rucio 38.4.0__py3-none-any.whl → 38.5.0__py3-none-any.whl

rucio/core/scope.py

@@ -14,21 +14,24 @@
 
 from re import match
 from traceback import format_exc
-from typing import TYPE_CHECKING, Any, Optional
+from typing import TYPE_CHECKING, Any, Literal, Optional
 
-from sqlalchemy import and_, select
+from sqlalchemy import and_, select, update
 from sqlalchemy.exc import IntegrityError
 
-from rucio.common.exception import AccountNotFound, Duplicate, RucioException, VONotFound
+import rucio.core.account as account_core
+from rucio.common.exception import AccountNotFound, Duplicate, RucioException, ScopeNotFound, VONotFound
 from rucio.core.vo import vo_exists
 from rucio.db.sqla import models
 from rucio.db.sqla.constants import AccountStatus, ScopeStatus
 from rucio.db.sqla.session import read_session, transactional_session
 
 if TYPE_CHECKING:
+    from collections.abc import Iterable
+
     from sqlalchemy.orm import Session
 
-    from rucio.common.types import InternalScope
+    from rucio.common.types import InternalAccount, InternalScope
 
 
 @transactional_session
@@ -87,7 +90,7 @@ def bulk_add_scopes(scopes, account, skip_existing=False, *, session: "Session")
 
 
 @read_session
-def list_scopes(filter_: Optional[dict[str, Any]] = None, *, session: "Session") -> list["InternalScope"]:
+def list_scopes(filter_: Optional[dict[str, Any]] = None, *, session: "Session") -> "Iterable[dict[Literal['scope', 'account'], Any]]":
     """
     Lists all scopes.
     :param filter_: Dictionary of attributes by which the input data should be filtered
@@ -97,7 +100,8 @@ def list_scopes(filter_: Optional[dict[str, Any]] = None, *, session: "Session")
     """
     filter_ = filter_ or {}
     stmt = select(
-        models.Scope.scope
+        models.Scope.scope,
+        models.Scope.account
     ).where(
         models.Scope.status != ScopeStatus.DELETED
     )
@@ -112,8 +116,14 @@ def list_scopes(filter_: Optional[dict[str, Any]] = None, *, session: "Session")
                 stmt = stmt.where(
                     models.Scope.scope == filter_['scope']
                 )
+    scopes = []
+    for scope, account in session.execute(stmt):
+        scopes.append({
+            "scope": scope,
+            "account": account
+        })
 
-    return list(session.execute(stmt).scalars().all())
+    return scopes
 
 
 @read_session
@@ -179,3 +189,33 @@ def is_scope_owner(scope, account, *, session: "Session"):
              models.Scope.account == account)
     )
     return bool(session.execute(stmt).scalar())
+
+
+@transactional_session
+def update_scope(scope: "InternalScope", account: "InternalAccount", *, session: "Session") -> None:
+    """ Give the scope a new owner
+
+    :param scope: the name for the existing scope.
+    :param account: the account to add the scope to.
+    :param session: The database session in use.
+    """
+
+    if not vo_exists(vo=scope.vo, session=session):
+        raise VONotFound('VO {} not found'.format(scope.vo))
+
+    # Verify both the scope and account exist
+    account_core.get_account(account, session=session)
+    if not check_scope(scope):
+        raise ScopeNotFound
+
+    stmt = update(
+        models.Scope
+    ).where(
+        models.Scope.scope == scope
+    ).values({
+        models.Scope.account: account
+    })
+    try:
+        session.execute(stmt)
+    except Exception:
+        raise RucioException(str(format_exc()))

rucio/daemons/automatix/automatix.py

@@ -177,6 +177,8 @@ def run_once(heartbeat_handler: HeartbeatHandler, inputfile: str, **_kwargs) ->
     vo = map_vo(client.vo)  # type: ignore
     filters = {"scope": InternalScope("*", vo=vo)}
     scopes = list_scopes(filter_=filters)
+    if not isinstance(scopes[0], str):   # TODO Backwards Compat - Remove in v40, #8125
+        scopes = [scope['scope'] for scope in scopes]
     if InternalScope(scope, vo=vo) not in scopes:
         logger(logging.ERROR, "Scope %s does not exist. Exiting", scope)
         return True

rucio/db/sqla/models.py

@@ -877,6 +877,28 @@ class RSE(BASE, SoftModelBase):
                    CheckConstraint('RSE_TYPE IS NOT NULL', name='RSES_TYPE_NN'),
                    ForeignKeyConstraint(['vo'], ['vos.vo'], name='RSES_VOS_FK'), )
 
+    @staticmethod
+    def from_str(key: str, value: str) -> Any:
+        """Parses str value to key-specific database type."""
+
+        if key in ['deterministic', 'volatile', 'staging_area', 'availability_read', 'availability_write', 'availability_delete']:
+            # boolean types
+            if value == '1' or value.casefold() == 'true'.casefold():
+                return True
+            elif value == '0' or value.casefold() == 'false'.casefold():
+                return False
+            else:
+                raise ValueError(f'Invalid boolean value: {value}')
+
+        elif key == 'rse_type':
+            try:
+                return RSEType[value]
+            except KeyError:
+                raise ValueError(f'Invalid rse_type: {value}')
+
+        else:
+            return value
+
 
 class RSELimit(BASE, ModelBase):
     """Represents RSE limits"""

rucio/gateway/did.py

@@ -62,7 +62,7 @@ def list_dids(
         if 'account' in or_group:
             or_group['account'] = InternalAccount(or_group['account'], vo=vo)
         if 'scope' in or_group:
-            or_group['account'] = InternalScope(or_group['scope'], vo=vo)
+            or_group['scope'] = InternalScope(or_group['scope'], vo=vo)
 
     with db_session(DatabaseOperationType.READ) as session:
         result = did.list_dids(scope=internal_scope, filters=filters, did_type=did_type, ignore_case=ignore_case,

rucio/gateway/dirac.py

@@ -52,7 +52,7 @@ def add_files(
 
     with db_session(DatabaseOperationType.WRITE) as session:
         filter_ = {'scope': InternalScope(scope='*', vo=vo)}
-        scopes = [scope.external for scope in list_scopes(filter_=filter_, session=session)]
+        scopes = [scope['scope'].external for scope in list_scopes(filter_=filter_, session=session)]
         dids = []
         rses = {}
         for lfn in lfns:

rucio/gateway/scope.py

@@ -12,19 +12,23 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-from typing import Any, Optional
+from typing import TYPE_CHECKING, Any, Optional
 
 import rucio.gateway.permission
 from rucio.common.constants import DEFAULT_VO
 from rucio.common.exception import AccessDenied
 from rucio.common.schema import validate_schema
 from rucio.common.types import InternalAccount, InternalScope
+from rucio.common.utils import gateway_update_return_dict
 from rucio.core import scope as core_scope
 from rucio.db.sqla.constants import DatabaseOperationType
 from rucio.db.sqla.session import db_session
 
+if TYPE_CHECKING:
+    from collections.abc import Generator
 
-def list_scopes(filter_: Optional[dict[str, Any]] = None, vo: str = DEFAULT_VO) -> list[str]:
+
+def list_scopes(filter_: Optional[dict[str, Any]] = None, vo: str = DEFAULT_VO) -> 'Generator[dict[str, Any]]':
     """
     Lists all scopes.
 
@@ -42,7 +46,9 @@ def list_scopes(filter_: Optional[dict[str, Any]] = None, vo: str = DEFAULT_VO)
         filter_['scope'] = InternalScope(scope='*', vo=vo)
 
     with db_session(DatabaseOperationType.READ) as session:
-        return [scope.external for scope in core_scope.list_scopes(filter_=filter_, session=session)]
+        scopes = core_scope.list_scopes(filter_=filter_, session=session)
+        for scope in scopes:
+            yield gateway_update_return_dict(scope, session=session)
 
 
 def add_scope(
@@ -92,3 +98,29 @@ def get_scopes(
 
     with db_session(DatabaseOperationType.READ) as session:
         return [scope.external for scope in core_scope.get_scopes(internal_account, session=session)]
+
+
+def update_scope(
+        scope: str,
+        account: str,
+        issuer: str,
+        vo: str = DEFAULT_VO
+) -> None:
+    """
+    Change ownership of a scope
+
+    :param account: New owner for the scope
+    :param scope: Scope to change
+    param issuer: User making the request
+    :param vo: VO to act on
+
+    """
+    kwargs = {'scope': scope, 'account': account}
+    with db_session(DatabaseOperationType.WRITE) as session:
+        auth_result = rucio.gateway.permission.has_permission(issuer=issuer, vo=vo, action='update_scope', kwargs=kwargs, session=session)
+        if not auth_result.allowed:
+            raise AccessDenied('Account %s can not add scope. %s' % (issuer, auth_result.message))
+
+        internal_account = InternalAccount(account, vo=vo)
+        internal_scope = InternalScope(scope, vo=vo)
+        core_scope.update_scope(internal_scope, internal_account, session=session)

rucio/vcsversion.py

@@ -4,8 +4,8 @@ This file is automatically generated; Do not edit it. :)
 '''
 VERSION_INFO = {
     'final': True,
-    'version': '38.4.0',
+    'version': '38.5.0',
     'branch_nick': 'release-38-LTS',
-    'revision_id': '945ab71be90243fe96148bb3bd13c1c3ae410765',
-    'revno': 14030
+    'revision_id': '430fd3dd8f4dc5103e1e932c9515421e1c515c3e',
+    'revno': 14073
 }

rucio/web/rest/flaskapi/v1/opendata.py

@@ -48,10 +48,10 @@ class OpenDataView(ErrorHandlingMethodView):
     def get(self) -> "Response":
         """
         ---
-        summary: List Opendata DIDs
-        description: "Retrieves a list of Opendata Data Identifiers (DIDs). Supports optional query parameters for pagination and filtering by state."
+        summary: List Open Data DIDs
+        description: "Retrieves a list of Open Data DIDs. Supports optional query parameters for pagination and filtering by state."
         tags:
-          - Opendata
+          - Open Data
         parameters:
           - name: limit
             in: query
@@ -76,7 +76,7 @@ class OpenDataView(ErrorHandlingMethodView):
             style: form
         responses:
           200:
-            description: "Successful retrieval of the list of Opendata DIDs."
+            description: "Successful retrieval of the list of Open Data DIDs."
             content:
               application/json:
                 schema:
@@ -126,10 +126,10 @@ class OpenDataDIDsView(ErrorHandlingMethodView):
     def get(self, scope: str, name: str) -> "Response":
         """
         ---
-        summary: Get Opendata DID Information
-        description: "Retrieves detailed Opendata information for the given scope and name. Supports optional query parameters to control the inclusion of files, metadata, and DOI information."
+        summary: Get Open Data DID Information
+        description: "Retrieves detailed Open Data information for the given scope and name. Supports optional query parameters to control the inclusion of files, metadata, and DOI information."
         tags:
-          - Opendata
+          - Open Data
         parameters:
           - name: scope
             in: path
@@ -178,7 +178,7 @@ class OpenDataDIDsView(ErrorHandlingMethodView):
             style: form
         responses:
           200:
-            description: "Successful retrieval of Opendata DID information."
+            description: "Successful retrieval of Open Data DID information."
             content:
               application/json:
                 schema:
@@ -195,10 +195,10 @@ class OpenDataDIDsView(ErrorHandlingMethodView):
     def post(self, scope: str, name: str) -> "Response":
         """
         ---
-        summary: Register Opendata DID
-        description: "Registers an existing DID as Opendata."
+        summary: Register Open Data DID
+        description: "Registers an existing DID as Open Data."
         tags:
-          - Opendata
+          - Open Data
         parameters:
           - name: scope
             in: path
@@ -216,7 +216,7 @@ class OpenDataDIDsView(ErrorHandlingMethodView):
             style: simple
         responses:
           201:
-            description: "Opendata DID successfully registered."
+            description: "Open Data DID successfully registered."
             content:
               application/json:
                 schema:
@@ -229,7 +229,7 @@ class OpenDataDIDsView(ErrorHandlingMethodView):
           404:
             description: "Data Identifier not found."
           409:
-            description: "Data Identifier already exists in the Opendata catalog."
+            description: "Data Identifier already exists in the Open Data catalog."
         """
         vo = request.environ.get("vo", DEFAULT_VO)
         try:
@@ -249,10 +249,10 @@ class OpenDataDIDsView(ErrorHandlingMethodView):
     def put(self, scope: str, name: str) -> "Response":
         """
         ---
-        summary: Update Opendata DID
-        description: "Updates the properties of an existing Opendata DID."
+        summary: Update Open Data DID
+        description: "Updates the properties of an existing Open Data DID."
         tags:
-          - Opendata
+          - Open Data
         parameters:
           - name: scope
             in: path
@@ -291,7 +291,7 @@ class OpenDataDIDsView(ErrorHandlingMethodView):
                       example: '10.1234/abcd.efgh'."
         responses:
           200:
-            description: "Opendata DID successfully updated."
+            description: "Open Data DID successfully updated."
             content:
               application/json:
                 schema:
@@ -329,10 +329,10 @@ class OpenDataDIDsView(ErrorHandlingMethodView):
     def delete(self, scope: str, name: str) -> "Response":
         """
         ---
-        summary: Delete Opendata DID
-        description: "Deletes an entry in the Opendata catalog."
+        summary: Delete Open Data DID
+        description: "Deletes an entry in the Open Data catalog."
         tags:
-          - Opendata
+          - Open Data
         parameters:
           - name: scope
             in: path
@@ -350,7 +350,7 @@ class OpenDataDIDsView(ErrorHandlingMethodView):
             style: simple
         responses:
           204:
-            description: "Opendata DID successfully deleted. No content is returned."
+            description: "Open Data DID successfully deleted. No content is returned."
           400:
             description: "Invalid input: The provided scope/name is not valid."
           401:

rucio/web/rest/flaskapi/v1/opendata_public.py

@@ -25,10 +25,10 @@ class OpenDataPublicView(ErrorHandlingMethodView):
     def get(self) -> "Response":
         """
         ---
-        summary: List Opendata DIDs marked as public
-        description: "Retrieves a list of public Opendata Data Identifiers (DIDs). Supports optional query parameters for pagination."
+        summary: List Open Data DIDs marked as public
+        description: "Retrieves a list of public Open Data DIDs. Supports optional query parameters for pagination."
         tags:
-          - Opendata Public
+          - Open Data Public
         parameters:
           - name: limit
             in: query
@@ -46,7 +46,7 @@ class OpenDataPublicView(ErrorHandlingMethodView):
             style: form
         responses:
           200:
-            description: "Successful retrieval of the list of Opendata DIDs."
+            description: "Successful retrieval of the list of Open Data DIDs."
             content:
               application/json:
                 schema:
@@ -65,10 +65,10 @@ class OpenDataPublicDIDsView(ErrorHandlingMethodView):
     def get(self, scope: str, name: str) -> "Response":
         """
         ---
-        summary: Get Opendata DID Information for public Opendata DIDs
-        description: "Retrieves detailed Opendata information for the given scope and name. Only works for public opendata DIDs. Supports optional query parameters to control the inclusion of files, metadata, and DOI information."
+        summary: Get Open Data DID Information for public Open Data DIDs
+        description: "Retrieves detailed Open Data information for the given scope and name. Only works for public opendata DIDs. Supports optional query parameters to control the inclusion of files, metadata, and DOI information."
         tags:
-          - Opendata Public
+          - Open Data Public
         parameters:
           - name: scope
             in: path
@@ -110,7 +110,7 @@ class OpenDataPublicDIDsView(ErrorHandlingMethodView):
             style: form
         responses:
           200:
-            description: "Successful retrieval of Opendata DID information."
+            description: "Successful retrieval of Open Data DID information."
             content:
               application/json:
                 schema:

rucio/web/rest/flaskapi/v1/scopes.py

@@ -12,11 +12,12 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-from flask import Flask, jsonify, request
+
+from flask import Flask, Response, jsonify, request
 
 from rucio.common.constants import HTTPMethod
-from rucio.common.exception import AccountNotFound, Duplicate, ScopeNotFound
-from rucio.gateway.scope import add_scope, get_scopes, list_scopes
+from rucio.common.exception import AccountNotFound, Duplicate, ScopeNotFound, VONotFound
+from rucio.gateway.scope import add_scope, get_scopes, list_scopes, update_scope
 from rucio.web.rest.flaskapi.authenticated_bp import AuthenticatedBlueprint
 from rucio.web.rest.flaskapi.v1.common import ErrorHandlingMethodView, check_accept_header_wrapper_flask, generate_http_error_flask, response_headers
 
@@ -24,7 +25,7 @@ from rucio.web.rest.flaskapi.v1.common import ErrorHandlingMethodView, check_acc
 class Scope(ErrorHandlingMethodView):
 
     @check_accept_header_wrapper_flask(['application/json'])
-    def get(self):
+    def get(self) -> Response:
         """
         ---
         summary: List Scopes
@@ -40,16 +41,27 @@ class Scope(ErrorHandlingMethodView):
                   description: "All scopes."
                   type: array
                   items:
-                    description: "A scope."
-                    type: string
+                    type: object
+                    properties:
+                      scope:
+                        description: "A scope."
+                        type: string
+                      account:
+                        description: "The owner account."
+                        type: string
+
           401:
             description: "Invalid Auth Token"
           406:
             description: "Not acceptable"
         """
-        return jsonify(list_scopes(vo=request.environ['vo']))
+        scopes = list_scopes(vo=request.environ['vo'])
+        res = []
+        for dictionary in scopes:
+            res.append(dictionary)
+        return jsonify(res)
 
-    def post(self, account, scope):
+    def post(self, account: str, scope: str) -> Response:
         """
         ---
         summary: Add Scope
@@ -91,13 +103,53 @@ class Scope(ErrorHandlingMethodView):
         except AccountNotFound as error:
             return generate_http_error_flask(404, error)
 
-        return 'Created', 201
+        return Response('Created', 201)
+
+    def put(self, account: str, scope: str) -> Response:
+        """
+        ---
+        summary: Change ownership of a scope.
+        description: "Changes ownership of a scope.."
+        tags:
+          - Scopes
+        parameters:
+        - name: account
+          in: path
+          description: "The new owner account"
+          schema:
+            type: string
+          style: simple
+        - name: scope
+          in: path
+          description: "The name of the scope."
+          schema:
+            type: string
+          style: simple
+        responses:
+          201:
+            description: "OK"
+            content:
+              application/json:
+                schema:
+                  type: string
+                  enum: ['']
+          401:
+            description: "Invalid Auth Token"
+          403:
+            description: "Scope or already exists"
+        """
+        try:
+            update_scope(scope=scope, account=account, issuer=request.environ['issuer'], vo=request.environ['vo'])
+        except (ScopeNotFound, AccountNotFound, VONotFound) as error:
+            return generate_http_error_flask(404, error)
+
+        return Response("", 200)
 
 
 class AccountScopeList(ErrorHandlingMethodView):
 
     @check_accept_header_wrapper_flask(['application/json'])
-    def get(self, account):
+    def get(self, account: str) -> Response:
         """
         ---
         summary: List Account Scopes
@@ -145,7 +197,7 @@ def blueprint() -> AuthenticatedBlueprint:
 
     scope_view = Scope.as_view('scope')
     bp.add_url_rule('/', view_func=scope_view, methods=[HTTPMethod.GET.value])
-    bp.add_url_rule('/<account>/<scope>', view_func=scope_view, methods=[HTTPMethod.POST.value])
+    bp.add_url_rule('/<account>/<scope>', view_func=scope_view, methods=[HTTPMethod.POST.value, HTTPMethod.PUT.value])
     account_scope_list_view = AccountScopeList.as_view('account_scope_list')
     bp.add_url_rule('/<account>/scopes', view_func=account_scope_list_view, methods=[HTTPMethod.GET.value])
 

{rucio-38.4.0.data → rucio-38.5.0.data}/data/rucio/etc/rucio.cfg.template

@@ -121,8 +121,8 @@ usercert = /opt/rucio/tools/x509up
 
 [messaging-fts3]
 port = 61123
-ssl_key_file = /home/mario/.ssh/hostkey.pem
-ssl_cert_file = /home/mario/.ssh/hostcert.pem
+ssl_key_file = /etc/grid-security/hostkey.pem
+ssl_cert_file = /etc/grid-security/hostcert.pem
 destination = /topic/transfer.fts_monitoring_queue_state
 brokers = dashb-test-mb.cern.ch
 voname = atlas
@@ -199,7 +199,6 @@ account = cache_mb
 cacert = /opt/rucio/etc/web/ca.crt
 #cacert = /etc/pki/tls/certs/CERN-bundle.pem
 usercert = /opt/rucio/etc/web/usercert.pem
-#usercert = /home/mario/.ssh/usercert_with_key.pem
 
 [nagios]
 proxy = /opt/rucio/etc/ddmadmin.proxy.nagios

{rucio-38.4.0.data → rucio-38.5.0.data}/data/rucio/etc/rucio_multi_vo.cfg.template

@@ -102,8 +102,8 @@ usercert = /opt/rucio/tools/x509up
 
 [messaging-fts3]
 port = 61123
-ssl_key_file = /home/mario/.ssh/hostkey.pem
-ssl_cert_file = /home/mario/.ssh/hostcert.pem
+ssl_key_file = /etc/grid-security/hostkey.pem
+ssl_cert_file = /etc/grid-security/hostcert.pem
 destination = /topic/transfer.fts_monitoring_queue_state
 brokers = dashb-test-mb.cern.ch
 voname = atlas
@@ -179,7 +179,6 @@ account = cache_mb
 cacert = /opt/rucio/etc/web/ca.crt
 #cacert = /etc/pki/tls/certs/CERN-bundle.pem
 usercert = /opt/rucio/etc/web/usercert.pem
-#usercert = /home/mario/.ssh/usercert_with_key.pem
 
 [nagios]
 proxy = /opt/rucio/etc/ddmadmin.proxy.nagios

{rucio-38.4.0.dist-info → rucio-38.5.0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: rucio
-Version: 38.4.0
+Version: 38.5.0
 Summary: Rucio Package
 Home-page: https://rucio.cern.ch/
 Author: Rucio