rucio 37.1.0.post1__py3-none-any.whl → 37.3.0__py3-none-any.whl

rucio/gateway/rse.py

@@ -20,16 +20,14 @@ from rucio.common.utils import gateway_update_return_dict
 from rucio.core import distance as distance_module
 from rucio.core import rse as rse_module
 from rucio.core.rse_expression_parser import parse_expression
-from rucio.db.sqla.session import read_session, stream_session, transactional_session
+from rucio.db.sqla.constants import DatabaseOperationType
+from rucio.db.sqla.session import db_session
 from rucio.gateway import permission
 
 if TYPE_CHECKING:
     from typing import Optional
 
-    from sqlalchemy.orm import Session
 
-
-@transactional_session
 def add_rse(
     rse,
     issuer,
@@ -49,7 +47,7 @@ def add_rse(
     ASN=None,  # noqa: N803
     availability_read: "Optional[bool]" = None,
     availability_write: "Optional[bool]" = None,
-    availability_delete: "Optional[bool]" = None, *, session: "Session"
+    availability_delete: "Optional[bool]" = None,
 ):
     """
     Creates a new Rucio Storage Element(RSE).
@@ -73,67 +71,64 @@ def add_rse(
     :param availability_read: If the RSE is readable.
     :param availability_write: If the RSE is writable.
     :param availability_delete: If the RSE is deletable.
-    :param session: The database session in use.
     """
     validate_schema(name='rse', obj=rse, vo=vo)
     kwargs = {'rse': rse}
-    auth_result = permission.has_permission(issuer=issuer, vo=vo, action='add_rse', kwargs=kwargs, session=session)
-    if not auth_result.allowed:
-        raise exception.AccessDenied('Account %s can not add RSE. %s' % (issuer, auth_result.message))
+    with db_session(DatabaseOperationType.WRITE) as session:
+        auth_result = permission.has_permission(issuer=issuer, vo=vo, action='add_rse', kwargs=kwargs, session=session)
+        if not auth_result.allowed:
+            raise exception.AccessDenied('Account %s can not add RSE. %s' % (issuer, auth_result.message))
 
-    return rse_module.add_rse(rse, vo=vo, deterministic=deterministic, volatile=volatile, city=city,
-                              region_code=region_code, country_name=country_name, staging_area=staging_area,
-                              continent=continent, time_zone=time_zone, ISP=ISP, rse_type=rse_type, latitude=latitude,
-                              longitude=longitude, ASN=ASN, availability_read=availability_read,
-                              availability_write=availability_write, availability_delete=availability_delete, session=session)
+        return rse_module.add_rse(rse, vo=vo, deterministic=deterministic, volatile=volatile, city=city,
+                                  region_code=region_code, country_name=country_name, staging_area=staging_area,
+                                  continent=continent, time_zone=time_zone, ISP=ISP, rse_type=rse_type, latitude=latitude,
+                                  longitude=longitude, ASN=ASN, availability_read=availability_read,
+                                  availability_write=availability_write, availability_delete=availability_delete, session=session)
 
 
-@read_session
-def get_rse(rse, vo='def', *, session: "Session"):
+def get_rse(rse, vo='def'):
     """
     Provides details about the specified RSE.
 
     :param rse: The RSE name.
     :param vo: The VO to act on.
-    :param session: The database session in use.
 
     :returns: a dict with details about the RSE
 
     :raises RSENotFound: if the referred RSE was not found in the database
     """
 
-    rse_id = rse_module.get_rse_id(rse=rse, vo=vo, session=session)
-    return rse_module.get_rse_protocols(rse_id=rse_id, session=session)
+    with db_session(DatabaseOperationType.READ) as session:
+        rse_id = rse_module.get_rse_id(rse=rse, vo=vo, session=session)
+        return rse_module.get_rse_protocols(rse_id=rse_id, session=session)
 
 
-@transactional_session
-def del_rse(rse, issuer, vo='def', *, session: "Session"):
+def del_rse(rse, issuer, vo='def'):
     """
     Disables an RSE with the provided RSE name.
 
     :param rse: The RSE name.
     :param issuer: The issuer account.
     :param vo: The VO to act on.
-    :param session: The database session in use.
     """
-    rse_id = rse_module.get_rse_id(rse=rse, vo=vo, session=session)
 
-    kwargs = {'rse': rse, 'rse_id': rse_id}
-    auth_result = permission.has_permission(issuer=issuer, vo=vo, action='del_rse', kwargs=kwargs, session=session)
-    if not auth_result.allowed:
-        raise exception.AccessDenied('Account %s can not delete RSE. %s' % (issuer, auth_result.message))
+    with db_session(DatabaseOperationType.WRITE) as session:
+        rse_id = rse_module.get_rse_id(rse=rse, vo=vo, session=session)
+
+        kwargs = {'rse': rse, 'rse_id': rse_id}
+        auth_result = permission.has_permission(issuer=issuer, vo=vo, action='del_rse', kwargs=kwargs, session=session)
+        if not auth_result.allowed:
+            raise exception.AccessDenied('Account %s can not delete RSE. %s' % (issuer, auth_result.message))
 
-    return rse_module.del_rse(rse_id, session=session)
+        return rse_module.del_rse(rse_id, session=session)
 
 
-@read_session
-def list_rses(filters: "Optional[dict[str, Any]]" = None, vo: str = 'def', *, session: "Session") -> list[dict[str, Any]]:
+def list_rses(filters: "Optional[dict[str, Any]]" = None, vo: str = 'def') -> list[dict[str, Any]]:
     """
     Lists all RSEs.
 
     :param filters: dictionary of attributes by which the results should be filtered.
     :param vo: The VO to act on.
-    :param session: The database session in use.
 
     :returns: List of all RSEs.
     """
@@ -141,34 +136,33 @@ def list_rses(filters: "Optional[dict[str, Any]]" = None, vo: str = 'def', *, se
 
     filters['vo'] = vo
 
-    return rse_module.list_rses(filters=filters, session=session)
+    with db_session(DatabaseOperationType.READ) as session:
+        return rse_module.list_rses(filters=filters, session=session)
 
 
-@transactional_session
-def del_rse_attribute(rse, key, issuer, vo='def', *, session: "Session"):
+def del_rse_attribute(rse, key, issuer, vo='def'):
     """
     Delete a RSE attribute.
 
     :param rse: the name of the rse_module.
     :param key: the attribute key.
     :param vo: The VO to act on.
-    :param session: The database session in use.
 
     :return: True if RSE attribute was deleted successfully, False otherwise.
     """
 
-    rse_id = rse_module.get_rse_id(rse=rse, vo=vo, session=session)
+    with db_session(DatabaseOperationType.WRITE) as session:
+        rse_id = rse_module.get_rse_id(rse=rse, vo=vo, session=session)
 
-    kwargs = {'rse': rse, 'rse_id': rse_id, 'key': key}
-    auth_result = permission.has_permission(issuer=issuer, vo=vo, action='del_rse_attribute', kwargs=kwargs, session=session)
-    if not auth_result.allowed:
-        raise exception.AccessDenied('Account %s can not delete RSE attributes. %s' % (issuer, auth_result.message))
+        kwargs = {'rse': rse, 'rse_id': rse_id, 'key': key}
+        auth_result = permission.has_permission(issuer=issuer, vo=vo, action='del_rse_attribute', kwargs=kwargs, session=session)
+        if not auth_result.allowed:
+            raise exception.AccessDenied('Account %s can not delete RSE attributes. %s' % (issuer, auth_result.message))
 
-    return rse_module.del_rse_attribute(rse_id=rse_id, key=key, session=session)
+        return rse_module.del_rse_attribute(rse_id=rse_id, key=key, session=session)
 
 
-@transactional_session
-def add_rse_attribute(rse, key, value, issuer, vo='def', *, session: "Session"):
+def add_rse_attribute(rse, key, value, issuer, vo='def'):
     """ Adds a RSE attribute.
 
     :param rse: the rse name.
@@ -176,65 +170,61 @@ def add_rse_attribute(rse, key, value, issuer, vo='def', *, session: "Session"):
     :param value: the value name.
     :param issuer: The issuer account.
     :param vo: The VO to act on.
-    :param session: The database session in use.
 
     returns: True if successful, False otherwise.
     """
-    rse_id = rse_module.get_rse_id(rse=rse, vo=vo, session=session)
+    with db_session(DatabaseOperationType.WRITE) as session:
+        rse_id = rse_module.get_rse_id(rse=rse, vo=vo, session=session)
 
-    kwargs = {'rse': rse, 'rse_id': rse_id, 'key': key, 'value': value}
-    auth_result = permission.has_permission(issuer=issuer, vo=vo, action='add_rse_attribute', kwargs=kwargs, session=session)
-    if not auth_result.allowed:
-        raise exception.AccessDenied('Account %s can not add RSE attributes. %s' % (issuer, auth_result.message))
+        kwargs = {'rse': rse, 'rse_id': rse_id, 'key': key, 'value': value}
+        auth_result = permission.has_permission(issuer=issuer, vo=vo, action='add_rse_attribute', kwargs=kwargs, session=session)
+        if not auth_result.allowed:
+            raise exception.AccessDenied('Account %s can not add RSE attributes. %s' % (issuer, auth_result.message))
 
-    return rse_module.add_rse_attribute(rse_id=rse_id, key=key, value=value, session=session)
+        return rse_module.add_rse_attribute(rse_id=rse_id, key=key, value=value, session=session)
 
 
-@read_session
-def list_rse_attributes(rse, vo='def', *, session: "Session"):
+def list_rse_attributes(rse, vo='def'):
     """
     List RSE attributes for a RSE_MODULE.
 
     :param rse: The RSE name.
     :param vo: The VO to act on.
-    :param session: The database session in use.
 
     :returns: List of all RSE attributes for a RSE_MODULE.
     """
 
-    rse_id = rse_module.get_rse_id(rse=rse, vo=vo, session=session)
-    return rse_module.list_rse_attributes(rse_id=rse_id, session=session)
+    with db_session(DatabaseOperationType.READ) as session:
+        rse_id = rse_module.get_rse_id(rse=rse, vo=vo, session=session)
+        return rse_module.list_rse_attributes(rse_id=rse_id, session=session)
 
 
-@read_session
-def has_rse_attribute(rse_id, key, *, session: "Session"):
+def has_rse_attribute(rse_id, key):
     """
     Indicates whether the named key is present for the RSE.
 
     :param rse_id: The RSE id.
     :param key: The key for the attribute.
-    :param session: The database session in use.
 
     :returns: True or False
     """
-    return rse_module.has_rse_attribute(rse_id=rse_id, key=key, session=session)
+    with db_session(DatabaseOperationType.READ) as session:
+        return rse_module.has_rse_attribute(rse_id=rse_id, key=key, session=session)
 
 
-@read_session
-def get_rses_with_attribute(key, *, session: "Session"):
+def get_rses_with_attribute(key):
     """
     Return all RSEs with a certain attribute.
 
     :param key: The key for the attribute.
-    :param session: The database session in use.
 
     :returns: List of rse dictionaries
     """
-    return rse_module.get_rses_with_attribute(key=key, session=session)
+    with db_session(DatabaseOperationType.READ) as session:
+        return rse_module.get_rses_with_attribute(key=key, session=session)
 
 
-@transactional_session
-def add_protocol(rse, issuer, vo='def', *, session: "Session", **data):
+def add_protocol(rse, issuer, vo='def', **data):
     """
     Creates a new protocol entry for an existing RSE.
 
@@ -242,35 +232,33 @@ def add_protocol(rse, issuer, vo='def', *, session: "Session", **data):
     :param issuer: The issuer account.
     :param vo: The VO to act on.
     :param data: Parameters (protocol identifier, port, hostname, ...) provided by the request.
-    :param session: The database session in use.
     """
-    rse_id = rse_module.get_rse_id(rse=rse, vo=vo, session=session)
+    with db_session(DatabaseOperationType.WRITE) as session:
+        rse_id = rse_module.get_rse_id(rse=rse, vo=vo, session=session)
 
-    kwargs = {'rse': rse, 'rse_id': rse_id}
-    auth_result = permission.has_permission(issuer=issuer, vo=vo, action='add_protocol', kwargs=kwargs, session=session)
-    if not auth_result.allowed:
-        raise exception.AccessDenied('Account %s can not add protocols to RSE %s. %s' % (issuer, rse, auth_result.message))
-    rse_module.add_protocol(rse_id, data['data'], session=session)
+        kwargs = {'rse': rse, 'rse_id': rse_id}
+        auth_result = permission.has_permission(issuer=issuer, vo=vo, action='add_protocol', kwargs=kwargs, session=session)
+        if not auth_result.allowed:
+            raise exception.AccessDenied('Account %s can not add protocols to RSE %s. %s' % (issuer, rse, auth_result.message))
+        rse_module.add_protocol(rse_id, data['data'], session=session)
 
 
-@read_session
-def get_rse_protocols(rse, issuer, vo='def', *, session: "Session"):
+def get_rse_protocols(rse, issuer, vo='def'):
     """
     Returns all matching protocols (including detailed information) for the given RSE.
 
     :param rse: The RSE name.
     :param issuer: The issuer account.
     :param vo: The VO to act on.
-    :param session: The database session in use.
 
     :returns: A dict with all supported protocols and their attributes.
     """
-    rse_id = rse_module.get_rse_id(rse=rse, vo=vo, session=session)
-    return rse_module.get_rse_protocols(rse_id, session=session)
+    with db_session(DatabaseOperationType.READ) as session:
+        rse_id = rse_module.get_rse_id(rse=rse, vo=vo, session=session)
+        return rse_module.get_rse_protocols(rse_id, session=session)
 
 
-@transactional_session
-def del_protocols(rse, scheme, issuer, vo='def', hostname=None, port=None, *, session: "Session"):
+def del_protocols(rse, scheme, issuer, vo='def', hostname=None, port=None):
     """
     Deletes all matching protocol entries for the given RSE..
 
@@ -282,18 +270,17 @@ def del_protocols(rse, scheme, issuer, vo='def', hostname=None, port=None, *, se
                      same identifier are present)
     :param port: The port (to be used if more than one protocol using the same
                  identifier and hostname are present)
-    :param session: The database session in use.
     """
-    rse_id = rse_module.get_rse_id(rse=rse, vo=vo, session=session)
-    kwargs = {'rse': rse, 'rse_id': rse_id}
-    auth_result = permission.has_permission(issuer=issuer, vo=vo, action='del_protocol', kwargs=kwargs, session=session)
-    if not auth_result.allowed:
-        raise exception.AccessDenied('Account %s can not delete protocols from RSE %s. %s' % (issuer, rse, auth_result.message))
-    rse_module.del_protocols(rse_id=rse_id, scheme=scheme, hostname=hostname, port=port, session=session)
+    with db_session(DatabaseOperationType.WRITE) as session:
+        rse_id = rse_module.get_rse_id(rse=rse, vo=vo, session=session)
+        kwargs = {'rse': rse, 'rse_id': rse_id}
+        auth_result = permission.has_permission(issuer=issuer, vo=vo, action='del_protocol', kwargs=kwargs, session=session)
+        if not auth_result.allowed:
+            raise exception.AccessDenied('Account %s can not delete protocols from RSE %s. %s' % (issuer, rse, auth_result.message))
+        rse_module.del_protocols(rse_id=rse_id, scheme=scheme, hostname=hostname, port=port, session=session)
 
 
-@transactional_session
-def update_protocols(rse, scheme, data, issuer, vo='def', hostname=None, port=None, *, session: "Session"):
+def update_protocols(rse, scheme, data, issuer, vo='def', hostname=None, port=None):
     """
     Updates all provided attributes for all matching protocol entries of the given RSE..
 
@@ -304,18 +291,17 @@ def update_protocols(rse, scheme, data, issuer, vo='def', hostname=None, port=No
     :param data: A dict including the attributes of the protocol to be updated. Keys must match the column names in the database.
     :param hostname: The hostname (to be used if more then one protocol using the same identifier are present)
     :param port: The port (to be used if more than one protocol using the same identifier and hostname are present)
-    :param session: The database session in use.
     """
-    rse_id = rse_module.get_rse_id(rse=rse, vo=vo, session=session)
-    kwargs = {'rse': rse, 'rse_id': rse_id}
-    auth_result = permission.has_permission(issuer=issuer, vo=vo, action='update_protocol', kwargs=kwargs, session=session)
-    if not auth_result.allowed:
-        raise exception.AccessDenied('Account %s can not update protocols from RSE %s. %s' % (issuer, rse, auth_result.message))
-    rse_module.update_protocols(rse_id=rse_id, scheme=scheme, hostname=hostname, port=port, data=data, session=session)
+    with db_session(DatabaseOperationType.WRITE) as session:
+        rse_id = rse_module.get_rse_id(rse=rse, vo=vo, session=session)
+        kwargs = {'rse': rse, 'rse_id': rse_id}
+        auth_result = permission.has_permission(issuer=issuer, vo=vo, action='update_protocol', kwargs=kwargs, session=session)
+        if not auth_result.allowed:
+            raise exception.AccessDenied('Account %s can not update protocols from RSE %s. %s' % (issuer, rse, auth_result.message))
+        rse_module.update_protocols(rse_id=rse_id, scheme=scheme, hostname=hostname, port=port, data=data, session=session)
 
 
-@transactional_session
-def set_rse_usage(rse, source, used, free, issuer, files=None, vo='def', *, session: "Session"):
+def set_rse_usage(rse, source, used, free, issuer, files=None, vo='def'):
     """
     Set RSE usage information.
 
@@ -326,22 +312,21 @@ def set_rse_usage(rse, source, used, free, issuer, files=None, vo='def', *, sess
     :param issuer: The issuer account.
     :param files: the number of files
     :param vo: The VO to act on.
-    :param session: The database session in use.
 
     :returns: True if successful, otherwise false.
     """
-    rse_id = rse_module.get_rse_id(rse=rse, vo=vo, session=session)
+    with db_session(DatabaseOperationType.WRITE) as session:
+        rse_id = rse_module.get_rse_id(rse=rse, vo=vo, session=session)
 
-    kwargs = {'rse': rse, 'rse_id': rse_id}
-    auth_result = permission.has_permission(issuer=issuer, vo=vo, action='set_rse_usage', kwargs=kwargs, session=session)
-    if not auth_result.allowed:
-        raise exception.AccessDenied('Account %s can not update RSE usage information for RSE %s. %s' % (issuer, rse, auth_result.message))
+        kwargs = {'rse': rse, 'rse_id': rse_id}
+        auth_result = permission.has_permission(issuer=issuer, vo=vo, action='set_rse_usage', kwargs=kwargs, session=session)
+        if not auth_result.allowed:
+            raise exception.AccessDenied('Account %s can not update RSE usage information for RSE %s. %s' % (issuer, rse, auth_result.message))
 
-    return rse_module.set_rse_usage(rse_id=rse_id, source=source, used=used, free=free, files=files, session=session)
+        return rse_module.set_rse_usage(rse_id=rse_id, source=source, used=used, free=free, files=files, session=session)
 
 
-@read_session
-def get_rse_usage(rse, issuer, source=None, per_account=False, vo='def', *, session: "Session"):
+def get_rse_usage(rse, issuer, source=None, per_account=False, vo='def'):
     """
     get RSE usage information.
 
@@ -349,23 +334,22 @@ def get_rse_usage(rse, issuer, source=None, per_account=False, vo='def', *, sess
     :param issuer: The issuer account.
     :param source: dictionary of attributes by which the results should be filtered
     :param vo: The VO to act on.
-    :param session: The database session in use.
 
     :returns: List of RSE usage data.
     """
-    rse_id = rse_module.get_rse_id(rse=rse, vo=vo, session=session)
-    usages = rse_module.get_rse_usage(rse_id=rse_id, source=source, per_account=per_account, session=session)
+    with db_session(DatabaseOperationType.READ) as session:
+        rse_id = rse_module.get_rse_id(rse=rse, vo=vo, session=session)
+        usages = rse_module.get_rse_usage(rse_id=rse_id, source=source, per_account=per_account, session=session)
 
-    for u in usages:
-        u['rse'] = rse
-        if 'account_usages' in u:
-            for account_usage in u['account_usages']:
-                account_usage['account'] = account_usage['account'].external
-    return [gateway_update_return_dict(u, session=session) for u in usages]
+        for u in usages:
+            u['rse'] = rse
+            if 'account_usages' in u:
+                for account_usage in u['account_usages']:
+                    account_usage['account'] = account_usage['account'].external
+        return [gateway_update_return_dict(u, session=session) for u in usages]
 
 
-@stream_session
-def list_rse_usage_history(rse, issuer, source=None, vo='def', *, session: "Session"):
+def list_rse_usage_history(rse, issuer, source=None, vo='def'):
     """
     List RSE usage history information.
 
@@ -373,17 +357,16 @@ def list_rse_usage_history(rse, issuer, source=None, vo='def', *, session: "Sess
     :param issuer: The issuer account.
     :param source: The source of the usage information (srm, rucio).
     :param vo: The VO to act on.
-    :param session: The database session in use.
 
     :returns: A list of historic RSE usage.
     """
-    rse_id = rse_module.get_rse_id(rse=rse, vo=vo, session=session)
-    for u in rse_module.list_rse_usage_history(rse_id=rse_id, source=source, session=session):
-        yield gateway_update_return_dict(u, session=session)
+    with db_session(DatabaseOperationType.READ) as session:
+        rse_id = rse_module.get_rse_id(rse=rse, vo=vo, session=session)
+        for u in rse_module.list_rse_usage_history(rse_id=rse_id, source=source, session=session):
+            yield gateway_update_return_dict(u, session=session)
 
 
-@transactional_session
-def set_rse_limits(rse, name, value, issuer, vo='def', *, session: "Session"):
+def set_rse_limits(rse, name, value, issuer, vo='def'):
     """
     Set RSE limits.
 
@@ -392,21 +375,20 @@ def set_rse_limits(rse, name, value, issuer, vo='def', *, session: "Session"):
     :param value: The feature value.
     :param issuer: The issuer account.
     :param vo: The VO to act on.
-    :param session: The database session in use.
 
     :returns: True if successful, otherwise false.
     """
-    rse_id = rse_module.get_rse_id(rse=rse, vo=vo, session=session)
-    kwargs = {'rse': rse, 'rse_id': rse_id}
-    auth_result = permission.has_permission(issuer=issuer, vo=vo, action='set_rse_limits', kwargs=kwargs, session=session)
-    if not auth_result.allowed:
-        raise exception.AccessDenied('Account %s can not update RSE limits for RSE %s. %s' % (issuer, rse, auth_result.message))
+    with db_session(DatabaseOperationType.WRITE) as session:
+        rse_id = rse_module.get_rse_id(rse=rse, vo=vo, session=session)
+        kwargs = {'rse': rse, 'rse_id': rse_id}
+        auth_result = permission.has_permission(issuer=issuer, vo=vo, action='set_rse_limits', kwargs=kwargs, session=session)
+        if not auth_result.allowed:
+            raise exception.AccessDenied('Account %s can not update RSE limits for RSE %s. %s' % (issuer, rse, auth_result.message))
 
-    return rse_module.set_rse_limits(rse_id=rse_id, name=name, value=value, session=session)
+        return rse_module.set_rse_limits(rse_id=rse_id, name=name, value=value, session=session)
 
 
-@transactional_session
-def delete_rse_limits(rse, name, issuer, vo='def', *, session: "Session"):
+def delete_rse_limits(rse, name, issuer, vo='def'):
     """
     Set RSE limits.
 
@@ -414,53 +396,50 @@ def delete_rse_limits(rse, name, issuer, vo='def', *, session: "Session"):
     :param name: The name of the limit.
     :param issuer: The issuer account.
     :param vo: The VO to act on.
-    :param session: The database session in use.
 
     :returns: True if successful, otherwise false.
     """
-    rse_id = rse_module.get_rse_id(rse=rse, vo=vo, session=session)
-    kwargs = {'rse': rse, 'rse_id': rse_id}
-    auth_result = permission.has_permission(issuer=issuer, vo=vo, action='delete_rse_limits', kwargs=kwargs, session=session)
-    if not auth_result.allowed:
-        raise exception.AccessDenied('Account %s can not update RSE limits for RSE %s. %s' % (issuer, rse, auth_result.message))
+    with db_session(DatabaseOperationType.WRITE) as session:
+        rse_id = rse_module.get_rse_id(rse=rse, vo=vo, session=session)
+        kwargs = {'rse': rse, 'rse_id': rse_id}
+        auth_result = permission.has_permission(issuer=issuer, vo=vo, action='delete_rse_limits', kwargs=kwargs, session=session)
+        if not auth_result.allowed:
+            raise exception.AccessDenied('Account %s can not update RSE limits for RSE %s. %s' % (issuer, rse, auth_result.message))
 
-    return rse_module.delete_rse_limits(rse_id=rse_id, name=name, session=session)
+        return rse_module.delete_rse_limits(rse_id=rse_id, name=name, session=session)
 
 
-@read_session
-def get_rse_limits(rse, issuer, vo='def', *, session: "Session"):
+def get_rse_limits(rse, issuer, vo='def'):
     """
     Get RSE limits.
 
     :param rse: The RSE name.
     :param issuer: The issuer account.
     :param vo: The VO to act on.
-    :param session: The database session in use.
 
     :returns: True if successful, otherwise false.
     """
-    rse_id = rse_module.get_rse_id(rse=rse, vo=vo, session=session)
-    return rse_module.get_rse_limits(rse_id=rse_id, session=session)
+    with db_session(DatabaseOperationType.READ) as session:
+        rse_id = rse_module.get_rse_id(rse=rse, vo=vo, session=session)
+        return rse_module.get_rse_limits(rse_id=rse_id, session=session)
 
 
-@transactional_session
-def parse_rse_expression(rse_expression, vo='def', *, session: "Session"):
+def parse_rse_expression(rse_expression, vo='def'):
     """
     Parse an RSE expression and return the list of RSEs.
 
     :param rse_expression:  The RSE expression.
     :param vo: The VO to act on.
-    :param session: The database session in use.
 
     :returns:  List of RSEs
     :raises:   InvalidRSEExpression
     """
-    rses = parse_expression(rse_expression, filter_={'vo': vo}, session=session)
+    with db_session(DatabaseOperationType.WRITE) as session:
+        rses = parse_expression(rse_expression, filter_={'vo': vo}, session=session)
     return [rse['rse'] for rse in rses]
 
 
-@transactional_session
-def update_rse(rse, parameters, issuer, vo='def', *, session: "Session"):
+def update_rse(rse, parameters, issuer, vo='def'):
     """
     Update RSE properties like availability or name.
 
@@ -468,20 +447,19 @@ def update_rse(rse, parameters, issuer, vo='def', *, session: "Session"):
     :param parameters: A dictionary with property (name, read, write, delete as keys).
     :param issuer: The issuer account.
     :param vo: The VO to act on.
-    :param session: The database session in use.
 
     :raises RSENotFound: If RSE is not found.
     """
-    rse_id = rse_module.get_rse_id(rse=rse, vo=vo, session=session)
-    kwargs = {'rse': rse, 'rse_id': rse_id}
-    auth_result = permission.has_permission(issuer=issuer, vo=vo, action='update_rse', kwargs=kwargs, session=session)
-    if not auth_result.allowed:
-        raise exception.AccessDenied('Account %s can not update RSE. %s' % (issuer, auth_result.message))
-    return rse_module.update_rse(rse_id=rse_id, parameters=parameters, session=session)
+    with db_session(DatabaseOperationType.WRITE) as session:
+        rse_id = rse_module.get_rse_id(rse=rse, vo=vo, session=session)
+        kwargs = {'rse': rse, 'rse_id': rse_id}
+        auth_result = permission.has_permission(issuer=issuer, vo=vo, action='update_rse', kwargs=kwargs, session=session)
+        if not auth_result.allowed:
+            raise exception.AccessDenied('Account %s can not update RSE. %s' % (issuer, auth_result.message))
+        return rse_module.update_rse(rse_id=rse_id, parameters=parameters, session=session)
 
 
-@transactional_session
-def add_distance(source, destination, issuer, vo='def', distance=None, *, session: "Session"):
+def add_distance(source, destination, issuer, vo='def', distance=None):
     """
     Add a src-dest distance.
 
@@ -490,23 +468,22 @@ def add_distance(source, destination, issuer, vo='def', distance=None, *, sessio
     :param issuer: The issuer account.
     :param vo: The VO to act on.
     :param distance: Distance as an integer.
-    :param session: The database session in use.
     """
     kwargs = {'source': source, 'destination': destination}
-    auth_result = permission.has_permission(issuer=issuer, vo=vo, action='add_distance', kwargs=kwargs, session=session)
-    if not auth_result.allowed:
-        raise exception.AccessDenied('Account %s can not add RSE distances. %s' % (issuer, auth_result.message))
-    try:
-        return distance_module.add_distance(src_rse_id=rse_module.get_rse_id(source, vo=vo, session=session),
-                                            dest_rse_id=rse_module.get_rse_id(destination, vo=vo, session=session),
-                                            distance=distance, session=session)
-    except exception.Duplicate:
-        # use source and destination RSE names
-        raise exception.Duplicate('Distance from %s to %s already exists!' % (source, destination))
+    with db_session(DatabaseOperationType.WRITE) as session:
+        auth_result = permission.has_permission(issuer=issuer, vo=vo, action='add_distance', kwargs=kwargs, session=session)
+        if not auth_result.allowed:
+            raise exception.AccessDenied('Account %s can not add RSE distances. %s' % (issuer, auth_result.message))
+        try:
+            return distance_module.add_distance(src_rse_id=rse_module.get_rse_id(source, vo=vo, session=session),
+                                                dest_rse_id=rse_module.get_rse_id(destination, vo=vo, session=session),
+                                                distance=distance, session=session)
+        except exception.Duplicate:
+            # use source and destination RSE names
+            raise exception.Duplicate('Distance from %s to %s already exists!' % (source, destination))
 
 
-@transactional_session
-def update_distance(source, destination, distance, issuer, vo='def', *, session: "Session"):
+def update_distance(source, destination, distance, issuer, vo='def'):
     """
     Update distances with the given RSE ids.
 
@@ -515,20 +492,19 @@ def update_distance(source, destination, distance, issuer, vo='def', *, session:
     :param distance: The new distance to set
     :param issuer: The issuer account.
     :param vo: The VO to act on.
-    :param session: The database session to use.
     """
     kwargs = {'source': source, 'destination': destination}
-    auth_result = permission.has_permission(issuer=issuer, vo=vo, action='update_distance', kwargs=kwargs, session=session)
-    if not auth_result.allowed:
-        raise exception.AccessDenied('Account %s can not update RSE distances. %s' % (issuer, auth_result.message))
+    with db_session(DatabaseOperationType.WRITE) as session:
+        auth_result = permission.has_permission(issuer=issuer, vo=vo, action='update_distance', kwargs=kwargs, session=session)
+        if not auth_result.allowed:
+            raise exception.AccessDenied('Account %s can not update RSE distances. %s' % (issuer, auth_result.message))
 
-    return distance_module.update_distances(src_rse_id=rse_module.get_rse_id(source, vo=vo, session=session),
-                                            dest_rse_id=rse_module.get_rse_id(destination, vo=vo, session=session),
-                                            distance=distance, session=session)
+        return distance_module.update_distances(src_rse_id=rse_module.get_rse_id(source, vo=vo, session=session),
+                                                dest_rse_id=rse_module.get_rse_id(destination, vo=vo, session=session),
+                                                distance=distance, session=session)
 
 
-@read_session
-def get_distance(source, destination, issuer, vo='def', *, session: "Session"):
+def get_distance(source, destination, issuer, vo='def'):
     """
     Get distances between rses.
 
@@ -536,19 +512,18 @@ def get_distance(source, destination, issuer, vo='def', *, session: "Session"):
     :param destination: The destination RSE.
     :param issuer: The issuer account.
     :param vo: The VO to act on.
-    :param session: The database session in use.
 
     :returns distance: List of dictionaries.
     """
-    distances = distance_module.get_distances(src_rse_id=rse_module.get_rse_id(source, vo=vo, session=session),
-                                              dest_rse_id=rse_module.get_rse_id(destination, vo=vo, session=session),
-                                              session=session)
+    with db_session(DatabaseOperationType.READ) as session:
+        distances = distance_module.get_distances(src_rse_id=rse_module.get_rse_id(source, vo=vo, session=session),
+                                                  dest_rse_id=rse_module.get_rse_id(destination, vo=vo, session=session),
+                                                  session=session)
 
-    return [gateway_update_return_dict(d, session=session) for d in distances]
+        return [gateway_update_return_dict(d, session=session) for d in distances]
 
 
-@transactional_session
-def delete_distance(source, destination, issuer, vo='def', *, session: "Session"):
+def delete_distance(source, destination, issuer, vo='def'):
     """
     Delete distances with the given RSE ids.
 
@@ -556,20 +531,20 @@ def delete_distance(source, destination, issuer, vo='def', *, session: "Session"
     :param destination: The destination RSE.
     :param issuer: The issuer account.
     :param vo: The VO to act on.
-    :param session: The database session in use.
     """
     kwargs = {'source': source, 'destination': destination}
-    auth_result = permission.has_permission(issuer=issuer, vo=vo, action='delete_distance', kwargs=kwargs, session=session)
-    if not auth_result.allowed:
-        raise exception.AccessDenied('Account %s can not update RSE distances. %s' % (issuer, auth_result.message))
 
-    return distance_module.delete_distances(src_rse_id=rse_module.get_rse_id(source, vo=vo, session=session),
-                                            dest_rse_id=rse_module.get_rse_id(destination, vo=vo, session=session),
-                                            session=session)
+    with db_session(DatabaseOperationType.WRITE) as session:
+        auth_result = permission.has_permission(issuer=issuer, vo=vo, action='delete_distance', kwargs=kwargs, session=session)
+        if not auth_result.allowed:
+            raise exception.AccessDenied('Account %s can not update RSE distances. %s' % (issuer, auth_result.message))
+
+        return distance_module.delete_distances(src_rse_id=rse_module.get_rse_id(source, vo=vo, session=session),
+                                                dest_rse_id=rse_module.get_rse_id(destination, vo=vo, session=session),
+                                                session=session)
 
 
-@transactional_session
-def add_qos_policy(rse, qos_policy, issuer, vo='def', *, session: "Session"):
+def add_qos_policy(rse, qos_policy, issuer, vo='def'):
     """
     Add a QoS policy from an RSE.
 
@@ -577,23 +552,22 @@ def add_qos_policy(rse, qos_policy, issuer, vo='def', *, session: "Session"):
     :param qos_policy: The QoS policy to add.
     :param issuer: The issuer account.
     :param vo: The VO to act on.
-    :param session: The database session in use.
 
     :raises Duplicate: If the QoS policy already exists.
     :returns: True if successful, except otherwise.
     """
 
-    rse_id = rse_module.get_rse_id(rse=rse, vo=vo, session=session)
-    kwargs = {'rse_id': rse_id}
-    auth_result = permission.has_permission(issuer=issuer, action='add_qos_policy', kwargs=kwargs, session=session)
-    if not auth_result.allowed:
-        raise exception.AccessDenied('Account %s cannot add QoS policies to RSE %s. %s' % (issuer, rse, auth_result.message))
+    with db_session(DatabaseOperationType.WRITE) as session:
+        rse_id = rse_module.get_rse_id(rse=rse, vo=vo, session=session)
+        kwargs = {'rse_id': rse_id}
+        auth_result = permission.has_permission(issuer=issuer, action='add_qos_policy', kwargs=kwargs, session=session)
+        if not auth_result.allowed:
+            raise exception.AccessDenied('Account %s cannot add QoS policies to RSE %s. %s' % (issuer, rse, auth_result.message))
 
-    return rse_module.add_qos_policy(rse_id, qos_policy, session=session)
+        return rse_module.add_qos_policy(rse_id, qos_policy, session=session)
 
 
-@transactional_session
-def delete_qos_policy(rse, qos_policy, issuer, vo='def', *, session: "Session"):
+def delete_qos_policy(rse, qos_policy, issuer, vo='def'):
     """
     Delete a QoS policy from an RSE.
 
@@ -601,32 +575,31 @@ def delete_qos_policy(rse, qos_policy, issuer, vo='def', *, session: "Session"):
     :param qos_policy: The QoS policy to delete.
     :param issuer: The issuer account.
     :param vo: The VO to act on.
-    :param session: The database session in use.
 
     :returns: True if successful, silent failure if QoS policy does not exist.
     """
 
-    rse_id = rse_module.get_rse_id(rse=rse, vo=vo, session=session)
-    kwargs = {'rse_id': rse}
-    auth_result = permission.has_permission(issuer=issuer, action='delete_qos_policy', kwargs=kwargs, session=session)
-    if not auth_result.allowed:
-        raise exception.AccessDenied('Account %s cannot delete QoS policies from RSE %s. %s' % (issuer, rse, auth_result.message))
+    with db_session(DatabaseOperationType.WRITE) as session:
+        rse_id = rse_module.get_rse_id(rse=rse, vo=vo, session=session)
+        kwargs = {'rse_id': rse}
+        auth_result = permission.has_permission(issuer=issuer, action='delete_qos_policy', kwargs=kwargs, session=session)
+        if not auth_result.allowed:
+            raise exception.AccessDenied('Account %s cannot delete QoS policies from RSE %s. %s' % (issuer, rse, auth_result.message))
 
-    return rse_module.delete_qos_policy(rse_id, qos_policy, session=session)
+        return rse_module.delete_qos_policy(rse_id, qos_policy, session=session)
 
 
-@read_session
-def list_qos_policies(rse, issuer, vo='def', *, session: "Session"):
+def list_qos_policies(rse, issuer, vo='def'):
     """
     List all QoS policies of an RSE.
 
     :param rse: The id of the RSE.
     :param issuer: The issuer account.
     :param vo: The VO to act on.
-    :param session: The database session in use.
 
     :returns: List containing all QoS policies.
     """
 
-    rse_id = rse_module.get_rse_id(rse=rse, vo=vo, session=session)
-    return rse_module.list_qos_policies(rse_id, session=session)
+    with db_session(DatabaseOperationType.READ) as session:
+        rse_id = rse_module.get_rse_id(rse=rse, vo=vo, session=session)
+        return rse_module.list_qos_policies(rse_id, session=session)