Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Test for modifications to ONLINE permisions #113

Merged
merged 4 commits into from Apr 12, 2024
Merged

Test for modifications to ONLINE permisions #113

merged 4 commits into from Apr 12, 2024

Conversation

LuisSanchez25
Copy link
Contributor

@LuisSanchez25 LuisSanchez25 commented Jan 25, 2024
edited

The purpose of this pull request is to only allow a particular user to insert ONLINE corrections and no others to protect the integrity of the database. This is not a full proof way of preventing this but it should at least prevent people from changing the database accidentally. We should update everyone to a new version of xedocs before giving out the new username and password

@LuisSanchez25 LuisSanchez25 marked this pull request as ready for review March 7, 2024 12:20
@GiovanniVolta
Copy link
Contributor

GiovanniVolta commented Mar 16, 2024
edited

Hello @LuisSanchez25, I would be happy to help with the review of this PR, but I need more information. Could you please elaborate more? Is this useful for moving from CMT to xedocs for online processing (e.g., gain model)? Is there any hands-on example to help you understand architecture better?

@LuisSanchez25
Copy link
Contributor Author

Hey Giovanni. So all this piece of code is doing is checking for a spesific user. In this case the corrections expert user, and ensuring then if they try to upload a correction this correction can only have the value "ONLINE" for version. The reason there are so many lines of code to achive something relatively simple is because I had to take into account all possible formats in which corrections could be inserted into xedocs.

This change is aimed at preventing people from uploading the wrong data to the database and causing potential issues.

@GiovanniVolta
Copy link
Contributor

Hey @LuisSanchez25,
I did something quite dumb to test if everything worked fine. I have run the Accessing_and_inserting_data notebook and everything seems fine what I can tell.
May I ask you also to update the notebook? The xd_db_dev = xd.development_db.utilix and xd_db_stx = xd.straxen_db.utilix are not working.

@LuisSanchez25
Copy link
Contributor Author

Hey Giovanni, thanks I will change that in the notebook in a separate PR

@GiovanniVolta
Copy link
Contributor

I have tested the PR from the login node as follows:

>>> import strax, straxen, xedocs
>>> straxen.print_versions('strax straxen rframe xedocs'.split())
Host beagle3-tbd2.rcc.local
 module version                                                                               path                                 git
 python  3.9.19                          /opt/XENONnT/anaconda/envs/XENONnT_development/bin/python                                None
  strax   1.6.1   /opt/XENONnT/anaconda/envs/XENONnT_development/lib/python3.9/site-packages/strax                                None
straxen   2.2.1 /opt/XENONnT/anaconda/envs/XENONnT_development/lib/python3.9/site-packages/straxen                                
>>> xd_db_dev = xd.development_db()
>>> run_id = '047493'
>>> elife_new = xd.schemas.ElectronLifetime(value=0.80, version='test*4', run_id=run_id, datasource = 'development_db', comments='test for ONLINE_correction branch')
>>> xd.insert_docs('electron_lifetimes', elife_new, 'development_db')
[
        Xenon ElectronLifetime Document
        -------------------------------

        Category:      corrections
        Alias:         electron_lifetimes
        Index:         version=test*4, time=2022-09-13 11:14:46.741000+00:00
        Values:        created_date=2024-04-05 14:44:31.696000+00:00, comments=test for ONLINE_correction branch, value=0.8
        ]
>>> list(xd_db_dev.electron_lifetimes.find(run_id = run_id))
[{'version': 'v6', 'created_date': datetime.datetime(2023, 5, 19, 14, 59, 55, 878000, tzinfo=<UTC>), 'comments': '', 'time': datetime.datetime(2022, 9, 13, 11, 14, 46, 741000, tzinfo=<UTC>), 'value': 26141032.007023267}, {'version': 'v7', 'created_date': datetime.datetime(2023, 2, 9, 15, 17, 26, 958000, tzinfo=<UTC>), 'comments': '', 'time': datetime.datetime(2022, 9, 13, 11, 14, 46, 741000, tzinfo=<UTC>), 'value': 23933929.779056724}, {'version': 'v8', 'created_date': datetime.datetime(2023, 5, 19, 14, 59, 56, 820000, tzinfo=<UTC>), 'comments': '', 'time': datetime.datetime(2022, 9, 13, 11, 14, 46, 741000, tzinfo=<UTC>), 'value': 23933929.779056724}, {'version': 'v9', 'created_date': datetime.datetime(2023, 12, 21, 17, 6, 54, 933000, tzinfo=<UTC>), 'comments': 'v9 EL version', 'time': datetime.datetime(2022, 9, 13, 11, 14, 46, 741000, tzinfo=<UTC>), 'value': 24203724.610794935}, {'version': 'test*', 'created_date': datetime.datetime(2023, 1, 24, 17, 20, 42, 436000, tzinfo=<UTC>), 'comments': 'giving a 10% decrease to Electron lifetime', 'time': datetime.datetime(2022, 9, 13, 11, 14, 46, 741000, tzinfo=<UTC>), 'value': 7362379.160154001}, {'version': 'test*2', 'created_date': datetime.datetime(2023, 1, 24, 17, 20, 42, 436000, tzinfo=<UTC>), 'comments': 'giving a 10% decrease to Electron lifetime', 'time': datetime.datetime(2022, 9, 13, 11, 14, 46, 741000, tzinfo=<UTC>), 'value': 6544337.031248}, {'version': 'test*4', 'created_date': datetime.datetime(2024, 4, 5, 14, 44, 31, 696000, tzinfo=<UTC>), 'comments': 'test for ONLINE_correction branch', 'time': datetime.datetime(2022, 9, 13, 11, 14, 46, 741000, tzinfo=<UTC>), 'value': 0.8}]

If I try to insert in straxen_db() I have (as expected since I am not authorized) an error:

>>>xd.insert_docs('electron_lifetimes', elife_new, 'straxen_db')
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/home/gvolta/XENONnT/xedocs/xedocs/xedocs.py", line 121, in insert_docs
    return accessor.insert(docs, dry=dry)
  File "/opt/XENONnT/anaconda/envs/XENONnT_development/lib/python3.9/site-packages/rframe/data_accessor.py", line 165, in insert
    self.initdb()
  File "/opt/XENONnT/anaconda/envs/XENONnT_development/lib/python3.9/site-packages/rframe/data_accessor.py", line 216, in initdb
    self.schema.initdb(self.storage)
  File "/opt/XENONnT/anaconda/envs/XENONnT_development/lib/python3.9/site-packages/rframe/schema.py", line 349, in initdb
    interface.initdb(cls)
  File "/opt/XENONnT/anaconda/envs/XENONnT_development/lib/python3.9/site-packages/rframe/interfaces/mongo.py", line 647, in initdb
    self.ensure_index(index_names)
  File "/opt/XENONnT/anaconda/envs/XENONnT_development/lib/python3.9/site-packages/rframe/interfaces/mongo.py", line 639, in ensure_index
    self.source.create_index([(name, order) for name in names])
  File "/home/gvolta/.local/lib/python3.9/site-packages/pymongo/collection.py", line 2271, in create_index
    return self.__create_indexes([index], session, **cmd_options)[0]
  File "/home/gvolta/.local/lib/python3.9/site-packages/pymongo/collection.py", line 2158, in __create_indexes
    self._command(
  File "/home/gvolta/.local/lib/python3.9/site-packages/pymongo/collection.py", line 250, in _command
    return sock_info.command(
  File "/home/gvolta/.local/lib/python3.9/site-packages/pymongo/pool.py", line 740, in command
    return command(
  File "/home/gvolta/.local/lib/python3.9/site-packages/pymongo/network.py", line 177, in command
    helpers._check_command_response(
  File "/home/gvolta/.local/lib/python3.9/site-packages/pymongo/helpers.py", line 180, in _check_command_response
    raise OperationFailure(errmsg, code, response, max_wire_version)
pymongo.errors.OperationFailure: not authorized on xedocs to execute command { createIndexes: "electron_lifetimes", indexes: [ { name: "version_1_time_1", key: { version: 1, time: 1 } } ], lsid: { id: UUID("e179e0a7-34ba-4eb8-834d-3daf4b2cac0c") }, $clusterTime: { clusterTime: Timestamp(1712328516, 1), signature: { hash: BinData(0, 0F6E0ED50EBE9D74CFA6C3A8AF16A9484D2AA73E), keyId: 7333557534369775617 } }, $db: "xedocs", $readPreference: { mode: "primary" } }, full error: {'operationTime': Timestamp(1712328517, 1), 'ok': 0.0, 'errmsg': 'not authorized on xedocs to execute command { createIndexes: "electron_lifetimes", indexes: [ { name: "version_1_time_1", key: { version: 1, time: 1 } } ], lsid: { id: UUID("e179e0a7-34ba-4eb8-834d-3daf4b2cac0c") }, $clusterTime: { clusterTime: Timestamp(1712328516, 1), signature: { hash: BinData(0, 0F6E0ED50EBE9D74CFA6C3A8AF16A9484D2AA73E), keyId: 7333557534369775617 } }, $db: "xedocs", $readPreference: { mode: "primary" } }', 'code': 13, 'codeName': 'Unauthorized', '$clusterTime': {'clusterTime': Timestamp(1712328517, 1), 'signature': {'hash': b'FC\xa4j;\x9b\xf6\xf6\x05\xc3\x03\xfcAM!87\x8f\xd7\xe7', 'keyId': 7333557534369775617}}}

It looks good to me; however, could you please specify in the example which partition the notebook should be executed on? Since grand does not have an internet connection, the insert_docs wants to work.

@LuisSanchez25 LuisSanchez25 merged commit 071b4d2 into master Apr 12, 2024
4 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@GiovanniVolta GiovanniVolta GiovanniVolta approved these changes

@ahiguera-mx ahiguera-mx Awaiting requested review from ahiguera-mx

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@LuisSanchez25 @GiovanniVolta