use of cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException in project perun by CESNET.
the class MembersManagerBlImpl method findMembersInParentGroup.
@Override
public List<Member> findMembersInParentGroup(PerunSession sess, Group group, String searchString) {
List<User> users = getPerunBl().getUsersManagerBl().findUsers(sess, searchString);
List<Member> allGroupMembers;
if (group.getParentGroupId() == null) {
Vo vo;
try {
vo = getPerunBl().getVosManagerBl().getVoById(sess, group.getVoId());
} catch (VoNotExistsException ex) {
throw new ConsistencyErrorException("Vo for group " + group + " does not exist.");
}
allGroupMembers = getPerunBl().getMembersManagerBl().getMembers(sess, vo);
} else {
allGroupMembers = getPerunBl().getGroupsManagerBl().getParentGroupMembers(sess, group);
}
List<Member> allFoundMembers = new ArrayList<>();
for (User user : users) {
allFoundMembers.addAll(getMembersByUser(sess, user));
}
allGroupMembers.retainAll(allFoundMembers);
return allGroupMembers;
}
use of cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException in project perun by CESNET.
the class AttributesManagerEntry method fillAttributes.
@Override
public List<Attribute> fillAttributes(PerunSession sess, Member member, Group group, List<Attribute> attributes, boolean workWithUserAttributes) throws MemberNotExistsException, AttributeNotExistsException, WrongAttributeAssignmentException, GroupNotExistsException, MemberGroupMismatchException {
Utils.checkPerunSession(sess);
getPerunBl().getMembersManagerBl().checkMemberExists(sess, member);
getPerunBl().getGroupsManagerBl().checkGroupExists(sess, group);
getAttributesManagerBl().checkAttributesExists(sess, attributes);
// Choose to which attributes has the principal access
List<Attribute> listOfAttributes = getAttributesManagerBl().fillAttributes(sess, member, group, attributes, workWithUserAttributes);
Iterator<Attribute> attrIter = listOfAttributes.iterator();
while (attrIter.hasNext()) {
Attribute attrNext = attrIter.next();
if (getAttributesManagerBl().isFromNamespace(sess, attrNext, NS_MEMBER_GROUP_ATTR)) {
if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, new AttributeDefinition(attrNext), member, group))
attrIter.remove();
else
attrNext.setWritable(true);
} else if (getAttributesManagerBl().isFromNamespace(sess, attrNext, NS_USER_ATTR)) {
User u = getPerunBl().getUsersManagerBl().getUserByMember(sess, member);
if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, new AttributeDefinition(attrNext), u))
attrIter.remove();
else
attrNext.setWritable(true);
} else if (getAttributesManagerBl().isFromNamespace(sess, attrNext, NS_MEMBER_ATTR)) {
if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, new AttributeDefinition(attrNext), member))
attrIter.remove();
else
attrNext.setWritable(true);
} else {
throw new ConsistencyErrorException("There is some attribute which is not type of any possible choice.");
}
}
return listOfAttributes;
}
use of cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException in project perun by CESNET.
the class AttributesManagerEntry method getAttributes.
@Override
public List<Attribute> getAttributes(PerunSession sess, Member member, List<String> attrNames, boolean workWithUserAttributes) throws MemberNotExistsException {
Utils.checkPerunSession(sess);
getPerunBl().getMembersManagerBl().checkMemberExists(sess, member);
List<Attribute> attributes = getAttributesManagerBl().getAttributes(sess, member, attrNames, workWithUserAttributes);
Iterator<Attribute> attrIter = attributes.iterator();
// Choose to which attributes has the principal access
User user = getPerunBl().getUsersManagerBl().getUserByMember(sess, member);
while (attrIter.hasNext()) {
Attribute attrNext = attrIter.next();
if (getAttributesManagerBl().isFromNamespace(sess, attrNext, NS_MEMBER_ATTR)) {
if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.READ, new AttributeDefinition(attrNext), member))
attrIter.remove();
else
attrNext.setWritable(AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, attrNext, member));
} else if (getAttributesManagerBl().isFromNamespace(sess, attrNext, NS_USER_ATTR)) {
if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.READ, new AttributeDefinition(attrNext), user))
attrIter.remove();
else
attrNext.setWritable(AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, attrNext, user));
} else {
throw new ConsistencyErrorException("One of getting attributes is not correct type: " + attrNext);
}
}
return attributes;
}
use of cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException in project perun by CESNET.
the class AttributesManagerEntry method getResourceRequiredAttributes.
@Override
public List<Attribute> getResourceRequiredAttributes(PerunSession sess, Resource resourceToGetServicesFrom, Resource resource, Group group, Member member, boolean workWithUserAttributes) throws ResourceNotExistsException, GroupNotExistsException, GroupResourceMismatchException, MemberNotExistsException, MemberGroupMismatchException, UserNotExistsException, FacilityNotExistsException, MemberResourceMismatchException {
Utils.checkPerunSession(sess);
getPerunBl().getResourcesManagerBl().checkResourceExists(sess, resourceToGetServicesFrom);
getPerunBl().getResourcesManagerBl().checkResourceExists(sess, resource);
getPerunBl().getGroupsManagerBl().checkGroupExists(sess, group);
getPerunBl().getMembersManagerBl().checkMemberExists(sess, member);
if (group.getVoId() != resource.getVoId()) {
throw new GroupResourceMismatchException("Group and resource are not in the same VO.");
}
if (member.getVoId() != group.getVoId()) {
throw new MemberGroupMismatchException("Member and Group are not in the same VO.", member, group);
}
List<Attribute> attributes = getAttributesManagerBl().getResourceRequiredAttributes(sess, resourceToGetServicesFrom, member, resource, workWithUserAttributes);
attributes.addAll(getAttributesManagerBl().getResourceRequiredAttributes(sess, resourceToGetServicesFrom, member, group));
User user = getPerunBl().getUsersManagerBl().getUserById(sess, member.getUserId());
Facility facility = getPerunBl().getFacilitiesManagerBl().getFacilityById(sess, resource.getFacilityId());
Iterator<Attribute> attrIter = attributes.iterator();
// Choose to which attributes has the principal access
while (attrIter.hasNext()) {
Attribute attrNext = attrIter.next();
if (getAttributesManagerBl().isFromNamespace(sess, attrNext, NS_MEMBER_ATTR)) {
if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.READ, attrNext, member))
attrIter.remove();
else
attrNext.setWritable(AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, attrNext, member));
} else if (getAttributesManagerBl().isFromNamespace(sess, attrNext, NS_USER_ATTR)) {
if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.READ, attrNext, user))
attrIter.remove();
else
attrNext.setWritable(AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, attrNext, user));
} else if (getAttributesManagerBl().isFromNamespace(sess, attrNext, NS_MEMBER_GROUP_ATTR)) {
if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.READ, attrNext, member, group))
attrIter.remove();
else
attrNext.setWritable(AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, attrNext, member, group));
} else if (getAttributesManagerBl().isFromNamespace(sess, attrNext, NS_MEMBER_RESOURCE_ATTR)) {
if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.READ, attrNext, member, resource))
attrIter.remove();
else
attrNext.setWritable(AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, attrNext, member, resource));
} else if (getAttributesManagerBl().isFromNamespace(sess, attrNext, NS_USER_FACILITY_ATTR)) {
if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.READ, attrNext, user, facility))
attrIter.remove();
else
attrNext.setWritable(AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, attrNext, user, facility));
} else {
throw new ConsistencyErrorException("There is some attribute which is not of expected type (member, user, user_facility, member_group, member_resource).");
}
}
return attributes;
}
use of cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException in project perun by CESNET.
the class AttributesManagerEntry method getRequiredAttributes.
@Override
public List<Attribute> getRequiredAttributes(PerunSession sess, Service service, Resource resource, Group group, boolean workWithGroupAttributes) throws ServiceNotExistsException, ResourceNotExistsException, GroupNotExistsException, GroupResourceMismatchException {
Utils.checkPerunSession(sess);
getPerunBl().getServicesManagerBl().checkServiceExists(sess, service);
getPerunBl().getResourcesManagerBl().checkResourceExists(sess, resource);
getPerunBl().getGroupsManagerBl().checkGroupExists(sess, group);
List<Attribute> attributes = getAttributesManagerBl().getRequiredAttributes(sess, service, resource, group, workWithGroupAttributes);
Iterator<Attribute> attrIter = attributes.iterator();
// Choose to which attributes has the principal access
while (attrIter.hasNext()) {
Attribute attrNext = attrIter.next();
if (getAttributesManagerBl().isFromNamespace(sess, attrNext, NS_GROUP_RESOURCE_ATTR)) {
if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.READ, attrNext, group, resource))
attrIter.remove();
else
attrNext.setWritable(AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, attrNext, group, resource));
} else if (getAttributesManagerBl().isFromNamespace(sess, attrNext, NS_GROUP_ATTR)) {
if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.READ, attrNext, group))
attrIter.remove();
else
attrNext.setWritable(AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, attrNext, group));
} else {
throw new ConsistencyErrorException("There is some attribute which is not type of any possible choice.");
}
}
return attributes;
}
Aggregations