diff --git a/src/caosdb/connection/connection.py b/src/caosdb/connection/connection.py
index 33ea80021d401b58b7a31d732160368971826e00..1725e98099af52fe3332939c220981dc538176ff 100644
--- a/src/caosdb/connection/connection.py
+++ b/src/caosdb/connection/connection.py
@@ -30,7 +30,7 @@ try:
except ImportError:
from urllib import quote
from urlparse import urlparse
-
+from errno import EPIPE as BrokenPipe
from socket import error as SocketError
import ssl
import logging
@@ -147,7 +147,11 @@ class _DefaultCaosDBServerConnection(CaosDBServerConnection):
If no url has been specified, or if the CA certificate cannot be
loaded.
"""
- context = ssl.SSLContext(ssl.PROTOCOL_TLSv1)
+ if "ssl_version" in config and config["cacert"] is not None:
+ ssl_version = getattr(ssl, config["ssl_version"])
+ else:
+ ssl_version = ssl.PROTOCOL_TLSv1
+ context = ssl.SSLContext(ssl_version)
context.verify_mode = ssl.CERT_REQUIRED
if hasattr(context, "check_hostname"):
context.check_hostname = True
@@ -469,6 +473,13 @@ class _Connection(object): # pylint: disable=useless-object-inheritance
return self._retry_http_request(method=method, path=path,
headers=headers, body=body,
**kwargs)
+ except SocketError as e:
+ if e.errno != BrokenPipe:
+ raise
+ return self._retry_http_request(method=method, path=path,
+ headers=headers, body=body,
+ reconnect=False,
+ **kwargs)
except LoginFailedException:
if kwargs.get("reconnect", True) is True:
self._login()
diff --git a/src/caosdb/connection/streaminghttp.py b/src/caosdb/connection/streaminghttp.py
index 85aa710a1ab3964735671513b61ebb6bc82745c8..01774301b9bdb55bdbf6b56695042aaf354dba97 100644
--- a/src/caosdb/connection/streaminghttp.py
+++ b/src/caosdb/connection/streaminghttp.py
@@ -72,13 +72,10 @@ class StreamingHTTPSConnection(client.HTTPSConnection, object):
def __init__(self, socket_proxy=None, **kwargs):
if socket_proxy is not None:
- print("socket_proxy:" + socket_proxy)
host, port = socket_proxy.split(":")
socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS5, host,
int(port))
socket.socket = socks.socksocket
- else:
- print("no socket_proxy")
super(StreamingHTTPSConnection, self).__init__(**kwargs)
def _send_output(self, body, **kwargs):
diff --git a/src/caosdb/utils/caosdb_admin.py b/src/caosdb/utils/caosdb_admin.py
index 24335d2b1d705f87181c5dc7f055abf2854f2b27..b3145390fc9de36da57fe3dd88996199f50a3ce7 100755
--- a/src/caosdb/utils/caosdb_admin.py
+++ b/src/caosdb/utils/caosdb_admin.py
@@ -35,9 +35,9 @@ from argparse import ArgumentParser
from argparse import RawDescriptionHelpFormatter
__all__ = []
-__version__ = 0.2
+__version__ = 0.3
__date__ = '2016-09-19'
-__updated__ = '2017-08-30'
+__updated__ = '2018-12-11'
def do_update_role(args):
@@ -98,7 +98,7 @@ def do_insert(args):
reconnect=True,
query_dict=fdict,
body=xml)
- db.Container._response_to_entities(ret)
+ print(db.Container._response_to_entities(ret))
def _promt_for_pw():
@@ -217,6 +217,25 @@ def do_deny_role_permissions(args):
admin._set_permissions(role=args.role_name, permission_rules=perms)
+def do_retrieve_entity_acl(args):
+ entities = db.execute_query(q=args.query, flags={"ACL": None})
+ for entity in entities:
+ print(entity.id)
+ print(entity.acl)
+
+
+def do_action_entity_permissions(args):
+ entities = db.execute_query(q=args.query, flags={"ACL": None})
+ for entity in entities:
+ for p in args.permissions:
+ getattr(entity, args.action)(role=args.role, priority=args.priority,
+ permission=p)
+ entities.update(flags={"ACL": None})
+ for entity in entities:
+ print(entity.id)
+ print(entity.acl)
+
+
def main(argv=None):
"""Command line options."""
@@ -233,14 +252,8 @@ def main(argv=None):
program_shortdesc = __import__('__main__').__doc__
program_license = '''%s
- Created by timm fitschen on %s.
- Copyright 2016 BMPG. All rights reserved.
-
- Distributed on an "AS IS" basis without warranties
- or conditions of any kind, either express or implied.
-
USAGE
-''' % (program_shortdesc, str(__date__))
+''' % (program_shortdesc)
# Setup argument parser
parser = ArgumentParser(description=program_license,
@@ -532,10 +545,38 @@ USAGE
metavar="ROLENAME",
help="The name of the existing role.")
+ # entity acl
+ retrieve_entity_acl_parser = subparsers.add_parser(
+ "retrieve_entity_acl", help="Retrieve an entity ACL.")
+ retrieve_entity_acl_parser.set_defaults(call=do_retrieve_entity_acl)
+ retrieve_entity_acl_parser.add_argument(dest="query", metavar="QUERY",
+ help="A FIND query.")
+
+ for action in ["grant", "deny", "revoke_denial", "revoke_grant"]:
+ action_entity_permissions_parser = subparsers.add_parser(
+ "{}_entity_permissions".format(action),
+ help="{} entity permissions to a role.".format(action))
+ action_entity_permissions_parser.set_defaults(
+ call=do_action_entity_permissions, action=action)
+ action_entity_permissions_parser.add_argument(dest="query", metavar="QUERY",
+ help="A FIND query.")
+ action_entity_permissions_parser.add_argument(dest="role", metavar="ROLE",
+ help="The name of an exising role.")
+ action_entity_permissions_parser.add_argument(
+ dest="permissions",
+ metavar="PERMISSION",
+ help="A list of permissions",
+ nargs='+')
+ action_entity_permissions_parser.add_argument(
+ '--priority',
+ dest="priority",
+ action="store_true",
+ default=False,
+ help="This flag enables priority permission rules.")
+
# Process arguments
args = parser.parse_args()
-
db.configure_connection()._login()
return args.call(args)