From 6c45bb40036c18e8af95a3d7a03cc3f180df8a4e Mon Sep 17 00:00:00 2001
From: Sinisa Veseli <sveseli@aps.anl.gov>
Date: Tue, 15 Dec 2015 16:38:40 +0000
Subject: [PATCH] fixing download permission issue
---
.../dm/common/utility/ldapLinuxPlatformUtility.py | 3 ---
src/python/dm/ds_web_service/api/fileRestApi.py | 6 ++++--
.../service/impl/experimentManager.py | 14 ++++++++++++++
3 files changed, 18 insertions(+), 5 deletions(-)
diff --git a/src/python/dm/common/utility/ldapLinuxPlatformUtility.py b/src/python/dm/common/utility/ldapLinuxPlatformUtility.py
index 0c5abad0..11b2a088 100755
--- a/src/python/dm/common/utility/ldapLinuxPlatformUtility.py
+++ b/src/python/dm/common/utility/ldapLinuxPlatformUtility.py
@@ -196,9 +196,6 @@ class LdapLinuxPlatformUtility:
raise InternalError(exception=ex)
@classmethod
- def createLocalGroup(cls, name):
- """ Create local group if it does not exist. """
- @classmethod
def createLocalGroup(cls, name):
""" Create local group if it does not exist. """
logger = cls.getLogger()
diff --git a/src/python/dm/ds_web_service/api/fileRestApi.py b/src/python/dm/ds_web_service/api/fileRestApi.py
index 6d0c5d96..52cf596e 100755
--- a/src/python/dm/ds_web_service/api/fileRestApi.py
+++ b/src/python/dm/ds_web_service/api/fileRestApi.py
@@ -64,8 +64,10 @@ class FileRestApi(DsRestApi):
if experimentFilePath:
src = '%s/%s' % (src, experimentFilePath)
dest = destDirectory
-
- fileTransfer = RsyncFileTransfer(src=src, dest=dest)
+
+ rsyncPath = '/tmp/rsync.%s.%s' % (username, experimentName)
+ flags = '-arvlP --rsync-path="%s"' % rsyncPath
+ fileTransfer = RsyncFileTransfer(src=src, dest=dest, flags=flags)
self.logger.info('Executing file download on behalf of %s (experiment: %s)' % (username, experimentName))
fileTransfer.execute()
finally:
diff --git a/src/python/dm/ds_web_service/service/impl/experimentManager.py b/src/python/dm/ds_web_service/service/impl/experimentManager.py
index 108b62ff..804b031b 100755
--- a/src/python/dm/ds_web_service/service/impl/experimentManager.py
+++ b/src/python/dm/ds_web_service/service/impl/experimentManager.py
@@ -24,6 +24,7 @@ class ExperimentManager(Singleton):
MANAGE_STORAGE_PERMISSIONS_KEY = 'managestoragepermissions'
PLATFORM_UTILITY_KEY = 'platformutility'
+ RSYNC_SCRIPT_PERMISSIONS_MODE = 0711
FILE_PERMISSIONS_MODE = 0640
DIR_PERMISSIONS_MODE = 0750
@@ -91,6 +92,17 @@ class ExperimentManager(Singleton):
experimentUsers = experiment.get('experimentUsernameList', [])
self.platformUtility.setGroupUsers(experimentName, experimentUsers)
+ def createRsyncScript(self, username, experimentName):
+ fileName = '/tmp/rsync.%s.%s.' % (username, experimentName)
+ f = open(fileName, 'w')
+ f.write('#!/bin/sh\n')
+ f.write('exec sg %s "rsync $*"\n' % experimentName)
+ f.close()
+ OsUtility.chmodPath(fileName, fileMode=self.RSYNC_SCRIPT_PERMISSIONS_MODE)
+ def deleteRsyncScript(self, username, experimentName):
+ fileName = '/tmp/rsync.%s.%s.' % (username, experimentName)
+ OsUtility.removeFile(fileName)
+
def authorizeDownload(self, username, experimentName):
experiment = self.experimentDbApi.getExperimentByName(experimentName)
storageDirectory = self.updateExperimentWithStorageDataDirectory(experiment)
@@ -98,6 +110,7 @@ class ExperimentManager(Singleton):
self.platformUtility.addLocalUserToGroup(username, experimentName)
else:
raise InvalidRequest('Experiment %s has not been started.' % experimentName)
+ self.createRsyncScript(username, experimentName)
return experiment
def deauthorizeDownload(self, username, experimentName):
@@ -107,6 +120,7 @@ class ExperimentManager(Singleton):
self.platformUtility.deleteLocalUserFromGroup(username, experimentName)
else:
raise InvalidRequest('Experiment %s has not been started.' % experimentName)
+ self.deleteRsyncScript(username, experimentName)
return experiment
def createExperimentGroup(self, experiment):
--
GitLab