Examples with Group cz.metacentrum.perun.core.api.Group used on opensource projects

Example 16 with Group

use of cz.metacentrum.perun.core.api.Group in project perun by CESNET.

the class urn_perun_user_facility_attribute_def_def_defaultUnixGID method checkAttributeValue.

@Override
public /**
	 * Checks the new default GID of the user at the specified facility. The new GID must be equals to any of resource unixGID attribute where resource is from speciafie facility (and user must have acces to this resource) or from groupResource:unixGID attribute (groups if from the resources and user have acess to them)
	 *
	 * TODO Known issues: Can't detect if unixGid is not set on all resources and groups where user is allowed. This will be reported as WrongAttributeValueException, but it should be WrongReferenceAttributeValueException
	 */
void checkAttributeValue(PerunSessionImpl sess, Facility facility, User user, Attribute attribute) throws WrongAttributeValueException, WrongReferenceAttributeValueException, InternalErrorException, WrongAttributeAssignmentException {
    Integer gid = (Integer) attribute.getValue();
    if (gid == null)
        return;
    Attribute namespaceAttribute;
    try {
        namespaceAttribute = sess.getPerunBl().getAttributesManagerBl().getAttribute(sess, facility, AttributesManager.NS_FACILITY_ATTR_DEF + ":unixGID-namespace");
    } catch (AttributeNotExistsException ex) {
        throw new ConsistencyErrorException(ex);
    }
    if (namespaceAttribute.getValue() == null)
        throw new WrongReferenceAttributeValueException(attribute, namespaceAttribute, "Reference attribute is null");
    String namespaceName = (String) namespaceAttribute.getValue();
    Attribute unixGroupNameNamespace;
    try {
        unixGroupNameNamespace = sess.getPerunBl().getAttributesManagerBl().getAttribute(sess, facility, AttributesManager.NS_FACILITY_ATTR_DEF + ":unixGroupName-namespace");
    } catch (AttributeNotExistsException ex) {
        throw new ConsistencyErrorException(ex);
    }
    if (unixGroupNameNamespace.getValue() == null)
        throw new WrongReferenceAttributeValueException(attribute, unixGroupNameNamespace, user, facility, facility, null, "Reference attribute is null");
    String unixGroupNameNamespaceName = (String) unixGroupNameNamespace.getValue();
    Attribute resourceGidAttribute;
    try {
        resourceGidAttribute = new Attribute(sess.getPerunBl().getAttributesManagerBl().getAttributeDefinition(sess, AttributesManager.NS_RESOURCE_ATTR_DEF + ":unixGID-namespace:" + namespaceName));
    } catch (AttributeNotExistsException ex) {
        throw new ConsistencyErrorException("Namespace from value of " + namespaceAttribute + " doesn't exists. (Resource attribute " + AttributesManager.NS_RESOURCE_ATTR_DEF + ":unixGID-namespace:" + namespaceName + " doesn't exists", ex);
    }
    resourceGidAttribute.setValue(attribute.getValue());
    List<Resource> allowedResources = sess.getPerunBl().getUsersManagerBl().getAllowedResources(sess, facility, user);
    List<Resource> allowedResourcesWithSameGid = sess.getPerunBl().getResourcesManagerBl().getResourcesByAttribute(sess, resourceGidAttribute);
    allowedResourcesWithSameGid.retainAll(allowedResources);
    //We found at least one allowed resource with same gid as the user have => attribute is OK
    if (!allowedResourcesWithSameGid.isEmpty())
        return;
    Attribute groupGidAttribute;
    try {
        groupGidAttribute = new Attribute(sess.getPerunBl().getAttributesManagerBl().getAttributeDefinition(sess, AttributesManager.NS_GROUP_ATTR_DEF + ":unixGID-namespace:" + namespaceName));
        groupGidAttribute.setValue(attribute.getValue());
    } catch (AttributeNotExistsException ex) {
        throw new ConsistencyErrorException("Namespace from value of " + namespaceAttribute + " doesn't exists. (Group-resource attribute " + AttributesManager.NS_GROUP_ATTR_DEF + ":unixGID-namespace:" + namespaceName + " doesn't exists", ex);
    }
    List<Group> groupWithSameGid = sess.getPerunBl().getGroupsManagerBl().getGroupsByAttribute(sess, groupGidAttribute);
    List<Group> candidateGroups = groupWithSameGid;
    candidateGroups.retainAll(sess.getPerunBl().getFacilitiesManagerBl().getAllowedGroups(sess, facility, null, null));
    for (Group group : candidateGroups) {
        //check if group has unix group name in namespace required by facility
        try {
            Attribute unixGroupName = sess.getPerunBl().getAttributesManagerBl().getAttribute(sess, group, AttributesManager.NS_GROUP_ATTR_DEF + ":unixGroupName-namespace:" + unixGroupNameNamespaceName);
            if (unixGroupName.getValue() == null || ((String) unixGroupName.getValue()).isEmpty()) {
                continue;
            }
        } catch (AttributeNotExistsException ex) {
            throw new InternalErrorException(ex);
        }
        //check if the user is member of the group
        if (sess.getPerunBl().getGroupsManagerBl().isUserMemberOfGroup(sess, user, group)) {
            //attribute is OK
            return;
        }
    }
    throw new WrongAttributeValueException(attribute, user, facility, "User isn't allowed to have the default unix group which have this gid (" + gid + ") or such group doesn't exist.  " + user);
}

Example 17 with Group

use of cz.metacentrum.perun.core.api.Group in project perun by CESNET.

the class AttributesManagerEntryIntegrationTest method getGroupResourceAttributeWhenGroupNotExists.

@Test(expected = GroupNotExistsException.class)
public void getGroupResourceAttributeWhenGroupNotExists() throws Exception {
    System.out.println(CLASS_NAME + "getGroupResourceAttributeWhenGroupNotExists");
    vo = setUpVo();
    group = setUpGroup();
    facility = setUpFacility();
    resource = setUpResource();
    attributes = setUpGroupResourceAttribute();
    attributesManager.setAttributes(sess, resource, group, attributes);
    attributesManager.getAttribute(sess, resource, new Group(), "urn:perun:group_resource:attribute-def:opt:group-resource-test-attribute");
// shouldn't find group
}

Example 18 with Group

use of cz.metacentrum.perun.core.api.Group in project perun by CESNET.

the class AttributesManagerEntryIntegrationTest method getRichAttributesWithHoldersForAttributeDefinitionGetGroupFromUserAndFacility.

@Test
public void getRichAttributesWithHoldersForAttributeDefinitionGetGroupFromUserAndFacility() throws Exception {
    System.out.println(CLASS_NAME + "getRichAttributesWithHoldersForAttributeDefinitionGetGroupFromUserAndFacility");
    //Prepare attribute, create it and set it with testing value
    Attribute attribute = setAttributeInNamespace(AttributesManager.NS_GROUP_ATTR);
    perun.getAttributesManagerBl().setAttribute(sess, group1InVo2, attribute);
    perun.getAttributesManagerBl().setAttribute(sess, group2InVo2, attribute);
    //Prepare richAttribute with holders (attribute is not needed but holders are needed)
    RichAttribute richAttr = new RichAttribute();
    richAttr.setPrimaryHolder(user2);
    richAttr.setSecondaryHolder(facility2);
    List<RichAttribute> listOfRichAttributes = perun.getAttributesManagerBl().getRichAttributesWithHoldersForAttributeDefinition(sess, new AttributeDefinition(attribute), richAttr);
    assertTrue("return two groups", listOfRichAttributes.size() == 2);
    assertTrue("primary holder is type of vo", listOfRichAttributes.get(0).getPrimaryHolder() instanceof Group);
    assertTrue("secondary holder is null", listOfRichAttributes.get(0).getSecondaryHolder() == null);
    List<Group> groups = new ArrayList<Group>();
    for (RichAttribute ra : listOfRichAttributes) {
        groups.add((Group) ra.getPrimaryHolder());
    }
    assertTrue("groups contains group1InVo2", groups.contains(group1InVo2));
    assertTrue("groups contains group2InVo2", groups.contains(group2InVo2));
    assertTrue("richObject have in Attribute our attribute, which was set before", listOfRichAttributes.get(0).getAttribute().equals(attribute));
}

Example 19 with Group

use of cz.metacentrum.perun.core.api.Group in project perun by CESNET.

the class AttributesManagerEntryIntegrationTest method getRichAttributesWithHoldersForAttributeDefinitionGetGroupFromResourceAndGroup.

@Test
public void getRichAttributesWithHoldersForAttributeDefinitionGetGroupFromResourceAndGroup() throws Exception {
    System.out.println(CLASS_NAME + "getRichAttributesWithHoldersForAttributeDefinitionGetGroupFromResourceAndGroup");
    //Prepare attribute, create it and set it with testing value
    Attribute attribute = setAttributeInNamespace(AttributesManager.NS_GROUP_ATTR);
    perun.getAttributesManagerBl().setAttribute(sess, group2InVo2, attribute);
    //Prepare richAttribute with holders (attribute is not needed but holders are needed)
    RichAttribute richAttr = new RichAttribute();
    richAttr.setPrimaryHolder(resource1InVo2);
    richAttr.setSecondaryHolder(group2InVo2);
    List<RichAttribute> listOfRichAttributes = perun.getAttributesManagerBl().getRichAttributesWithHoldersForAttributeDefinition(sess, new AttributeDefinition(attribute), richAttr);
    //Return facilities Administrator too if exists
    assertTrue("return only one group", listOfRichAttributes.size() == 1);
    assertTrue("primary holder is type of vo", listOfRichAttributes.get(0).getPrimaryHolder() instanceof Group);
    assertTrue("secondary holder is null", listOfRichAttributes.get(0).getSecondaryHolder() == null);
    assertTrue("richObject have in primaryAttribute our group", listOfRichAttributes.get(0).getPrimaryHolder().equals(group2InVo2));
    assertTrue("richObject have in Attribute our attribute, which was set before", listOfRichAttributes.get(0).getAttribute().equals(attribute));
}

Example 20 with Group

use of cz.metacentrum.perun.core.api.Group in project perun by CESNET.

the class AttributesManagerEntryIntegrationTest method setUpGroup.

private Group setUpGroup(Vo vo, Member member) throws Exception {
    Group group = new Group("ResourcesManagerTestGroup", "");
    group = perun.getGroupsManager().createGroup(sess, vo, group);
    perun.getGroupsManager().addMember(sess, group, member);
    return group;
}