Changeset 4379 for TI12-security/trunk

Timestamp:

29/10/08 10:32:28 (12 years ago)

Author:

pjkersha

Message:

Renamed CredWallet? module -> credentialwallet

Location:

TI12-security/trunk/python

Files:

• ndg.security.common/ndg/security/common/credentialwallet.py (modified) (40 diffs)
• ndg.security.test/ndg/security/test/credentialwallet (moved) (moved from TI12-security/trunk/python/ndg.security.test/ndg/security/test/credwallet)

TI12-security/trunk/python/ndg.security.common/ndg/security/common/credentialwallet.py

@@ -1 @@
-"""NDG Credentials Wallet
+"""NDG Credential Wallet
 
 NERC Data Grid Project
@@ -10 +10 @@
 License, version 1.0 or later."""
 __contact__ = "P.J.Kershaw@rl.ac.uk"
-__revision__ = '$Id$'
+__revision__ = '$Id:credentialwallet.py 4378 2008-10-29 10:30:14Z pjkersha $'
 
 import logging
 log = logging.getLogger(__name__)
 
-# Temporary store of certificates for use with CredWallet getAttCert()
+# Temporary store of certificates for use with CredentialWallet getAttCert()
 import tempfile
 
@@ -28 +28 @@
 aaImportError = True
 try:
-    # AttAuthority client package resides with CredWallet module in 
+    # AttAuthority client package resides with CredentialWallet module in 
     # ndg.security.common
     from ndg.security.common.attributeauthority import AttributeAuthorityClient, \
@@ -35 +35 @@
     aaImportError = False
 except ImportError:
-    log.warning('Loading CredWallet without SOAP interface imports')
+    log.warning('Loading CredentialWallet without SOAP interface imports')
     pass
 
@@ -45 +45 @@
     aaImportError = False
 except:
-    log.warning('Loading CredWallet without Attribute Authority interface '
+    log.warning('Loading CredentialWallet without Attribute Authority interface '
                 'imports')
     pass
@@ -67 +67 @@
 
 
-class _CredWalletException(Exception):    
-    """Generic Exception class for CredWallet module.  Overrides Exception to 
+class _CredentialWalletException(Exception):    
+    """Generic Exception class for CredentialWallet module.  Overrides Exception to 
     enable writing to the log"""
     def __init__(self, msg):
@@ -75 +75 @@
 
 
-class CredWalletError(_CredWalletException):    
+class CredentialWalletError(_CredentialWalletException):    
     """Exception handling for NDG Credential Wallet class.  Overrides Exception
     to enable writing to the log"""
 
 
-class CredWalletAttributeRequestDenied(CredWalletError):    
-    """Handling exception where CredWallet is denied authorisation by an
+class CredentialWalletAttributeRequestDenied(CredentialWalletError):    
+    """Handling exception where CredentialWallet is denied authorisation by an
     Attribute Authority.
   
@@ -110 +110 @@
         self.__extAttCertList = kw.pop('extAttCertList', [])
             
-        CredWalletError.__init__(self, *args, **kw)
+        CredentialWalletError.__init__(self, *args, **kw)
 
     def _getTrustedHostInfo(self):
@@ -132 +132 @@
 
           
-class _MetaCredWallet(type):
-    """Enable CredWallet to have read only class variables e.g.
-    
-    print CredWallet.accessDenied 
+class _MetaCredentialWallet(type):
+    """Enable CredentialWallet to have read only class variables e.g.
+    
+    print CredentialWallet.accessDenied 
     
     ... is allowed but,
     
-    CredWallet.accessDenied = None
+    CredentialWallet.accessDenied = None
     
     ... raises - AttributeError: can't set attribute"""
@@ -156 +156 @@
 
 
-# CredWallet is a 'new-style' class inheriting from "object" and making use
+# CredentialWallet is a 'new-style' class inheriting from "object" and making use
 # of new Get/Set methods for hiding of attributes
-class CredWallet(object):
+class CredentialWallet(object):
     """Volatile store of user credentials associated with a user session
     
@@ -266 +266 @@
     """
 
-    __metaclass__ = _MetaCredWallet
+    __metaclass__ = _MetaCredentialWallet
 
     propertyDefaults = dict(
@@ -329 +329 @@
         from
         @type cfgPrefix: basestring
-        @param cfgPrefix: apply a prefix to all CredWallet config params so 
+        @param cfgPrefix: apply a prefix to all CredentialWallet config params so 
         that if placed in a file with other parameters they can be 
         distinguished
@@ -335 +335 @@
         @param cfgKw: set parameters as key value pairs."""
 
-        log.debug("Calling CredWallet.__init__ ...")
+        log.debug("Calling CredentialWallet.__init__ ...")
 
         # Initialise attributes - 1st protected ones
-        attr = {}.fromkeys(CredWallet._protectedAttrs)
+        attr = {}.fromkeys(CredentialWallet._protectedAttrs)
         
         # ... then properties
-        attr.update(CredWallet.propertyDefaults)
+        attr.update(CredentialWallet.propertyDefaults)
         for k, v in attr.items():
             try:
@@ -377 +377 @@
             
             if not issubclass(self._credentialRepository,CredentialRepository):
-                raise CredWalletError("Input Credential Repository instance "
+                raise CredentialWalletError("Input Credential Repository instance "
                                       "must be of a class derived from "
                                       "\"CredentialRepository\"")
@@ -405 +405 @@
             except Exception, e:
                 try:
-                    raise CredWalletError("Error parsing Attribute Certificate"
+                    raise CredentialWalletError("Error parsing Attribute Certificate"
                                           " ID '%s' retrieved from the " 
                                           "Credentials Repository: %s" % 
                                           (cred.id, e))            
                 except:
-                    raise CredWalletError("Error parsing Attribute "
+                    raise CredentialWalletError("Error parsing Attribute "
                                           "Certificate retrieved from the "
                                           "Credentials Repository: %s:" % e)
@@ -431 +431 @@
         prop = readAndValidate(cfgFilePath,
                                cfg=self._cfg,
-                               validKeys=CredWallet.propertyDefaults,
+                               validKeys=CredentialWallet.propertyDefaults,
                                prefix=prefix,
                                sections=(section,))
@@ -670 +670 @@
 
         elif caCertFilePathList is not None:
-            raise CredWalletError("Input CA Certificate file path is not a "
+            raise CredentialWalletError("Input CA Certificate file path is not a "
                                   "valid string")      
         
@@ -706 +706 @@
 
         elif sslCACertFilePathList is not None:
-            raise CredWalletError("Input CA Certificate file path is not a "
+            raise CredentialWalletError("Input CA Certificate file path is not a "
                                   "valid string")      
         
@@ -724 +724 @@
         @return: new Attribute Authority client instance"""
 
-        log.debug('CredWallet._createAttributeAuthorityClnt for service: "%s"'%
+        log.debug('CredentialWallet._createAttributeAuthorityClnt for service: "%s"'%
                   attributeAuthorityURI)
 
@@ -927 +927 @@
         # Check input
         if not isinstance(attCert, AttCert):
-            raise CredWalletError("Attribute Certificate must be an AttCert "
+            raise CredentialWalletError("Attribute Certificate must be an AttCert "
                                   "type object")
 
@@ -935 +935 @@
             
         except AttCertError, e:
-            raise CredWalletError("Adding Credential: %s" % e)
+            raise CredentialWalletError("Adding Credential: %s" % e)
         
 
@@ -981 +981 @@
         expired or are otherwise invalid."""
 
-        log.debug("CredWallet.audit ...")
+        log.debug("CredentialWallet.audit ...")
         
         # Nb. No signature check is carried out.  To do a check, access is
@@ -1001 +1001 @@
         removing invalid ones"""
 
-        log.debug("CredWallet.updateCredentialRepository ...")
+        log.debug("CredentialWallet.updateCredentialRepository ...")
         
         if not self._credentialRepository:
-            raise CredWalletError("No Credential Repository has been created "
+            raise CredentialWalletError("No Credential Repository has been created "
                                   "for this wallet")
                             
@@ -1039 +1039 @@
         Attribute Authority"""
       
-        log.debug("CredWallet._getAttCert ...")
+        log.debug("CredentialWallet._getAttCert ...")
         
         if attributeAuthorityClnt is None:
@@ -1063 +1063 @@
                 
             except AttributeRequestDenied, e:
-                raise CredWalletAttributeRequestDenied, str(e)
+                raise CredentialWalletAttributeRequestDenied, str(e)
                             
         elif self.attributeAuthority is not None:
@@ -1082 +1082 @@
                 
             except AttributeAuthorityAccessDenied, e:
-                raise CredWalletAttributeRequestDenied, str(e)
+                raise CredentialWalletAttributeRequestDenied, str(e)
                         
             except Exception, e:
-                raise CredWalletError("Requesting attribute certificate: %s"%e)
+                raise CredentialWalletError("Requesting attribute certificate: %s"%e)
 
         else:
-            raise CredWalletError("Error requesting attribute: certificate a "
+            raise CredentialWalletError("Error requesting attribute: certificate a "
                                   "URI or Attribute Authority configuration "
                                   "file must be specified")
@@ -1096 +1096 @@
         # for signature check in addCredential()
         if self._caCertFilePathList is None:
-            raise CredWalletError("No CA certificate has been set")
+            raise CredentialWalletError("No CA certificate has been set")
         
         attCert.certFilePathList = self._caCertFilePathList
@@ -1130 +1130 @@
         """
         
-        log.debug('CredWallet.getAATrustedHostInfo for role "%s" and service: '
+        log.debug('CredentialWallet.getAATrustedHostInfo for role "%s" and service: '
                   '"%s"' % (userRole, attributeAuthorityURI or attributeAuthority))
         if attributeAuthorityURI:
@@ -1161 +1161 @@
 
         else:
-            raise CredWalletError("Error requesting trusted hosts info: " 
+            raise CredentialWalletError("Error requesting trusted hosts info: " 
                                   "a URI or Attribute Authority " 
                                   "configuration file must be specified")
@@ -1226 +1226 @@
         altered
 
-        The list is returned via CredWalletAttributeRequestDenied exception
+        The list is returned via CredentialWalletAttributeRequestDenied exception
         If no value is set, the default value held in 
         self.mapFromTrustedHosts is used
@@ -1241 +1241 @@
         is used.
                                 
-        The list is returned via a CredWalletAttributeRequestDenied exception 
+        The list is returned via a CredentialWalletAttributeRequestDenied exception 
         object.
                                 
@@ -1277 +1277 @@
         @return: Attribute Certificate retrieved from Attribute Authority"""
         
-        log.debug("CredWallet.getAttCert ...")
+        log.debug("CredentialWallet.getAttCert ...")
         
         # Both these assignments are calling set property methods implicitly!
@@ -1292 +1292 @@
             # Find out the site ID for the target AA by calling AA's host
             # info WS method
-            log.debug("CredWallet.getAttCert - check AA site ID ...")
+            log.debug("CredentialWallet.getAttCert - check AA site ID ...")
             
             try:
@@ -1298 +1298 @@
                 aaName = hostInfo.keys()[0]
             except Exception, e:
-                raise CredWalletError("Getting host info: %s" % e)
+                raise CredentialWalletError("Getting host info: %s" % e)
             
             # Look in the wallet for an AC with the same issuer name
@@ -1333 +1333 @@
             
             if not self.mapFromTrustedHosts:
-                raise CredWalletError("A list of trusted hosts has been " 
+                raise CredentialWalletError("A list of trusted hosts has been " 
                                       "input but mapping from trusted hosts "
                                       "is set to disallowed")
@@ -1380 +1380 @@
                     pass
 
-                raise CredWalletAttributeRequestDenied, errMsg
+                raise CredentialWalletAttributeRequestDenied, errMsg
                                                     
                 
@@ -1389 +1389 @@
                 return attCert
             
-            except CredWalletAttributeRequestDenied, attributeRequestDenied:
+            except CredentialWalletAttributeRequestDenied, attributeRequestDenied:
                 if not self.mapFromTrustedHosts and not self.rtnExtAttCertList:
                     # Creating a mapped certificate is not allowed - raise
@@ -1412 +1412 @@
                                             attributeAuthority=attributeAuthority)
                 except NoMatchingRoleInTrustedHosts, e:
-                    raise CredWalletAttributeRequestDenied(
+                    raise CredentialWalletAttributeRequestDenied(
                         'Can\'t get a mapped Attribute Certificate for '
                         'the "%s" role' % reqRole)
                 
                 except Exception, e:
-                    raise CredWalletError, "Getting trusted hosts: %s" % e
+                    raise CredentialWalletError, "Getting trusted hosts: %s" % e
 
                 if not trustedHostInfo:
-                    raise CredWalletAttributeRequestDenied(
+                    raise CredentialWalletAttributeRequestDenied(
                         "Attribute Authority has no trusted hosts with "
                         "which to make a mapping")
@@ -1481 +1481 @@
                     
                 if not extAttCertList:                        
-                    raise CredWalletAttributeRequestDenied, \
+                    raise CredentialWalletAttributeRequestDenied, \
                         "No certificates are available with which to " + \
                         "make a mapping to the Attribute Authority"
@@ -1495 +1495 @@
                           "trusted hosts"
                           
-                    raise CredWalletAttributeRequestDenied(msg,
+                    raise CredentialWalletAttributeRequestDenied(msg,
                                             extAttCertList=extAttCertList,
                                             trustedHostInfo=trustedHostInfo)            
 
 
-class CredentialRepositoryError(_CredWalletException):   
+class CredentialRepositoryError(_CredentialWalletException):   
     """Exception handling for NDG Credential Repository class."""
 
 
 class CredentialRepository:
-    """CredWallet's abstract interface class to a Credential Repository.  The
+    """CredentialWallet's abstract interface class to a Credential Repository.  The
     Credential Repository is abstract store of user currently valid user
     credentials.  It enables retrieval of attribute certificates from a user's