Search in sources :

Example 1 with AttributePolicy

use of cz.metacentrum.perun.core.api.AttributePolicy in project perun by CESNET.

the class AttributesManagerImpl method setAttributePolicyCollections.

@Override
public void setAttributePolicyCollections(PerunSession sess, List<AttributePolicyCollection> policyCollections) {
    try {
        // deleting old attribute policies
        List<Integer> attributeIds = policyCollections.stream().map(AttributePolicyCollection::getAttributeId).distinct().collect(Collectors.toList());
        for (Integer attributeId : attributeIds) {
            jdbc.update("DELETE FROM attribute_policy_collections WHERE attr_id=?", attributeId);
        }
        // inserting new policies
        for (AttributePolicyCollection apc : policyCollections) {
            int next_id = jdbc.queryForInt("SELECT nextval('attribute_policy_collections_id_seq')");
            jdbc.update("INSERT INTO attribute_policy_collections (id, attr_id, action) VALUES " + "(?, ?, ?::attribute_action)", next_id, apc.getAttributeId(), apc.getAction().toString());
            for (AttributePolicy ap : apc.getPolicies()) {
                jdbc.update("INSERT INTO attribute_policies (id, role_id, object, policy_collection_id) VALUES " + "((nextval('attribute_policies_id_seq')), (SELECT id FROM roles WHERE name=?), ?::role_object, ?)", ap.getRole().toLowerCase(), ap.getObject().toString(), next_id);
            }
        }
    } catch (RuntimeException e) {
        throw new InternalErrorException(e);
    }
}
Also used : AttributePolicyCollection(cz.metacentrum.perun.core.api.AttributePolicyCollection) InternalErrorException(cz.metacentrum.perun.core.api.exceptions.InternalErrorException) AttributePolicy(cz.metacentrum.perun.core.api.AttributePolicy)

Example 2 with AttributePolicy

use of cz.metacentrum.perun.core.api.AttributePolicy in project perun by CESNET.

the class AttributesManagerEntryIntegrationTest method setAttributePolicyCollections.

@Test
public void setAttributePolicyCollections() throws Exception {
    System.out.println(CLASS_NAME + "setAttributePolicyCollections");
    Attribute userAttribute1 = setUpAttribute(String.class.getName(), "testUserAttribute1", AttributesManager.NS_USER_ATTR_DEF, "TEST VALUE");
    List<AttributePolicyCollection> policyCollections = new ArrayList<>();
    List<AttributePolicy> policies = new ArrayList<>();
    policies.add(new AttributePolicy(42, Role.VOADMIN, RoleObject.Vo, 1));
    policies.add(new AttributePolicy(43, Role.PERUNOBSERVER, RoleObject.None, 1));
    policyCollections.add(new AttributePolicyCollection(100, userAttribute1.getId(), AttributeAction.READ, new ArrayList<>(policies)));
    perun.getAttributesManager().setAttributePolicyCollections(sess, policyCollections);
    List<AttributePolicyCollection> insertedCollections = perun.getAttributesManager().getAttributePolicyCollections(sess, userAttribute1.getId());
    assertEquals(insertedCollections.size(), policyCollections.size());
    assertEquals(insertedCollections.get(0).getAttributeId(), userAttribute1.getId());
    assertEquals(insertedCollections.get(0).getAction(), policyCollections.get(0).getAction());
    List<AttributePolicy> insertedPolicies = insertedCollections.get(0).getPolicies();
    assertEquals(insertedPolicies.size(), 2);
    assertEquals(insertedPolicies.get(0).getPolicyCollectionId(), insertedCollections.get(0).getId());
    assertEquals(insertedPolicies.get(0).getObject(), policyCollections.get(0).getPolicies().get(0).getObject());
    assertEquals(insertedPolicies.get(0).getRole(), policyCollections.get(0).getPolicies().get(0).getRole());
    assertEquals(insertedPolicies.get(1).getPolicyCollectionId(), insertedCollections.get(0).getId());
    assertEquals(insertedPolicies.get(1).getObject(), policyCollections.get(0).getPolicies().get(1).getObject());
    assertEquals(insertedPolicies.get(1).getRole(), policyCollections.get(0).getPolicies().get(1).getRole());
}
Also used : Attribute(cz.metacentrum.perun.core.api.Attribute) RichAttribute(cz.metacentrum.perun.core.api.RichAttribute) ArrayList(java.util.ArrayList) AttributePolicyCollection(cz.metacentrum.perun.core.api.AttributePolicyCollection) AttributePolicy(cz.metacentrum.perun.core.api.AttributePolicy) AbstractPerunIntegrationTest(cz.metacentrum.perun.core.AbstractPerunIntegrationTest) Test(org.junit.Test)

Example 3 with AttributePolicy

use of cz.metacentrum.perun.core.api.AttributePolicy in project perun by CESNET.

the class AttributesManagerEntryIntegrationTest method getAttributePolicyCollections.

@Test
public void getAttributePolicyCollections() throws Exception {
    System.out.println(CLASS_NAME + "getAttributePolicyCollections");
    Attribute groupAttribute1 = setUpAttribute(String.class.getName(), "testGroupAttribute1", AttributesManager.NS_GROUP_ATTR_DEF, "TEST VALUE");
    List<AttributePolicyCollection> policyCollections = new ArrayList<>();
    List<AttributePolicy> policies = new ArrayList<>();
    policies.add(new AttributePolicy(123, Role.GROUPADMIN, RoleObject.Group, 1));
    policies.add(new AttributePolicy(789, Role.PERUNOBSERVER, RoleObject.None, 1));
    policyCollections.add(new AttributePolicyCollection(42, groupAttribute1.getId(), AttributeAction.READ, new ArrayList<>(policies)));
    policies.clear();
    policies.add(new AttributePolicy(123, Role.GROUPADMIN, RoleObject.Group, 1));
    policyCollections.add(new AttributePolicyCollection(43, groupAttribute1.getId(), AttributeAction.WRITE, new ArrayList<>(policies)));
    perun.getAttributesManager().setAttributePolicyCollections(sess, policyCollections);
    List<AttributePolicyCollection> insertedGroupCollections = perun.getAttributesManager().getAttributePolicyCollections(sess, groupAttribute1.getId());
    List<AttributePolicy> insertedPolicies;
    assertEquals(2, insertedGroupCollections.size());
    for (AttributePolicyCollection apc : insertedGroupCollections) {
        insertedPolicies = apc.getPolicies();
        assertTrue(apc.getAction().equals(AttributeAction.READ) ? insertedPolicies.size() == 2 : insertedPolicies.size() == 1);
        assertEquals(groupAttribute1.getId(), apc.getAttributeId());
        for (AttributePolicy ap : insertedPolicies) {
            assertEquals(apc.getId(), ap.getPolicyCollectionId());
            if (apc.getAction().equals(AttributeAction.READ)) {
                if (ap.getRole().equals(Role.GROUPADMIN)) {
                    assertEquals(RoleObject.Group, ap.getObject());
                } else {
                    assertEquals(Role.PERUNOBSERVER, ap.getRole());
                    assertEquals(RoleObject.None, ap.getObject());
                }
            } else {
                assertEquals(AttributeAction.WRITE, apc.getAction());
                assertEquals(Role.GROUPADMIN, ap.getRole());
                assertEquals(RoleObject.Group, ap.getObject());
            }
        }
    }
}
Also used : Attribute(cz.metacentrum.perun.core.api.Attribute) RichAttribute(cz.metacentrum.perun.core.api.RichAttribute) ArrayList(java.util.ArrayList) AttributePolicyCollection(cz.metacentrum.perun.core.api.AttributePolicyCollection) AttributePolicy(cz.metacentrum.perun.core.api.AttributePolicy) AbstractPerunIntegrationTest(cz.metacentrum.perun.core.AbstractPerunIntegrationTest) Test(org.junit.Test)

Example 4 with AttributePolicy

use of cz.metacentrum.perun.core.api.AttributePolicy in project perun by CESNET.

the class AttributesManagerEntry method setAttributePolicyCollections.

@Override
public void setAttributePolicyCollections(PerunSession sess, List<AttributePolicyCollection> policyCollections) throws PrivilegeException, AttributeNotExistsException, RoleNotSupportedException {
    Utils.checkPerunSession(sess);
    // check validity of roles, existence of attributes
    for (AttributePolicyCollection apc : policyCollections) {
        for (AttributePolicy ap : apc.getPolicies()) {
            if (!AuthzResolver.roleExists(ap.getRole())) {
                throw new RoleNotSupportedException("Role: " + ap.getRole() + " does not exists.", ap.getRole());
            }
            getAttributeDefinitionById(sess, apc.getAttributeId());
        }
    }
    // Authorization
    if (!AuthzResolver.authorizedInternal(sess, "setAttributePolicyCollections_List<AttributePolicyCollection>_int_policy")) {
        throw new PrivilegeException("setAttributePolicyCollections");
    }
    getAttributesManagerBl().setAttributePolicyCollections(sess, policyCollections);
}
Also used : RoleNotSupportedException(cz.metacentrum.perun.core.api.exceptions.RoleNotSupportedException) PrivilegeException(cz.metacentrum.perun.core.api.exceptions.PrivilegeException) AttributePolicyCollection(cz.metacentrum.perun.core.api.AttributePolicyCollection) AttributePolicy(cz.metacentrum.perun.core.api.AttributePolicy)

Aggregations

AttributePolicy (cz.metacentrum.perun.core.api.AttributePolicy)4 AttributePolicyCollection (cz.metacentrum.perun.core.api.AttributePolicyCollection)4 AbstractPerunIntegrationTest (cz.metacentrum.perun.core.AbstractPerunIntegrationTest)2 Attribute (cz.metacentrum.perun.core.api.Attribute)2 RichAttribute (cz.metacentrum.perun.core.api.RichAttribute)2 ArrayList (java.util.ArrayList)2 Test (org.junit.Test)2 InternalErrorException (cz.metacentrum.perun.core.api.exceptions.InternalErrorException)1 PrivilegeException (cz.metacentrum.perun.core.api.exceptions.PrivilegeException)1 RoleNotSupportedException (cz.metacentrum.perun.core.api.exceptions.RoleNotSupportedException)1