def get(self):
"""List all scopes.
.. :quickref: Scopes; Get all scopes.
**Example request**:
.. sourcecode:: http
GET /posts/ HTTP/1.1
Host: rucio.com
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
["RSE1", "RSE2", "RSE3", "RSE4", "RSE5"]
:resheader Content-Type: application/json
:status 200: scopes found
:status 406: Not Acceptable
:returns: :class:`String`
"""
return jsonify(list_scopes(vo=request.environ.get('vo')))
def GET(self):
"""
List all scopes.
HTTP Success:
200 Success
"""
return dumps(list_scopes())
def GET(self):
"""
List all scopes.
HTTP Success:
200 Success
"""
return dumps(list_scopes())
def GET(self):
"""
List all scopes.
HTTP Success:
200 Success
HTTP Error:
406 Not Acceptable
"""
return dumps(list_scopes(vo=ctx.env.get('vo')))
def GET(self):
"""
List all scopes.
HTTP Success:
200 Success
HTTP Error:
406 Not Acceptable
"""
return dumps(list_scopes())
def test_api_scope(self):
""" SCOPE (API): Test external representation of scopes """
out = list_scopes()
assert self.scope_name in out
if self.multi_vo:
assert self.scope.internal not in out
out = get_scopes(self.account_name, **self.vo)
assert self.scope_name in out
if self.multi_vo:
assert self.scope.internal not in out
def add_files(lfns, issuer, ignore_availability, vo='def'):
"""
Bulk add files :
- Create the file and replica.
- If doesn't exist create the dataset containing the file as well as a rule on the dataset on ANY sites.
- Create all the ascendants of the dataset if they do not exist
:param lfns: List of lfn (dictionary {'lfn': <lfn>, 'rse': <rse>, 'bytes': <bytes>, 'adler32': <adler32>, 'guid': <guid>, 'pfn': <pfn>}
:param issuer: The issuer account.
:param ignore_availability: A boolean to ignore blocked sites.
:param vo: The VO to act on.
"""
scopes = list_scopes(vo=vo)
dids = []
rses = {}
for lfn in lfns:
scope, name = extract_scope(lfn['lfn'], scopes)
dids.append({'scope': scope, 'name': name})
rse = lfn['rse']
if rse not in rses:
rse_id = get_rse_id(rse=rse, vo=vo)
rses[rse] = rse_id
lfn['rse_id'] = rses[rse]
# Check if the issuer can add dids and use skip_availabitlity
for rse in rses:
rse_id = rses[rse]
kwargs = {'rse': rse, 'rse_id': rse_id}
if not has_permission(
issuer=issuer, action='add_replicas', kwargs=kwargs, vo=vo):
raise AccessDenied(
'Account %s can not add file replicas on %s for VO %s' %
(issuer, rse, vo))
if not has_permission(issuer=issuer,
action='skip_availability_check',
kwargs=kwargs,
vo=vo):
ignore_availability = False
# Check if the issuer can add the files
kwargs = {'issuer': issuer, 'dids': dids}
if not has_permission(
issuer=issuer, action='add_dids', kwargs=kwargs, vo=vo):
raise AccessDenied(
'Account %s can not bulk add data identifier for VO %s' %
(issuer, vo))
dirac.add_files(lfns=lfns,
account=issuer,
ignore_availability=ignore_availability,
session=None,
vo=vo)
def test_super_root_permissions(self):
""" MULTI VO (CORE): Test super_root cannot access root/user functions """
rse_str = ''.join(choice(ascii_uppercase) for x in range(10))
rse_name = 'MOCK_%s' % rse_str
scope_uuid = str(generate_uuid()).lower()[:16]
scope = 'mock_%s' % scope_uuid
# Test super_root@def with functions at vo='def'
with assert_raises(AccessDenied):
add_rse(rse_name, 'super_root', vo='def')
with assert_raises(AccessDenied):
add_scope(scope, 'root', 'super_root', vo='def')
add_scope(scope, 'super_root', 'super_root', vo='def')
assert_in(scope, [s for s in list_scopes(filter={}, vo='def')])
def test_scopes_at_different_vos(self):
""" MULTI VO (CLIENT): Test that scopes from 2nd vo don't interfere """
scope_client = ScopeClient()
scope_uuid = str(generate_uuid()).lower()[:16]
tst = 'tst_%s' % scope_uuid
new = 'new_%s' % scope_uuid
shr = 'shr_%s' % scope_uuid
scope_client.add_scope('root', tst)
scope_client.add_scope('root', shr)
add_scope(new, 'root', 'root', **self.new_vo)
add_scope(shr, 'root', 'root', **self.new_vo)
scope_list_tst = list(scope_client.list_scopes())
scope_list_new = list(list_scopes(filter={}, **self.new_vo))
assert_true(tst in scope_list_tst)
assert_false(new in scope_list_tst)
assert_true(shr in scope_list_tst)
assert_false(tst in scope_list_new)
assert_true(new in scope_list_new)
assert_true(shr in scope_list_new)
def get(self):
"""
---
summary: List Scopes
description: List all scopes
tags:
- Scopes
responses:
200:
description: OK
content:
application/json:
schema:
description: All scopes.
type: array
items:
description: A scope.
type: string
401:
description: Invalid Auth Token
406:
description: Not acceptable
"""
return jsonify(list_scopes(vo=request.environ.get('vo')))
