Examples with GroupResourceMismatchException cz.metacentrum.perun.core.api.exceptions.GroupResourceMismatchException used on opensource projects

Search in sources :

Example 6 with GroupResourceMismatchException

use of cz.metacentrum.perun.core.api.exceptions.GroupResourceMismatchException in project perun by CESNET.

the class AttributesManagerEntry method checkAttributesSemantics.

public void checkAttributesSemantics(PerunSession sess, Resource resource, Group group, List<Attribute> attributes, boolean workWithGroupAttribute) throws PrivilegeException, AttributeNotExistsException, ResourceNotExistsException, GroupNotExistsException, WrongAttributeAssignmentException, GroupResourceMismatchException, WrongReferenceAttributeValueException {
    Utils.checkPerunSession(sess);
    getAttributesManagerBl().checkAttributesExists(sess, attributes);
    getPerunBl().getResourcesManagerBl().checkResourceExists(sess, resource);
    getPerunBl().getGroupsManagerBl().checkGroupExists(sess, group);
    if (!getPerunBl().getGroupsManagerBl().getVo(sess, group).equals(getPerunBl().getResourcesManagerBl().getVo(sess, resource))) {
        throw new GroupResourceMismatchException("group and resource are not in the same VO");
    }
    // Choose to which attributes has the principal access
    for (Attribute attr : attributes) {
        if (getAttributesManagerBl().isFromNamespace(sess, attr, NS_GROUP_RESOURCE_ATTR)) {
            if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, new AttributeDefinition(attr), group, resource))
                throw new PrivilegeException("Principal has no access to check attribute = " + new AttributeDefinition(attr));
        } else if (getAttributesManagerBl().isFromNamespace(sess, attr, NS_GROUP_ATTR)) {
            if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, new AttributeDefinition(attr), group))
                throw new PrivilegeException("Principal has no access to check attribute = " + new AttributeDefinition(attr));
        }
    }
    getAttributesManagerBl().checkAttributesSemantics(sess, resource, group, attributes, workWithGroupAttribute);
}
Also used : Attribute(cz.metacentrum.perun.core.api.Attribute) PrivilegeException(cz.metacentrum.perun.core.api.exceptions.PrivilegeException) AttributeDefinition(cz.metacentrum.perun.core.api.AttributeDefinition) GroupResourceMismatchException(cz.metacentrum.perun.core.api.exceptions.GroupResourceMismatchException)

Example 7 with GroupResourceMismatchException

use of cz.metacentrum.perun.core.api.exceptions.GroupResourceMismatchException in project perun by CESNET.

the class AttributesManagerEntry method checkAttributesSyntax.

@Override
public void checkAttributesSyntax(PerunSession sess, Resource resource, Group group, List<Attribute> attributes) throws PrivilegeException, AttributeNotExistsException, ResourceNotExistsException, GroupNotExistsException, WrongAttributeAssignmentException, WrongAttributeValueException, GroupResourceMismatchException {
    Utils.checkPerunSession(sess);
    getAttributesManagerBl().checkAttributesExists(sess, attributes);
    getPerunBl().getResourcesManagerBl().checkResourceExists(sess, resource);
    getPerunBl().getGroupsManagerBl().checkGroupExists(sess, group);
    if (!getPerunBl().getGroupsManagerBl().getVo(sess, group).equals(getPerunBl().getResourcesManagerBl().getVo(sess, resource))) {
        throw new GroupResourceMismatchException("group and resource are not in the same VO");
    }
    // Choose to which attributes has the principal access
    for (Attribute attr : attributes) {
        if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, new AttributeDefinition(attr), group, resource))
            throw new PrivilegeException("Principal has no access to check attribute = " + new AttributeDefinition(attr));
    }
    getAttributesManagerBl().checkAttributesSyntax(sess, resource, group, attributes);
}
Also used : Attribute(cz.metacentrum.perun.core.api.Attribute) PrivilegeException(cz.metacentrum.perun.core.api.exceptions.PrivilegeException) AttributeDefinition(cz.metacentrum.perun.core.api.AttributeDefinition) GroupResourceMismatchException(cz.metacentrum.perun.core.api.exceptions.GroupResourceMismatchException)

Example 8 with GroupResourceMismatchException

use of cz.metacentrum.perun.core.api.exceptions.GroupResourceMismatchException in project perun by CESNET.

the class AttributesManagerEntry method getResourceRequiredAttributes.

@Override
public List<Attribute> getResourceRequiredAttributes(PerunSession sess, Resource resourceToGetServicesFrom, Resource resource, Group group, Member member, boolean workWithUserAttributes) throws ResourceNotExistsException, GroupNotExistsException, GroupResourceMismatchException, MemberNotExistsException, MemberGroupMismatchException, UserNotExistsException, FacilityNotExistsException, MemberResourceMismatchException {
    Utils.checkPerunSession(sess);
    getPerunBl().getResourcesManagerBl().checkResourceExists(sess, resourceToGetServicesFrom);
    getPerunBl().getResourcesManagerBl().checkResourceExists(sess, resource);
    getPerunBl().getGroupsManagerBl().checkGroupExists(sess, group);
    getPerunBl().getMembersManagerBl().checkMemberExists(sess, member);
    if (group.getVoId() != resource.getVoId()) {
        throw new GroupResourceMismatchException("Group and resource are not in the same VO.");
    }
    if (member.getVoId() != group.getVoId()) {
        throw new MemberGroupMismatchException("Member and Group are not in the same VO.", member, group);
    }
    List<Attribute> attributes = getAttributesManagerBl().getResourceRequiredAttributes(sess, resourceToGetServicesFrom, member, resource, workWithUserAttributes);
    attributes.addAll(getAttributesManagerBl().getResourceRequiredAttributes(sess, resourceToGetServicesFrom, member, group));
    User user = getPerunBl().getUsersManagerBl().getUserById(sess, member.getUserId());
    Facility facility = getPerunBl().getFacilitiesManagerBl().getFacilityById(sess, resource.getFacilityId());
    Iterator<Attribute> attrIter = attributes.iterator();
    // Choose to which attributes has the principal access
    while (attrIter.hasNext()) {
        Attribute attrNext = attrIter.next();
        if (getAttributesManagerBl().isFromNamespace(sess, attrNext, NS_MEMBER_ATTR)) {
            if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.READ, attrNext, member))
                attrIter.remove();
            else
                attrNext.setWritable(AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, attrNext, member));
        } else if (getAttributesManagerBl().isFromNamespace(sess, attrNext, NS_USER_ATTR)) {
            if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.READ, attrNext, user))
                attrIter.remove();
            else
                attrNext.setWritable(AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, attrNext, user));
        } else if (getAttributesManagerBl().isFromNamespace(sess, attrNext, NS_MEMBER_GROUP_ATTR)) {
            if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.READ, attrNext, member, group))
                attrIter.remove();
            else
                attrNext.setWritable(AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, attrNext, member, group));
        } else if (getAttributesManagerBl().isFromNamespace(sess, attrNext, NS_MEMBER_RESOURCE_ATTR)) {
            if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.READ, attrNext, member, resource))
                attrIter.remove();
            else
                attrNext.setWritable(AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, attrNext, member, resource));
        } else if (getAttributesManagerBl().isFromNamespace(sess, attrNext, NS_USER_FACILITY_ATTR)) {
            if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.READ, attrNext, user, facility))
                attrIter.remove();
            else
                attrNext.setWritable(AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, attrNext, user, facility));
        } else {
            throw new ConsistencyErrorException("There is some attribute which is not of expected type (member, user, user_facility, member_group, member_resource).");
        }
    }
    return attributes;
}
Also used : MemberGroupMismatchException(cz.metacentrum.perun.core.api.exceptions.MemberGroupMismatchException) ConsistencyErrorException(cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException) User(cz.metacentrum.perun.core.api.User) Attribute(cz.metacentrum.perun.core.api.Attribute) Facility(cz.metacentrum.perun.core.api.Facility) GroupResourceMismatchException(cz.metacentrum.perun.core.api.exceptions.GroupResourceMismatchException)

Example 9 with GroupResourceMismatchException

use of cz.metacentrum.perun.core.api.exceptions.GroupResourceMismatchException in project perun by CESNET.

the class AttributesManagerEntry method removeAttribute.

@Override
public void removeAttribute(PerunSession sess, Resource resource, Group group, AttributeDefinition attribute) throws PrivilegeException, ResourceNotExistsException, GroupNotExistsException, WrongAttributeAssignmentException, GroupResourceMismatchException, AttributeNotExistsException, WrongAttributeValueException, WrongReferenceAttributeValueException {
    Utils.checkPerunSession(sess);
    getAttributesManagerBl().checkAttributeExists(sess, attribute);
    getPerunBl().getResourcesManagerBl().checkResourceExists(sess, resource);
    getPerunBl().getGroupsManagerBl().checkGroupExists(sess, group);
    if (!getPerunBl().getGroupsManagerBl().getVo(sess, group).equals(getPerunBl().getResourcesManagerBl().getVo(sess, resource))) {
        throw new GroupResourceMismatchException("group and resource are not in the same VO");
    }
    // Choose to which attributes has the principal access
    if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, attribute, group, resource))
        throw new PrivilegeException("Principal has no access to remove attribute = " + new AttributeDefinition(attribute));
    getAttributesManagerBl().removeAttribute(sess, resource, group, attribute);
}
Also used : PrivilegeException(cz.metacentrum.perun.core.api.exceptions.PrivilegeException) AttributeDefinition(cz.metacentrum.perun.core.api.AttributeDefinition) GroupResourceMismatchException(cz.metacentrum.perun.core.api.exceptions.GroupResourceMismatchException)

Example 10 with GroupResourceMismatchException

use of cz.metacentrum.perun.core.api.exceptions.GroupResourceMismatchException in project perun by CESNET.

the class AttributesManagerEntry method checkAttributeSyntax.

@Override
public void checkAttributeSyntax(PerunSession sess, Resource resource, Group group, Attribute attribute) throws PrivilegeException, AttributeNotExistsException, WrongAttributeValueException, GroupNotExistsException, ResourceNotExistsException, GroupResourceMismatchException, WrongAttributeAssignmentException {
    Utils.checkPerunSession(sess);
    getAttributesManagerBl().checkAttributeExists(sess, attribute);
    getPerunBl().getResourcesManagerBl().checkResourceExists(sess, resource);
    getPerunBl().getGroupsManagerBl().checkGroupExists(sess, group);
    if (!getPerunBl().getGroupsManagerBl().getVo(sess, group).equals(getPerunBl().getResourcesManagerBl().getVo(sess, resource))) {
        throw new GroupResourceMismatchException("group and resource are not in the same VO");
    }
    // Choose to which attributes has the principal access
    if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.WRITE, new AttributeDefinition(attribute), group, resource))
        throw new PrivilegeException("Principal has no access to check attribute = " + new AttributeDefinition(attribute));
    getAttributesManagerBl().checkAttributeSyntax(sess, resource, group, attribute);
}
Also used : PrivilegeException(cz.metacentrum.perun.core.api.exceptions.PrivilegeException) AttributeDefinition(cz.metacentrum.perun.core.api.AttributeDefinition) GroupResourceMismatchException(cz.metacentrum.perun.core.api.exceptions.GroupResourceMismatchException)

Aggregations

GroupResourceMismatchException (cz.metacentrum.perun.core.api.exceptions.GroupResourceMismatchException)43 Attribute (cz.metacentrum.perun.core.api.Attribute)29 ConsistencyErrorException (cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException)20 AttributeDefinition (cz.metacentrum.perun.core.api.AttributeDefinition)18 PrivilegeException (cz.metacentrum.perun.core.api.exceptions.PrivilegeException)15 InternalErrorException (cz.metacentrum.perun.core.api.exceptions.InternalErrorException)13 AttributeNotExistsException (cz.metacentrum.perun.core.api.exceptions.AttributeNotExistsException)12 WrongReferenceAttributeValueException (cz.metacentrum.perun.core.api.exceptions.WrongReferenceAttributeValueException)12 Group (cz.metacentrum.perun.core.api.Group)11 Facility (cz.metacentrum.perun.core.api.Facility)9 WrongAttributeAssignmentException (cz.metacentrum.perun.core.api.exceptions.WrongAttributeAssignmentException)8 Resource (cz.metacentrum.perun.core.api.Resource)7 WrongAttributeValueException (cz.metacentrum.perun.core.api.exceptions.WrongAttributeValueException)6 AssignedGroup (cz.metacentrum.perun.core.api.AssignedGroup)5 AssignedResource (cz.metacentrum.perun.core.api.AssignedResource)5 Member (cz.metacentrum.perun.core.api.Member)5 Service (cz.metacentrum.perun.core.api.Service)5 ArrayList (java.util.ArrayList)5 GroupAssignedToResource (cz.metacentrum.perun.audit.events.ResourceManagerEvents.GroupAssignedToResource)4 User (cz.metacentrum.perun.core.api.User)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial