def user_has_put_permission(self, conn):
"""Does the user have permission to write to the workspace
on the storage device?
"""
# groupworkspace permission
gws_permission = Backend._user_has_put_permission(
self, conn.jdma_user, conn.jdma_workspace.workspace)
return gws_permission
def user_has_delete_permission(self, batch_id, conn):
"""Check whether the user has permission (via their access_key and
secret_key) to delete the object from the object store, and whether they
have permission from the groupworkspace LDAP.
"""
# check from the groupworkspace
gws_permission = Backend._user_has_delete_permission(
self, conn.jdma_user, conn.jdma_workspace.workspace, batch_id)
return gws_permission
def user_has_get_permission(self, batch_id, conn):
"""Check whether the user has permission to access the elastic tape,
and whether they have permission from the groupworkspace
"""
gws_permission = Backend._user_has_get_permission(
self, conn.jdma_user, conn.jdma_workspace.workspace)
# elastic tape permission
et_permission = user_in_workspace(conn.jdma_user,
conn.jdma_workspace.workspace,
self.ET_Settings)
return gws_permission & et_permission
def user_has_delete_permission(self, batch_id, conn):
"""Check whether the user has permission to delete the object from the
elastic tape, and whether they have permission from the groupworkspace
LDAP.
"""
# check from the groupworkspace
gws_permission = Backend._user_has_delete_permission(
self, conn.jdma_user, conn.jdma_workspace.workspace, batch_id)
# elastic tape permission
et_permission = user_in_workspace(conn.jdma_user,
conn.jdma_workspace.workspace,
self.ET_Settings)
return gws_permission & et_permission
def user_has_put_permission(self, conn):
"""Check whether the user has permission to access the elastic tape,
and whether they have permission from the groupworkspace
"""
# groupworkspace permission
gws_permission = Backend._user_has_put_permission(
self, conn.jdma_user, conn.jdma_workspace.workspace)
# elastic tape permission - fetch from URL and use beautifulsoup to
# parse the returned table into something meaningful
et_permission = user_in_workspace(conn.jdma_user,
conn.jdma_workspace.workspace,
self.ET_Settings)
return gws_permission & et_permission
def user_has_get_permission(self, batch_id, conn):
"""Check whether the user has permission (via their access_key and
secret_key) to access the object store, and whether they have
permission from the groupworkspace
"""
gws_permission = Backend._user_has_get_permission(
self, conn.jdma_user, conn.jdma_workspace.workspace)
# to validate the credentials we have to do some operation, as just
# connecting the client doesn't do any validation!
try:
conn.list_buckets()
s3_permission = True
except Exception:
s3_permission = False
return gws_permission & s3_permission
def user_has_get_permission(self, batch_id, conn):
"""Does the user have permission to get the migration request from the
storage device?"""
from jdma_control.models import Migration
# groupworkspace permission
gws_permission = Backend._user_has_get_permission(
self, conn.jdma_user, conn.jdma_workspace.workspace)
# get the batch name and try to change to that directory
migration = Migration.objects.get(pk=int(batch_id))
try:
conn.cwd(migration.external_id)
ftp_permission = True
except:
ftp_permission = False
return gws_permission & ftp_permission
def user_has_delete_permission(self, batch_id, conn):
"""Determine whether the user has the permission to delete the batch
given by batch_id in the workspace.
"""
from jdma_control.models import Migration
# groupworkspace permission
gws_permission = Backend._user_has_delete_permission(
self, conn.jdma_user, conn.jdma_workspace.workspace, batch_id)
# get the batch name and try to change to that directory
migration = Migration.objects.get(pk=int(batch_id))
try:
conn.cwd(migration.external_id)
ftp_permission = True
except:
ftp_permission = False
return gws_permission & ftp_permission