From 09ee64c01449e807d8cfa115af99c392cba86914 Mon Sep 17 00:00:00 2001 From: Matyas Selmeci Date: Mon, 30 Oct 2023 14:41:09 -0500 Subject: [PATCH] Generate scitokens.conf files even for public namespaces, to support public read/auth write (SOFTWARE-5727) --- src/stashcache.py | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/src/stashcache.py b/src/stashcache.py index 39467e53c8..fc97be44e6 100644 --- a/src/stashcache.py +++ b/src/stashcache.py @@ -370,8 +370,6 @@ def generate_cache_scitokens(global_data: GlobalData, fqdn: str, suppress_errors for vo_name, stashcache_obj in vos_data.stashcache_by_vo_name.items(): for namespace in stashcache_obj.namespaces.values(): # type: Namespace - if namespace.is_public(): - continue if not namespace_allows_cache_resource(namespace, cache_resource): continue if not resource_allows_namespace(cache_resource, namespace): @@ -486,8 +484,6 @@ def generate_origin_scitokens(global_data: GlobalData, fqdn: str, suppress_error for vo_name, stashcache_obj in vos_data.stashcache_by_vo_name.items(): for namespace in stashcache_obj.namespaces.values(): - if namespace.is_public(): - continue if not namespace_allows_origin_resource(namespace, origin_resource): continue if not resource_allows_namespace(origin_resource, namespace): @@ -562,7 +558,7 @@ def _namespace_dict(ns: Namespace): nsdict = { "path": ns.path, "readhttps": not ns.is_public(), - "usetokenonread": any(isinstance(a, SciTokenAuth) for a in ns.authz_list), + "usetokenonread": not ns.is_public() and any(isinstance(a, SciTokenAuth) for a in ns.authz_list), "writebackhost": ns.writeback, "dirlisthost": ns.dirlist, "caches": [],