From 17b504baf31c5cd9bad39d95d63a9f876d158cc3 Mon Sep 17 00:00:00 2001 From: fstagni Date: Wed, 24 Jan 2024 13:58:02 +0100 Subject: [PATCH] feat: add VO to sb_Owners table --- .../DB/SandboxMetadataDB.py | 18 +++++++++++------- .../Service/SandboxStoreHandler.py | 7 ++++--- .../Test_SandboxMetadataDB.py | 5 +++-- 3 files changed, 18 insertions(+), 12 deletions(-) diff --git a/src/DIRAC/WorkloadManagementSystem/DB/SandboxMetadataDB.py b/src/DIRAC/WorkloadManagementSystem/DB/SandboxMetadataDB.py index cdd778a2f80..902f1491ecd 100644 --- a/src/DIRAC/WorkloadManagementSystem/DB/SandboxMetadataDB.py +++ b/src/DIRAC/WorkloadManagementSystem/DB/SandboxMetadataDB.py @@ -33,6 +33,7 @@ def __initializeDB(self): "OwnerId": "INTEGER(10) UNSIGNED AUTO_INCREMENT NOT NULL", "Owner": "VARCHAR(32) NOT NULL", "OwnerGroup": "VARCHAR(32) NOT NULL", + "VO": "VARCHAR(64) NOT NULL", }, "PrimaryKey": "OwnerId", } @@ -71,13 +72,14 @@ def __initializeDB(self): return self._createTables(tablesToCreate) - def __registerAndGetOwnerId(self, owner, ownerGroup): + def __registerAndGetOwnerId(self, owner, ownerGroup, VO): """ Get the owner ID and register it if it's not there """ ownerEscaped = self._escapeString(owner)["Value"] ownerGroupEscaped = self._escapeString(ownerGroup)["Value"] - sqlCmd = f"SELECT OwnerId FROM `sb_Owners` WHERE Owner = {ownerEscaped} AND OwnerGroup = {ownerGroupEscaped}" + VOEscaped = self._escapeString(VO)["Value"] + sqlCmd = f"SELECT OwnerId FROM `sb_Owners` WHERE Owner = {ownerEscaped} AND OwnerGroup = {ownerGroupEscaped} AND VO = {VOEscaped}" result = self._query(sqlCmd) if not result["OK"]: return result @@ -86,7 +88,7 @@ def __registerAndGetOwnerId(self, owner, ownerGroup): return S_OK(data[0][0]) # Its not there, insert it sqlCmd = ( - f"INSERT INTO `sb_Owners` ( OwnerId, Owner, OwnerGroup ) VALUES ( 0, {ownerEscaped}, {ownerGroupEscaped} )" + f"INSERT INTO `sb_Owners` ( OwnerId, Owner, OwnerGroup, VO ) VALUES ( 0, {ownerEscaped}, {ownerGroupEscaped}, {VOEscaped} )" ) result = self._update(sqlCmd) if not result["OK"]: @@ -103,7 +105,7 @@ def registerAndGetSandbox(self, owner, ownerGroup, sbSE, sbPFN, size=0): Register a new sandbox in the metadata catalog Returns ( sbid, newSandbox ) """ - result = self.__registerAndGetOwnerId(owner, ownerGroup) + result = self.__registerAndGetOwnerId(owner, ownerGroup, VO) if not result["OK"]: return result ownerId = result["Value"] @@ -275,7 +277,7 @@ def unassignEntities(self, entities, requesterName, requesterGroup): updated += 1 return S_OK(updated) - def getSandboxesAssignedToEntity(self, entityId, requesterName, requesterGroup): + def getSandboxesAssignedToEntity(self, entityId, requesterName, requesterGroup, requestedVO): """ Get the sandboxes and the type of assignation to the jobId """ @@ -292,11 +294,13 @@ def getSandboxesAssignedToEntity(self, entityId, requesterName, requesterGroup): sqlTables.append("`sb_Owners` o") sqlCond.append(f"o.OwnerGroup='{requesterGroup}'") sqlCond.append("s.OwnerId=o.OwnerId") + sqlCond.append(f"o.VO='{requestedVO}'") elif Properties.NORMAL_USER in requesterProps: sqlTables.append("`sb_Owners` o") sqlCond.append(f"o.OwnerGroup='{requesterGroup}'") sqlCond.append(f"o.Owner='{requesterName}'") sqlCond.append("s.OwnerId=o.OwnerId") + sqlCond.append(f"o.VO='{requestedVO}'") else: return S_ERROR("Not authorized to access sandbox") sqlCmd = "SELECT DISTINCT s.SEName, s.SEPFN, e.Type FROM {} WHERE {}".format( @@ -378,13 +382,13 @@ def getSandboxOwner(self, SEName, SEPFN, requesterDN, requesterGroup): :param requesterDN: host DN used as credentials :param requesterGroup: group used to use as credentials (should be 'hosts') - :returns: S_OK with tuple (owner, ownerGroup) + :returns: S_OK with tuple (owner, ownerGroup, VO) """ res = self.getSandboxId(SEName, SEPFN, None, requesterGroup, "OwnerId", requesterDN=requesterDN) if not res["OK"]: return res - sqlCmd = "SELECT `Owner`, `OwnerGroup` FROM `sb_Owners` WHERE `OwnerId` = %d" % res["Value"] + sqlCmd = "SELECT `Owner`, `OwnerGroup`, `VO` FROM `sb_Owners` WHERE `OwnerId` = %d" % res["Value"] res = self._query(sqlCmd) if not res["OK"]: return res diff --git a/src/DIRAC/WorkloadManagementSystem/Service/SandboxStoreHandler.py b/src/DIRAC/WorkloadManagementSystem/Service/SandboxStoreHandler.py index 64fcc985cad..d55d67778f9 100755 --- a/src/DIRAC/WorkloadManagementSystem/Service/SandboxStoreHandler.py +++ b/src/DIRAC/WorkloadManagementSystem/Service/SandboxStoreHandler.py @@ -231,6 +231,7 @@ def _getFromClient(self, fileId, token, fileSize, fileHelper=None, data=""): result = self.sandboxDB.registerAndGetSandbox( credDict["username"], credDict["group"], + credDict["VO"] self.__seNameToUse, sbPath, fSize, @@ -278,7 +279,7 @@ def transfer_bulkFromClient(self, fileId, token, _fileSize, fileHelper): return S_OK(f"SB:{seName}|{sePFN}") result = self.sandboxDB.registerAndGetSandbox( - credDict["username"], credDict["group"], seName, sePFN, fileHelper.getTransferedBytes() + credDict["username"], credDict["group"], credDict["VO"], seName, sePFN, fileHelper.getTransferedBytes() ) if not result["OK"]: self.__secureUnlinkFile(tmpFilePath) @@ -441,7 +442,7 @@ def export_getSandboxesAssignedToEntity(self, entityId): Get the sandboxes associated to a job and the association type """ credDict = self.getRemoteCredentials() - result = self.sandboxDB.getSandboxesAssignedToEntity(entityId, credDict["username"], credDict["group"]) + result = self.sandboxDB.getSandboxesAssignedToEntity(entityId, credDict["username"], credDict["group"], credDict["VO"]) if not result["OK"]: return result sbDict = {} @@ -616,7 +617,7 @@ def __deleteSandboxFromExternalBackend(self, SEName, SEPFN): result = self.sandboxDB.getSandboxOwner(SEName, SEPFN, hostDN, "hosts") if not result["OK"]: return result - owner, _ownerDN, ownerGroup = result["Value"] + owner, ownerGroup, _VO = result["Value"] request = Request() request.RequestName = f"RemoteSBDeletion:{SEName}|{SEPFN}:{time.time()}" diff --git a/tests/Integration/WorkloadManagementSystem/Test_SandboxMetadataDB.py b/tests/Integration/WorkloadManagementSystem/Test_SandboxMetadataDB.py index a06dc352cd5..a37fdd18381 100644 --- a/tests/Integration/WorkloadManagementSystem/Test_SandboxMetadataDB.py +++ b/tests/Integration/WorkloadManagementSystem/Test_SandboxMetadataDB.py @@ -17,11 +17,12 @@ def test_SandboxMetadataDB(): owner = "adminusername" ownerDN = "/C=ch/O=DIRAC/OU=DIRAC CI/CN=ciuser" ownerGroup = "dirac_admin" + VO = "vo" sbSE = "ProductionSandboxSE" sbPFN = "/sb/pfn/1.tar.bz2" - res = smDB.registerAndGetSandbox(owner, ownerGroup, sbSE, sbPFN, 123) + res = smDB.registerAndGetSandbox(owner, ownerGroup, VO, sbSE, sbPFN, 123) assert res["OK"], res["Message"] sbId, newSandbox = res["Value"] print(f"sbId:{sbId}") @@ -34,7 +35,7 @@ def test_SandboxMetadataDB(): res = smDB.getSandboxOwner(sbSE, sbPFN, ownerDN, ownerGroup) assert res["OK"], res["Message"] - assert res["Value"] == (owner, ownerGroup) + assert res["Value"] == (owner, ownerGroup, VO) res = smDB.getSandboxId(sbSE, sbPFN, owner, ownerGroup) assert res["OK"], res["Message"]