Skip to content

Properties

Security properties and property management.

properties

Just listing the possible Properties This module contains list of Properties that can be assigned to users and groups.

Attributes

TRUSTED_HOST = SecurityProperty('TrustedHost') module-attribute

NORMAL_USER = SecurityProperty('NormalUser') module-attribute

CS_ADMINISTRATOR = SecurityProperty('CSAdministrator') module-attribute

JOB_SHARING = SecurityProperty('JobSharing') module-attribute

SERVICE_ADMINISTRATOR = SecurityProperty('ServiceAdministrator') module-attribute

JOB_ADMINISTRATOR = SecurityProperty('JobAdministrator') module-attribute

JOB_MONITOR = SecurityProperty('JobMonitor') module-attribute

ACCOUNTING_MONITOR = SecurityProperty('AccountingMonitor') module-attribute

PILOT = SecurityProperty('Pilot') module-attribute

GENERIC_PILOT = SecurityProperty('GenericPilot') module-attribute

SITE_MANAGER = SecurityProperty('SiteManager') module-attribute

USER_MANAGER = SecurityProperty('UserManager') module-attribute

OPERATOR = SecurityProperty('Operator') module-attribute

FULL_DELEGATION = SecurityProperty('FullDelegation') module-attribute

LIMITED_DELEGATION = SecurityProperty('LimitedDelegation') module-attribute

PRIVATE_LIMITED_DELEGATION = SecurityProperty('PrivateLimitedDelegation') module-attribute

PROXY_MANAGEMENT = SecurityProperty('ProxyManagement') module-attribute

PRODUCTION_MANAGEMENT = SecurityProperty('ProductionManagement') module-attribute

PPG_AUTHORITY = SecurityProperty('PPGAuthority') module-attribute

BOOKKEEPING_MANAGEMENT = SecurityProperty('BookkeepingManagement') module-attribute

ALARMS_MANAGEMENT = SecurityProperty('AlarmsManagement') module-attribute

FC_MANAGEMENT = SecurityProperty('FileCatalogManagement') module-attribute

STAGE_ALLOWED = SecurityProperty('StageAllowed') module-attribute

Classes

SecurityProperty

Bases: str

Source code in diracx-core/src/diracx/core/properties.py 
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
class SecurityProperty(str):
    @classmethod
    def available_properties(cls) -> set[SecurityProperty]:
        properties = set()
        for entry_point in select_from_extension(
            group="diracx", name="properties_module"
        ):
            properties_module = entry_point.load()
            for _, obj in inspect.getmembers(properties_module):
                if isinstance(obj, SecurityProperty):
                    properties.add(obj)
        return properties

    @classmethod
    def __get_pydantic_core_schema__(
        cls, source_type: Any, handler: GetCoreSchemaHandler
    ) -> CoreSchema:
        return core_schema.no_info_after_validator_function(cls, handler(str))

    def __repr__(self) -> str:
        return f"{self.__class__.__name__}({self})"

    def __and__(
        self, value: SecurityProperty | UnevaluatedProperty
    ) -> UnevaluatedExpression:
        if not isinstance(value, UnevaluatedProperty):
            value = UnevaluatedProperty(value)
        return UnevaluatedProperty(self) & value

    def __or__(
        self, value: SecurityProperty | UnevaluatedProperty
    ) -> UnevaluatedExpression:
        if not isinstance(value, UnevaluatedProperty):
            value = UnevaluatedProperty(value)
        return UnevaluatedProperty(self) | value

    def __xor__(
        self, value: SecurityProperty | UnevaluatedProperty
    ) -> UnevaluatedExpression:
        if not isinstance(value, UnevaluatedProperty):
            value = UnevaluatedProperty(value)
        return UnevaluatedProperty(self) ^ value

    def __invert__(self: SecurityProperty) -> UnevaluatedExpression:
        return ~UnevaluatedProperty(self)
Functions
available_properties() classmethod
Source code in diracx-core/src/diracx/core/properties.py 
19
20
21
22
23
24
25
26
27
28
29
@classmethod
def available_properties(cls) -> set[SecurityProperty]:
    properties = set()
    for entry_point in select_from_extension(
        group="diracx", name="properties_module"
    ):
        properties_module = entry_point.load()
        for _, obj in inspect.getmembers(properties_module):
            if isinstance(obj, SecurityProperty):
                properties.add(obj)
    return properties

UnevaluatedProperty

Source code in diracx-core/src/diracx/core/properties.py 
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
class UnevaluatedProperty:
    def __init__(self, property: SecurityProperty):
        self.property = property

    def __str__(self) -> str:
        return str(self.property)

    def __repr__(self) -> str:
        return repr(self.property)

    def __call__(self, allowed_properties: list[SecurityProperty]) -> bool:
        return self.property in allowed_properties

    def __and__(self, value: UnevaluatedProperty) -> UnevaluatedExpression:
        return UnevaluatedExpression(operator.__and__, self, value)

    def __or__(self, value: UnevaluatedProperty) -> UnevaluatedExpression:
        return UnevaluatedExpression(operator.__or__, self, value)

    def __xor__(self, value: UnevaluatedProperty) -> UnevaluatedExpression:
        return UnevaluatedExpression(operator.__xor__, self, value)

    def __invert__(self) -> UnevaluatedExpression:
        return UnevaluatedExpression(operator.__invert__, self)
Attributes
property = property instance-attribute

UnevaluatedExpression

Bases: UnevaluatedProperty

Source code in diracx-core/src/diracx/core/properties.py 
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
class UnevaluatedExpression(UnevaluatedProperty):
    def __init__(self, operator: Callable[..., bool], *args: UnevaluatedProperty):
        self.operator = operator
        self.args = args

    def __str__(self) -> str:
        if self.operator == operator.__invert__:
            return f"~{self.args[0]}"
        symbol = {
            operator.__and__: "&",
            operator.__or__: "|",
            operator.__xor__: "^",
        }[self.operator]
        return f"({self.args[0]} {symbol} {self.args[1]})"

    def __repr__(self) -> str:
        return f"{self.operator.__name__}({', '.join(map(repr, self.args))})"

    def __call__(self, properties: list[SecurityProperty]) -> bool:
        return self.operator(*(a(properties) for a in self.args))
Attributes
operator = operator instance-attribute
args = args instance-attribute

Functions