use of cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException in project perun by CESNET.
the class urn_perun_user_facility_attribute_def_def_basicDefaultGID method fillAttribute.
@Override
public Attribute fillAttribute(PerunSessionImpl sess, User user, Facility facility, AttributeDefinition attributeDefinition) throws WrongAttributeAssignmentException {
Attribute attribute = new Attribute(attributeDefinition);
List<Resource> allowedResources = sess.getPerunBl().getUsersManagerBl().getAllowedResources(sess, facility, user);
try {
for (Resource resource : allowedResources) {
List<AttributeDefinition> resourceRequiredAttributesDefinitions = sess.getPerunBl().getAttributesManagerBl().getResourceRequiredAttributesDefinition(sess, resource);
// if this attribute is not required by the services on the resource, skip the resource
if (!resourceRequiredAttributesDefinitions.contains(attributeDefinition)) {
continue;
}
Attribute unixGidAttribute = sess.getPerunBl().getAttributesManagerBl().getAttribute(sess, resource, AttributesManager.NS_RESOURCE_ATTR_VIRT + ":unixGID");
if (unixGidAttribute.getValue() != null) {
attribute.setValue(unixGidAttribute.getValue());
return attribute;
}
}
} catch (AttributeNotExistsException ex) {
throw new ConsistencyErrorException(ex);
}
return attribute;
}
use of cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException in project perun by CESNET.
the class urn_perun_user_facility_attribute_def_def_basicDefaultGID method checkAttributeSemantics.
@Override
public void checkAttributeSemantics(PerunSessionImpl sess, User user, Facility facility, Attribute attribute) throws WrongReferenceAttributeValueException, WrongAttributeAssignmentException {
Attribute namespaceAttribute;
try {
namespaceAttribute = sess.getPerunBl().getAttributesManagerBl().getAttribute(sess, facility, AttributesManager.NS_FACILITY_ATTR_DEF + ":unixGID-namespace");
} catch (AttributeNotExistsException ex) {
throw new ConsistencyErrorException(ex);
}
if (namespaceAttribute.getValue() == null) {
throw new WrongReferenceAttributeValueException(attribute, namespaceAttribute, "Reference attribute is null");
}
String namespaceName = namespaceAttribute.valueAsString();
Attribute resourceGidAttribute;
try {
resourceGidAttribute = new Attribute(sess.getPerunBl().getAttributesManagerBl().getAttributeDefinition(sess, AttributesManager.NS_RESOURCE_ATTR_DEF + ":unixGID-namespace:" + namespaceName));
} catch (AttributeNotExistsException ex) {
throw new ConsistencyErrorException("Namespace from value of " + namespaceAttribute + " doesn't exists. (Resource attribute " + AttributesManager.NS_RESOURCE_ATTR_DEF + ":unixGID-namespace:" + namespaceName + " doesn't exists", ex);
}
resourceGidAttribute.setValue(attribute.getValue());
List<Resource> allowedResources = sess.getPerunBl().getUsersManagerBl().getAllowedResources(sess, facility, user);
List<Resource> resourcesWithSameGid = sess.getPerunBl().getResourcesManagerBl().getResourcesByAttribute(sess, resourceGidAttribute);
if (resourcesWithSameGid.isEmpty() && allowedResources.isEmpty() && resourceGidAttribute.getValue() == null)
return;
if (resourcesWithSameGid.isEmpty() && resourceGidAttribute.getValue() != null)
throw new WrongReferenceAttributeValueException(attribute, null, user, facility, "Resource with required unix GID doesn't exist.");
if (allowedResources.isEmpty())
throw new WrongReferenceAttributeValueException(attribute, null, user, facility, "User has not access to required resource");
resourcesWithSameGid.retainAll(allowedResources);
// We did not find at least one allowed resource with same gid as the user have => attribute is NOK
if (resourcesWithSameGid.isEmpty()) {
throw new WrongReferenceAttributeValueException(attribute, null, user, facility, "User has not access to resource with required group id");
}
}
use of cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException in project perun by CESNET.
the class urn_perun_user_attribute_def_def_userCertDNs method changedAttributeHook.
@Override
public void changedAttributeHook(PerunSessionImpl session, User user, Attribute attribute) throws WrongReferenceAttributeValueException {
Attribute userPreferredCertDN;
try {
userPreferredCertDN = session.getPerunBl().getAttributesManagerBl().getAttribute(session, user, AttributesManager.NS_USER_ATTR_DEF + ":userPreferredCertDN");
} catch (AttributeNotExistsException ex) {
throw new ConsistencyErrorException(ex);
} catch (WrongAttributeAssignmentException ex) {
throw new InternalErrorException(ex);
}
String preferredCertDNValue = null;
if (userPreferredCertDN.getValue() != null)
preferredCertDNValue = (String) userPreferredCertDN.getValue();
Map<String, String> certDNs = null;
if (attribute.getValue() != null)
certDNs = (Map<String, String>) attribute.getValue();
if (certDNs == null || certDNs.isEmpty()) {
try {
session.getPerunBl().getAttributesManagerBl().removeAttribute(session, user, userPreferredCertDN);
} catch (WrongAttributeAssignmentException | WrongAttributeValueException ex) {
throw new InternalErrorException(ex);
}
} else {
Set<String> certDNsKeys = certDNs.keySet();
String newPossibleCertDN = null;
for (String key : certDNsKeys) {
if (key != null && !key.isEmpty()) {
newPossibleCertDN = key;
break;
}
}
if (preferredCertDNValue == null) {
userPreferredCertDN.setValue(newPossibleCertDN);
try {
session.getPerunBl().getAttributesManagerBl().setAttribute(session, user, userPreferredCertDN);
} catch (WrongAttributeAssignmentException | WrongAttributeValueException ex) {
throw new InternalErrorException(ex);
}
} else {
if (!certDNsKeys.contains(preferredCertDNValue)) {
userPreferredCertDN.setValue(newPossibleCertDN);
try {
session.getPerunBl().getAttributesManagerBl().setAttribute(session, user, userPreferredCertDN);
} catch (WrongAttributeAssignmentException | WrongAttributeValueException ex) {
throw new InternalErrorException(ex);
}
}
}
}
}
use of cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException in project perun by CESNET.
the class urn_perun_user_attribute_def_def_userPreferredCertDN method changedAttributeHook.
@Override
public void changedAttributeHook(PerunSessionImpl session, User user, Attribute attribute) throws WrongReferenceAttributeValueException {
if (attribute.getValue() == null) {
Attribute userCertDNs;
try {
userCertDNs = session.getPerunBl().getAttributesManagerBl().getAttribute(session, user, AttributesManager.NS_USER_ATTR_DEF + ":userCertDNs");
} catch (AttributeNotExistsException ex) {
throw new ConsistencyErrorException(ex);
} catch (WrongAttributeAssignmentException ex) {
throw new InternalErrorException(ex);
}
Map<String, String> certDNsValue = null;
if (userCertDNs.getValue() != null) {
certDNsValue = (Map<String, String>) userCertDNs.getValue();
}
if (certDNsValue != null && !certDNsValue.isEmpty()) {
throw new WrongReferenceAttributeValueException(attribute, "Can't remove preferredCert if there is any existing certDNs for the user.");
}
}
}
use of cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException in project perun by CESNET.
the class urn_perun_user_attribute_def_def_vsupExchangeMailAliases method changedAttributeHook.
@Override
public void changedAttributeHook(PerunSessionImpl session, User user, Attribute attribute) throws WrongReferenceAttributeValueException {
// list of reserved mails for user
Attribute reservedMailsAttribute;
ArrayList<String> reservedMailsAttributeValue;
// other vsup mail attributes to get values from
Attribute vsupMailAttribute;
Attribute vsupPreferredMailAttribute;
Attribute vsupExchangeMailAttribute;
// output sets used for comparison
Set<String> reservedMailsOfUser = new HashSet<>();
Set<String> actualMailsOfUser = new HashSet<>();
// get related attributes
try {
reservedMailsAttribute = session.getPerunBl().getAttributesManagerBl().getAttributeForUpdate(session, user, usedMailsUrn);
vsupMailAttribute = session.getPerunBl().getAttributesManagerBl().getAttribute(session, user, vsupMailUrn);
vsupPreferredMailAttribute = session.getPerunBl().getAttributesManagerBl().getAttribute(session, user, vsupPreferredMailUrn);
vsupExchangeMailAttribute = session.getPerunBl().getAttributesManagerBl().getAttribute(session, user, vsupExchangeMailUrn);
} catch (AttributeNotExistsException ex) {
throw new ConsistencyErrorException("Attribute doesn't exists.", ex);
} catch (WrongAttributeAssignmentException e) {
throw new InternalErrorException(e);
}
if (attribute.getValue() == null && reservedMailsAttribute.getValue() == null) {
throw new ConsistencyErrorException("User attribute 'urn:perun:user:attribute-def:def:usedMails' is empty, but we are removing 'vsupExchangeMailAliases' value, so there should have been entry in usedMails attribute.");
}
if (reservedMailsAttribute.getValue() == null) {
reservedMailsAttributeValue = new ArrayList<>();
} else {
reservedMailsAttributeValue = reservedMailsAttribute.valueAsList();
}
// fill set for comparison
reservedMailsOfUser.addAll(reservedMailsAttributeValue);
if (vsupMailAttribute.getValue() != null) {
actualMailsOfUser.add(vsupMailAttribute.valueAsString());
}
if (vsupPreferredMailAttribute.getValue() != null) {
actualMailsOfUser.add(vsupPreferredMailAttribute.valueAsString());
}
if (vsupExchangeMailAttribute.getValue() != null) {
actualMailsOfUser.add(vsupExchangeMailAttribute.valueAsString());
}
// Remove values, which are no longer set to any of user mail attributes
for (String mail : reservedMailsOfUser) {
if (!actualMailsOfUser.contains(mail)) {
// Remove mail, which is not in attributes anymore
reservedMailsAttributeValue.remove(mail);
}
}
// if SET action and new mails are not present (prevent duplicates within the value)
if (attribute.getValue() != null) {
List<String> mails = attribute.valueAsList();
for (String mail : mails) {
if (!reservedMailsAttributeValue.contains(mail)) {
reservedMailsAttributeValue.add(mail);
}
}
}
// save changes in reserved mails attribute
try {
// always set value to attribute, since we might start with null in attribute and empty list in variable !!
reservedMailsAttribute.setValue(reservedMailsAttributeValue);
session.getPerunBl().getAttributesManagerBl().setAttribute(session, user, reservedMailsAttribute);
} catch (WrongAttributeValueException | WrongAttributeAssignmentException ex) {
throw new InternalErrorException(ex);
}
}
Aggregations