Just listing the possible Properties This module contains list of Properties that can be assigned to users and groups

class DIRAC.Core.Security.Properties.SecurityProperty(value)

Bases: str, enum.Enum

An enumeration.

ACCOUNTING_MONITOR = 'AccountingMonitor'

Accounting Monitor - can see accounting data for all groups

ALARMS_MANAGEMENT = 'AlarmsManagement'

Allow to set notifications and manage alarms

BOOKKEEPING_MANAGEMENT = 'BookkeepingManagement'

Allow Bookkeeping Management

CS_ADMINISTRATOR = 'CSAdministrator'

CS Administrator - possibility to edit the Configuration Service

FC_MANAGEMENT = 'FileCatalogManagement'

Allow FC Management - FC root user

FULL_DELEGATION = 'FullDelegation'

Allow getting full delegated proxies

GENERIC_PILOT = 'GenericPilot'

Generic pilot

JOB_ADMINISTRATOR = 'JobAdministrator'

Job Administrator can manipulate everybody’s jobs

JOB_MONITOR = 'JobMonitor'

Job Monitor - can get job monitoring information

JOB_SHARING = 'JobSharing'

Job sharing among members of a group

LIMITED_DELEGATION = 'LimitedDelegation'

Allow getting only limited proxies (ie. pilots)

NORMAL_USER = 'NormalUser'

Normal user operations

OPERATOR = 'Operator'


PILOT = 'Pilot'

Private pilot


Allow production request approval on behalf of PPG

PRIVATE_LIMITED_DELEGATION = 'PrivateLimitedDelegation'

Allow getting only limited proxies for one self

PRODUCTION_MANAGEMENT = 'ProductionManagement'

Allow managing production

PROXY_MANAGEMENT = 'ProxyManagement'

Allow managing proxies

SERVICE_ADMINISTRATOR = 'ServiceAdministrator'

DIRAC Service Administrator

SITE_MANAGER = 'SiteManager'

Site Manager

STAGE_ALLOWED = 'StageAllowed'

Allow staging files

TRUSTED_HOST = 'TrustedHost'
A host property. This property is used::
  • For a host to forward credentials in an RPC call

USER_MANAGER = 'UserManager'

User, group, VO Registry management

class DIRAC.Core.Security.Properties.UnevaluatedExpression(operator: Callable[[...], bool], *args: DIRAC.Core.Security.Properties.UnevaluatedProperty)

Bases: DIRAC.Core.Security.Properties.UnevaluatedProperty

__init__(operator: Callable[[...], bool], *args: DIRAC.Core.Security.Properties.UnevaluatedProperty)
class DIRAC.Core.Security.Properties.UnevaluatedProperty(property: DIRAC.Core.Security.Properties.SecurityProperty)

Bases: object

__init__(property: DIRAC.Core.Security.Properties.SecurityProperty)