def changeDirectoryMode( self, paths, s_uid = 0, s_gid = 0 ):
""" Bulk setting of the directory owner
"""
result = self.db.ugManager.findUser( s_uid )
if not result['OK']:
return result
uid = result['Value']
result = self.db.ugManager.findGroup( s_gid )
if not result['OK']:
return result
gid = result['Value']
result = checkArgumentFormat( paths )
if not result['OK']:
return result
arguments = result['Value']
successful = {}
failed = {}
for path, mode in arguments.items():
result = self.setDirectoryMode( path, mode )
if not result['OK']:
failed[path] = result['Message']
else:
successful[path] = True
return S_OK( {'Successful':successful, 'Failed':failed} )
def getPathPermissions(self, lfns, credDict):
""" Get permissions for the given user/group to manipulate the given lfns
"""
res = checkArgumentFormat(lfns)
if not res['OK']:
return res
lfns = res['Value']
return self.securityManager.getPathPermissions( lfns.keys(), credDict )
def hasAccess(self, opType, paths, credDict):
""" Get permissions for the given user/group to execute the given operation
on the given paths
returns Successful dict with True/False
"""
res = checkArgumentFormat(paths)
if not res['OK']:
return res
paths = res['Value']
return self.securityManager.hasAccess(opType, paths, credDict)
def hasAccess( self, opType, paths, credDict ):
""" Get permissions for the given user/group to execute the given operation
on the given paths
returns Successful dict with True/False
"""
res = checkArgumentFormat( paths )
if not res['OK']:
return res
paths = res['Value']
return self.securityManager.hasAccess( opType, paths, credDict )
def _checkPathPermissions(self,operation,lfns,credDict):
res = checkArgumentFormat(lfns)
if not res['OK']:
return res
lfns = res['Value']
res = self.securityManager.hasAccess( operation, lfns.keys(), credDict )
if not res['OK']:
return res
# Do not consider those paths for which we failed to determine access
failed = res['Value']['Failed']
for lfn in failed.keys():
lfns.pop(lfn)
# Do not consider those paths for which access is denied
successful = {}
for lfn,access in res['Value']['Successful'].items():
if not access:
failed[lfn] = 'Permission denied'
else:
successful[lfn] = lfns[lfn]
return S_OK( {'Successful':successful,'Failed':failed} )
def _checkPathPermissions(self, operation, lfns, credDict):
res = checkArgumentFormat(lfns)
if not res["OK"]:
return res
lfns = res["Value"]
res = self.securityManager.hasAccess(operation, lfns.keys(), credDict)
if not res["OK"]:
return res
# Do not consider those paths for which we failed to determine access
failed = res["Value"]["Failed"]
for lfn in failed.keys():
lfns.pop(lfn)
# Do not consider those paths for which access is denied
successful = {}
for lfn, access in res["Value"]["Successful"].items():
if not access:
failed[lfn] = "Permission denied"
else:
successful[lfn] = lfns[lfn]
return S_OK({"Successful": successful, "Failed": failed})
