feat: removed private pilot functionality

fstagni · Jan 18, 2024 · 9eb7b8a · 9eb7b8a
1 parent 0548f1f
commit 9eb7b8a
Show file tree

Hide file tree

Showing 6 changed files with 8 additions and 23 deletions.
diff --git a/...rce/AdministratorGuide/Configuration/ConfReference/Tips/Authorization/index.rst b/...rce/AdministratorGuide/Configuration/ConfReference/Tips/Authorization/index.rst
@@ -31,8 +31,6 @@ are showed in the next table:
 +----------------------------+------------------------------------------------------------------+-------------+
 | *Operator*                 | Operator                                                         |             |
 +----------------------------+------------------------------------------------------------------+-------------+
-| *Pilot*                    | Private pilot                                                    |             |
-+----------------------------+------------------------------------------------------------------+-------------+
 | *PrivateLimitedDelegation* | Allow getting only limited proxies for one self                  |             |
 +----------------------------+------------------------------------------------------------------+-------------+
 | *ProductionManagement*     | Allow managing all productions                                   |             |

diff --git a/src/DIRAC/Core/Security/Properties.py b/src/DIRAC/Core/Security/Properties.py
@@ -26,8 +26,6 @@ class SecurityProperty(str, Enum):
     JOB_MONITOR = "JobMonitor"
     #: Accounting Monitor - can see accounting data for all groups
     ACCOUNTING_MONITOR = "AccountingMonitor"
-    #: Private pilot
-    PILOT = "Pilot"
     #: Generic pilot
     GENERIC_PILOT = "GenericPilot"
     #: Site Manager

diff --git a/src/DIRAC/Resources/Computing/ComputingElement.py b/src/DIRAC/Resources/Computing/ComputingElement.py
@@ -354,7 +354,7 @@ def _monitorProxy(self, payloadProxy=None):
         pilotProps = pilotProxyDict["groupProperties"]
 
         # if running with a pilot proxy, use it to renew the proxy of the payload
-        if Properties.PILOT in pilotProps or Properties.GENERIC_PILOT in pilotProps:
+        if Properties.GENERIC_PILOT in pilotProps:
             self.log.info("Using Pilot credentials to get a new payload Proxy")
             return gProxyManager.renewProxy(
                 proxyToBeRenewed=payloadProxy,

diff --git a/src/DIRAC/WorkloadManagementSystem/Agent/JobAgent.py b/src/DIRAC/WorkloadManagementSystem/Agent/JobAgent.py
@@ -492,7 +492,7 @@ def _setupProxy(self, ownerDN, ownerGroup):
             return S_ERROR("Proxy has no group properties defined")
 
         groupProps = ret["Value"]["groupProperties"]
-        if Properties.GENERIC_PILOT in groupProps or Properties.PILOT in groupProps:
+        if Properties.GENERIC_PILOT in groupProps:
             proxyResult = self._requestProxyFromProxyManager(ownerDN, ownerGroup)
             if not proxyResult["OK"]:
                 self.log.error("Invalid Proxy", proxyResult["Message"])

diff --git a/src/DIRAC/WorkloadManagementSystem/Client/Matcher.py b/src/DIRAC/WorkloadManagementSystem/Client/Matcher.py
@@ -335,13 +335,9 @@ def _checkCredentials(self, resourceDict, credDict):
                 else:
                     raise RuntimeError(result["Message"])
         else:
-            # If it's a private pilot, the DN has to be the same
-            if Properties.PILOT in credDict["properties"]:
-                self.log.notice("Setting the resource DN to the credentials DN")
-                resourceDict["OwnerDN"] = credDict["DN"]
             # If it's a job sharing. The group has to be the same and just check that the DN (if any)
             # belongs to the same group
-            elif Properties.JOB_SHARING in credDict["properties"]:
+            if Properties.JOB_SHARING in credDict["properties"]:
                 resourceDict["OwnerGroup"] = credDict["group"]
                 self.log.notice("Setting the resource group to the credentials group")
                 if "OwnerDN" in resourceDict and resourceDict["OwnerDN"] != credDict["DN"]:

diff --git a/src/DIRAC/WorkloadManagementSystem/private/ConfigHelper.py b/src/DIRAC/WorkloadManagementSystem/private/ConfigHelper.py
@@ -5,28 +5,21 @@
 from DIRAC.FrameworkSystem.Client.ProxyManagerClient import gProxyManager
 
 
-def findGenericPilotCredentials(vo=False, group=False, pilotDN="", pilotGroup=""):
+def findGenericPilotCredentials(vo=False, pilotDN=""):
     """Looks into the Operations/<>/Pilot section of CS to find the pilot credentials.
     Then check if the user has a registered proxy in ProxyManager.
 
-    if pilotDN or pilotGroup are specified, use them
+    if pilotDN are specified, use them
 
     :param str vo: VO name
-    :param str group: group name
     :param str pilotDN: pilot DN
-    :param str pilotGroup: pilot group
-
+    
     :return: S_OK(tuple)/S_ERROR()
     """
-    if not group and not vo:
-        return S_ERROR("Need a group or a VO to determine the Generic pilot credentials")
     if not vo:
-        vo = Registry.getVOForGroup(group)
-        if not vo:
-            return S_ERROR(f"Group {group} does not have a VO associated")
+        return S_ERROR("Need a VO to determine the Generic pilot credentials")
     opsHelper = Operations.Operations(vo=vo)
-    if not pilotGroup:
-        pilotGroup = opsHelper.getValue("Pilot/GenericPilotGroup", "")
+    pilotGroup = opsHelper.getValue("Pilot/GenericPilotGroup", "")
     if not pilotDN:
         pilotDN = opsHelper.getValue("Pilot/GenericPilotDN", "")
     if not pilotDN: