VOMS2CSSynchronizer

VOMS2CSSyncronizer is a helper class containing the logic for synchronization of the VOMS user data with the DIRAC Registry

class DIRAC.ConfigurationSystem.Client.VOMS2CSSynchronizer.VOMS2CSSynchronizer(vo, autoModifyUsers=True, autoAddUsers=True, autoDeleteUsers=False, autoLiftSuspendedStatus=False, syncPluginName=None, compareWithIAM=False, useIAM=False, accessToken=None, forceNickname=False)

Bases: object

__init__(vo, autoModifyUsers=True, autoAddUsers=True, autoDeleteUsers=False, autoLiftSuspendedStatus=False, syncPluginName=None, compareWithIAM=False, useIAM=False, accessToken=None, forceNickname=False)

VOMS2CSSynchronizer class constructor

Parameters:
  • vo (str) – VO to be synced

  • autoModifyUsers (boolean) – flag to automatically modify user data in CS

  • autoAddUsers – flag to automatically add new users to CS

  • autoDeleteUsers – flag to automatically delete users from CS if no more in VOMS

  • autoLiftSuspendedStatus – flag to automatically remove Suspended status in CS

  • syncPluginName – name of the plugin to validate or extend users’ info

  • compareWithIAM – if true, also dump the list of users from IAM and compare

  • useIAM – if True, use Iam instead of VOMS

  • accessToken – if talking to IAM, needs a token with scim:read property

Returns:

None

compareUsers(voms_users, iam_users)
compare_entry(iam_entry, voms_entry, is_robot)

Compare a VOMS and IAM entry

getUserName(dn)

Utility to construct user name

Parameters:

dn (str) – user DN

Return str:

user name

getVOUserData(refreshFlag=False)

Get a report for users of a given VO

Parameters:

refreshFlag (bool) – flag to indicate that the configuration must be refreshed before looking up user data

Returns:

S_OK/S_ERROR, Value = user description dictionary

getVOUserReport()
Get a report string with the current status of the DIRAC Registry for the

Virtual Organization

Returns:

S_OK with the report string as Value

syncCSWithVOMS()
Performs the synchronization of the DIRAC registry with the VOMS data. The resulting

CSAPI object containing modifications is returned as part of the output dictionary. Those changes can be applied by the caller depending on the mode (dry or a real run)

Returns:

S_OK with a dictionary containing the results of the synchronization operation