Examples with AttributeDefinition cz.metacentrum.perun.core.api.AttributeDefinition used on opensource projects

Example 16 with AttributeDefinition

use of cz.metacentrum.perun.core.api.AttributeDefinition in project perun by CESNET.

the class AttributesManagerEntry method checkAttributeValue.

public void checkAttributeValue(PerunSession sess, Resource resource, Group group, Attribute attribute) throws PrivilegeException, InternalErrorException, AttributeNotExistsException, WrongAttributeValueException, GroupNotExistsException, ResourceNotExistsException, GroupResourceMismatchException, WrongAttributeAssignmentException, WrongReferenceAttributeValueException {
    Utils.checkPerunSession(sess);
    getAttributesManagerBl().checkAttributeExists(sess, attribute);
    getPerunBl().getResourcesManagerBl().checkResourceExists(sess, resource);
    getPerunBl().getGroupsManagerBl().checkGroupExists(sess, group);
    if (!getPerunBl().getGroupsManagerBl().getVo(sess, group).equals(getPerunBl().getResourcesManagerBl().getVo(sess, resource))) {
        throw new GroupResourceMismatchException("group and resource are not in the same VO");
    }
    //Choose to which attributes has the principal access
    if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, new AttributeDefinition(attribute), resource, group))
        throw new PrivilegeException("Principal has no access to check attribute = " + new AttributeDefinition(attribute));
    getAttributesManagerBl().checkAttributeValue(sess, resource, group, attribute);
}

Example 17 with AttributeDefinition

use of cz.metacentrum.perun.core.api.AttributeDefinition in project perun by CESNET.

the class AttributesManagerEntry method checkAttributeValue.

public void checkAttributeValue(PerunSession sess, Resource resource, Member member, Attribute attribute) throws PrivilegeException, InternalErrorException, ResourceNotExistsException, MemberNotExistsException, WrongAttributeValueException, WrongAttributeAssignmentException, WrongReferenceAttributeValueException, AttributeNotExistsException {
    Utils.checkPerunSession(sess);
    getAttributesManagerBl().checkAttributeExists(sess, attribute);
    getPerunBl().getResourcesManagerBl().checkResourceExists(sess, resource);
    getPerunBl().getMembersManagerBl().checkMemberExists(sess, member);
    //Choose to which attributes has the principal access
    if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, new AttributeDefinition(attribute), resource, member))
        throw new PrivilegeException("Principal has no access to check attribute = " + new AttributeDefinition(attribute));
    getAttributesManagerBl().checkAttributeValue(sess, resource, member, attribute);
}

Example 18 with AttributeDefinition

use of cz.metacentrum.perun.core.api.AttributeDefinition in project perun by CESNET.

the class AttributesManagerEntry method checkAttributesValue.

public void checkAttributesValue(PerunSession sess, UserExtSource ues, List<Attribute> attributes) throws InternalErrorException, PrivilegeException, AttributeNotExistsException, UserExtSourceNotExistsException, WrongAttributeValueException, WrongAttributeAssignmentException, WrongReferenceAttributeValueException {
    Utils.checkPerunSession(sess);
    getAttributesManagerBl().checkAttributesExists(sess, attributes);
    getPerunBl().getUsersManagerBl().checkUserExtSourceExists(sess, ues);
    //Choose to which attributes has the principal access
    for (Attribute attr : attributes) {
        if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, new AttributeDefinition(attr), ues, null))
            throw new PrivilegeException("Principal has no access to check attribute = " + new AttributeDefinition(attr));
    }
    getAttributesManagerBl().checkAttributesValue(sess, ues, attributes);
}

Example 19 with AttributeDefinition

use of cz.metacentrum.perun.core.api.AttributeDefinition in project perun by CESNET.

the class AttributesManagerEntry method checkAttributesValue.

public void checkAttributesValue(PerunSession sess, Resource resource, Member member, List<Attribute> attributes, boolean workWithUserAttributes) throws PrivilegeException, InternalErrorException, ResourceNotExistsException, MemberNotExistsException, WrongAttributeValueException, WrongAttributeAssignmentException, WrongReferenceAttributeValueException, AttributeNotExistsException {
    Utils.checkPerunSession(sess);
    getAttributesManagerBl().checkAttributesExists(sess, attributes);
    getPerunBl().getResourcesManagerBl().checkResourceExists(sess, resource);
    getPerunBl().getMembersManagerBl().checkMemberExists(sess, member);
    //Choose to which attributes has the principal access
    for (Attribute attr : attributes) {
        if (getAttributesManagerBl().isFromNamespace(sess, attr, NS_MEMBER_ATTR)) {
            if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, new AttributeDefinition(attr), member, null))
                throw new PrivilegeException("Principal has no access to check attribute = " + new AttributeDefinition(attr));
        } else if (getAttributesManagerBl().isFromNamespace(sess, attr, NS_MEMBER_RESOURCE_ATTR)) {
            if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, new AttributeDefinition(attr), resource, member))
                throw new PrivilegeException("Principal has no access to check attribute = " + new AttributeDefinition(attr));
        } else if (getAttributesManagerBl().isFromNamespace(sess, attr, NS_USER_ATTR)) {
            User u = getPerunBl().getUsersManagerBl().getUserByMember(sess, member);
            if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, new AttributeDefinition(attr), u, null))
                throw new PrivilegeException("Principal has no access to check attribute = " + new AttributeDefinition(attr));
        } else if (getAttributesManagerBl().isFromNamespace(sess, attr, NS_USER_FACILITY_ATTR)) {
            User u = getPerunBl().getUsersManagerBl().getUserByMember(sess, member);
            Facility f = getPerunBl().getResourcesManagerBl().getFacility(sess, resource);
            if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, new AttributeDefinition(attr), u, f))
                throw new PrivilegeException("Principal has no access to check attribute = " + new AttributeDefinition(attr));
        } else {
            throw new WrongAttributeAssignmentException("There is some attribute which is not type of any possible choice.");
        }
    }
    getAttributesManagerBl().checkAttributesValue(sess, resource, member, attributes, workWithUserAttributes);
}

Example 20 with AttributeDefinition

use of cz.metacentrum.perun.core.api.AttributeDefinition in project perun by CESNET.

the class AttributesManagerEntry method checkAttributeValue.

public void checkAttributeValue(PerunSession sess, Facility facility, Attribute attribute) throws PrivilegeException, InternalErrorException, FacilityNotExistsException, WrongAttributeValueException, WrongAttributeAssignmentException, WrongReferenceAttributeValueException, WrongReferenceAttributeValueException, AttributeNotExistsException {
    Utils.checkPerunSession(sess);
    getPerunBl().getFacilitiesManagerBl().checkFacilityExists(sess, facility);
    getAttributesManagerBl().checkAttributeExists(sess, attribute);
    //Choose to which attributes has the principal access
    if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, new AttributeDefinition(attribute), facility, null))
        throw new PrivilegeException("Principal has no access to check attribute = " + new AttributeDefinition(attribute));
    getAttributesManagerBl().checkAttributeValue(sess, facility, attribute);
}