use of cz.metacentrum.perun.core.api.exceptions.MemberNotExistsException in project perun by CESNET.
the class UsersManagerBlImpl method getGroupsWhereUserIsActive.
@Override
public List<Group> getGroupsWhereUserIsActive(PerunSession sess, Resource resource, User user) {
Vo vo = getPerunBl().getResourcesManagerBl().getVo(sess, resource);
Member voMember;
try {
voMember = getPerunBl().getMembersManagerBl().getMemberByUser(sess, vo, user);
} catch (MemberNotExistsException e) {
// user is not member of VO from this Resource -> No groups allowed
return new ArrayList<>();
}
// Only valid members are considered for allowed groups
if (!Status.VALID.equals(voMember.getStatus()))
return new ArrayList<>();
List<Group> assignedGroups = getPerunBl().getResourcesManagerBl().getAssignedGroups(sess, resource, voMember);
// no groups of member are assigned to such resource, can't be allowed
if (assignedGroups.isEmpty())
return new ArrayList<>();
// get and filter groups by removing all where user is not VALID group member
List<Group> inactiveMembersGroups = getPerunBl().getGroupsManagerBl().getGroupsWhereMemberIsInactive(sess, voMember);
assignedGroups.removeAll(inactiveMembersGroups);
return assignedGroups;
}
use of cz.metacentrum.perun.core.api.exceptions.MemberNotExistsException in project perun by CESNET.
the class MembersManagerBlImpl method findMembersByNameInVo.
@Override
public List<Member> findMembersByNameInVo(PerunSession sess, Vo vo, String searchString) {
List<User> users = getPerunBl().getUsersManagerBl().findUsersByName(sess, searchString);
List<Member> members = new ArrayList<>();
for (User user : users) {
try {
members.add(getMembersManagerImpl().getMemberByUserId(sess, vo, user.getId()));
} catch (MemberNotExistsException e) {
// User is not member of this VO
}
}
return this.setAllMembersSameType(members, MembershipType.DIRECT);
}
use of cz.metacentrum.perun.core.api.exceptions.MemberNotExistsException in project perun by CESNET.
the class MembersManagerBlImpl method suspendMemberTo.
@Override
public void suspendMemberTo(PerunSession sess, Member member, Date suspendedTo) {
BanOnVo ban = new BanOnVo();
ban.setMemberId(member.getId());
ban.setVoId(member.getVoId());
ban.setValidityTo(suspendedTo);
try {
perunBl.getVosManagerBl().setBan(sess, ban);
} catch (MemberNotExistsException e) {
// shouldn't happen, we expect that the given member exists
throw new InternalErrorException(e);
}
}
use of cz.metacentrum.perun.core.api.exceptions.MemberNotExistsException in project perun by CESNET.
the class MembersManagerBlImpl method createMember.
@Override
public Member createMember(PerunSession sess, Vo vo, User user, List<Group> groups) throws AlreadyMemberException, ExtendMembershipException, WrongAttributeValueException, WrongReferenceAttributeValueException {
try {
Member member = getMemberByUser(sess, vo, user);
throw new AlreadyMemberException(member);
} catch (MemberNotExistsException IGNORE) {
}
Member member = getMembersManagerImpl().createMember(sess, vo, user);
getPerunBl().getAuditer().log(sess, new MemberCreated(member));
// Set the initial membershipExpiration
// Get user LOA
String memberLoa = null;
try {
Attribute loa = getPerunBl().getAttributesManagerBl().getAttribute(sess, user, AttributesManager.NS_USER_ATTR_VIRT + ":loa");
memberLoa = Integer.toString((Integer) loa.getValue());
;
} catch (AttributeNotExistsException e) {
// User has no loa defined - if required by VO, it will be stopped in checking method later
} catch (WrongAttributeAssignmentException e) {
throw new InternalErrorException(e);
}
// check if user can be member - service members are not checked for LoA
this.canBeMemberInternal(sess, vo, user, memberLoa, true);
// Set initial membership expiration
this.extendMembership(sess, member);
insertToMemberGroup(sess, member, vo);
// add member also to all groups in list
if (groups != null && !groups.isEmpty()) {
for (Group group : groups) {
try {
perunBl.getGroupsManagerBl().addMember(sess, group, member);
} catch (GroupNotExistsException e) {
throw new ConsistencyErrorException(e);
}
}
}
return member;
}
use of cz.metacentrum.perun.core.api.exceptions.MemberNotExistsException in project perun by CESNET.
the class SearcherEntry method getMembersByUserAttributes.
@Override
public List<Member> getMembersByUserAttributes(PerunSession sess, Vo vo, Map<String, String> userAttributesWithSearchingValues) throws AttributeNotExistsException, PrivilegeException, WrongAttributeAssignmentException, VoNotExistsException {
perunBl.getVosManagerBl().checkVoExists(sess, vo);
// Authorization
if (!AuthzResolver.authorizedInternal(sess, "getMembersByUserAttributes_Vo_Map<String_String>_policy", vo))
throw new PrivilegeException(sess, "getMembersByUserAttributes");
// If map is null or empty, return all members from vo
if (userAttributesWithSearchingValues == null || userAttributesWithSearchingValues.isEmpty()) {
return perunBl.getMembersManagerBl().getMembers(sess, vo);
}
Set<String> attrNames = userAttributesWithSearchingValues.keySet();
List<AttributeDefinition> attrDefs = new ArrayList<>();
for (String attrName : attrNames) {
if (attrName == null || attrName.isEmpty())
throw new InternalErrorException("One of attributes has empty name.");
// throw AttributeNotExistsException if this attr_name not exists in DB
AttributeDefinition attrDef = perunBl.getAttributesManagerBl().getAttributeDefinition(sess, attrName);
attrDefs.add(attrDef);
// test namespace of attribute
if (!getPerunBl().getAttributesManagerBl().isFromNamespace(sess, attrDef, AttributesManager.NS_USER_ATTR)) {
throw new WrongAttributeAssignmentException("Attribute can be only in user namespace " + attrDef);
}
}
// get all found users
List<User> users = searcherBl.getUsers(sess, userAttributesWithSearchingValues);
List<Member> members = new ArrayList<>();
for (User user : users) {
// get member for user
Member member;
try {
member = perunBl.getMembersManagerBl().getMemberByUser(sess, vo, user);
} catch (MemberNotExistsException ex) {
continue;
}
boolean isAuthorized = true;
for (AttributeDefinition attrDef : attrDefs) {
// Test if user has righ to read such attribute for specific user, if not, remove it from returning list
if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.READ, attrDef, user)) {
isAuthorized = false;
break;
}
}
if (isAuthorized)
members.add(member);
}
return members;
}
Aggregations