feat: InfoGetter enforces policyType, supports per-policy arg overrides and generic specificity deduplication

- Configurations.py: POLICIESMETA now holds plain code-level defaults only;
  Operations() calls removed (CS is read at runtime by InfoGetter instead)
- InfoGetter.getPoliciesThatApply: CS entries without policyType are skipped
  (they are command-args defaults sections, not policy definitions); non-reserved
  keys in a CS policy entry are collected as arg overrides, merged into the policy
  args with case-insensitive key normalisation and type casting
- InfoGetter.postProcessingPolicyList: replaces the old FreeDiskSpaceMB/GB/TB
  hack with a generic rule — when multiple policies of the same policyType match,
  keep the most specific one (name-match presence > number of matchParams keys)
- dirac.cfg: add SpecificFreeDiskSpace example (Unit=GB, Banned_threshold=15,
  Degraded_threshold falls back to default); fix missing closing brace in Policies
- docs: note that command-args sections have no policyType and are not policy definitions
- test: new Test_InfoGetter.py with 15 unit tests covering all the above

Author: fstagni

dirac.cfg

@@ -1173,12 +1173,15 @@ Operations
         # Command arguments for the built-in Downtime policy type.
         # hours = 0 means only ongoing downtimes are considered (default).
         # Set hours > 0 to also catch downtimes starting within that window.
+        # Note: this section has no policyType key and is therefore NOT treated
+        # as a policy definition — it only sets command argument defaults.
         Downtime
         {
           hours = 0  # look-ahead window in hours (0 = ongoing only, default)
         }
         # Command arguments for the built-in FreeDiskSpace policy type.
         # Unit and thresholds apply to all SEs monitored by this policy.
+        # Note: same as above — no policyType key, so not a policy definition.
         FreeDiskSpace
         {
           Unit               = TB  # Space unit: TB (default), GB or MB
@@ -1214,6 +1217,18 @@ Operations
             statusType  = WriteAccess
           }
         }
+        # Example: apply FreeDiskSpace to SE1 with specific args (Unit and Banned_threshold);
+        # Degraded_threshold falls back to the default defined in the FreeDiskSpace section above.
+        SpecificFreeDiskSpace
+        {
+          policyType       = FreeDiskSpace
+          Unit             = GB
+          Banned_threshold = 15
+          matchParams
+          {
+            name = SE1
+          }
+        }
       }
       PolicyActions
       {

docs/source/AdministratorGuide/Systems/ResourceStatus/advanced_configuration.rst

@@ -91,6 +91,9 @@ The look-ahead window is configurable from the Operations CS:
    are considered. Setting a positive value (e.g. ``12``) also catches downtimes scheduled
    to start within that window, which is useful for proactive status changes.
 
+   This section has no ``policyType`` key and is therefore treated purely as
+   command-argument defaults, not as a policy definition.
+
 Example: flag elements with downtimes starting within the next 24 hours::
 
   /Operations/Defaults/ResourceStatus/Policies/Downtime
@@ -124,7 +127,8 @@ from the Operations CS and fall back to safe defaults:
 
    These keys live under ``/Operations/Defaults/ResourceStatus/Policies/FreeDiskSpace``,
    not under the ``/matchParams`` sub-section.  They tune the **command arguments**, not the
-   element-matching logic.
+   element-matching logic. This section has no ``policyType`` key and is therefore not treated
+   as a policy definition by the policy engine.
 
    The default values of ``0.1`` and ``5`` are always used as fallback regardless of unit.
    Make sure to set meaningful threshold values explicitly in the CS when changing the unit.

src/DIRAC/ResourceStatusSystem/Policy/Configurations.py

@@ -11,26 +11,31 @@
              'args'        : { arguments for the command } or None
                      }
 
-"""
+The values in ``args`` are code-level defaults. They can be overridden per-policy
+via the CS entry (e.g. ``Unit = GB`` directly under the policy name in
+``/Operations/Defaults/ResourceStatus/Policies/<PolicyName>``).
+Deployment-wide defaults can also be set in a command-args section named after
+the policy type (e.g. ``/Operations/Defaults/ResourceStatus/Policies/FreeDiskSpace``);
+these are picked up by InfoGetter before code-level defaults are applied.
 
-from DIRAC.ConfigurationSystem.Client.Helpers.Operations import Operations
+"""
 
 POLICIESMETA = {  # DownTime POLICIES
     "Downtime": {
         "description": "Ongoing or scheduled down-times within <hours> from now (0 = ongoing only)",
         "module": "DowntimePolicy",
         "command": ("DowntimeCommand", "DowntimeCommand"),
-        "args": {"hours": Operations().getValue("ResourceStatus/Policies/Downtime/hours", 0), "onlyCache": True},
+        "args": {"hours": 0, "onlyCache": True},
     },
     # Free Disk Space
     "FreeDiskSpace": {
         "description": "Free disk space",
         "module": "FreeDiskSpacePolicy",
         "command": ("FreeDiskSpaceCommand", "FreeDiskSpaceCommand"),
         "args": {
-            "unit": Operations().getValue("ResourceStatus/Policies/FreeDiskSpace/Unit", "TB"),
-            "Banned_threshold": Operations().getValue("ResourceStatus/Policies/FreeDiskSpace/Banned_threshold", 0.1),
-            "Degraded_threshold": Operations().getValue("ResourceStatus/Policies/FreeDiskSpace/Degraded_threshold", 5),
+            "unit": "TB",
+            "Banned_threshold": 0.1,
+            "Degraded_threshold": 5,
             "onlyCache": True,
         },
     },

src/DIRAC/ResourceStatusSystem/Utilities/InfoGetter.py

@@ -45,29 +45,32 @@ def getPoliciesThatApply(decisionParams):
 
     # Get policies that match the given decisionParameters
     for policyName, policySetup in policiesConfig.items():
-        # The parameter policyType replaces policyName, so if it is not present,
-        # we pick policyName
+        # The parameter policyType is mandatory. If not present, skip this entry —
+        # it is a command-args defaults section, not a policy definition.
         try:
             policyType = policySetup["policyType"][0]
         except KeyError:
-            policyType = policyName
-            # continue
+            continue
 
         # The section matchParams is not mandatory, so we set {} as default.
         policyMatchParams = policySetup.get("matchParams", {})
         gLogger.debug(f"matchParams of {policyName}: {str(policyMatchParams)}")
 
-        # FIXME: make sure the values in the policyConfigParams dictionary are typed !!
-        policyConfigParams = {}
-        # policyConfigParams = policySetup.get( 'configParams', {} )
+        # Any key in the CS policy entry that is not a reserved keyword is treated as
+        # a command-argument override. These override the defaults from POLICIESMETA.
+        _reservedKeys = {"policyType", "matchParams", "configParams", "doNotCombineResult", "active"}
+        policyConfigParams = {
+            k: v[0] if isinstance(v, list) else v for k, v in policySetup.items() if k not in _reservedKeys
+        }
+
         policyMatch = Utils.configMatch(decisionParams, policyMatchParams)
         gLogger.debug(f"PolicyMatch for decisionParams {decisionParams}: {str(policyMatch)}")
 
         # WARNING: we need an additional filtering function when the matching
         # is not straightforward (e.g. when the policy specify a 'domain', while
         # the decisionParams has only the name of the element)
         if policyMatch and _filterPolicies(decisionParams, policyMatchParams):
-            policiesThatApply.append((policyName, policyType, policyConfigParams))
+            policiesThatApply.append((policyName, policyType, policyConfigParams, policyMatchParams))
 
     gLogger.debug(f"policies that apply (before post-processing): {str(policiesThatApply)}")
     policiesThatApply = postProcessingPolicyList(policiesThatApply)
@@ -76,7 +79,7 @@ def getPoliciesThatApply(decisionParams):
     objectLoader = ObjectLoader()
     policiesToBeLoaded = []
     # Gets policies parameters from code.
-    for policyName, policyType, _policyConfigParams in policiesThatApply:
+    for policyName, policyType, _policyConfigParams, _policyMatchParams in policiesThatApply:
         try:
             result = objectLoader.loadModule("DIRAC.ResourceStatusSystem.Policy.Configurations")
             if not result["OK"]:
@@ -92,8 +95,22 @@ def getPoliciesThatApply(decisionParams):
         policyDict = {"name": policyName, "type": policyType, "args": {}}
 
         # args is one of the parameters we are going to use on the policies. We copy
-        # the defaults and then we update if with whatever comes from the CS.
+        # the defaults from POLICIESMETA and then override with whatever comes from the CS.
         policyDict.update(policyMeta)
+        if _policyConfigParams and policyDict.get("args") is not None:
+            # Build a case-insensitive lookup of the existing arg keys so that CS keys
+            # like "Unit" correctly override POLICIESMETA keys like "unit".
+            argsKeyMap = {k.lower(): k for k in policyDict["args"]}
+            for csKey, csVal in _policyConfigParams.items():
+                targetKey = argsKeyMap.get(csKey.lower(), csKey)
+                # CS values are always strings; cast to the type of the existing default.
+                existingVal = policyDict["args"].get(targetKey)
+                if existingVal is not None:
+                    try:
+                        csVal = type(existingVal)(csVal)
+                    except (ValueError, TypeError):
+                        pass
+                policyDict["args"][targetKey] = csVal
 
         policiesToBeLoaded.append(policyDict)
 
@@ -262,28 +279,42 @@ def _filterPolicies(decisionParams, policyMatchParams):
 
 
 def postProcessingPolicyList(policiesThatApply):
-    """Put here any "hacky" post-processing"""
-
-    # FIXME: the following 2 "if" are a "hack" for dealing with the following case:
-    # an SE happens to be subject to, e.g., both the 'FreeDiskSpaceMB' and the 'FreeDiskSpaceGB' policies
-    # (currently, there is no way to avoid that this happens, see e.g. LogSE)
-    # When this is the case, supposing that an SE has 50 MB free, the policies evaluation will be the following:
-    # - 'FreeDiskSpaceMB' will evaluate 'Active'
-    # - 'FreeDiskSpaceGB' will evaluate 'Banned'
-    # so the SE will end up being banned, but we want only the 'FreeDiskSpaceMB' to be considered.
-    if ("FreeDiskSpaceMB", "FreeDiskSpaceMB", {}) in policiesThatApply:
-        try:
-            policiesThatApply.remove(("FreeDiskSpaceGB", "FreeDiskSpaceGB", {}))
-        except ValueError:
-            pass
-        try:
-            policiesThatApply.remove(("FreeDiskSpaceTB", "FreeDiskSpaceTB", {}))
-        except ValueError:
-            pass
-    if ("FreeDiskSpaceGB", "FreeDiskSpaceGB", {}) in policiesThatApply:
-        try:
-            policiesThatApply.remove(("FreeDiskSpaceTB", "FreeDiskSpaceTB", {}))
-        except ValueError:
-            pass
+    """Remove lower-priority duplicates when multiple policies of the same type apply.
+
+    When two or more policies share the same ``policyType`` and both match the current
+    element, we keep only the most specific one. Specificity is determined by the number
+    of ``matchParams`` keys: more keys = more specific. If one of the duplicates matched
+    by ``name`` it is always considered more specific than one that did not.
+
+    This replaces the old per-type hacks (``FreeDiskSpaceMB`` > ``FreeDiskSpaceGB`` >
+    ``FreeDiskSpaceTB``) with a generic rule that works for any policy type.
+    """
+    from collections import defaultdict
+
+    # Group policies by policyType
+    byType = defaultdict(list)
+    for entry in policiesThatApply:
+        policyName, policyType, policyConfigParams, policyMatchParams = entry
+        byType[policyType].append(entry)
+
+    result = []
+    for policyType, entries in byType.items():
+        if len(entries) == 1:
+            result.extend(entries)
+            continue
 
-    return policiesThatApply
+        # Multiple policies of the same type matched — keep only the most specific.
+        # Specificity = number of matchParams keys; ties broken by name-match presence.
+        def specificity(entry):
+            matchParams = entry[3]  # policyMatchParams
+            nameMatch = 1 if "name" in matchParams else 0
+            return (nameMatch, len(matchParams))
+
+        most_specific = max(entries, key=specificity)
+        result.append(most_specific)
+        gLogger.debug(
+            f"postProcessing: multiple {policyType!r} policies matched; "
+            f"keeping {most_specific[0]!r}, dropping {[e[0] for e in entries if e is not most_specific]}"
+        )
+
+    return result