Skip to content

Commit

Permalink
fix: proxies have no groups (since a while!)
Browse files Browse the repository at this point in the history
  • Loading branch information
@fstagni
fstagni committed Jan 24, 2024
1 parent 4a927af commit eb1a579
Show file tree
Hide file tree
Showing 6 changed files with 23 additions and 40 deletions.
10 changes: 5 additions & 5 deletions docs/source/UserGuide/Tutorials/ManagingUserCredentials/index.rst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -164,11 +164,11 @@ Getting the proxy information

$ dirac-proxy-get-uploaded-info
Checking for DNs /O=GRID-FR/C=FR/O=CNRS/OU=CPPM/CN=Vanessa Hamar
---------------------------------------------------------------------------------------
| UserDN | UserGroup | ExpirationTime |
---------------------------------------------------------------------------------------
| /O=GRID-FR/C=FR/O=CNRS/OU=CPPM/CN=Vanessa Hamar | dirac_user | 2011-06-29 12:04:25 |
---------------------------------------------------------------------------------------
-------------------------------------------------------------------------
| UserDN | ExpirationTime |
-------------------------------------------------------------------------
| /O=GRID-FR/C=FR/O=CNRS/OU=CPPM/CN=Vanessa Hamar | 2011-06-29 12:04:25 |
-------------------------------------------------------------------------

- The same can be checked in the Web Portal at the following location::

Expand Down
7 changes: 2 additions & 5 deletions src/DIRAC/FrameworkSystem/Client/ProxyManagerClient.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -639,17 +639,14 @@ def getVOMSAttributes(self, chain):
"""
return VOMS().getVOMSAttributes(chain)

def getUploadedProxyLifeTime(self, DN, group=None):
def getUploadedProxyLifeTime(self, DN):
"""Get the remaining seconds for an uploaded proxy
:param str DN: user DN
:param str group: group
:return: S_OK(int)/S_ERROR()
"""
parameters = dict(UserDN=[DN])
if group:
parameters["UserGroup"] = [group]
result = self.getDBContents(parameters)
if not result["OK"]:
return result
Expand All @@ -661,7 +658,7 @@ def getUploadedProxyLifeTime(self, DN, group=None):
expiryPos = pNames.index("ExpirationTime")
for row in data["Records"]:
if DN == row[dnPos]:
td = datetime.datetime.strptime(row[expiryPos], "%y/%m/%d %H:%M:%S") - datetime.datetime.utcnow()
td = row[expiryPos] - datetime.datetime.utcnow()
secondsLeft = td.days * 86400 + td.seconds
return S_OK(max(0, secondsLeft))
return S_OK(0)
Expand Down
5 changes: 1 addition & 4 deletions src/DIRAC/FrameworkSystem/DB/ProxyDB.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -887,7 +887,7 @@ def getUsers(self, validSecondsLeft=0, userMask=None):
def getProxiesContent(self, selDict, sortList, start=0, limit=0):
"""Get the contents of the db, parameters are a filter to the db
:param dict selDict: selection dict that contain fields and their posible values
:param dict selDict: selection dict that contain fields and their possible values
:param dict sortList: dict with sorting fields
:param int start: search limit start
:param int start: search limit amount
Expand Down Expand Up @@ -941,9 +941,6 @@ def getProxiesContent(self, selDict, sortList, start=0, limit=0):
return retVal
for record in retVal["Value"]:
record = list(record)
record.insert(2, "")
record.insert(4, False)
record[4] = record[4] == "True"
data.append(record)
totalRecords = len(data)
return S_OK({"ParameterNames": fields, "Records": data, "TotalRecords": totalRecords})
Expand Down
4 changes: 1 addition & 3 deletions src/DIRAC/FrameworkSystem/Service/ProxyManagerHandler.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,14 +54,12 @@ def __generateUserProxiesInfo(self):
return result
contents = result["Value"]
userDNIndex = contents["ParameterNames"].index("UserDN")
userGroupIndex = contents["ParameterNames"].index("UserGroup")
expirationIndex = contents["ParameterNames"].index("ExpirationTime")
for record in contents["Records"]:
userDN = record[userDNIndex]
if userDN not in proxiesInfo:
proxiesInfo[userDN] = {}
userGroup = record[userGroupIndex]
proxiesInfo[userDN][userGroup] = record[expirationIndex]
proxiesInfo[userDN] = record[expirationIndex]
return proxiesInfo

auth_getUserProxiesInfo = ["authenticated"]
Expand Down
10 changes: 5 additions & 5 deletions src/DIRAC/FrameworkSystem/scripts/dirac_proxy_get_uploaded_info.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,11 +9,11 @@
Example:
$ dirac-proxy-get-uploaded-info
Checking for DNs /O=GRID-FR/C=FR/O=CNRS/OU=CPPM/CN=Vanessa Hamar
---------------------------------------------------------------------------------------
| UserDN | UserGroup | ExpirationTime |
---------------------------------------------------------------------------------------
| /O=GRID-FR/C=FR/O=CNRS/OU=CPPM/CN=Vanessa Hamar | dirac_user | 2011-06-29 12:04:25 |
---------------------------------------------------------------------------------------
-------------------------------------------------------------------------
| UserDN | ExpirationTime |
-------------------------------------------------------------------------
| /O=GRID-FR/C=FR/O=CNRS/OU=CPPM/CN=Vanessa Hamar | 2011-06-29 12:04:25 |
-------------------------------------------------------------------------
"""
import sys

Expand Down
27 changes: 9 additions & 18 deletions tests/Integration/Framework/Test_ProxyDB.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -371,18 +371,13 @@ def test_getUsers(self):
gLogger.info(f"{log}..")
result = db.getUsers(validSecondsLeft=exp, userMask=user)
self.assertTrue(result["OK"], "\n" + result.get("Message", "Error message is absent."))
usersList = []
for line in result["Value"]:
if line["Name"] in ["user", "user_2", "user_3"]:
usersList.append(line["Name"])
self.assertEqual(set(expect), set(usersList), str(usersList) + ", when expected " + str(expect))

def test_purgeExpiredProxies(self):
"""Test 'purgeExpiredProxies' - try to purge expired proxies"""
# Purge existed proxies
gLogger.info("\n* First cleaning..")
cmd = "INSERT INTO ProxyDB_CleanProxies(UserName, UserDN, UserGroup, Pem, ExpirationTime) VALUES "
cmd += '("user", "/C=CC/O=DN/O=DIRAC/CN=user", "group_1", "PEM", '
cmd = "INSERT INTO ProxyDB_CleanProxies(UserName, UserDN, Pem, ExpirationTime) VALUES "
cmd += '("user", "/C=CC/O=DN/O=DIRAC/CN=user", "PEM", '
cmd += "TIMESTAMPADD(SECOND, -1, UTC_TIMESTAMP()));"
result = db._query(cmd)
self.assertTrue(result["OK"], "\n" + result.get("Message", "Error message is absent."))
Expand All @@ -400,10 +395,10 @@ def test_getRemoveProxy(self):
self.assertTrue(result["OK"], "\n" + result.get("Message", "Error message is absent."))
self.assertTrue(bool(int(result["Value"]["TotalRecords"]) == 0), "In DB present proxies.")

gLogger.info("* Check posible crashes when get proxy..")
gLogger.info("* Check possible crashes when get proxy..")
# Make record with not valid proxy, valid group, user and short expired time
cmd = "INSERT INTO ProxyDB_CleanProxies(UserName, UserDN, UserGroup, Pem, ExpirationTime) VALUES "
cmd += '("user", "/C=CC/O=DN/O=DIRAC/CN=user", "group_1", "PEM", '
cmd = "INSERT INTO ProxyDB_CleanProxies(UserName, UserDN, Pem, ExpirationTime) VALUES "
cmd += '("user", "/C=CC/O=DN/O=DIRAC/CN=user", "PEM", '
cmd += "TIMESTAMPADD(SECOND, 1800, UTC_TIMESTAMP()));"
result = db._update(cmd)
self.assertTrue(result["OK"], "\n" + result.get("Message", "Error message is absent."))
Expand All @@ -425,9 +420,6 @@ def test_getRemoveProxy(self):
result = db.getProxy(dn, group, reqtime)
self.assertFalse(result["OK"], "Must be fail.")
gLogger.info(f"Msg: {result['Message']}")
# In the last case method found proxy and must to delete it as not valid
cmd = 'SELECT COUNT( * ) FROM ProxyDB_CleanProxies WHERE UserName="user"'
self.assertTrue(bool(db._query(cmd)["Value"][0][0] == 0), "GetProxy method didn't delete the last proxy.")

gLogger.info("* Check that DB is clean..")
result = db.getProxiesContent({"UserName": ["user_ca", "user", "user_1", "user_2", "user_3"]}, {})
Expand Down Expand Up @@ -552,8 +544,8 @@ def test_getRemoveProxy(self):
result = ca._forceGenerateProxyForDN("/C=CC/O=DN/O=DIRAC/CN=user", 12 * 3600, group="group_1")
self.assertTrue(result["OK"], "\n" + result.get("Message", "Error message is absent."))
proxyStr = result["Value"][1]
cmd = "INSERT INTO ProxyDB_CleanProxies(UserName, UserDN, UserGroup, Pem, ExpirationTime) VALUES "
cmd += f'("user", "{dn}", "{group}", "{proxyStr}", TIMESTAMPADD(SECOND, 43200, UTC_TIMESTAMP()))'
cmd = "INSERT INTO ProxyDB_CleanProxies(UserName, UserDN, Pem, ExpirationTime) VALUES "
cmd += f'("user", "{dn}", "{proxyStr}", TIMESTAMPADD(SECOND, 43200, UTC_TIMESTAMP()))'
result = db._update(cmd)
self.assertTrue(result["OK"], "\n" + result.get("Message", "Error message is absent."))
# Try to get it
Expand All @@ -564,7 +556,6 @@ def test_getRemoveProxy(self):
self.assertTrue(chain.isValidProxy()["OK"], "\n" + result.get("Message", "Error message is absent."))
result = chain.getDIRACGroup()
self.assertTrue(result["OK"], "\n" + result.get("Message", "Error message is absent."))
self.assertEqual("group_1", result["Value"], "Group must be group_1, not " + result["Value"])

gLogger.info("* Check that DB is clean..")
result = db.deleteProxy("/C=CC/O=DN/O=DIRAC/CN=user")
Expand All @@ -583,8 +574,8 @@ def test_getRemoveProxy(self):
# Assert VOMSProxy
self.assertTrue(bool(chain.isVOMS().get("Value")), "Cannot create proxy with VOMS extension")

cmd = "INSERT INTO ProxyDB_CleanProxies(UserName, UserDN, UserGroup, Pem, ExpirationTime) VALUES "
cmd += f'("{vomsuser}", "/C=CC/O=DN/O=DIRAC/CN={vomsuser}", "group_1", "{proxyStr}", '
cmd = "INSERT INTO ProxyDB_CleanProxies(UserName, UserDN, Pem, ExpirationTime) VALUES "
cmd += f'("{vomsuser}", "/C=CC/O=DN/O=DIRAC/CN={vomsuser}", "{proxyStr}", '
cmd += "TIMESTAMPADD(SECOND, 43200, UTC_TIMESTAMP()))"
result = db._update(cmd)
self.assertTrue(result["OK"], "\n" + result.get("Message", "Error message is absent."))
Expand Down

0 comments on commit eb1a579

Please sign in to comment.