class DIRAC.DataManagementSystem.DB.FileCatalogComponents.SecurityPolicies.VOMSPolicy.VOMSPolicy(database=False)

Bases: DIRAC.DataManagementSystem.DB.FileCatalogComponents.SecurityManager.SecurityManagerBase

This class implements a 3-level POSIX permission, wrapping up the DIRAC group into VOMS roles


x.__init__(…) initializes x; see help(type(x)) for signature

getPathPermissions(paths, credDict)

This method is meant to disappear, hopefully soon, but as long as we have clients from versions < v6r14, we need a getPathPermissions method. Since it does not make sense with that kind of fine grain policy, we return what used to be returned…

hasAccess(opType, paths, credDict)

Checks whether a given operation on given paths is permitted

  • opType – name of the operation (the FileCatalog methods in fact…)
  • paths – list/dictionary of path on which we want to apply the operation
  • credDict – credential of the users (with at least username, group and properties)

Successful dict with True or False, and Failed dict. In fact, it is not neccesarily a boolean, rather an int (binary operation results)