Search in sources :

Example 41 with Attribute

use of cz.metacentrum.perun.core.api.Attribute in project perun by CESNET.

the class AttributesManagerEntry method setAttributes.

public void setAttributes(PerunSession sess, Facility facility, List<Attribute> attributes) throws PrivilegeException, InternalErrorException, FacilityNotExistsException, AttributeNotExistsException, WrongAttributeValueException, WrongAttributeAssignmentException, WrongReferenceAttributeValueException {
    Utils.checkPerunSession(sess);
    getPerunBl().getFacilitiesManagerBl().checkFacilityExists(sess, facility);
    for (Attribute attribute : attributes) {
        attribute = this.perunBl.getAttributesManagerBl().convertEmptyStringIntoNullInAttrValue(attribute);
        attribute = this.perunBl.getAttributesManagerBl().convertBooleanFalseIntoNullInAttrValue(attribute);
    }
    getAttributesManagerBl().checkAttributesExists(sess, attributes);
    //Choose to which attributes has the principal access
    for (Attribute attr : attributes) {
        if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, new AttributeDefinition(attr), facility, null))
            throw new PrivilegeException("Principal has no access to set attribute = " + new AttributeDefinition(attr));
    }
    getAttributesManagerBl().setAttributes(sess, facility, attributes);
}
Also used : Attribute(cz.metacentrum.perun.core.api.Attribute) AttributeDefinition(cz.metacentrum.perun.core.api.AttributeDefinition)

Example 42 with Attribute

use of cz.metacentrum.perun.core.api.Attribute in project perun by CESNET.

the class AttributesManagerEntry method fillAttribute.

public Attribute fillAttribute(PerunSession sess, Group group, Attribute attribute) throws PrivilegeException, InternalErrorException, GroupNotExistsException, AttributeNotExistsException, WrongAttributeAssignmentException {
    Utils.checkPerunSession(sess);
    getPerunBl().getGroupsManagerBl().checkGroupExists(sess, group);
    getAttributesManagerBl().checkAttributeExists(sess, attribute);
    //Choose to which attributes has the principal access
    if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, new AttributeDefinition(attribute), group, null))
        throw new PrivilegeException("Principal has no access to fill attribute = " + new AttributeDefinition(attribute));
    Attribute attr = getAttributesManagerBl().fillAttribute(sess, group, attribute);
    attr.setWritable(true);
    return attr;
}
Also used : Attribute(cz.metacentrum.perun.core.api.Attribute) AttributeDefinition(cz.metacentrum.perun.core.api.AttributeDefinition)

Example 43 with Attribute

use of cz.metacentrum.perun.core.api.Attribute in project perun by CESNET.

the class AttributesManagerEntry method getRequiredAttributes.

public List<Attribute> getRequiredAttributes(PerunSession sess, Service service, Resource resource, Group group, boolean workWithGroupAttributes) throws PrivilegeException, InternalErrorException, ServiceNotExistsException, ResourceNotExistsException, GroupNotExistsException, WrongAttributeAssignmentException {
    Utils.checkPerunSession(sess);
    getPerunBl().getServicesManagerBl().checkServiceExists(sess, service);
    getPerunBl().getResourcesManagerBl().checkResourceExists(sess, resource);
    getPerunBl().getGroupsManagerBl().checkGroupExists(sess, group);
    List<Attribute> attributes = getAttributesManagerBl().getRequiredAttributes(sess, service, resource, group, workWithGroupAttributes);
    Iterator<Attribute> attrIter = attributes.iterator();
    //Choose to which attributes has the principal access
    while (attrIter.hasNext()) {
        Attribute attrNext = attrIter.next();
        if (getAttributesManagerBl().isFromNamespace(sess, attrNext, NS_GROUP_RESOURCE_ATTR)) {
            if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.READ, attrNext, resource, group))
                attrIter.remove();
            else
                attrNext.setWritable(AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, attrNext, resource, group));
        } else if (getAttributesManagerBl().isFromNamespace(sess, attrNext, NS_GROUP_ATTR)) {
            if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.READ, attrNext, group, null))
                attrIter.remove();
            else
                attrNext.setWritable(AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, attrNext, group, null));
        } else {
            throw new ConsistencyErrorException("There is some attribute which is not type of any possible choice.");
        }
    }
    return attributes;
}
Also used : Attribute(cz.metacentrum.perun.core.api.Attribute)

Example 44 with Attribute

use of cz.metacentrum.perun.core.api.Attribute in project perun by CESNET.

the class AttributesManagerEntry method getAttributes.

public List<Attribute> getAttributes(PerunSession sess, Facility facility) throws PrivilegeException, FacilityNotExistsException, InternalErrorException {
    Utils.checkPerunSession(sess);
    getPerunBl().getFacilitiesManagerBl().checkFacilityExists(sess, facility);
    List<Attribute> attributes = getAttributesManagerBl().getAttributes(sess, facility);
    Iterator<Attribute> attrIter = attributes.iterator();
    //Choose to which attributes has the principal access
    while (attrIter.hasNext()) {
        Attribute attrNext = attrIter.next();
        if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.READ, new AttributeDefinition(attrNext), facility, null))
            attrIter.remove();
        else
            attrNext.setWritable(AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, attrNext, facility, null));
    }
    return attributes;
}
Also used : Attribute(cz.metacentrum.perun.core.api.Attribute) AttributeDefinition(cz.metacentrum.perun.core.api.AttributeDefinition)

Example 45 with Attribute

use of cz.metacentrum.perun.core.api.Attribute in project perun by CESNET.

the class AttributesManagerEntry method checkAttributesValue.

public void checkAttributesValue(PerunSession sess, Resource resource, Group group, List<Attribute> attributes, boolean workWithGroupAttribute) throws PrivilegeException, InternalErrorException, AttributeNotExistsException, ResourceNotExistsException, GroupNotExistsException, WrongAttributeAssignmentException, WrongAttributeValueException, GroupResourceMismatchException, WrongReferenceAttributeValueException {
    Utils.checkPerunSession(sess);
    getAttributesManagerBl().checkAttributesExists(sess, attributes);
    getPerunBl().getResourcesManagerBl().checkResourceExists(sess, resource);
    getPerunBl().getGroupsManagerBl().checkGroupExists(sess, group);
    if (!getPerunBl().getGroupsManagerBl().getVo(sess, group).equals(getPerunBl().getResourcesManagerBl().getVo(sess, resource))) {
        throw new GroupResourceMismatchException("group and resource are not in the same VO");
    }
    //Choose to which attributes has the principal access
    for (Attribute attr : attributes) {
        if (getAttributesManagerBl().isFromNamespace(sess, attr, NS_GROUP_RESOURCE_ATTR)) {
            if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, new AttributeDefinition(attr), resource, group))
                throw new PrivilegeException("Principal has no access to check attribute = " + new AttributeDefinition(attr));
        } else if (getAttributesManagerBl().isFromNamespace(sess, attr, NS_GROUP_ATTR)) {
            if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, new AttributeDefinition(attr), group, null))
                throw new PrivilegeException("Principal has no access to check attribute = " + new AttributeDefinition(attr));
        }
    }
    getAttributesManagerBl().checkAttributesValue(sess, resource, group, attributes, workWithGroupAttribute);
}
Also used : Attribute(cz.metacentrum.perun.core.api.Attribute) AttributeDefinition(cz.metacentrum.perun.core.api.AttributeDefinition)

Aggregations

Attribute (cz.metacentrum.perun.core.api.Attribute)668 RichAttribute (cz.metacentrum.perun.core.api.RichAttribute)240 Test (org.junit.Test)178 AttributeDefinition (cz.metacentrum.perun.core.api.AttributeDefinition)157 ArrayList (java.util.ArrayList)150 AbstractPerunIntegrationTest (cz.metacentrum.perun.core.AbstractPerunIntegrationTest)134 User (cz.metacentrum.perun.core.api.User)131 AttributeNotExistsException (cz.metacentrum.perun.core.api.exceptions.AttributeNotExistsException)121 InternalErrorException (cz.metacentrum.perun.core.api.exceptions.InternalErrorException)121 ConsistencyErrorException (cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException)110 WrongReferenceAttributeValueException (cz.metacentrum.perun.core.api.exceptions.WrongReferenceAttributeValueException)102 WrongAttributeValueException (cz.metacentrum.perun.core.api.exceptions.WrongAttributeValueException)101 WrongAttributeAssignmentException (cz.metacentrum.perun.core.api.exceptions.WrongAttributeAssignmentException)96 Resource (cz.metacentrum.perun.core.api.Resource)82 Facility (cz.metacentrum.perun.core.api.Facility)79 Group (cz.metacentrum.perun.core.api.Group)34 PerunSession (cz.metacentrum.perun.core.api.PerunSession)33 LinkedHashMap (java.util.LinkedHashMap)24 PerunSessionImpl (cz.metacentrum.perun.core.impl.PerunSessionImpl)22 Vo (cz.metacentrum.perun.core.api.Vo)21