def determine_speaks_for_ex(logger, credentials, caller_gid, options, trusted_roots, schema=None):
abac_cred_list = []
speaking_for_gid = None
if not logger:
logger = core.log.getLogger("speaks-for")
for cred in credentials:
# Skip things that aren't ABAC credentials
if type(cred) == dict:
if cred['geni_type'] != ABACCredential.ABAC_CREDENTIAL_TYPE:
cred_ = CredentialFactory.createCred(credString=cred['geni_value'])
speaking_for_gid = cred_.get_gid_caller() if cred_ else None
continue
cred_value = cred['geni_value']
elif isinstance(cred, Credential):
if not isinstance(cred, ABACCredential):
speaking_for_gid = cred.get_gid_caller()
continue
else:
cred_value = cred
else:
if CredentialFactory.getType(cred) != ABACCredential.ABAC_CREDENTIAL_TYPE:
cred_ = CredentialFactory.createCred(credString=cred)
speaking_for_gid = cred_.get_gid_caller() if cred_ else None
continue
cred_value = cred
# If the cred_value is xml, create the object
if not isinstance(cred_value, ABACCredential):
cred = CredentialFactory.createCred(cred_value)
abac_cred_list.append(cred)
# If speaking_for_gid is None or ABAC creds are absent then there is no point to proceed
if not speaking_for_gid or len(abac_cred_list) == 0:
if logger:
logger.info("No point in checking speaks-for")
else:
print "No point in checking speaks-for"
return caller_gid
# See if this is a valid speaks_for
is_valid_speaks_for, user_gid, msg = verify_speaks_for_ex(abac_cred_list, caller_gid, speaking_for_gid)
if is_valid_speaks_for:
logger.info("Speaks-for successfully validated ! ")
return user_gid # speaks-for
else:
if logger:
logger.info("Got speaks-for option but not a valid speaks_for with this credential: %s" % msg)
else:
print "Got a speaks-for option but not a valid speaks_for with this credential: " + msg
return caller_gid # Not speaks-for
def determine_speaks_for(logger, credentials, caller_gid, options, \
trusted_roots, schema=None):
if options and 'geni_speaking_for' in options:
speaking_for_urn = options['geni_speaking_for'].strip()
for cred in credentials:
# Skip things that aren't ABAC credentials
if type(cred) == dict:
if cred['geni_type'] != ABACCredential.ABAC_CREDENTIAL_TYPE:
continue
cred_value = cred['geni_value']
elif isinstance(cred, Credential):
if not isinstance(cred, ABACCredential):
continue
else:
cred_value = cred
else:
if CredentialFactory.getType(
cred) != ABACCredential.ABAC_CREDENTIAL_TYPE:
continue
cred_value = cred
# If the cred_value is xml, create the object
if not isinstance(cred_value, ABACCredential):
cred = CredentialFactory.createCred(cred_value)
# print "Got a cred to check speaksfor for: %s" % cred.get_summary_tostring()
# #cred.dump(True, True)
# print "Caller: %s" % caller_gid.dump_string(2, True)
# See if this is a valid speaks_for
is_valid_speaks_for, user_gid, msg = \
verify_speaks_for(cred,
caller_gid, speaking_for_urn, \
trusted_roots, schema, logger)
if is_valid_speaks_for:
return user_gid # speaks-for
else:
if logger:
logger.info(
"Got speaks-for option but not a valid speaks_for with this credential: %s"
% msg)
else:
print "Got a speaks-for option but not a valid speaks_for with this credential: " + msg
return caller_gid # Not speaks-for
def determine_speaks_for(logger, credentials, caller_gid, options, trusted_roots, schema=None):
if options and "geni_speaking_for" in options:
speaking_for_urn = options["geni_speaking_for"].strip()
for cred in credentials:
# Skip things that aren't ABAC credentials
if type(cred) == dict:
if cred["geni_type"] != ABACCredential.ABAC_CREDENTIAL_TYPE:
continue
cred_value = cred["geni_value"]
elif isinstance(cred, Credential):
if not isinstance(cred, ABACCredential):
continue
else:
cred_value = cred
else:
if CredentialFactory.getType(cred) != ABACCredential.ABAC_CREDENTIAL_TYPE:
continue
cred_value = cred
# If the cred_value is xml, create the object
if not isinstance(cred_value, ABACCredential):
cred = CredentialFactory.createCred(cred_value)
# print "Got a cred to check speaksfor for: %s" % cred.get_summary_tostring()
# #cred.dump(True, True)
# print "Caller: %s" % caller_gid.dump_string(2, True)
# See if this is a valid speaks_for
is_valid_speaks_for, user_gid, msg = verify_speaks_for(
cred, caller_gid, speaking_for_urn, trusted_roots, schema, logger
)
if is_valid_speaks_for:
return user_gid # speaks-for
else:
if logger:
logger.info("Got speaks-for option but not a valid speaks_for with this credential: %s" % msg)
else:
print "Got a speaks-for option but not a valid speaks_for with this credential: " + msg
return caller_gid # Not speaks-for
def make_cred(cred_string):
credO = None
try:
credO = CredentialFactory.createCred(credString=cred_string)
except Exception, e:
print(e)
def make_cred(cred_string):
credO = None
try:
credO = CredentialFactory.createCred(credString=cred_string)
except Exception, e:
print(e)
