Class Member_Authority
GENI Clearinghouse Member Authority (MA) controller interface
The MA maintains a set of members and their UUIDs and their attributes and associated query mechanisms. The MA maintains a set of SSL keys and certs, both 'inside' and 'outside' for given users. Additionally, the MA maintains a mapping of members to the client tools (e.g. the GENI Portal) that the member has authorized to speak on his/her behalf. Finally, the MA maintains a set of SSH keys for a given member for passing to resources as needed.
Supports these methods:
Future (i.e. not yet available) methods include:
The MA maintains a set of members and their UUIDs and their attributes and associated query mechanisms. The MA maintains a set of SSL keys and certs, both 'inside' and 'outside' for given users. Additionally, the MA maintains a mapping of members to the client tools (e.g. the GENI Portal) that the member has authorized to speak on his/her behalf. Finally, the MA maintains a set of SSH keys for a given member for passing to resources as needed.
Supports these methods:
- success <= register_ssh_key(member_id, ssh_filename, ssh_description, ssh_public_key, [ssh_private_key])
- [id, member_id, filename, description, public_key, private_key]* <= lookup_ssh_keys(member_id)
- success <= update_ssh_key(member_id, ssh_key_id, ssh_filename, ssh_description)
- success <= delete_ssh_key(member_id, ssh_key_id)
- [private_key, certificate]* <= lookup_keys_and_certs(member_id)
- member_id <= create_account(attributes)
- [client_name, client_urn]* <= ma_list_clients()
- [client_name, client_urn]* <= ma_list_authorized_clients(member_id)
- success <= ma_authorize_client(member_id, client_urn, authorize_sense)
- [member_id]* <= lookup_members(attributes)
- [member_id, [name value self_asserted]*] <= lookup_member_by_id(member_id)
- success <= add_member_privilege(member_id, privilege_id)
- success <= revoke_member_privilege(member_id, privilege_id)
Future (i.e. not yet available) methods include:
- upload_ssl_keys
- revoke_certificate
public
boolean
|
|
public
array
|
|
public
boolean
|
|
public
boolean
|
|
public
Dictionary
|
|
public
UUID
|
#
create_account( dict $args_dict )
Create new user account with given attributes. |
public
List
|
#
ma_list_clients( dict $args_dict )
Get all client tools registered with the MA as potentially authorized for use by members |
public
List
|
#
ma_list_authorized_clients( dict $args_dict )
Get all client tools registered with the MA for given user |
public
boolean
|
|
public
List
|
#
lookup_members( dict $args_dict )
Return list of members satisfying the 'and' of a provided set of name/value attributes |
public
Dictionary
|
#
lookup_member_by_id( dict $args_dict )
Return name/value attribute information about given member by UUID |
public
boolean
|
|
public
boolean
|
|
public
number
|