def execute(self): for vo in self.voList: self.voChanged = False voAdminUser = getVOOption(vo, "VOAdmin") voAdminMail = None if voAdminUser: voAdminMail = getUserOption(voAdminUser, "Email") voAdminGroup = getVOOption(vo, "VOAdminGroup", getVOOption(vo, "DefaultGroup")) self.log.info('Performing VOMS sync for VO %s with credentials %s@%s' % (vo, voAdminUser, voAdminGroup)) autoAddUsers = getVOOption(vo, "AutoAddUsers", self.autoAddUsers) autoModifyUsers = getVOOption(vo, "AutoModifyUsers", self.autoModifyUsers) autoDeleteUsers = getVOOption(vo, "AutoDeleteUsers", self.autoDeleteUsers) vomsSync = VOMS2CSSynchronizer(vo, autoAddUsers=autoAddUsers, autoModifyUsers=autoModifyUsers, autoDeleteUsers=autoDeleteUsers) result = self.__syncCSWithVOMS(vomsSync, # pylint: disable=unexpected-keyword-arg proxyUserName=voAdminUser, proxyUserGroup=voAdminGroup) if not result['OK']: self.log.error('Failed to perform VOMS to CS synchronization:', 'VO %s: %s' % (vo, result["Message"])) continue resultDict = result['Value'] newUsers = resultDict.get("NewUsers", []) modUsers = resultDict.get("ModifiedUsers", []) delUsers = resultDict.get("DeletedUsers", []) susUsers = resultDict.get("SuspendedUsers", []) csapi = resultDict.get("CSAPI") adminMessages = resultDict.get("AdminMessages", {'Errors': [], 'Info': []}) self.log.info("Run user results: new %d, modified %d, deleted %d, new/suspended %d" % (len(newUsers), len(modUsers), len(delUsers), len(susUsers))) if csapi.csModified: # We have accumulated all the changes, commit them now self.log.info("There are changes to the CS for vo %s ready to be committed" % vo) if self.dryRun: self.log.info("Dry Run: CS won't be updated") csapi.showDiff() else: result = csapi.commitChanges() if not result['OK']: self.log.error("Could not commit configuration changes", result['Message']) return result self.log.notice("Configuration committed for VO %s" % vo) else: self.log.info("No changes to the CS for VO %s recorded at this cycle" % vo) # Add user home directory in the file catalog if self.makeFCEntry and newUsers: self.log.info("Creating home directories for users %s" % str(newUsers)) result = self.__addHomeDirectory(vo, newUsers, # pylint: disable=unexpected-keyword-arg proxyUserName=voAdminUser, proxyUserGroup=voAdminGroup) if not result['OK']: self.log.error('Failed to create user home directories:', 'VO %s: %s' % (vo, result["Message"])) else: for user in result['Value']['Failed']: self.log.error("Failed to create home directory", "user: %s, operation: %s" % (user, result['Value']['Failed'][user])) adminMessages['Errors'].append("Failed to create home directory for user %s: operation %s" % (user, result['Value']['Failed'][user])) for user in result['Value']['Successful']: adminMessages['Info'].append("Created home directory for user %s" % user) if self.voChanged or self.detailedReport: mailMsg = "" if adminMessages['Errors']: mailMsg += "\nErrors list:\n %s" % "\n ".join(adminMessages['Errors']) if adminMessages['Info']: mailMsg += "\nRun result:\n %s" % "\n ".join(adminMessages['Info']) if self.detailedReport: result = vomsSync.getVOUserReport() if result['OK']: mailMsg += '\n\n' mailMsg += result['Value'] else: mailMsg += 'Failed to produce a detailed user report' mailMsg += result['Message'] NotificationClient().sendMail(self.am_getOption('MailTo', voAdminMail), "VOMS2CSAgent run log", mailMsg, self.am_getOption('MailFrom', self.am_getOption('mailFrom', "DIRAC system"))) return S_OK()
def execute(self): for vo in self.voList: voAdminUser = getVOOption(vo, "VOAdmin") voAdminMail = None if voAdminUser: voAdminMail = getUserOption(voAdminUser, "Email") voAdminGroup = getVOOption(vo, "VOAdminGroup", getVOOption(vo, "DefaultGroup")) self.log.info( "Performing VOMS sync", "for VO %s with credentials %s@%s" % (vo, voAdminUser, voAdminGroup)) autoAddUsers = getVOOption(vo, "AutoAddUsers", self.autoAddUsers) autoModifyUsers = getVOOption(vo, "AutoModifyUsers", self.autoModifyUsers) autoDeleteUsers = getVOOption(vo, "AutoDeleteUsers", self.autoDeleteUsers) autoLiftSuspendedStatus = getVOOption(vo, "AutoLiftSuspendedStatus", self.autoLiftSuspendedStatus) syncPluginName = getVOOption(vo, "SyncPluginName", self.syncPluginName) vomsSync = VOMS2CSSynchronizer( vo, autoAddUsers=autoAddUsers, autoModifyUsers=autoModifyUsers, autoDeleteUsers=autoDeleteUsers, autoLiftSuspendedStatus=autoLiftSuspendedStatus, syncPluginName=syncPluginName, ) result = self.__syncCSWithVOMS( # pylint: disable=unexpected-keyword-arg vomsSync, proxyUserName=voAdminUser, proxyUserGroup=voAdminGroup, ) if not result["OK"]: self.log.error("Failed to perform VOMS to CS synchronization:", "VO %s: %s" % (vo, result["Message"])) continue resultDict = result["Value"] newUsers = resultDict.get("NewUsers", []) modUsers = resultDict.get("ModifiedUsers", []) delUsers = resultDict.get("DeletedUsers", []) susUsers = resultDict.get("SuspendedUsers", []) csapi = resultDict.get("CSAPI") adminMessages = resultDict.get("AdminMessages", { "Errors": [], "Info": [] }) voChanged = resultDict.get("VOChanged", False) self.log.info( "Run user results", ": new %d, modified %d, deleted %d, new/suspended %d" % (len(newUsers), len(modUsers), len(delUsers), len(susUsers)), ) if csapi.csModified: # We have accumulated all the changes, commit them now self.log.info( "There are changes to the CS ready to be committed", "for VO %s" % vo) if self.dryRun: self.log.info("Dry Run: CS won't be updated") csapi.showDiff() else: result = csapi.commitChanges() if not result["OK"]: self.log.error( "Could not commit configuration changes", result["Message"]) return result self.log.notice("Configuration committed", "for VO %s" % vo) else: self.log.info("No changes to the CS recorded at this cycle", "for VO %s" % vo) # Add user home directory in the file catalog if self.makeFCEntry and newUsers: self.log.info("Creating home directories for users", str(newUsers)) result = self.__addHomeDirectory( # pylint: disable=unexpected-keyword-arg vo, newUsers, proxyUserName=voAdminUser, proxyUserGroup=voAdminGroup, ) if not result["OK"]: self.log.error("Failed to create user home directories:", "VO %s: %s" % (vo, result["Message"])) else: for user in result["Value"]["Failed"]: self.log.error( "Failed to create home directory", "user: %s, operation: %s" % (user, result["Value"]["Failed"][user]), ) adminMessages["Errors"].append( "Failed to create home directory for user %s: operation %s" % (user, result["Value"]["Failed"][user])) for user in result["Value"]["Successful"]: adminMessages["Info"].append( "Created home directory for user %s" % user) if voChanged or self.detailedReport: mailMsg = "" if adminMessages["Errors"]: mailMsg += "\nErrors list:\n %s" % "\n ".join( adminMessages["Errors"]) if adminMessages["Info"]: mailMsg += "\nRun result:\n %s" % "\n ".join( adminMessages["Info"]) if self.detailedReport: result = vomsSync.getVOUserReport() if result["OK"]: mailMsg += "\n\n" mailMsg += result["Value"] else: mailMsg += "Failed to produce a detailed user report" mailMsg += result["Message"] if self.dryRun: self.log.info("Dry Run: mail won't be sent") self.log.info(mailMsg) else: NotificationClient().sendMail( self.am_getOption("MailTo", voAdminMail), "VOMS2CSAgent run log", mailMsg, self.mailFrom) return S_OK()
def main(): Script.registerSwitch("V:", "vo=", "VO name", setVO) Script.registerSwitch("D", "dryRun", "Dry run", setDryRun) Script.parseCommandLine(ignoreErrors=True) @executeWithUserProxy def syncCSWithVOMS(vomsSync): return vomsSync.syncCSWithVOMS() voAdminUser = getVOOption(voName, "VOAdmin") voAdminGroup = getVOOption(voName, "VOAdminGroup", getVOOption(voName, "DefaultGroup")) vomsSync = VOMS2CSSynchronizer(voName) result = syncCSWithVOMS( # pylint: disable=unexpected-keyword-arg vomsSync, proxyUserName=voAdminUser, proxyUserGroup=voAdminGroup) if not result["OK"]: gLogger.error("Failed to synchronize user data") DIRACExit(-1) resultDict = result["Value"] newUsers = resultDict.get("NewUsers", []) modUsers = resultDict.get("ModifiedUsers", []) delUsers = resultDict.get("DeletedUsers", []) susUsers = resultDict.get("SuspendedUsers", []) gLogger.notice( "\nUser results: new %d, modified %d, deleted %d, new/suspended %d" % (len(newUsers), len(modUsers), len(delUsers), len(susUsers))) for msg in resultDict["AdminMessages"]["Info"]: gLogger.notice(msg) csapi = resultDict.get("CSAPI") if csapi and csapi.csModified: if dryRun: gLogger.notice( "There are changes to Registry ready to commit, skipped because of dry run" ) else: yn = input( "There are changes to Registry ready to commit, do you want to proceed ? [Y|n]:" ) if yn == "" or yn[0].lower() == "y": result = csapi.commitChanges() if not result["OK"]: gLogger.error("Could not commit configuration changes", result["Message"]) else: gLogger.notice("Registry changes committed for VO %s" % voName) else: gLogger.notice("Registry changes are not committed") else: gLogger.notice("No changes to Registry for VO %s" % voName) result = vomsSync.getVOUserReport() if not result["OK"]: gLogger.error("Failed to generate user data report") DIRACExit(-1) gLogger.notice("\n" + result["Value"])