Beispiel #1
0
 def _getPilotProxyFromDIRACGroup(self, ownerDN, ownerGroup,
                                  requiredTimeLeft):
     """
 Download a limited pilot proxy with VOMS extensions depending on the group
 """
     #Assign VOMS attribute
     vomsAttr = CS.getVOMSAttributeForGroup(ownerGroup)
     if not vomsAttr:
         self.log.info(
             "Downloading a proxy without VOMS extensions for %s@%s" %
             (ownerDN, ownerGroup))
         return gProxyManager.downloadProxy(
             ownerDN,
             ownerGroup,
             limited=True,
             requiredTimeLeft=requiredTimeLeft)
     else:
         self.log.info(
             "Downloading a proxy with '%s' VOMS extension for %s@%s" %
             (vomsAttr, ownerDN, ownerGroup))
         return gProxyManager.downloadVOMSProxy(
             ownerDN,
             ownerGroup,
             limited=True,
             requiredTimeLeft=requiredTimeLeft,
             requiredVOMSAttribute=vomsAttr)
Beispiel #2
0
    def getProxy(self, userDN, userGroup, validity=43200, limited=False):
        """Retrieves a proxy with default 12hr validity and stores
       this in a file in the local directory by default.

       Example usage:

       >>> print diracAdmin.getProxy()
       {'OK': True, 'Value': }

       @return: S_OK,S_ERROR

    """
        return gProxyManager.downloadProxy(userDN, userGroup, limited=limited, requiredTimeLeft=validity)
Beispiel #3
0
def getShifterProxy(shifterType, fileName=False):
    """
  This method returns a shifter's proxy
    - shifterType : ProductionManager / DataManager...
  """
    if fileName:
        try:
            os.makedirs(os.path.dirname(fileName))
        except OSError:
            pass
    opsHelper = Operations()
    userName = opsHelper.getValue(cfgPath('Shifter', shifterType, 'User'), '')
    if not userName:
        return S_ERROR("No shifter User defined for %s" % shifterType)
    result = CS.getDNForUsername(userName)
    if not result['OK']:
        return result
    userDN = result['Value'][0]
    result = CS.findDefaultGroupForDN(userDN)
    if not result['OK']:
        return result
    defaultGroup = result['Value']
    userGroup = opsHelper.getValue(cfgPath('Shifter', shifterType, 'Group'),
                                   defaultGroup)
    vomsAttr = CS.getVOMSAttributeForGroup(userGroup)
    if vomsAttr:
        gLogger.info("Getting VOMS [%s] proxy for shifter %s@%s (%s)" %
                     (vomsAttr, userName, userGroup, userDN))
        result = gProxyManager.downloadVOMSProxy(userDN,
                                                 userGroup,
                                                 requiredTimeLeft=4 * 43200)
    else:
        gLogger.info("Getting proxy for shifter %s@%s (%s)" %
                     (userName, userGroup, userDN))
        result = gProxyManager.downloadProxy(userDN,
                                             userGroup,
                                             requiredTimeLeft=4 * 43200)
    if not result['OK']:
        return result
    chain = result['Value']
    result = gProxyManager.dumpProxyToFile(chain, destinationFile=fileName)
    if not result['OK']:
        return result
    fileName = result['Value']
    return S_OK({
        'DN': userDN,
        'username': userName,
        'group': userGroup,
        'chain': chain,
        'proxyFile': fileName
    })
Beispiel #4
0
  def getProxy( self, userDN, userGroup, validity = 43200, limited = False ):
    """Retrieves a proxy with default 12hr validity and stores
       this in a file in the local directory by default.

       Example usage:

         >>> print diracAdmin.getProxy()
         {'OK': True, 'Value': }

       @return: S_OK,S_ERROR

    """
    return gProxyManager.downloadProxy( userDN, userGroup, limited = limited,
                                        requiredTimeLeft = validity )
Beispiel #5
0
def getShifterProxy(shifterType, fileName=False):
    """
  This method returns a shifter's proxy
    - shifterType : ProductionManager / DataManager...
  """
    if fileName:
        try:
            os.makedirs(os.path.dirname(fileName))
        except:
            pass
    shifterSection = "/Operations/Shifter/%s" % shifterType
    userName = gConfig.getValue('%s/User' % shifterSection, '')
    if not userName:
        return S_ERROR("No shifter defined in %s/User" % shifterSection)
    result = CS.getDNForUsername(userName)
    if not result['OK']:
        return result
    userDN = result['Value'][0]
    userGroup = gConfig.getValue('%s/Group' % shifterSection,
                                 CS.getDefaultUserGroup())
    vomsAttr = CS.getVOMSAttributeForGroup(userGroup)
    if vomsAttr:
        gLogger.info("Getting VOMS [%s] proxy for shifter %s@%s (%s)" %
                     (vomsAttr, userName, userGroup, userDN))
        result = gProxyManager.downloadVOMSProxy(userDN,
                                                 userGroup,
                                                 requiredTimeLeft=4 * 43200)
    else:
        gLogger.info("Getting proxy for shifter %s@%s (%s)" %
                     (userName, userGroup, userDN))
        result = gProxyManager.downloadProxy(userDN,
                                             userGroup,
                                             requiredTimeLeft=4 * 43200)
    if not result['OK']:
        return result
    chain = result['Value']
    result = gProxyManager.dumpProxyToFile(chain, destinationFile=fileName)
    if not result['OK']:
        return result
    fileName = result['Value']
    return S_OK({
        'DN': userDN,
        'username': userName,
        'group': userGroup,
        'chain': chain,
        'proxyFile': fileName
    })
Beispiel #6
0
 def _getPilotProxyFromDIRACGroup( self, ownerDN, ownerGroup, requiredTimeLeft ):
   """
   Download a limited pilot proxy with VOMS extensions depending on the group
   """
   #Assign VOMS attribute
   vomsAttr = CS.getVOMSAttributeForGroup( ownerGroup )
   if not vomsAttr:
     self.log.info( "Downloading a proxy without VOMS extensions for %s@%s" % ( ownerDN, ownerGroup ) )
     return gProxyManager.downloadProxy( ownerDN, ownerGroup, limited = True,
                                         requiredTimeLeft = requiredTimeLeft )
   else:
     self.log.info( "Downloading a proxy with '%s' VOMS extension for %s@%s" % ( vomsAttr, ownerDN, ownerGroup ) )
     return gProxyManager.downloadVOMSProxy( ownerDN,
                                    ownerGroup,
                                    limited = True,
                                    requiredTimeLeft = requiredTimeLeft,
                                    requiredVOMSAttribute = vomsAttr )
Beispiel #7
0
def getShifterProxy( shifterType, fileName = False ):
  """
  This method returns a shifter's proxy
    - shifterType : ProductionManager / DataManager...
  """
  if fileName:
    try:
      os.makedirs( os.path.dirname( fileName ) )
    except OSError:
      pass
  opsHelper = Operations()
  userName = opsHelper.getValue( cfgPath( 'Shifter', shifterType, 'User' ), '' )
  if not userName:
    return S_ERROR( "No shifter User defined for %s" % shifterType )
  result = CS.getDNForUsername( userName )
  if not result[ 'OK' ]:
    return result
  userDN = result[ 'Value' ][0]
  result = CS.findDefaultGroupForDN( userDN )
  if not result['OK']:
    return result
  defaultGroup = result['Value']
  userGroup = opsHelper.getValue( cfgPath( 'Shifter', shifterType, 'Group' ), defaultGroup )
  vomsAttr = CS.getVOMSAttributeForGroup( userGroup )
  if vomsAttr:
    gLogger.info( "Getting VOMS [%s] proxy for shifter %s@%s (%s)" % ( vomsAttr, userName,
                                                                       userGroup, userDN ) )
    result = gProxyManager.downloadVOMSProxy( userDN, userGroup, requiredTimeLeft = 4 * 43200 )
  else:
    gLogger.info( "Getting proxy for shifter %s@%s (%s)" % ( userName, userGroup, userDN ) )
    result = gProxyManager.downloadProxy( userDN, userGroup, requiredTimeLeft = 4 * 43200 )
  if not result[ 'OK' ]:
    return result
  chain = result[ 'Value' ]
  result = gProxyManager.dumpProxyToFile( chain, destinationFile = fileName )
  if not result[ 'OK' ]:
    return result
  fileName = result[ 'Value' ]
  return S_OK( { 'DN' : userDN,
                 'username' : userName,
                 'group' : userGroup,
                 'chain' : chain,
                 'proxyFile' : fileName } )
Beispiel #8
0
def getShifterProxy( shifterType, fileName = False ):
  """
  This method returns a shifter's proxy
    - shifterType : ProductionManager / DataManager...
  """
  if fileName:
    try:
      os.makedirs( os.path.dirname( fileName ) )
    except:
      pass
  shifterSection = "/Operations/Shifter/%s" % shifterType
  userName = gConfig.getValue( '%s/User' % shifterSection, '' )
  if not userName:
    return S_ERROR( "No shifter defined in %s/User" % shifterSection )
  result = CS.getDNForUsername( userName )
  if not result[ 'OK' ]:
    return result
  userDN = result[ 'Value' ][0]
  userGroup = gConfig.getValue( '%s/Group' % shifterSection, CS.getDefaultUserGroup() )
  vomsAttr = CS.getVOMSAttributeForGroup( userGroup )
  if vomsAttr:
    gLogger.info( "Getting VOMS [%s] proxy for shifter %s@%s (%s)" % ( vomsAttr, userName,
                                                                       userGroup, userDN ) )
    result = gProxyManager.downloadVOMSProxy( userDN, userGroup, requiredTimeLeft = 4 * 43200 )
  else:
    gLogger.info( "Getting proxy for shifter %s@%s (%s)" % ( userName, userGroup, userDN ) )
    result = gProxyManager.downloadProxy( userDN, userGroup, requiredTimeLeft = 4 * 43200 )
  if not result[ 'OK' ]:
    return result
  chain = result[ 'Value' ]
  result = gProxyManager.dumpProxyToFile( chain, destinationFile = fileName )
  if not result[ 'OK' ]:
    return result
  fileName = result[ 'Value' ]
  return S_OK( { 'DN' : userDN,
                 'username' : userName,
                 'group' : userGroup,
                 'chain' : chain,
                 'proxyFile' : fileName } )
Beispiel #9
0
def main():
    params = Params()
    params.registerCLISwitches()

    Script.parseCommandLine(ignoreErrors=True)
    args = Script.getPositionalArgs()

    if len(args) != 2:
        Script.showHelp()

    userGroup = str(args[1])
    userDN = str(args[0])
    userName = False
    if userDN.find("/") != 0:
        userName = userDN
        retVal = Registry.getDNForUsername(userName)
        if not retVal['OK']:
            gLogger.notice("Cannot discover DN for username %s\n\t%s" %
                           (userName, retVal['Message']))
            DIRAC.exit(2)
        DNList = retVal['Value']
        if len(DNList) > 1:
            gLogger.notice("Username %s has more than one DN registered" %
                           userName)
            ind = 0
            for dn in DNList:
                gLogger.notice("%d %s" % (ind, dn))
                ind += 1
            inp = six.moves.input(
                "Which DN do you want to download? [default 0] ")
            if not inp:
                inp = 0
            else:
                inp = int(inp)
            userDN = DNList[inp]
        else:
            userDN = DNList[0]

    if not params.proxyPath:
        if not userName:
            result = Registry.getUsernameForDN(userDN)
            if not result['OK']:
                gLogger.notice("DN '%s' is not registered in DIRAC" % userDN)
                DIRAC.exit(2)
            userName = result['Value']
        params.proxyPath = "%s/proxy.%s.%s" % (os.getcwd(), userName,
                                               userGroup)

    if params.enableVOMS:
        result = gProxyManager.downloadVOMSProxy(
            userDN,
            userGroup,
            limited=params.limited,
            requiredTimeLeft=params.proxyLifeTime,
            requiredVOMSAttribute=params.vomsAttr)
    else:
        result = gProxyManager.downloadProxy(
            userDN,
            userGroup,
            limited=params.limited,
            requiredTimeLeft=params.proxyLifeTime)
    if not result['OK']:
        gLogger.notice('Proxy file cannot be retrieved: %s' %
                       result['Message'])
        DIRAC.exit(2)
    chain = result['Value']
    result = chain.dumpAllToFile(params.proxyPath)
    if not result['OK']:
        gLogger.notice('Proxy file cannot be written to %s: %s' %
                       (params.proxyPath, result['Message']))
        DIRAC.exit(2)
    gLogger.notice("Proxy downloaded to %s" % params.proxyPath)
    DIRAC.exit(0)
    print "Which dn do you want to download?"
    DIRAC.exit( 2 )
  userDN = DNList[0]

if not params.proxyPath:
  if not userName:
    result = Registry.getUsernameForDN( userDN )
    if not result[ 'OK' ]:
      print "DN '%s' is not registered in DIRAC" % userDN
      DIRAC.exit( 2 )
    userName = result[ 'Value' ]
  params.proxyPath = "%s/proxy.%s.%s" % ( os.getcwd(), userName, userGroup )

if params.enableVOMS:
  result = gProxyManager.downloadVOMSProxy( userDN, userGroup, limited = params.limited,
                                            requiredTimeLeft = params.proxyLifeTime,
                                            requiredVOMSAttribute = params.vomsAttr )
else:
  result = gProxyManager.downloadProxy( userDN, userGroup, limited = params.limited,
                                        requiredTimeLeft = params.proxyLifeTime )
if not result['OK']:
  print 'Proxy file cannot be retrieved: %s' % result['Message']
  DIRAC.exit( 2 )
chain = result[ 'Value' ]
result = chain.dumpAllToFile( params.proxyPath )
if not result['OK']:
  print 'Proxy file cannot be written to %s: %s' % ( params.proxyPath, result['Message'] )
  DIRAC.exit( 2 )
print "Proxy downloaded to %s" % params.proxyPath
DIRAC.exit( 0 )
Beispiel #11
0
def main():
    params = Params()
    params.registerCLISwitches()
    # Registering arguments will automatically add their description to the help menu
    Script.registerArgument((
        "DN:       DN of the user",
        "user:     DIRAC user name (will fail if there is more than 1 DN registered)"
    ))
    Script.registerArgument(" group:    DIRAC group name")

    Script.parseCommandLine(ignoreErrors=True)
    # parseCommandLine show help when mandatory arguments are not specified or incorrect argument
    userDN, userGroup = Script.getPositionalArgs(group=True)

    userName = False
    if userDN.find("/") != 0:
        userName = userDN
        retVal = Registry.getDNForUsername(userName)
        if not retVal["OK"]:
            gLogger.notice("Cannot discover DN for username %s\n\t%s" %
                           (userName, retVal["Message"]))
            DIRAC.exit(2)
        DNList = retVal["Value"]
        if len(DNList) > 1:
            gLogger.notice("Username %s has more than one DN registered" %
                           userName)
            ind = 0
            for dn in DNList:
                gLogger.notice("%d %s" % (ind, dn))
                ind += 1
            inp = input("Which DN do you want to download? [default 0] ")
            if not inp:
                inp = 0
            else:
                inp = int(inp)
            userDN = DNList[inp]
        else:
            userDN = DNList[0]

    if not params.proxyPath:
        if not userName:
            result = Registry.getUsernameForDN(userDN)
            if not result["OK"]:
                gLogger.notice("DN '%s' is not registered in DIRAC" % userDN)
                DIRAC.exit(2)
            userName = result["Value"]
        params.proxyPath = "%s/proxy.%s.%s" % (os.getcwd(), userName,
                                               userGroup)

    if params.enableVOMS:
        result = gProxyManager.downloadVOMSProxy(
            userDN,
            userGroup,
            limited=params.limited,
            requiredTimeLeft=params.proxyLifeTime,
            requiredVOMSAttribute=params.vomsAttr,
        )
    else:
        result = gProxyManager.downloadProxy(
            userDN,
            userGroup,
            limited=params.limited,
            requiredTimeLeft=params.proxyLifeTime)
    if not result["OK"]:
        gLogger.notice("Proxy file cannot be retrieved: %s" %
                       result["Message"])
        DIRAC.exit(2)
    chain = result["Value"]
    result = chain.dumpAllToFile(params.proxyPath)
    if not result["OK"]:
        gLogger.notice("Proxy file cannot be written to %s: %s" %
                       (params.proxyPath, result["Message"]))
        DIRAC.exit(2)
    gLogger.notice("Proxy downloaded to %s" % params.proxyPath)
    DIRAC.exit(0)
Beispiel #12
0
        result = CS.getUsernameForDN(userDN)
        if not result['OK']:
            print "DN '%s' is not registered in DIRAC" % userDN
            DIRAC.exit(2)
        userName = result['Value']
    params.proxyPath = "%s/proxy.%s.%s" % (os.getcwd(), userName, userGroup)

if params.enableVOMS:
    result = gProxyManager.downloadVOMSProxy(
        userDN,
        userGroup,
        limited=params.limited,
        requiredTimeLeft=params.proxyLifeTime,
        requiredVOMSAttribute=params.vomsAttr)
else:
    result = gProxyManager.downloadProxy(userDN,
                                         userGroup,
                                         limited=params.limited,
                                         requiredTimeLeft=params.proxyLifeTime)
if not result['OK']:
    print 'Proxy file cannot be retrieved: %s' % result['Message']
    DIRAC.exit(2)
chain = result['Value']
result = chain.dumpAllToFile(params.proxyPath)
if not result['OK']:
    print 'Proxy file cannot be written to %s: %s' % (params.proxyPath,
                                                      result['Message'])
    DIRAC.exit(2)
print "Proxy downloaded to %s" % params.proxyPath
DIRAC.exit(0)
Beispiel #13
0
    def __getOwnerProxy(self, dirPath):
        ''' get owner creds for :dirPath: '''
        self.log.verbose("Retrieving dir metadata...")
        # get owner form the cached information, if not, try getDirectoryMetadata
        ownerName, ownerGroup = self.__directoryOwners.pop(
            dirPath, (None, None))
        if not ownerName or not ownerGroup:
            result = returnSingleResult(
                self.catalog.getDirectoryMetadata(dirPath))
            if not result['OK'] or 'OwnerRole' not in result['Value']:
                self.log.error("Could not get metadata info",
                               result['Message'])
                return result
            ownerRole = result['Value']['OwnerRole']
            ownerDN = result['Value']['OwnerDN']
            if ownerRole[0] != "/":
                ownerRole = "/%s" % ownerRole
            cacheKey = (ownerDN, ownerRole)
            ownerName = 'unknown'
            byGroup = False
        else:
            ownerDN = Registry.getDNForUsername(ownerName)
            if not ownerDN['OK']:
                self.log.error("Could not get DN from user name",
                               ownerDN['Message'])
                return ownerDN
            ownerDN = ownerDN['Value'][0]
            # This bloody method returns directly a string!!!!
            ownerRole = Registry.getVOMSAttributeForGroup(ownerGroup)
            byGroup = True
            # Get all groups for that VOMS Role, and add lhcb_user as in DFC this is a safe value
        ownerGroups = Registry.getGroupsWithVOMSAttribute(ownerRole) + [
            'lhcb_user'
        ]

        downErrors = []
        for ownerGroup in ownerGroups:
            if byGroup:
                ownerRole = None
                cacheKey = (ownerDN, ownerGroup)
            if cacheKey in self.__noProxy:
                return S_ERROR("Proxy not available")
                # Getting the proxy...
            upFile = self.proxyCache.get(cacheKey, 3600)
            if upFile and os.path.exists(upFile):
                self.log.verbose(
                    'Returning cached proxy for %s %s@%s [%s] in %s' %
                    (ownerName, ownerDN, ownerGroup, ownerRole, upFile))
                return S_OK(upFile)
            if ownerRole:
                result = gProxyManager.downloadVOMSProxy(
                    ownerDN,
                    ownerGroup,
                    limited=False,
                    requiredVOMSAttribute=ownerRole)
            else:
                result = gProxyManager.downloadProxy(ownerDN,
                                                     ownerGroup,
                                                     limited=False)
            if not result['OK']:
                downErrors.append("%s : %s" % (cacheKey, result['Message']))
                continue
            userProxy = result['Value']
            secsLeft = max(0, userProxy.getRemainingSecs()['Value'])
            upFile = userProxy.dumpAllToFile()
            if upFile['OK']:
                upFile = upFile['Value']
            else:
                return upFile
            self.proxyCache.add(cacheKey, secsLeft, upFile)
            self.log.info("Got proxy for %s %s@%s [%s]" %
                          (ownerName, ownerDN, ownerGroup, ownerRole))
            return S_OK(upFile)
        self.__noProxy.add(cacheKey)
        return S_ERROR("Could not download proxy for user (%s, %s):\n%s " %
                       (ownerDN, ownerRole, "\n ".join(downErrors)))