ProxyDB

ProxyRepository class is a front-end to the proxy repository Database

class DIRAC.FrameworkSystem.DB.ProxyDB.ProxyDB(useMyProxy=False)

Bases: DIRAC.Core.Base.DB.DB

class ConnectionPool(host, user, passwd, port=3306, graceTime=600)

Bases: object

Management of connections per thread

__init__(host, user, passwd, port=3306, graceTime=600)

x.__init__(…) initializes x; see help(type(x)) for signature

clean(now=False)
get(dbName, retries=10)
transactionCommit(dbName)
transactionRollback(dbName)
transactionStart(dbName)
NOTIFICATION_TIMES = [2592000, 1296000]
__init__(useMyProxy=False)

set MySQL connection parameters and try to connect

Parameters:debug – unused
buildCondition(condDict=None, older=None, newer=None, timeStamp=None, orderAttribute=None, limit=False, greater=None, smaller=None, offset=None)

Build SQL condition statement from provided condDict and other extra check on a specified time stamp. The conditions dictionary specifies for each attribute one or a List of possible values greater and smaller are dictionaries in which the keys are the names of the fields, that are requested to be >= or < than the corresponding value. For compatibility with current usage it uses Exceptions to exit in case of invalid arguments

completeDelegation(requestId, userDN, delegatedPem)

Complete a delegation and store it in the db

Parameters:
  • requestId (int) – id of the request
  • userDN (basestring) – user DN
  • delegatedPem (basestring) – delegated proxy as string
Returns:

S_OK()/S_ERROR()

countEntries(table, condDict, older=None, newer=None, timeStamp=None, connection=False, greater=None, smaller=None)

Count the number of entries wit the given conditions

deleteEntries(tableName, condDict=None, limit=False, conn=None, older=None, newer=None, timeStamp=None, orderAttribute=None, greater=None, smaller=None)

Delete rows from “tableName” with N records can match the condition if limit is not False, the given limit is set String type values will be appropriately escaped, they can be single values or lists of values.

deleteProxy(userDN, userGroup=None, proxyProvider=None)

Remove proxy of the given user from the repository

Parameters:
  • userDN (basestring) – user DN
  • userGroup (basestring) – DIRAC group
  • proxyProvider (basestring) – proxy provider name
Returns:

S_OK()/S_ERROR()

deleteRequest(requestId)

Delete a request from the db

Parameters:requestId (int) – id of the request
Returns:S_OK()/S_ERROR()
executeStoredProcedure(packageName, parameters, outputIds)
executeStoredProcedureWithCursor(packageName, parameters)
generateDelegationRequest(proxyChain, userDN)

Generate a request and store it for a given proxy Chain

Parameters:
  • proxyChain (X509Chain()) – proxy as chain
  • userDN (basestring) – user DN
Returns:

S_OK(dict)/S_ERROR() – dict contain id and proxy as string of the request

generateToken(requesterDN, requesterGroup, numUses=1, lifeTime=0, retries=10)

Generate and return a token and the number of uses for the token

Parameters:
  • requesterDN (basestring) – DN of requester
  • requesterGroup (basestring) – DIRAC group of requester
  • numUses (int) – number of uses
  • lifeTime (int) – proxy live time in a seconds
  • retries (int) – number of retries
Returns:

S_OK(tuple)/S_ERROR() – tuple with token and number of uses

getCSOption(optionName, defaultValue=None)
getCounters(table, attrList, condDict, older=None, newer=None, timeStamp=None, connection=False, greater=None, smaller=None)

Count the number of records on each distinct combination of AttrList, selected with condition defined by condDict and time stamps

getCredentialsAboutToExpire(requiredSecondsLeft, onlyPersistent=True)

Get credentials about to expire for MyProxy

Parameters:
  • requiredSecondsLeft (int) – required seconds left
  • onlyPersistent (boolean) – look records only with persistent flag
Returns:

S_OK()/S_ERROR()

getDistinctAttributeValues(table, attribute, condDict=None, older=None, newer=None, timeStamp=None, connection=False, greater=None, smaller=None)

Get distinct values of a table attribute under specified conditions

getFields(tableName, outFields=None, condDict=None, limit=False, conn=None, older=None, newer=None, timeStamp=None, orderAttribute=None, greater=None, smaller=None)

Select “outFields” from “tableName” with condDict N records can match the condition return S_OK( tuple(Field,Value) ) if outFields is None all fields in “tableName” are returned if limit is not False, the given limit is set inValues are properly escaped using the _escape_string method, they can be single values or lists of values.

getFromAddr()

Get the From address to use in proxy expiry e-mails.

Returns:basestring
getLogsContent(selDict, sortList, start=0, limit=0)
Function to get the contents of the logs table
parameters are a filter to the db
getMyProxyMaxLifeTime()

Get a maximum of the proxy lifetime delegated by MyProxy

Returns:int – time in a seconds
getMyProxyServer()

Get MyProxy server from configuration

Returns:basestring
getProxiesContent(selDict, sortList, start=0, limit=0)

Get the contents of the db, parameters are a filter to the db

Parameters:
  • selDict (dict) – selection dict that contain fields and their posible values
  • sortList (dict) – dict with sorting fields
  • start (int,long) – search limit start
  • start – search limit amount
Returns:

S_OK(dict)/S_ERROR() – dict contain fields, record list, total records

getProxy(userDN, userGroup, requiredLifeTime=None)

Get proxy string from the Proxy Repository for use with userDN in the userGroup

Parameters:
  • userDN (basestring) – user DN
  • userGroup (basestring) – required DIRAC group
  • requiredLifeTime (int) – required proxy live time in a seconds
Returns:

S_OK(tuple)/S_ERROR() – tuple with proxy as chain and proxy live time in a seconds

getUsers(validSecondsLeft=0, userMask=None)

Get all the distinct users from the Proxy Repository. Optionally, only users with valid proxies within the given validity period expressed in seconds

Parameters:
  • validSecondsLeft (int) – validity period expressed in seconds
  • userMask (basestring) – user name that need to add to search filter
Returns:

S_OK(list)/S_ERROR() – list contain dicts with user name, DN, group expiration time, persistent flag

getVOMSProxy(userDN, userGroup, requiredLifeTime=None, requestedVOMSAttr=None)

Get proxy string from the Proxy Repository for use with userDN in the userGroup

Parameters:
  • userDN (basestring) – user DN
  • userGroup (basestring) – required DIRAC group
  • requiredLifeTime (int) – required proxy live time in a seconds
  • requestedVOMSAttr (basestring) – VOMS attribute
Returns:

S_OK(tuple)/S_ERROR() – tuple with proxy as chain and proxy live time in a seconds

insertFields(tableName, inFields=None, inValues=None, conn=None, inDict=None)

Insert a new row in “tableName” assigning the values “inValues” to the fields “inFields”. String type values will be appropriately escaped.

logAction(action, issuerDN, issuerGroup, targetDN, targetGroup)

Add an action to the log

Parameters:
  • action (basestring) – proxy action
  • issuerDN (basestring) – user DN of issuer
  • issuerGroup (basestring) – DIRAC group of issuer
  • targetDN (basestring) – user DN of target
  • targetGroup (basestring) – DIRAC group of target
Returns:

S_ERROR()

purgeExpiredProxies(sendNotifications=True)

Purge expired requests from the db

Parameters:sendNotifications (boolean) – if need to send notification
Returns:S_OK(int)/S_ERROR() – int is number of purged expired proxies
purgeExpiredRequests()

Purge expired requests from the db

Returns:S_OK()/S_ERROR()
purgeExpiredTokens()

Purge expired tokens from the db

Returns:S_OK(boolean)/S_ERROR()
purgeLogs()

Purge expired requests from the db

Returns:S_OK()/S_ERROR()
renewFromMyProxy(userDN, userGroup, lifeTime=None, chain=None)

Renew proxy from MyProxy

Parameters:
  • userDN (basestring) – user DN
  • userGroup (basestring) – user group
  • lifeTime (int) – needed proxy live time in a seconds
  • chain (X509Chain) – proxy as chain
Returns:

S_OK(X509Chain/S_ERROR()

sendExpirationNotifications()

Send notification about expiration

Returns:S_OK(list)/S_ERROR() – tuple list of user DN, group and proxy left time
setPersistencyFlag(userDN, userGroup, persistent=True)

Set the proxy PersistentFlag to the flag value

Parameters:
  • userDN (basestring) – user DN
  • userGroup (basestring) – group name
  • persistent (boolean) – enable persistent flag
Returns:

S_OK()/S_ERROR()

transactionCommit()
transactionRollback()
transactionStart()
updateFields(tableName, updateFields=None, updateValues=None, condDict=None, limit=False, conn=None, updateDict=None, older=None, newer=None, timeStamp=None, orderAttribute=None, greater=None, smaller=None)

Update “updateFields” from “tableName” with “updateValues”. updateDict alternative way to provide the updateFields and updateValues N records can match the condition return S_OK( number of updated rows ) if limit is not False, the given limit is set String type values will be appropriately escaped.

useToken(token, requesterDN, requesterGroup)

Uses of token count

Parameters:
  • token (basestring) – token
  • requesterDN (basestring) – DN of requester
  • requesterGroup (basestring) – DIRAC group of requester
Returns:

S_OK(boolean)/S_ERROR()