Examples with ConsistencyErrorException cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException used on opensource projects

Example 31 with ConsistencyErrorException

use of cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException in project perun by CESNET.

the class ResourcesManagerBlImpl method assignServices.

@Override
public void assignServices(PerunSession sess, Resource resource, List<Service> services) throws ServiceAlreadyAssignedException, WrongAttributeValueException, WrongReferenceAttributeValueException {
    for (Service service : services) {
        getResourcesManagerImpl().assignService(sess, resource, service);
        getPerunBl().getAuditer().log(sess, new ServiceAssignedToResource(service, resource));
    }
    boolean requiresAttributes = services.stream().anyMatch(s -> !getPerunBl().getAttributesManagerBl().getRequiredAttributesDefinition(sess, s).isEmpty());
    if (!requiresAttributes) {
        // there are new no attributes to check or add
        return;
    }
    try {
        fillAndSetRequiredAttributesForGroups(sess, services, resource);
        checkSemanticsOfFacilityAndResourceRequiredAttributes(sess, resource);
        updateAllRequiredAttributesForAllowedMembers(sess, resource, services);
    } catch (WrongAttributeAssignmentException | GroupResourceMismatchException | MemberResourceMismatchException | AttributeNotExistsException e) {
        throw new ConsistencyErrorException(e);
    }
}

Example 32 with ConsistencyErrorException

use of cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException in project perun by CESNET.

the class ResourcesManagerBlImpl method processGroupResourceActivation.

/**
 * Sets assignment status of given group and resource to ACTIVE. Check if attributes for each member
 * from group are valid. Fill members' attributes with missing values.
 *
 * @param sess session
 * @param group group
 * @param resource resource
 * @throws WrongAttributeValueException when an attribute value has wrong/illegal syntax
 * @throws WrongReferenceAttributeValueException when an attribute value has wrong/illegal semantics
 * @throws GroupResourceMismatchException when the given group and resource are not from the same VO
 * @throws GroupNotDefinedOnResourceException when there is no such group-resource assignment
 */
private void processGroupResourceActivation(PerunSession sess, Group group, Resource resource) throws GroupResourceMismatchException, WrongReferenceAttributeValueException, WrongAttributeValueException, GroupNotDefinedOnResourceException {
    getPerunBl().getAttributesManagerBl().checkGroupIsFromTheSameVoLikeResource(sess, group, resource);
    // set status as ACTIVE first because methods checkAttributesSemantics and fillAttribute need active state to work correctly
    getResourcesManagerImpl().setGroupResourceStatus(sess, group, resource, GroupResourceStatus.ACTIVE);
    // reset assignment failure cause
    getResourcesManagerImpl().setFailedGroupResourceAssignmentCause(sess, group, resource, null);
    // if there are no services, the members are empty and there is nothing more to process
    if (getAssignedServices(sess, resource).isEmpty()) {
        getPerunBl().getAuditer().log(sess, new GroupAssignedToResource(group, resource));
        return;
    }
    // get/fill/set all required group and group-resource attributes
    try {
        List<Attribute> attributes = getPerunBl().getAttributesManagerBl().getResourceRequiredAttributes(sess, resource, resource, group, true);
        attributes = getPerunBl().getAttributesManagerBl().fillAttributes(sess, resource, group, attributes, true);
        getPerunBl().getAttributesManagerBl().setAttributes(sess, resource, group, attributes, true);
    } catch (WrongAttributeAssignmentException | GroupResourceMismatchException ex) {
        throw new ConsistencyErrorException(ex);
    }
    List<Member> members = getPerunBl().getGroupsManagerBl().getGroupMembersExceptInvalidAndDisabled(sess, group);
    // get all "allowed" group members and get/fill/set required attributes for them
    Facility facility = getPerunBl().getResourcesManagerBl().getFacility(sess, resource);
    for (Member member : members) {
        User user = getPerunBl().getUsersManagerBl().getUserByMember(sess, member);
        try {
            getPerunBl().getAttributesManagerBl().setRequiredAttributes(sess, facility, resource, user, member, true);
        } catch (WrongAttributeAssignmentException | MemberResourceMismatchException | AttributeNotExistsException ex) {
            throw new ConsistencyErrorException(ex);
        }
    }
    getPerunBl().getAuditer().log(sess, new GroupAssignedToResource(group, resource));
// TODO: set and check member-group attributes
}

Example 33 with ConsistencyErrorException

use of cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException in project perun by CESNET.

the class ResourcesManagerBlImpl method removeGroupFromResource.

/**
 * Remove group from a resource. Remove subgroups automatic assignments.
 * After removing, check attributes and fix them if it is needed.
 *
 * @param sess
 * @param group
 * @param resource
 * @param sourceGroupId id of a source group if an automatic assignment should be deleted, null otherwise
 * @throws GroupNotDefinedOnResourceException when there is no such group-resource assignment
 * @throws GroupAlreadyRemovedFromResourceException when the assignment was already removed
 */
private void removeGroupFromResource(PerunSession sess, Group group, Resource resource, Integer sourceGroupId) throws GroupNotDefinedOnResourceException, GroupAlreadyRemovedFromResourceException {
    Vo groupVo = getPerunBl().getGroupsManagerBl().getVo(sess, group);
    // Check if the group and resource belongs to the same VO
    if (!groupVo.equals(this.getVo(sess, resource))) {
        throw new InternalErrorException("Group " + group + " and resource " + resource + " belongs to the different VOs");
    }
    // Check if the group-resource assignment is defined
    Optional<AssignedGroup> assignmentToRemove = getResourcesManagerImpl().getGroupAssignments(sess, resource).stream().filter(assignedGroup -> assignedGroup.getEnrichedGroup().getGroup().equals(group) && Objects.equals(assignedGroup.getSourceGroupId(), sourceGroupId)).findFirst();
    if (assignmentToRemove.isEmpty()) {
        // Group is not defined on the resource
        throw new GroupNotDefinedOnResourceException(group.getName());
    }
    // Remove group
    if (sourceGroupId != null) {
        getResourcesManagerImpl().removeAutomaticGroupFromResource(sess, group, resource, sourceGroupId);
    } else {
        getResourcesManagerImpl().removeGroupFromResource(sess, group, resource);
        // Remove automatically assigned subgroups
        List<AssignedGroup> subgroupsAssignments = getResourcesManagerImpl().getGroupAssignments(sess, resource).stream().filter(assignedGroup -> Objects.equals(assignedGroup.getSourceGroupId(), group.getId())).collect(Collectors.toList());
        for (AssignedGroup assignedSubgroup : subgroupsAssignments) {
            try {
                removeAutomaticGroupFromResource(sess, assignedSubgroup.getEnrichedGroup().getGroup(), resource, group.getId());
            } catch (GroupAlreadyRemovedFromResourceException e) {
            // skip silently
            }
        }
    }
    // If it was the last ACTIVE assignment, we can delete group-resource attributes and audit the removal
    if (!isGroupAssigned(sess, resource, group)) {
        getPerunBl().getAuditer().log(sess, new GroupRemovedFromResource(group, resource));
        // Remove group-resource attributes
        try {
            getPerunBl().getAttributesManagerBl().removeAllAttributes(sess, resource, group);
        } catch (WrongAttributeValueException | WrongReferenceAttributeValueException e) {
            throw new InternalErrorException(e);
        } catch (GroupResourceMismatchException ex) {
            throw new ConsistencyErrorException(ex);
        }
    }
// FIXME - here we should call checkSemantics() and on error re-fill/set user-facility attributes
// for the group members of removed group, which are still allowed on the facility, since we removed
// one relation and attribute constraints might have changed (eg. for shell / default gid/group).
// We don't do this for performance reasons.
}

Example 34 with ConsistencyErrorException

use of cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException in project perun by CESNET.

the class GroupsManagerBlImpl method createGroup.

@Override
public Group createGroup(PerunSession sess, Vo vo, Group group) throws GroupExistsException {
    if (group.getParentGroupId() != null)
        throw new InternalErrorException("Top-level groups can't have parentGroupId set!");
    group = getGroupsManagerImpl().createGroup(sess, vo, group);
    getPerunBl().getAuditer().log(sess, new GroupCreatedInVo(group, vo));
    group.setVoId(vo.getId());
    // set creator as group admin unless he already have authz right on the group (he is VO admin or this is "members" group of VO)
    User user = sess.getPerunPrincipal().getUser();
    if (user != null) {
        // user can be null in tests
        if (!sess.getPerunPrincipal().getRoles().hasRole(Role.PERUNADMIN) && !sess.getPerunPrincipal().getRoles().hasRole(Role.VOADMIN, vo) && !VosManager.MEMBERS_GROUP.equals(group.getName())) {
            try {
                AuthzResolverBlImpl.setRole(sess, user, group, Role.GROUPADMIN);
            } catch (AlreadyAdminException e) {
                throw new ConsistencyErrorException("Newly created group already have an admin.", e);
            } catch (RoleCannotBeManagedException e) {
                throw new InternalErrorException(e);
            }
        }
    }
    return group;
}

Example 35 with ConsistencyErrorException

use of cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException in project perun by CESNET.

the class GroupsManagerBlImpl method logTotallyRemovedMembers.

/**
 * Log members that were deleted from parent group totally to auditer.
 *
 * @param sess perun session
 * @param parentGroupId group id
 * @param membersFromDeletedGroup deleted members from child group
 * @throws InternalErrorException
 */
private void logTotallyRemovedMembers(PerunSession sess, Integer parentGroupId, List<Member> membersFromDeletedGroup) {
    while (parentGroupId != null) {
        Group parentGroup;
        try {
            parentGroup = getGroupById(sess, parentGroupId);
        } catch (GroupNotExistsException ex) {
            throw new ConsistencyErrorException(ex);
        }
        // getting members from parent group AFTER the indirect members from subgroup were removed from this group.
        List<Member> membersFromParentGroup = getGroupMembers(sess, parentGroup);
        // removeAll will remove all members which remains in parent group even after they removal of INDIRECT records.
        membersFromDeletedGroup.removeAll(membersFromParentGroup);
        // so we need to log them to auditer
        for (Member m : membersFromDeletedGroup) {
            notifyMemberRemovalFromGroup(sess, parentGroup, m);
            getPerunBl().getAuditer().log(sess, new MemberRemovedFromGroupTotally(m, parentGroup));
        }
        parentGroupId = parentGroup.getParentGroupId();
    }
}