def __call__(self): """execute RPC stub""" # # decode arguments try: decode, length = DEncode.decode(self.operation.Arguments) self.log.debug("decoded len=%s val=%s" % (length, decode)) except ValueError as error: self.log.exception(error) self.operation.Error = str(error) self.operation.Status = "Failed" return S_ERROR(str(error)) # Ensure the forwarded request is done on behalf of the request owner decode[0][1]["delegatedDN"] = self.request.OwnerDN decode[0][1]["delegatedGroup"] = self.request.OwnerGroup # ForwardDiset is supposed to be used with a host certificate useServerCertificate = gConfig.useServerCertificate() gConfigurationData.setOptionInCFG( "/DIRAC/Security/UseServerCertificate", "true") forward = executeRPCStub(decode) if not useServerCertificate: gConfigurationData.setOptionInCFG( "/DIRAC/Security/UseServerCertificate", "false") if not forward["OK"]: self.log.error( "unable to execute operation", "'%s' : %s" % (self.operation.Type, forward["Message"])) self.operation.Error = forward["Message"] return forward self.log.info("DISET forwarding done") self.operation.Status = "Done" return S_OK()
def getLFCRegisteredDNs(self): #Request a proxy if gConfig.useServerCertificate(): if not self.__generateProxy(): return False #Execute the call cmdEnv = dict(os.environ) cmdEnv['LFC_HOST'] = 'lfc-egee.in2p3.fr' if os.path.isfile(self.proxyLocation): cmdEnv['X509_USER_PROXY'] = self.proxyLocation lfcDNs = [] try: retlfc = Subprocess.systemCall(30, ('lfc-listusrmap', ), env=cmdEnv) if not retlfc['OK']: self.log.fatal('Can not get LFC User List', retlfc['Message']) return retlfc if retlfc['Value'][0]: self.log.fatal('Can not get LFC User List', retlfc['Value'][2]) return S_ERROR("lfc-listusrmap failed") else: for item in List.fromChar(retlfc['Value'][1], '\n'): dn = item.split(' ', 1)[1] lfcDNs.append(dn) return S_OK(lfcDNs) finally: if os.path.isfile(self.proxyLocation): self.log.info("Destroying proxy...") os.unlink(self.proxyLocation)
def initialize(self): if self.__initialized['OK']: return self.__initialized if not gConfig.useServerCertificate(): res = self.__getProxyID() else: res = self.__getCertificateID() if not res: self.__initialized = S_ERROR("Cannot locate client credentials") return self.__initialized retVal = gConfig.getOption("/DIRAC/Configuration/MasterServer") if not retVal['OK']: self.__initialized = S_ERROR( "Master server is not known. Is everything initialized?") return self.__initialized self.__rpcClient = RPCClient( gConfig.getValue("/DIRAC/Configuration/MasterServer", "")) self.__csMod = Modificator( self.__rpcClient, "%s - %s - %s" % (self.__userGroup, self.__userDN, Time.dateTime().strftime("%Y-%m-%d %H:%M:%S"))) retVal = self.downloadCSData() if not retVal['OK']: self.__initialized = S_ERROR( "Can not download the remote cfg. Is everything initialized?") return self.__initialized self.__initialized = S_OK() return self.__initialized
def wrapped_fcn(*args, **kwargs): # Get the lock and acquire it executionLock = LockRing().getLock("_UseUserProxy_", recursive=True) executionLock.acquire() # Check if the caller is executing with the host certificate useServerCertificate = gConfig.useServerCertificate() if useServerCertificate: gConfigurationData.setOptionInCFG( "/DIRAC/Security/UseServerCertificate", "false") try: return fcn(*args, **kwargs) except Exception as lException: # pylint: disable=broad-except value = ",".join([str(arg) for arg in lException.args]) exceptType = lException.__class__.__name__ return S_ERROR("Exception - %s: %s" % (exceptType, value)) finally: # Restore the default host certificate usage if necessary if useServerCertificate: gConfigurationData.setOptionInCFG( "/DIRAC/Security/UseServerCertificate", "true") # release the lock executionLock.release()
def initialize(self): """API initialization :return: S_OK()/S_ERROR() """ if self.__initialized["OK"]: return self.__initialized res = self.__getCertificateID() if gConfig.useServerCertificate( ) else self.__getProxyID() if not res["OK"]: gLogger.error(res["Message"]) self.__initialized = S_ERROR("Cannot locate client credentials") return self.__initialized retVal = gConfig.getOption("/DIRAC/Configuration/MasterServer") if not retVal["OK"]: self.__initialized = S_ERROR( "Master server is not known. Is everything initialized?") return self.__initialized self.__rpcClient = ConfigurationClient( url=gConfig.getValue("/DIRAC/Configuration/MasterServer", "")) self.__csMod = Modificator( self.__rpcClient, "%s - %s - %s" % (self.__userGroup, self.__userDN, datetime.datetime.utcnow().strftime("%Y-%m-%d %H:%M:%S")), ) retVal = self.downloadCSData() if not retVal["OK"]: self.__initialized = S_ERROR( "Can not download the remote cfg. Is everything initialized?") return self.__initialized self.__initialized = S_OK() return self.__initialized
def getLFCRegisteredDNs( self ): #Request a proxy if gConfig.useServerCertificate(): if not self.__generateProxy(): return False #Execute the call cmdEnv = dict( os.environ ) cmdEnv['LFC_HOST'] = 'lfc-egee.in2p3.fr' if os.path.isfile( self.proxyLocation ): cmdEnv[ 'X509_USER_PROXY' ] = self.proxyLocation lfcDNs = [] try: retlfc = Subprocess.systemCall( 30, ( 'lfc-listusrmap', ), env = cmdEnv ) if not retlfc['OK']: self.log.fatal( 'Can not get LFC User List', retlfc['Message'] ) return retlfc if retlfc['Value'][0]: self.log.fatal( 'Can not get LFC User List', retlfc['Value'][2] ) return S_ERROR( "lfc-listusrmap failed" ) else: for item in List.fromChar( retlfc['Value'][1], '\n' ): dn = item.split( ' ', 1 )[1] lfcDNs.append( dn ) return S_OK( lfcDNs ) finally: if os.path.isfile( self.proxyLocation ): self.log.info( "Destroying proxy..." ) os.unlink( self.proxyLocation )
def wrapped_fcn( *args, **kwargs ): userName = kwargs.pop( 'proxyUserName', '' ) userDN = kwargs.pop( 'proxyUserDN', '' ) userGroup = kwargs.pop( 'proxyUserGroup', '' ) vomsFlag = kwargs.pop( 'proxyWithVOMS', True ) proxyFilePath = kwargs.pop( 'proxyFilePath', False ) if ( userName or userDN ) and userGroup: # Setup user proxy originalUserProxy = os.environ.get( 'X509_USER_PROXY' ) if not userDN: result = getDNForUsername( userName ) if not result[ 'OK' ]: return result userDN = result[ 'Value' ][0] vomsAttr = '' if vomsFlag: vomsAttr = getVOMSAttributeForGroup( userGroup ) if vomsAttr: result = gProxyManager.downloadVOMSProxyToFile( userDN, userGroup, requiredVOMSAttribute = vomsAttr, filePath = proxyFilePath, requiredTimeLeft = 3600, cacheTime = 3600 ) else: result = gProxyManager.downloadProxyToFile( userDN, userGroup, filePath = proxyFilePath, requiredTimeLeft = 3600, cacheTime = 3600 ) if not result['OK']: gLogger.warn( "Can't download proxy to file", result['Message'] ) return result proxyFile = result['Value'] os.environ['X509_USER_PROXY'] = proxyFile # Check if the caller is executing with the host certificate useServerCertificate = gConfig.useServerCertificate() if useServerCertificate: gConfigurationData.setOptionInCFG( '/DIRAC/Security/UseServerCertificate', 'false' ) try: resultFcn = fcn( *args, **kwargs ) except Exception, x: resultFcn = S_ERROR( "Exception: %s" % str( x ) ) # Restore the default host certificate usage if necessary if useServerCertificate: gConfigurationData.setOptionInCFG( '/DIRAC/Security/UseServerCertificate', 'true' ) if originalUserProxy: os.environ['X509_USER_PROXY'] = originalUserProxy else: os.environ.pop( 'X509_USER_PROXY' ) return resultFcn
def wrapped_fcn(*args, **kwargs): userName = kwargs.pop("proxyUserName", "") userGroup = kwargs.pop("proxyUserGroup", "") vomsFlag = kwargs.pop("proxyWithVOMS", True) proxyFilePath = kwargs.pop("proxyFilePath", False) if userName and userGroup: # Setup user proxy originalUserProxy = os.environ.get("X509_USER_PROXY") result = getDNForUsername(userName) if not result["OK"]: return result userDN = result["Value"][0] vomsAttr = "" if vomsFlag: vomsAttr = getVOMSAttributeForGroup(userGroup) if vomsAttr: result = gProxyManager.downloadVOMSProxyToFile( userDN, userGroup, requiredVOMSAttribute=vomsAttr, filePath=proxyFilePath, requiredTimeLeft=3600, cacheTime=3600, ) else: result = gProxyManager.downloadProxyToFile( userDN, userGroup, filePath=proxyFilePath, requiredTimeLeft=3600, cacheTime=3600 ) if not result["OK"]: return result proxyFile = result["Value"] os.environ["X509_USER_PROXY"] = proxyFile # Check if the caller is executing with the host certificate useServerCertificate = gConfig.useServerCertificate() if useServerCertificate: gConfigurationData.setOptionInCFG("/DIRAC/Security/UseServerCertificate", "false") try: resultFcn = fcn(*args, **kwargs) except Exception, x: resultFcn = S_ERROR("Exception: %s" % str(x)) # Restore the default host certificate usage if necessary if useServerCertificate: gConfigurationData.setOptionInCFG("/DIRAC/Security/UseServerCertificate", "true") if originalUserProxy: os.environ["X509_USER_PROXY"] = originalUserProxy else: os.environ.pop("X509_USER_PROXY") return resultFcn
def wrapped_fcn(*args, **kwargs): userName = kwargs.pop('proxyUserName', '') userDN = kwargs.pop('proxyUserDN', '') userGroup = kwargs.pop('proxyUserGroup', '') vomsFlag = kwargs.pop('proxyWithVOMS', True) proxyFilePath = kwargs.pop('proxyFilePath', False) if (userName or userDN) and userGroup: # Setup user proxy originalUserProxy = os.environ.get('X509_USER_PROXY') if userDN: userDNs = [userDN] else: result = getDNForUsername(userName) if not result['OK']: return result userDNs = result[ 'Value'] # a same user may have more than one DN vomsAttr = '' if vomsFlag: vomsAttr = getVOMSAttributeForGroup(userGroup) result = getProxy(userDNs, userGroup, vomsAttr, proxyFilePath) if not result['OK']: return result proxyFile = result['Value'] os.environ['X509_USER_PROXY'] = proxyFile # Check if the caller is executing with the host certificate useServerCertificate = gConfig.useServerCertificate() if useServerCertificate: gConfigurationData.setOptionInCFG( '/DIRAC/Security/UseServerCertificate', 'false') try: return fcn(*args, **kwargs) except Exception as lException: #pylint: disable=broad-except value = ','.join([str(arg) for arg in lException.args]) exceptType = lException.__class__.__name__ return S_ERROR("Exception - %s: %s" % (exceptType, value)) finally: # Restore the default host certificate usage if necessary if useServerCertificate: gConfigurationData.setOptionInCFG( '/DIRAC/Security/UseServerCertificate', 'true') if originalUserProxy: os.environ['X509_USER_PROXY'] = originalUserProxy else: os.environ.pop('X509_USER_PROXY') else: # No proxy substitution requested return fcn(*args, **kwargs)
def wrapped_fcn( *args, **kwargs ): userName = kwargs.pop( 'proxyUserName', '' ) userGroup = kwargs.pop( 'proxyUserGroup', '' ) vomsFlag = kwargs.pop( 'proxyWithVOMS', True ) proxyFilePath = kwargs.pop( 'proxyFilePath', False ) if userName and userGroup: # Setup user proxy originalUserProxy = os.environ.get( 'X509_USER_PROXY' ) result = getDNForUsername( userName ) if not result[ 'OK' ]: return result userDN = result[ 'Value' ][0] vomsAttr = '' if vomsFlag: vomsAttr = getVOMSAttributeForGroup( userGroup ) if vomsAttr: result = gProxyManager.downloadVOMSProxyToFile( userDN, userGroup, requiredVOMSAttribute = vomsAttr, filePath = proxyFilePath, requiredTimeLeft = 3600, cacheTime = 3600 ) else: result = gProxyManager.downloadProxyToFile( userDN, userGroup, filePath = proxyFilePath, requiredTimeLeft = 3600, cacheTime = 3600 ) if not result['OK']: return result proxyFile = result['Value'] os.environ['X509_USER_PROXY'] = proxyFile # Check if the caller is executing with the host certificate useServerCertificate = gConfig.useServerCertificate() if useServerCertificate: gConfigurationData.setOptionInCFG( '/DIRAC/Security/UseServerCertificate', 'false' ) try: resultFcn = fcn( *args, **kwargs ) except Exception, x: resultFcn = S_ERROR( "Exception: %s" % str( x ) ) # Restore the default host certificate usage if necessary if useServerCertificate: gConfigurationData.setOptionInCFG( '/DIRAC/Security/UseServerCertificate', 'true' ) if originalUserProxy: os.environ['X509_USER_PROXY'] = originalUserProxy else: os.environ.pop( 'X509_USER_PROXY' ) return resultFcn
def wrapped_fcn( *args, **kwargs ): userName = kwargs.pop( 'proxyUserName', '' ) userDN = kwargs.pop( 'proxyUserDN', '' ) userGroup = kwargs.pop( 'proxyUserGroup', '' ) vomsFlag = kwargs.pop( 'proxyWithVOMS', True ) proxyFilePath = kwargs.pop( 'proxyFilePath', False ) if ( userName or userDN ) and userGroup: # Setup user proxy originalUserProxy = os.environ.get( 'X509_USER_PROXY' ) if userDN: userDNs = [userDN] else: result = getDNForUsername( userName ) if not result[ 'OK' ]: return result userDNs = result['Value'] # a same user may have more than one DN vomsAttr = '' if vomsFlag: vomsAttr = getVOMSAttributeForGroup( userGroup ) result = getProxy(userDNs, userGroup, vomsAttr, proxyFilePath) if not result['OK']: return result proxyFile = result['Value'] os.environ['X509_USER_PROXY'] = proxyFile # Check if the caller is executing with the host certificate useServerCertificate = gConfig.useServerCertificate() if useServerCertificate: gConfigurationData.setOptionInCFG( '/DIRAC/Security/UseServerCertificate', 'false' ) try: return fcn( *args, **kwargs ) except Exception as lException: value = ','.join( [str( arg ) for arg in lException.args] ) exceptType = lException.__class__.__name__ return S_ERROR( "Exception - %s: %s" % ( exceptType, value ) ) finally: # Restore the default host certificate usage if necessary if useServerCertificate: gConfigurationData.setOptionInCFG( '/DIRAC/Security/UseServerCertificate', 'true' ) if originalUserProxy: os.environ['X509_USER_PROXY'] = originalUserProxy else: os.environ.pop( 'X509_USER_PROXY' ) else: # No proxy substitution requested return fcn( *args, **kwargs )
class ForwardDISET(OperationHandlerBase): """ .. class:: ForwardDISET functor forwarding DISET operations """ def __init__(self, operation=None, csPath=None): """ c'tor :param Operation operation: an Operation instance :param str csPath: CS path for this handler """ # # call base class c'tor OperationHandlerBase.__init__(self, operation, csPath) def __call__(self): """ execute RPC stub """ # # decode arguments try: decode, length = DEncode.decode(self.operation.Arguments) self.log.debug("decoded len=%s val=%s" % (length, decode)) except ValueError, error: self.log.exception(error) self.operation.Error = str(error) self.operation.Status = "Failed" return S_ERROR(str(error)) # ForwardDiset is supposed to be used with a host certificate useServerCertificate = gConfig.useServerCertificate() gConfigurationData.setOptionInCFG( '/DIRAC/Security/UseServerCertificate', 'true') forward = executeRPCStub(decode) if not useServerCertificate: gConfigurationData.setOptionInCFG( '/DIRAC/Security/UseServerCertificate', 'false') if not forward["OK"]: self.log.error( "unable to execute operation", "'%s' : %s" % (self.operation.Type, forward["Message"])) self.operation.Error = forward["Message"] return forward self.log.info("DISET forwarding done") self.operation.Status = "Done" return S_OK()
def initialize( self ): if not gConfig.useServerCertificate(): res = self.__getProxyID() else: res = self.__getCertificateID() if not res: return False retVal = gConfig.getOption( "/DIRAC/Configuration/MasterServer" ) if not retVal[ 'OK' ]: gLogger.warn( "Master server is not known. Is everything initialized?" ) return False self.__rpcClient = RPCClient( gConfig.getValue( "/DIRAC/Configuration/MasterServer", "" ) ) self.__csMod = Modificator( self.__rpcClient, "%s - %s" % ( self.__userGroup, self.__userDN ) ) retVal = self.downloadCSData() if not retVal[ 'OK' ]: gLogger.error( "Can not download the remote cfg. Is everything initialized?" ) return False return True
def _putProxy(userDN=None, userName=None, userGroup=None, vomsFlag=None, proxyFilePath=None, executionLockFlag=False): """Download proxy, place in a file and populate X509_USER_PROXY environment variable. Parameters like `userProxy` or `executeWithUserProxy`. :returns: Tuple of originalUserProxy, useServerCertificate, executionLock """ # Setup user proxy if userDN: userDNs = [userDN] else: result = getDNForUsername(userName) if not result["OK"]: return result userDNs = result["Value"] # a same user may have more than one DN vomsAttr = "" if vomsFlag: vomsAttr = getVOMSAttributeForGroup(userGroup) result = getProxy(userDNs, userGroup, vomsAttr, proxyFilePath) if not result["OK"]: return result executionLock = LockRing().getLock( "_UseUserProxy_", recursive=True) if executionLockFlag else None if executionLockFlag: executionLock.acquire() os.environ["X509_USER_PROXY"], originalUserProxy = result[ "Value"], os.environ.get("X509_USER_PROXY") # Check if the caller is executing with the host certificate useServerCertificate = gConfig.useServerCertificate() if useServerCertificate: gConfigurationData.setOptionInCFG( "/DIRAC/Security/UseServerCertificate", "false") return S_OK((originalUserProxy, useServerCertificate, executionLock))
def initialize( self ): if self.__initialized[ 'OK' ]: return self.__initialized if not gConfig.useServerCertificate(): res = self.__getProxyID() else: res = self.__getCertificateID() if not res: self.__initialized = S_ERROR( "Cannot locate client credentials" ) return self.__initialized retVal = gConfig.getOption( "/DIRAC/Configuration/MasterServer" ) if not retVal[ 'OK' ]: self.__initialized = S_ERROR( "Master server is not known. Is everything initialized?" ) return self.__initialized self.__rpcClient = RPCClient( gConfig.getValue( "/DIRAC/Configuration/MasterServer", "" ) ) self.__csMod = Modificator( self.__rpcClient, "%s - %s" % ( self.__userGroup, self.__userDN ) ) retVal = self.downloadCSData() if not retVal[ 'OK' ]: self.__initialized = S_ERROR( "Can not download the remote cfg. Is everything initialized?" ) return self.__initialized self.__initialized = S_OK() return self.__initialized
def main(): userParams = Params() userParams.registerCLISwitches() # Check time deviation = getClockDeviation() if not deviation["OK"]: gLogger.warn(deviation["Message"]) elif deviation["Value"] > 60: gLogger.fatal(f"Your host's clock seems to deviate by {(int(deviation['Value']) / 60):.0f} minutes!") sys.exit(1) Script.disableCS() Script.parseCommandLine(ignoreErrors=True) # It's server installation? if gConfig.useServerCertificate(): # In this case you do not need to login. gLogger.notice("You should not need to run this command in a DIRAC server. Exiting.") DIRAC.exit(1) userParams.group, userParams.scopes = Script.getPositionalArgs(group=True) # If you have chosen to use a certificate then a proxy will be generated locally using the specified certificate if userParams.authWith == "certificate": result = userParams.loginWithCertificate() # Otherwise, you must log in to the authorization server to gain access else: result = userParams.doOAuthMagic() # Print authorization status if result["OK"] and userParams.enableCS: result = userParams.getAuthStatus() if not result["OK"]: print(HTML(f"<red>{result['Message']}</red>")) sys.exit(1) userParams.howToSwitch() sys.exit(0)
def initialize(self): if not gConfig.useServerCertificate(): res = self.__getProxyID() else: res = self.__getCertificateID() if not res: return False retVal = gConfig.getOption("/DIRAC/Configuration/MasterServer") if not retVal['OK']: gLogger.warn( "Master server is not known. Is everything initialized?") return False self.__rpcClient = RPCClient( gConfig.getValue("/DIRAC/Configuration/MasterServer", "")) self.__csMod = Modificator( self.__rpcClient, "%s - %s" % (self.__userGroup, self.__userDN)) retVal = self.downloadCSData() if not retVal['OK']: gLogger.error( "Can not download the remote cfg. Is everything initialized?") return False return True
def wrapped_fcn( *args, **kwargs ): # Get the lock and acquire it executionLock = LockRing().getLock( '_UseUserProxy_', recursive = True ) executionLock.acquire() # Check if the caller is executing with the host certificate useServerCertificate = gConfig.useServerCertificate() if useServerCertificate: gConfigurationData.setOptionInCFG( '/DIRAC/Security/UseServerCertificate', 'false' ) try: return fcn( *args, **kwargs ) except Exception as lException: # pylint: disable=broad-except value = ','.join( [str( arg ) for arg in lException.args] ) exceptType = lException.__class__.__name__ return S_ERROR( "Exception - %s: %s" % ( exceptType, value ) ) finally: # Restore the default host certificate usage if necessary if useServerCertificate: gConfigurationData.setOptionInCFG( '/DIRAC/Security/UseServerCertificate', 'true' ) # release the lock executionLock.release()
def _putProxy(userDN=None, userName=None, userGroup=None, vomsFlag=None, proxyFilePath=None, executionLockFlag=False): """Download proxy, place in a file and populate X509_USER_PROXY environment variable. Parameters like `userProxy` or `executeWithUserProxy`. :returns: Tuple of originalUserProxy, useServerCertificate, executionLock """ # Setup user proxy if userDN: userDNs = [userDN] else: result = getDNForUsername(userName) if not result['OK']: return result userDNs = result['Value'] # a same user may have more than one DN vomsAttr = '' if vomsFlag: vomsAttr = getVOMSAttributeForGroup(userGroup) result = getProxy(userDNs, userGroup, vomsAttr, proxyFilePath) if not result['OK']: return result executionLock = LockRing().getLock('_UseUserProxy_', recursive=True) if executionLockFlag else None if executionLockFlag: executionLock.acquire() os.environ['X509_USER_PROXY'], originalUserProxy = result['Value'], os.environ.get('X509_USER_PROXY') # Check if the caller is executing with the host certificate useServerCertificate = gConfig.useServerCertificate() if useServerCertificate: gConfigurationData.setOptionInCFG('/DIRAC/Security/UseServerCertificate', 'false') return S_OK((originalUserProxy, useServerCertificate, executionLock))
def __call__(self): """ request processing """ self.log.debug("about to execute request") gMonitor.addMark("RequestAtt", 1) # # setup proxy for request owner setupProxy = self.setupProxy() if not setupProxy["OK"]: self.request.Error = setupProxy["Message"] if 'has no proxy registered' in setupProxy["Message"]: self.log.error('Request set to Failed:', setupProxy["Message"]) # If user is no longer registered, fail the request for operation in self.request: for opFile in operation: opFile.Status = 'Failed' operation.Status = 'Failed' else: self.log.error(setupProxy["Message"]) return S_OK(self.request) shifter = setupProxy["Value"]["Shifter"] proxyFile = setupProxy["Value"]["ProxyFile"] error = None while self.request.Status == "Waiting": # # get waiting operation operation = self.request.getWaiting() if not operation["OK"]: self.log.error(operation["Message"]) return operation operation = operation["Value"] self.log.info("executing operation #%s '%s'" % (operation.Order, operation.Type)) # # and handler for it handler = self.getHandler(operation) if not handler["OK"]: self.log.error("unable to process operation %s: %s" % (operation.Type, handler["Message"])) # gMonitor.addMark( "%s%s" % ( operation.Type, "Fail" ), 1 ) operation.Error = handler["Message"] break handler = handler["Value"] # # set shifters list in the handler handler.shifter = shifter # # and execute pluginName = self.getPluginName( self.handlersDict.get(operation.Type)) if self.standalone: useServerCertificate = gConfig.useServerCertificate() else: # Always use server certificates if executed within an agent useServerCertificate = True try: if pluginName: gMonitor.addMark("%s%s" % (pluginName, "Att"), 1) # Always use request owner proxy if useServerCertificate: gConfigurationData.setOptionInCFG( '/DIRAC/Security/UseServerCertificate', 'false') exe = handler() if useServerCertificate: gConfigurationData.setOptionInCFG( '/DIRAC/Security/UseServerCertificate', 'true') if not exe["OK"]: self.log.error("unable to process operation %s: %s" % (operation.Type, exe["Message"])) if pluginName: gMonitor.addMark("%s%s" % (pluginName, "Fail"), 1) gMonitor.addMark("RequestFail", 1) if self.request.JobID: # Check if the job exists monitorServer = RPCClient( "WorkloadManagement/JobMonitoring", useCertificates=True) res = monitorServer.getJobPrimarySummary( int(self.request.JobID)) if not res["OK"]: self.log.error( "RequestTask: Failed to get job %d status" % self.request.JobID) elif not res['Value']: self.log.warn( "RequestTask: job %d does not exist (anymore): failed request" % self.request.JobID) for opFile in operation: opFile.Status = 'Failed' if operation.Status != 'Failed': operation.Status = 'Failed' self.request.Error = 'Job no longer exists' except Exception as error: self.log.exception("hit by exception: %s" % str(error)) if pluginName: gMonitor.addMark("%s%s" % (pluginName, "Fail"), 1) gMonitor.addMark("RequestFail", 1) if useServerCertificate: gConfigurationData.setOptionInCFG( '/DIRAC/Security/UseServerCertificate', 'true') break # # operation status check if operation.Status == "Done" and pluginName: gMonitor.addMark("%s%s" % (pluginName, "OK"), 1) elif operation.Status == "Failed" and pluginName: gMonitor.addMark("%s%s" % (pluginName, "Fail"), 1) elif operation.Status in ("Waiting", "Scheduled"): # # no update for waiting or all files scheduled break gMonitor.flush() if error: return S_ERROR(error) # # request done? if self.request.Status == "Done": # # update request to the RequestDB self.log.info('updating request with status %s' % self.request.Status) update = self.updateRequest() if not update["OK"]: self.log.error(update["Message"]) return update self.log.info("request '%s' is done" % self.request.RequestName) gMonitor.addMark("RequestOK", 1) # # and there is a job waiting for it? finalize! if self.request.JobID: attempts = 0 while True: finalizeRequest = self.requestClient.finalizeRequest( self.request.RequestID, self.request.JobID) # pylint: disable=no-member if not finalizeRequest["OK"]: if not attempts: self.log.error( "unable to finalize request %s: %s, will retry" % (self.request.RequestName, finalizeRequest["Message"])) self.log.verbose("Waiting 10 seconds") attempts += 1 if attempts == 10: self.log.error( "giving up finalize request after %d attempts" % attempts) return S_ERROR('Could not finalize request') time.sleep(10) else: self.log.info("request '%s' is finalized%s" % (self.request.RequestName, (' after %d attempts' % attempts) if attempts else '')) break # Request will be updated by the callBack method self.log.verbose("RequestTasks exiting, request %s" % self.request.Status) return S_OK(self.request)
def __call__(self): """request processing""" self.log.debug("about to execute request") if not self.rmsMonitoring: gMonitor.addMark("RequestAtt", 1) # # setup proxy for request owner setupProxy = self.setupProxy() if not setupProxy["OK"]: userSuspended = "User is currently suspended" self.request.Error = setupProxy["Message"] # In case the user does not have proxy if DErrno.cmpError(setupProxy, DErrno.EPROXYFIND): self.log.error("Error setting proxy. Request set to Failed:", setupProxy["Message"]) # If user is no longer registered, fail the request for operation in self.request: for opFile in operation: opFile.Status = "Failed" operation.Status = "Failed" elif userSuspended in setupProxy["Message"]: # If user is suspended, wait for a long time self.request.delayNextExecution(6 * 60) self.request.Error = userSuspended self.log.error("Error setting proxy: " + userSuspended, self.request.OwnerDN) else: self.log.error("Error setting proxy", setupProxy["Message"]) return S_OK(self.request) shifter = setupProxy["Value"]["Shifter"] error = None while self.request.Status == "Waiting": # # get waiting operation operation = self.request.getWaiting() if not operation["OK"]: self.log.error("Cannot get waiting operation", operation["Message"]) return operation operation = operation["Value"] self.log.info("executing operation", "%s" % operation.Type) # # and handler for it handler = self.getHandler(operation) if not handler["OK"]: self.log.error("Unable to process operation", "%s: %s" % (operation.Type, handler["Message"])) # gMonitor.addMark( "%s%s" % ( operation.Type, "Fail" ), 1 ) operation.Error = handler["Message"] break handler = handler["Value"] # # set shifters list in the handler handler.shifter = shifter # set rmsMonitoring flag for the RequestOperation handler.rmsMonitoring = self.rmsMonitoring # # and execute pluginName = self.getPluginName( self.handlersDict.get(operation.Type)) if self.standalone: useServerCertificate = gConfig.useServerCertificate() else: # Always use server certificates if executed within an agent useServerCertificate = True try: if pluginName: if self.rmsMonitoring: self.rmsMonitoringReporter.addRecord({ "timestamp": int(Time.toEpoch()), "host": Network.getFQDN(), "objectType": "Operation", "operationType": pluginName, "objectID": operation.OperationID, "parentID": operation.RequestID, "status": "Attempted", "nbObject": 1, }) else: gMonitor.addMark("%s%s" % (pluginName, "Att"), 1) # Always use request owner proxy if useServerCertificate: gConfigurationData.setOptionInCFG( "/DIRAC/Security/UseServerCertificate", "false") exe = handler() if useServerCertificate: gConfigurationData.setOptionInCFG( "/DIRAC/Security/UseServerCertificate", "true") if not exe["OK"]: self.log.error("unable to process operation", "%s: %s" % (operation.Type, exe["Message"])) if pluginName: if self.rmsMonitoring: self.rmsMonitoringReporter.addRecord({ "timestamp": int(Time.toEpoch()), "host": Network.getFQDN(), "objectType": "Operation", "operationType": pluginName, "objectID": operation.OperationID, "parentID": operation.RequestID, "status": "Failed", "nbObject": 1, }) else: gMonitor.addMark("%s%s" % (pluginName, "Fail"), 1) if self.rmsMonitoring: self.rmsMonitoringReporter.addRecord({ "timestamp": int(Time.toEpoch()), "host": Network.getFQDN(), "objectType": "Request", "objectID": operation.RequestID, "status": "Failed", "nbObject": 1, }) else: gMonitor.addMark("RequestFail", 1) if self.request.JobID: # Check if the job exists monitorServer = JobMonitoringClient( useCertificates=True) res = monitorServer.getJobSummary( int(self.request.JobID)) if not res["OK"]: self.log.error( "RequestTask: Failed to get job status", "%d" % self.request.JobID) elif not res["Value"]: self.log.warn( "RequestTask: job does not exist (anymore): failed request", "JobID: %d" % self.request.JobID, ) for opFile in operation: opFile.Status = "Failed" if operation.Status != "Failed": operation.Status = "Failed" self.request.Error = "Job no longer exists" except Exception as e: error = str(e) self.log.exception("hit by exception:", "%s" % error) if pluginName: if self.rmsMonitoring: self.rmsMonitoringReporter.addRecord({ "timestamp": int(Time.toEpoch()), "host": Network.getFQDN(), "objectType": "Operation", "operationType": pluginName, "objectID": operation.OperationID, "parentID": operation.RequestID, "status": "Failed", "nbObject": 1, }) else: gMonitor.addMark("%s%s" % (pluginName, "Fail"), 1) if self.rmsMonitoring: self.rmsMonitoringReporter.addRecord({ "timestamp": int(Time.toEpoch()), "host": Network.getFQDN(), "objectType": "Request", "objectID": operation.RequestID, "status": "Failed", "nbObject": 1, }) else: gMonitor.addMark("RequestFail", 1) if useServerCertificate: gConfigurationData.setOptionInCFG( "/DIRAC/Security/UseServerCertificate", "true") break # # operation status check if operation.Status == "Done" and pluginName: if self.rmsMonitoring: self.rmsMonitoringReporter.addRecord({ "timestamp": int(Time.toEpoch()), "host": Network.getFQDN(), "objectType": "Operation", "operationType": pluginName, "objectID": operation.OperationID, "parentID": operation.RequestID, "status": "Successful", "nbObject": 1, }) else: gMonitor.addMark("%s%s" % (pluginName, "OK"), 1) elif operation.Status == "Failed" and pluginName: if self.rmsMonitoring: self.rmsMonitoringReporter.addRecord({ "timestamp": int(Time.toEpoch()), "host": Network.getFQDN(), "objectType": "Operation", "operationType": pluginName, "objectID": operation.OperationID, "parentID": operation.RequestID, "status": "Failed", "nbObject": 1, }) else: gMonitor.addMark("%s%s" % (pluginName, "Fail"), 1) elif operation.Status in ("Waiting", "Scheduled"): # # no update for waiting or all files scheduled break if not self.rmsMonitoring: gMonitor.flush() if error: return S_ERROR(error) # # request done? if self.request.Status == "Done": # # update request to the RequestDB self.log.info("Updating request status:", "%s" % self.request.Status) update = self.updateRequest() if not update["OK"]: self.log.error("Cannot update request status", update["Message"]) return update self.log.info("request is done", "%s" % self.request.RequestName) if self.rmsMonitoring: self.rmsMonitoringReporter.addRecord({ "timestamp": int(Time.toEpoch()), "host": Network.getFQDN(), "objectType": "Request", "objectID": getattr(self.request, "RequestID", 0), "status": "Successful", "nbObject": 1, }) else: gMonitor.addMark("RequestOK", 1) # # and there is a job waiting for it? finalize! if self.request.JobID: attempts = 0 while True: finalizeRequest = self.requestClient.finalizeRequest( self.request.RequestID, self.request.JobID # pylint: disable=no-member ) if not finalizeRequest["OK"]: if not attempts: self.log.error( "unable to finalize request, will retry", "ReqName %s:%s" % (self.request.RequestName, finalizeRequest["Message"]), ) self.log.debug("Waiting 10 seconds") attempts += 1 if attempts == 10: self.log.error("Giving up finalize request") return S_ERROR("Could not finalize request") time.sleep(10) else: self.log.info( "request is finalized", "ReqName %s %s" % (self.request.RequestName, (" after %d attempts" % attempts) if attempts else ""), ) break # Commit all the data to the ES Backend if self.rmsMonitoring: self.rmsMonitoringReporter.commit() # Request will be updated by the callBack method self.log.verbose("RequestTasks exiting", "request %s" % self.request.Status) return S_OK(self.request)
def __call__(self): """ request processing """ self.log.debug("about to execute request") gMonitor.addMark("RequestAtt", 1) # # setup proxy for request owner setupProxy = self.setupProxy() if not setupProxy["OK"]: self.request.Error = setupProxy["Message"] if 'has no proxy registered' in setupProxy["Message"]: self.log.error('Request set to Failed:', setupProxy["Message"]) # If user is no longer registered, fail the request for operation in self.request: for opFile in operation: opFile.Status = 'Failed' operation.Status = 'Failed' else: self.log.error(setupProxy["Message"]) return S_OK(self.request) shifter = setupProxy["Value"]["Shifter"] proxyFile = setupProxy["Value"]["ProxyFile"] error = None while self.request.Status == "Waiting": # # get waiting operation operation = self.request.getWaiting() if not operation["OK"]: self.log.error(operation["Message"]) return operation operation = operation["Value"] self.log.info("executing operation #%s '%s'" % (operation.Order, operation.Type)) # # and handler for it handler = self.getHandler(operation) if not handler["OK"]: self.log.error("unable to process operation %s: %s" % (operation.Type, handler["Message"])) # gMonitor.addMark( "%s%s" % ( operation.Type, "Fail" ), 1 ) operation.Error = handler["Message"] break handler = handler["Value"] # # set shifters list in the handler handler.shifter = shifter # # and execute pluginName = self.getPluginName( self.handlersDict.get(operation.Type)) if self.standalone: useServerCertificate = gConfig.useServerCertificate() else: # Always use server certificates if executed within an agent useServerCertificate = True try: if pluginName: gMonitor.addMark("%s%s" % (pluginName, "Att"), 1) # Always use request owner proxy if useServerCertificate: gConfigurationData.setOptionInCFG( '/DIRAC/Security/UseServerCertificate', 'false') exe = handler() if useServerCertificate: gConfigurationData.setOptionInCFG( '/DIRAC/Security/UseServerCertificate', 'true') if not exe["OK"]: self.log.error("unable to process operation %s: %s" % (operation.Type, exe["Message"])) if pluginName: gMonitor.addMark("%s%s" % (pluginName, "Fail"), 1) gMonitor.addMark("RequestFail", 1) if self.request.JobID: # Check if the job exists monitorServer = RPCClient( "WorkloadManagement/JobMonitoring", useCertificates=True) res = monitorServer.getJobPrimarySummary( int(self.request.JobID)) if not res["OK"]: self.log.error( "RequestTask: Failed to get job %d status" % self.request.JobID) elif not res['Value']: self.log.warn( "RequestTask: job %d does not exist (anymore): failed request" % self.request.JobID) for opFile in operation: opFile.Status = 'Failed' if operation.Status != 'Failed': operation.Status = 'Failed' self.request.Error = 'Job no longer exists' except Exception, error: self.log.exception("hit by exception: %s" % str(error)) if pluginName: gMonitor.addMark("%s%s" % (pluginName, "Fail"), 1) gMonitor.addMark("RequestFail", 1) if useServerCertificate: gConfigurationData.setOptionInCFG( '/DIRAC/Security/UseServerCertificate', 'true') break # # operation status check if operation.Status == "Done" and pluginName: gMonitor.addMark("%s%s" % (pluginName, "OK"), 1) elif operation.Status == "Failed" and pluginName: gMonitor.addMark("%s%s" % (pluginName, "Fail"), 1) elif operation.Status in ("Waiting", "Scheduled"): # # no update for waiting or all files scheduled break
def wrapped_fcn( *args, **kwargs ): userName = kwargs.pop( 'proxyUserName', '' ) userDN = kwargs.pop( 'proxyUserDN', '' ) userGroup = kwargs.pop( 'proxyUserGroup', '' ) vomsFlag = kwargs.pop( 'proxyWithVOMS', True ) proxyFilePath = kwargs.pop( 'proxyFilePath', False ) if ( userName or userDN ) and userGroup: # Setup user proxy originalUserProxy = os.environ.get( 'X509_USER_PROXY' ) if not userDN: result = getDNForUsername( userName ) if not result[ 'OK' ]: return result userDN = result[ 'Value' ][0] vomsAttr = '' if vomsFlag: vomsAttr = getVOMSAttributeForGroup( userGroup ) if vomsAttr: result = gProxyManager.downloadVOMSProxyToFile( userDN, userGroup, requiredVOMSAttribute = vomsAttr, filePath = proxyFilePath, requiredTimeLeft = 3600, cacheTime = 3600 ) else: result = gProxyManager.downloadProxyToFile( userDN, userGroup, filePath = proxyFilePath, requiredTimeLeft = 3600, cacheTime = 3600 ) if not result['OK']: gLogger.warn( "Can't download proxy to file", result['Message'] ) return result proxyFile = result['Value'] os.environ['X509_USER_PROXY'] = proxyFile # Check if the caller is executing with the host certificate useServerCertificate = gConfig.useServerCertificate() if useServerCertificate: gConfigurationData.setOptionInCFG( '/DIRAC/Security/UseServerCertificate', 'false' ) try: return fcn( *args, **kwargs ) except Exception as lException: value = ','.join( [str( arg ) for arg in lException.args] ) exceptType = lException.__class__.__name__ return S_ERROR( "Exception - %s: %s" % ( exceptType, value ) ) finally: # Restore the default host certificate usage if necessary if useServerCertificate: gConfigurationData.setOptionInCFG( '/DIRAC/Security/UseServerCertificate', 'true' ) if originalUserProxy: os.environ['X509_USER_PROXY'] = originalUserProxy else: os.environ.pop( 'X509_USER_PROXY' ) else: # No proxy substitution requested return fcn( *args, **kwargs )
def __call__( self ): """ request processing """ self.log.debug( "about to execute request" ) gMonitor.addMark( "RequestAtt", 1 ) # # setup proxy for request owner setupProxy = self.setupProxy() if not setupProxy["OK"]: self.log.error( setupProxy["Message"] ) self.request.Error = setupProxy["Message"] return S_ERROR( 'Change proxy error' ) shifter = setupProxy["Value"]["Shifter"] proxyFile = setupProxy["Value"]["ProxyFile"] error = None while self.request.Status == "Waiting": # # get waiting operation operation = self.request.getWaiting() if not operation["OK"]: self.log.error( operation["Message"] ) return operation operation = operation["Value"] self.log.info( "executing operation #%s '%s'" % ( operation.Order, operation.Type ) ) # # and handler for it handler = self.getHandler( operation ) if not handler["OK"]: self.log.error( "unable to process operation %s: %s" % ( operation.Type, handler["Message"] ) ) # gMonitor.addMark( "%s%s" % ( operation.Type, "Fail" ), 1 ) operation.Error = handler["Message"] break handler = handler["Value"] # # set shifters list in the handler handler.shifter = shifter # # and execute pluginName = self.getPluginName( self.handlersDict.get( operation.Type ) ) if self.standalone: useServerCertificate = gConfig.useServerCertificate() else: # Always use server certificates if executed within an agent useServerCertificate = True try: if pluginName: gMonitor.addMark( "%s%s" % ( pluginName, "Att" ), 1 ) # Always use request owner proxy if useServerCertificate: gConfigurationData.setOptionInCFG( '/DIRAC/Security/UseServerCertificate', 'false' ) exe = handler() if useServerCertificate: gConfigurationData.setOptionInCFG( '/DIRAC/Security/UseServerCertificate', 'true' ) if not exe["OK"]: self.log.error( "unable to process operation %s: %s" % ( operation.Type, exe["Message"] ) ) if pluginName: gMonitor.addMark( "%s%s" % ( pluginName, "Fail" ), 1 ) gMonitor.addMark( "RequestFail", 1 ) if self.request.JobID: # Check if the job exists monitorServer = RPCClient( "WorkloadManagement/JobMonitoring", useCertificates = True ) res = monitorServer.getJobPrimarySummary( int( self.request.JobID ) ) if not res["OK"]: self.log.error( "RequestTask: Failed to get job %d status" % self.request.JobID ) elif not res['Value']: self.log.warn( "RequestTask: job %d does not exist (anymore): failed request" % self.request.JobID ) for opFile in operation: opFile.Status = 'Failed' if operation.Status != 'Failed': operation.Status = 'Failed' self.request.Error = 'Job no longer exists' except Exception, error: self.log.exception( "hit by exception: %s" % str( error ) ) if pluginName: gMonitor.addMark( "%s%s" % ( pluginName, "Fail" ), 1 ) gMonitor.addMark( "RequestFail", 1 ) if useServerCertificate: gConfigurationData.setOptionInCFG( '/DIRAC/Security/UseServerCertificate', 'true' ) break # # operation status check if operation.Status == "Done" and pluginName: gMonitor.addMark( "%s%s" % ( pluginName, "OK" ), 1 ) elif operation.Status == "Failed" and pluginName: gMonitor.addMark( "%s%s" % ( pluginName, "Fail" ), 1 ) elif operation.Status in ( "Waiting", "Scheduled" ): # # no update for waiting or all files scheduled break
def __call__(self): """ request processing """ self.log.debug("about to execute request") gMonitor.addMark("RequestAtt", 1) # # setup proxy for request owner setupProxy = self.setupProxy() if not setupProxy["OK"]: self.request.Error = setupProxy["Message"] if 'has no proxy registered' in setupProxy["Message"]: self.log.error('Request set to Failed:', setupProxy["Message"]) # If user is no longer registered, fail the request for operation in self.request: for opFile in operation: opFile.Status = 'Failed' operation.Status = 'Failed' else: self.log.error(setupProxy["Message"]) return S_OK(self.request) shifter = setupProxy["Value"]["Shifter"] proxyFile = setupProxy["Value"]["ProxyFile"] error = None while self.request.Status == "Waiting": # # get waiting operation operation = self.request.getWaiting() if not operation["OK"]: self.log.error(operation["Message"]) return operation operation = operation["Value"] self.log.info("executing operation #%s '%s'" % (operation.Order, operation.Type)) # # and handler for it handler = self.getHandler(operation) if not handler["OK"]: self.log.error("unable to process operation %s: %s" % (operation.Type, handler["Message"])) # gMonitor.addMark( "%s%s" % ( operation.Type, "Fail" ), 1 ) operation.Error = handler["Message"] break handler = handler["Value"] # # set shifters list in the handler handler.shifter = shifter # # and execute pluginName = self.getPluginName(self.handlersDict.get(operation.Type)) if self.standalone: useServerCertificate = gConfig.useServerCertificate() else: # Always use server certificates if executed within an agent useServerCertificate = True try: if pluginName: gMonitor.addMark("%s%s" % (pluginName, "Att"), 1) # Always use request owner proxy if useServerCertificate: gConfigurationData.setOptionInCFG('/DIRAC/Security/UseServerCertificate', 'false') exe = handler() if useServerCertificate: gConfigurationData.setOptionInCFG('/DIRAC/Security/UseServerCertificate', 'true') if not exe["OK"]: self.log.error("unable to process operation %s: %s" % (operation.Type, exe["Message"])) if pluginName: gMonitor.addMark("%s%s" % (pluginName, "Fail"), 1) gMonitor.addMark("RequestFail", 1) if self.request.JobID: # Check if the job exists monitorServer = RPCClient("WorkloadManagement/JobMonitoring", useCertificates=True) res = monitorServer.getJobPrimarySummary(int(self.request.JobID)) if not res["OK"]: self.log.error("RequestTask: Failed to get job %d status" % self.request.JobID) elif not res['Value']: self.log.warn( "RequestTask: job %d does not exist (anymore): failed request" % self.request.JobID) for opFile in operation: opFile.Status = 'Failed' if operation.Status != 'Failed': operation.Status = 'Failed' self.request.Error = 'Job no longer exists' except Exception as error: self.log.exception("hit by exception: %s" % str(error)) if pluginName: gMonitor.addMark("%s%s" % (pluginName, "Fail"), 1) gMonitor.addMark("RequestFail", 1) if useServerCertificate: gConfigurationData.setOptionInCFG('/DIRAC/Security/UseServerCertificate', 'true') break # # operation status check if operation.Status == "Done" and pluginName: gMonitor.addMark("%s%s" % (pluginName, "OK"), 1) elif operation.Status == "Failed" and pluginName: gMonitor.addMark("%s%s" % (pluginName, "Fail"), 1) elif operation.Status in ("Waiting", "Scheduled"): # # no update for waiting or all files scheduled break gMonitor.flush() if error: return S_ERROR(error) # # request done? if self.request.Status == "Done": # # update request to the RequestDB self.log.info('updating request with status %s' % self.request.Status) update = self.updateRequest() if not update["OK"]: self.log.error(update["Message"]) return update self.log.info("request '%s' is done" % self.request.RequestName) gMonitor.addMark("RequestOK", 1) # # and there is a job waiting for it? finalize! if self.request.JobID: attempts = 0 while True: finalizeRequest = self.requestClient.finalizeRequest( self.request.RequestID, self.request.JobID) # pylint: disable=no-member if not finalizeRequest["OK"]: if not attempts: self.log.error( "unable to finalize request %s: %s, will retry" % (self.request.RequestName, finalizeRequest["Message"])) self.log.verbose("Waiting 10 seconds") attempts += 1 if attempts == 10: self.log.error("giving up finalize request after %d attempts" % attempts) return S_ERROR('Could not finalize request') time.sleep(10) else: self.log.info( "request '%s' is finalized%s" % (self.request.RequestName, (' after %d attempts' % attempts) if attempts else '')) break # Request will be updated by the callBack method self.log.verbose("RequestTasks exiting, request %s" % self.request.Status) return S_OK(self.request)
def __call__( self ): """ request processing """ self.log.debug( "about to execute request" ) gMonitor.addMark( "RequestAtt", 1 ) # # setup proxy for request owner setupProxy = self.setupProxy() if not setupProxy["OK"]: self.log.error( setupProxy["Message"] ) self.request.Error = setupProxy["Message"] return S_ERROR( 'Change proxy error' ) shifter = setupProxy["Value"]["Shifter"] proxyFile = setupProxy["Value"]["ProxyFile"] error = None while self.request.Status == "Waiting": # # get waiting operation operation = self.request.getWaiting() if not operation["OK"]: self.log.error( operation["Message"] ) return operation operation = operation["Value"] self.log.info( "executing operation #%s '%s'" % ( operation.Order, operation.Type ) ) # # and handler for it handler = self.getHandler( operation ) if not handler["OK"]: self.log.error( "unable to process operation %s: %s" % ( operation.Type, handler["Message"] ) ) # gMonitor.addMark( "%s%s" % ( operation.Type, "Fail" ), 1 ) operation.Error = handler["Message"] break handler = handler["Value"] # # set shifters list in the handler handler.shifter = shifter # # and execute pluginName = self.getPluginName( self.handlersDict.get( operation.Type ) ) useServerCertificate = gConfig.useServerCertificate() try: if pluginName: gMonitor.addMark( "%s%s" % ( pluginName, "Att" ), 1 ) # Always use request owner proxy if useServerCertificate: gConfigurationData.setOptionInCFG( '/DIRAC/Security/UseServerCertificate', 'false' ) exe = handler() if useServerCertificate: gConfigurationData.setOptionInCFG( '/DIRAC/Security/UseServerCertificate', 'true' ) if not exe["OK"]: self.log.error( "unable to process operation %s: %s" % ( operation.Type, exe["Message"] ) ) if pluginName: gMonitor.addMark( "%s%s" % ( pluginName, "Fail" ), 1 ) gMonitor.addMark( "RequestFail", 1 ) except Exception, error: self.log.exception( "hit by exception: %s" % str( error ) ) if pluginName: gMonitor.addMark( "%s%s" % ( pluginName, "Fail" ), 1 ) gMonitor.addMark( "RequestFail", 1 ) if useServerCertificate: gConfigurationData.setOptionInCFG( '/DIRAC/Security/UseServerCertificate', 'false' ) break # # operation status check if operation.Status == "Done" and pluginName: gMonitor.addMark( "%s%s" % ( pluginName, "OK" ), 1 ) elif operation.Status == "Failed" and pluginName: gMonitor.addMark( "%s%s" % ( pluginName, "Fail" ), 1 ) elif operation.Status in ( "Waiting", "Scheduled" ): # # no update for waiting or all files scheduled break