Examples with AttributeNotExistsException cz.metacentrum.perun.core.api.exceptions.AttributeNotExistsException used on opensource projects

Example 31 with AttributeNotExistsException

use of cz.metacentrum.perun.core.api.exceptions.AttributeNotExistsException in project perun by CESNET.

the class urn_perun_user_facility_attribute_def_def_defaultUnixGID method checkAttributeValue.

@Override
public /**
	 * Checks the new default GID of the user at the specified facility. The new GID must be equals to any of resource unixGID attribute where resource is from speciafie facility (and user must have acces to this resource) or from groupResource:unixGID attribute (groups if from the resources and user have acess to them)
	 *
	 * TODO Known issues: Can't detect if unixGid is not set on all resources and groups where user is allowed. This will be reported as WrongAttributeValueException, but it should be WrongReferenceAttributeValueException
	 */
void checkAttributeValue(PerunSessionImpl sess, Facility facility, User user, Attribute attribute) throws WrongAttributeValueException, WrongReferenceAttributeValueException, InternalErrorException, WrongAttributeAssignmentException {
    Integer gid = (Integer) attribute.getValue();
    if (gid == null)
        return;
    Attribute namespaceAttribute;
    try {
        namespaceAttribute = sess.getPerunBl().getAttributesManagerBl().getAttribute(sess, facility, AttributesManager.NS_FACILITY_ATTR_DEF + ":unixGID-namespace");
    } catch (AttributeNotExistsException ex) {
        throw new ConsistencyErrorException(ex);
    }
    if (namespaceAttribute.getValue() == null)
        throw new WrongReferenceAttributeValueException(attribute, namespaceAttribute, "Reference attribute is null");
    String namespaceName = (String) namespaceAttribute.getValue();
    Attribute unixGroupNameNamespace;
    try {
        unixGroupNameNamespace = sess.getPerunBl().getAttributesManagerBl().getAttribute(sess, facility, AttributesManager.NS_FACILITY_ATTR_DEF + ":unixGroupName-namespace");
    } catch (AttributeNotExistsException ex) {
        throw new ConsistencyErrorException(ex);
    }
    if (unixGroupNameNamespace.getValue() == null)
        throw new WrongReferenceAttributeValueException(attribute, unixGroupNameNamespace, user, facility, facility, null, "Reference attribute is null");
    String unixGroupNameNamespaceName = (String) unixGroupNameNamespace.getValue();
    Attribute resourceGidAttribute;
    try {
        resourceGidAttribute = new Attribute(sess.getPerunBl().getAttributesManagerBl().getAttributeDefinition(sess, AttributesManager.NS_RESOURCE_ATTR_DEF + ":unixGID-namespace:" + namespaceName));
    } catch (AttributeNotExistsException ex) {
        throw new ConsistencyErrorException("Namespace from value of " + namespaceAttribute + " doesn't exists. (Resource attribute " + AttributesManager.NS_RESOURCE_ATTR_DEF + ":unixGID-namespace:" + namespaceName + " doesn't exists", ex);
    }
    resourceGidAttribute.setValue(attribute.getValue());
    List<Resource> allowedResources = sess.getPerunBl().getUsersManagerBl().getAllowedResources(sess, facility, user);
    List<Resource> allowedResourcesWithSameGid = sess.getPerunBl().getResourcesManagerBl().getResourcesByAttribute(sess, resourceGidAttribute);
    allowedResourcesWithSameGid.retainAll(allowedResources);
    //We found at least one allowed resource with same gid as the user have => attribute is OK
    if (!allowedResourcesWithSameGid.isEmpty())
        return;
    Attribute groupGidAttribute;
    try {
        groupGidAttribute = new Attribute(sess.getPerunBl().getAttributesManagerBl().getAttributeDefinition(sess, AttributesManager.NS_GROUP_ATTR_DEF + ":unixGID-namespace:" + namespaceName));
        groupGidAttribute.setValue(attribute.getValue());
    } catch (AttributeNotExistsException ex) {
        throw new ConsistencyErrorException("Namespace from value of " + namespaceAttribute + " doesn't exists. (Group-resource attribute " + AttributesManager.NS_GROUP_ATTR_DEF + ":unixGID-namespace:" + namespaceName + " doesn't exists", ex);
    }
    List<Group> groupWithSameGid = sess.getPerunBl().getGroupsManagerBl().getGroupsByAttribute(sess, groupGidAttribute);
    List<Group> candidateGroups = groupWithSameGid;
    candidateGroups.retainAll(sess.getPerunBl().getFacilitiesManagerBl().getAllowedGroups(sess, facility, null, null));
    for (Group group : candidateGroups) {
        //check if group has unix group name in namespace required by facility
        try {
            Attribute unixGroupName = sess.getPerunBl().getAttributesManagerBl().getAttribute(sess, group, AttributesManager.NS_GROUP_ATTR_DEF + ":unixGroupName-namespace:" + unixGroupNameNamespaceName);
            if (unixGroupName.getValue() == null || ((String) unixGroupName.getValue()).isEmpty()) {
                continue;
            }
        } catch (AttributeNotExistsException ex) {
            throw new InternalErrorException(ex);
        }
        //check if the user is member of the group
        if (sess.getPerunBl().getGroupsManagerBl().isUserMemberOfGroup(sess, user, group)) {
            //attribute is OK
            return;
        }
    }
    throw new WrongAttributeValueException(attribute, user, facility, "User isn't allowed to have the default unix group which have this gid (" + gid + ") or such group doesn't exist.  " + user);
}

Example 32 with AttributeNotExistsException

use of cz.metacentrum.perun.core.api.exceptions.AttributeNotExistsException in project perun by CESNET.

the class urn_perun_user_attribute_def_virt_preferredPhone method getAttributeValue.

@Override
public Attribute getAttributeValue(PerunSessionImpl sess, User user, AttributeDefinition attributeDefinition) throws InternalErrorException {
    Attribute attribute = new Attribute(attributeDefinition);
    try {
        Attribute sourceAttribute = sess.getPerunBl().getAttributesManagerBl().getAttribute(sess, user, "urn:perun:user:attribute-def:def:phoneDc2");
        if (sourceAttribute.getValue() != null) {
            attribute.setValue(sourceAttribute.getValue());
            return attribute;
        }
        sourceAttribute = sess.getPerunBl().getAttributesManagerBl().getAttribute(sess, user, "urn:perun:user:attribute-def:opt:mobilePhone");
        if (sourceAttribute.getValue() != null) {
            attribute.setValue(sourceAttribute.getValue());
            return attribute;
        }
        sourceAttribute = sess.getPerunBl().getAttributesManagerBl().getAttribute(sess, user, "urn:perun:user:attribute-def:opt:privatePhone");
        if (sourceAttribute.getValue() != null) {
            attribute.setValue(sourceAttribute.getValue());
            return attribute;
        }
        sourceAttribute = sess.getPerunBl().getAttributesManagerBl().getAttribute(sess, user, "urn:perun:user:attribute-def:opt:privatePhoneKos");
        if (sourceAttribute.getValue() != null) {
            attribute.setValue(sourceAttribute.getValue());
            return attribute;
        }
        return attribute;
    } catch (AttributeNotExistsException ex) {
        throw new InternalErrorException(ex);
    } catch (WrongAttributeAssignmentException e) {
        throw new InternalErrorException(e);
    }
}

Example 33 with AttributeNotExistsException

use of cz.metacentrum.perun.core.api.exceptions.AttributeNotExistsException in project perun by CESNET.

the class urn_perun_user_attribute_def_virt_userCertExpirations method getAttributeValue.

@Override
public Attribute getAttributeValue(PerunSessionImpl sess, User user, AttributeDefinition attributeDefinition) throws InternalErrorException {
    Attribute attribute = new Attribute(attributeDefinition);
    HashMap<String, String> certsExpirations = new LinkedHashMap<String, String>();
    try {
        Attribute userCertsAttribute = getUserCertsAttribute(sess, user);
        HashMap<String, String> certs = (LinkedHashMap<String, String>) userCertsAttribute.getValue();
        if (certs != null) {
            for (String certDN : certs.keySet()) {
                String cert = certs.get(certDN);
                // Remove --- BEGIN --- and --- END ----
                String certWithoutBegin = cert.replaceFirst("-----BEGIN CERTIFICATE-----", "");
                String rawCert = certWithoutBegin.replaceFirst("-----END CERTIFICATE-----", "");
                X509Certificate x509 = X509Certificate.getInstance(Base64.decodeBase64(rawCert.getBytes()));
                // TODO use some defined date/time format
                DateFormat dateFormat = DateFormat.getDateInstance();
                certsExpirations.put(certDN, dateFormat.format(x509.getNotAfter()));
            }
            attribute = Utils.copyAttributeToViAttributeWithoutValue(userCertsAttribute, attribute);
        }
    } catch (AttributeNotExistsException ex) {
    // FIXME throw new WrongReferenceAttributeValueException("User " + user + " doesn't have assigned urn:perun:user:attribute-def:def:userCertificates attribute", ex);
    } catch (CertificateException e) {
        throw new InternalErrorException("CertificateException - user: " + user + ".", e);
    }
    attribute.setValue(certsExpirations);
    return attribute;
}

Example 34 with AttributeNotExistsException

use of cz.metacentrum.perun.core.api.exceptions.AttributeNotExistsException in project perun by CESNET.

the class urn_perun_user_facility_attribute_def_def_accountExpirationTime method checkAttributeValue.

public void checkAttributeValue(PerunSessionImpl perunSession, Facility facility, User user, Attribute attribute) throws InternalErrorException, WrongAttributeValueException, WrongReferenceAttributeValueException, WrongAttributeAssignmentException {
    Integer accExpTime = (Integer) attribute.getValue();
    if (accExpTime == null) {
        throw new WrongAttributeValueException("account expiration time shouldn't be null");
    }
    Integer facilityAccExpTime = null;
    try {
        facilityAccExpTime = (Integer) perunSession.getPerunBl().getAttributesManagerBl().getAttribute(perunSession, facility, attribute.getName()).getValue();
    } catch (AttributeNotExistsException ex) {
        throw new InternalErrorException(ex);
    }
    if (accExpTime > facilityAccExpTime) {
        throw new WrongAttributeValueException("this user_facility attribute cannot has higher value than same facility attribute");
    }
}

Example 35 with AttributeNotExistsException

use of cz.metacentrum.perun.core.api.exceptions.AttributeNotExistsException in project perun by CESNET.

the class urn_perun_user_attribute_def_virt_openNebulaSSHAdminKeys method getAttributeValue.

@Override
public Attribute getAttributeValue(PerunSessionImpl sess, User user, AttributeDefinition attributeDefinition) throws InternalErrorException {
    Attribute attribute = new Attribute(attributeDefinition);
    List<String> userNebulaSSHAdminKeys = new ArrayList<>();
    Attribute userSSHAdminKeys;
    try {
        userSSHAdminKeys = sess.getPerunBl().getAttributesManagerBl().getAttribute(sess, user, A_U_sshPublicAdminKey);
    } catch (AttributeNotExistsException ex) {
        throw new ConsistencyErrorException(ex);
    } catch (WrongAttributeAssignmentException ex) {
        throw new InternalErrorException(ex);
    }
    if (userSSHAdminKeys.getValue() != null) {
        userNebulaSSHAdminKeys = (ArrayList<String>) userSSHAdminKeys.getValue();
    }
    attribute.setValue(userNebulaSSHAdminKeys);
    return attribute;
}