Search in sources :

Example 36 with Facility

use of cz.metacentrum.perun.core.api.Facility in project perun by CESNET.

the class Utils method generateAllResourcesToWriter.

/**
	 * Method generate all Resources to the text for using in LDIF.
	 * Write all these information to writer in perunInitializer object.
	 *
	 * @param perunInitializer need to be loaded to get all needed dependencies
	 *
	 * @throws InternalErrorException if some problem with initializer or objects in perun-core
	 * @throws IOException if some problem with writer
	 */
public static void generateAllResourcesToWriter(PerunInitializer perunInitializer) throws InternalErrorException, IOException {
    //Load basic variables
    if (perunInitializer == null)
        throw new InternalErrorException("PerunInitializer must be loaded before using in generating methods!");
    PerunSession perunSession = perunInitializer.getPerunSession();
    PerunBl perun = perunInitializer.getPerunBl();
    BufferedWriter writer = perunInitializer.getOutputWriter();
    //first get all Vos
    List<Vo> vos = perun.getVosManagerBl().getVos(perunSession);
    //Then from every Vo get all assigned resources and write their data to the writer
    for (Vo vo : vos) {
        List<Resource> resources;
        resources = perun.getResourcesManagerBl().getResources(perunSession, vo);
        for (Resource resource : resources) {
            //Read facility attribute entityID and write it for the resource if exists
            Facility facility = null;
            try {
                facility = perun.getFacilitiesManagerBl().getFacilityById(perunSession, resource.getFacilityId());
            } catch (FacilityNotExistsException ex) {
                throw new InternalErrorException("Can't found facility of this resource " + resource, ex);
            }
            Attribute entityIDAttr = null;
            try {
                entityIDAttr = perun.getAttributesManagerBl().getAttribute(perunSession, facility, AttributesManager.NS_FACILITY_ATTR_DEF + ":entityID");
            } catch (AttributeNotExistsException | WrongAttributeAssignmentException ex) {
                throw new InternalErrorException("Problem with loading entityID attribute of facility " + facility, ex);
            }
            String dn = "dn: ";
            String oc1 = "objectclass: top";
            String oc3 = "objectclass: perunResource";
            String cn = "cn: ";
            String perunVoId = "perunVoId: ";
            String perunFacilityId = "perunFacilityId: ";
            String perunResourceId = "perunResourceId: ";
            String description = "description: ";
            String entityID = "entityID: ";
            perunVoId += String.valueOf(resource.getVoId());
            perunFacilityId += String.valueOf(resource.getFacilityId());
            perunResourceId += String.valueOf(resource.getId());
            dn += "perunResourceId=" + resource.getId() + ",perunVoId=" + resource.getVoId() + ",dc=perun,dc=cesnet,dc=cz";
            cn += resource.getName();
            String descriptionValue = resource.getDescription();
            if (descriptionValue != null) {
                if (descriptionValue.matches("^[ ]*$"))
                    descriptionValue = null;
            }
            writer.write(dn + '\n');
            writer.write(oc1 + '\n');
            writer.write(oc3 + '\n');
            writer.write(cn + '\n');
            writer.write(perunResourceId + '\n');
            if (descriptionValue != null)
                writer.write(description + descriptionValue + '\n');
            writer.write(perunVoId + '\n');
            writer.write(perunFacilityId + '\n');
            if (entityIDAttr.getValue() != null)
                writer.write(entityID + (String) entityIDAttr.getValue() + '\n');
            //ADD resources which group is assigned to
            List<Group> associatedGroups = perun.getResourcesManagerBl().getAssignedGroups(perunSession, resource);
            for (Group g : associatedGroups) {
                writer.write("assignedGroupId: " + g.getId());
                writer.write('\n');
            }
            writer.write('\n');
        }
    }
}
Also used : Group(cz.metacentrum.perun.core.api.Group) PerunSession(cz.metacentrum.perun.core.api.PerunSession) Attribute(cz.metacentrum.perun.core.api.Attribute) WrongAttributeAssignmentException(cz.metacentrum.perun.core.api.exceptions.WrongAttributeAssignmentException) AttributeNotExistsException(cz.metacentrum.perun.core.api.exceptions.AttributeNotExistsException) Resource(cz.metacentrum.perun.core.api.Resource) PerunBl(cz.metacentrum.perun.core.bl.PerunBl) FacilityNotExistsException(cz.metacentrum.perun.core.api.exceptions.FacilityNotExistsException) InternalErrorException(cz.metacentrum.perun.core.api.exceptions.InternalErrorException) BufferedWriter(java.io.BufferedWriter) Vo(cz.metacentrum.perun.core.api.Vo) Facility(cz.metacentrum.perun.core.api.Facility)

Example 37 with Facility

use of cz.metacentrum.perun.core.api.Facility in project perun by CESNET.

the class FacilitiesManagerEntry method addHost.

public Host addHost(PerunSession sess, Host host, Facility facility) throws InternalErrorException, FacilityNotExistsException, PrivilegeException {
    Utils.checkPerunSession(sess);
    getFacilitiesManagerBl().checkFacilityExists(sess, facility);
    // Authorization
    if (!AuthzResolver.isAuthorized(sess, Role.FACILITYADMIN, facility)) {
        throw new PrivilegeException(sess, "addHost");
    }
    Utils.notNull(host, "hosts");
    List<Facility> facilitiesByHostname = getFacilitiesManagerBl().getFacilitiesByHostName(sess, host.getHostname());
    List<Facility> facilitiesByDestination = getFacilitiesManagerBl().getFacilitiesByDestination(sess, host.getHostname());
    if (facilitiesByHostname.isEmpty() && facilitiesByDestination.isEmpty()) {
        return getFacilitiesManagerBl().addHost(sess, host, facility);
    }
    if (!facilitiesByHostname.isEmpty()) {
        boolean hasRight = false;
        for (Facility facilityByHostname : facilitiesByHostname) {
            if (AuthzResolver.isAuthorized(sess, Role.FACILITYADMIN, facilityByHostname)) {
                hasRight = true;
                break;
            }
        }
        if (hasRight)
            return getFacilitiesManagerBl().addHost(sess, host, facility);
    }
    if (!facilitiesByDestination.isEmpty()) {
        boolean hasRight = false;
        for (Facility facilityByDestination : facilitiesByDestination) {
            if (AuthzResolver.isAuthorized(sess, Role.FACILITYADMIN, facilityByDestination)) {
                hasRight = true;
                break;
            }
        }
        if (hasRight)
            return getFacilitiesManagerBl().addHost(sess, host, facility);
    }
    throw new PrivilegeException(sess, "You can't add host " + host + ", because you don't have privileges to use this hostName");
}
Also used : PrivilegeException(cz.metacentrum.perun.core.api.exceptions.PrivilegeException) BanOnFacility(cz.metacentrum.perun.core.api.BanOnFacility) Facility(cz.metacentrum.perun.core.api.Facility) RichFacility(cz.metacentrum.perun.core.api.RichFacility)

Example 38 with Facility

use of cz.metacentrum.perun.core.api.Facility in project perun by CESNET.

the class FacilitiesManagerEntry method updateBan.

public BanOnFacility updateBan(PerunSession sess, BanOnFacility banOnFacility) throws InternalErrorException, PrivilegeException, FacilityNotExistsException, UserNotExistsException, BanNotExistsException {
    Utils.checkPerunSession(sess);
    this.getFacilitiesManagerBl().checkBanExists(sess, banOnFacility.getId());
    Facility facility = this.getFacilitiesManagerBl().getFacilityById(sess, banOnFacility.getFacilityId());
    User user = getPerunBl().getUsersManagerBl().getUserById(sess, banOnFacility.getUserId());
    // Authorization
    if (!AuthzResolver.isAuthorized(sess, Role.FACILITYADMIN, facility)) {
        throw new PrivilegeException(sess, "updateBan");
    }
    banOnFacility = getFacilitiesManagerBl().updateBan(sess, banOnFacility);
    return banOnFacility;
}
Also used : User(cz.metacentrum.perun.core.api.User) RichUser(cz.metacentrum.perun.core.api.RichUser) PrivilegeException(cz.metacentrum.perun.core.api.exceptions.PrivilegeException) BanOnFacility(cz.metacentrum.perun.core.api.BanOnFacility) Facility(cz.metacentrum.perun.core.api.Facility) RichFacility(cz.metacentrum.perun.core.api.RichFacility)

Example 39 with Facility

use of cz.metacentrum.perun.core.api.Facility in project perun by CESNET.

the class AttributesManagerEntry method checkAttributesValue.

public void checkAttributesValue(PerunSession sess, Resource resource, Member member, List<Attribute> attributes, boolean workWithUserAttributes) throws PrivilegeException, InternalErrorException, ResourceNotExistsException, MemberNotExistsException, WrongAttributeValueException, WrongAttributeAssignmentException, WrongReferenceAttributeValueException, AttributeNotExistsException {
    Utils.checkPerunSession(sess);
    getAttributesManagerBl().checkAttributesExists(sess, attributes);
    getPerunBl().getResourcesManagerBl().checkResourceExists(sess, resource);
    getPerunBl().getMembersManagerBl().checkMemberExists(sess, member);
    //Choose to which attributes has the principal access
    for (Attribute attr : attributes) {
        if (getAttributesManagerBl().isFromNamespace(sess, attr, NS_MEMBER_ATTR)) {
            if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, new AttributeDefinition(attr), member, null))
                throw new PrivilegeException("Principal has no access to check attribute = " + new AttributeDefinition(attr));
        } else if (getAttributesManagerBl().isFromNamespace(sess, attr, NS_MEMBER_RESOURCE_ATTR)) {
            if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, new AttributeDefinition(attr), resource, member))
                throw new PrivilegeException("Principal has no access to check attribute = " + new AttributeDefinition(attr));
        } else if (getAttributesManagerBl().isFromNamespace(sess, attr, NS_USER_ATTR)) {
            User u = getPerunBl().getUsersManagerBl().getUserByMember(sess, member);
            if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, new AttributeDefinition(attr), u, null))
                throw new PrivilegeException("Principal has no access to check attribute = " + new AttributeDefinition(attr));
        } else if (getAttributesManagerBl().isFromNamespace(sess, attr, NS_USER_FACILITY_ATTR)) {
            User u = getPerunBl().getUsersManagerBl().getUserByMember(sess, member);
            Facility f = getPerunBl().getResourcesManagerBl().getFacility(sess, resource);
            if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, new AttributeDefinition(attr), u, f))
                throw new PrivilegeException("Principal has no access to check attribute = " + new AttributeDefinition(attr));
        } else {
            throw new WrongAttributeAssignmentException("There is some attribute which is not type of any possible choice.");
        }
    }
    getAttributesManagerBl().checkAttributesValue(sess, resource, member, attributes, workWithUserAttributes);
}
Also used : User(cz.metacentrum.perun.core.api.User) Attribute(cz.metacentrum.perun.core.api.Attribute) AttributeDefinition(cz.metacentrum.perun.core.api.AttributeDefinition) Facility(cz.metacentrum.perun.core.api.Facility)

Example 40 with Facility

use of cz.metacentrum.perun.core.api.Facility in project perun by CESNET.

the class FacilitiesManagerEntry method getBan.

public BanOnFacility getBan(PerunSession sess, int userId, int faclityId) throws InternalErrorException, BanNotExistsException, PrivilegeException, UserNotExistsException, FacilityNotExistsException {
    Utils.checkPerunSession(sess);
    User user = getPerunBl().getUsersManagerBl().getUserById(sess, userId);
    Facility facility = getPerunBl().getFacilitiesManagerBl().getFacilityById(sess, faclityId);
    // Authorization
    if (!AuthzResolver.isAuthorized(sess, Role.FACILITYADMIN, facility)) {
        throw new PrivilegeException(sess, "getBan");
    }
    return getFacilitiesManagerBl().getBan(sess, userId, faclityId);
}
Also used : User(cz.metacentrum.perun.core.api.User) RichUser(cz.metacentrum.perun.core.api.RichUser) PrivilegeException(cz.metacentrum.perun.core.api.exceptions.PrivilegeException) BanOnFacility(cz.metacentrum.perun.core.api.BanOnFacility) Facility(cz.metacentrum.perun.core.api.Facility) RichFacility(cz.metacentrum.perun.core.api.RichFacility)

Aggregations

Facility (cz.metacentrum.perun.core.api.Facility)188 Test (org.junit.Test)95 User (cz.metacentrum.perun.core.api.User)81 Attribute (cz.metacentrum.perun.core.api.Attribute)75 AbstractPerunIntegrationTest (cz.metacentrum.perun.core.AbstractPerunIntegrationTest)61 Resource (cz.metacentrum.perun.core.api.Resource)52 BanOnFacility (cz.metacentrum.perun.core.api.BanOnFacility)51 ArrayList (java.util.ArrayList)48 Group (cz.metacentrum.perun.core.api.Group)24 InternalErrorException (cz.metacentrum.perun.core.api.exceptions.InternalErrorException)23 Member (cz.metacentrum.perun.core.api.Member)22 PerunSession (cz.metacentrum.perun.core.api.PerunSession)20 RichFacility (cz.metacentrum.perun.core.api.RichFacility)20 Host (cz.metacentrum.perun.core.api.Host)19 PrivilegeException (cz.metacentrum.perun.core.api.exceptions.PrivilegeException)18 AttributeNotExistsException (cz.metacentrum.perun.core.api.exceptions.AttributeNotExistsException)17 RichUser (cz.metacentrum.perun.core.api.RichUser)16 WrongAttributeValueException (cz.metacentrum.perun.core.api.exceptions.WrongAttributeValueException)15 WrongAttributeAssignmentException (cz.metacentrum.perun.core.api.exceptions.WrongAttributeAssignmentException)14 Vo (cz.metacentrum.perun.core.api.Vo)13