Example 6 with Resource
use of cz.metacentrum.perun.core.api.Resource in project perun by CESNET.
the class urn_perun_resource_attribute_def_def_unixGID_namespace method fillAttribute.
public Attribute fillAttribute(PerunSessionImpl sess, Resource resource, AttributeDefinition attributeDefinition) throws InternalErrorException, WrongAttributeAssignmentException {
Attribute attribute = new Attribute(attributeDefinition);
String gidNamespace = attribute.getFriendlyNameParameter();
//First I get all GroupNames of this resource (for any namespaces)
List<Attribute> groupNamesOfResource = sess.getPerunBl().getAttributesManagerBl().getAllAttributesStartWithNameWithoutNullValue(sess, resource, A_R_unixGroupName_namespace + ":");
//If there exist some groupName of this resource
if (!groupNamesOfResource.isEmpty()) {
//Get All Groups and Resources with some same GroupName in the same Namespace
List<Group> groupsWithSameGroupNameInSameNamespace = new ArrayList<Group>();
List<Resource> resourcesWithSameGroupNameInSameNamespace = new ArrayList<Resource>();
for (Attribute attr : groupNamesOfResource) {
Attribute groupNameOfGroup;
try {
groupNameOfGroup = new Attribute(sess.getPerunBl().getAttributesManagerBl().getAttributeDefinition(sess, A_G_unixGroupName_namespace + ":" + attr.getFriendlyNameParameter()));
} catch (AttributeNotExistsException ex) {
throw new ConsistencyErrorException("AttributeDefinition for group_def_unixGroupName-namespace:" + attr.getFriendlyNameParameter() + " must exists", ex);
}
groupNameOfGroup.setValue(attr.getValue());
//Get all resources and groups with some GroupName same with same Namespace
groupsWithSameGroupNameInSameNamespace.addAll(sess.getPerunBl().getGroupsManagerBl().getGroupsByAttribute(sess, groupNameOfGroup));
resourcesWithSameGroupNameInSameNamespace.addAll(sess.getPerunBl().getResourcesManagerBl().getResourcesByAttribute(sess, attr));
}
//Prepare variable for commonGID
Integer commonGID = null;
//Test if exists common GID for this group and other groups and resources
commonGID = sess.getPerunBl().getModulesUtilsBl().getCommonGIDOfGroupsWithSameNameInSameNamespace(sess, groupsWithSameGroupNameInSameNamespace, gidNamespace, commonGID);
commonGID = sess.getPerunBl().getModulesUtilsBl().getCommonGIDOfResourcesWithSameNameInSameNamespace(sess, resourcesWithSameGroupNameInSameNamespace, gidNamespace, commonGID);
//If commonGID exists, set it
if (commonGID != null) {
attribute.setValue(commonGID);
return attribute;
}
}
//If commonGID not exists, try to set new one
try {
Integer freeGID = sess.getPerunBl().getModulesUtilsBl().getFreeGID(sess, attribute);
if (freeGID == null) {
//free GID not found
log.warn("Free unix gid not found for resource:[" + resource + "] in unix group namespace " + gidNamespace);
} else if (freeGID > 0 || freeGID < 0) {
//free GID found
attribute.setValue(freeGID);
}
return attribute;
} catch (AttributeNotExistsException ex) {
throw new ConsistencyErrorException(ex);
}
}
Also used :
Group(cz.metacentrum.perun.core.api.Group)
ConsistencyErrorException(cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException)
Attribute(cz.metacentrum.perun.core.api.Attribute)
AttributeNotExistsException(cz.metacentrum.perun.core.api.exceptions.AttributeNotExistsException)
ArrayList(java.util.ArrayList)
Resource(cz.metacentrum.perun.core.api.Resource)
Example 7 with Resource
use of cz.metacentrum.perun.core.api.Resource in project perun by CESNET.
the class urn_perun_resource_attribute_def_def_unixGID_namespace method checkAttributeValue.
public void checkAttributeValue(PerunSessionImpl sess, Resource resource, Attribute attribute) throws InternalErrorException, WrongAttributeValueException, WrongReferenceAttributeValueException, WrongAttributeAssignmentException {
try {
String gidNamespace = attribute.getFriendlyNameParameter();
//Special behaviour if gid is null
Integer attrValue = null;
if (attribute.getValue() == null) {
throw new WrongAttributeValueException(attribute, resource, "Unix GID must be set");
} else {
attrValue = (Integer) attribute.getValue();
}
//Check if GID is within allowed range
sess.getPerunBl().getModulesUtilsBl().checkIfGIDIsWithinRange(sess, attribute);
//check if gid is not already depleted
Attribute usedGids = sess.getPerunBl().getAttributesManagerBl().getAttribute(sess, gidNamespace, A_E_usedGids);
//null in value means there is no depleted or used gids
if (usedGids.getValue() != null) {
Map<String, String> usedGidsValue = (Map<String, String>) usedGids.getValue();
//Dx, where x is GID means depleted value for GID x
if (usedGidsValue.containsKey("D" + attrValue.toString())) {
throw new WrongReferenceAttributeValueException(attribute, usedGids, resource, null, gidNamespace, null, "This GID is already depleted.");
}
}
//Prepare lists for all groups and resources with same GID in the same namespace
List<Group> allGroupsWithSameGIDInSameNamespace = new ArrayList<Group>();
List<Resource> allResourcesWithSameGIDInSameNamespace = new ArrayList<Resource>();
//Prepare attributes for searching through groups and resources
Attribute resourceGIDAttribute = attribute;
Attribute groupGIDAttribute = new Attribute(sess.getPerunBl().getAttributesManagerBl().getAttributeDefinition(sess, A_G_unixGID_namespace + ":" + gidNamespace));
groupGIDAttribute.setValue(resourceGIDAttribute.getValue());
//Fill lists of Groups and Resources by data
allGroupsWithSameGIDInSameNamespace.addAll(sess.getPerunBl().getGroupsManagerBl().getGroupsByAttribute(sess, groupGIDAttribute));
allResourcesWithSameGIDInSameNamespace.addAll(sess.getPerunBl().getResourcesManagerBl().getResourcesByAttribute(sess, resourceGIDAttribute));
//remove this resource
allResourcesWithSameGIDInSameNamespace.remove(resource);
//Prepare list of GroupName attributes of this resource
List<Attribute> groupNamesOfResource = sess.getPerunBl().getAttributesManagerBl().getAllAttributesStartWithNameWithoutNullValue(sess, resource, A_R_unixGroupName_namespace + ":");
//Searching through groups
if (!allGroupsWithSameGIDInSameNamespace.isEmpty()) {
for (Group g : allGroupsWithSameGIDInSameNamespace) {
for (Attribute a : groupNamesOfResource) {
//Prepare group version of this group attribute
Attribute groupGroupName = new Attribute(sess.getPerunBl().getAttributesManagerBl().getAttributeDefinition(sess, A_G_unixGroupName_namespace + ":" + a.getFriendlyNameParameter()));
groupGroupName.setValue(a.getValue());
int compare = sess.getPerunBl().getModulesUtilsBl().haveTheSameAttributeWithTheSameNamespace(sess, g, groupGroupName);
if (compare > 0) {
//This is problem, there is the same attribute but have other value
throw new WrongReferenceAttributeValueException(attribute, a, "There is a group with same GID (namespace: " + gidNamespace + ") and different unix group name (namespace: " + a.getFriendlyNameParameter() + "). " + g + " " + resource);
}
//Other possibilities are not problem, less than 0 mean that same attribute not exists, and 0 mean that attribute exists but have same value
}
}
}
//Searching through resources
if (!allResourcesWithSameGIDInSameNamespace.isEmpty()) {
for (Resource r : allResourcesWithSameGIDInSameNamespace) {
for (Attribute a : groupNamesOfResource) {
int compare = sess.getPerunBl().getModulesUtilsBl().haveTheSameAttributeWithTheSameNamespace(sess, r, a);
if (compare > 0) {
//This is problem, there is the same attribute but have other value
throw new WrongReferenceAttributeValueException(attribute, a, "There is a resource with same GID (namespace: " + gidNamespace + ") and different unix group name (namespace: " + a.getFriendlyNameParameter() + "). " + r + " " + resource);
}
//Other possibilities are not problem, less than 0 mean that same attribute not exists, and 0 mean that attribute exists but have same value
}
}
}
} catch (AttributeNotExistsException ex) {
throw new ConsistencyErrorException(ex);
}
}
Also used :
Group(cz.metacentrum.perun.core.api.Group)
ConsistencyErrorException(cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException)
Attribute(cz.metacentrum.perun.core.api.Attribute)
AttributeNotExistsException(cz.metacentrum.perun.core.api.exceptions.AttributeNotExistsException)
ArrayList(java.util.ArrayList)
Resource(cz.metacentrum.perun.core.api.Resource)
WrongReferenceAttributeValueException(cz.metacentrum.perun.core.api.exceptions.WrongReferenceAttributeValueException)
WrongAttributeValueException(cz.metacentrum.perun.core.api.exceptions.WrongAttributeValueException)
LinkedHashMap(java.util.LinkedHashMap)
Map(java.util.Map)
Example 8 with Resource
use of cz.metacentrum.perun.core.api.Resource in project perun by CESNET.
the class urn_perun_user_facility_attribute_def_def_basicDefaultGID method fillAttribute.
@Override
public Attribute fillAttribute(PerunSessionImpl sess, Facility facility, User user, AttributeDefinition attributeDefinition) throws InternalErrorException, WrongAttributeAssignmentException {
Attribute attribute = new Attribute(attributeDefinition);
List<Resource> allowedResources = sess.getPerunBl().getUsersManagerBl().getAllowedResources(sess, facility, user);
try {
for (Resource resource : allowedResources) {
List<AttributeDefinition> resourceRequiredAttributesDefinitions = sess.getPerunBl().getAttributesManagerBl().getResourceRequiredAttributesDefinition(sess, resource);
//if this attribute is not required by the services on the resource, skip the resource
if (!resourceRequiredAttributesDefinitions.contains(attributeDefinition)) {
continue;
}
Attribute unixGidAttribute = sess.getPerunBl().getAttributesManagerBl().getAttribute(sess, resource, AttributesManager.NS_RESOURCE_ATTR_VIRT + ":unixGID");
if (unixGidAttribute.getValue() != null) {
attribute.setValue(unixGidAttribute.getValue());
return attribute;
}
}
} catch (AttributeNotExistsException ex) {
throw new ConsistencyErrorException(ex);
}
return attribute;
}
Also used :
ConsistencyErrorException(cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException)
Attribute(cz.metacentrum.perun.core.api.Attribute)
AttributeNotExistsException(cz.metacentrum.perun.core.api.exceptions.AttributeNotExistsException)
Resource(cz.metacentrum.perun.core.api.Resource)
AttributeDefinition(cz.metacentrum.perun.core.api.AttributeDefinition)
Example 9 with Resource
use of cz.metacentrum.perun.core.api.Resource in project perun by CESNET.
the class urn_perun_user_facility_attribute_def_def_defaultUnixGID method checkAttributeValue.
@Override
public /**
* Checks the new default GID of the user at the specified facility. The new GID must be equals to any of resource unixGID attribute where resource is from speciafie facility (and user must have acces to this resource) or from groupResource:unixGID attribute (groups if from the resources and user have acess to them)
*
* TODO Known issues: Can't detect if unixGid is not set on all resources and groups where user is allowed. This will be reported as WrongAttributeValueException, but it should be WrongReferenceAttributeValueException
*/
void checkAttributeValue(PerunSessionImpl sess, Facility facility, User user, Attribute attribute) throws WrongAttributeValueException, WrongReferenceAttributeValueException, InternalErrorException, WrongAttributeAssignmentException {
Integer gid = (Integer) attribute.getValue();
if (gid == null)
return;
Attribute namespaceAttribute;
try {
namespaceAttribute = sess.getPerunBl().getAttributesManagerBl().getAttribute(sess, facility, AttributesManager.NS_FACILITY_ATTR_DEF + ":unixGID-namespace");
} catch (AttributeNotExistsException ex) {
throw new ConsistencyErrorException(ex);
}
if (namespaceAttribute.getValue() == null)
throw new WrongReferenceAttributeValueException(attribute, namespaceAttribute, "Reference attribute is null");
String namespaceName = (String) namespaceAttribute.getValue();
Attribute unixGroupNameNamespace;
try {
unixGroupNameNamespace = sess.getPerunBl().getAttributesManagerBl().getAttribute(sess, facility, AttributesManager.NS_FACILITY_ATTR_DEF + ":unixGroupName-namespace");
} catch (AttributeNotExistsException ex) {
throw new ConsistencyErrorException(ex);
}
if (unixGroupNameNamespace.getValue() == null)
throw new WrongReferenceAttributeValueException(attribute, unixGroupNameNamespace, user, facility, facility, null, "Reference attribute is null");
String unixGroupNameNamespaceName = (String) unixGroupNameNamespace.getValue();
Attribute resourceGidAttribute;
try {
resourceGidAttribute = new Attribute(sess.getPerunBl().getAttributesManagerBl().getAttributeDefinition(sess, AttributesManager.NS_RESOURCE_ATTR_DEF + ":unixGID-namespace:" + namespaceName));
} catch (AttributeNotExistsException ex) {
throw new ConsistencyErrorException("Namespace from value of " + namespaceAttribute + " doesn't exists. (Resource attribute " + AttributesManager.NS_RESOURCE_ATTR_DEF + ":unixGID-namespace:" + namespaceName + " doesn't exists", ex);
}
resourceGidAttribute.setValue(attribute.getValue());
List<Resource> allowedResources = sess.getPerunBl().getUsersManagerBl().getAllowedResources(sess, facility, user);
List<Resource> allowedResourcesWithSameGid = sess.getPerunBl().getResourcesManagerBl().getResourcesByAttribute(sess, resourceGidAttribute);
allowedResourcesWithSameGid.retainAll(allowedResources);
//We found at least one allowed resource with same gid as the user have => attribute is OK
if (!allowedResourcesWithSameGid.isEmpty())
return;
Attribute groupGidAttribute;
try {
groupGidAttribute = new Attribute(sess.getPerunBl().getAttributesManagerBl().getAttributeDefinition(sess, AttributesManager.NS_GROUP_ATTR_DEF + ":unixGID-namespace:" + namespaceName));
groupGidAttribute.setValue(attribute.getValue());
} catch (AttributeNotExistsException ex) {
throw new ConsistencyErrorException("Namespace from value of " + namespaceAttribute + " doesn't exists. (Group-resource attribute " + AttributesManager.NS_GROUP_ATTR_DEF + ":unixGID-namespace:" + namespaceName + " doesn't exists", ex);
}
List<Group> groupWithSameGid = sess.getPerunBl().getGroupsManagerBl().getGroupsByAttribute(sess, groupGidAttribute);
List<Group> candidateGroups = groupWithSameGid;
candidateGroups.retainAll(sess.getPerunBl().getFacilitiesManagerBl().getAllowedGroups(sess, facility, null, null));
for (Group group : candidateGroups) {
//check if group has unix group name in namespace required by facility
try {
Attribute unixGroupName = sess.getPerunBl().getAttributesManagerBl().getAttribute(sess, group, AttributesManager.NS_GROUP_ATTR_DEF + ":unixGroupName-namespace:" + unixGroupNameNamespaceName);
if (unixGroupName.getValue() == null || ((String) unixGroupName.getValue()).isEmpty()) {
continue;
}
} catch (AttributeNotExistsException ex) {
throw new InternalErrorException(ex);
}
//check if the user is member of the group
if (sess.getPerunBl().getGroupsManagerBl().isUserMemberOfGroup(sess, user, group)) {
//attribute is OK
return;
}
}
throw new WrongAttributeValueException(attribute, user, facility, "User isn't allowed to have the default unix group which have this gid (" + gid + ") or such group doesn't exist. " + user);
}
Also used :
Group(cz.metacentrum.perun.core.api.Group)
ConsistencyErrorException(cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException)
Attribute(cz.metacentrum.perun.core.api.Attribute)
WrongReferenceAttributeValueException(cz.metacentrum.perun.core.api.exceptions.WrongReferenceAttributeValueException)
AttributeNotExistsException(cz.metacentrum.perun.core.api.exceptions.AttributeNotExistsException)
Resource(cz.metacentrum.perun.core.api.Resource)
InternalErrorException(cz.metacentrum.perun.core.api.exceptions.InternalErrorException)
WrongAttributeValueException(cz.metacentrum.perun.core.api.exceptions.WrongAttributeValueException)
Example 10 with Resource
use of cz.metacentrum.perun.core.api.Resource in project perun by CESNET.
the class urn_perun_user_facility_attribute_def_def_shell method allShellsAtSpecifiedFacility.
/**
* Internal method for getting all allowed shells at specified facility
*/
private List<String> allShellsAtSpecifiedFacility(PerunSessionImpl session, Facility facility, User user) throws InternalErrorException, WrongAttributeAssignmentException {
List<Resource> availableResources;
availableResources = session.getPerunBl().getUsersManagerBl().getAllowedResources(session, facility, user);
List<String> allowedShells = new ArrayList<String>();
for (Resource r : availableResources) {
Attribute resourceAttr;
try {
resourceAttr = session.getPerunBl().getAttributesManagerBl().getAttribute(session, r, AttributesManager.NS_RESOURCE_ATTR_DEF + ":shells");
} catch (AttributeNotExistsException ex) {
throw new InternalErrorException("Attribute with all shells of facility " + facility.getId() + " could not be obtained", ex);
}
if (resourceAttr.getValue() != null) {
allowedShells.addAll(((List<String>) resourceAttr.getValue()));
}
}
return allowedShells;
}
Also used :
Attribute(cz.metacentrum.perun.core.api.Attribute)
AttributeNotExistsException(cz.metacentrum.perun.core.api.exceptions.AttributeNotExistsException)
Resource(cz.metacentrum.perun.core.api.Resource)
ArrayList(java.util.ArrayList)
ArrayList(java.util.ArrayList)
List(java.util.List)
InternalErrorException(cz.metacentrum.perun.core.api.exceptions.InternalErrorException)
Aggregations
Resource (cz.metacentrum.perun.core.api.Resource)176
Test (org.junit.Test)110
Attribute (cz.metacentrum.perun.core.api.Attribute)82
AbstractPerunIntegrationTest (cz.metacentrum.perun.core.AbstractPerunIntegrationTest)79
Facility (cz.metacentrum.perun.core.api.Facility)56
User (cz.metacentrum.perun.core.api.User)55
Group (cz.metacentrum.perun.core.api.Group)49
ArrayList (java.util.ArrayList)41
Vo (cz.metacentrum.perun.core.api.Vo)31
Member (cz.metacentrum.perun.core.api.Member)29
PerunSession (cz.metacentrum.perun.core.api.PerunSession)29
AttributeNotExistsException (cz.metacentrum.perun.core.api.exceptions.AttributeNotExistsException)26
RichResource (cz.metacentrum.perun.core.api.RichResource)25
InternalErrorException (cz.metacentrum.perun.core.api.exceptions.InternalErrorException)20
RichUser (cz.metacentrum.perun.core.api.RichUser)18
ConsistencyErrorException (cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException)18
ContactGroup (cz.metacentrum.perun.core.api.ContactGroup)17
RichAttribute (cz.metacentrum.perun.core.api.RichAttribute)17
BanOnFacility (cz.metacentrum.perun.core.api.BanOnFacility)15
WrongReferenceAttributeValueException (cz.metacentrum.perun.core.api.exceptions.WrongReferenceAttributeValueException)14
