Examples with Group cz.metacentrum.perun.core.api.Group used on opensource projects

Example 1 with Group

use of cz.metacentrum.perun.core.api.Group in project perun by CESNET.

the class GroupsManagerEntry method createGroup.

public Group createGroup(PerunSession sess, Vo vo, Group group) throws GroupExistsException, PrivilegeException, InternalErrorException, VoNotExistsException {
    Utils.checkPerunSession(sess);
    Utils.notNull(group, "group");
    Utils.notNull(group.getName(), "group.name");
    if (!group.getName().matches(GroupsManager.GROUP_SHORT_NAME_REGEXP)) {
        throw new InternalErrorException(new IllegalArgumentException("Wrong group name, group name must matches " + GroupsManager.GROUP_SHORT_NAME_REGEXP));
    }
    if (group.getParentGroupId() != null)
        throw new InternalErrorException("Top-level groups can't have parentGroupId set!");
    // Authorization
    if (!AuthzResolver.isAuthorized(sess, Role.VOADMIN, vo) && !AuthzResolver.isAuthorized(sess, Role.TOPGROUPCREATOR, vo)) {
        throw new PrivilegeException(sess, "createGroup");
    }
    getPerunBl().getVosManagerBl().checkVoExists(sess, vo);
    Group createdGroup = getGroupsManagerBl().createGroup(sess, vo, group);
    //Refresh authz
    AuthzResolver.refreshAuthz(sess);
    return createdGroup;
}

Example 2 with Group

use of cz.metacentrum.perun.core.api.Group in project perun by CESNET.

the class MembersManagerEntry method createMember.

public Member createMember(PerunSession sess, Vo vo, Candidate candidate, List<Group> groups) throws InternalErrorException, WrongAttributeValueException, WrongReferenceAttributeValueException, AlreadyMemberException, VoNotExistsException, PrivilegeException, ExtendMembershipException, GroupNotExistsException, GroupOperationsException {
    Utils.checkPerunSession(sess);
    // if any group is not from the vo, throw an exception
    if (groups != null) {
        for (Group group : groups) {
            perunBl.getGroupsManagerBl().checkGroupExists(sess, group);
            if (group.getVoId() != vo.getId())
                throw new InternalErrorException("Group " + group + " is not from the vo " + vo + " where candidate " + candidate + " should be added.");
        }
    }
    // Authorization
    if (!AuthzResolver.isAuthorized(sess, Role.VOADMIN, vo)) {
        throw new PrivilegeException(sess, "createMember - from candidate");
    }
    Utils.notNull(candidate, "candidate");
    getPerunBl().getVosManagerBl().checkVoExists(sess, vo);
    return getMembersManagerBl().createMember(sess, vo, candidate, groups);
}

Example 3 with Group

use of cz.metacentrum.perun.core.api.Group in project perun by CESNET.

the class MembersManagerEntry method createMember.

public Member createMember(PerunSession sess, Vo vo, ExtSource extSource, String login, List<Group> groups) throws InternalErrorException, WrongAttributeValueException, WrongReferenceAttributeValueException, AlreadyMemberException, ExtendMembershipException, VoNotExistsException, ExtSourceNotExistsException, PrivilegeException, GroupNotExistsException, GroupOperationsException {
    Utils.checkPerunSession(sess);
    getPerunBl().getVosManagerBl().checkVoExists(sess, vo);
    getPerunBl().getExtSourcesManagerBl().checkExtSourceExists(sess, extSource);
    // if any group is not from the vo, throw an exception
    if (groups != null) {
        for (Group group : groups) {
            perunBl.getGroupsManagerBl().checkGroupExists(sess, group);
            if (group.getVoId() != vo.getId())
                throw new InternalErrorException("Group " + group + " is not from the vo " + vo + " where user with login " + login + " from ExtSource " + extSource + " should be added.");
        }
    }
    // Authorization for vo admin and perun admin automatic
    if (!AuthzResolver.isAuthorized(sess, Role.VOADMIN, vo)) {
        //also group admin of all affected groups is ok
        if (groups != null && !groups.isEmpty()) {
            boolean groupAdminOfAllGroups = true;
            boolean authorizedToExtSource = false;
            for (Group group : groups) {
                //User in session has to be GroupAdmin of all affected groups
                if (!AuthzResolver.isAuthorized(sess, Role.GROUPADMIN, group)) {
                    groupAdminOfAllGroups = false;
                    break;
                }
                //User in session has to have at least one right to work with the ExtSource
                List<ExtSource> groupExtSources = getPerunBl().getExtSourcesManagerBl().getGroupExtSources(sess, group);
                if (groupExtSources.contains(extSource))
                    authorizedToExtSource = true;
            }
            if (!groupAdminOfAllGroups || !authorizedToExtSource) {
                throw new PrivilegeException(sess, "createMember - from login and extSource -- authorized to extSource=" + authorizedToExtSource + " and groupAdmin in all groups=" + groupAdminOfAllGroups);
            }
        } else {
            throw new PrivilegeException(sess, "createMember - from login and extSource");
        }
    }
    // we run async validation
    Member member = getMembersManagerBl().createMember(sess, vo, extSource, login, groups);
    getMembersManagerBl().validateMemberAsync(sess, member);
    return member;
}

Example 4 with Group

use of cz.metacentrum.perun.core.api.Group in project perun by CESNET.

the class MembersManagerEntry method createSpecificMember.

public Member createSpecificMember(PerunSession sess, Vo vo, Candidate candidate, List<User> specificUserOwners, SpecificUserType specificUserType, List<Group> groups) throws InternalErrorException, WrongAttributeValueException, WrongReferenceAttributeValueException, AlreadyMemberException, VoNotExistsException, PrivilegeException, UserNotExistsException, ExtendMembershipException, GroupNotExistsException, GroupOperationsException {
    Utils.checkPerunSession(sess);
    Utils.notNull(specificUserType, "specificUserType");
    //normal type is not allowed when creating specific member
    if (specificUserType.equals(SpecificUserType.NORMAL))
        throw new InternalErrorException("Type of specific user must be defined.");
    // if any group is not from the vo, throw an exception
    if (groups != null) {
        for (Group group : groups) {
            perunBl.getGroupsManagerBl().checkGroupExists(sess, group);
            if (group.getVoId() != vo.getId())
                throw new InternalErrorException("Group " + group + " is not from the vo " + vo + " where candidate " + candidate + " should be added.");
        }
    }
    // Authorization
    if (!AuthzResolver.isAuthorized(sess, Role.VOADMIN, vo)) {
        throw new PrivilegeException(sess, "createSpecificMember (Specific User) - from candidate");
    }
    Utils.notNull(candidate, "candidate");
    getPerunBl().getVosManagerBl().checkVoExists(sess, vo);
    if (specificUserOwners.isEmpty())
        throw new InternalErrorException("List of specificUserOwners of " + candidate + " can't be empty.");
    for (User u : specificUserOwners) {
        getPerunBl().getUsersManagerBl().checkUserExists(sess, u);
    }
    return getMembersManagerBl().createSpecificMember(sess, vo, candidate, specificUserOwners, specificUserType, groups);
}

Example 5 with Group

use of cz.metacentrum.perun.core.api.Group in project perun by CESNET.

the class MembersManagerEntry method createMember.

public Member createMember(PerunSession sess, Vo vo, User user, List<Group> groups) throws InternalErrorException, AlreadyMemberException, WrongAttributeValueException, WrongReferenceAttributeValueException, VoNotExistsException, UserNotExistsException, PrivilegeException, ExtendMembershipException, GroupNotExistsException, GroupOperationsException {
    Utils.checkPerunSession(sess);
    getPerunBl().getUsersManagerBl().checkUserExists(sess, user);
    getPerunBl().getVosManagerBl().checkVoExists(sess, vo);
    // Authorization
    if (!AuthzResolver.isAuthorized(sess, Role.VOADMIN, vo)) {
        throw new PrivilegeException(sess, "createMember - from user");
    }
    // if any group is not from the vo, throw an exception
    if (groups != null) {
        for (Group group : groups) {
            perunBl.getGroupsManagerBl().checkGroupExists(sess, group);
            if (group.getVoId() != vo.getId())
                throw new InternalErrorException("Group " + group + " is not from the vo " + vo + " where user " + user + " should be added.");
        }
    }
    return getMembersManagerBl().createMember(sess, vo, user, groups);
}