def add_account_attribute(key, value, account, issuer, vo='def', session=None): """ Add an attribute to an account. :param key: attribute key. :param value: attribute value. :param account: The account name. :param issuer: The issuer account. :param vo: The VO to act on. :param session: The database session in use. """ validate_schema(name='account_attribute', obj=key, vo=vo) validate_schema(name='account_attribute', obj=value, vo=vo) kwargs = {'account': account, 'key': key, 'value': value} if not rucio.api.permission.has_permission(issuer=issuer, vo=vo, action='add_attribute', kwargs=kwargs, session=session): raise rucio.common.exception.AccessDenied( 'Account %s can not add attributes' % (issuer)) account = InternalAccount(account, vo=vo) account_core.add_account_attribute(account, key, value, session=session)
def test_add_account_attribute(self): """ ACCOUNT (CORE): Test adding attribute to account """ account = InternalAccount('root', **self.vo) key = account_name_generator() value = True add_account_attribute(account, key, value) assert {'key': key, 'value': True} in list_account_attributes(account) with pytest.raises(Duplicate): add_account_attribute(account, key, value)
def add_account_attribute(key, value, account, issuer): """ Add an attribute to an account. :param key: attribute key. :param value: attribute value. :param account: The account name. :param issuer: The issuer account_core. """ validate_schema(name="account_attribute", obj=key) validate_schema(name="account_attribute", obj=value) kwargs = {"account": account, "key": key, "value": value} if not rucio.api.permission.has_permission(issuer=issuer, action="add_attribute", kwargs=kwargs): raise rucio.common.exception.AccessDenied("Account %s can not add attributes" % (issuer)) account_core.add_account_attribute(account, key, value)
def add_account_attribute(key, value, account, issuer): """ Add an attribute to an account. :param key: attribute key. :param value: attribute value. :param account: The account name. :param issuer: The issuer account_core. """ validate_schema(name='account_attribute', obj=key) validate_schema(name='account_attribute', obj=value) kwargs = {'account': account, 'key': key, 'value': value} if not rucio.api.permission.has_permission( issuer=issuer, action='add_attribute', kwargs=kwargs): raise rucio.common.exception.AccessDenied( 'Account %s can not add attributes' % (issuer)) account_core.add_account_attribute(account, key, value)
def sync_accounts(self, iam_users): for user in iam_users: username = user['userName'] email = user['emails'][0]['value'] if not user['active']: logging.debug( 'Skipped account creation for User {} [not active]'.format( username)) continue # Rucio DB schema restriction if len(username) > 25: logging.debug( 'Skipped account creation for User {} [len(username) > 25]' .format(username)) continue if not account.account_exists(InternalAccount(username)): account.add_account(InternalAccount(username), AccountType.SERVICE, email) logging.debug( 'Created account for User {} ***'.format(username)) # Give account quota for all RSEs for rse_obj in rse.list_rses(): set_local_account_limit(InternalAccount(username), rse_obj['id'], 1000000000000) # Make the user an admin & able to sign URLs try: add_account_attribute(InternalAccount(username), 'admin', 'True') add_account_attribute(InternalAccount(username), 'sign-gcs', 'True') except Exception as e: logging.debug(e) if "groups" in user: for group in user['groups']: group_name = group['display'] if not account.has_account_attribute( InternalAccount(username), group_name): add_account_attribute(InternalAccount(username), group_name, 'True')
email='N/A', vo='def') except Duplicate: print('VO {} already added'.format(vo['vo']) % locals()) else: vo = {} c = Client() try: c.add_account('jdoe', 'SERVICE', '*****@*****.**') except Duplicate: print('Account jdoe already added' % locals()) try: add_account_attribute( account=InternalAccount('root', **vo), key='admin', value=True ) # bypass client as schema validation fails at API level except Exception as error: print(error) try: c.add_account('panda', 'SERVICE', '*****@*****.**') add_account_attribute(account=InternalAccount('panda', **vo), key='admin', value=True) except Duplicate: print('Account panda already added' % locals()) try: c.add_scope('jdoe', 'mock') except Duplicate:
# PY3K COMPATIBLE from rucio.client import Client from rucio.common.exception import Duplicate from rucio.core.account import add_account_attribute if __name__ == '__main__': c = Client() try: c.add_account('jdoe', 'SERVICE', '*****@*****.**') except Duplicate: print('Account jdoe already added' % locals()) try: add_account_attribute(account='root', key='admin', value=True) except Exception as error: print(error) try: c.add_account('panda', 'SERVICE', '*****@*****.**') add_account_attribute(account='panda', key='admin', value=True) except Duplicate: print('Account panda already added' % locals()) try: c.add_scope('jdoe', 'mock') except Duplicate: print('Scope mock already added' % locals()) try:
continue client.add_distance(rse, rse2, {"distance": 1, "ranking": 1}) client.add_scope(account="root", scope="cms") client.add_account("transfer_ops", "SERVICE", "*****@*****.**") client.add_identity( account="transfer_ops", identity="ddmlab", authtype="USERPASS", email="*****@*****.**", ) # why is this still a workaround? from rucio.core.account import add_account_attribute from rucio.common.types import InternalAccount add_account_attribute(InternalAccount("transfer_ops"), "admin", True) client.add_account("wma_prod", "SERVICE", "*****@*****.**") client.add_identity( account="wma_prod", identity="ddmlab", authtype="USERPASS", email="*****@*****.**", ) add_account_attribute(InternalAccount("wma_prod"), "admin", True) # as wma_prod is an admin account, this has no effect client.set_account_limit('wma_prod', 'T2_US_Wisconsin_Mock', int(20e9), 'local') client.add_account("jdoe", "USER", "*****@*****.**") client.add_scope(account="jdoe", scope="user.jdoe")