def irods_setacls(path, acl_list, verbose=False):
"""
This function will add the ACLs listed in 'acl_list'
to the collection or data object at 'path'.
'acl_list' is a list where each element itself is
a list consisting of the username in name#zone format,
and the access level ('read', 'write', 'own', or 'null').
Access type 'null' removes all ACLs for that user/group.
Note. On an error return, some of the ACLs might have
been applied. The function does not "roll back" on error.
Returns 0 on success, non-zero on error.
"""
if not path or not acl_list:
return 1
for acl in acl_list:
(rc, output) = shell_command(['ichmod', acl[1], acl[0], path])
if rc:
if verbose:
print("Error running 'ichmod %s %s %s': rc = %d:"
% (acl[1], acl[0], path, rc))
print output[1]
return rc
return 0
def auth_irods_user(user, password, scheme='PAM'):
"""
Attempts to authenticate the given user in the local zone
using the iinit command and the desired scheme (with the
default being PAM authentication).
Returns True if the user was successfully authenticated,
False if the authentication failed.
"""
if not user or not password:
return False
# create an environment to pass to iinit
env_dict = dict(os.environ)
env_dict['irodsUserName'] = user
env_dict['irodsAuthScheme'] = scheme
auth_file = tempfile.mkstemp()
os.close(auth_file[0])
env_dict['irodsAuthFileName'] = auth_file[1]
(rc, output) = shell_command(['iinit', password], environment=env_dict)
os.unlink(auth_file[1])
if rc:
return False
else:
return True
def check_zone_endpoint(zone_name, endpoint):
"""
This function will check if the iRODS service is
available at the provided endpoint, and if the zone
name is accurate.
Returns a tuple with the first element being True if
the check was successful (and None in the second element),
or False with a string reason as the second tuple element.
"""
if not zone_name or not endpoint:
return (False, 'zone_name and endpoint must be specified')
if endpoint.count(':') != 1:
return (False, 'malformed endpoint. Should be host:port')
host, port = endpoint.split(':')
env_dict = dict(os.environ)
env_dict['irodsHost'] = host
env_dict['irodsPort'] = port
(rc, output) = shell_command(['imiscsvrinfo',], environment=env_dict)
if rc:
if ('SYS_PACK_INSTRUCT_FORMAT_ERR' in output[1]
or 'SYS_SOCK_READ_TIMEDOUT' in output[1]
or 'SYS_HEADER_READ_LEN_ERR' in output[1]):
reason = 'a service other than iRODS is running on port %s' % port
elif 'USER_SOCK_CONNECT_ERR' in output[1]:
if 'Connection timed out' in output[1]:
reason = 'timed out connecting to port %s. Is there a firewall in place?' % port
else:
reason = 'no service is running on port %s' % port
elif 'USER_RODS_HOSTNAME_ERR' in output[1]:
reason = 'could not resolve hostname %s' % host
else:
reason = 'error running imiscsvrinfo'
return (False, reason)
for line in output[0].splitlines():
if line.startswith('rodsZone='):
k, v = line.split('=')
if v == zone_name:
return (True, None)
else:
return (False, 'zone name %s did not match remote zone %s' % (zone_name, v))
# could connect to server, but zone name didn't match
return (False, 'could not determine remote zone name')
def irods_mkdir(coll, verbose=False):
"""
This function will create the iRODS collection
named by the 'coll' argument, and all necessary
parent collections (using 'imkdir -p').
Returns 0 on success, non-zero on error.
"""
if not coll:
return 1
(rc, output) = shell_command(['imkdir', '-p', coll])
if rc != 0 and verbose:
print("Error running 'imkdir -p %s': rc = %d:"
% (coll, rc))
print output[1]
return rc
def irods_setavus(path, avu_list, verbose=False):
"""
This function will add the AVUs listed in 'avu_list'
to the collection or data object at 'path'.
'avu_list' is a list where each element itself is
a list consisting of the type ('-C' for collection
and '-d' for data object), attribute name, value
and optional units.
Note. On an error return, some of the AVUs might have
been applied. The function does not "roll back" on error.
Returns 0 on success, non-zero on error.
"""
if not path or not avu_list:
return 1
for avu in avu_list:
imeta_cmd = ['imeta', 'add']
imeta_cmd.append(avu[0]) # type ... -d or -C
imeta_cmd.append(path) # target collection or object
imeta_cmd.append(avu[1]) # attribute name
imeta_cmd.append(avu[2]) # attribute value
if avu[3]:
imeta_cmd.append(avu[3]) # units (if provided)
(rc, output) = shell_command(imeta_cmd)
if rc and 'Operation now in progress' not in output[1]:
if verbose:
print('Error running imeta add on %s: rc = %d:'
% (path, rc))
print output[1]
return rc
return 0
