Example 26 with GroupResourceMismatchException
use of cz.metacentrum.perun.core.api.exceptions.GroupResourceMismatchException in project perun by CESNET.
the class GroupsManagerBlImpl method createGroup.
@Override
public Group createGroup(PerunSession sess, Group parentGroup, Group group) throws GroupExistsException, GroupRelationNotAllowed, GroupRelationAlreadyExists {
Vo vo = this.getVo(sess, parentGroup);
group = getGroupsManagerImpl().createGroup(sess, vo, parentGroup, group);
try {
parentGroup = createGroupUnion(sess, parentGroup, group, true);
// We catch those exceptions, but they should never be thrown, so we just log them.
} catch (WrongAttributeValueException | WrongReferenceAttributeValueException e) {
log.error("Exception thrown in createGroup method, while it shouldn't be thrown. Cause:{}", e);
} catch (GroupNotExistsException e) {
throw new ConsistencyErrorException("Database consistency error while creating group: {}", e);
}
getPerunBl().getAuditer().log(sess, new GroupCreatedAsSubgroup(group, vo, parentGroup));
// check if new subgroup should be automatically assigned to resources
List<AssignedResource> assignedResources = getPerunBl().getResourcesManagerBl().getResourceAssignments(sess, parentGroup, null).stream().filter(AssignedResource::isAutoAssignSubgroups).collect(toList());
for (AssignedResource assignedResource : assignedResources) {
try {
Group sourceGroup = assignedResource.getSourceGroupId() == null ? parentGroup : getPerunBl().getGroupsManagerBl().getGroupById(sess, assignedResource.getSourceGroupId());
getPerunBl().getResourcesManagerBl().assignAutomaticGroupToResource(sess, sourceGroup, group, assignedResource.getEnrichedResource().getResource());
} catch (GroupResourceMismatchException | GroupNotExistsException | WrongReferenceAttributeValueException | WrongAttributeValueException e) {
// silently skip, assignment will have to be repeated after failure cause is solved
} catch (GroupAlreadyAssignedException e) {
// skip, periodic checker might have assigned it already
}
}
return group;
}
Also used :
GroupCreatedAsSubgroup(cz.metacentrum.perun.audit.events.GroupManagerEvents.GroupCreatedAsSubgroup)
EnrichedGroup(cz.metacentrum.perun.core.api.EnrichedGroup)
IndirectMemberRemovedFromGroup(cz.metacentrum.perun.audit.events.GroupManagerEvents.IndirectMemberRemovedFromGroup)
CandidateGroup(cz.metacentrum.perun.core.api.CandidateGroup)
RichGroup(cz.metacentrum.perun.core.api.RichGroup)
MemberExpiredInGroup(cz.metacentrum.perun.audit.events.GroupManagerEvents.MemberExpiredInGroup)
MemberValidatedInGroup(cz.metacentrum.perun.audit.events.GroupManagerEvents.MemberValidatedInGroup)
DirectMemberRemovedFromGroup(cz.metacentrum.perun.audit.events.GroupManagerEvents.DirectMemberRemovedFromGroup)
Group(cz.metacentrum.perun.core.api.Group)
DirectMemberAddedToGroup(cz.metacentrum.perun.audit.events.GroupManagerEvents.DirectMemberAddedToGroup)
IndirectMemberAddedToGroup(cz.metacentrum.perun.audit.events.GroupManagerEvents.IndirectMemberAddedToGroup)
ConsistencyErrorException(cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException)
GroupNotExistsException(cz.metacentrum.perun.core.api.exceptions.GroupNotExistsException)
ParentGroupNotExistsException(cz.metacentrum.perun.core.api.exceptions.ParentGroupNotExistsException)
GroupAlreadyAssignedException(cz.metacentrum.perun.core.api.exceptions.GroupAlreadyAssignedException)
GroupResourceMismatchException(cz.metacentrum.perun.core.api.exceptions.GroupResourceMismatchException)
AssignedResource(cz.metacentrum.perun.core.api.AssignedResource)
WrongReferenceAttributeValueException(cz.metacentrum.perun.core.api.exceptions.WrongReferenceAttributeValueException)
Vo(cz.metacentrum.perun.core.api.Vo)
GroupCreatedInVo(cz.metacentrum.perun.audit.events.GroupManagerEvents.GroupCreatedInVo)
WrongAttributeValueException(cz.metacentrum.perun.core.api.exceptions.WrongAttributeValueException)
Example 27 with GroupResourceMismatchException
use of cz.metacentrum.perun.core.api.exceptions.GroupResourceMismatchException in project perun by CESNET.
the class GroupsManagerBlImpl method getRichGroupsWithAttributesAssignedToResource.
@Override
public List<RichGroup> getRichGroupsWithAttributesAssignedToResource(PerunSession sess, Member member, Resource resource, List<String> attrNames) {
List<Group> assignedGroups = getPerunBl().getResourcesManagerBl().getAssignedGroups(sess, resource);
assignedGroups.retainAll(perunBl.getGroupsManagerBl().getAllMemberGroups(sess, member));
try {
return this.convertGroupsToRichGroupsWithAttributes(sess, member, resource, assignedGroups, attrNames);
} catch (GroupResourceMismatchException | MemberGroupMismatchException ex) {
throw new ConsistencyErrorException(ex);
}
}
Also used :
EnrichedGroup(cz.metacentrum.perun.core.api.EnrichedGroup)
IndirectMemberRemovedFromGroup(cz.metacentrum.perun.audit.events.GroupManagerEvents.IndirectMemberRemovedFromGroup)
CandidateGroup(cz.metacentrum.perun.core.api.CandidateGroup)
RichGroup(cz.metacentrum.perun.core.api.RichGroup)
MemberExpiredInGroup(cz.metacentrum.perun.audit.events.GroupManagerEvents.MemberExpiredInGroup)
MemberValidatedInGroup(cz.metacentrum.perun.audit.events.GroupManagerEvents.MemberValidatedInGroup)
DirectMemberRemovedFromGroup(cz.metacentrum.perun.audit.events.GroupManagerEvents.DirectMemberRemovedFromGroup)
Group(cz.metacentrum.perun.core.api.Group)
DirectMemberAddedToGroup(cz.metacentrum.perun.audit.events.GroupManagerEvents.DirectMemberAddedToGroup)
IndirectMemberAddedToGroup(cz.metacentrum.perun.audit.events.GroupManagerEvents.IndirectMemberAddedToGroup)
MemberGroupMismatchException(cz.metacentrum.perun.core.api.exceptions.MemberGroupMismatchException)
ConsistencyErrorException(cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException)
GroupResourceMismatchException(cz.metacentrum.perun.core.api.exceptions.GroupResourceMismatchException)
Example 28 with GroupResourceMismatchException
use of cz.metacentrum.perun.core.api.exceptions.GroupResourceMismatchException in project perun by CESNET.
the class ServicesManagerBlImpl method getData.
private ServiceAttributes getData(PerunSession sess, Service service, Facility facility, Resource resource, Group group, Map<Member, ServiceAttributes> memberAttributes, boolean filterExpiredMembers) {
ServiceAttributes groupServiceAttributes = new ServiceAttributes();
try {
// add group and group_resource attributes
groupServiceAttributes.addAttributes(getPerunBl().getAttributesManagerBl().getRequiredAttributes(sess, service, resource, group, true));
} catch (GroupResourceMismatchException ex) {
throw new InternalErrorException(ex);
}
ServiceAttributes groupsMembersElement = new ServiceAttributes();
// Invalid and disabled are not allowed here
List<Member> members = getPerunBl().getGroupsManagerBl().getGroupMembersExceptInvalidAndDisabled(sess, group);
if (filterExpiredMembers) {
List<Member> membersToRemove = new ArrayList<>();
for (Member member : members) {
if (member.getGroupStatus() == MemberGroupStatus.EXPIRED) {
membersToRemove.add(member);
}
}
members.removeAll(membersToRemove);
}
for (Member member : members) {
// append also member_group attributes for each member in a group
// rest of member/user attributes was passed in a param if present
ServiceAttributes tempAttrs = new ServiceAttributes();
if (memberAttributes.get(member) != null) {
tempAttrs.addAttributes(memberAttributes.get(member).getAttributes());
}
try {
tempAttrs.addAttributes(getPerunBl().getAttributesManagerBl().getRequiredAttributes(sess, service, member, group));
} catch (MemberGroupMismatchException e) {
throw new InternalErrorException(e);
}
groupsMembersElement.addChildElement(tempAttrs);
}
// Services expect members to be second child element, so we create empty ServiceAttributes where subgroups used to be.
groupServiceAttributes.addChildElement(new ServiceAttributes());
groupServiceAttributes.addChildElement(groupsMembersElement);
return groupServiceAttributes;
}
Also used :
MemberGroupMismatchException(cz.metacentrum.perun.core.api.exceptions.MemberGroupMismatchException)
ServiceAttributes(cz.metacentrum.perun.core.api.ServiceAttributes)
ArrayList(java.util.ArrayList)
InternalErrorException(cz.metacentrum.perun.core.api.exceptions.InternalErrorException)
GroupResourceMismatchException(cz.metacentrum.perun.core.api.exceptions.GroupResourceMismatchException)
Member(cz.metacentrum.perun.core.api.Member)
Example 29 with GroupResourceMismatchException
use of cz.metacentrum.perun.core.api.exceptions.GroupResourceMismatchException in project perun by CESNET.
the class ResourcesManagerBlImpl method deleteResource.
@Override
public void deleteResource(PerunSession sess, Resource resource) throws ResourceAlreadyRemovedException, GroupAlreadyRemovedFromResourceException {
// Get facility for audit messages
Facility facility = this.getFacility(sess, resource);
// remove admins of this resource
List<Group> adminGroups = getResourcesManagerImpl().getAdminGroups(sess, resource);
for (Group adminGroup : adminGroups) {
try {
AuthzResolverBlImpl.unsetRole(sess, adminGroup, resource, Role.RESOURCEADMIN);
} catch (GroupNotAdminException e) {
log.warn("When trying to unsetRole ResourceAdmin for group {} in the resource {} the exception was thrown {}", adminGroup, resource, e);
// skip and log as warning
} catch (RoleCannotBeManagedException e) {
throw new InternalErrorException(e);
}
}
List<User> adminUsers = getResourcesManagerImpl().getAdmins(sess, resource);
for (User adminUser : adminUsers) {
try {
AuthzResolverBlImpl.unsetRole(sess, adminUser, resource, Role.RESOURCEADMIN);
} catch (UserNotAdminException e) {
log.warn("When trying to unsetRole ResourceAdmin for user {} in the resource {} the exception was thrown {}", adminUser, resource, e);
// skip and log as warning
} catch (RoleCannotBeManagedException e) {
throw new InternalErrorException(e);
}
}
// Remove binding between resource and service
List<Service> services = getAssignedServices(sess, resource);
for (Service service : services) {
try {
this.removeService(sess, resource, service);
} catch (ServiceNotAssignedException e) {
throw new ConsistencyErrorException(e);
}
}
List<AssignedGroup> assignedGroups = getGroupAssignments(sess, resource, List.of());
for (AssignedGroup assignedGroup : assignedGroups) {
if (assignedGroup.getSourceGroupId() == null) {
try {
removeGroupFromResource(sess, assignedGroup.getEnrichedGroup().getGroup(), resource);
} catch (GroupNotDefinedOnResourceException ex) {
throw new GroupAlreadyRemovedFromResourceException(ex);
}
}
}
// Remove attr values for the resource
try {
perunBl.getAttributesManagerBl().removeAllAttributes(sess, resource);
} catch (AttributeValueException ex) {
throw new ConsistencyErrorException("All services are removed from this resource. There is no required attribute. So all attribtes for this resource can be removed withou problem.", ex);
}
// Remove group-resource attr values for all group and resource
try {
this.perunBl.getAttributesManagerBl().removeAllGroupResourceAttributes(sess, resource);
} catch (WrongAttributeValueException | GroupResourceMismatchException | WrongReferenceAttributeValueException ex) {
throw new InternalErrorException(ex);
}
// Remove all resources tags
this.removeAllResourcesTagFromResource(sess, resource);
// Remove all resource bans
List<BanOnResource> bansOnResource = this.getBansForResource(sess, resource.getId());
for (BanOnResource banOnResource : bansOnResource) {
try {
this.removeBan(sess, banOnResource.getId());
} catch (BanNotExistsException ex) {
// it is ok, we just want to remove it anyway
}
}
// Because resource will be tottaly deleted, we can also delete all member-resource attributes
this.perunBl.getAttributesManagerBl().removeAllMemberResourceAttributes(sess, resource);
// Get the resource VO
Vo vo = this.getVo(sess, resource);
getResourcesManagerImpl().deleteResource(sess, vo, resource);
getPerunBl().getAuditer().log(sess, new ResourceDeleted(resource, facility));
}
Also used :
AssignedGroup(cz.metacentrum.perun.core.api.AssignedGroup)
Group(cz.metacentrum.perun.core.api.Group)
ResourceSelfServiceAddedForGroup(cz.metacentrum.perun.audit.events.ResourceManagerEvents.ResourceSelfServiceAddedForGroup)
ResourceSelfServiceRemovedForGroup(cz.metacentrum.perun.audit.events.ResourceManagerEvents.ResourceSelfServiceRemovedForGroup)
User(cz.metacentrum.perun.core.api.User)
RichUser(cz.metacentrum.perun.core.api.RichUser)
ResourceSelfServiceRemovedForUser(cz.metacentrum.perun.audit.events.ResourceManagerEvents.ResourceSelfServiceRemovedForUser)
AttributeValueException(cz.metacentrum.perun.core.api.exceptions.AttributeValueException)
WrongReferenceAttributeValueException(cz.metacentrum.perun.core.api.exceptions.WrongReferenceAttributeValueException)
WrongAttributeValueException(cz.metacentrum.perun.core.api.exceptions.WrongAttributeValueException)
GroupResourceMismatchException(cz.metacentrum.perun.core.api.exceptions.GroupResourceMismatchException)
UserNotAdminException(cz.metacentrum.perun.core.api.exceptions.UserNotAdminException)
WrongReferenceAttributeValueException(cz.metacentrum.perun.core.api.exceptions.WrongReferenceAttributeValueException)
GroupNotDefinedOnResourceException(cz.metacentrum.perun.core.api.exceptions.GroupNotDefinedOnResourceException)
Vo(cz.metacentrum.perun.core.api.Vo)
ResourceDeleted(cz.metacentrum.perun.audit.events.ResourceManagerEvents.ResourceDeleted)
ServiceNotAssignedException(cz.metacentrum.perun.core.api.exceptions.ServiceNotAssignedException)
ConsistencyErrorException(cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException)
Service(cz.metacentrum.perun.core.api.Service)
GroupNotAdminException(cz.metacentrum.perun.core.api.exceptions.GroupNotAdminException)
InternalErrorException(cz.metacentrum.perun.core.api.exceptions.InternalErrorException)
BanOnResource(cz.metacentrum.perun.core.api.BanOnResource)
Facility(cz.metacentrum.perun.core.api.Facility)
RoleCannotBeManagedException(cz.metacentrum.perun.core.api.exceptions.RoleCannotBeManagedException)
GroupAlreadyRemovedFromResourceException(cz.metacentrum.perun.core.api.exceptions.GroupAlreadyRemovedFromResourceException)
WrongAttributeValueException(cz.metacentrum.perun.core.api.exceptions.WrongAttributeValueException)
AssignedGroup(cz.metacentrum.perun.core.api.AssignedGroup)
BanNotExistsException(cz.metacentrum.perun.core.api.exceptions.BanNotExistsException)
Example 30 with GroupResourceMismatchException
use of cz.metacentrum.perun.core.api.exceptions.GroupResourceMismatchException in project perun by CESNET.
the class ResourcesManagerBlImpl method copyResource.
@Override
public Resource copyResource(PerunSession sess, Resource templateResource, Resource destinationResource, boolean withGroups) throws ResourceExistsException {
Resource newResource = new Resource();
Vo destinationVo = this.getVo(sess, destinationResource);
Facility destinationFacility = this.getFacility(sess, destinationResource);
newResource.setName(destinationResource.getName());
newResource = this.createResource(sess, newResource, destinationVo, destinationFacility);
// resource attributes
List<Attribute> templateResourceAttributes = perunBl.getAttributesManagerBl().getAttributes(sess, templateResource);
// Remove all virt and core attributes before setting
templateResourceAttributes.removeIf(resourceAttribute -> resourceAttribute.getNamespace().startsWith(AttributesManager.NS_RESOURCE_ATTR_VIRT) || resourceAttribute.getNamespace().startsWith(AttributesManager.NS_RESOURCE_ATTR_CORE));
try {
perunBl.getAttributesManagerBl().setAttributes(sess, newResource, templateResourceAttributes);
} catch (WrongAttributeValueException | WrongAttributeAssignmentException | WrongReferenceAttributeValueException ex) {
throw new ConsistencyErrorException("DB inconsistency while copying attributes from one resource to another. Cause:{}", ex);
}
// if withGroups is true we also copy groups and group-resource/member-resource attributes
if (withGroups) {
List<AssignedGroup> templateResourceGroups = perunBl.getResourcesManagerBl().getGroupAssignments(sess, templateResource, List.of());
try {
for (AssignedGroup assignedGroup : templateResourceGroups) {
// assign only direct group-resource assignments
if (assignedGroup.getSourceGroupId() == null) {
assignGroupToResource(sess, assignedGroup.getEnrichedGroup().getGroup(), newResource, false, assignedGroup.getStatus().equals(GroupResourceStatus.INACTIVE), assignedGroup.isAutoAssignSubgroups());
}
List<Attribute> templateGroupResourceAttributes = perunBl.getAttributesManagerBl().getAttributes(sess, templateResource, assignedGroup.getEnrichedGroup().getGroup());
// Remove all virt attributes before setting
templateGroupResourceAttributes.removeIf(groupResourceAttribute -> groupResourceAttribute.getNamespace().startsWith(AttributesManager.NS_GROUP_RESOURCE_ATTR_VIRT));
perunBl.getAttributesManagerBl().setAttributes(sess, newResource, assignedGroup.getEnrichedGroup().getGroup(), templateGroupResourceAttributes);
}
} catch (GroupResourceMismatchException | WrongAttributeValueException | WrongAttributeAssignmentException | WrongReferenceAttributeValueException ex) {
throw new ConsistencyErrorException("DB inconsistency while copying group-resource attributes. Cause:{}", ex);
}
List<Member> templateResourceMembers = perunBl.getResourcesManagerBl().getAssignedMembers(sess, templateResource);
try {
for (Member member : templateResourceMembers) {
List<Attribute> templateMemberResourceAttributes = perunBl.getAttributesManagerBl().getAttributes(sess, member, templateResource);
// Remove all virt attributes before setting
templateMemberResourceAttributes.removeIf(memberResourceAttribute -> memberResourceAttribute.getNamespace().startsWith(AttributesManager.NS_MEMBER_RESOURCE_ATTR_VIRT));
perunBl.getAttributesManagerBl().setAttributes(sess, member, newResource, templateMemberResourceAttributes);
}
} catch (MemberResourceMismatchException | WrongAttributeValueException | WrongAttributeAssignmentException | WrongReferenceAttributeValueException ex) {
throw new ConsistencyErrorException("DB inconsistency while copying group-resource attributes. Cause:{}", ex);
}
}
// services
List<Service> services = getAssignedServices(sess, templateResource);
for (Service service : services) {
try {
getResourcesManagerImpl().assignService(sess, newResource, service);
} catch (ServiceAlreadyAssignedException ex) {
throw new ConsistencyErrorException("Service was already assigned to this resource. {}", ex);
}
}
// tags
List<ResourceTag> templateResourceTags = getAllResourcesTagsForResource(sess, templateResource);
for (ResourceTag resourceTag : templateResourceTags) {
getResourcesManagerImpl().assignResourceTagToResource(sess, resourceTag, newResource);
}
return newResource;
}
Also used :
ConsistencyErrorException(cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException)
Attribute(cz.metacentrum.perun.core.api.Attribute)
WrongAttributeAssignmentException(cz.metacentrum.perun.core.api.exceptions.WrongAttributeAssignmentException)
BanSetForResource(cz.metacentrum.perun.audit.events.ResourceManagerEvents.BanSetForResource)
AssignedResource(cz.metacentrum.perun.core.api.AssignedResource)
BanUpdatedForResource(cz.metacentrum.perun.audit.events.ResourceManagerEvents.BanUpdatedForResource)
BanRemovedForResource(cz.metacentrum.perun.audit.events.ResourceManagerEvents.BanRemovedForResource)
Resource(cz.metacentrum.perun.core.api.Resource)
ServiceRemovedFromResource(cz.metacentrum.perun.audit.events.ResourceManagerEvents.ServiceRemovedFromResource)
GroupAssignedToResource(cz.metacentrum.perun.audit.events.ResourceManagerEvents.GroupAssignedToResource)
ServiceAssignedToResource(cz.metacentrum.perun.audit.events.ResourceManagerEvents.ServiceAssignedToResource)
GroupRemovedFromResource(cz.metacentrum.perun.audit.events.ResourceManagerEvents.GroupRemovedFromResource)
BanOnResource(cz.metacentrum.perun.core.api.BanOnResource)
RichResource(cz.metacentrum.perun.core.api.RichResource)
EnrichedResource(cz.metacentrum.perun.core.api.EnrichedResource)
Service(cz.metacentrum.perun.core.api.Service)
ServiceAlreadyAssignedException(cz.metacentrum.perun.core.api.exceptions.ServiceAlreadyAssignedException)
GroupResourceMismatchException(cz.metacentrum.perun.core.api.exceptions.GroupResourceMismatchException)
ResourceTag(cz.metacentrum.perun.core.api.ResourceTag)
MemberResourceMismatchException(cz.metacentrum.perun.core.api.exceptions.MemberResourceMismatchException)
WrongReferenceAttributeValueException(cz.metacentrum.perun.core.api.exceptions.WrongReferenceAttributeValueException)
Vo(cz.metacentrum.perun.core.api.Vo)
Facility(cz.metacentrum.perun.core.api.Facility)
WrongAttributeValueException(cz.metacentrum.perun.core.api.exceptions.WrongAttributeValueException)
RichMember(cz.metacentrum.perun.core.api.RichMember)
AssignedMember(cz.metacentrum.perun.core.api.AssignedMember)
Member(cz.metacentrum.perun.core.api.Member)
AssignedGroup(cz.metacentrum.perun.core.api.AssignedGroup)
Aggregations
GroupResourceMismatchException (cz.metacentrum.perun.core.api.exceptions.GroupResourceMismatchException)43
Attribute (cz.metacentrum.perun.core.api.Attribute)29
ConsistencyErrorException (cz.metacentrum.perun.core.api.exceptions.ConsistencyErrorException)20
AttributeDefinition (cz.metacentrum.perun.core.api.AttributeDefinition)18
PrivilegeException (cz.metacentrum.perun.core.api.exceptions.PrivilegeException)15
InternalErrorException (cz.metacentrum.perun.core.api.exceptions.InternalErrorException)13
AttributeNotExistsException (cz.metacentrum.perun.core.api.exceptions.AttributeNotExistsException)12
WrongReferenceAttributeValueException (cz.metacentrum.perun.core.api.exceptions.WrongReferenceAttributeValueException)12
Group (cz.metacentrum.perun.core.api.Group)11
Facility (cz.metacentrum.perun.core.api.Facility)9
WrongAttributeAssignmentException (cz.metacentrum.perun.core.api.exceptions.WrongAttributeAssignmentException)8
Resource (cz.metacentrum.perun.core.api.Resource)7
WrongAttributeValueException (cz.metacentrum.perun.core.api.exceptions.WrongAttributeValueException)6
AssignedGroup (cz.metacentrum.perun.core.api.AssignedGroup)5
AssignedResource (cz.metacentrum.perun.core.api.AssignedResource)5
Member (cz.metacentrum.perun.core.api.Member)5
Service (cz.metacentrum.perun.core.api.Service)5
ArrayList (java.util.ArrayList)5
GroupAssignedToResource (cz.metacentrum.perun.audit.events.ResourceManagerEvents.GroupAssignedToResource)4
User (cz.metacentrum.perun.core.api.User)4
