ProxyDB

ProxyDB class is a front-end to the ProxyDB MySQL database.

Database contains the following tables:

  • ProxyDB_Requests – a delegation requests storage table for a given proxy Chain

  • ProxyDB_CleanProxies – table for storing proxies in “clean” form, ie without the presence of DIRAC and VOMS extensions.

  • ProxyDB_Proxies – obsolete table for storing proxies with already added DIRAC group extension, it is present only for backward compatibility and is used only if ProxyDB_CleanProxies does not have the required proxy.

  • ProxyDB_VOMSProxies – proxy storage table with VOMS extension already added.

  • ProxyDB_Log – table with logs.

  • ProxyDB_Tokens – token storage table for proxy requests.

  • ProxyDB_ExpNotifs – a table for accumulating proxy expiration notifications.

class DIRAC.FrameworkSystem.DB.ProxyDB.ProxyDB(useMyProxy=False)

Bases: DB

NOTIFICATION_TIMES = [2592000, 1296000]
__init__(useMyProxy=False)

c’tor

Parameters

self – self reference

buildCondition(condDict=None, older=None, newer=None, timeStamp=None, orderAttribute=None, limit=False, greater=None, smaller=None, offset=None, useLikeQuery=False)

Build SQL condition statement from provided condDict and other extra check on a specified time stamp. The conditions dictionary specifies for each attribute one or a List of possible values greater and smaller are dictionaries in which the keys are the names of the fields, that are requested to be >= or < than the corresponding value. For compatibility with current usage it uses Exceptions to exit in case of invalid arguments For performing LIKE queries use the parameter useLikeQuery=True

completeDelegation(requestId, userDN, delegatedPem)

Complete a delegation and store it in the db

Parameters

  • requestId (int) – id of the request

  • userDN (str) – user DN

  • delegatedPem (str) – delegated proxy as string

Returns

S_OK()/S_ERROR()

countEntries(table, condDict, older=None, newer=None, timeStamp=None, connection=False, greater=None, smaller=None)

Count the number of entries wit the given conditions

deleteEntries(tableName, condDict=None, limit=False, conn=None, older=None, newer=None, timeStamp=None, orderAttribute=None, greater=None, smaller=None)

Delete rows from “tableName” with N records can match the condition if limit is not False, the given limit is set String type values will be appropriately escaped, they can be single values or lists of values.

deleteProxy(userDN, userGroup=None, proxyProvider=None)

Remove proxy of the given user from the repository

Parameters

  • userDN (str) – user DN

  • userGroup (str) – DIRAC group

  • proxyProvider (str) – proxy provider name

Returns

S_OK()/S_ERROR()

deleteRequest(requestId)

Delete a request from the db

Parameters

requestId (int) – id of the request

Returns

S_OK()/S_ERROR()

executeStoredProcedure(packageName, parameters, outputIds)
executeStoredProcedureWithCursor(packageName, parameters)
generateDelegationRequest(proxyChain, userDN)

Generate a request and store it for a given proxy Chain

Parameters

  • proxyChain (X509Chain()) – proxy as chain

  • userDN (str) – user DN

Returns

S_OK(dict)/S_ERROR() – dict contain id and proxy as string of the request

generateToken(requesterDN, requesterGroup, numUses=1, lifeTime=0, retries=10)

Generate and return a token and the number of uses for the token

Parameters

  • requesterDN (str) – DN of requester

  • requesterGroup (str) – DIRAC group of requester

  • numUses (int) – number of uses

  • lifeTime (int) – proxy live time in a seconds

  • retries (int) – number of retries

Returns

S_OK(tuple)/S_ERROR() – tuple with token and number of uses

getCSOption(optionName, defaultValue=None)
getCounters(table, attrList, condDict, older=None, newer=None, timeStamp=None, connection=False, greater=None, smaller=None)

Count the number of records on each distinct combination of AttrList, selected with condition defined by condDict and time stamps

getCredentialsAboutToExpire(requiredSecondsLeft, onlyPersistent=True)

Get credentials about to expire for MyProxy

Parameters

  • requiredSecondsLeft (int) – required seconds left

  • onlyPersistent (boolean) – look records only with persistent flag

Returns

S_OK()/S_ERROR()

getDistinctAttributeValues(table, attribute, condDict=None, older=None, newer=None, timeStamp=None, connection=False, greater=None, smaller=None)

Get distinct values of a table attribute under specified conditions

getFields(tableName, outFields=None, condDict=None, limit=False, conn=None, older=None, newer=None, timeStamp=None, orderAttribute=None, greater=None, smaller=None, useLikeQuery=False)

Select “outFields” from “tableName” with condDict N records can match the condition return S_OK(tuple(Field, Value)) if outFields is None all fields in “tableName” are returned if limit is not False, the given limit is set inValues are properly escaped using the _escape_string method, they can be single values or lists of values. if useLikeQuery=True, then conDict can return matched rows if “%” is defined inside conDict.

getFromAddr()

Get the From address to use in proxy expiry e-mails.

Returns

str

getLogsContent(selDict, sortList, start=0, limit=0)
Function to get the contents of the logs table

parameters are a filter to the db

getMyProxyMaxLifeTime()

Get a maximum of the proxy lifetime delegated by MyProxy

Returns

int – time in a seconds

getMyProxyServer()

Get MyProxy server from configuration

Returns

str

getProxiesContent(selDict, sortList, start=0, limit=0)

Get the contents of the db, parameters are a filter to the db

Parameters

  • selDict (dict) – selection dict that contain fields and their posible values

  • sortList (dict) – dict with sorting fields

  • start (int) – search limit start

  • start – search limit amount

Returns

S_OK(dict)/S_ERROR() – dict contain fields, record list, total records

getProxy(userDN, userGroup, requiredLifeTime=None)

Get proxy string from the Proxy Repository for use with userDN in the userGroup

Parameters

  • userDN (str) – user DN

  • userGroup (str) – required DIRAC group

  • requiredLifeTime (int) – required proxy live time in a seconds

Returns

S_OK(tuple)/S_ERROR() – tuple with proxy as chain and proxy live time in a seconds

getUsers(validSecondsLeft=0, userMask=None)

Get all the distinct users from the Proxy Repository. Optionally, only users with valid proxies within the given validity period expressed in seconds

Parameters

  • validSecondsLeft (int) – validity period expressed in seconds

  • userMask (str) – user name that need to add to search filter

Returns

S_OK(list)/S_ERROR() – list contain dicts with user name, DN, group expiration time, persistent flag

getVOMSProxy(userDN, userGroup, requiredLifeTime=None, requestedVOMSAttr=None)

Get proxy string from the Proxy Repository for use with userDN in the userGroup

Parameters

  • userDN (str) – user DN

  • userGroup (str) – required DIRAC group

  • requiredLifeTime (int) – required proxy live time in a seconds

  • requestedVOMSAttr (str) – VOMS attribute

Returns

S_OK(tuple)/S_ERROR() – tuple with proxy as chain and proxy live time in a seconds

insertFields(tableName, inFields=None, inValues=None, conn=None, inDict=None)

Insert a new row in “tableName” assigning the values “inValues” to the fields “inFields”. String type values will be appropriately escaped.

logAction(action, issuerDN, issuerGroup, targetDN, targetGroup)

Add an action to the log

Parameters

  • action (str) – proxy action

  • issuerDN (str) – user DN of issuer

  • issuerGroup (str) – DIRAC group of issuer

  • targetDN (str) – user DN of target

  • targetGroup (str) – DIRAC group of target

Returns

S_ERROR()

purgeExpiredProxies(sendNotifications=True)

Purge expired requests from the db

Parameters

sendNotifications (boolean) – if need to send notification

Returns

S_OK(int)/S_ERROR() – int is number of purged expired proxies

purgeExpiredRequests()

Purge expired requests from the db

Returns

S_OK()/S_ERROR()

purgeExpiredTokens()

Purge expired tokens from the db

Returns

S_OK(boolean)/S_ERROR()

purgeLogs()

Purge expired requests from the db

Returns

S_OK()/S_ERROR()

renewFromMyProxy(userDN, userGroup, lifeTime=None, chain=None)

Renew proxy from MyProxy

Parameters

  • userDN (str) – user DN

  • userGroup (str) – user group

  • lifeTime (int) – needed proxy live time in a seconds

  • chain (X509Chain) – proxy as chain

Returns

S_OK(X509Chain/S_ERROR()

sendExpirationNotifications()

Send notification about expiration

Returns

S_OK(list)/S_ERROR() – tuple list of user DN, group and proxy left time

setPersistencyFlag(userDN, userGroup, persistent=True)

Set the proxy PersistentFlag to the flag value

Parameters

  • userDN (str) – user DN

  • userGroup (str) – group name

  • persistent (boolean) – enable persistent flag

Returns

S_OK()/S_ERROR()

transactionCommit()
transactionRollback()
transactionStart()
updateFields(tableName, updateFields=None, updateValues=None, condDict=None, limit=False, conn=None, updateDict=None, older=None, newer=None, timeStamp=None, orderAttribute=None, greater=None, smaller=None)

Update “updateFields” from “tableName” with “updateValues”. updateDict alternative way to provide the updateFields and updateValues N records can match the condition return S_OK( number of updated rows ) if limit is not False, the given limit is set String type values will be appropriately escaped.

useToken(token, requesterDN, requesterGroup)

Uses of token count

Parameters

  • token (str) – token

  • requesterDN (str) – DN of requester

  • requesterGroup (str) – DIRAC group of requester

Returns

S_OK(boolean)/S_ERROR()