handling admin credentials.

9b8e1367 · Srikanth · c0cec97b · 9b8e1367 · 9b8e1367
Commit 9b8e1367 authored Mar 09, 2010 by Srikanth
Hide whitespace changes
Inline Side-by-side

Showing with 15 additions and 1 deletion

protogeni/lib/GeniCMV2.pm.in protogeni/lib/GeniCMV2.pm.in +14 -0

protogeni/test/sliveraction.py protogeni/test/sliveraction.py +1 -1

No files found.
--- a/protogeni/lib/GeniCMV2.pm.in
+++ b/protogeni/lib/GeniCMV2.pm.in
@@ -587,6 +587,20 @@ sub SliverAction($$$$$)
    # For now, only allow top level aggregate or the slice
    #
    my ($slice, $aggregate) = Credential2SliceAggregate($credential);
+    # find out the component manager URN.
+    my $cm_urn = GeniHRN::Generate($OURDOMAIN, "authority", "cm");
+
+    if ( (!defined($slice)) && ($credential->target_urn() =~ /\+authority\+cm$/)) {        # administrative credentials are presented.
+        if ($cm_urn != $credential->target_urn()) {
+            return GeniResponse->Create(GENIRESPONSE_FORBIDDEN(), undef,
+    "Credential target does not match CM URN");
+        }
+      if(!defined($slice_urn)){
+          return GeniResponse->MalformedArgsResponse("Missing arguments");
+      }       
+  $slice = GeniSlice->Lookup($slice_urn);
+  $aggregate = GeniAggregate->SliceAggregate($slice);
+    } 
    if (! (defined($slice) && defined($aggregate))) {
 	return GeniResponse->Create(GENIRESPONSE_BADARGS, undef,
 				    "No slice or aggregate here");

--- a/protogeni/test/sliveraction.py
+++ b/protogeni/test/sliveraction.py
@@ -54,7 +54,7 @@ myslice = resolve_slice( SLICENAME, mycredential )
 print "Found the slice, asking for a credential ..."

 if admincredentialfile:
-  f = open( slicecredentialfile )
+  f = open( admincredentialfile )
  slivercred = f.read()
  f.close()
 else: