Commit 4a27b0ce authored by Leigh Stoller's avatar Leigh Stoller

Add an object definition to GeniHRN. I am getting tired of parsing URNs and

picking pieces out, so I added this:

  my $foo = GeniHRN->new("urn:publicid:IDN+emulab.net:testbed+slice+myexp3");

and provides:

  $foo->domain();
  $foo->type();
  $foo->id();
  $foo->urn();

and has a stringify method that returns the urn, so that existing code all
works.

The problem though is the XML::RPC and Frontier libraries provide no hooks
to catch this, and rather then using a stringification, they both convert
all blessed references into structs, and so anyplace that puts a urn into
something to go out on the wire, has to be changed to force to the string.

Damn, how disappointing! So all the code is here but basically disabled
until I find time to go through all the code.
parent 7700c6cf
#!/usr/bin/perl -wT
#
# Copyright (c) 2008-2013 University of Utah and the Flux Group.
# Copyright (c) 2008-2015 University of Utah and the Flux Group.
#
# {{{GENIPUBLIC-LICENSE
#
......@@ -162,7 +162,10 @@ sub Lookup($$)
# Get the domain as a convenience.
my ($domain,undef,undef) = GeniHRN::Parse($self->{'AUTHORITY'}->{'urn'});
$self->{'DOMAIN'} = $domain;
# Convert URNs to objects.
$self->{'AUTHORITY'}->{'urnOBJ'} = GeniHRN->new($self->urn());
return $self;
}
......@@ -228,6 +231,7 @@ sub expires($) { return field($_[0], "expires"); }
sub created($) { return field($_[0], "created"); }
sub uuid_prefix($) { return field($_[0], "uuid_prefix"); }
sub urn($) { return field($_[0], "urn"); }
sub urnOBJ($) { return field($_[0], "urnOBJ"); }
sub url($) { return field($_[0], "url"); }
sub hrn($) { return field($_[0], "hrn"); }
sub type($) { return field($_[0], "type"); }
......
......@@ -3910,10 +3910,6 @@ sub Lockdown($)
return $credential
if (GeniResponse::IsResponse($credential));
my $user = GeniCM::CreateUserFromCertificate($credential);
return $user
if (GeniResponse::IsResponse($user));
my $authority = GeniCM::CreateAuthorityFromCertificate($credential);
return $authority
if (GeniResponse::IsResponse($authority));
......@@ -3930,7 +3926,12 @@ sub Lockdown($)
return GeniResponse->Create(GENIRESPONSE_FORBIDDEN(), undef,
"Credential does not match the URN");
}
if ($slice->creator_urn() ne $user->urn()) {
#
# Only the SA for the slice can do this.
#
my $caller = $credential->owner_urnOBJ();
if (! ($caller->IsSA() &&
$caller->domain() eq $slice->urnOBJ()->domain())) {
return GeniResponse->Create(GENIRESPONSE_FORBIDDEN, undef,
"Not enough permission to set/clr lockdown");
}
......
#!/usr/bin/perl -wT
#
# Copyright (c) 2008-2014 University of Utah and the Flux Group.
# Copyright (c) 2008-2015 University of Utah and the Flux Group.
#
# {{{GENIPUBLIC-LICENSE
#
......@@ -42,6 +42,7 @@ use vars qw(@ISA @EXPORT);
# Must come after package declaration!
use GeniDB;
use GeniResponse;
use GeniHRN;
use emutil qw(TBGetUniqueIndex);
use English;
use XML::Simple;
......@@ -114,6 +115,9 @@ sub Lookup($$)
bless($self, $class);
my $cert = $self->cert();
# Convert urn to object now.
$self->{'CERT'}->{'urnOBJ'} = GeniHRN->new($self->{'CERT'}->{'urn'});
# Add to cache.
$certificates{$uuid} = $self;
$certificates{$token} = $self
......@@ -150,6 +154,7 @@ sub certfile($) { return field($_[0], "certfile"); }
sub passphrase($) { return undef; }
sub uri($) { return field($_[0], "uri"); }
sub urn($) { return field($_[0], "urn"); }
sub urnOBJ($) { return field($_[0], "urnOBJ"); }
sub rootcert($) { return $_[0]->{'ROOTCERT'}; }
sub GetCertificate($) { return $_[0]; }
......@@ -1236,8 +1241,9 @@ sub VerifyGeniChain($$@)
# Wrapper for local users.
#
package GeniCertificate::LocalUser;
use GeniHRN;
use English;
use GeniHRN;
use emdb;
#
......@@ -1258,11 +1264,14 @@ sub Create($$)
my $self = {};
$self->{'CERT'} = $query_result->fetchrow_hashref();
$self->{'CERT'}->{'urn'} = GeniHRN::Generate( $OURDOMAIN, "user",
$self->{'CERT'}->{'uid'} );
$self->{'CERT'}->{'urn'} = GeniHRN::Generate($OURDOMAIN, "user",
$self->{'CERT'}->{'uid'});
$self->{'stored'} = 1;
bless($self, $class);
# Convert URNs to objects.
$self->{'CERT'}->{'urnOBJ'} = GeniHRN->new($self->urn());
return $self;
}
......@@ -1275,6 +1284,7 @@ sub revoked($) { return field($_[0], "revoked"); }
sub passphrase($) { return field($_[0], "password"); }
sub uri($) { return undef; }
sub urn($) { return field($_[0], "urn"); }
sub urnOBJ($) { return field($_[0], "urnOBJ"); }
sub URL($) { return undef; }
sub URN($) { return field($_[0], "urn"); }
sub certfile($) { return undef; }
......
......@@ -33,6 +33,7 @@ use strict;
use Exporter;
use Carp;
use vars qw(@ISA @EXPORT);
use overload (fallback => 1, '""' => 'Stringify');
@ISA = "Exporter";
@EXPORT = qw ( );
......@@ -297,5 +298,50 @@ sub ParseInterface($)
return ( $authority, $1, $2 );
}
#
# OO implementation, tired of typing same stuff all the time
#
sub new($$)
{
my ($class, $urn) = @_;
return $urn
if (ref($urn) && ref($urn) eq "GeniHRN");
if (! IsValid($urn)) {
print STDERR "GeniHRN::new: invalid urn $urn\n";
return undef;
}
my ($domain,$type,$id) = GeniHRN::Parse($urn);
my $self = {};
$self->{'urn'} = $urn;
$self->{'domain'} = $domain;
$self->{'type'} = $type;
$self->{'id'} = $id;
bless($self, $class);
return $self;
}
# accessors
sub field($$) { return ($_[0]->{$_[1]}); }
sub urn($) { return field($_[0], "urn"); }
sub asString($) { return $_[0]->urn(); }
sub domain($) { return field($_[0], "domain"); }
sub type($) { return field($_[0], "type"); }
sub id($) { return field($_[0], "id"); }
sub IsAuthority() { return $_[0]->type() =~ /^authority$/i ? 1 : 0; }
sub IsSA($) { return $_[0]->id() =~ /^SA$/i ? 1 : 0; }
sub IsCM($) { return $_[0]->id() =~ /^CM$/i ? 1 : 0; }
#
# Stringify for text context.
#
sub Stringify($)
{
my ($self) = @_;
return $self->{"urn"};
}
# _Always_ make sure that this 1 is at the end of the file...
1;
......@@ -166,6 +166,11 @@ sub Lookup($$)
$slices{$self->urn()} = $self;
$slices{$self->uuid()} = $self;
$slices{$self->hrn()} = $self;
# Convert URNs to objects.
$self->{'SLICE'}->{'creator_urnOBJ'} = GeniHRN->new($self->creator_urn());
$self->{'SLICE'}->{'speaksfor_urnOBJ'} = GeniHRN->new($self->speaksfor_urn())
if (defined($self->speaksfor_urn()));
return $self;
}
......@@ -299,6 +304,7 @@ sub uuid($) { return field($_[0], "uuid"); }
sub publicid($) { return field($_[0], "publicid"); }
sub creator_uuid($) { return field($_[0], "creator_uuid"); }
sub creator_urn($) { return field($_[0], "creator_urn"); }
sub creator_urnOBJ($) { return field($_[0], "creator_urnOBJ"); }
sub created($) { return field($_[0], "created"); }
sub shutdown($) { return field($_[0], "shutdown"); }
sub isshutdown($) { return field($_[0], "isshutdown"); }
......@@ -312,6 +318,7 @@ sub lockdown($) { return field($_[0], "lockdown"); }
sub isplaceholder($) { return field($_[0], "isplaceholder"); }
sub monitor_pid($) { return field($_[0], "monitor_pid"); }
sub speaksfor_urn($) { return field($_[0], "speaksfor_urn"); }
sub speaksfor_urnOBJ($) { return field($_[0], "speaksfor_urnOBJ"); }
sub speaksfor_uuid($) { return field($_[0], "speaksfor_uuid"); }
sub expiration_max($) { return field($_[0], "expiration_max"); }
sub renew_limit($) { return field($_[0], "renew_limit"); }
......@@ -392,6 +399,13 @@ sub urn($)
return $self->uuid();
}
sub urnOBJ($)
{
my ($self) = @_;
return $self->GetCertificate()->urnOBJ();
}
#
# Lookup slice by the experiment it is related to.
#
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment