def _getPilotProxyFromDIRACGroup(self, ownerDN, ownerGroup, requiredTimeLeft): """ Download a limited pilot proxy with VOMS extensions depending on the group """ #Assign VOMS attribute vomsAttr = CS.getVOMSAttributeForGroup(ownerGroup) if not vomsAttr: self.log.info( "Downloading a proxy without VOMS extensions for %s@%s" % (ownerDN, ownerGroup)) return gProxyManager.downloadProxy( ownerDN, ownerGroup, limited=True, requiredTimeLeft=requiredTimeLeft) else: self.log.info( "Downloading a proxy with '%s' VOMS extension for %s@%s" % (vomsAttr, ownerDN, ownerGroup)) return gProxyManager.downloadVOMSProxy( ownerDN, ownerGroup, limited=True, requiredTimeLeft=requiredTimeLeft, requiredVOMSAttribute=vomsAttr)
def getProxy(self, userDN, userGroup, validity=43200, limited=False): """Retrieves a proxy with default 12hr validity and stores this in a file in the local directory by default. Example usage: >>> print diracAdmin.getProxy() {'OK': True, 'Value': } @return: S_OK,S_ERROR """ return gProxyManager.downloadProxy(userDN, userGroup, limited=limited, requiredTimeLeft=validity)
def getShifterProxy(shifterType, fileName=False): """ This method returns a shifter's proxy - shifterType : ProductionManager / DataManager... """ if fileName: try: os.makedirs(os.path.dirname(fileName)) except OSError: pass opsHelper = Operations() userName = opsHelper.getValue(cfgPath('Shifter', shifterType, 'User'), '') if not userName: return S_ERROR("No shifter User defined for %s" % shifterType) result = CS.getDNForUsername(userName) if not result['OK']: return result userDN = result['Value'][0] result = CS.findDefaultGroupForDN(userDN) if not result['OK']: return result defaultGroup = result['Value'] userGroup = opsHelper.getValue(cfgPath('Shifter', shifterType, 'Group'), defaultGroup) vomsAttr = CS.getVOMSAttributeForGroup(userGroup) if vomsAttr: gLogger.info("Getting VOMS [%s] proxy for shifter %s@%s (%s)" % (vomsAttr, userName, userGroup, userDN)) result = gProxyManager.downloadVOMSProxy(userDN, userGroup, requiredTimeLeft=4 * 43200) else: gLogger.info("Getting proxy for shifter %s@%s (%s)" % (userName, userGroup, userDN)) result = gProxyManager.downloadProxy(userDN, userGroup, requiredTimeLeft=4 * 43200) if not result['OK']: return result chain = result['Value'] result = gProxyManager.dumpProxyToFile(chain, destinationFile=fileName) if not result['OK']: return result fileName = result['Value'] return S_OK({ 'DN': userDN, 'username': userName, 'group': userGroup, 'chain': chain, 'proxyFile': fileName })
def getProxy( self, userDN, userGroup, validity = 43200, limited = False ): """Retrieves a proxy with default 12hr validity and stores this in a file in the local directory by default. Example usage: >>> print diracAdmin.getProxy() {'OK': True, 'Value': } @return: S_OK,S_ERROR """ return gProxyManager.downloadProxy( userDN, userGroup, limited = limited, requiredTimeLeft = validity )
def getShifterProxy(shifterType, fileName=False): """ This method returns a shifter's proxy - shifterType : ProductionManager / DataManager... """ if fileName: try: os.makedirs(os.path.dirname(fileName)) except: pass shifterSection = "/Operations/Shifter/%s" % shifterType userName = gConfig.getValue('%s/User' % shifterSection, '') if not userName: return S_ERROR("No shifter defined in %s/User" % shifterSection) result = CS.getDNForUsername(userName) if not result['OK']: return result userDN = result['Value'][0] userGroup = gConfig.getValue('%s/Group' % shifterSection, CS.getDefaultUserGroup()) vomsAttr = CS.getVOMSAttributeForGroup(userGroup) if vomsAttr: gLogger.info("Getting VOMS [%s] proxy for shifter %s@%s (%s)" % (vomsAttr, userName, userGroup, userDN)) result = gProxyManager.downloadVOMSProxy(userDN, userGroup, requiredTimeLeft=4 * 43200) else: gLogger.info("Getting proxy for shifter %s@%s (%s)" % (userName, userGroup, userDN)) result = gProxyManager.downloadProxy(userDN, userGroup, requiredTimeLeft=4 * 43200) if not result['OK']: return result chain = result['Value'] result = gProxyManager.dumpProxyToFile(chain, destinationFile=fileName) if not result['OK']: return result fileName = result['Value'] return S_OK({ 'DN': userDN, 'username': userName, 'group': userGroup, 'chain': chain, 'proxyFile': fileName })
def _getPilotProxyFromDIRACGroup( self, ownerDN, ownerGroup, requiredTimeLeft ): """ Download a limited pilot proxy with VOMS extensions depending on the group """ #Assign VOMS attribute vomsAttr = CS.getVOMSAttributeForGroup( ownerGroup ) if not vomsAttr: self.log.info( "Downloading a proxy without VOMS extensions for %s@%s" % ( ownerDN, ownerGroup ) ) return gProxyManager.downloadProxy( ownerDN, ownerGroup, limited = True, requiredTimeLeft = requiredTimeLeft ) else: self.log.info( "Downloading a proxy with '%s' VOMS extension for %s@%s" % ( vomsAttr, ownerDN, ownerGroup ) ) return gProxyManager.downloadVOMSProxy( ownerDN, ownerGroup, limited = True, requiredTimeLeft = requiredTimeLeft, requiredVOMSAttribute = vomsAttr )
def getShifterProxy( shifterType, fileName = False ): """ This method returns a shifter's proxy - shifterType : ProductionManager / DataManager... """ if fileName: try: os.makedirs( os.path.dirname( fileName ) ) except OSError: pass opsHelper = Operations() userName = opsHelper.getValue( cfgPath( 'Shifter', shifterType, 'User' ), '' ) if not userName: return S_ERROR( "No shifter User defined for %s" % shifterType ) result = CS.getDNForUsername( userName ) if not result[ 'OK' ]: return result userDN = result[ 'Value' ][0] result = CS.findDefaultGroupForDN( userDN ) if not result['OK']: return result defaultGroup = result['Value'] userGroup = opsHelper.getValue( cfgPath( 'Shifter', shifterType, 'Group' ), defaultGroup ) vomsAttr = CS.getVOMSAttributeForGroup( userGroup ) if vomsAttr: gLogger.info( "Getting VOMS [%s] proxy for shifter %s@%s (%s)" % ( vomsAttr, userName, userGroup, userDN ) ) result = gProxyManager.downloadVOMSProxy( userDN, userGroup, requiredTimeLeft = 4 * 43200 ) else: gLogger.info( "Getting proxy for shifter %s@%s (%s)" % ( userName, userGroup, userDN ) ) result = gProxyManager.downloadProxy( userDN, userGroup, requiredTimeLeft = 4 * 43200 ) if not result[ 'OK' ]: return result chain = result[ 'Value' ] result = gProxyManager.dumpProxyToFile( chain, destinationFile = fileName ) if not result[ 'OK' ]: return result fileName = result[ 'Value' ] return S_OK( { 'DN' : userDN, 'username' : userName, 'group' : userGroup, 'chain' : chain, 'proxyFile' : fileName } )
def getShifterProxy( shifterType, fileName = False ): """ This method returns a shifter's proxy - shifterType : ProductionManager / DataManager... """ if fileName: try: os.makedirs( os.path.dirname( fileName ) ) except: pass shifterSection = "/Operations/Shifter/%s" % shifterType userName = gConfig.getValue( '%s/User' % shifterSection, '' ) if not userName: return S_ERROR( "No shifter defined in %s/User" % shifterSection ) result = CS.getDNForUsername( userName ) if not result[ 'OK' ]: return result userDN = result[ 'Value' ][0] userGroup = gConfig.getValue( '%s/Group' % shifterSection, CS.getDefaultUserGroup() ) vomsAttr = CS.getVOMSAttributeForGroup( userGroup ) if vomsAttr: gLogger.info( "Getting VOMS [%s] proxy for shifter %s@%s (%s)" % ( vomsAttr, userName, userGroup, userDN ) ) result = gProxyManager.downloadVOMSProxy( userDN, userGroup, requiredTimeLeft = 4 * 43200 ) else: gLogger.info( "Getting proxy for shifter %s@%s (%s)" % ( userName, userGroup, userDN ) ) result = gProxyManager.downloadProxy( userDN, userGroup, requiredTimeLeft = 4 * 43200 ) if not result[ 'OK' ]: return result chain = result[ 'Value' ] result = gProxyManager.dumpProxyToFile( chain, destinationFile = fileName ) if not result[ 'OK' ]: return result fileName = result[ 'Value' ] return S_OK( { 'DN' : userDN, 'username' : userName, 'group' : userGroup, 'chain' : chain, 'proxyFile' : fileName } )
def main(): params = Params() params.registerCLISwitches() Script.parseCommandLine(ignoreErrors=True) args = Script.getPositionalArgs() if len(args) != 2: Script.showHelp() userGroup = str(args[1]) userDN = str(args[0]) userName = False if userDN.find("/") != 0: userName = userDN retVal = Registry.getDNForUsername(userName) if not retVal['OK']: gLogger.notice("Cannot discover DN for username %s\n\t%s" % (userName, retVal['Message'])) DIRAC.exit(2) DNList = retVal['Value'] if len(DNList) > 1: gLogger.notice("Username %s has more than one DN registered" % userName) ind = 0 for dn in DNList: gLogger.notice("%d %s" % (ind, dn)) ind += 1 inp = six.moves.input( "Which DN do you want to download? [default 0] ") if not inp: inp = 0 else: inp = int(inp) userDN = DNList[inp] else: userDN = DNList[0] if not params.proxyPath: if not userName: result = Registry.getUsernameForDN(userDN) if not result['OK']: gLogger.notice("DN '%s' is not registered in DIRAC" % userDN) DIRAC.exit(2) userName = result['Value'] params.proxyPath = "%s/proxy.%s.%s" % (os.getcwd(), userName, userGroup) if params.enableVOMS: result = gProxyManager.downloadVOMSProxy( userDN, userGroup, limited=params.limited, requiredTimeLeft=params.proxyLifeTime, requiredVOMSAttribute=params.vomsAttr) else: result = gProxyManager.downloadProxy( userDN, userGroup, limited=params.limited, requiredTimeLeft=params.proxyLifeTime) if not result['OK']: gLogger.notice('Proxy file cannot be retrieved: %s' % result['Message']) DIRAC.exit(2) chain = result['Value'] result = chain.dumpAllToFile(params.proxyPath) if not result['OK']: gLogger.notice('Proxy file cannot be written to %s: %s' % (params.proxyPath, result['Message'])) DIRAC.exit(2) gLogger.notice("Proxy downloaded to %s" % params.proxyPath) DIRAC.exit(0)
print "Which dn do you want to download?" DIRAC.exit( 2 ) userDN = DNList[0] if not params.proxyPath: if not userName: result = Registry.getUsernameForDN( userDN ) if not result[ 'OK' ]: print "DN '%s' is not registered in DIRAC" % userDN DIRAC.exit( 2 ) userName = result[ 'Value' ] params.proxyPath = "%s/proxy.%s.%s" % ( os.getcwd(), userName, userGroup ) if params.enableVOMS: result = gProxyManager.downloadVOMSProxy( userDN, userGroup, limited = params.limited, requiredTimeLeft = params.proxyLifeTime, requiredVOMSAttribute = params.vomsAttr ) else: result = gProxyManager.downloadProxy( userDN, userGroup, limited = params.limited, requiredTimeLeft = params.proxyLifeTime ) if not result['OK']: print 'Proxy file cannot be retrieved: %s' % result['Message'] DIRAC.exit( 2 ) chain = result[ 'Value' ] result = chain.dumpAllToFile( params.proxyPath ) if not result['OK']: print 'Proxy file cannot be written to %s: %s' % ( params.proxyPath, result['Message'] ) DIRAC.exit( 2 ) print "Proxy downloaded to %s" % params.proxyPath DIRAC.exit( 0 )
def main(): params = Params() params.registerCLISwitches() # Registering arguments will automatically add their description to the help menu Script.registerArgument(( "DN: DN of the user", "user: DIRAC user name (will fail if there is more than 1 DN registered)" )) Script.registerArgument(" group: DIRAC group name") Script.parseCommandLine(ignoreErrors=True) # parseCommandLine show help when mandatory arguments are not specified or incorrect argument userDN, userGroup = Script.getPositionalArgs(group=True) userName = False if userDN.find("/") != 0: userName = userDN retVal = Registry.getDNForUsername(userName) if not retVal["OK"]: gLogger.notice("Cannot discover DN for username %s\n\t%s" % (userName, retVal["Message"])) DIRAC.exit(2) DNList = retVal["Value"] if len(DNList) > 1: gLogger.notice("Username %s has more than one DN registered" % userName) ind = 0 for dn in DNList: gLogger.notice("%d %s" % (ind, dn)) ind += 1 inp = input("Which DN do you want to download? [default 0] ") if not inp: inp = 0 else: inp = int(inp) userDN = DNList[inp] else: userDN = DNList[0] if not params.proxyPath: if not userName: result = Registry.getUsernameForDN(userDN) if not result["OK"]: gLogger.notice("DN '%s' is not registered in DIRAC" % userDN) DIRAC.exit(2) userName = result["Value"] params.proxyPath = "%s/proxy.%s.%s" % (os.getcwd(), userName, userGroup) if params.enableVOMS: result = gProxyManager.downloadVOMSProxy( userDN, userGroup, limited=params.limited, requiredTimeLeft=params.proxyLifeTime, requiredVOMSAttribute=params.vomsAttr, ) else: result = gProxyManager.downloadProxy( userDN, userGroup, limited=params.limited, requiredTimeLeft=params.proxyLifeTime) if not result["OK"]: gLogger.notice("Proxy file cannot be retrieved: %s" % result["Message"]) DIRAC.exit(2) chain = result["Value"] result = chain.dumpAllToFile(params.proxyPath) if not result["OK"]: gLogger.notice("Proxy file cannot be written to %s: %s" % (params.proxyPath, result["Message"])) DIRAC.exit(2) gLogger.notice("Proxy downloaded to %s" % params.proxyPath) DIRAC.exit(0)
result = CS.getUsernameForDN(userDN) if not result['OK']: print "DN '%s' is not registered in DIRAC" % userDN DIRAC.exit(2) userName = result['Value'] params.proxyPath = "%s/proxy.%s.%s" % (os.getcwd(), userName, userGroup) if params.enableVOMS: result = gProxyManager.downloadVOMSProxy( userDN, userGroup, limited=params.limited, requiredTimeLeft=params.proxyLifeTime, requiredVOMSAttribute=params.vomsAttr) else: result = gProxyManager.downloadProxy(userDN, userGroup, limited=params.limited, requiredTimeLeft=params.proxyLifeTime) if not result['OK']: print 'Proxy file cannot be retrieved: %s' % result['Message'] DIRAC.exit(2) chain = result['Value'] result = chain.dumpAllToFile(params.proxyPath) if not result['OK']: print 'Proxy file cannot be written to %s: %s' % (params.proxyPath, result['Message']) DIRAC.exit(2) print "Proxy downloaded to %s" % params.proxyPath DIRAC.exit(0)
def __getOwnerProxy(self, dirPath): ''' get owner creds for :dirPath: ''' self.log.verbose("Retrieving dir metadata...") # get owner form the cached information, if not, try getDirectoryMetadata ownerName, ownerGroup = self.__directoryOwners.pop( dirPath, (None, None)) if not ownerName or not ownerGroup: result = returnSingleResult( self.catalog.getDirectoryMetadata(dirPath)) if not result['OK'] or 'OwnerRole' not in result['Value']: self.log.error("Could not get metadata info", result['Message']) return result ownerRole = result['Value']['OwnerRole'] ownerDN = result['Value']['OwnerDN'] if ownerRole[0] != "/": ownerRole = "/%s" % ownerRole cacheKey = (ownerDN, ownerRole) ownerName = 'unknown' byGroup = False else: ownerDN = Registry.getDNForUsername(ownerName) if not ownerDN['OK']: self.log.error("Could not get DN from user name", ownerDN['Message']) return ownerDN ownerDN = ownerDN['Value'][0] # This bloody method returns directly a string!!!! ownerRole = Registry.getVOMSAttributeForGroup(ownerGroup) byGroup = True # Get all groups for that VOMS Role, and add lhcb_user as in DFC this is a safe value ownerGroups = Registry.getGroupsWithVOMSAttribute(ownerRole) + [ 'lhcb_user' ] downErrors = [] for ownerGroup in ownerGroups: if byGroup: ownerRole = None cacheKey = (ownerDN, ownerGroup) if cacheKey in self.__noProxy: return S_ERROR("Proxy not available") # Getting the proxy... upFile = self.proxyCache.get(cacheKey, 3600) if upFile and os.path.exists(upFile): self.log.verbose( 'Returning cached proxy for %s %s@%s [%s] in %s' % (ownerName, ownerDN, ownerGroup, ownerRole, upFile)) return S_OK(upFile) if ownerRole: result = gProxyManager.downloadVOMSProxy( ownerDN, ownerGroup, limited=False, requiredVOMSAttribute=ownerRole) else: result = gProxyManager.downloadProxy(ownerDN, ownerGroup, limited=False) if not result['OK']: downErrors.append("%s : %s" % (cacheKey, result['Message'])) continue userProxy = result['Value'] secsLeft = max(0, userProxy.getRemainingSecs()['Value']) upFile = userProxy.dumpAllToFile() if upFile['OK']: upFile = upFile['Value'] else: return upFile self.proxyCache.add(cacheKey, secsLeft, upFile) self.log.info("Got proxy for %s %s@%s [%s]" % (ownerName, ownerDN, ownerGroup, ownerRole)) return S_OK(upFile) self.__noProxy.add(cacheKey) return S_ERROR("Could not download proxy for user (%s, %s):\n%s " % (ownerDN, ownerRole, "\n ".join(downErrors)))