Examples with Attribute cz.metacentrum.perun.core.api.Attribute used on opensource projects

Example 31 with Attribute

use of cz.metacentrum.perun.core.api.Attribute in project perun by CESNET.

the class AttributesManagerEntry method getAttributes.

public List<Attribute> getAttributes(PerunSession sess, Resource resource, Member member, boolean workWithUserAttributes) throws PrivilegeException, ResourceNotExistsException, InternalErrorException, MemberNotExistsException, WrongAttributeAssignmentException {
    Utils.checkPerunSession(sess);
    getPerunBl().getResourcesManagerBl().checkResourceExists(sess, resource);
    getPerunBl().getMembersManagerBl().checkMemberExists(sess, member);
    List<Attribute> attributes = getAttributesManagerBl().getAttributes(sess, resource, member, workWithUserAttributes);
    Iterator<Attribute> attrIter = attributes.iterator();
    //Choose to which attributes has the principal access
    while (attrIter.hasNext()) {
        Attribute attrNext = attrIter.next();
        if (getAttributesManagerBl().isFromNamespace(sess, attrNext, NS_MEMBER_ATTR)) {
            if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.READ, attrNext, member, null))
                attrIter.remove();
            else
                attrNext.setWritable(AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, attrNext, member, null));
        } else if (getAttributesManagerBl().isFromNamespace(sess, attrNext, NS_USER_ATTR)) {
            User user = getPerunBl().getUsersManagerBl().getUserByMember(sess, member);
            if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.READ, attrNext, user, null))
                attrIter.remove();
            else
                attrNext.setWritable(AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, attrNext, user, null));
        } else if (getAttributesManagerBl().isFromNamespace(sess, attrNext, NS_USER_FACILITY_ATTR)) {
            User user = getPerunBl().getUsersManagerBl().getUserByMember(sess, member);
            Facility facility = getPerunBl().getResourcesManagerBl().getFacility(sess, resource);
            if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.READ, attrNext, facility, user))
                attrIter.remove();
            else
                attrNext.setWritable(AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, attrNext, facility, user));
        } else if (getAttributesManagerBl().isFromNamespace(sess, attrNext, NS_MEMBER_RESOURCE_ATTR)) {
            if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.READ, attrNext, resource, member))
                attrIter.remove();
            else
                attrNext.setWritable(AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, attrNext, resource, member));
        } else {
            throw new ConsistencyErrorException("One of getting attributes is not correct type : " + attrNext);
        }
    }
    return attributes;
}

Example 32 with Attribute

use of cz.metacentrum.perun.core.api.Attribute in project perun by CESNET.

the class AttributesManagerEntry method setAttributes.

public void setAttributes(PerunSession sess, User user, List<Attribute> attributes) throws PrivilegeException, InternalErrorException, UserNotExistsException, AttributeNotExistsException, WrongAttributeValueException, WrongAttributeAssignmentException, WrongReferenceAttributeValueException {
    Utils.checkPerunSession(sess);
    getPerunBl().getUsersManagerBl().checkUserExists(sess, user);
    for (Attribute attribute : attributes) {
        attribute = this.perunBl.getAttributesManagerBl().convertEmptyStringIntoNullInAttrValue(attribute);
        attribute = this.perunBl.getAttributesManagerBl().convertBooleanFalseIntoNullInAttrValue(attribute);
    }
    getAttributesManagerBl().checkAttributesExists(sess, attributes);
    //Choose to which attributes has the principal access
    for (Attribute attr : attributes) {
        if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, new AttributeDefinition(attr), user, null))
            throw new PrivilegeException("Principal has no access to set attribute = " + new AttributeDefinition(attr));
    }
    getAttributesManagerBl().setAttributes(sess, user, attributes);
}

Example 33 with Attribute

use of cz.metacentrum.perun.core.api.Attribute in project perun by CESNET.

the class AttributesManagerEntry method removeAllAttributes.

public void removeAllAttributes(PerunSession sess, Resource resource) throws InternalErrorException, PrivilegeException, ResourceNotExistsException, WrongAttributeValueException, WrongReferenceAttributeValueException {
    Utils.checkPerunSession(sess);
    getPerunBl().getResourcesManagerBl().checkResourceExists(sess, resource);
    //Choose if principal has access to remove all attributes
    List<Attribute> allAttributes = getPerunBl().getAttributesManagerBl().getAttributes(sess, resource);
    for (Attribute attr : allAttributes) {
        if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, attr, resource, null))
            throw new PrivilegeException("Principal has no access to remove attribute = " + new AttributeDefinition(attr));
    }
    getAttributesManagerBl().removeAllAttributes(sess, resource);
}

Example 34 with Attribute

use of cz.metacentrum.perun.core.api.Attribute in project perun by CESNET.

the class AttributesManagerEntry method getAttributes.

public List<Attribute> getAttributes(PerunSession sess, Group group, List<String> attrNames) throws PrivilegeException, InternalErrorException, GroupNotExistsException {
    Utils.checkPerunSession(sess);
    getPerunBl().getGroupsManagerBl().checkGroupExists(sess, group);
    List<Attribute> attributes = getAttributesManagerBl().getAttributes(sess, group, attrNames);
    Iterator<Attribute> attrIter = attributes.iterator();
    //Choose to which attributes has the principal access
    while (attrIter.hasNext()) {
        Attribute attrNext = attrIter.next();
        if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.READ, new AttributeDefinition(attrNext), group, null))
            attrIter.remove();
        else
            attrNext.setWritable(AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, attrNext, group, null));
    }
    return attributes;
}

Example 35 with Attribute

use of cz.metacentrum.perun.core.api.Attribute in project perun by CESNET.

the class AttributesManagerEntry method getAttributes.

public List<Attribute> getAttributes(PerunSession sess, Member member, List<String> attrNames) throws PrivilegeException, InternalErrorException, MemberNotExistsException {
    Utils.checkPerunSession(sess);
    getPerunBl().getMembersManagerBl().checkMemberExists(sess, member);
    List<Attribute> attributes = getAttributesManagerBl().getAttributes(sess, member, attrNames);
    Iterator<Attribute> attrIter = attributes.iterator();
    //Choose to which attributes has the principal access
    while (attrIter.hasNext()) {
        Attribute attrNext = attrIter.next();
        if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.READ, new AttributeDefinition(attrNext), member, null))
            attrIter.remove();
        else
            attrNext.setWritable(AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, attrNext, member, null));
    }
    return attributes;
}