Search in sources :

Example 1 with GroupCreatedInVo

use of cz.metacentrum.perun.audit.events.GroupManagerEvents.GroupCreatedInVo in project perun by CESNET.

the class GroupsManagerBlImpl method createGroup.

@Override
public Group createGroup(PerunSession sess, Vo vo, Group group) throws GroupExistsException {
    if (group.getParentGroupId() != null)
        throw new InternalErrorException("Top-level groups can't have parentGroupId set!");
    group = getGroupsManagerImpl().createGroup(sess, vo, group);
    getPerunBl().getAuditer().log(sess, new GroupCreatedInVo(group, vo));
    group.setVoId(vo.getId());
    // set creator as group admin unless he already have authz right on the group (he is VO admin or this is "members" group of VO)
    User user = sess.getPerunPrincipal().getUser();
    if (user != null) {
        // user can be null in tests
        if (!sess.getPerunPrincipal().getRoles().hasRole(Role.PERUNADMIN) && !sess.getPerunPrincipal().getRoles().hasRole(Role.VOADMIN, vo) && !VosManager.MEMBERS_GROUP.equals(group.getName())) {
            try {
                AuthzResolverBlImpl.setRole(sess, user, group, Role.GROUPADMIN);
            } catch (AlreadyAdminException e) {
                throw new ConsistencyErrorException("Newly created group already have an admin.", e);
            } catch (RoleCannotBeManagedException e) {
                throw new InternalErrorException(e);
            }
        }
    }
    return group;
}
Also used : ConsistencyErrorException(cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException) User(cz.metacentrum.perun.core.api.User) RichUser(cz.metacentrum.perun.core.api.RichUser) GroupCreatedInVo(cz.metacentrum.perun.audit.events.GroupManagerEvents.GroupCreatedInVo) InternalErrorException(cz.metacentrum.perun.core.api.exceptions.InternalErrorException) RoleCannotBeManagedException(cz.metacentrum.perun.core.api.exceptions.RoleCannotBeManagedException) AlreadyAdminException(cz.metacentrum.perun.core.api.exceptions.AlreadyAdminException)

Aggregations

GroupCreatedInVo (cz.metacentrum.perun.audit.events.GroupManagerEvents.GroupCreatedInVo)1 RichUser (cz.metacentrum.perun.core.api.RichUser)1 User (cz.metacentrum.perun.core.api.User)1 AlreadyAdminException (cz.metacentrum.perun.core.api.exceptions.AlreadyAdminException)1 ConsistencyErrorException (cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException)1 InternalErrorException (cz.metacentrum.perun.core.api.exceptions.InternalErrorException)1 RoleCannotBeManagedException (cz.metacentrum.perun.core.api.exceptions.RoleCannotBeManagedException)1