rucio-clients 35.7.0__py3-none-any.whl → 37.0.0__py3-none-any.whl

rucio/rse/protocols/webdav.py

@@ -12,12 +12,13 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+import logging
 import os
 import sys
-import xml.etree.ElementTree as ET
 from dataclasses import dataclass
 from typing import Any, Optional
 from urllib.parse import urlparse
+from xml.etree import ElementTree
 
 import requests
 from requests.adapters import HTTPAdapter
@@ -96,7 +97,7 @@ class _PropfindFile:
     size: Optional[int]
 
     @classmethod
-    def from_xml_node(cls, node: ET.Element):
+    def from_xml_node(cls, node: ElementTree.Element):
         """Extract file properties from a `<{DAV:}response>` node."""
 
         xml_href = node.find('./{DAV:}href')
@@ -133,8 +134,8 @@ class _PropfindResponse:
         """
 
         try:
-            xml = ET.fromstring(document)  # noqa: S314
-        except ET.ParseError as ex:
+            xml = ElementTree.fromstring(document)  # noqa: S314
+        except ElementTree.ParseError as ex:
             raise ValueError("Couldn't parse XML document") from ex
 
         if xml.tag != '{DAV:}multistatus':
@@ -161,6 +162,7 @@ class Default(protocol.RSEProtocol):
             :raises RSEAccessDenied
         """
         credentials = credentials or {}
+        using_presigned_urls = self.rse['sign_url'] is not None
         try:
             parse_url = urlparse(self.path2pfn(''))
             self.server = f'{parse_url.scheme}://{parse_url.netloc}'
@@ -177,23 +179,29 @@ class Default(protocol.RSEProtocol):
         except KeyError:
             self.auth_type = 'cert'
 
-        try:
-            self.cert = credentials['cert']
-        except KeyError:
-            x509 = os.getenv('X509_USER_PROXY')
-            if not x509:
-                # Trying to get the proxy from the default location
-                proxy_path = '/tmp/x509up_u%s' % os.geteuid()
-                if os.path.isfile(proxy_path):
-                    self.cert = (proxy_path, proxy_path)
-                elif self.auth_token:
-                    # If no proxy is found, we set the cert to None and use the auth_token
-                    self.cert = None
-                    pass
+        if using_presigned_urls:
+            # Suppress all authentication, otherwise S3 servers will reject
+            # requests.
+            self.cert = None
+            self.auth_token = None
+        else:
+            try:
+                self.cert = credentials['cert']
+            except KeyError:
+                x509 = os.getenv('X509_USER_PROXY')
+                if not x509:
+                    # Trying to get the proxy from the default location
+                    proxy_path = '/tmp/x509up_u%s' % os.geteuid()
+                    if os.path.isfile(proxy_path):
+                        self.cert = (proxy_path, proxy_path)
+                    elif self.auth_token:
+                        # If no proxy is found, we set the cert to None and use the auth_token
+                        self.cert = None
+                        pass
+                    else:
+                        raise exception.RSEAccessDenied('X509_USER_PROXY is not set')
                 else:
-                    raise exception.RSEAccessDenied('X509_USER_PROXY is not set')
-            else:
-                self.cert = (x509, x509)
+                    self.cert = (x509, x509)
 
         try:
             self.timeout = credentials['timeout']
@@ -205,11 +213,16 @@ class Default(protocol.RSEProtocol):
             self.session.headers.update({'Authorization': 'Bearer ' + self.auth_token})
         # "ping" to see if the server is available
         try:
-            res = self.session.request('HEAD', self.path2pfn(''), verify=False, timeout=self.timeout, cert=self.cert)
-            if res.status_code != 200:
-                raise exception.ServiceUnavailable('Problem to connect %s : %s' % (self.path2pfn(''), res.text))
+            test_url = self.path2pfn('')
+            res = self.session.request('HEAD', test_url, verify=False, timeout=self.timeout, cert=self.cert)
+            # REVISIT: this test checks some URL that doesn't correspond to
+            # any valid Rucio file.  Although this works for normal WebDAV
+            # endpoints, it fails for endpoints using presigned URLs.  As a
+            # work-around, accept 4xx status codes when using presigned URLs.
+            if res.status_code != 200 and not (using_presigned_urls and res.status_code < 500):
+                raise exception.ServiceUnavailable('Bad status code %s %s : %s' % (res.status_code, test_url, res.text))
         except requests.exceptions.ConnectionError as error:
-            raise exception.ServiceUnavailable('Problem to connect %s : %s' % (self.path2pfn(''), error))
+            raise exception.ServiceUnavailable('Problem to connect %s : %s' % (test_url, error))
         except requests.exceptions.ReadTimeout as error:
             raise exception.ServiceUnavailable(error)
 
@@ -259,14 +272,16 @@ class Default(protocol.RSEProtocol):
 
             :param pfn: Physical file name of requested file
             :param dest: Name and path of the files when stored at the client
-            :param transfer_timeout: Transfer timeout (in seconds) - dummy
+            :param transfer_timeout: Transfer timeout (in seconds)
 
             :raises DestinationNotAccessible, ServiceUnavailable, SourceNotFound, RSEAccessDenied
         """
         path = self.path2pfn(pfn)
         chunksize = 1024
+        transfer_timeout = self.timeout if transfer_timeout is None else transfer_timeout
+
         try:
-            result = self.session.get(path, verify=False, stream=True, timeout=self.timeout, cert=self.cert)
+            result = self.session.get(path, verify=False, stream=True, timeout=transfer_timeout, cert=self.cert)
             if result and result.status_code in [200, ]:
                 length = None
                 if 'content-length' in result.headers:
@@ -297,7 +312,7 @@ class Default(protocol.RSEProtocol):
             :param source: Physical file name
             :param target: Name of the file on the storage system e.g. with prefixed scope
             :param source_dir Path where the to be transferred files are stored in the local file system
-            :param transfer_timeout Transfer timeout (in seconds) - dummy
+            :param transfer_timeout Transfer timeout (in seconds)
 
             :raises DestinationNotAccessible, ServiceUnavailable, SourceNotFound, RSEAccessDenied
         """
@@ -305,11 +320,13 @@ class Default(protocol.RSEProtocol):
         full_name = source_dir + '/' + source if source_dir else source
         directories = path.split('/')
         # Try the upload without testing the existence of the destination directory
+        transfer_timeout = self.timeout if transfer_timeout is None else transfer_timeout
+
         try:
             if not os.path.exists(full_name):
                 raise exception.SourceNotFound()
             it = UploadInChunks(full_name, 10000000, progressbar)
-            result = self.session.put(path, data=IterableToFileAdapter(it), verify=False, allow_redirects=True, timeout=self.timeout, cert=self.cert)
+            result = self.session.put(path, data=IterableToFileAdapter(it), verify=False, allow_redirects=True, timeout=transfer_timeout, cert=self.cert)
             if result.status_code in [200, 201]:
                 return
             if result.status_code in [409, ]:
@@ -323,7 +340,7 @@ class Default(protocol.RSEProtocol):
                     if not os.path.exists(full_name):
                         raise exception.SourceNotFound()
                     it = UploadInChunks(full_name, 10000000, progressbar)
-                    result = self.session.put(path, data=IterableToFileAdapter(it), verify=False, allow_redirects=True, timeout=self.timeout, cert=self.cert)
+                    result = self.session.put(path, data=IterableToFileAdapter(it), verify=False, allow_redirects=True, timeout=transfer_timeout, cert=self.cert)
                     if result.status_code in [200, 201]:
                         return
                     if result.status_code in [409, ]:
@@ -537,7 +554,7 @@ class Default(protocol.RSEProtocol):
         headers = {'Depth': '0'}
 
         try:
-            root = ET.fromstring(self.session.request('PROPFIND', endpoint_basepath, verify=False, headers=headers, cert=self.session.cert).text)  # noqa: S314
+            root = ElementTree.fromstring(self.session.request('PROPFIND', endpoint_basepath, verify=False, headers=headers, cert=self.session.cert).text)  # noqa: S314
             usedsize = root[0][1][0].find('{DAV:}quota-used-bytes').text
             try:
                 unusedsize = root[0][1][0].find('{DAV:}quota-available-bytes').text
@@ -548,3 +565,30 @@ class Default(protocol.RSEProtocol):
             return totalsize, unusedsize
         except Exception as error:
             raise exception.ServiceUnavailable(error)
+
+
+class NoRename(Default):
+    """ Implementing access to RSEs using the WebDAV protocol but without
+    renaming files on upload/download. Necessary for some storage endpoints.
+    """
+
+    def __init__(self, protocol_attr, rse_settings, logger=logging.log):
+        """ Initializes the object with information about the referred RSE.
+
+            :param protocol_attr:  Properties of the requested protocol.
+            :param rse_settings:   The RSE settings.
+            :param logger:         Optional decorated logger that can be passed from the calling daemons or servers.
+        """
+        super(NoRename, self).__init__(protocol_attr, rse_settings, logger=logger)
+        self.renaming = False
+        self.attributes.pop('determinism_type', None)
+
+    def rename(self, pfn, new_pfn):
+        """ Allows to rename a file stored inside the connected RSE.
+
+            :param pfn:      Current physical file name
+            :param new_pfn  New physical file name
+
+            :raises DestinationNotAccessible, ServiceUnavailable, SourceNotFound
+        """
+        raise NotImplementedError

rucio/rse/protocols/xrootd.py

@@ -16,7 +16,8 @@ import logging
 import os
 
 from rucio.common import exception
-from rucio.common.utils import PREFERRED_CHECKSUM, execute
+from rucio.common.checksum import PREFERRED_CHECKSUM
+from rucio.common.utils import execute
 from rucio.rse.protocols import protocol
 
 

rucio/rse/rsemanager.py

@@ -15,31 +15,43 @@
 import copy
 import logging
 import random
-from collections.abc import Callable
 from time import sleep
+from typing import TYPE_CHECKING, Any, Literal, Optional, Union, cast
 from urllib.parse import urlparse
 
 from rucio.common import constants, exception, types, utils
+from rucio.common.checksum import GLOBALLY_SUPPORTED_CHECKSUMS
 from rucio.common.config import config_get_int
-from rucio.common.constants import RSE_SUPPORTED_PROTOCOL_OPERATIONS
 from rucio.common.constraints import STRING_TYPES
 from rucio.common.logging import formatted_logger
-from rucio.common.utils import GLOBALLY_SUPPORTED_CHECKSUMS, make_valid_did
+from rucio.common.utils import make_valid_did
 
+if TYPE_CHECKING:
+    from collections.abc import Callable
 
-def get_scope_protocol(vo: str = 'def') -> Callable:
+    from sqlalchemy.orm import Session
+
+    from rucio.rse.protocols.protocol import RSEProtocol
+
+
+def get_scope_protocol(vo: str = 'def') -> 'Callable':
     """
         Returns the callable protocol to translate the pfn to a name/scope pair
 
     :returns:
         Callable: Scope Parser function
     """
-    from rucio.rse.protocols.protocol import RSEDeterministicScopeTranslation
+    from rucio.rse.translation import RSEDeterministicScopeTranslation
     translation = RSEDeterministicScopeTranslation(vo=vo)
     return translation.parser
 
 
-def get_rse_info(rse=None, vo='def', rse_id=None, session=None) -> types.RSESettingsDict:
+def get_rse_info(
+        rse: Optional[str] = None,
+        vo: str = 'def',
+        rse_id: Optional[str] = None,
+        session: Optional["Session"] = None
+) -> types.RSESettingsDict:
     """
         Returns all protocol related RSE attributes.
         Call with either rse and vo, or (in server mode) rse_id
@@ -79,7 +91,13 @@ def get_rse_info(rse=None, vo='def', rse_id=None, session=None) -> types.RSESett
     return rse_info
 
 
-def _get_possible_protocols(rse_settings: types.RSESettingsDict, operation, scheme=None, domain=None, impl=None):
+def _get_possible_protocols(
+        rse_settings: types.RSESettingsDict,
+        operation: str,
+        scheme: Optional[Union[list[str], str]] = None,
+        domain: Optional[str] = None,
+        impl: Optional[str] = None
+) -> list[types.RSEProtocolDict]:
     """
     Filter the list of available protocols or provided by the supported ones.
 
@@ -129,8 +147,14 @@ def _get_possible_protocols(rse_settings: types.RSESettingsDict, operation, sche
     return [c for c in candidates if c not in tbr]
 
 
-def get_protocols_ordered(rse_settings: types.RSESettingsDict, operation, scheme=None, domain='wan', impl=None):
-    if operation not in RSE_SUPPORTED_PROTOCOL_OPERATIONS:
+def get_protocols_ordered(
+        rse_settings: types.RSESettingsDict,
+        operation: constants.RSE_ALL_SUPPORTED_PROTOCOL_OPERATIONS_LITERAL,
+        scheme: Optional[Union[list[str], str]] = None,
+        domain: str = 'wan',
+        impl: Optional[str] = None
+) -> list[types.RSEProtocolDict]:
+    if operation not in constants.RSE_ALL_SUPPORTED_PROTOCOL_OPERATIONS:
         raise exception.RSEOperationNotSupported('Operation %s is not supported' % operation)
 
     if domain and domain not in utils.rse_supported_protocol_domains():
@@ -141,8 +165,13 @@ def get_protocols_ordered(rse_settings: types.RSESettingsDict, operation, scheme
     return candidates
 
 
-def select_protocol(rse_settings: types.RSESettingsDict, operation, scheme=None, domain='wan'):
-    if operation not in RSE_SUPPORTED_PROTOCOL_OPERATIONS:
+def select_protocol(
+        rse_settings: types.RSESettingsDict,
+        operation: constants.RSE_ALL_SUPPORTED_PROTOCOL_OPERATIONS_LITERAL,
+        scheme: Optional[str] = None,
+        domain: str = 'wan'
+) -> types.RSEProtocolDict:
+    if operation not in constants.RSE_ALL_SUPPORTED_PROTOCOL_OPERATIONS:
         raise exception.RSEOperationNotSupported('Operation %s is not supported' % operation)
 
     if domain and domain not in utils.rse_supported_protocol_domains():
@@ -154,7 +183,16 @@ def select_protocol(rse_settings: types.RSESettingsDict, operation, scheme=None,
     return min(candidates, key=lambda k: k['domains'][domain][operation])
 
 
-def create_protocol(rse_settings: types.RSESettingsDict, operation, scheme=None, domain='wan', auth_token=None, protocol_attr=None, logger=logging.log, impl=None):
+def create_protocol(
+        rse_settings: types.RSESettingsDict,
+        operation: str,
+        scheme: Optional[str] = None,
+        domain: str = 'wan',
+        auth_token: Optional[str] = None,
+        protocol_attr: Optional[types.RSEProtocolDict] = None,
+        logger: types.LoggerFunction = logging.log,
+        impl: Optional[str] = None
+) -> "RSEProtocol":
     """
     Instantiates the protocol defined for the given operation.
 
@@ -170,9 +208,11 @@ def create_protocol(rse_settings: types.RSESettingsDict, operation, scheme=None,
 
     # Verify feasibility of Protocol
     operation = operation.lower()
-    if operation not in RSE_SUPPORTED_PROTOCOL_OPERATIONS:
+    if operation not in constants.RSE_ALL_SUPPORTED_PROTOCOL_OPERATIONS:
         raise exception.RSEOperationNotSupported('Operation %s is not supported' % operation)
 
+    operation = cast("constants.RSE_ALL_SUPPORTED_PROTOCOL_OPERATIONS_LITERAL", operation)
+
     if domain and domain not in utils.rse_supported_protocol_domains():
         raise exception.RSEProtocolDomainNotSupported('Domain %s not supported' % domain)
 
@@ -204,7 +244,16 @@ def create_protocol(rse_settings: types.RSESettingsDict, operation, scheme=None,
     return protocol
 
 
-def lfns2pfns(rse_settings: types.RSESettingsDict, lfns, operation='write', scheme=None, domain='wan', auth_token=None, logger=logging.log, impl=None):
+def lfns2pfns(
+        rse_settings: types.RSESettingsDict,
+        lfns: Union[list[types.LFNDict], types.LFNDict],
+        operation: str = 'write',
+        scheme: Optional[str] = None,
+        domain: str = 'wan',
+        auth_token: Optional[str] = None,
+        logger: types.LoggerFunction = logging.log,
+        impl: Optional[str] = None
+) -> dict[str, str]:
     """
         Convert the lfn to a pfn
 
@@ -222,7 +271,13 @@ def lfns2pfns(rse_settings: types.RSESettingsDict, lfns, operation='write', sche
     return create_protocol(rse_settings, operation, scheme, domain, auth_token=auth_token, logger=logger, impl=impl).lfns2pfns(lfns)
 
 
-def parse_pfns(rse_settings: types.RSESettingsDict, pfns, operation='read', domain='wan', auth_token=None):
+def parse_pfns(
+        rse_settings: types.RSESettingsDict,
+        pfns: list[str],
+        operation: str = 'read',
+        domain: str = 'wan',
+        auth_token: Optional[str] = None
+) -> dict[str, dict[str, str]]:
     """
         Checks if a PFN is feasible for a given RSE. If so it splits the pfn in its various components.
 
@@ -244,7 +299,16 @@ def parse_pfns(rse_settings: types.RSESettingsDict, pfns, operation='read', doma
     return create_protocol(rse_settings, operation, urlparse(pfns[0]).scheme, domain, auth_token=auth_token).parse_pfns(pfns)
 
 
-def exists(rse_settings: types.RSESettingsDict, files, domain='wan', scheme=None, impl=None, auth_token=None, vo='def', logger=logging.log):
+def exists(
+        rse_settings: types.RSESettingsDict,
+        files: Union[list[dict[str, str]], dict[str, str]],
+        domain: str = 'wan',
+        scheme: Optional[str] = None,
+        impl: Optional[str] = None,
+        auth_token: Optional[str] = None,
+        vo: str = 'def',
+        logger: types.LoggerFunction = logging.log
+) -> Union[bool, list[Union[bool, dict[dict[str, str], bool]]]]:
     """
         Checks if a file is present at the connected storage.
         Providing a list indicates the bulk mode.
@@ -263,26 +327,28 @@ def exists(rse_settings: types.RSESettingsDict, files, domain='wan', scheme=None
         :raises RSENotConnected: no connection to a specific storage has been established
     """
 
-    ret = {}
-    gs = True  # gs represents the global status which indicates if every operation worked in bulk mode
-
     protocol = create_protocol(rse_settings, 'read', scheme=scheme, impl=impl, domain=domain, auth_token=auth_token, logger=logger)
     protocol.connect()
-    try:
-        protocol.exists(None)
-    except NotImplementedError:
+
+    from rucio.rse.protocols.protocol import RSEProtocol  # Placed it here to avoid possible circular imports
+    # Check if 'exists' is truly overridden on the read protocol
+    if not utils.is_method_overridden(protocol, RSEProtocol, 'exists'):
+        # If not overridden, optionally fall back to a write protocol
         protocol = create_protocol(rse_settings, 'write', scheme=scheme, domain=domain, auth_token=auth_token, logger=logger)
         protocol.connect()
-    except:
-        pass
 
-    files = [files] if not type(files) is list else files
+    ret = {}
+    gs = True  # gs represents the global status which indicates if every operation worked in bulk mode
+
+    if not isinstance(files, list):
+        files = [files]
     for f in files:
         exists = None
         if isinstance(f, STRING_TYPES):
             exists = protocol.exists(f)
             ret[f] = exists
         elif 'scope' in f:  # a LFN is provided
+            f = cast("types.LFNDict", f)
             pfn = list(protocol.lfns2pfns(f).values())[0]
             if isinstance(pfn, exception.RucioException):
                 raise pfn
@@ -300,12 +366,25 @@ def exists(rse_settings: types.RSESettingsDict, files, domain='wan', scheme=None
 
     protocol.close()
     if len(ret) == 1:
-        for x in ret:
-            return ret[x]
+        return next(iter(ret.values()))
     return [gs, ret]
 
 
-def upload(rse_settings: types.RSESettingsDict, lfns, domain='wan', source_dir=None, force_pfn=None, force_scheme=None, transfer_timeout=None, delete_existing=False, sign_service=None, auth_token=None, vo='def', logger=logging.log, impl=None):
+def upload(
+        rse_settings: types.RSESettingsDict,
+        lfns: Union[list[types.LFNDict], types.LFNDict],
+        domain: str = 'wan',
+        source_dir: Optional[str] = None,
+        force_pfn: Optional[str] = None,
+        force_scheme: Optional[str] = None,
+        transfer_timeout: Optional[int] = None,
+        delete_existing: bool = False,
+        sign_service: Optional[str] = None,
+        auth_token: Optional[str] = None,
+        vo: str = 'def',
+        logger: types.LoggerFunction = logging.log,
+        impl: Optional[str] = None
+) -> dict[Union[int, str], Union[bool, str, dict[str, Union[Literal[True], Exception]]]]:
     """
         Uploads a file to the connected storage.
         Providing a list indicates the bulk mode.
@@ -343,7 +422,9 @@ def upload(rse_settings: types.RSESettingsDict, lfns, domain='wan', source_dir=N
     protocol.connect()
     protocol_delete = create_protocol(rse_settings, 'delete', domain=domain, auth_token=auth_token, logger=logger, impl=impl)
     protocol_delete.connect()
-    lfns = [lfns] if not type(lfns) is list else lfns
+
+    if not isinstance(lfns, list):
+        lfns = [lfns]
     for lfn in lfns:
         base_name = lfn.get('filename', lfn['name'])
         name = lfn.get('name', base_name)
@@ -398,7 +479,7 @@ def upload(rse_settings: types.RSESettingsDict, lfns, domain='wan', source_dir=N
 
                 try:  # Try uploading file
                     logger(logging.DEBUG, 'Uploading to %s.rucio.upload', pfn)
-                    protocol.put(base_name, '%s.rucio.upload' % pfn, source_dir, transfer_timeout=transfer_timeout)
+                    protocol.put(base_name, '%s.rucio.upload' % pfn, source_dir, transfer_timeout=transfer_timeout)  # type: ignore (source_dir could be None)
                 except Exception as e:
                     gs = False
                     ret['%s:%s' % (scope, name)] = e
@@ -496,15 +577,22 @@ def upload(rse_settings: types.RSESettingsDict, lfns, domain='wan', source_dir=N
     protocol.close()
     protocol_delete.close()
     if len(ret) == 1:
-        for x in ret:
-            if isinstance(ret[x], Exception):
-                raise ret[x]
-            else:
-                return {0: ret[x], 1: ret, 'success': ret[x], 'pfn': pfn}
+        ret_value = next(iter(ret.values()))
+        if isinstance(ret_value, Exception):
+            raise ret_value
+        else:
+            return {0: ret_value, 1: ret, 'success': ret_value, 'pfn': pfn}
     return {0: gs, 1: ret, 'success': gs, 'pfn': pfn}
 
 
-def delete(rse_settings: types.RSESettingsDict, lfns, domain='wan', auth_token=None, logger=logging.log, impl=None):
+def delete(
+        rse_settings: types.RSESettingsDict,
+        lfns: Union[list[types.LFNDict], types.LFNDict],
+        domain: str = 'wan',
+        auth_token: Optional[str] = None,
+        logger: types.LoggerFunction = logging.log,
+        impl: Optional[str] = None
+) -> Union[bool, list[Union[bool, dict[str, Union[Literal[True], Exception]]]]]:
     """
         Delete a file from the connected storage.
         Providing a list indicates the bulk mode.
@@ -527,7 +615,8 @@ def delete(rse_settings: types.RSESettingsDict, lfns, domain='wan', auth_token=N
     protocol = create_protocol(rse_settings, 'delete', domain=domain, auth_token=auth_token, logger=logger, impl=impl)
     protocol.connect()
 
-    lfns = [lfns] if not type(lfns) is list else lfns
+    if not isinstance(lfns, list):
+        lfns = [lfns]
     for lfn in lfns:
         pfn = list(protocol.lfns2pfns(lfn).values())[0]
         try:
@@ -539,15 +628,22 @@ def delete(rse_settings: types.RSESettingsDict, lfns, domain='wan', auth_token=N
 
     protocol.close()
     if len(ret) == 1:
-        for x in ret:
-            if isinstance(ret[x], Exception):
-                raise ret[x]
-            else:
-                return ret[x]
+        ret_value = next(iter(ret.values()))
+        if isinstance(ret_value, Exception):
+            raise ret_value
+        else:
+            return ret_value
     return [gs, ret]
 
 
-def rename(rse_settings: types.RSESettingsDict, files, domain='wan', auth_token=None, logger=logging.log, impl=None):
+def rename(
+        rse_settings: types.RSESettingsDict,
+        files: Union[list[dict[str, str]], dict[str, str]],
+        domain: str = 'wan',
+        auth_token: Optional[str] = None,
+        logger: types.LoggerFunction = logging.log,
+        impl: Optional[str] = None
+) -> Union[bool, list[Union[bool, dict[str, Union[Literal[True], Exception]]]]]:
     """
         Rename files stored on the connected storage.
         Providing a list indicates the bulk mode.
@@ -578,7 +674,8 @@ def rename(rse_settings: types.RSESettingsDict, files, domain='wan', auth_token=
     protocol = create_protocol(rse_settings, 'write', domain=domain, auth_token=auth_token, logger=logger, impl=impl)
     protocol.connect()
 
-    files = [files] if not type(files) is list else files
+    if not isinstance(files, list):
+        files = [files]
     for f in files:
         pfn = None
         new_pfn = None
@@ -615,15 +712,22 @@ def rename(rse_settings: types.RSESettingsDict, files, domain='wan', auth_token=
 
     protocol.close()
     if len(ret) == 1:
-        for x in ret:
-            if isinstance(ret[x], Exception):
-                raise ret[x]
-            else:
-                return ret[x]
+        ret_value = next(iter(ret.values()))
+        if isinstance(ret_value, Exception):
+            raise ret_value
+        else:
+            return ret_value
     return [gs, ret]
 
 
-def get_space_usage(rse_settings: types.RSESettingsDict, scheme=None, domain='wan', auth_token=None, logger=logging.log, impl=None):
+def get_space_usage(
+        rse_settings: types.RSESettingsDict,
+        scheme: Optional[str] = None,
+        domain: str = 'wan',
+        auth_token: Optional[str] = None,
+        logger: types.LoggerFunction = logging.log,
+        impl: Optional[str] = None
+) -> list[Union[bool, Union[dict[str, int], Exception]]]:
     """
         Get RSE space usage information.
 
@@ -655,7 +759,14 @@ def get_space_usage(rse_settings: types.RSESettingsDict, scheme=None, domain='wa
     return [gs, ret]
 
 
-def find_matching_scheme(rse_settings_dest, rse_settings_src, operation_src, operation_dest, domain='wan', scheme=None):
+def find_matching_scheme(
+        rse_settings_dest: types.RSESettingsDict,
+        rse_settings_src: types.RSESettingsDict,
+        operation_src: str,
+        operation_dest: str,
+        domain: str = 'wan',
+        scheme: Optional[Union[str, list[str]]] = None
+) -> tuple[str, str, int, int]:
     """
     Find the best matching scheme between two RSEs
 
@@ -724,7 +835,10 @@ def find_matching_scheme(rse_settings_dest, rse_settings_src, operation_src, ope
     raise exception.RSEProtocolNotSupported('No protocol for provided settings found : %s.' % str(rse_settings_dest))
 
 
-def _retry_protocol_stat(protocol, pfn):
+def _retry_protocol_stat(
+        protocol: "RSEProtocol",
+        pfn: str
+) -> dict[str, Any]:
     """
     try to stat file, on fail try again 1s, 2s, 4s, 8s, 16s, 32s later. Fail is all fail
 
@@ -746,7 +860,10 @@ def _retry_protocol_stat(protocol, pfn):
     return protocol.stat(pfn)
 
 
-def __check_compatible_scheme(dest_scheme, src_scheme):
+def __check_compatible_scheme(
+        dest_scheme: str,
+        src_scheme: str
+) -> bool:
     """
     Check if two schemes are compatible, such as srm and gsiftp