Search in sources :

Example 96 with ConsistencyErrorException

use of cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException in project perun by CESNET.

the class urn_perun_user_facility_attribute_def_def_basicDefaultGID method fillAttribute.

@Override
public Attribute fillAttribute(PerunSessionImpl sess, User user, Facility facility, AttributeDefinition attributeDefinition) throws WrongAttributeAssignmentException {
    Attribute attribute = new Attribute(attributeDefinition);
    List<Resource> allowedResources = sess.getPerunBl().getUsersManagerBl().getAllowedResources(sess, facility, user);
    try {
        for (Resource resource : allowedResources) {
            List<AttributeDefinition> resourceRequiredAttributesDefinitions = sess.getPerunBl().getAttributesManagerBl().getResourceRequiredAttributesDefinition(sess, resource);
            // if this attribute is not required by the services on the resource, skip the resource
            if (!resourceRequiredAttributesDefinitions.contains(attributeDefinition)) {
                continue;
            }
            Attribute unixGidAttribute = sess.getPerunBl().getAttributesManagerBl().getAttribute(sess, resource, AttributesManager.NS_RESOURCE_ATTR_VIRT + ":unixGID");
            if (unixGidAttribute.getValue() != null) {
                attribute.setValue(unixGidAttribute.getValue());
                return attribute;
            }
        }
    } catch (AttributeNotExistsException ex) {
        throw new ConsistencyErrorException(ex);
    }
    return attribute;
}
Also used : ConsistencyErrorException(cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException) Attribute(cz.metacentrum.perun.core.api.Attribute) AttributeNotExistsException(cz.metacentrum.perun.core.api.exceptions.AttributeNotExistsException) Resource(cz.metacentrum.perun.core.api.Resource) AttributeDefinition(cz.metacentrum.perun.core.api.AttributeDefinition)

Example 97 with ConsistencyErrorException

use of cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException in project perun by CESNET.

the class urn_perun_user_facility_attribute_def_def_basicDefaultGID method checkAttributeSemantics.

@Override
public void checkAttributeSemantics(PerunSessionImpl sess, User user, Facility facility, Attribute attribute) throws WrongReferenceAttributeValueException, WrongAttributeAssignmentException {
    Attribute namespaceAttribute;
    try {
        namespaceAttribute = sess.getPerunBl().getAttributesManagerBl().getAttribute(sess, facility, AttributesManager.NS_FACILITY_ATTR_DEF + ":unixGID-namespace");
    } catch (AttributeNotExistsException ex) {
        throw new ConsistencyErrorException(ex);
    }
    if (namespaceAttribute.getValue() == null) {
        throw new WrongReferenceAttributeValueException(attribute, namespaceAttribute, "Reference attribute is null");
    }
    String namespaceName = namespaceAttribute.valueAsString();
    Attribute resourceGidAttribute;
    try {
        resourceGidAttribute = new Attribute(sess.getPerunBl().getAttributesManagerBl().getAttributeDefinition(sess, AttributesManager.NS_RESOURCE_ATTR_DEF + ":unixGID-namespace:" + namespaceName));
    } catch (AttributeNotExistsException ex) {
        throw new ConsistencyErrorException("Namespace from value of " + namespaceAttribute + " doesn't exists. (Resource attribute " + AttributesManager.NS_RESOURCE_ATTR_DEF + ":unixGID-namespace:" + namespaceName + " doesn't exists", ex);
    }
    resourceGidAttribute.setValue(attribute.getValue());
    List<Resource> allowedResources = sess.getPerunBl().getUsersManagerBl().getAllowedResources(sess, facility, user);
    List<Resource> resourcesWithSameGid = sess.getPerunBl().getResourcesManagerBl().getResourcesByAttribute(sess, resourceGidAttribute);
    if (resourcesWithSameGid.isEmpty() && allowedResources.isEmpty() && resourceGidAttribute.getValue() == null)
        return;
    if (resourcesWithSameGid.isEmpty() && resourceGidAttribute.getValue() != null)
        throw new WrongReferenceAttributeValueException(attribute, null, user, facility, "Resource with required unix GID doesn't exist.");
    if (allowedResources.isEmpty())
        throw new WrongReferenceAttributeValueException(attribute, null, user, facility, "User has not access to required resource");
    resourcesWithSameGid.retainAll(allowedResources);
    // We did not find at least one allowed resource with same gid as the user have => attribute is NOK
    if (resourcesWithSameGid.isEmpty()) {
        throw new WrongReferenceAttributeValueException(attribute, null, user, facility, "User has not access to resource with required group id");
    }
}
Also used : ConsistencyErrorException(cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException) Attribute(cz.metacentrum.perun.core.api.Attribute) WrongReferenceAttributeValueException(cz.metacentrum.perun.core.api.exceptions.WrongReferenceAttributeValueException) AttributeNotExistsException(cz.metacentrum.perun.core.api.exceptions.AttributeNotExistsException) Resource(cz.metacentrum.perun.core.api.Resource)

Example 98 with ConsistencyErrorException

use of cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException in project perun by CESNET.

the class urn_perun_user_attribute_def_def_userCertDNs method changedAttributeHook.

@Override
public void changedAttributeHook(PerunSessionImpl session, User user, Attribute attribute) throws WrongReferenceAttributeValueException {
    Attribute userPreferredCertDN;
    try {
        userPreferredCertDN = session.getPerunBl().getAttributesManagerBl().getAttribute(session, user, AttributesManager.NS_USER_ATTR_DEF + ":userPreferredCertDN");
    } catch (AttributeNotExistsException ex) {
        throw new ConsistencyErrorException(ex);
    } catch (WrongAttributeAssignmentException ex) {
        throw new InternalErrorException(ex);
    }
    String preferredCertDNValue = null;
    if (userPreferredCertDN.getValue() != null)
        preferredCertDNValue = (String) userPreferredCertDN.getValue();
    Map<String, String> certDNs = null;
    if (attribute.getValue() != null)
        certDNs = (Map<String, String>) attribute.getValue();
    if (certDNs == null || certDNs.isEmpty()) {
        try {
            session.getPerunBl().getAttributesManagerBl().removeAttribute(session, user, userPreferredCertDN);
        } catch (WrongAttributeAssignmentException | WrongAttributeValueException ex) {
            throw new InternalErrorException(ex);
        }
    } else {
        Set<String> certDNsKeys = certDNs.keySet();
        String newPossibleCertDN = null;
        for (String key : certDNsKeys) {
            if (key != null && !key.isEmpty()) {
                newPossibleCertDN = key;
                break;
            }
        }
        if (preferredCertDNValue == null) {
            userPreferredCertDN.setValue(newPossibleCertDN);
            try {
                session.getPerunBl().getAttributesManagerBl().setAttribute(session, user, userPreferredCertDN);
            } catch (WrongAttributeAssignmentException | WrongAttributeValueException ex) {
                throw new InternalErrorException(ex);
            }
        } else {
            if (!certDNsKeys.contains(preferredCertDNValue)) {
                userPreferredCertDN.setValue(newPossibleCertDN);
                try {
                    session.getPerunBl().getAttributesManagerBl().setAttribute(session, user, userPreferredCertDN);
                } catch (WrongAttributeAssignmentException | WrongAttributeValueException ex) {
                    throw new InternalErrorException(ex);
                }
            }
        }
    }
}
Also used : ConsistencyErrorException(cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException) Attribute(cz.metacentrum.perun.core.api.Attribute) WrongAttributeAssignmentException(cz.metacentrum.perun.core.api.exceptions.WrongAttributeAssignmentException) AttributeNotExistsException(cz.metacentrum.perun.core.api.exceptions.AttributeNotExistsException) InternalErrorException(cz.metacentrum.perun.core.api.exceptions.InternalErrorException) WrongAttributeValueException(cz.metacentrum.perun.core.api.exceptions.WrongAttributeValueException) LinkedHashMap(java.util.LinkedHashMap) Map(java.util.Map)

Example 99 with ConsistencyErrorException

use of cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException in project perun by CESNET.

the class urn_perun_user_attribute_def_def_userPreferredCertDN method changedAttributeHook.

@Override
public void changedAttributeHook(PerunSessionImpl session, User user, Attribute attribute) throws WrongReferenceAttributeValueException {
    if (attribute.getValue() == null) {
        Attribute userCertDNs;
        try {
            userCertDNs = session.getPerunBl().getAttributesManagerBl().getAttribute(session, user, AttributesManager.NS_USER_ATTR_DEF + ":userCertDNs");
        } catch (AttributeNotExistsException ex) {
            throw new ConsistencyErrorException(ex);
        } catch (WrongAttributeAssignmentException ex) {
            throw new InternalErrorException(ex);
        }
        Map<String, String> certDNsValue = null;
        if (userCertDNs.getValue() != null) {
            certDNsValue = (Map<String, String>) userCertDNs.getValue();
        }
        if (certDNsValue != null && !certDNsValue.isEmpty()) {
            throw new WrongReferenceAttributeValueException(attribute, "Can't remove preferredCert if there is any existing certDNs for the user.");
        }
    }
}
Also used : ConsistencyErrorException(cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException) Attribute(cz.metacentrum.perun.core.api.Attribute) WrongAttributeAssignmentException(cz.metacentrum.perun.core.api.exceptions.WrongAttributeAssignmentException) WrongReferenceAttributeValueException(cz.metacentrum.perun.core.api.exceptions.WrongReferenceAttributeValueException) AttributeNotExistsException(cz.metacentrum.perun.core.api.exceptions.AttributeNotExistsException) InternalErrorException(cz.metacentrum.perun.core.api.exceptions.InternalErrorException)

Example 100 with ConsistencyErrorException

use of cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException in project perun by CESNET.

the class urn_perun_user_attribute_def_def_vsupExchangeMailAliases method changedAttributeHook.

@Override
public void changedAttributeHook(PerunSessionImpl session, User user, Attribute attribute) throws WrongReferenceAttributeValueException {
    // list of reserved mails for user
    Attribute reservedMailsAttribute;
    ArrayList<String> reservedMailsAttributeValue;
    // other vsup mail attributes to get values from
    Attribute vsupMailAttribute;
    Attribute vsupPreferredMailAttribute;
    Attribute vsupExchangeMailAttribute;
    // output sets used for comparison
    Set<String> reservedMailsOfUser = new HashSet<>();
    Set<String> actualMailsOfUser = new HashSet<>();
    // get related attributes
    try {
        reservedMailsAttribute = session.getPerunBl().getAttributesManagerBl().getAttributeForUpdate(session, user, usedMailsUrn);
        vsupMailAttribute = session.getPerunBl().getAttributesManagerBl().getAttribute(session, user, vsupMailUrn);
        vsupPreferredMailAttribute = session.getPerunBl().getAttributesManagerBl().getAttribute(session, user, vsupPreferredMailUrn);
        vsupExchangeMailAttribute = session.getPerunBl().getAttributesManagerBl().getAttribute(session, user, vsupExchangeMailUrn);
    } catch (AttributeNotExistsException ex) {
        throw new ConsistencyErrorException("Attribute doesn't exists.", ex);
    } catch (WrongAttributeAssignmentException e) {
        throw new InternalErrorException(e);
    }
    if (attribute.getValue() == null && reservedMailsAttribute.getValue() == null) {
        throw new ConsistencyErrorException("User attribute 'urn:perun:user:attribute-def:def:usedMails' is empty, but we are removing 'vsupExchangeMailAliases' value, so there should have been entry in usedMails attribute.");
    }
    if (reservedMailsAttribute.getValue() == null) {
        reservedMailsAttributeValue = new ArrayList<>();
    } else {
        reservedMailsAttributeValue = reservedMailsAttribute.valueAsList();
    }
    // fill set for comparison
    reservedMailsOfUser.addAll(reservedMailsAttributeValue);
    if (vsupMailAttribute.getValue() != null) {
        actualMailsOfUser.add(vsupMailAttribute.valueAsString());
    }
    if (vsupPreferredMailAttribute.getValue() != null) {
        actualMailsOfUser.add(vsupPreferredMailAttribute.valueAsString());
    }
    if (vsupExchangeMailAttribute.getValue() != null) {
        actualMailsOfUser.add(vsupExchangeMailAttribute.valueAsString());
    }
    // Remove values, which are no longer set to any of user mail attributes
    for (String mail : reservedMailsOfUser) {
        if (!actualMailsOfUser.contains(mail)) {
            // Remove mail, which is not in attributes anymore
            reservedMailsAttributeValue.remove(mail);
        }
    }
    // if SET action and new mails are not present (prevent duplicates within the value)
    if (attribute.getValue() != null) {
        List<String> mails = attribute.valueAsList();
        for (String mail : mails) {
            if (!reservedMailsAttributeValue.contains(mail)) {
                reservedMailsAttributeValue.add(mail);
            }
        }
    }
    // save changes in reserved mails attribute
    try {
        // always set value to attribute, since we might start with null in attribute and empty list in variable !!
        reservedMailsAttribute.setValue(reservedMailsAttributeValue);
        session.getPerunBl().getAttributesManagerBl().setAttribute(session, user, reservedMailsAttribute);
    } catch (WrongAttributeValueException | WrongAttributeAssignmentException ex) {
        throw new InternalErrorException(ex);
    }
}
Also used : ConsistencyErrorException(cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException) Attribute(cz.metacentrum.perun.core.api.Attribute) WrongAttributeAssignmentException(cz.metacentrum.perun.core.api.exceptions.WrongAttributeAssignmentException) AttributeNotExistsException(cz.metacentrum.perun.core.api.exceptions.AttributeNotExistsException) InternalErrorException(cz.metacentrum.perun.core.api.exceptions.InternalErrorException) WrongAttributeValueException(cz.metacentrum.perun.core.api.exceptions.WrongAttributeValueException) HashSet(java.util.HashSet)

Aggregations

ConsistencyErrorException (cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException)281 Attribute (cz.metacentrum.perun.core.api.Attribute)212 AttributeNotExistsException (cz.metacentrum.perun.core.api.exceptions.AttributeNotExistsException)162 WrongReferenceAttributeValueException (cz.metacentrum.perun.core.api.exceptions.WrongReferenceAttributeValueException)120 InternalErrorException (cz.metacentrum.perun.core.api.exceptions.InternalErrorException)111 WrongAttributeValueException (cz.metacentrum.perun.core.api.exceptions.WrongAttributeValueException)102 WrongAttributeAssignmentException (cz.metacentrum.perun.core.api.exceptions.WrongAttributeAssignmentException)84 User (cz.metacentrum.perun.core.api.User)60 ArrayList (java.util.ArrayList)51 Group (cz.metacentrum.perun.core.api.Group)44 Facility (cz.metacentrum.perun.core.api.Facility)41 Resource (cz.metacentrum.perun.core.api.Resource)37 Member (cz.metacentrum.perun.core.api.Member)30 LinkedHashMap (java.util.LinkedHashMap)23 Vo (cz.metacentrum.perun.core.api.Vo)22 RichAttribute (cz.metacentrum.perun.core.api.RichAttribute)21 GroupResourceMismatchException (cz.metacentrum.perun.core.api.exceptions.GroupResourceMismatchException)20 AttributeDefinition (cz.metacentrum.perun.core.api.AttributeDefinition)19 MemberNotExistsException (cz.metacentrum.perun.core.api.exceptions.MemberNotExistsException)17 VoNotExistsException (cz.metacentrum.perun.core.api.exceptions.VoNotExistsException)17