ProxyDB

ProxyDB class is a front-end to the ProxyDB MySQL database.

Database contains the following tables:

  • ProxyDB_Requests – a delegation requests storage table for a given proxy Chain

  • ProxyDB_CleanProxies – table for storing proxies in “clean” form, ie without the presence of DIRAC and VOMS extensions.

  • ProxyDB_VOMSProxies – proxy storage table with VOMS extension already added.

  • ProxyDB_Log – table with logs.

class DIRAC.FrameworkSystem.DB.ProxyDB.ProxyDB(mailFrom=None, parentLogger=None)

Bases: DB

NOTIFICATION_TIMES = [2592000, 1296000]
__init__(mailFrom=None, parentLogger=None)
Parameters:

mailFrom (str) – address to use as sender for the expiration reminder emails

buildCondition(condDict=None, older=None, newer=None, timeStamp=None, orderAttribute=None, limit=False, greater=None, smaller=None, offset=None, useLikeQuery=False)

Build SQL condition statement from provided condDict and other extra check on a specified time stamp. The conditions dictionary specifies for each attribute one or a List of possible values greater and smaller are dictionaries in which the keys are the names of the fields, that are requested to be >= or < than the corresponding value. For compatibility with current usage it uses Exceptions to exit in case of invalid arguments For performing LIKE queries use the parameter useLikeQuery=True

completeDelegation(requestId, userDN, delegatedPem)

Complete a delegation and store it in the db

Parameters:

  • requestId (int) – id of the request

  • userDN (str) – user DN

  • delegatedPem (str) – delegated proxy as string

Returns:

S_OK()/S_ERROR()

countEntries(table, condDict, older=None, newer=None, timeStamp=None, connection=False, greater=None, smaller=None)

Count the number of entries wit the given conditions

deleteEntries(tableName, condDict=None, limit=False, conn=None, older=None, newer=None, timeStamp=None, orderAttribute=None, greater=None, smaller=None)

Delete rows from “tableName” with N records can match the condition if limit is not False, the given limit is set String type values will be appropriately escaped, they can be single values or lists of values.

deleteProxy(userDN, userGroup=None, proxyProvider=None)

Remove proxy of the given user from the repository

Parameters:

  • userDN (str) – user DN

  • userGroup (str) – DIRAC group

  • proxyProvider (str) – proxy provider name

Returns:

S_OK()/S_ERROR()

deleteRequest(requestId)

Delete a request from the db

Parameters:

requestId (int) – id of the request

Returns:

S_OK()/S_ERROR()

executeStoredProcedure(packageName, parameters, outputIds, *, conn=None)
executeStoredProcedureWithCursor(packageName, parameters, *, conn=None)
generateDelegationRequest(proxyChain, userDN)

Generate a request and store it for a given proxy Chain

Parameters:

  • proxyChain (X509Chain()) – proxy as chain

  • userDN (str) – user DN

Returns:

S_OK(dict)/S_ERROR() – dict contain id and proxy as string of the request

getCSOption(optionName, defaultValue=None)
getCounters(table, attrList, condDict, older=None, newer=None, timeStamp=None, connection=False, greater=None, smaller=None)

Count the number of records on each distinct combination of AttrList, selected with condition defined by condDict and time stamps

getDistinctAttributeValues(table, attribute, condDict=None, older=None, newer=None, timeStamp=None, connection=False, greater=None, smaller=None)

Get distinct values of a table attribute under specified conditions

getFields(tableName, outFields=None, condDict=None, limit=False, conn=None, older=None, newer=None, timeStamp=None, orderAttribute=None, greater=None, smaller=None, useLikeQuery=False)

Select “outFields” from “tableName” with condDict N records can match the condition return S_OK(tuple(Field, Value)) if outFields is None all fields in “tableName” are returned if limit is not False, the given limit is set inValues are properly escaped using the _escape_string method, they can be single values or lists of values. if useLikeQuery=True, then conDict can return matched rows if “%” is defined inside conDict.

getLogsContent(selDict, sortList, start=0, limit=0)
Function to get the contents of the logs table

parameters are a filter to the db

getProxiesContent(selDict, sortList, start=0, limit=0)

Get the contents of the db, parameters are a filter to the db

Parameters:

  • selDict (dict) – selection dict that contain fields and their posible values

  • sortList (dict) – dict with sorting fields

  • start (int) – search limit start

  • start – search limit amount

Returns:

S_OK(dict)/S_ERROR() – dict contain fields, record list, total records

getProxy(userDN, userGroup, requiredLifeTime=None)

Get proxy string from the Proxy Repository for use with userDN in the userGroup

Parameters:

  • userDN (str) – user DN

  • userGroup (str) – required DIRAC group

  • requiredLifeTime (int) – required proxy live time in a seconds

Returns:

S_OK(tuple)/S_ERROR() – tuple with proxy as chain and proxy live time in a seconds

getProxyStrength(userDN, userGroup=None, vomsAttr=None)

Load the proxy in cache corresponding to the criteria, and check its strength

Parameters:

  • userDN – DN of the user

  • userGroup – group of the user

  • vomsAttr – VOMS attr we plan to add on the proxy

getUsers(validSecondsLeft=0, userMask=None)

Get all the distinct users from the Proxy Repository. Optionally, only users with valid proxies within the given validity period expressed in seconds

Parameters:

  • validSecondsLeft (int) – validity period expressed in seconds

  • userMask (str) – user name that need to add to search filter

Returns:

S_OK(list)/S_ERROR() – list contain dicts with user name, DN, expiration time

getVOMSProxy(userDN, userGroup, requiredLifeTime=None, requestedVOMSAttr=None)

Get proxy string from the Proxy Repository for use with userDN in the userGroup

Parameters:

  • userDN (str) – user DN

  • userGroup (str) – required DIRAC group

  • requiredLifeTime (int) – required proxy live time in a seconds

  • requestedVOMSAttr (str) – VOMS attribute

Returns:

S_OK(tuple)/S_ERROR() – tuple with proxy as chain and proxy live time in a seconds

insertFields(tableName, inFields=None, inValues=None, conn=None, inDict=None)

Insert a new row in “tableName” assigning the values “inValues” to the fields “inFields”. String type values will be appropriately escaped.

logAction(action, issuerDN, issuerGroup, targetDN, targetGroup)

Add an action to the log

Parameters:

  • action (str) – proxy action

  • issuerDN (str) – user DN of issuer

  • issuerGroup (str) – DIRAC group of issuer

  • targetDN (str) – user DN of target

  • targetGroup (str) – DIRAC group of target

Returns:

S_ERROR()

purgeExpiredProxies(sendNotifications=True)

Purge expired requests from the db

Parameters:

sendNotifications (boolean) – if need to send notification

Returns:

S_OK(int)/S_ERROR() – int is number of purged expired proxies

purgeExpiredRequests()

Purge expired requests from the db

Returns:

S_OK()/S_ERROR()

purgeLogs()

Purge expired requests from the db

Returns:

S_OK()/S_ERROR()

sendExpirationNotifications()

Send notification about expiration

Returns:

S_OK(list)/S_ERROR() – tuple list of user DN, group and proxy left time

transactionCommit()
transactionRollback()
transactionStart()
updateFields(tableName, updateFields=None, updateValues=None, condDict=None, limit=False, conn=None, updateDict=None, older=None, newer=None, timeStamp=None, orderAttribute=None, greater=None, smaller=None)

Update “updateFields” from “tableName” with “updateValues”. updateDict alternative way to provide the updateFields and updateValues N records can match the condition return S_OK( number of updated rows ) if limit is not False, the given limit is set String type values will be appropriately escaped.