use of cz.metacentrum.perun.audit.events.GroupManagerEvents.GroupCreatedInVo in project perun by CESNET.
the class GroupsManagerBlImpl method createGroup.
@Override
public Group createGroup(PerunSession sess, Vo vo, Group group) throws GroupExistsException {
if (group.getParentGroupId() != null)
throw new InternalErrorException("Top-level groups can't have parentGroupId set!");
group = getGroupsManagerImpl().createGroup(sess, vo, group);
getPerunBl().getAuditer().log(sess, new GroupCreatedInVo(group, vo));
group.setVoId(vo.getId());
// set creator as group admin unless he already have authz right on the group (he is VO admin or this is "members" group of VO)
User user = sess.getPerunPrincipal().getUser();
if (user != null) {
// user can be null in tests
if (!sess.getPerunPrincipal().getRoles().hasRole(Role.PERUNADMIN) && !sess.getPerunPrincipal().getRoles().hasRole(Role.VOADMIN, vo) && !VosManager.MEMBERS_GROUP.equals(group.getName())) {
try {
AuthzResolverBlImpl.setRole(sess, user, group, Role.GROUPADMIN);
} catch (AlreadyAdminException e) {
throw new ConsistencyErrorException("Newly created group already have an admin.", e);
} catch (RoleCannotBeManagedException e) {
throw new InternalErrorException(e);
}
}
}
return group;
}
Aggregations