Python getVOMSAttributeForGroupの例、DIRAC.ConfigurationSystem.Client.Helpers.Registry.getVOMSAttributeForGroup Pythonの例

コード例 #1

0

ファイルを表示

ファイル: Proxy.py プロジェクト: petricm/DIRAC

  def wrapped_fcn( *args, **kwargs ):

    userName = kwargs.pop( 'proxyUserName', '' )
    userDN = kwargs.pop( 'proxyUserDN', '' )
    userGroup = kwargs.pop( 'proxyUserGroup', '' )
    vomsFlag = kwargs.pop( 'proxyWithVOMS', True )
    proxyFilePath = kwargs.pop( 'proxyFilePath', False )

    if ( userName or userDN ) and userGroup:

      # Setup user proxy
      originalUserProxy = os.environ.get( 'X509_USER_PROXY' )
      if not userDN:
        result = getDNForUsername( userName )
        if not result[ 'OK' ]:
          return result
        userDN = result[ 'Value' ][0]
      vomsAttr = ''
      if vomsFlag:
        vomsAttr = getVOMSAttributeForGroup( userGroup )

      if vomsAttr:
        result = gProxyManager.downloadVOMSProxyToFile( userDN, userGroup,
                                                        requiredVOMSAttribute = vomsAttr,
                                                        filePath = proxyFilePath,
                                                        requiredTimeLeft = 3600,
                                                        cacheTime =  3600 )
      else:
        result = gProxyManager.downloadProxyToFile( userDN, userGroup,
                                                    filePath = proxyFilePath,
                                                    requiredTimeLeft = 3600,
                                                    cacheTime =  3600 )

      if not result['OK']:
        gLogger.warn( "Can't download proxy to file", result['Message'] )
        return result

      proxyFile = result['Value']
      os.environ['X509_USER_PROXY'] = proxyFile

      # Check if the caller is executing with the host certificate
      useServerCertificate = gConfig.useServerCertificate()
      if useServerCertificate:
        gConfigurationData.setOptionInCFG( '/DIRAC/Security/UseServerCertificate', 'false' )

      try:
        resultFcn = fcn( *args, **kwargs )
      except Exception, x:
        resultFcn = S_ERROR( "Exception: %s" % str( x ) )

      # Restore the default host certificate usage if necessary
      if useServerCertificate:
        gConfigurationData.setOptionInCFG( '/DIRAC/Security/UseServerCertificate', 'true' )
      if originalUserProxy:
        os.environ['X509_USER_PROXY'] = originalUserProxy
      else:
        os.environ.pop( 'X509_USER_PROXY' )

      return resultFcn

コード例 #2

0

ファイルを表示

ファイル: Proxy.py プロジェクト: yujikato/DIRAC

    def wrapped_fcn(*args, **kwargs):

        userName = kwargs.pop("proxyUserName", "")
        userGroup = kwargs.pop("proxyUserGroup", "")
        vomsFlag = kwargs.pop("proxyWithVOMS", True)
        proxyFilePath = kwargs.pop("proxyFilePath", False)

        if userName and userGroup:

            # Setup user proxy
            originalUserProxy = os.environ.get("X509_USER_PROXY")
            result = getDNForUsername(userName)
            if not result["OK"]:
                return result
            userDN = result["Value"][0]
            vomsAttr = ""
            if vomsFlag:
                vomsAttr = getVOMSAttributeForGroup(userGroup)

            if vomsAttr:
                result = gProxyManager.downloadVOMSProxyToFile(
                    userDN,
                    userGroup,
                    requiredVOMSAttribute=vomsAttr,
                    filePath=proxyFilePath,
                    requiredTimeLeft=3600,
                    cacheTime=3600,
                )
            else:
                result = gProxyManager.downloadProxyToFile(
                    userDN, userGroup, filePath=proxyFilePath, requiredTimeLeft=3600, cacheTime=3600
                )

            if not result["OK"]:
                return result

            proxyFile = result["Value"]
            os.environ["X509_USER_PROXY"] = proxyFile

            # Check if the caller is executing with the host certificate
            useServerCertificate = gConfig.useServerCertificate()
            if useServerCertificate:
                gConfigurationData.setOptionInCFG("/DIRAC/Security/UseServerCertificate", "false")

            try:
                resultFcn = fcn(*args, **kwargs)
            except Exception, x:
                resultFcn = S_ERROR("Exception: %s" % str(x))

            # Restore the default host certificate usage if necessary
            if useServerCertificate:
                gConfigurationData.setOptionInCFG("/DIRAC/Security/UseServerCertificate", "true")
            if originalUserProxy:
                os.environ["X509_USER_PROXY"] = originalUserProxy
            else:
                os.environ.pop("X509_USER_PROXY")

            return resultFcn

コード例 #3

0

ファイルを表示

    def wrapped_fcn(*args, **kwargs):

        userName = kwargs.pop('proxyUserName', '')
        userDN = kwargs.pop('proxyUserDN', '')
        userGroup = kwargs.pop('proxyUserGroup', '')
        vomsFlag = kwargs.pop('proxyWithVOMS', True)
        proxyFilePath = kwargs.pop('proxyFilePath', False)

        if (userName or userDN) and userGroup:

            # Setup user proxy
            originalUserProxy = os.environ.get('X509_USER_PROXY')
            if userDN:
                userDNs = [userDN]
            else:
                result = getDNForUsername(userName)
                if not result['OK']:
                    return result
                userDNs = result[
                    'Value']  # a same user may have more than one DN
            vomsAttr = ''
            if vomsFlag:
                vomsAttr = getVOMSAttributeForGroup(userGroup)

            result = getProxy(userDNs, userGroup, vomsAttr, proxyFilePath)

            if not result['OK']:
                return result

            proxyFile = result['Value']
            os.environ['X509_USER_PROXY'] = proxyFile

            # Check if the caller is executing with the host certificate
            useServerCertificate = gConfig.useServerCertificate()
            if useServerCertificate:
                gConfigurationData.setOptionInCFG(
                    '/DIRAC/Security/UseServerCertificate', 'false')

            try:
                return fcn(*args, **kwargs)
            except Exception as lException:  #pylint: disable=broad-except
                value = ','.join([str(arg) for arg in lException.args])
                exceptType = lException.__class__.__name__
                return S_ERROR("Exception - %s: %s" % (exceptType, value))
            finally:
                # Restore the default host certificate usage if necessary
                if useServerCertificate:
                    gConfigurationData.setOptionInCFG(
                        '/DIRAC/Security/UseServerCertificate', 'true')
                if originalUserProxy:
                    os.environ['X509_USER_PROXY'] = originalUserProxy
                else:
                    os.environ.pop('X509_USER_PROXY')

        else:
            # No proxy substitution requested
            return fcn(*args, **kwargs)

コード例 #4

0

ファイルを表示

ファイル: Proxy.py プロジェクト: marcelovilaca/DIRAC

  def wrapped_fcn( *args, **kwargs ):

    userName = kwargs.pop( 'proxyUserName', '' )
    userGroup = kwargs.pop( 'proxyUserGroup', '' )
    vomsFlag = kwargs.pop( 'proxyWithVOMS', True )
    proxyFilePath = kwargs.pop( 'proxyFilePath', False )

    if userName and userGroup:

      # Setup user proxy
      originalUserProxy = os.environ.get( 'X509_USER_PROXY' )
      result = getDNForUsername( userName )
      if not result[ 'OK' ]:
        return result
      userDN = result[ 'Value' ][0]
      vomsAttr = ''
      if vomsFlag:
        vomsAttr = getVOMSAttributeForGroup( userGroup )

      if vomsAttr:
        result = gProxyManager.downloadVOMSProxyToFile( userDN, userGroup,
                                                        requiredVOMSAttribute = vomsAttr,
                                                        filePath = proxyFilePath,
                                                        requiredTimeLeft = 3600,
                                                        cacheTime =  3600 )
      else:
        result = gProxyManager.downloadProxyToFile( userDN, userGroup,
                                                    filePath = proxyFilePath,
                                                    requiredTimeLeft = 3600,
                                                    cacheTime =  3600 )

      if not result['OK']:
        return result

      proxyFile = result['Value']
      os.environ['X509_USER_PROXY'] = proxyFile

      # Check if the caller is executing with the host certificate
      useServerCertificate = gConfig.useServerCertificate()
      if useServerCertificate:
        gConfigurationData.setOptionInCFG( '/DIRAC/Security/UseServerCertificate', 'false' )

      try:
        resultFcn = fcn( *args, **kwargs )
      except Exception, x:
        resultFcn = S_ERROR( "Exception: %s" % str( x ) )

      # Restore the default host certificate usage if necessary
      if useServerCertificate:
        gConfigurationData.setOptionInCFG( '/DIRAC/Security/UseServerCertificate', 'true' )
      if originalUserProxy:
        os.environ['X509_USER_PROXY'] = originalUserProxy
      else:
        os.environ.pop( 'X509_USER_PROXY' )

      return resultFcn

コード例 #5

0

ファイルを表示

ファイル: Proxy.py プロジェクト: ahaupt/DIRAC

  def wrapped_fcn( *args, **kwargs ):

    userName = kwargs.pop( 'proxyUserName', '' )
    userDN = kwargs.pop( 'proxyUserDN', '' )
    userGroup = kwargs.pop( 'proxyUserGroup', '' )
    vomsFlag = kwargs.pop( 'proxyWithVOMS', True )
    proxyFilePath = kwargs.pop( 'proxyFilePath', False )

    if ( userName or userDN ) and userGroup:

      # Setup user proxy
      originalUserProxy = os.environ.get( 'X509_USER_PROXY' )
      if userDN:
        userDNs = [userDN]
      else:
        result = getDNForUsername( userName )
        if not result[ 'OK' ]:
          return result
        userDNs = result['Value'] # a same user may have more than one DN
      vomsAttr = ''
      if vomsFlag:
        vomsAttr = getVOMSAttributeForGroup( userGroup )

      result = getProxy(userDNs, userGroup, vomsAttr, proxyFilePath)

      if not result['OK']:
        return result

      proxyFile = result['Value']
      os.environ['X509_USER_PROXY'] = proxyFile

      # Check if the caller is executing with the host certificate
      useServerCertificate = gConfig.useServerCertificate()
      if useServerCertificate:
        gConfigurationData.setOptionInCFG( '/DIRAC/Security/UseServerCertificate', 'false' )

      try:
        return fcn( *args, **kwargs )
      except Exception as lException:
        value = ','.join( [str( arg ) for arg in lException.args] )
        exceptType = lException.__class__.__name__
        return S_ERROR( "Exception - %s: %s" % ( exceptType, value ) )
      finally:
        # Restore the default host certificate usage if necessary
        if useServerCertificate:
          gConfigurationData.setOptionInCFG( '/DIRAC/Security/UseServerCertificate', 'true' )
        if originalUserProxy:
          os.environ['X509_USER_PROXY'] = originalUserProxy
        else:
          os.environ.pop( 'X509_USER_PROXY' )

    else:
      # No proxy substitution requested
      return fcn( *args, **kwargs )

コード例 #6

0

ファイルを表示

ファイル: FileCatalogClient.py プロジェクト: ltomassetti/DIRAC

 def getDirectoryMetadata( self, lfns, timeout = 120 ):
   ''' Get standard directory metadata
   '''
   rpcClient = self._getRPC( timeout = timeout )
   result = rpcClient.getDirectoryMetadata( lfns )
   if not result['OK']:
     return result
   # Add some useful fields
   for path in result['Value']['Successful']:
     owner = result['Value']['Successful'][path]['Owner']
     group = result['Value']['Successful'][path]['OwnerGroup']
     res = getDNForUsername( owner )
     if res['OK']:
       result['Value']['Successful'][path]['OwnerDN'] = res['Value'][0]
     else:
       result['Value']['Successful'][path]['OwnerDN'] = ''
     result['Value']['Successful'][path]['OwnerRole'] = getVOMSAttributeForGroup( group )
   return result

コード例 #7

0

ファイルを表示

 def getDirectoryMetadata(self, lfns, timeout=120):
   ''' Get standard directory metadata
   '''
   rpcClient = self._getRPC(timeout=timeout)
   result = rpcClient.getDirectoryMetadata(lfns)
   if not result['OK']:
     return result
   # Add some useful fields
   for path in result['Value']['Successful']:
     owner = result['Value']['Successful'][path]['Owner']
     group = result['Value']['Successful'][path]['OwnerGroup']
     res = getDNForUsername(owner)
     if res['OK']:
       result['Value']['Successful'][path]['OwnerDN'] = res['Value'][0]
     else:
       result['Value']['Successful'][path]['OwnerDN'] = ''
     result['Value']['Successful'][path]['OwnerRole'] = getVOMSAttributeForGroup(group)
   return result

コード例 #8

0

ファイルを表示

def _putProxy(userDN=None,
              userName=None,
              userGroup=None,
              vomsFlag=None,
              proxyFilePath=None,
              executionLockFlag=False):
    """Download proxy, place in a file and populate X509_USER_PROXY environment variable.

    Parameters like `userProxy` or `executeWithUserProxy`.
    :returns: Tuple of originalUserProxy, useServerCertificate, executionLock
    """
    # Setup user proxy
    if userDN:
        userDNs = [userDN]
    else:
        result = getDNForUsername(userName)
        if not result["OK"]:
            return result
        userDNs = result["Value"]  # a same user may have more than one DN

    vomsAttr = ""
    if vomsFlag:
        vomsAttr = getVOMSAttributeForGroup(userGroup)

    result = getProxy(userDNs, userGroup, vomsAttr, proxyFilePath)

    if not result["OK"]:
        return result

    executionLock = LockRing().getLock(
        "_UseUserProxy_", recursive=True) if executionLockFlag else None
    if executionLockFlag:
        executionLock.acquire()

    os.environ["X509_USER_PROXY"], originalUserProxy = result[
        "Value"], os.environ.get("X509_USER_PROXY")

    # Check if the caller is executing with the host certificate
    useServerCertificate = gConfig.useServerCertificate()
    if useServerCertificate:
        gConfigurationData.setOptionInCFG(
            "/DIRAC/Security/UseServerCertificate", "false")

    return S_OK((originalUserProxy, useServerCertificate, executionLock))

コード例 #9

0

ファイルを表示

ファイル: FileCatalogClient.py プロジェクト: DIRACGrid/DIRAC

 def getDirectoryMetadata(self, lfns, timeout=120):
     """Get standard directory metadata"""
     rpcClient = self._getRPC(timeout=timeout)
     result = rpcClient.getDirectoryMetadata(lfns)
     if not result["OK"]:
         return result
     # Add some useful fields
     for path in result["Value"]["Successful"]:
         owner = result["Value"]["Successful"][path]["Owner"]
         group = result["Value"]["Successful"][path]["OwnerGroup"]
         res = getDNForUsername(owner)
         if res["OK"]:
             result["Value"]["Successful"][path]["OwnerDN"] = res["Value"][
                 0]
         else:
             result["Value"]["Successful"][path]["OwnerDN"] = ""
         result["Value"]["Successful"][path][
             "OwnerRole"] = getVOMSAttributeForGroup(group)
     return result

コード例 #10

0

ファイルを表示

ファイル: Proxy.py プロジェクト: DIRACGrid/DIRAC

def _putProxy(userDN=None, userName=None, userGroup=None, vomsFlag=None, proxyFilePath=None, executionLockFlag=False):
  """Download proxy, place in a file and populate X509_USER_PROXY environment variable.

  Parameters like `userProxy` or `executeWithUserProxy`.
  :returns: Tuple of originalUserProxy, useServerCertificate, executionLock
  """
  # Setup user proxy
  if userDN:
    userDNs = [userDN]
  else:
    result = getDNForUsername(userName)
    if not result['OK']:
      return result
    userDNs = result['Value']  # a same user may have more than one DN

  vomsAttr = ''
  if vomsFlag:
    vomsAttr = getVOMSAttributeForGroup(userGroup)

  result = getProxy(userDNs, userGroup, vomsAttr, proxyFilePath)

  if not result['OK']:
    return result

  executionLock = LockRing().getLock('_UseUserProxy_', recursive=True) if executionLockFlag else None
  if executionLockFlag:
    executionLock.acquire()

  os.environ['X509_USER_PROXY'], originalUserProxy = result['Value'], os.environ.get('X509_USER_PROXY')

  # Check if the caller is executing with the host certificate
  useServerCertificate = gConfig.useServerCertificate()
  if useServerCertificate:
    gConfigurationData.setOptionInCFG('/DIRAC/Security/UseServerCertificate', 'false')

  return S_OK((originalUserProxy, useServerCertificate, executionLock))

コード例 #11

0

ファイルを表示

        credentials = result["Value"]

        # Remember a clean proxy to then upload it in step 2
        proxy = copy.copy(chain)

        # Create local proxy with group
        self.outputFile = self.outputFile or getDefaultProxyLocation()
        parameters = (self.outputFile, int(self.lifetime or 12) * 3600, self.group)

        # Add a VOMS extension if the group requires it
        if (result := chain.generateProxyToFile(*parameters))["OK"] and (result := self.__enableCS())["OK"]:
            if not self.group and (result := findDefaultGroupForDN(credentials["DN"]))["OK"]:
                self.group = result["Value"]  # Use default group if user don't set it
            # based on the configuration we decide whether to add VOMS extensions
            if getGroupOption(self.group, "AutoAddVOMS", False):
                if not (vomsAttr := getVOMSAttributeForGroup(self.group)):
                    print(HTML(f"<yellow>No VOMS attribute foud for {self.group}</yellow>"))
                else:
                    vo = getVOMSVOForGroup(self.group)
                    if not (result := VOMS().setVOMSAttributes(self.outputFile, attribute=vomsAttr, vo=vo))["OK"]:
                        return S_ERROR(f"Failed adding VOMS attribute: {result['Message']}")
                    chain = result["Value"]
                    result = chain.generateProxyToFile(*parameters)
        if not result["OK"]:
            return S_ERROR(f"Couldn't generate proxy: {result['Message']}")

        if self.enableCS:
            # After creating the proxy, we can try to connect to the server
            if not (result := self.__enableCS())["OK"]:
                return result

コード例 #12

0

ファイルを表示

ファイル: Proxy.py プロジェクト: wirespecter/DIRAC

  def wrapped_fcn( *args, **kwargs ):

    userName = kwargs.pop( 'proxyUserName', '' )
    userDN = kwargs.pop( 'proxyUserDN', '' )
    userGroup = kwargs.pop( 'proxyUserGroup', '' )
    vomsFlag = kwargs.pop( 'proxyWithVOMS', True )
    proxyFilePath = kwargs.pop( 'proxyFilePath', False )

    if ( userName or userDN ) and userGroup:

      # Setup user proxy
      originalUserProxy = os.environ.get( 'X509_USER_PROXY' )
      if not userDN:
        result = getDNForUsername( userName )
        if not result[ 'OK' ]:
          return result
        userDN = result[ 'Value' ][0]
      vomsAttr = ''
      if vomsFlag:
        vomsAttr = getVOMSAttributeForGroup( userGroup )

      if vomsAttr:
        result = gProxyManager.downloadVOMSProxyToFile( userDN, userGroup,
                                                        requiredVOMSAttribute = vomsAttr,
                                                        filePath = proxyFilePath,
                                                        requiredTimeLeft = 3600,
                                                        cacheTime = 3600 )
      else:
        result = gProxyManager.downloadProxyToFile( userDN, userGroup,
                                                    filePath = proxyFilePath,
                                                    requiredTimeLeft = 3600,
                                                    cacheTime = 3600 )

      if not result['OK']:
        gLogger.warn( "Can't download proxy to file", result['Message'] )
        return result

      proxyFile = result['Value']
      os.environ['X509_USER_PROXY'] = proxyFile

      # Check if the caller is executing with the host certificate
      useServerCertificate = gConfig.useServerCertificate()
      if useServerCertificate:
        gConfigurationData.setOptionInCFG( '/DIRAC/Security/UseServerCertificate', 'false' )

      try:
        return fcn( *args, **kwargs )
      except Exception as lException:
        value = ','.join( [str( arg ) for arg in lException.args] )
        exceptType = lException.__class__.__name__
        return S_ERROR( "Exception - %s: %s" % ( exceptType, value ) )
      finally:
        # Restore the default host certificate usage if necessary
        if useServerCertificate:
          gConfigurationData.setOptionInCFG( '/DIRAC/Security/UseServerCertificate', 'true' )
        if originalUserProxy:
          os.environ['X509_USER_PROXY'] = originalUserProxy
        else:
          os.environ.pop( 'X509_USER_PROXY' )

    else:
      # No proxy substitution requested
      return fcn( *args, **kwargs )