Search in sources :

Example 46 with ConsistencyErrorException

use of cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException in project perun by CESNET.

the class MembersManagerBlImpl method findMembersInParentGroup.

@Override
public List<Member> findMembersInParentGroup(PerunSession sess, Group group, String searchString) {
    List<User> users = getPerunBl().getUsersManagerBl().findUsers(sess, searchString);
    List<Member> allGroupMembers;
    if (group.getParentGroupId() == null) {
        Vo vo;
        try {
            vo = getPerunBl().getVosManagerBl().getVoById(sess, group.getVoId());
        } catch (VoNotExistsException ex) {
            throw new ConsistencyErrorException("Vo for group " + group + " does not exist.");
        }
        allGroupMembers = getPerunBl().getMembersManagerBl().getMembers(sess, vo);
    } else {
        allGroupMembers = getPerunBl().getGroupsManagerBl().getParentGroupMembers(sess, group);
    }
    List<Member> allFoundMembers = new ArrayList<>();
    for (User user : users) {
        allFoundMembers.addAll(getMembersByUser(sess, user));
    }
    allGroupMembers.retainAll(allFoundMembers);
    return allGroupMembers;
}
Also used : ConsistencyErrorException(cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException) User(cz.metacentrum.perun.core.api.User) RichUser(cz.metacentrum.perun.core.api.RichUser) ArrayList(java.util.ArrayList) Vo(cz.metacentrum.perun.core.api.Vo) BanOnVo(cz.metacentrum.perun.core.api.BanOnVo) RichMember(cz.metacentrum.perun.core.api.RichMember) Member(cz.metacentrum.perun.core.api.Member) VoNotExistsException(cz.metacentrum.perun.core.api.exceptions.VoNotExistsException)

Example 47 with ConsistencyErrorException

use of cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException in project perun by CESNET.

the class AttributesManagerEntry method fillAttributes.

@Override
public List<Attribute> fillAttributes(PerunSession sess, Member member, Group group, List<Attribute> attributes, boolean workWithUserAttributes) throws MemberNotExistsException, AttributeNotExistsException, WrongAttributeAssignmentException, GroupNotExistsException, MemberGroupMismatchException {
    Utils.checkPerunSession(sess);
    getPerunBl().getMembersManagerBl().checkMemberExists(sess, member);
    getPerunBl().getGroupsManagerBl().checkGroupExists(sess, group);
    getAttributesManagerBl().checkAttributesExists(sess, attributes);
    // Choose to which attributes has the principal access
    List<Attribute> listOfAttributes = getAttributesManagerBl().fillAttributes(sess, member, group, attributes, workWithUserAttributes);
    Iterator<Attribute> attrIter = listOfAttributes.iterator();
    while (attrIter.hasNext()) {
        Attribute attrNext = attrIter.next();
        if (getAttributesManagerBl().isFromNamespace(sess, attrNext, NS_MEMBER_GROUP_ATTR)) {
            if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, new AttributeDefinition(attrNext), member, group))
                attrIter.remove();
            else
                attrNext.setWritable(true);
        } else if (getAttributesManagerBl().isFromNamespace(sess, attrNext, NS_USER_ATTR)) {
            User u = getPerunBl().getUsersManagerBl().getUserByMember(sess, member);
            if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, new AttributeDefinition(attrNext), u))
                attrIter.remove();
            else
                attrNext.setWritable(true);
        } else if (getAttributesManagerBl().isFromNamespace(sess, attrNext, NS_MEMBER_ATTR)) {
            if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, new AttributeDefinition(attrNext), member))
                attrIter.remove();
            else
                attrNext.setWritable(true);
        } else {
            throw new ConsistencyErrorException("There is some attribute which is not type of any possible choice.");
        }
    }
    return listOfAttributes;
}
Also used : ConsistencyErrorException(cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException) User(cz.metacentrum.perun.core.api.User) Attribute(cz.metacentrum.perun.core.api.Attribute) AttributeDefinition(cz.metacentrum.perun.core.api.AttributeDefinition)

Example 48 with ConsistencyErrorException

use of cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException in project perun by CESNET.

the class AttributesManagerEntry method getAttributes.

@Override
public List<Attribute> getAttributes(PerunSession sess, Member member, List<String> attrNames, boolean workWithUserAttributes) throws MemberNotExistsException {
    Utils.checkPerunSession(sess);
    getPerunBl().getMembersManagerBl().checkMemberExists(sess, member);
    List<Attribute> attributes = getAttributesManagerBl().getAttributes(sess, member, attrNames, workWithUserAttributes);
    Iterator<Attribute> attrIter = attributes.iterator();
    // Choose to which attributes has the principal access
    User user = getPerunBl().getUsersManagerBl().getUserByMember(sess, member);
    while (attrIter.hasNext()) {
        Attribute attrNext = attrIter.next();
        if (getAttributesManagerBl().isFromNamespace(sess, attrNext, NS_MEMBER_ATTR)) {
            if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.READ, new AttributeDefinition(attrNext), member))
                attrIter.remove();
            else
                attrNext.setWritable(AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, attrNext, member));
        } else if (getAttributesManagerBl().isFromNamespace(sess, attrNext, NS_USER_ATTR)) {
            if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.READ, new AttributeDefinition(attrNext), user))
                attrIter.remove();
            else
                attrNext.setWritable(AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, attrNext, user));
        } else {
            throw new ConsistencyErrorException("One of getting attributes is not correct type: " + attrNext);
        }
    }
    return attributes;
}
Also used : ConsistencyErrorException(cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException) User(cz.metacentrum.perun.core.api.User) Attribute(cz.metacentrum.perun.core.api.Attribute) AttributeDefinition(cz.metacentrum.perun.core.api.AttributeDefinition)

Example 49 with ConsistencyErrorException

use of cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException in project perun by CESNET.

the class AttributesManagerEntry method getResourceRequiredAttributes.

@Override
public List<Attribute> getResourceRequiredAttributes(PerunSession sess, Resource resourceToGetServicesFrom, Resource resource, Group group, Member member, boolean workWithUserAttributes) throws ResourceNotExistsException, GroupNotExistsException, GroupResourceMismatchException, MemberNotExistsException, MemberGroupMismatchException, UserNotExistsException, FacilityNotExistsException, MemberResourceMismatchException {
    Utils.checkPerunSession(sess);
    getPerunBl().getResourcesManagerBl().checkResourceExists(sess, resourceToGetServicesFrom);
    getPerunBl().getResourcesManagerBl().checkResourceExists(sess, resource);
    getPerunBl().getGroupsManagerBl().checkGroupExists(sess, group);
    getPerunBl().getMembersManagerBl().checkMemberExists(sess, member);
    if (group.getVoId() != resource.getVoId()) {
        throw new GroupResourceMismatchException("Group and resource are not in the same VO.");
    }
    if (member.getVoId() != group.getVoId()) {
        throw new MemberGroupMismatchException("Member and Group are not in the same VO.", member, group);
    }
    List<Attribute> attributes = getAttributesManagerBl().getResourceRequiredAttributes(sess, resourceToGetServicesFrom, member, resource, workWithUserAttributes);
    attributes.addAll(getAttributesManagerBl().getResourceRequiredAttributes(sess, resourceToGetServicesFrom, member, group));
    User user = getPerunBl().getUsersManagerBl().getUserById(sess, member.getUserId());
    Facility facility = getPerunBl().getFacilitiesManagerBl().getFacilityById(sess, resource.getFacilityId());
    Iterator<Attribute> attrIter = attributes.iterator();
    // Choose to which attributes has the principal access
    while (attrIter.hasNext()) {
        Attribute attrNext = attrIter.next();
        if (getAttributesManagerBl().isFromNamespace(sess, attrNext, NS_MEMBER_ATTR)) {
            if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.READ, attrNext, member))
                attrIter.remove();
            else
                attrNext.setWritable(AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, attrNext, member));
        } else if (getAttributesManagerBl().isFromNamespace(sess, attrNext, NS_USER_ATTR)) {
            if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.READ, attrNext, user))
                attrIter.remove();
            else
                attrNext.setWritable(AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, attrNext, user));
        } else if (getAttributesManagerBl().isFromNamespace(sess, attrNext, NS_MEMBER_GROUP_ATTR)) {
            if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.READ, attrNext, member, group))
                attrIter.remove();
            else
                attrNext.setWritable(AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, attrNext, member, group));
        } else if (getAttributesManagerBl().isFromNamespace(sess, attrNext, NS_MEMBER_RESOURCE_ATTR)) {
            if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.READ, attrNext, member, resource))
                attrIter.remove();
            else
                attrNext.setWritable(AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, attrNext, member, resource));
        } else if (getAttributesManagerBl().isFromNamespace(sess, attrNext, NS_USER_FACILITY_ATTR)) {
            if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.READ, attrNext, user, facility))
                attrIter.remove();
            else
                attrNext.setWritable(AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, attrNext, user, facility));
        } else {
            throw new ConsistencyErrorException("There is some attribute which is not of expected type (member, user, user_facility, member_group, member_resource).");
        }
    }
    return attributes;
}
Also used : MemberGroupMismatchException(cz.metacentrum.perun.core.api.exceptions.MemberGroupMismatchException) ConsistencyErrorException(cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException) User(cz.metacentrum.perun.core.api.User) Attribute(cz.metacentrum.perun.core.api.Attribute) Facility(cz.metacentrum.perun.core.api.Facility) GroupResourceMismatchException(cz.metacentrum.perun.core.api.exceptions.GroupResourceMismatchException)

Example 50 with ConsistencyErrorException

use of cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException in project perun by CESNET.

the class AttributesManagerEntry method getRequiredAttributes.

@Override
public List<Attribute> getRequiredAttributes(PerunSession sess, Service service, Resource resource, Group group, boolean workWithGroupAttributes) throws ServiceNotExistsException, ResourceNotExistsException, GroupNotExistsException, GroupResourceMismatchException {
    Utils.checkPerunSession(sess);
    getPerunBl().getServicesManagerBl().checkServiceExists(sess, service);
    getPerunBl().getResourcesManagerBl().checkResourceExists(sess, resource);
    getPerunBl().getGroupsManagerBl().checkGroupExists(sess, group);
    List<Attribute> attributes = getAttributesManagerBl().getRequiredAttributes(sess, service, resource, group, workWithGroupAttributes);
    Iterator<Attribute> attrIter = attributes.iterator();
    // Choose to which attributes has the principal access
    while (attrIter.hasNext()) {
        Attribute attrNext = attrIter.next();
        if (getAttributesManagerBl().isFromNamespace(sess, attrNext, NS_GROUP_RESOURCE_ATTR)) {
            if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.READ, attrNext, group, resource))
                attrIter.remove();
            else
                attrNext.setWritable(AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, attrNext, group, resource));
        } else if (getAttributesManagerBl().isFromNamespace(sess, attrNext, NS_GROUP_ATTR)) {
            if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.READ, attrNext, group))
                attrIter.remove();
            else
                attrNext.setWritable(AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, attrNext, group));
        } else {
            throw new ConsistencyErrorException("There is some attribute which is not type of any possible choice.");
        }
    }
    return attributes;
}
Also used : ConsistencyErrorException(cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException) Attribute(cz.metacentrum.perun.core.api.Attribute)

Aggregations

ConsistencyErrorException (cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException)281 Attribute (cz.metacentrum.perun.core.api.Attribute)212 AttributeNotExistsException (cz.metacentrum.perun.core.api.exceptions.AttributeNotExistsException)162 WrongReferenceAttributeValueException (cz.metacentrum.perun.core.api.exceptions.WrongReferenceAttributeValueException)120 InternalErrorException (cz.metacentrum.perun.core.api.exceptions.InternalErrorException)111 WrongAttributeValueException (cz.metacentrum.perun.core.api.exceptions.WrongAttributeValueException)102 WrongAttributeAssignmentException (cz.metacentrum.perun.core.api.exceptions.WrongAttributeAssignmentException)84 User (cz.metacentrum.perun.core.api.User)60 ArrayList (java.util.ArrayList)51 Group (cz.metacentrum.perun.core.api.Group)44 Facility (cz.metacentrum.perun.core.api.Facility)41 Resource (cz.metacentrum.perun.core.api.Resource)37 Member (cz.metacentrum.perun.core.api.Member)30 LinkedHashMap (java.util.LinkedHashMap)23 Vo (cz.metacentrum.perun.core.api.Vo)22 RichAttribute (cz.metacentrum.perun.core.api.RichAttribute)21 GroupResourceMismatchException (cz.metacentrum.perun.core.api.exceptions.GroupResourceMismatchException)20 AttributeDefinition (cz.metacentrum.perun.core.api.AttributeDefinition)19 MemberNotExistsException (cz.metacentrum.perun.core.api.exceptions.MemberNotExistsException)17 VoNotExistsException (cz.metacentrum.perun.core.api.exceptions.VoNotExistsException)17