Adds notes/highlighting to EOS-CTA Authorization chapter

7b6c4cef · Michael Davis · 61e30d4f · 7b6c4cef · 7b6c4cef · 7b6c4cef
Commit 7b6c4cef authored 8 years ago by Michael Davis
--- a/doc/EOS-CTA_interface.pdf
+++ b/doc/EOS-CTA_interface.pdf
--- a/doc/cta.pdf
+++ b/doc/cta.pdf
--- a/doc/latex/Makefile
+++ b/doc/latex/Makefile
@@ -29,6 +29,7 @@ LATEX_TMP    = $(patsubst %,%.4ct,$(TARGET)) \
               $(patsubst %,%.png,$(TARGET)) \
               $(patsubst %,%.svg,$(TARGET)) \
               $(patsubst %,%.tmp,$(TARGET)) \
+               $(patsubst %,%.toc,$(TARGET)) \
               $(patsubst %,%.xref,$(TARGET)) \
               texput.log

@@ -37,7 +38,7 @@ LATEX_TMP    = $(patsubst %,%.4ct,$(TARGET)) \
 	pdflatex $<

 cta.pdf: $(wildcard cta*.tex) cta.glg
-	pdflatex $<
+	pdflatex cta.tex

 %.glg: %.tex
 	pdflatex $<

--- a/doc/latex/cta.tex
+++ b/doc/latex/cta.tex
-\documentclass[10pt,a4paper]{report}
+\documentclass[11pt,a4paper]{report}

 % Fix PGF unhappiness
 \def\Hnewline{\H^^J}

 % Set up graphics options for various environments

-
 \usepackage{ifpdf}
 \ifpdf
 \usepackage{graphicx}
@@ -15,14 +14,18 @@
 \fi
 \graphicspath{{../images/}}

+\usepackage[top=2cm, bottom=2cm, left=2cm, right=2cm]{geometry}
+
 % Fonts

 \usepackage{paratype}
 \usepackage[T1]{fontenc}
-\usepackage[amssymb]{SIunits}

-\usepackage[top=2cm, bottom=2cm, left=2cm, right=2cm]{geometry}
-\usepackage{multirow}
+% Other packages
+
+\usepackage[amssymb]{SIunits}     % Standardised units
+\usepackage{soul}                 % Fancy boxes
+\usepackage{multirow}             % Multi-row tables
 \usepackage[table]{xcolor}
 \usepackage{parskip}
 \usepackage{moreverb}
@@ -33,10 +36,11 @@
 \usepackage{tikz-uml} % See README.md
 \usetikzlibrary{positioning}

-% Hyperlinks
+% Hyperlinks and PDF options

 \usepackage{hyperref}
 \hypersetup{
+  bookmarks=true,
  colorlinks=true,
  linkcolor=blue,
  pdftitle={The CERN Tape Archive},
@@ -48,10 +52,63 @@
 \usepackage{glossaries}
 \makeglossaries

+% Define a box for highlighted text
+
+\usepackage[many]{tcolorbox}
+
+\newtcolorbox{alertbox}[1][]{
+  breakable,
+  freelance,
+  title=#1,
+  colback=white,
+  colbacktitle=white,
+  coltitle=black,
+  fonttitle=\bfseries,
+  bottomrule=0pt,
+  boxrule=0pt,
+  colframe=white,
+  overlay unbroken and first={
+  \draw[red!75!black,line width=3pt]
+    ([xshift=5pt]frame.north west) -- 
+    (frame.north west) -- 
+    (frame.south west);
+  \draw[red!75!black,line width=3pt]
+    ([xshift=-5pt]frame.north east) -- 
+    (frame.north east) -- 
+    (frame.south east);
+  },
+  overlay unbroken app={
+  \draw[red!75!black,line width=3pt,line cap=rect]
+    (frame.south west) -- 
+    ([xshift=5pt]frame.south west);
+  \draw[red!75!black,line width=3pt,line cap=rect]
+    (frame.south east) -- 
+    ([xshift=-5pt]frame.south east);
+  },
+  overlay middle and last={
+  \draw[red!75!black,line width=3pt]
+    (frame.north west) -- 
+    (frame.south west);
+  \draw[red!75!black,line width=3pt]
+    (frame.north east) -- 
+    (frame.south east);
+  },
+  overlay last app={
+  \draw[red!75!black,line width=3pt,line cap=rect]
+    (frame.south west) --
+    ([xshift=5pt]frame.south west);
+  \draw[red!75!black,line width=3pt,line cap=rect]
+    (frame.south east) --
+    ([xshift=-5pt]frame.south east);
+  },
+}
+
 \begin{document}

+% Title Page
+
 \title{The CERN Tape Archive}
-\author{Germ\'{a}n Cancio \and Eric Cano \and Daniele Kruse \and Steven Murray}
+\author{Germ\'{a}n Cancio \and Eric Cano \and Michael Davis \and Daniele Kruse \and Steven Murray}

 \maketitle

@@ -65,12 +122,12 @@

 \input{cta_Introduction.tex}
 \input{cta_BasicConcepts.tex}
-\input{cta_EOS-CTA_AuthorizationGuidelines.tex}
-\input{cta_CTA-EOS_ReconciliationStrategy.tex}
 \input{cta_CTA-EOS_CommandLineInterface.tex}
 \input{cta_GettingThePrototypeUpAndRunning.tex}
 \input{cta_CommandLineInterface.tex}
 \input{cta_ObjectStore.tex}
 \input{cta_TapeSessions.tex}
+\input{cta_EOS-CTA_Authorization.tex}
+\input{cta_CTA-EOS_ReconciliationStrategy.tex}

 \end{document}
--- a/doc/latex/cta_EOS-CTA_AuthorizationGuidelines.tex
+++ b/doc/latex/cta_EOS-CTA_AuthorizationGuidelines.tex
-\chapter{EOS-CTA Authorization Guidelines}
+\chapter{EOS-CTA Authorization Rules}

-One of the requirements of CTA is to limit the crosstalk among different EOS
-instances. In more detail:
+One of the requirements of CTA is to prevent crosstalk between EOS instances belonging to different \glspl{vo}, e.g.
+the ATLAS EOS instance should not be able to access (or even know about) files belonging to CMS.
+
+\begin{alertbox}[Shared Secrets?]
+Should we have a different shared secret for each VO, to explicitly prohibit access to files not belonging to that EOS
+instance?
+\end{alertbox}
+
+\begin{alertbox}[Redundant Rules?]
+The highlighted rules below are probably not required.
+\end{alertbox}

 \begin{enumerate}
 \item A listStorageClass command should return the list of storage classes 
@@ -13,36 +22,36 @@ instances. In more detail:
     where the command was executed
   \item the storage class provided in the command line belongs to the instance from
     where the command was executed
-   \item the EOS username and/or group (of the original archive requester) provided
+   \item\hl{the EOS username and/or group (of the original archive requester) provided
     in the command line belongs to the instance from where the command was
-     executed
+     executed}
 \end{itemize}

 \item A queueRetrieve command should be authorized only if:
 \begin{itemize}
   \item the instance of the requested file coincides with the instance from where 
     the command was executed
-   \item the EOS username and/or group (of the original retrieve requester) provided
+   \item\hl{the EOS username and/or group (of the original retrieve requester) provided
     in the command line belongs to the instance from where the command was
-     executed
+     executed}
 \end{itemize}

 \item A deleteArchive command should be authorized only if:
 \begin{itemize}
   \item the instance of the file to be deleted coincides with the instance from
     where the command was executed
-   \item the EOS username and/or group (of the original delete requester) provided
+   \item\hl{the EOS username and/or group (of the original delete requester) provided
     in the command line belongs to the instance from where the command was
-     executed
+     executed}
 \end{itemize}

 \item A cancelRetrieve command should be authorized only if:
 \begin{itemize}
   \item the instance of the file to be canceled coincides with the instance from
     where the command was executed
-   \item the EOS username and/or group (of the original cancel requester) provided
+   \item\hl{the EOS username and/or group (of the original cancel requester) provided
     in the command line belongs to the instance from where the command was
-     executed
+     executed}
 \end{itemize}

 \item An updateFileStorageClass command should be authorized only if:
@@ -51,9 +60,9 @@ instances. In more detail:
     where the command was executed
   \item the storage class provided in the command line belongs to the instance from
     where the command was executed
-   \item the EOS username and/or group (of the original update requester) provided
+   \item\hl{the EOS username and/or group (of the original update requester) provided
     in the command line belongs to the instance from where the command was
-     executed
+     executed}
 \end{itemize}

 \item An updateFileInfo command should be authorized only if:

--- a/doc/latex/cta_TapeSessions.tex
+++ b/doc/latex/cta_TapeSessions.tex
@@ -10,9 +10,9 @@ The main sub-process is the drive sub-process. One such sub-process will be laun
 The tape session types and state changes are shown in figure \ref{statediag}.

 \begin{figure}[h]
-\begin{center}
+\centering
 \includegraphics{CTA_tape_session_states}
-\end{center}
-\caption{\label{statediag}Tape sessions state diagram}
+\caption{Tape sessions state diagram}
+\label{statediag}
 \end{figure}

--- a/doc/queueRequestSeqDiags.pdf
+++ b/doc/queueRequestSeqDiags.pdf