Merge branch 'f-server-side-scripting' into f-fix-timeout

src/caosdb/connection/connection.py

@@ -30,7 +30,7 @@ try:
 except ImportError:
     from urllib import quote
     from urlparse import urlparse
-
+from errno import EPIPE as BrokenPipe
 from socket import error as SocketError
 import ssl
 import logging
@@ -147,7 +147,11 @@ class _DefaultCaosDBServerConnection(CaosDBServerConnection):
             If no url has been specified, or if the CA certificate cannot be
             loaded.
         """
-        context = ssl.SSLContext(ssl.PROTOCOL_TLSv1)
+        if "ssl_version" in config and config["cacert"] is not None:
+            ssl_version = getattr(ssl, config["ssl_version"])
+        else:
+            ssl_version = ssl.PROTOCOL_TLSv1
+        context = ssl.SSLContext(ssl_version)
         context.verify_mode = ssl.CERT_REQUIRED
         if hasattr(context, "check_hostname"):
             context.check_hostname = True
@@ -469,6 +473,13 @@ class _Connection(object):  # pylint: disable=useless-object-inheritance
             return self._retry_http_request(method=method, path=path,
                                             headers=headers, body=body,
                                             **kwargs)
+        except SocketError as e:
+            if e.errno != BrokenPipe:
+                raise
+            return self._retry_http_request(method=method, path=path,
+                                            headers=headers, body=body,
+                                            reconnect=False,
+                                            **kwargs)
         except LoginFailedException:
             if kwargs.get("reconnect", True) is True:
                 self._login()

src/caosdb/connection/streaminghttp.py

@@ -72,13 +72,10 @@ class StreamingHTTPSConnection(client.HTTPSConnection, object):
 
     def __init__(self, socket_proxy=None, **kwargs):
         if socket_proxy is not None:
-            print("socket_proxy:" +  socket_proxy)
             host, port = socket_proxy.split(":")
             socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS5, host,
                                   int(port))
             socket.socket = socks.socksocket
-        else:
-            print("no socket_proxy")
         super(StreamingHTTPSConnection, self).__init__(**kwargs)
 
     def _send_output(self, body, **kwargs):

src/caosdb/utils/caosdb_admin.py

@@ -35,9 +35,9 @@ from argparse import ArgumentParser
 from argparse import RawDescriptionHelpFormatter
 
 __all__ = []
-__version__ = 0.2
+__version__ = 0.3
 __date__ = '2016-09-19'
-__updated__ = '2017-08-30'
+__updated__ = '2018-12-11'
 
 
 def do_update_role(args):
@@ -98,7 +98,7 @@ def do_insert(args):
         reconnect=True,
         query_dict=fdict,
         body=xml)
-    db.Container._response_to_entities(ret)
+    print(db.Container._response_to_entities(ret))
 
 
 def _promt_for_pw():
@@ -217,6 +217,25 @@ def do_deny_role_permissions(args):
     admin._set_permissions(role=args.role_name, permission_rules=perms)
 
 
+def do_retrieve_entity_acl(args):
+    entities = db.execute_query(q=args.query, flags={"ACL": None})
+    for entity in entities:
+        print(entity.id)
+        print(entity.acl)
+
+
+def do_action_entity_permissions(args):
+    entities = db.execute_query(q=args.query, flags={"ACL": None})
+    for entity in entities:
+        for p in args.permissions:
+            getattr(entity, args.action)(role=args.role, priority=args.priority,
+                                         permission=p)
+    entities.update(flags={"ACL": None})
+    for entity in entities:
+        print(entity.id)
+        print(entity.acl)
+
+
 def main(argv=None):
     """Command line options."""
 
@@ -233,14 +252,8 @@ def main(argv=None):
     program_shortdesc = __import__('__main__').__doc__
     program_license = '''%s
 
-  Created by timm fitschen on %s.
-  Copyright 2016 BMPG. All rights reserved.
-
-  Distributed on an "AS IS" basis without warranties
-  or conditions of any kind, either express or implied.
-
 USAGE
-''' % (program_shortdesc, str(__date__))
+''' % (program_shortdesc)
 
     # Setup argument parser
     parser = ArgumentParser(description=program_license,
@@ -532,10 +545,38 @@ USAGE
         metavar="ROLENAME",
         help="The name of the existing role.")
 
+    # entity acl
+    retrieve_entity_acl_parser = subparsers.add_parser(
+        "retrieve_entity_acl", help="Retrieve an entity ACL.")
+    retrieve_entity_acl_parser.set_defaults(call=do_retrieve_entity_acl)
+    retrieve_entity_acl_parser.add_argument(dest="query", metavar="QUERY",
+                                            help="A FIND query.")
+
+    for action in ["grant", "deny", "revoke_denial", "revoke_grant"]:
+        action_entity_permissions_parser = subparsers.add_parser(
+            "{}_entity_permissions".format(action),
+            help="{} entity permissions to a role.".format(action))
+        action_entity_permissions_parser.set_defaults(
+            call=do_action_entity_permissions, action=action)
+        action_entity_permissions_parser.add_argument(dest="query", metavar="QUERY",
+                                                      help="A FIND query.")
+        action_entity_permissions_parser.add_argument(dest="role", metavar="ROLE",
+                                                      help="The name of an exising role.")
+        action_entity_permissions_parser.add_argument(
+            dest="permissions",
+            metavar="PERMISSION",
+            help="A list of permissions",
+            nargs='+')
+        action_entity_permissions_parser.add_argument(
+            '--priority',
+            dest="priority",
+            action="store_true",
+            default=False,
+            help="This flag enables priority permission rules.")
+
     # Process arguments
     args = parser.parse_args()
 
-
     db.configure_connection()._login()
 
     return args.call(args)