }
sub type($) { return field($_[0], "type"); } sub type($) { return field($_[0], "type"); }
......
...@@ -3910,10 +3910,6 @@ sub Lockdown($) ...@@ -3910,10 +3910,6 @@ sub Lockdown($)
return $credential return $credential
if (GeniResponse::IsResponse($credential)); if (GeniResponse::IsResponse($credential));
my $user = GeniCM::CreateUserFromCertificate($credential);
return $user
if (GeniResponse::IsResponse($user));
my $authority = GeniCM::CreateAuthorityFromCertificate($credential); my $authority = GeniCM::CreateAuthorityFromCertificate($credential);
return $authority return $authority
if (GeniResponse::IsResponse($authority)); if (GeniResponse::IsResponse($authority));
...@@ -3930,7 +3926,12 @@ sub Lockdown($) ...@@ -3930,7 +3926,12 @@ sub Lockdown($)
return GeniResponse->Create(GENIRESPONSE_FORBIDDEN(), undef, return GeniResponse->Create(GENIRESPONSE_FORBIDDEN(), undef,
"Credential does not match the URN"); "Credential does not match the URN");
} }
if ($slice->creator_urn() ne $user->urn()) { #
# Only the SA for the slice can do this.
#
my $caller = $credential->owner_urnOBJ();
if (! ($caller->IsSA() &&
$caller->domain() eq $slice->urnOBJ()->domain())) {
return GeniResponse->Create(GENIRESPONSE_FORBIDDEN, undef, return GeniResponse->Create(GENIRESPONSE_FORBIDDEN, undef,
"Not enough permission to set/clr lockdown"); "Not enough permission to set/clr lockdown");
} }
......
#!/usr/bin/perl -wT #!/usr/bin/perl -wT
# #
# Copyright (c) 2008-2014 University of Utah and the Flux Group. # Copyright (c) 2008-2015 University of Utah and the Flux Group.
# #
# {{{GENIPUBLIC-LICENSE # {{{GENIPUBLIC-LICENSE
# #
...@@ -42,6 +42,7 @@ use vars qw(@ISA @EXPORT); ...@@ -42,6 +42,7 @@ use vars qw(@ISA @EXPORT);
# Must come after package declaration! # Must come after package declaration!
use GeniDB; use GeniDB;
use GeniResponse; use GeniResponse;
use GeniHRN;
use emutil qw(TBGetUniqueIndex); use emutil qw(TBGetUniqueIndex);
use English; use English;
use XML::Simple; use XML::Simple;
...@@ -114,6 +115,9 @@ sub Lookup($$) ...@@ -114,6 +115,9 @@ sub Lookup($$)
bless($self, $class); bless($self, $class);
my $cert = $self->cert(); my $cert = $self->cert();
# Convert urn to object now.
$self->{'CERT'}->{'urnOBJ'} = GeniHRN->new($self->{'CERT'}->{'urn'});
# Add to cache. # Add to cache.
$certificates{$uuid} = $self; $certificates{$uuid} = $self;
$certificates{$token} = $self $certificates{$token} = $self
...@@ -150,6 +154,7 @@ sub certfile($) { return field($_[0], "certfile"); } ...@@ -150,6 +154,7 @@ sub certfile($) { return field($_[0], "certfile"); }
sub passphrase($) { return undef; } sub passphrase($) { return undef; }
sub uri($) { return field($_[0], "uri"); } sub uri($) { return field($_[0], "uri"); }
sub urn($) { return field($_[0], "urn"); } sub urn($) { return field($_[0], "urn"); }
sub urnOBJ($) { return field($_[0], "urnOBJ"); }
sub rootcert($) { return $_[0]->{'ROOTCERT'}; } sub rootcert($) { return $_[0]->{'ROOTCERT'}; }
sub GetCertificate($) { return $_[0]; } sub GetCertificate($) { return $_[0]; }
...@@ -1236,8 +1241,9 @@ sub VerifyGeniChain($$@) ...@@ -1236,8 +1241,9 @@ sub VerifyGeniChain($$@)
# Wrapper for local users. # Wrapper for local users.
# #
package GeniCertificate::LocalUser; package GeniCertificate::LocalUser;
use GeniHRN;
use English; use English;
use GeniHRN;
use emdb; use emdb;
# #
...@@ -1258,11 +1264,14 @@ sub Create($$) ...@@ -1258,11 +1264,14 @@ sub Create($$)
my $self = {}; my $self = {};
$self->{'CERT'} = $query_result->fetchrow_hashref(); $self->{'CERT'} = $query_result->fetchrow_hashref();
$self->{'CERT'}->{'urn'} = GeniHRN::Generate( $OURDOMAIN, "user", $self->{'CERT'}->{'urn'} = GeniHRN::Generate($OURDOMAIN, "user",
$self->{'CERT'}->{'uid'} ); $self->{'CERT'}->{'uid'});
$self->{'stored'} = 1; $self->{'stored'} = 1;
bless($self, $class); bless($self, $class);
# Convert URNs to objects.
$self->{'CERT'}->{'urnOBJ'} = GeniHRN->new($self->urn());
return $self; return $self;
} }
...@@ -1275,6 +1284,7 @@ sub revoked($) { return field($_[0], "revoked"); } ...@@ -1275,6 +1284,7 @@ sub revoked($) { return field($_[0], "revoked"); }
sub passphrase($) { return field($_[0], "password"); } sub passphrase($) { return field($_[0], "password"); }
sub uri($) { return undef; } sub uri($) { return undef; }
sub urn($) { return field($_[0], "urn"); } sub urn($) { return field($_[0], "urn"); }
sub urnOBJ($) { return field($_[0], "urnOBJ"); }
sub URL($) { return undef; } sub URL($) { return undef; }
sub URN($) { return field($_[0], "urn"); } sub URN($) { return field($_[0], "urn"); }
sub certfile($) { return undef; } sub certfile($) { return undef; }
......
...@@ -33,6 +33,7 @@ use strict; ...@@ -33,6 +33,7 @@ use strict;
use Exporter; use Exporter;
use Carp; use Carp;
use vars qw(@ISA @EXPORT); use vars qw(@ISA @EXPORT);
use overload (fallback => 1, '""' => 'Stringify');
@ISA = "Exporter"; @ISA = "Exporter";
@EXPORT = qw ( ); @EXPORT = qw ( );
...@@ -297,5 +298,50 @@ sub ParseInterface($) ...@@ -297,5 +298,50 @@ sub ParseInterface($)
return ( $authority, $1, $2 ); return ( $authority, $1, $2 );
} }
#
# OO implementation, tired of typing same stuff all the time
#
sub new($$)
{
my ($class, $urn) = @_;
return $urn
if (ref($urn) && ref($urn) eq "GeniHRN");
if (! IsValid($urn)) {
print STDERR "GeniHRN::new: invalid urn $urn\n";
return undef;
}
my ($domain,$type,$id) = GeniHRN::Parse($urn);
my $self = {};
$self->{'urn'} = $urn;
$self->{'domain'} = $domain;
$self->{'type'} = $type;
$self->{'id'} = $id;
bless($self, $class);
return $self;
}
# accessors
sub field($$) { return ($_[0]->{$_[1]}); }
sub urn($) { return field($_[0], "urn"); }
sub asString($) { return $_[0]->urn(); }
sub domain($) { return field($_[0], "domain"); }
sub type($) { return field($_[0], "type"); }
sub id($) { return field($_[0], "id"); }
sub IsAuthority() { return $_[0]->type() =~ /^authority$/i ? 1 : 0; }
sub IsSA($) { return $_[0]->id() =~ /^SA$/i ? 1 : 0; }
sub IsCM($) { return $_[0]->id() =~ /^CM$/i ? 1 : 0; }
#
# Stringify for text context.
#
sub Stringify($)
{
my ($self) = @_;
return $self->{"urn"};
}
# _Always_ make sure that this 1 is at the end of the file... # _Always_ make sure that this 1 is at the end of the file...
1; 1;
...@@ -166,6 +166,11 @@ sub Lookup($$) ...@@ -166,6 +166,11 @@ sub Lookup($$)
$slices{$self->urn()} = $self; $slices{$self->urn()} = $self;
$slices{$self->uuid()} = $self; $slices{$self->uuid()} = $self;
$slices{$self->hrn()} = $self; $slices{$self->hrn()} = $self;
# Convert URNs to objects.
$self->{'SLICE'}->{'creator_urnOBJ'} = GeniHRN->new($self->creator_urn());
$self->{'SLICE'}->{'speaksfor_urnOBJ'} = GeniHRN->new($self->speaksfor_urn())
if (defined($self->speaksfor_urn()));
return $self; return $self;
} }
...@@ -299,6 +304,7 @@ sub uuid($) { return field($_[0], "uuid"); } ...@@ -299,6 +304,7 @@ sub uuid($) { return field($_[0], "uuid"); }
sub publicid($) { return field($_[0], "publicid"); } sub publicid($) { return field($_[0], "publicid"); }
sub creator_uuid($) { return field($_[0], "creator_uuid"); } sub creator_uuid($) { return field($_[0], "creator_uuid"); }
sub creator_urn($) { return field($_[0], "creator_urn"); } sub creator_urn($) { return field($_[0], "creator_urn"); }
sub creator_urnOBJ($) { return field($_[0], "creator_urnOBJ"); }
sub created($) { return field($_[0], "created"); } sub created($) { return field($_[0], "created"); }
sub shutdown($) { return field($_[0], "shutdown"); } sub shutdown($) { return field($_[0], "shutdown"); }
sub isshutdown($) { return field($_[0], "isshutdown"); } sub isshutdown($) { return field($_[0], "isshutdown"); }
...@@ -312,6 +318,7 @@ sub lockdown($) { return field($_[0], "lockdown"); } ...@@ -312,6 +318,7 @@ sub lockdown($) { return field($_[0], "lockdown"); }
sub isplaceholder($) { return field($_[0], "isplaceholder"); } sub isplaceholder($) { return field($_[0], "isplaceholder"); }
sub monitor_pid($) { return field($_[0], "monitor_pid"); } sub monitor_pid($) { return field($_[0], "monitor_pid"); }
sub speaksfor_urn($) { return field($_[0], "speaksfor_urn"); } sub speaksfor_urn($) { return field($_[0], "speaksfor_urn"); }
sub speaksfor_urnOBJ($) { return field($_[0], "speaksfor_urnOBJ"); }
sub speaksfor_uuid($) { return field($_[0], "speaksfor_uuid"); } sub speaksfor_uuid($) { return field($_[0], "speaksfor_uuid"); }
sub expiration_max($) { return field($_[0], "expiration_max"); } sub expiration_max($) { return field($_[0], "expiration_max"); }
sub renew_limit($) { return field($_[0], "renew_limit"); } sub renew_limit($) { return field($_[0], "renew_limit"); }
...@@ -392,6 +399,13 @@ sub urn($) ...@@ -392,6 +399,13 @@ sub urn($)
return $self->uuid(); return $self->uuid();
} }
sub urnOBJ($)
{
my ($self) = @_;
return $self->GetCertificate()->urnOBJ();
}
# #
# Lookup slice by the experiment it is related to. # Lookup slice by the experiment it is related to.
# #
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment