Commit a8018a42 authored by Leigh Stoller's avatar Leigh Stoller

Oh, I figure its time to checkpoint ...

parent 085fabba
......@@ -13,24 +13,31 @@ include $(OBJDIR)/Makeconf
LIB_SCRIPTS = GeniDB.pm GeniUser.pm GeniSAClient.pm \
GeniSlice.pm GeniSA.pm GeniCM.pm GeniCMClient.pm \
test.pl GeniTicket.pm GeniSliver.pm GeniCredential.pm \
GeniTicket.pm GeniSliver.pm GeniCredential.pm \
GeniComponent.pm GeniCH.pm GeniCHClient.pm GeniEmulab.pm \
GeniAuthority.pm GeniCertificate.pm GeniAggregate.pm \
node.pl
GeniAuthority.pm GeniCertificate.pm GeniAggregate.pm
SCRIPTS = test.pl node.pl test2.pl addauthority
OPS_LIBS = GeniCMClient.pm GeniSAClient.pm GeniCHClient.pm
#
# Force dependencies on the scripts so that they will be rerun through
# configure if the .in file is changed.
#
all: $(LIB_SCRIPTS)
all: $(LIB_SCRIPTS) $(SCRIPTS)
include $(TESTBED_SRCDIR)/GNUmakerules
install: $(addprefix $(INSTALL_LIBDIR)/, $(LIB_SCRIPTS))
install: $(addprefix $(INSTALL_LIBDIR)/, $(LIB_SCRIPTS)) \
$(addprefix $(INSTALL_DIR)/opsdir/lib/, $(OPS_LIBS))
control-install:
clean:
rm -f *.o core $(LIB_SCRIPTS)
$(INSTALL_DIR)/opsdir/lib/%: %
@echo "Installing $<"
-mkdir -p $(INSTALL_DIR)/opsdir/lib
$(INSTALL) $< $@
......@@ -493,7 +493,6 @@ use vars qw(@ISA);
@ISA = "GeniAggregate";
use GeniDB;
use GeniComponent;
use GeniSlice;
use GeniCredential;
use GeniCertificate;
......@@ -617,6 +616,33 @@ sub UnProvision($)
return 0;
}
#
# Nothing to do yet.
#
sub Start($)
{
my ($self) = @_;
return -1
if (! ref($self));
return 0;
}
#
# Nothing to do yet.
#
sub Stop($)
{
my ($self) = @_;
return -1
if (! ref($self));
return 0;
}
# _Always_ make sure that this 1 is at the end of the file...
1;
......@@ -52,13 +52,22 @@ sub Lookup($$)
}
elsif ($token =~ /^\w+\-\w+\-\w+\-\w+\-\w+$/) {
$query_result =
DBQueryWarn("select idx from geni_sliceauthorities ".
DBQueryWarn("select idx from geni_authorities ".
"where uuid='$token'");
return undef
if (! $query_result || !$query_result->numrows);
($idx) = $query_result->fetchrow_array();
}
elsif ($token =~ /^[\w\.]*$/) {
$query_result =
DBQueryWarn("select idx from geni_authorities ".
"where hrn='$token'");
return undef
if (! $query_result || !$query_result->numrows);
($idx) = $query_result->fetchrow_array();
}
else {
return undef;
}
......@@ -67,7 +76,7 @@ sub Lookup($$)
if (exists($authorities{"$idx"}));
$query_result =
DBQueryWarn("select * from geni_sliceauthorities where idx='$idx'");
DBQueryWarn("select * from geni_authorities where idx='$idx'");
return undef
if (!$query_result || !$query_result->numrows);
......@@ -80,14 +89,12 @@ sub Lookup($$)
# Grab the certificate, since we will probably want it.
#
my $uuid = $self->{'AUTHORITY'}->{'uuid'};
$query_result = DBQueryWarn("select cert from geni_certificates ".
"where uuid='$uuid'");
if (!$query_result || !$query_result->numrows) {
my $certificate = GeniCertificate->Lookup($uuid);
if (!defined($certificate)) {
print STDERR "Could not find certificate for authority $idx\n";
return undef;
}
my ($cert) = $query_result->fetchrow_array();
$self->{'AUTHORITY'}->{'cert'} = $cert;
$self->{'CERT'} = $certificate;
# Add to cache.
$authorities{$self->{'AUTHORITY'}->{'idx'}} = $self;
......@@ -113,7 +120,7 @@ sub Stringify($)
#
sub Create($$$$$$)
{
my ($class, $uuid, $hrn, $url, $cert, $prefix) = @_;
my ($class, $uuid, $hrn, $url, $cert, $prefix, $type) = @_;
my @insert_data = ();
my $idx = TBGetUniqueIndex('next_authority', 1);
......@@ -123,6 +130,7 @@ sub Create($$$$$$)
my $safe_uuid = DBQuoteSpecial($uuid);
my $safe_cert = DBQuoteSpecial($cert);
my $safe_prefix = DBQuoteSpecial($prefix);
my $safe_type = DBQuoteSpecial($type);
# Now tack on other stuff we need.
push(@insert_data, "created=now()");
......@@ -131,16 +139,17 @@ sub Create($$$$$$)
push(@insert_data, "url=$safe_url");
push(@insert_data, "uuid=$safe_uuid");
push(@insert_data, "uuid_prefix=$safe_prefix");
push(@insert_data, "type=$safe_type");
# Insert into DB.
DBQueryWarn("replace into geni_sliceauthorities set " .
DBQueryWarn("replace into geni_authorities set " .
join(",", @insert_data))
or return undef;
# Insert the certificate.
if (!DBQueryWarn("replace into geni_certificates set ".
" uuid=$safe_uuid, cert=$safe_cert")) {
DBQueryWarn("delete from geni_sliceauthorities where idx='$idx'");
DBQueryWarn("delete from geni_authorities where idx='$idx'");
return undef;
}
......@@ -153,7 +162,9 @@ sub uuid($) { return field($_[0], "uuid"); }
sub uuid_prefix($) { return field($_[0], "uuid_prefix"); }
sub url($) { return field($_[0], "url"); }
sub hrn($) { return field($_[0], "hrn"); }
sub cert($) { return field($_[0], "cert"); }
sub type($) { return field($_[0], "type"); }
sub cert($) { return $_[0]->{'CERT'}->cert(); }
sub GetCertificate($) { return $_[0]->{'CERT'}; }
#
# Does the uuid prefix match.
......
......@@ -39,280 +39,438 @@ my $TBAUDIT = "@TBAUDITEMAIL@";
my $BOSSNODE = "@BOSSNODE@";
my $OURDOMAIN = "@OURDOMAIN@";
##
# Lookup a UUID and return a blob of stuff. We allow lookups of both
# users and slices, which is what we allow clients to register.
#
# XXX Not looking at credentials yet, although I think that anyone should
# be able to lookup uuids if they have a valid certificate signed by an SA.
# Get a credential to use the ClearingHouse. For the moment, the initial
# credential will be provided to callers with the proper certificate, which
# means just SAs/CMs that we know about via the ssl certificate used to
# connect to us.
#
sub LookupUser($)
sub GetCredential($)
{
my ($argref) = @_;
my $uuid = $argref->{'uuid'};
my $cred = $argref->{'credential'};
my $type = $argref->{'type'};
if (! (defined($uuid) && ($uuid =~ /^[-\w]*$/))) {
return GeniResponse->MalformedArgsResponse();
}
my $user = GeniUser->Lookup($uuid);
if (!defined($user)) {
return GeniResponse->Create(GENIRESPONSE_SEARCHFAILED, undef,
"No such user $uuid");
#
# The caller has to be known to us, but how are they known to us?
# Probably need a web interface?
#
my $caller_uuid = $ENV{'GENIUUID'};
my $caller_authority = GeniAuthority->Lookup($ENV{'GENIUUID'});
return GeniResponse->Create(GENIRESPONSE_REFUSED, undef, "Who are You?")
if (!defined($caller_authority));
#
# No credential, then return a generic credential giving caller permission
# to do other things.
#
if (!defined($cred)) {
#
# This credential is for access to this authority.
#
my $authority = GeniAuthority->Lookup($ENV{'MYUUID'});
if (!defined($authority)) {
print STDERR "Could not find local authority object\n";
return GeniResponse->Create(GENIRESPONSE_ERROR);
}
my $credential = GeniCredential->Create($authority, $caller_authority);
if (!defined($credential)) {
print STDERR "Could not create credential for $caller_authority\n";
return GeniResponse->Create(GENIRESPONSE_ERROR);
}
if ($credential->Sign($GeniCredential::LOCALMA_FLAG)) {
print STDERR "Could not sign credential for $caller_authority\n";
return GeniResponse->Create(GENIRESPONSE_ERROR);
}
return GeniResponse->Create(GENIRESPONSE_SUCCESS,
$credential->asString());
}
my $authority = GeniAuthority->Lookup($user->sa_idx());
if (!defined($authority)) {
return GeniResponse->Create(GENIRESPONSE_SEARCHFAILED, undef,
"No slice authority found for user");
}
# Grab ssh key.
my $sshkey;
if ($user->GetSSHKey(\$sshkey) != 0) {
print STDERR "Could not get ssh key for $user\n";
}
# Return a blob.
my $blob = { "uid" => $user->uid(),
"hrn" => $user->hrn(),
"uuid" => $user->uuid(),
"email" => $user->email(),
"cert" => $user->cert(),
"name" => $user->name(),
"sa" => { "hrn" => $authority->hrn(),
"uuid" => $authority->uuid(),
"cert" => $authority->cert(),
"uuid_prefix" => $authority->uuid_prefix(),
"url" => $authority->url() }
};
$blob->{'sshkey'} = $sshkey
if (defined($sshkey));
return GeniResponse->Create(GENIRESPONSE_SUCCESS, $blob);
#
# User provided a credential, and wants a new credential to access
# the object referenced by the uuid.
#
return GeniResponse->Create(GENIRESPONSE_UNSUPPORTED);
}
sub LookupSlice($)
##
# Lookup a UUID and return a blob of stuff. We allow lookups of both
# users and slices, which is what we allow clients to register.
#
sub Resolve($)
{
my ($argref) = @_;
my $cred = $argref->{'credential'};
my $uuid = $argref->{'uuid'};
my $type = $argref->{'type'};
if (! (defined($uuid) && ($uuid =~ /^[-\w]*$/))) {
return GeniResponse->MalformedArgsResponse();
}
my $slice = GeniSlice->Lookup($uuid);
if (!defined($slice)) {
return GeniResponse->Create(GENIRESPONSE_SEARCHFAILED, undef,
"No such user $uuid");
if (! (defined($type) && ($type =~ /^(SA|CM|MA|Component|Slice|User)$/))) {
return GeniResponse->MalformedArgsResponse();
}
my $authority = GeniAuthority->Lookup($slice->sa_idx());
if (!defined($authority)) {
return GeniResponse->Create(GENIRESPONSE_SEARCHFAILED, undef,
"No slice authority found for slice");
if (! defined($cred)) {
return GeniResponse->MalformedArgsResponse();
}
my $credential = GeniCredential->CreateFromSigned($cred);
if (!defined($credential)) {
return GeniResponse->Create(GENIRESPONSE_ERROR, undef,
"Could not create GeniCredential object");
}
# User bindings too.
my @userbindings = ();
if ($slice->UserBindings(\@userbindings) != 0) {
#
# Make sure the credential was issued to the caller.
#
if ($credential->owner_uuid() ne $ENV{'GENIUUID'}) {
return GeniResponse->Create(GENIRESPONSE_ERROR, undef,
"Error getting user bindings for slice");
}
# Return a blob.
my $blob = { "hrn" => $slice->hrn(),
"uuid" => $slice->uuid(),
"creator_uuid" => $slice->creator_uuid(),
"cert" => $slice->cert(),
"sa" => {"hrn" => $authority->hrn(),
"uuid" => $authority->uuid(),
"cert" => $authority->cert(),
"uuid_prefix" => $authority->uuid_prefix(),
"url" => $authority->url() },
"userbindings" => \@userbindings,
};
return GeniResponse->Create(GENIRESPONSE_SUCCESS, $blob);
"This is not your credential!");
}
#
# And that the target of the credential is this registry.
#
my $authority = GeniAuthority->Lookup($ENV{'MYUUID'});
if (!defined($authority)) {
print STDERR "Could not find local authority object\n";
return GeniResponse->Create(GENIRESPONSE_ERROR);
}
if ($credential->target_uuid() ne $authority->uuid()) {
return GeniResponse->Create(GENIRESPONSE_FORBIDDEN,
undef, "This is not your registry!");
}
if ($type eq "User") {
my $user = GeniUser->Lookup($uuid);
if (!defined($user)) {
return GeniResponse->Create(GENIRESPONSE_SEARCHFAILED, undef,
"No such user $uuid");
}
# Grab ssh key.
my $sshkey;
if ($user->GetSSHKey(\$sshkey) != 0) {
print STDERR "Could not get ssh key for $user\n";
}
# Return a blob.
my $blob = { "uid" => $user->uid(),
"hrn" => $user->hrn(),
"uuid" => $user->uuid(),
"email" => $user->email(),
"cert" => $user->cert(),
"name" => $user->name(),
"sa_uuid" => $user->sa_uuid(),
};
$blob->{'sshkey'} = $sshkey
if (defined($sshkey));
return GeniResponse->Create(GENIRESPONSE_SUCCESS, $blob);
}
if ($type eq "SA") {
my $authority = GeniAuthority->Lookup($uuid);
if (!defined($authority)) {
return GeniResponse->Create(GENIRESPONSE_SEARCHFAILED, undef,
"No such authority $uuid");
}
# Return a blob.
my $blob = { "uuid" => $authority->uuid(),
"cert" => $authority->cert(),
"hrn" => $authority->hrn(),
"uuid_prefix" => $authority->uuid_prefix(),
"url" => $authority->url(),
};
return GeniResponse->Create(GENIRESPONSE_SUCCESS, $blob);
}
if ($type eq "CM") {
my $component = GeniComponent->Lookup($uuid);
if (!defined($component)) {
return GeniResponse->Create(GENIRESPONSE_SEARCHFAILED, undef,
"No such component $uuid");
}
# Return a blob.
my $blob = { "uuid" => $component->uuid(),
"cert" => $component->cert(),
"hrn" => $component->hrn(),
"url" => $component->url(),
};
return GeniResponse->Create(GENIRESPONSE_SUCCESS, $blob);
}
if ($type eq "Slice") {
my $slice = GeniSlice->Lookup($uuid);
if (!defined($slice)) {
return GeniResponse->Create(GENIRESPONSE_SEARCHFAILED, undef,
"No such slice $uuid");
}
# User bindings too.
my @userbindings = ();
if ($slice->UserBindings(\@userbindings) != 0) {
return GeniResponse->Create(GENIRESPONSE_ERROR, undef,
"Error getting users for slice");
}
# Return a blob.
my $blob = { "hrn" => $slice->hrn(),
"uuid" => $slice->uuid(),
"creator_uuid" => $slice->creator_uuid(),
"cert" => $slice->cert(),
"sa_uuid" => $slice->sa_uuid(),
"userbindings" => \@userbindings,
};
return GeniResponse->Create(GENIRESPONSE_SUCCESS, $blob);
}
return GeniResponse->Create(GENIRESPONSE_UNSUPPORTED);
}
##
# Register a new object.
#
# Register a new Geni user.
#
sub RegisterUser($)
sub Register($)
{
my ($argref) = @_;
my $cred = $argref->{'credential'};
my $hrn = $argref->{'hrn'};
my $uuid = $argref->{'uuid'};
my $name = $argref->{'name'};
my $email = $argref->{'email'};
my $cert = $argref->{'cert'};
my $sshkey= $argref->{'sshkey'};
my $info = $argref->{'info'};
my $type = $argref->{'type'};
if (! (defined($hrn) && defined($name) &&
defined($email) && defined($cert) && defined($uuid))) {
if (! (defined($hrn) && ($hrn =~ /^[-\w.]*$/))) {
return GeniResponse->MalformedArgsResponse();
}
#
# Use the Emulab checkslot routines.
#
if (! ($hrn =~ /^[-\w\.]*$/)) {
return GeniResponse->Create(GENIRESPONSE_ERROR, undef,
"hrn: Invalid characters");
}
if (! ($uuid =~ /^[-\w]*$/)) {
return GeniResponse->Create(GENIRESPONSE_ERROR, undef,
"uuid: Invalid characters");
if (! (defined($type) && ($type =~ /^(SA|MA|Component|Slice|User)$/))) {
return GeniResponse->MalformedArgsResponse();
}
if (! TBcheck_dbslot($name, "users", "usr_name", TBDB_CHECKDBSLOT_ERROR)) {
return GeniResponse->Create(GENIRESPONSE_ERROR, undef,
"name: ". TBFieldErrorString());
if (! defined($cred)) {
return GeniResponse->MalformedArgsResponse();
}
if (! TBcheck_dbslot($email, "users", "usr_email",TBDB_CHECKDBSLOT_ERROR)){
return GeniResponse->Create(GENIRESPONSE_ERROR, undef,
"email: ". TBFieldErrorString());
if (! defined($cert)) {
return GeniResponse->MalformedArgsResponse();
}
if (! ($cert =~ /^[\012\015\040-\176]*$/)) {
return GeniResponse->Create(GENIRESPONSE_ERROR, undef,
"cert: Invalid characters");
}
if (defined($sshkey) && ! ($sshkey =~ /^[\012\015\040-\176]*$/)) {
if (! defined($info)) {
return GeniResponse->MalformedArgsResponse();
}
my $credential = GeniCredential->CreateFromSigned($cred);
if (!defined($credential)) {
return GeniResponse->Create(GENIRESPONSE_ERROR, undef,
"sshkey: Invalid characters");
"Could not create GeniCredential object");
}
#
# The SA UUID comes from the SSL environment (certificate). Verify it
# and the prefix match for the uuid.
# Make sure the credential was issued to the caller.
#
# Need to verify the UUID is permitted for the SA making the request.
if ($credential->owner_uuid() ne $ENV{'GENIUUID'}) {
return GeniResponse->Create(GENIRESPONSE_ERROR, undef,
"This is not your credential!");
}
#
my $sa_uuid = $ENV{'GENIUUID'};
my $query_result =
DBQueryWarn("select idx, uuid_prefix from geni_sliceauthorities ".
"where uuid='$sa_uuid'");
return GeniResponse->Create(GENIRESPONSE_DBERROR)
if (!defined($query_result));
return GeniResponse->Create(GENIRESPONSE_REFUSED, undef, "Who are You?")
if (!$query_result->numrows);
my ($sa_idx, $uuid_prefix)= $query_result->fetchrow_array();
if ($uuid =~ /^\w+\-\w+\-\w+\-\w+\-(\w+)$/) {
return GeniResponse->Create(GENIRESPONSE_BADARGS, undef,
"uuid: Prefix mismatch")
if ("$uuid_prefix" ne "$1");
# And that the target of the credential is this registry.
#
my $authority = GeniAuthority->Lookup($ENV{'MYUUID'});
if (!defined($authority)) {
print STDERR "Could not find local authority object\n";
return GeniResponse->Create(GENIRESPONSE_ERROR);
}
else {
return GeniResponse->Create(GENIRESPONSE_BADARGS, undef,
"Improper format for uuid");
if ($credential->target_uuid() ne $authority->uuid()) {
return GeniResponse->Create(GENIRESPONSE_FORBIDDEN,
undef, "This is not your registry!");
}
#
# XXX
# Grab the uuid out of the certificate.
#
# What kind of uniquess requirements do we need? No one else with this
# email address? Of course, we have to allow hrn reuse, but should we
# require that for a given SA, that hrn is unique, at least to avoid
# lots of confusion?
#
if (GeniUser->CheckExisting($hrn, $email)) {
return GeniResponse->Create(GENIRESPONSE_ERROR, undef,
"$hrn/$email already registered");
}
my $uuid;
GeniCertificate->CertificateInfo($cert, \$uuid) == 0
or return GeniResponse->Create(GENIRESPONSE_ERROR, undef,
"cert: Could not get uuid");
# The local uid we will use is the last part of the hrn.
my ($uid) = ($hrn =~ /^.*\.(\w*)$/);
if (!defined($uid)) {
return GeniResponse->Create(GENIRESPONSE_ERROR, undef,
"uid: cannot parse hrn to get uid");
}
elsif (! TBcheck_dbslot($uid, "users", "uid", TBDB_CHECKDBSLOT_ERROR)) {
return GeniResponse->Create(GENIRESPONSE_ERROR, undef,
"uid: ". TBFieldErrorString());
}
my $newuser = GeniUser->Create($hrn, $uid, $uuid,
$name, $email, $cert, $sa_idx, $sshkey);
if (!defined($newuser)) {
return GeniResponse->Create(GENIRESPONSE_ERROR, undef,
"$hrn/$email could not be registered");
if (! ($uuid =~ /^\w+\-\w+\-\w+\-\w+\-\w+$/)) {
return GeniResponse->Create(GENIRESPONSE_BADARGS, undef,
"Improper format for uuid");
}
return GeniResponse->Create(GENIRESPONSE_SUCCESS, undef,
"$hrn/$email has been registered");
if ($type eq "User") {
my $name = $info->{'name'};
my $email = $info->{'email'};
my $sshkey= $info->{'sshkey'};
if (! TBcheck_dbslot($name, "users", "usr_name",
TBDB_CHECKDBSLOT_ERROR)) {
return GeniResponse->Create(GENIRESPONSE_ERROR, undef,
"name: ". TBFieldErrorString());
}
if (! TBcheck_dbslot($email, "users", "usr_email",
TBDB_CHECKDBSLOT_ERROR)){
return GeniResponse->Create(GENIRESPONSE_ERROR, undef,
"email: ". TBFieldErrorString());
}
if (defined($sshkey) && ! ($sshkey =~ /^[\012\015\040-\176]*$/)) {
return GeniResponse->Create(GENIRESPONSE_ERROR, undef,
"sshkey: Invalid characters");
}
#
# Need to verify the UUID is permitted for the SA making the request.
#
if (! $authority->PrefixMatch($uuid)) {
return GeniResponse->Create(GENIRESPONSE_BADARGS, undef,
"uuid: Prefix mismatch");
}
#
# XXX
#
# What kind of uniquess requirements do we need? No one else with this
# email address? Of course, we have to allow hrn reuse, but should we
# require that for a given SA, that hrn is unique, at least to avoid
# lots of confusion?
#
if (GeniUser->CheckExisting($hrn, $email)) {
return GeniResponse->Create(GENIRESPONSE_ERROR, undef,
"$hrn/$email already registered");
}
# The local uid we will use is the last part of the hrn.
my ($uid) = ($hrn =~ /^.*\.(\w*)$/);
if (!defined($uid)) {
return GeniResponse->Create(GENIRESPONSE_ERROR, undef,
"uid: cannot parse hrn to get uid");
}
elsif (! TBcheck_dbslot($uid, "users", "uid",
TBDB_CHECKDBSLOT_ERROR)) {
return GeniResponse->Create(GENIRESPONSE_ERROR, undef,
"uid: ". TBFieldErrorString());
}
my $newuser = GeniUser->Create($hrn, $uid, $uuid,
$name, $email, $cert, $authority,
$sshkey);
if (!defined($newuser)) {
return GeniResponse->Create(GENIRESPONSE_ERROR, undef,
"$hrn/$email could not be registered");
}
return GeniResponse->Create(GENIRESPONSE_SUCCESS, undef,
"$hrn/$email has been registered");
}
if ($type eq "Slice") {
my $creator_uuid = $info->{'creator_uuid'};
if (! ($creator_uuid =~ /^[-\w]*$/)) {
return GeniResponse->Create(GENIRESPONSE_ERROR, undef,
"creator_uuid: Invalid characters");
}
#
# Make sure the geni user exists.
#
my $user = GeniUser->Lookup($creator_uuid);
if (!defined($user)) {
return GeniResponse->Create(GENIRESPONSE_ERROR, undef,
"creator_uuid: No such User");
}
#
# Need to verify the UUID is permitted for the SA making the request.
#
if (! $authority->PrefixMatch($uuid)) {
return GeniResponse->Create(GENIRESPONSE_BADARGS, undef,
"uuid: Prefix mismatch");
}
#
# Make sure slice hrn and uuid are unique.
#
if (GeniSlice->CheckExisting($hrn, $uuid)) {
return GeniResponse->Create(GENIRESPONSE_ERROR, undef,
"$hrn or $uuid already registered");
}
my $newslice = GeniSlice->Create($hrn, $uuid, $creator_uuid,
$cert, $authority);
if (!defined($newslice)) {
return GeniResponse->Create(GENIRESPONSE_ERROR, undef,
"$hrn/$uuid could not be registered");
}
return GeniResponse->Create(GENIRESPONSE_SUCCESS, undef,
"$hrn/$uuid has been registered");
}
return GeniResponse->Create(GENIRESPONSE_UNSUPPORTED);
}
##
# Delete an object.
#
# Register a new Geni slice in the DB.
#
sub RegisterSlice($)
sub Remove($)
{
my ($argref) = @_;
my $hrn = $argref->{'hrn'};
my $cred = $argref->{'credential'};
my $uuid = $argref->{'uuid'};
my $creator_uuid = $argref->{'creator_uuid'};
my $cert = $argref->{'cert'};
my $type = $argref->{'type'};
if (! (defined($hrn) && defined($uuid) && defined($creator_uuid))) {
return Protogeni::MalformedArgsResponse();
}
if (! ($hrn =~ /^[-\w\.]*$/)) {
return GeniResponse->Create(GENIRESPONSE_ERROR, undef,
"hrn: Invalid characters");
}
if (! ($uuid =~ /^[-\w]*$/)) {
return GeniResponse