def getPayloadProxyFromVOMSGroup(self, userDN, vomsAttr, token, requiredTimeLeft, proxyToConnect=None): """ Download a payload proxy with VOMS extensions depending on the VOMS attr :param basestring userDN: user DN :param basestring vomsAttr: VOMS attribute :param basestring token: valid token to get a proxy :param int requiredTimeLeft: required proxy live time in a seconds :param X509Chain proxyToConnect: proxy as a chain :return: S_OK(X509Chain)/S_ERROR() """ groups = Registry.getGroupsWithVOMSAttribute(vomsAttr) if not groups: return S_ERROR("No group found that has %s as voms attrs" % vomsAttr) userGroup = groups[0] return self.downloadVOMSProxy(userDN, userGroup, limited=True, requiredTimeLeft=requiredTimeLeft, requiredVOMSAttribute=vomsAttr, proxyToConnect=proxyToConnect, token=token)
def getPilotProxyFromVOMSGroup(self, userDN, vomsAttr, requiredTimeLeft=43200, proxyToConnect=None): """ Download a pilot proxy with VOMS extensions depending on the group :param basestring userDN: user DN :param basestring vomsAttr: VOMS attribute :param int requiredTimeLeft: required proxy live time in a seconds :param X509Chain proxyToConnect: proxy as a chain :return: S_OK(X509Chain)/S_ERROR() """ groups = Registry.getGroupsWithVOMSAttribute(vomsAttr) if not groups: return S_ERROR("No group found that has %s as voms attrs" % vomsAttr) for userGroup in groups: result = self.downloadVOMSProxy(userDN, userGroup, limited=False, requiredTimeLeft=requiredTimeLeft, requiredVOMSAttribute=vomsAttr, proxyToConnect=proxyToConnect) if result['OK']: return result return result
def __getProxyAndRemoveReplica(self, diracSE, lfn): """ get a proxy from the owner of the file and try to remove it returns True if it succeeds, False otherwise """ result = self.replicaManager.getCatalogDirectoryMetadata( lfn, singleFile=True) if not result['OK']: gLogger.error("Could not get metadata info", result['Message']) return False ownerRole = result['Value']['OwnerRole'] ownerDN = result['Value']['OwnerDN'] if ownerRole[0] != "/": ownerRole = "/%s" % ownerRole userProxy = '' for ownerGroup in Registry.getGroupsWithVOMSAttribute(ownerRole): result = gProxyManager.downloadVOMSProxy( ownerDN, ownerGroup, limited=True, requiredVOMSAttribute=ownerRole) if not result['OK']: gLogger.verbose( 'Failed to retrieve voms proxy for %s : %s:' % (ownerDN, ownerRole), result['Message']) continue userProxy = result['Value'] gLogger.verbose("Got proxy for %s@%s [%s]" % (ownerDN, ownerGroup, ownerRole)) break if not userProxy: return False result = userProxy.dumpAllToFile() if not result['OK']: gLogger.verbose(result['Message']) return False upFile = result['Value'] prevProxyEnv = os.environ['X509_USER_PROXY'] os.environ['X509_USER_PROXY'] = upFile try: res = self.replicaManager.removeReplica(diracSE, lfn) if res['OK'] and lfn in res['Value']['Successful']: gLogger.verbose('Removed %s from %s' % (lfn, diracSE)) return True finally: os.environ['X509_USER_PROXY'] = prevProxyEnv os.unlink(upFile) return False
def __getProxyAndRemoveReplica( self, diracSE, lfn ): """ get a proxy from the owner of the file and try to remove it returns True if it succeeds, False otherwise """ result = self.replicaManager.getCatalogDirectoryMetadata( lfn, singleFile = True ) if not result[ 'OK' ]: gLogger.error( "Could not get metadata info", result[ 'Message' ] ) return False ownerRole = result[ 'Value' ][ 'OwnerRole' ] ownerDN = result[ 'Value' ][ 'OwnerDN' ] if ownerRole[0] != "/": ownerRole = "/%s" % ownerRole userProxy = '' for ownerGroup in Registry.getGroupsWithVOMSAttribute( ownerRole ): result = gProxyManager.downloadVOMSProxy( ownerDN, ownerGroup, limited = True, requiredVOMSAttribute = ownerRole ) if not result[ 'OK' ]: gLogger.verbose ( 'Failed to retrieve voms proxy for %s : %s:' % ( ownerDN, ownerRole ), result[ 'Message' ] ) continue userProxy = result[ 'Value' ] gLogger.verbose( "Got proxy for %s@%s [%s]" % ( ownerDN, ownerGroup, ownerRole ) ) break if not userProxy: return False result = userProxy.dumpAllToFile() if not result[ 'OK' ]: gLogger.verbose( result[ 'Message' ] ) return False upFile = result[ 'Value' ] prevProxyEnv = os.environ[ 'X509_USER_PROXY' ] os.environ[ 'X509_USER_PROXY' ] = upFile try: res = self.replicaManager.removeReplica( diracSE, lfn ) if res['OK'] and lfn in res[ 'Value' ]['Successful']: gLogger.verbose( 'Removed %s from %s' % ( lfn, diracSE ) ) return True finally: os.environ[ 'X509_USER_PROXY' ] = prevProxyEnv os.unlink( upFile ) return False
def addFile(self, name, fileDict, repDict, numericid): """ Pretty print of the file ls output """ perm = fileDict['Mode'] date = fileDict['ModificationDate'] #nlinks = fileDict.get('NumberOfLinks',0) nreplicas = len(repDict) size = fileDict['Size'] if 'Owner' in fileDict: uname = fileDict['Owner'] elif 'OwnerDN' in fileDict: result = Registry.getUsernameForDN(fileDict['OwnerDN']) if result['OK']: uname = result['Value'] else: uname = 'unknown' else: uname = 'unknown' if numericid: uname = str(fileDict['UID']) if 'OwnerGroup' in fileDict: gname = fileDict['OwnerGroup'] elif 'OwnerRole' in fileDict: groups = Registry.getGroupsWithVOMSAttribute('/' + fileDict['OwnerRole']) if groups: if len(groups) > 1: gname = groups[0] default_group = gConfig.getValue('/Registry/DefaultGroup', 'unknown') if default_group in groups: gname = default_group else: gname = groups[0] else: gname = 'unknown' else: gname = 'unknown' if numericid: gname = str(fileDict['GID']) self.entries.append(('-' + self.__getModeString(perm), nreplicas, uname, gname, size, date, name))
def addFile(self, name, fileDict, repDict, numericid): """Pretty print of the file ls output""" perm = fileDict["Mode"] date = fileDict["ModificationDate"] # nlinks = fileDict.get('NumberOfLinks',0) nreplicas = len(repDict) size = fileDict["Size"] if "Owner" in fileDict: uname = fileDict["Owner"] elif "OwnerDN" in fileDict: result = Registry.getUsernameForDN(fileDict["OwnerDN"]) if result["OK"]: uname = result["Value"] else: uname = "unknown" else: uname = "unknown" if numericid: uname = str(fileDict["UID"]) if "OwnerGroup" in fileDict: gname = fileDict["OwnerGroup"] elif "OwnerRole" in fileDict: groups = Registry.getGroupsWithVOMSAttribute("/" + fileDict["OwnerRole"]) if groups: if len(groups) > 1: gname = groups[0] default_group = gConfig.getValue("/Registry/DefaultGroup", "unknown") if default_group in groups: gname = default_group else: gname = groups[0] else: gname = "unknown" else: gname = "unknown" if numericid: gname = str(fileDict["GID"]) self.entries.append(("-" + self.__getModeString(perm), nreplicas, uname, gname, size, date, name))
def addDirectory(self, name, dirDict, numericid): """ Pretty print of the file ls output """ perm = dirDict['Mode'] date = dirDict['ModificationDate'] nlinks = 0 size = 0 if 'Owner' in dirDict: uname = dirDict['Owner'] elif 'OwnerDN' in dirDict: result = Registry.getUsernameForDN(dirDict['OwnerDN']) if result['OK']: uname = result['Value'] else: uname = 'unknown' else: uname = 'unknown' if numericid: uname = str(dirDict['UID']) if 'OwnerGroup' in dirDict: gname = dirDict['OwnerGroup'] elif 'OwnerRole' in dirDict: groups = Registry.getGroupsWithVOMSAttribute('/' + dirDict['OwnerRole']) if groups: if len(groups) > 1: gname = groups[0] default_group = gConfig.getValue('/Registry/DefaultGroup', 'unknown') if default_group in groups: gname = default_group else: gname = groups[0] else: gname = 'unknown' if numericid: gname = str(dirDict['GID']) self.entries.append(('d' + self.__getModeString(perm), nlinks, uname, gname, size, date, name))
def addDirectory(self, name, dirDict, numericid): """Pretty print of the file ls output""" perm = dirDict["Mode"] date = dirDict["ModificationDate"] nlinks = 0 size = 0 if "Owner" in dirDict: uname = dirDict["Owner"] elif "OwnerDN" in dirDict: result = Registry.getUsernameForDN(dirDict["OwnerDN"]) if result["OK"]: uname = result["Value"] else: uname = "unknown" else: uname = "unknown" if numericid: uname = str(dirDict["UID"]) if "OwnerGroup" in dirDict: gname = dirDict["OwnerGroup"] elif "OwnerRole" in dirDict: groups = Registry.getGroupsWithVOMSAttribute("/" + dirDict["OwnerRole"]) if groups: if len(groups) > 1: gname = groups[0] default_group = gConfig.getValue("/Registry/DefaultGroup", "unknown") if default_group in groups: gname = default_group else: gname = groups[0] else: gname = "unknown" if numericid: gname = str(dirDict["GID"]) self.entries.append(("d" + self.__getModeString(perm), nlinks, uname, gname, size, date, name))
def getPayloadProxyFromVOMSGroup(self, userDN, vomsAttr, token, requiredTimeLeft, proxyToConnect=False): """ Download a payload proxy with VOMS extensions depending on the VOMS attr """ groups = Registry.getGroupsWithVOMSAttribute(vomsAttr) if not groups: return S_ERROR("No group found that has %s as voms attrs" % vomsAttr) userGroup = groups[0] return self.downloadVOMSProxy(userDN, userGroup, limited=True, requiredTimeLeft=requiredTimeLeft, requiredVOMSAttribute=vomsAttr, proxyToConnect=proxyToConnect, token=token)
def getPilotProxyFromVOMSGroup(self, userDN, vomsAttr, requiredTimeLeft=43200, proxyToConnect=False): """ Download a pilot proxy with VOMS extensions depending on the group """ groups = Registry.getGroupsWithVOMSAttribute(vomsAttr) if not groups: return S_ERROR("No group found that has %s as voms attrs" % vomsAttr) for userGroup in groups: result = self.downloadVOMSProxy(userDN, userGroup, limited=False, requiredTimeLeft=requiredTimeLeft, requiredVOMSAttribute=vomsAttr, proxyToConnect=proxyToConnect) if result['OK']: return result return result
def __getOwnerProxy(self, dirPath): ''' get owner creds for :dirPath: ''' self.log.verbose("Retrieving dir metadata...") # get owner form the cached information, if not, try getDirectoryMetadata ownerName, ownerGroup = self.__directoryOwners.pop( dirPath, (None, None)) if not ownerName or not ownerGroup: result = returnSingleResult( self.catalog.getDirectoryMetadata(dirPath)) if not result['OK'] or 'OwnerRole' not in result['Value']: self.log.error("Could not get metadata info", result['Message']) return result ownerRole = result['Value']['OwnerRole'] ownerDN = result['Value']['OwnerDN'] if ownerRole[0] != "/": ownerRole = "/%s" % ownerRole cacheKey = (ownerDN, ownerRole) ownerName = 'unknown' byGroup = False else: ownerDN = Registry.getDNForUsername(ownerName) if not ownerDN['OK']: self.log.error("Could not get DN from user name", ownerDN['Message']) return ownerDN ownerDN = ownerDN['Value'][0] # This bloody method returns directly a string!!!! ownerRole = Registry.getVOMSAttributeForGroup(ownerGroup) byGroup = True # Get all groups for that VOMS Role, and add lhcb_user as in DFC this is a safe value ownerGroups = Registry.getGroupsWithVOMSAttribute(ownerRole) + [ 'lhcb_user' ] downErrors = [] for ownerGroup in ownerGroups: if byGroup: ownerRole = None cacheKey = (ownerDN, ownerGroup) if cacheKey in self.__noProxy: return S_ERROR("Proxy not available") # Getting the proxy... upFile = self.proxyCache.get(cacheKey, 3600) if upFile and os.path.exists(upFile): self.log.verbose( 'Returning cached proxy for %s %s@%s [%s] in %s' % (ownerName, ownerDN, ownerGroup, ownerRole, upFile)) return S_OK(upFile) if ownerRole: result = gProxyManager.downloadVOMSProxy( ownerDN, ownerGroup, limited=False, requiredVOMSAttribute=ownerRole) else: result = gProxyManager.downloadProxy(ownerDN, ownerGroup, limited=False) if not result['OK']: downErrors.append("%s : %s" % (cacheKey, result['Message'])) continue userProxy = result['Value'] secsLeft = max(0, userProxy.getRemainingSecs()['Value']) upFile = userProxy.dumpAllToFile() if upFile['OK']: upFile = upFile['Value'] else: return upFile self.proxyCache.add(cacheKey, secsLeft, upFile) self.log.info("Got proxy for %s %s@%s [%s]" % (ownerName, ownerDN, ownerGroup, ownerRole)) return S_OK(upFile) self.__noProxy.add(cacheKey) return S_ERROR("Could not download proxy for user (%s, %s):\n%s " % (ownerDN, ownerRole, "\n ".join(downErrors)))