Search in sources :

Example 1 with PerunBeanNotSupportedException

use of cz.metacentrum.perun.core.api.exceptions.PerunBeanNotSupportedException in project perun by CESNET.

the class AuthzResolver method getAdminGroups.

/**
	 * Get all authorizedGroups for complementary object and role.
	 *
	 * @param sess perun session
	 * @param complementaryObjectId id of object for which we will get richUser administrators
	 * @param complementaryObjectName name of object for which we will get richUser administrators
	 * @param role expected role to filter authorizedGroups by (perunadmin | voadmin | groupadmin | self | facilityadmin | voobserver | topgroupcreator)
	 *
	 * @return list of authorizedGroups for complementary object and role
	 *
	 * @throws InternalErrorException
	 * @throws UserNotExistsException
	 * @throws PrivilegeException
	 * @throws GroupNotExistsException
	 * @throws VoNotExistsException
	 * @throws FacilityNotExistsException
	 * @throws RoleNotSupportedException
	 * @throws PerunBeanNotSupportedException
	 */
public static List<Group> getAdminGroups(PerunSession sess, int complementaryObjectId, String complementaryObjectName, Role role) throws InternalErrorException, UserNotExistsException, PrivilegeException, GroupNotExistsException, VoNotExistsException, FacilityNotExistsException, RoleNotSupportedException, PerunBeanNotSupportedException {
    Utils.checkPerunSession(sess);
    Utils.notNull(role, "role");
    Utils.notNull(complementaryObjectName, "complementaryObjectName");
    List<Group> authorizedGroups;
    //Try to get complementary Object
    if (complementaryObjectName.equals("Group")) {
        if (!role.equals(Role.GROUPADMIN))
            throw new RoleNotSupportedException("Not supported other role than group manager for object Group.");
        Group group = ((PerunBl) sess.getPerun()).getGroupsManagerBl().getGroupById(sess, complementaryObjectId);
        authorizedGroups = sess.getPerun().getGroupsManager().getAdminGroups(sess, group);
    } else if (complementaryObjectName.equals("Vo")) {
        Vo vo = ((PerunBl) sess.getPerun()).getVosManagerBl().getVoById(sess, complementaryObjectId);
        authorizedGroups = sess.getPerun().getVosManager().getAdminGroups(sess, vo, role);
    } else if (complementaryObjectName.equals("Facility")) {
        if (!role.equals(Role.FACILITYADMIN))
            throw new RoleNotSupportedException("Not supported other role than facility manager for object Facility.");
        Facility facility = ((PerunBl) sess.getPerun()).getFacilitiesManagerBl().getFacilityById(sess, complementaryObjectId);
        authorizedGroups = sess.getPerun().getFacilitiesManager().getAdminGroups(sess, facility);
    } else {
        throw new PerunBeanNotSupportedException("Only Vo, Group and Facility are supported complementary names.");
    }
    return authorizedGroups;
}
Also used : RoleNotSupportedException(cz.metacentrum.perun.core.api.exceptions.RoleNotSupportedException) PerunBeanNotSupportedException(cz.metacentrum.perun.core.api.exceptions.PerunBeanNotSupportedException) PerunBl(cz.metacentrum.perun.core.bl.PerunBl)

Example 2 with PerunBeanNotSupportedException

use of cz.metacentrum.perun.core.api.exceptions.PerunBeanNotSupportedException in project perun by CESNET.

the class AuthzResolver method getRichAdmins.

/**
	 * Get all richUser administrators for complementary object and role with specified attributes.
	 *
	 * If <b>onlyDirectAdmins</b> is <b>true</b>, return only direct users of the complementary object for role with specific attributes.
	 * If <b>allUserAttributes</b> is <b>true</b>, do not specify attributes through list and return them all in objects richUser. Ignoring list of specific attributes.
	 *
	 * @param sess perun session
	 * @param complementaryObjectId id of object for which we will get richUser administrators
	 * @param complementaryObjectName name of object for which we will get richUser administrators
	 * @param specificAttributes list of specified attributes which are needed in object richUser
	 * @param role expected role to filter managers by
	 * @param onlyDirectAdmins if true, get only direct user administrators (if false, get both direct and indirect)
	 * @param allUserAttributes if true, get all possible user attributes and ignore list of specificAttributes (if false, get only specific attributes)
	 *
	 * @return list of richUser administrators for complementary object and role with specified attributes.
	 *
	 * @throws InternalErrorException
	 * @throws PrivilegeException
	 * @throws GroupNotExistsException
	 * @throws VoNotExistsException
	 * @throws FacilityNotExistsException
	 * @throws RoleNotSupportedException
	 * @throws PerunBeanNotSupportedException
	 * @throws UserNotExistsException
	 */
public static List<RichUser> getRichAdmins(PerunSession sess, int complementaryObjectId, String complementaryObjectName, List<String> specificAttributes, Role role, boolean onlyDirectAdmins, boolean allUserAttributes) throws InternalErrorException, PrivilegeException, GroupNotExistsException, VoNotExistsException, FacilityNotExistsException, RoleNotSupportedException, PerunBeanNotSupportedException, UserNotExistsException {
    Utils.checkPerunSession(sess);
    Utils.notNull(role, "role");
    Utils.notNull(complementaryObjectName, "complementaryObjectName");
    if (!allUserAttributes)
        Utils.notNull(specificAttributes, "specificAttributes");
    List<RichUser> richUsers;
    //Try to get complementary Object
    if (complementaryObjectName.equals("Group")) {
        if (!role.equals(Role.GROUPADMIN))
            throw new RoleNotSupportedException("Not supported other role than group manager for object Group.");
        Group group = ((PerunBl) sess.getPerun()).getGroupsManagerBl().getGroupById(sess, complementaryObjectId);
        richUsers = sess.getPerun().getGroupsManager().getRichAdmins(sess, group, specificAttributes, allUserAttributes, onlyDirectAdmins);
    } else if (complementaryObjectName.equals("Vo")) {
        Vo vo = ((PerunBl) sess.getPerun()).getVosManagerBl().getVoById(sess, complementaryObjectId);
        richUsers = sess.getPerun().getVosManager().getRichAdmins(sess, vo, role, specificAttributes, allUserAttributes, onlyDirectAdmins);
    } else if (complementaryObjectName.equals("Facility")) {
        if (!role.equals(Role.FACILITYADMIN))
            throw new RoleNotSupportedException("Not supported other role than facility manager for object Facility.");
        Facility facility = ((PerunBl) sess.getPerun()).getFacilitiesManagerBl().getFacilityById(sess, complementaryObjectId);
        richUsers = sess.getPerun().getFacilitiesManager().getRichAdmins(sess, facility, specificAttributes, allUserAttributes, onlyDirectAdmins);
    } else {
        throw new PerunBeanNotSupportedException("Only Vo, Group and Facility are supported complementary names.");
    }
    return richUsers;
}
Also used : RoleNotSupportedException(cz.metacentrum.perun.core.api.exceptions.RoleNotSupportedException) PerunBeanNotSupportedException(cz.metacentrum.perun.core.api.exceptions.PerunBeanNotSupportedException) PerunBl(cz.metacentrum.perun.core.bl.PerunBl)

Aggregations

PerunBeanNotSupportedException (cz.metacentrum.perun.core.api.exceptions.PerunBeanNotSupportedException)2 RoleNotSupportedException (cz.metacentrum.perun.core.api.exceptions.RoleNotSupportedException)2 PerunBl (cz.metacentrum.perun.core.bl.PerunBl)2