Examples with AssignedGroup cz.metacentrum.perun.core.api.AssignedGroup used on opensource projects

Example 11 with AssignedGroup

use of cz.metacentrum.perun.core.api.AssignedGroup in project perun by CESNET.

the class ResourcesManagerEntryIntegrationTest method getGroupAssignments.

@Test
public void getGroupAssignments() throws Exception {
    System.out.println(CLASS_NAME + "getGroupAssignments");
    vo = setUpVo();
    member = setUpMember(vo);
    group = setUpGroup(vo, member);
    facility = setUpFacility();
    resource = setUpResource();
    resourcesManager.assignGroupToResource(sess, group, resource, false, false, false);
    List<AssignedGroup> groups = resourcesManager.getGroupAssignments(sess, resource, null);
    AssignedGroup expectedGroup = new AssignedGroup(new EnrichedGroup(group, null), GroupResourceStatus.ACTIVE, null, null, false);
    assertThat(groups.size()).isEqualTo(1);
    assertThat(groups).containsExactly(expectedGroup);
    assertThat(groups.get(0).getEnrichedGroup().getAttributes()).containsExactlyInAnyOrderElementsOf(perun.getAttributesManager().getAttributes(sess, group));
}

Example 12 with AssignedGroup

use of cz.metacentrum.perun.core.api.AssignedGroup in project perun by CESNET.

the class ResourcesManagerEntryIntegrationTest method assignMembersGroupToResourceWithSubgroups.

@Test
public void assignMembersGroupToResourceWithSubgroups() throws Exception {
    System.out.println(CLASS_NAME + "assignMembersGroupToResourceWithSubgroups");
    vo = setUpVo();
    facility = setUpFacility();
    resource = setUpResource();
    assertNotNull("unable to create resource", resource);
    member = setUpMember(vo);
    group = setUpGroup(vo, member);
    Group members = sess.getPerun().getGroupsManager().getGroupByName(sess, vo, VosManager.MEMBERS_GROUP);
    AssignedGroup expectedMembersGroupActive = new AssignedGroup(new EnrichedGroup(members, null), GroupResourceStatus.ACTIVE, null, null, true);
    AssignedGroup expectedGroupActive = new AssignedGroup(new EnrichedGroup(group, null), GroupResourceStatus.ACTIVE, expectedMembersGroupActive.getEnrichedGroup().getGroup().getId(), null, true);
    resourcesManager.assignGroupToResource(sess, members, resource, false, false, true);
    List<AssignedGroup> assignedGroups = resourcesManager.getGroupAssignments(sess, resource, null);
    assertEquals("two groups should be assigned to our Resource('members' and other test group)", 2, assignedGroups.size());
    assertTrue("our group should be assigned to resource.", assignedGroups.contains(expectedGroupActive));
    assertTrue("our members group should be assigned to resource", assignedGroups.contains(expectedMembersGroupActive));
}

Example 13 with AssignedGroup

use of cz.metacentrum.perun.core.api.AssignedGroup in project perun by CESNET.

the class ResourceAssignmentChecker method fixInconsistentGroupResourceAssignments.

/**
 * Waits for 10 minutes after Perun startup and then every hour checks,
 * if all group-resource assignments are consistent, e.g. all subgroups are automatically
 * assigned and no automatic subgroups assignments are kept after removing source group.
 */
@Scheduled(initialDelay = 10 * 60 * 1000, fixedDelay = 60 * 60 * 1000)
public void fixInconsistentGroupResourceAssignments() {
    if (perunBl.isPerunReadOnly()) {
        log.warn("This instance is just read only so skip periodic check of automatic group-resource assignments.");
        return;
    }
    log.debug("ResourceAssignmentChecker starting fixing inconsistencies in automatic group-resource assignments.");
    List<Resource> resources = perunBl.getResourcesManagerBl().getResources(sess);
    for (Resource resource : resources) {
        List<AssignedGroup> assignedGroups = perunBl.getResourcesManagerBl().getGroupAssignments(sess, resource, List.of());
        List<AssignedGroup> automaticallyAssignedSubgroups = assignedGroups.stream().filter(group -> group.getSourceGroupId() != null).collect(Collectors.toList());
        List<AssignedGroup> sourceGroups = assignedGroups.stream().filter(a -> a.isAutoAssignSubgroups() && a.getSourceGroupId() == null).collect(Collectors.toList());
        for (AssignedGroup assignedSubgroup : automaticallyAssignedSubgroups) {
            perunBl.getResourceAssignmentChecker().removeSubgroupFromResource(resource, sourceGroups, assignedSubgroup);
        }
        for (AssignedGroup sourceGroup : sourceGroups) {
            perunBl.getResourceAssignmentChecker().assignSubgroupsToResource(resource, automaticallyAssignedSubgroups, sourceGroup);
        }
    }
}

Example 14 with AssignedGroup

use of cz.metacentrum.perun.core.api.AssignedGroup in project perun by CESNET.

the class ResourceAssignmentChecker method removeSubgroupFromResource.

/**
 * Remove assigned subgroup which source group is not assigned as source group.
 * Runs in transaction.
 * @param resource
 * @param sourceGroups
 * @param assignedSubgroup
 */
public void removeSubgroupFromResource(Resource resource, List<AssignedGroup> sourceGroups, AssignedGroup assignedSubgroup) {
    boolean sourceIsAssigned;
    try {
        Group srcGroup = perunBl.getGroupsManagerBl().getGroupById(sess, assignedSubgroup.getSourceGroupId());
        sourceIsAssigned = sourceGroups.stream().anyMatch(s -> s.getEnrichedGroup().getGroup().equals(srcGroup));
    } catch (GroupNotExistsException e) {
        sourceIsAssigned = false;
    }
    if (!sourceIsAssigned) {
        try {
            perunBl.getResourcesManagerBl().removeAutomaticGroupFromResource(sess, assignedSubgroup.getEnrichedGroup().getGroup(), resource, assignedSubgroup.getSourceGroupId());
        } catch (GroupNotDefinedOnResourceException | GroupAlreadyRemovedFromResourceException e) {
        // skip silently, already removed
        }
    }
}

Example 15 with AssignedGroup

use of cz.metacentrum.perun.core.api.AssignedGroup in project perun by CESNET.

the class ResourcesManagerBlImpl method deleteResource.

@Override
public void deleteResource(PerunSession sess, Resource resource) throws ResourceAlreadyRemovedException, GroupAlreadyRemovedFromResourceException {
    // Get facility for audit messages
    Facility facility = this.getFacility(sess, resource);
    // remove admins of this resource
    List<Group> adminGroups = getResourcesManagerImpl().getAdminGroups(sess, resource);
    for (Group adminGroup : adminGroups) {
        try {
            AuthzResolverBlImpl.unsetRole(sess, adminGroup, resource, Role.RESOURCEADMIN);
        } catch (GroupNotAdminException e) {
            log.warn("When trying to unsetRole ResourceAdmin for group {} in the resource {} the exception was thrown {}", adminGroup, resource, e);
        // skip and log as warning
        } catch (RoleCannotBeManagedException e) {
            throw new InternalErrorException(e);
        }
    }
    List<User> adminUsers = getResourcesManagerImpl().getAdmins(sess, resource);
    for (User adminUser : adminUsers) {
        try {
            AuthzResolverBlImpl.unsetRole(sess, adminUser, resource, Role.RESOURCEADMIN);
        } catch (UserNotAdminException e) {
            log.warn("When trying to unsetRole ResourceAdmin for user {} in the resource {} the exception was thrown {}", adminUser, resource, e);
        // skip and log as warning
        } catch (RoleCannotBeManagedException e) {
            throw new InternalErrorException(e);
        }
    }
    // Remove binding between resource and service
    List<Service> services = getAssignedServices(sess, resource);
    for (Service service : services) {
        try {
            this.removeService(sess, resource, service);
        } catch (ServiceNotAssignedException e) {
            throw new ConsistencyErrorException(e);
        }
    }
    List<AssignedGroup> assignedGroups = getGroupAssignments(sess, resource, List.of());
    for (AssignedGroup assignedGroup : assignedGroups) {
        if (assignedGroup.getSourceGroupId() == null) {
            try {
                removeGroupFromResource(sess, assignedGroup.getEnrichedGroup().getGroup(), resource);
            } catch (GroupNotDefinedOnResourceException ex) {
                throw new GroupAlreadyRemovedFromResourceException(ex);
            }
        }
    }
    // Remove attr values for the resource
    try {
        perunBl.getAttributesManagerBl().removeAllAttributes(sess, resource);
    } catch (AttributeValueException ex) {
        throw new ConsistencyErrorException("All services are removed from this resource. There is no required attribute. So all attribtes for this resource can be removed withou problem.", ex);
    }
    // Remove group-resource attr values for all group and resource
    try {
        this.perunBl.getAttributesManagerBl().removeAllGroupResourceAttributes(sess, resource);
    } catch (WrongAttributeValueException | GroupResourceMismatchException | WrongReferenceAttributeValueException ex) {
        throw new InternalErrorException(ex);
    }
    // Remove all resources tags
    this.removeAllResourcesTagFromResource(sess, resource);
    // Remove all resource bans
    List<BanOnResource> bansOnResource = this.getBansForResource(sess, resource.getId());
    for (BanOnResource banOnResource : bansOnResource) {
        try {
            this.removeBan(sess, banOnResource.getId());
        } catch (BanNotExistsException ex) {
        // it is ok, we just want to remove it anyway
        }
    }
    // Because resource will be tottaly deleted, we can also delete all member-resource attributes
    this.perunBl.getAttributesManagerBl().removeAllMemberResourceAttributes(sess, resource);
    // Get the resource VO
    Vo vo = this.getVo(sess, resource);
    getResourcesManagerImpl().deleteResource(sess, vo, resource);
    getPerunBl().getAuditer().log(sess, new ResourceDeleted(resource, facility));
}