DIRAC 9.0.0a60__py3-none-any.whl → 9.0.0a62__py3-none-any.whl

DIRAC/AccountingSystem/Client/AccountingCLI.py

@@ -57,99 +57,6 @@ class AccountingCLI(CLI):
         traceback.print_tb(sys.exc_info()[2])
         print("________________________\n")
 
-    def do_registerType(self, args):
-        """
-        Registers a new accounting type
-          Usage : registerType <typeName>
-          <DIRACRoot>/DIRAC/AccountingSystem/Client/Types/<typeName>
-           should exist and inherit the base type
-        """
-        try:
-            argList = args.split()
-            if argList:
-                typeName = argList[0].strip()
-            else:
-                gLogger.error("No type name specified")
-                return
-            # Try to import the type
-            result = self.objectLoader.loadObject(f"DIRAC.AccountingSystem.Client.Types.{typeName}")
-            if not result["OK"]:
-                return result
-            typeClass = result["Value"]
-
-            gLogger.info(f"Loaded type {typeClass.__name__}")
-            typeDef = typeClass().getDefinition()
-            acClient = DataStoreClient()
-            retVal = acClient.registerType(*typeDef)
-            if retVal["OK"]:
-                gLogger.info("Type registered successfully")
-            else:
-                gLogger.error(f"Error: {retVal['Message']}")
-        except Exception:
-            self.showTraceback()
-
-    def do_resetBucketLength(self, args):
-        """
-        Set the bucket Length. Will trigger a recalculation of buckets. Can take a while.
-          Usage : resetBucketLength <typeName>
-          <DIRACRoot>/DIRAC/AccountingSystem/Client/Types/<typeName>
-           should exist and inherit the base type
-        """
-        try:
-            argList = args.split()
-            if argList:
-                typeName = argList[0].strip()
-            else:
-                gLogger.error("No type name specified")
-                return
-
-            # Try to import the type
-            result = self.objectLoader.loadObject(f"DIRAC.AccountingSystem.Client.Types.{typeName}")
-            if not result["OK"]:
-                return result
-            typeClass = result["Value"]
-            gLogger.info(f"Loaded type {typeClass.__name__}")
-            typeDef = typeClass().getDefinition()
-            acClient = DataStoreClient()
-            retVal = acClient.setBucketsLength(typeDef[0], typeDef[3])
-            if retVal["OK"]:
-                gLogger.info("Type registered successfully")
-            else:
-                gLogger.error(f"Error: {retVal['Message']}")
-        except Exception:
-            self.showTraceback()
-
-    def do_regenerateBuckets(self, args):
-        """
-        Regenerate buckets for type. Can take a while.
-          Usage : regenerateBuckets <typeName>
-          <DIRACRoot>/DIRAC/AccountingSystem/Client/Types/<typeName>
-           should exist and inherit the base type
-        """
-        try:
-            argList = args.split()
-            if argList:
-                typeName = argList[0].strip()
-            else:
-                gLogger.error("No type name specified")
-                return
-
-            # Try to import the type
-            result = self.objectLoader.loadObject(f"DIRAC.AccountingSystem.Client.Types.{typeName}")
-            if not result["OK"]:
-                return result
-            typeClass = result["Value"]
-            gLogger.info(f"Loaded type {typeClass.__name__}")
-            typeDef = typeClass().getDefinition()
-            acClient = DataStoreClient()
-            retVal = acClient.regenerateBuckets(typeDef[0])
-            if retVal["OK"]:
-                gLogger.info("Buckets recalculated!")
-            else:
-                gLogger.error(f"Error: {retVal['Message']}")
-        except Exception:
-            self.showTraceback()
-
     def do_showRegisteredTypes(self, args):
         """
         Get a list of registered types
@@ -170,50 +77,3 @@ class AccountingCLI(CLI):
                 print(" Value fields:\n  %s" % "\n  ".join(typeList[2]))
         except Exception:
             self.showTraceback()
-
-    def do_deleteType(self, args):
-        """
-        Delete a registered accounting type.
-          Usage : deleteType <typeName>
-          WARN! It will delete all data associated to that type! VERY DANGEROUS!
-          If you screw it, you'll discover a new dimension of pain and doom! :)
-        """
-        try:
-            argList = args.split()
-            if argList:
-                typeName = argList[0].strip()
-            else:
-                gLogger.error("No type name specified")
-                return
-
-            choice = input(
-                f"Are you completely sure you want to delete type {typeName} and all it's data? yes/no [no]: "
-            )
-            choice = choice.lower()
-            if choice not in ("yes", "y"):
-                print("Delete aborted")
-                return
-
-            acClient = DataStoreClient()
-            retVal = acClient.deleteType(typeName)
-            if not retVal["OK"]:
-                gLogger.error(f"Error: {retVal['Message']}")
-                return
-            print("Hope you meant it, because it's done")
-        except Exception:
-            self.showTraceback()
-
-    def do_compactBuckets(self, args):
-        """
-        Compact buckets table
-          Usage : compactBuckets
-        """
-        try:
-            acClient = DataStoreClient()
-            retVal = acClient.compactDB()
-            if not retVal["OK"]:
-                gLogger.error(f"Error: {retVal['Message']}")
-                return
-            gLogger.info("Done")
-        except Exception:
-            self.showTraceback()

DIRAC/AccountingSystem/Client/DataStoreClient.py

@@ -122,19 +122,6 @@ class DataStoreClient(Client):
 
         return S_OK()
 
-    def remove(self, register):
-        """
-        Remove a Register from the Accounting DataStore
-        """
-        if not self.__checkBaseType(register.__class__):
-            return S_ERROR("register is not a valid type (has to inherit from BaseAccountingType")
-        retVal = register.checkValues()
-        if not retVal["OK"]:
-            return retVal
-        if gConfig.getValue("/LocalSite/DisableAccounting", False):
-            return S_OK()
-        return self._getRPC().remove(*register.getValues())
-
 
 def _sendToFailover(rpcStub):
     """Create a ForwardDISET operation for failover"""

DIRAC/AccountingSystem/Client/Types/BaseAccountingType.py

@@ -161,13 +161,6 @@ class BaseAccountingType:
                 cD[self.fieldsList[iPos]] = self.valuesList[iPos]
         return cD
 
-    def registerToServer(self):
-        """
-        Register type in server
-        """
-        rpcClient = Client(url="Accounting/DataStore")
-        return rpcClient.registerType(*self.getDefinition())
-
     def commit(self):
         """
         Commit register to server

DIRAC/AccountingSystem/ConfigTemplate.cfg

@@ -9,11 +9,6 @@ Services
     Authorization
     {
       Default = authenticated
-      compactDB = ServiceAdministrator
-      deleteType = ServiceAdministrator
-      registerType = ServiceAdministrator
-      setBucketsLength = ServiceAdministrator
-      regenerateBuckets = ServiceAdministrator
     }
   }
   ##END

DIRAC/AccountingSystem/Service/DataStoreHandler.py

@@ -14,7 +14,6 @@ import datetime
 from DIRAC import S_ERROR, S_OK
 from DIRAC.AccountingSystem.DB.MultiAccountingDB import MultiAccountingDB
 from DIRAC.ConfigurationSystem.Client import PathFinder
-from DIRAC.Core.Base.Client import Client
 from DIRAC.Core.DISET.RequestHandler import RequestHandler, getServiceOption
 from DIRAC.Core.Utilities import TimeUtilities
 from DIRAC.Core.Utilities.ThreadScheduler import gThreadScheduler
@@ -39,30 +38,6 @@ class DataStoreHandler(RequestHandler):
             gThreadScheduler.addPeriodicTask(60, cls.__acDB.loadPendingRecords)
         return S_OK()
 
-    types_registerType = [str, list, list, list]
-
-    def export_registerType(self, typeName, definitionKeyFields, definitionAccountingFields, bucketsLength):
-        """
-        Register a new type. (Only for all powerful admins)
-        """
-        return self.__acDB.registerType(typeName, definitionKeyFields, definitionAccountingFields, bucketsLength)
-
-    types_setBucketsLength = [str, list]
-
-    def export_setBucketsLength(self, typeName, bucketsLength):
-        """
-        Change the buckets Length. (Only for all powerful admins)
-        """
-        return self.__acDB.changeBucketsLength(typeName, bucketsLength)
-
-    types_regenerateBuckets = [str]
-
-    def export_regenerateBuckets(self, typeName):
-        """
-        Recalculate buckets. (Only for all powerful admins)
-        """
-        return self.__acDB.regenerateBuckets(typeName)
-
     types_getRegisteredTypes = []
 
     def export_getRegisteredTypes(self):
@@ -106,51 +81,4 @@ class DataStoreHandler(RequestHandler):
             records.append((entry[0], startTime, endTime, entry[3]))
         return self.__acDB.insertRecordBundleThroughQueue(records)
 
-    types_compactDB = []
-
-    def export_compactDB(self):
-        """
-        Compact the db by grouping buckets
-        """
-        # if we are running workers (not only one service) we can redirect the request to the master
-        # For more information please read the Administrative guide Accounting part!
-        # ADVICE: If you want to trigger the bucketing, please make sure the bucketing is not running!!!!
-        if self.runBucketing:
-            return self.__acDB.compactBuckets()
-
-        return Client(url="Accounting/DataStoreMaster").compactDB()
-
     types_remove = [str, datetime.datetime, datetime.datetime, list]
-
-    def export_remove(self, typeName, startTime, endTime, valuesList):
-        """
-        Remove a record for a type
-        """
-        startTime = int(TimeUtilities.toEpoch(startTime))
-        endTime = int(TimeUtilities.toEpoch(endTime))
-        return self.__acDB.deleteRecord(typeName, startTime, endTime, valuesList)
-
-    types_removeRegisters = [list]
-
-    def export_removeRegisters(self, entriesList):
-        """
-        Remove a record for a type
-        """
-        expectedTypes = [str, datetime.datetime, datetime.datetime, list]
-        for entry in entriesList:
-            if len(entry) != 4:
-                return S_ERROR("Invalid records")
-            for i, en in enumerate(entry):
-                if not isinstance(en, expectedTypes[i]):
-                    return S_ERROR(f"{i} field in the records should be {expectedTypes[i]}")
-        ok = 0
-        for entry in entriesList:
-            startTime = int(TimeUtilities.toEpoch(entry[1]))
-            endTime = int(TimeUtilities.toEpoch(entry[2]))
-            record = entry[3]
-            result = self.__acDB.deleteRecord(entry[0], startTime, endTime, record)
-            if not result["OK"]:
-                return S_OK(ok)
-            ok += 1
-
-        return S_OK(ok)

DIRAC/ConfigurationSystem/Client/Helpers/Registry.py

@@ -1,24 +1,53 @@
-""" Helper for /Registry section
-"""
+"""Helper for /Registry section"""
 
 import errno
+import inspect
+import sys
 
 from threading import Lock
+from collections.abc import Iterable
 
 from cachetools import TTLCache, cached
+from cachetools.keys import hashkey
 
 
+from typing import Optional
+from collections.abc import Iterable
+
 from DIRAC import S_OK, S_ERROR
 from DIRAC.ConfigurationSystem.Client.Config import gConfig
 from DIRAC.ConfigurationSystem.Client.Helpers.CSGlobals import getVO
 
 ID_DN_PREFIX = "/O=DIRAC/CN="
 
+# 300 is the default CS refresh time
+
+CACHE_REFRESH_TIME = 300
 # pylint: disable=missing-docstring
 
 gBaseRegistrySection = "/Registry"
 
 
+def reset_all_caches():
+    """This method is called to clear all caches.
+    It is necessary to reinitialize them after the central CS
+    has been loaded
+    """
+    for cache in [
+        obj
+        for name, obj in inspect.getmembers(sys.modules[__name__])
+        if (inspect.isfunction(obj) and hasattr(obj, "cache_clear"))
+    ]:
+        cache.cache_clear()
+
+
+def get_username_for_dn_key(dn: str, userList: Optional[Iterable[str]] = None):
+    if userList:
+        return hashkey(dn, *sorted(userList))
+    return hashkey(dn)
+
+
+@cached(TTLCache(maxsize=1000, ttl=CACHE_REFRESH_TIME), lock=Lock(), key=get_username_for_dn_key)
 def getUsernameForDN(dn, usersList=None):
     """Find DIRAC user for DN
 
@@ -39,6 +68,7 @@ def getUsernameForDN(dn, usersList=None):
     return S_ERROR(f"No username found for dn {dn}")
 
 
+@cached(TTLCache(maxsize=1000, ttl=CACHE_REFRESH_TIME), lock=Lock())
 def getDNForUsername(username):
     """Get user DN for user
 
@@ -419,6 +449,7 @@ def getBannedIPs():
     return gConfig.getValue(f"{gBaseRegistrySection}/BannedIPs", [])
 
 
+@cached(TTLCache(maxsize=1000, ttl=CACHE_REFRESH_TIME), lock=Lock())
 def getVOForGroup(group):
     """Search VO name for group
 
@@ -634,10 +665,7 @@ def getDNProperty(userDN, value, defaultValue=None):
     return S_OK(defaultValue)
 
 
-_cache_getProxyProvidersForDN = TTLCache(maxsize=1000, ttl=60)
-
-
-@cached(_cache_getProxyProvidersForDN, lock=Lock())
+@cached(TTLCache(maxsize=1000, ttl=CACHE_REFRESH_TIME), lock=Lock())
 def getProxyProvidersForDN(userDN):
     """Get proxy providers by user DN
 

DIRAC/ConfigurationSystem/Client/LocalConfiguration.py

@@ -568,6 +568,9 @@ class LocalConfiguration:
             objLoader = ObjectLoader()
             objLoader.reloadRootModules()
             self.__initLogger(self.componentName, self.loggingSection, forceInit=True)
+            from DIRAC.ConfigurationSystem.Client.Helpers.Registry import reset_all_caches
+
+            reset_all_caches()
         return res
 
     def isCSEnabled(self):

DIRAC/ConfigurationSystem/Client/VOMS2CSSynchronizer.py

@@ -87,8 +87,15 @@ def _getUserNameFromDN(dn, vo):
                     return nname
                 else:
                     robot = False
+                    # only pop if the remains are sufficient (i.e. not just digits)
                     if names[0].lower().startswith("robot"):
-                        names.pop(0)
+                        nameok = False
+                        if len(names) > 1:
+                            for name in names[1:]:
+                                if not name.isdigit():
+                                    nameok = True
+                        if nameok:
+                            names.pop(0)
                         robot = True
                     for name in list(names):
                         if name[0].isdigit() or "@" in name:

DIRAC/Core/DISET/private/BaseClient.py

@@ -323,7 +323,7 @@ class BaseClient:
             pass
 
         # We randomize the list, and add at the end the failover URLs (System/FailoverURLs/Component)
-        urlsList = List.randomize(List.fromChar(urls, ",")) + failoverUrls
+        urlsList = List.fromChar(urls, ",") + failoverUrls
         self.__nbOfUrls = len(urlsList)
         self.__nbOfRetry = (
             2 if self.__nbOfUrls > 2 else 3
@@ -445,7 +445,6 @@ and this is thread {cThID}
             return self.__initStatus
         if self.__enableThreadCheck:
             self.__checkThreadID()
-
         gLogger.debug(f"Trying to connect to: {self.serviceURL}")
         try:
             # Calls the transport method of the apropriate protocol.

DIRAC/Core/Security/ProxyInfo.py

@@ -1,10 +1,13 @@
 """
- Set of utilities to retrieve Information from proxy
+Set of utilities to retrieve Information from proxy
 """
+
 import base64
 
 from DIRAC import S_ERROR, S_OK, gLogger
 from DIRAC.ConfigurationSystem.Client.Helpers import Registry
+from DIRAC.ConfigurationSystem.Client.Helpers.CSGlobals import getVO
+
 from DIRAC.Core.Security import Locations
 from DIRAC.Core.Security.DiracX import diracxTokenFromPEM
 from DIRAC.Core.Security.VOMS import VOMS
@@ -207,10 +210,11 @@ def getVOfromProxyGroup():
     """
     Return the VO associated to the group in the proxy
     """
-    voName = Registry.getVOForGroup("NoneExistingGroup")
+
     ret = getProxyInfo(disableVOMS=True)
-    if not ret["OK"]:
-        return S_OK(voName)
-    if "group" in ret["Value"]:
+    if not ret["OK"] or "group" not in ret["Value"]:
+        voName = getVO()
+    else:
         voName = Registry.getVOForGroup(ret["Value"]["group"])
+
     return S_OK(voName)

DIRAC/Core/Utilities/Os.py

@@ -3,10 +3,11 @@
    by default on Error they return None
 """
 import os
+import threading
 
 import DIRAC
-from DIRAC.Core.Utilities.Subprocess import shellCall, systemCall
 from DIRAC.Core.Utilities import List
+from DIRAC.Core.Utilities.Subprocess import shellCall, systemCall
 
 DEBUG = 0
 
@@ -128,3 +129,33 @@ def sourceEnv(timeout, cmdTuple, inputEnv=None):
     result["stderr"] = stderr
 
     return result
+
+
+def safe_listdir(directory, timeout=60):
+    """This is a "safe" list directory,
+    for lazily-loaded File Systems like CVMFS.
+    There's by default a 60 seconds timeout.
+
+    .. warning::
+        There is no distinction between an empty directory, and a non existent one.
+        It will return `[]` in both cases.
+
+    :param str directory: directory to list
+    :param int timeout: optional timeout, in seconds. Defaults to 60.
+    """
+
+    def listdir(directory):
+        try:
+            return os.listdir(directory)
+        except FileNotFoundError:
+            print(f"{directory} not found")
+            return []
+
+    contents = []
+    t = threading.Thread(target=lambda: contents.extend(listdir(directory)))
+    t.daemon = True  # don't delay program's exit
+    t.start()
+    t.join(timeout)
+    if t.is_alive():
+        return None  # timeout
+    return contents

DIRAC/Core/scripts/dirac_apptainer_exec.py

@@ -10,6 +10,7 @@ import DIRAC
 from DIRAC import S_ERROR, gConfig, gLogger
 from DIRAC.Core.Base.Script import Script
 from DIRAC.Core.Security.Locations import getCAsLocation, getProxyLocation, getVOMSLocation
+from DIRAC.Core.Utilities.Os import safe_listdir
 from DIRAC.Core.Utilities.Subprocess import systemCall
 
 
@@ -73,7 +74,7 @@ def main():
     cmd.extend(["--contain"])  # use minimal /dev and empty other directories (e.g. /tmp and $HOME)
     cmd.extend(["--ipc"])  # run container in a new IPC namespace
     cmd.extend(["--pid"])  # run container in a new PID namespace
-    cmd.extend(["--bind", f"{os.getcwd()}:/mnt"])  # bind current directory for dirac_container.sh
+    cmd.extend(["--bind", f"{os.getcwd()}"])  # bind current directory for dirac_container.sh
     if proxy_location:
         cmd.extend(["--bind", f"{proxy_location}:/etc/proxy"])  # bind proxy file
     cmd.extend(["--bind", f"{getCAsLocation()}:/etc/grid-security/certificates"])  # X509_CERT_DIR
@@ -83,12 +84,18 @@ def main():
     cmd.extend(["--bind", f"{vomses_location}:/etc/grid-security/vomses"])  # X509_VOMSES
     cmd.extend(["--bind", "{0}:{0}:ro".format(etc_dir)])  # etc dir for dirac.cfg
     cmd.extend(["--bind", "{0}:{0}:ro".format(os.path.join(os.path.realpath(sys.base_prefix)))])  # code dir
-    cmd.extend(["--cwd", "/mnt"])  # set working directory to /mnt
+    # here bind optional paths
+    for bind_path in gConfig.getValue("/Resources/Computing/Singularity/BindPaths", []):
+        if safe_listdir(bind_path):
+            cmd.extend(["--bind", f"{bind_path}:{bind_path}"])
+        else:
+            gLogger.warning(f"Bind path {bind_path} does not exist, skipping")
+    cmd.extend(["--cwd", f"{os.getcwd()}"])  # set working directory
 
     rootImage = user_image or gConfig.getValue("/Resources/Computing/Singularity/ContainerRoot") or CONTAINER_DEFROOT
 
     if os.path.isdir(rootImage) or os.path.isfile(rootImage):
-        cmd.extend([rootImage, "/mnt/dirac_container.sh"])
+        cmd.extend([rootImage, f"{os.getcwd()}/dirac_container.sh"])
     else:
         # if we are here is because there's no image, or it is not accessible (e.g. not on CVMFS)
         gLogger.error("Apptainer image to exec not found: ", rootImage)
@@ -100,7 +107,8 @@ def main():
         gLogger.error(result["Message"])
         DIRAC.exit(1)
     if result["Value"][0] != 0:
-        gLogger.error(result["Value"][2])
+        gLogger.error("Apptainer command failed with exit code", result["Value"][0])
+        gLogger.error("Command output:", result["Value"])
         DIRAC.exit(2)
     gLogger.notice(result["Value"][1])
 

DIRAC/DataManagementSystem/Utilities/DMSHelpers.py

@@ -1,7 +1,8 @@
 """
-  This module contains helper methods for accessing operational attributes or parameters of DMS objects
+This module contains helper methods for accessing operational attributes or parameters of DMS objects
 
 """
+
 from collections import defaultdict
 from DIRAC import gConfig, gLogger, S_OK, S_ERROR
 from DIRAC.ConfigurationSystem.Client.Helpers.Path import cfgPath
@@ -17,6 +18,9 @@ sLog = gLogger.getSubLogger(__name__)
 def resolveSEGroup(seGroupList, allSEs=None):
     """
     Resolves recursively a (list of) SEs that can be groupSEs
+    For modules, JobWrapper or whatever runs at a given site,
+    prefer using :py:func:`~DIRAC.DataManagementSystem.Utilities.ResolveSE.getDestinationSEList`
+
 
     :param seGroupList: list of SEs to resolve or comma-separated SEs
     :type seGroupList: list or string

DIRAC/Interfaces/API/DiracAdmin.py

@@ -4,7 +4,9 @@ All administrative functionality is exposed through the DIRAC Admin API.  Exampl
 site banning and unbanning, WMS proxy uploading etc.
 
 """
+
 import os
+from datetime import datetime, timedelta
 
 from DIRAC import S_ERROR, S_OK, gConfig, gLogger
 from DIRAC.ConfigurationSystem.Client.CSAPI import CSAPI
@@ -150,7 +152,7 @@ class DiracAdmin(API):
         return result
 
     #############################################################################
-    def allowSite(self, site, comment, printOutput=False):
+    def allowSite(self, site, comment, printOutput=False, days=1):
         """Adds the site to the site mask. The site must be a valid DIRAC site name
 
         Example usage:
@@ -174,7 +176,13 @@ class DiracAdmin(API):
                 gLogger.notice(f"Site {site} is already Active")
             return S_OK(f"Site {site} is already Active")
 
-        if not (result := self.sitestatus.setSiteStatus(site, "Active", comment))["OK"]:
+        tokenLifetime = int(days)
+        if tokenLifetime <= 0:
+            tokenExpiration = datetime.max
+        else:
+            tokenExpiration = datetime.utcnow().replace(microsecond=0) + timedelta(days=tokenLifetime)
+
+        if not (result := self.sitestatus.setSiteStatus(site, "Active", comment, expiry=tokenExpiration))["OK"]:
             return result
 
         if printOutput:
@@ -223,7 +231,7 @@ class DiracAdmin(API):
         return S_OK()
 
     #############################################################################
-    def banSite(self, site, comment, printOutput=False):
+    def banSite(self, site, comment, printOutput=False, days=1):
         """Removes the site from the site mask.
 
         Example usage:
@@ -236,7 +244,6 @@ class DiracAdmin(API):
         """
         if not (result := self._checkSiteIsValid(site))["OK"]:
             return result
-
         mask = self.getSiteMask(status="Banned")
         if not mask["OK"]:
             return mask
@@ -246,7 +253,12 @@ class DiracAdmin(API):
                 gLogger.notice(f"Site {site} is already Banned")
             return S_OK(f"Site {site} is already Banned")
 
-        if not (result := self.sitestatus.setSiteStatus(site, "Banned", comment))["OK"]:
+        tokenLifetime = int(days)
+        if tokenLifetime <= 0:
+            tokenExpiration = datetime.max
+        else:
+            tokenExpiration = datetime.utcnow().replace(microsecond=0) + timedelta(days=tokenLifetime)
+        if not (result := self.sitestatus.setSiteStatus(site, "Banned", comment, expiry=tokenExpiration))["OK"]:
             return result
 
         if printOutput:

DIRAC/Interfaces/scripts/dirac_admin_allow_site.py

@@ -13,6 +13,9 @@ from DIRAC.Core.Base.Script import Script
 @Script()
 def main():
     Script.registerSwitch("E:", "email=", "Boolean True/False (True by default)")
+    Script.registerSwitch(
+        "", "days=", "Number of days the token is valid for. Default is 1 day. 0 or less days denotes forever."
+    )
     # Registering arguments will automatically add their description to the help menu
     Script.registerArgument("Site:     Name of the Site")
     Script.registerArgument("Comment:  Reason of the action")
@@ -32,9 +35,12 @@ def main():
             Script.showHelp()
 
     email = True
+    days = 1
     for switch in Script.getUnprocessedSwitches():
         if switch[0] == "email":
             email = getBoolean(switch[1])
+        if switch[0] == "days":
+            days = int(switch[1])
 
     diracAdmin = DiracAdmin()
     exitCode = 0
@@ -42,7 +48,7 @@ def main():
 
     # parseCommandLine show help when mandatory arguments are not specified or incorrect argument
     site, comment = Script.getPositionalArgs(group=True)
-    result = diracAdmin.allowSite(site, comment, printOutput=True)
+    result = diracAdmin.allowSite(site, comment, printOutput=True, days=days)
     if not result["OK"]:
         errorList.append((site, result["Message"]))
         exitCode = 2