VOMSSecurityManager
VOMSSecurityManager class implements access permissions based on VOMS roles
- class DIRAC.DataManagementSystem.DB.FileCatalogComponents.SecurityManager.VOMSSecurityManager.VOMSSecurityManager(database=False)
Bases:
SecurityManagerBase
This class implements a 3-level POSIX permission, wrapping up the DIRAC group into VOMS roles
- __init__(database=False)
- getPathPermissions(paths, credDict)
This method is meant to disappear, hopefully soon, but as long as we have clients from versions < v6r14, we need a getPathPermissions method. Since it does not make sense with that kind of fine grain policy, we return what used to be returned…
- hasAccess(opType, paths, credDict)
Checks whether a given operation on given paths is permitted
- Parameters:
opType – name of the operation (the FileCatalog methods in fact…)
paths – list/dictionary of path on which we want to apply the operation
credDict – credential of the users (with at least username, group and properties)
- Returns:
Successful dict with True or False, and Failed dict. In fact, it is not neccesarily a boolean, rather an int (binary operation results)
- hasAdminAccess(credDict)
- setDatabase(database)