use of cz.metacentrum.perun.core.api.exceptions.PerunException in project perun by CESNET.
the class Api method serve.
@SuppressWarnings("ConstantConditions")
private void serve(HttpServletRequest req, HttpServletResponse resp, boolean isGet, boolean isPut) throws IOException {
Serializer ser = null;
String manager = "N/A";
String method = "N/A";
boolean isJsonp = false;
PerunRequest perunRequest = null;
ApiCaller caller;
String callbackName = req.getParameter("callback");
long timeStart = System.currentTimeMillis();
caller = (ApiCaller) req.getSession(true).getAttribute(APICALLER);
OutputStream out = resp.getOutputStream();
// init pending request in HTTP session
if (req.getSession().getAttribute(PERUNREQUESTS) == null) {
req.getSession().setAttribute(PERUNREQUESTS, new ConcurrentSkipListMap<String, PerunRequest>());
}
// store pending requests locally, because accessing it from session object after response is written would cause IllegalStateException
@SuppressWarnings("unchecked") ConcurrentSkipListMap<String, PerunRequest> pendingRequests = ((ConcurrentSkipListMap<String, PerunRequest>) req.getSession().getAttribute(PERUNREQUESTS));
// Check if it is request for list of pending operations.
if (req.getPathInfo().equals("/jsonp/" + PERUNREQUESTSURL)) {
// name used to identify pending request
String callbackId = req.getParameter("callbackId");
JsonSerializerJSONP serializer = new JsonSerializerJSONP(out, req, resp);
resp.setContentType(serializer.getContentType());
try {
// Create a copy of the PERUNREQUESTS and then pass it to the serializer
if (callbackId != null) {
// return single entry
serializer.write(pendingRequests.get(callbackId));
} else {
// return all pending requests
serializer.write(Arrays.asList(pendingRequests.values().toArray()));
}
} catch (RpcException e) {
serializer.writePerunRuntimeException(e);
}
out.close();
return;
}
// prepare result object
Object result = null;
PrintWriter printWriter = null;
try {
// [0] format, [1] class, [2] method
String[] fcm;
try {
if (req.getPathInfo() == null) {
throw new RpcException(RpcException.Type.NO_PATHINFO);
}
fcm = req.getPathInfo().substring(1).split("/");
if (fcm.length < 3 || fcm[0].isEmpty() || fcm[1].isEmpty() || fcm[2].isEmpty()) {
throw new RpcException(RpcException.Type.INVALID_URL, req.getPathInfo());
}
manager = fcm[1];
method = fcm[2];
ser = selectSerializer(fcm[0], manager, method, out, req, resp);
// what is the output format?
if ("jsonp".equalsIgnoreCase(fcm[0])) {
isJsonp = true;
}
if (ser instanceof PdfSerializer) {
resp.addHeader("Content-Disposition", "attachment; filename=\"output.pdf\"");
}
resp.setContentType(ser.getContentType());
} catch (RpcException rex) {
// selects the default serializer (json) before throwing the exception
ser = new JsonSerializer(out);
resp.setContentType(ser.getContentType());
throw rex;
}
// Initialize deserializer
Deserializer des;
if (isGet) {
des = new UrlDeserializer(req);
} else {
des = selectDeserializer(fcm[0], req);
}
// We have new request, so do the whole auth/authz stuff
if (caller == null) {
caller = new ApiCaller(getServletContext(), setupPerunPrincipal(req, des), setupPerunClient(req));
// Store the current session
req.getSession(true).setAttribute(APICALLER, caller);
} else if (!Objects.equals(caller.getSession().getPerunPrincipal().getExtSourceName(), getExtSourceName(req, des))) {
// If the user is coming from the URL protected by different authN mechanism, destroy and create session again
caller = new ApiCaller(getServletContext(), setupPerunPrincipal(req, des), setupPerunClient(req));
req.getSession(true).setAttribute(APICALLER, caller);
} else if (!Objects.equals(caller.getSession().getPerunPrincipal().getActor(), getActor(req, des)) && !caller.getSession().getPerunPrincipal().getExtSourceName().equals(ExtSourcesManager.EXTSOURCE_NAME_LOCAL)) {
// prevent cookie stealing (if remote user changed, rebuild session)
caller = new ApiCaller(getServletContext(), setupPerunPrincipal(req, des), setupPerunClient(req));
req.getSession(true).setAttribute(APICALLER, caller);
}
// Does user want to logout from perun?
if ("utils".equals(manager) && "logout".equals(method)) {
if (req.getSession(false) != null) {
req.getSession().removeAttribute(APICALLER);
// deletes the cookies
Cookie[] cookies = req.getCookies();
if (cookies != null) {
final String SHIBBOLETH_COOKIE_FORMAT = "^_shib.+$";
for (Cookie c : cookies) {
// if shibboleth cookie
if (c.getName().matches(SHIBBOLETH_COOKIE_FORMAT)) {
// remove it
c.setValue("0");
c.setMaxAge(0);
// add updated cookie to the response
resp.addCookie(c);
}
}
}
// Invalidate session
req.getSession().invalidate();
}
ser.write("Logout");
// closes the request
out.close();
return;
} else if ("utils".equals(manager) && "getGuiConfiguration".equals(method)) {
ser.write(BeansUtils.getAllPropertiesFromCustomConfiguration("perun-web-gui.properties"));
// closes the request
out.close();
return;
} else if ("utils".equals(manager) && "getAppsConfig".equals(method)) {
ser.write(PerunAppsConfig.getInstance());
// closes the request
out.close();
return;
} else if ("utils".equals(manager) && PERUNSTATUS.equals(method)) {
Date date = new Date();
Timestamp timestamp = new Timestamp(date.getTime());
Map<String, Integer> auditerConsumers;
// noinspection unchecked
auditerConsumers = (Map<String, Integer>) caller.call("auditMessagesManager", "getAllAuditerConsumers", des);
List<String> perunStatus = new ArrayList<>();
perunStatus.add("Version of Perun: " + getPerunRpcVersion());
perunStatus.add("Version of PerunDB: " + caller.call("databaseManager", "getCurrentDatabaseVersion", des));
perunStatus.add("Version of Servlet: " + getServletContext().getServerInfo());
perunStatus.add("Version of DB-driver: " + caller.call("databaseManager", "getDatabaseDriverInformation", des));
perunStatus.add("Version of DB: " + caller.call("databaseManager", "getDatabaseInformation", des));
perunStatus.add("Version of Java platform: " + System.getProperty("java.version"));
for (String consumerName : auditerConsumers.keySet()) {
Integer lastProcessedId = auditerConsumers.get(consumerName);
perunStatus.add("AuditerConsumer: '" + consumerName + "' with last processed id='" + lastProcessedId + "'");
}
perunStatus.add("LastMessageId: " + caller.call("auditMessagesManager", "getLastMessageId", des));
perunStatus.add("Timestamp: " + timestamp);
ser.write(perunStatus);
out.close();
return;
} else if ("utils".equals(manager) && PERUNSTATISTICS.equals(method)) {
Date date = new Date();
Timestamp timestamp = new Timestamp(date.getTime());
List<String> perunStatistics = new ArrayList<>();
perunStatistics.add("Timestamp: '" + timestamp + "'");
perunStatistics.add("USERS: '" + caller.call("usersManager", "getUsersCount", des) + "'");
perunStatistics.add("FACILITIES: '" + caller.call("facilitiesManager", "getFacilitiesCount", des) + "'");
perunStatistics.add("DESTINATIONS: '" + caller.call("servicesManager", "getDestinationsCount", des) + "'");
perunStatistics.add("VOS: '" + caller.call("vosManager", "getVosCount", des) + "'");
perunStatistics.add("RESOURCES: '" + caller.call("resourcesManager", "getResourcesCount", des) + "'");
perunStatistics.add("GROUPS: '" + caller.call("groupsManager", "getGroupsCount", des) + "'");
perunStatistics.add("AUDITMESSAGES: '" + caller.call("auditMessagesManager", "getAuditerMessagesCount", des) + "'");
ser.write(perunStatistics);
out.close();
return;
} else if ("utils".equals(manager) && PERUNSYSTEMTIME.equals(method)) {
long systemTimeInMillis = System.currentTimeMillis();
ser.write(systemTimeInMillis);
out.close();
}
// Store identification of the request only if supported by app (it passed unique callbackName)
if (callbackName != null) {
perunRequest = new PerunRequest(caller.getSession().getPerunPrincipal(), callbackName, manager, method, des.readAll());
// Add perunRequest into the queue of the requests for POST only
if (!isGet && !isPut) {
pendingRequests.put(callbackName, perunRequest);
}
}
PerunClient perunClient = caller.getSession().getPerunClient();
if (perunClient.getType() == PerunClient.Type.OAUTH) {
if (!perunClient.getScopes().contains(PerunClient.PERUN_API_SCOPE)) {
// user has not consented to scope perun_api for the client on the OAuth Authorization Server
throw new PrivilegeException("Scope " + PerunClient.PERUN_API_SCOPE + " is missing, either the client app " + perunClient.getId() + " has not asked for it, or the user has not granted it.");
}
}
// Process request and sent the response back
if (SCIMMANAGER.equals(manager)) {
// Process SCIM protocol
result = caller.getSCIMManager().process(caller.getSession(), method, des.readAll());
if (perunRequest != null)
perunRequest.setResult(result);
if (!(result instanceof Response))
throw new InternalErrorException("SCIM manager returned unexpected result: " + result);
resp.setStatus(((Response) result).getStatus());
String response = (String) ((Response) result).getEntity();
printWriter = new PrintWriter(resp.getOutputStream());
printWriter.println(response);
printWriter.flush();
} else {
// Save only exceptions from caller to result
try {
result = caller.call(manager, method, des);
if (perunRequest != null)
perunRequest.setResult(result);
} catch (Exception ex) {
result = ex;
throw ex;
}
ser.write(result);
}
} catch (PerunException pex) {
// If the output is JSONP, it cannot send the HTTP 400 code, because the web browser wouldn't accept this
if (!isJsonp) {
resp.setStatus(400);
}
log.warn("Perun exception {}: {}.", pex.getErrorId(), pex);
ser.writePerunException(pex);
} catch (PerunRuntimeException prex) {
// If the output is JSONP, it cannot send the HTTP 400 code, because the web browser wouldn't accept this
if (!isJsonp) {
resp.setStatus(400);
}
log.warn("PerunRuntime exception {}: {}.", prex.getErrorId(), prex);
ser.writePerunRuntimeException(prex);
} catch (IOException ioex) {
// IOException gets logged and is rethrown
// noinspection ThrowableNotThrown
log.warn("IO exception {}: {}.", Long.toHexString(System.currentTimeMillis()), ioex);
new RpcException(RpcException.Type.UNCATCHED_EXCEPTION, ioex);
throw ioex;
} catch (Exception ex) {
// If the output is JSONP, it cannot send the HTTP 400 code, because the web browser wouldn't accept this
if (!isJsonp) {
resp.setStatus(500);
}
log.warn("Perun exception {}: {}.", Long.toHexString(System.currentTimeMillis()), ex);
ser.writePerunRuntimeException(new RpcException(RpcException.Type.UNCATCHED_EXCEPTION, ex));
} finally {
if (!isGet && !isPut && perunRequest != null) {
// save result of this perunRequest
perunRequest.setEndTime(System.currentTimeMillis());
if (result instanceof Exception)
perunRequest.setResult(result);
perunRequest.setEndTime(System.currentTimeMillis());
}
// Check all resolved requests and remove them if they are old than timeToLiveWhenDone
Iterator<String> iterator = pendingRequests.keySet().iterator();
while (iterator.hasNext()) {
String key = iterator.next();
PerunRequest value = pendingRequests.get(key);
if (value != null) {
if (value.getEndTime() < 0)
continue;
if (System.currentTimeMillis() - value.getEndTime() > timeToLiveWhenDone) {
iterator.remove();
}
}
}
if (printWriter != null)
printWriter.close();
}
out.close();
if (Objects.equals(manager, "authzResolver") && Objects.equals(method, "keepAlive")) {
log.trace("Method {}.{} called by {} from {}, duration {} ms.", manager, method, caller.getSession().getPerunPrincipal().getActor(), caller.getSession().getPerunPrincipal().getExtSourceName(), (System.currentTimeMillis() - timeStart));
} else {
log.debug("Method {}.{} called by {} from {}, duration {} ms.", manager, method, caller.getSession().getPerunPrincipal().getActor(), caller.getSession().getPerunPrincipal().getExtSourceName(), (System.currentTimeMillis() - timeStart));
}
}
use of cz.metacentrum.perun.core.api.exceptions.PerunException in project perun by CESNET.
the class WeNMR method canBeApproved.
@Override
public void canBeApproved(PerunSession session, Application app) throws PerunException {
// check if submitted from trusted IdP
if (!Objects.equals("https://www.structuralbiology.eu/idp/shibboleth", app.getExtSourceName())) {
// submitted by untrusted IdP
PerunBl perun = (PerunBl) session.getPerun();
User user;
// check if user is known
if (app.getUser() != null) {
user = app.getUser();
} else {
try {
user = perun.getUsersManagerBl().getUserByExtSourceNameAndExtLogin(session, app.getExtSourceName(), app.getCreatedBy());
} catch (Exception ex) {
// unable to find user -> untrusted IdP
throw new CantBeApprovedException("Application can't be approved automatically. User doesn't have identity from \"www.structuralbiology.eu\". Please check users identity before manual/force approval.", "", "", "", true);
}
}
List<UserExtSource> ueses = perun.getUsersManagerBl().getUserExtSources(session, user);
for (UserExtSource ues : ueses) {
if (Objects.equals("https://www.structuralbiology.eu/idp/shibboleth", ues.getExtSource().getName())) {
// user has trusted identity
return;
}
}
throw new CantBeApprovedException("Application can't be approved automatically. User doesn't have identity from \"www.structuralbiology.eu\". Please check users identity before manual/force approval.", "", "", "", true);
}
// submitted from trusted IdP
}
use of cz.metacentrum.perun.core.api.exceptions.PerunException in project perun by CESNET.
the class VOSynchronizer method synchronizeVOs.
public void synchronizeVOs() {
PerunBl perun = (PerunBl) ldapcManager.getPerunBl();
boolean shouldWriteExceptionLog = true;
try {
log.debug("Getting list of VOs");
// List<Vo> vos = Rpc.VosManager.getVos(ldapcManager.getRpcCaller());
List<Vo> vos = perun.getVosManagerBl().getVos(ldapcManager.getPerunSession());
Set<Name> presentVos = new HashSet<Name>(vos.size());
for (Vo vo : vos) {
// Map<String, Object> params = new HashMap<String, Object>();
// params.put("vo", new Integer(vo.getId()));
presentVos.add(perunVO.getEntryDN(String.valueOf(vo.getId())));
log.debug("Synchronizing VO entry {}", vo);
log.debug("Getting list of attributes for vo {}", vo.getId());
List<Attribute> attrs = new ArrayList<Attribute>();
List<String> attrNames = fillPerunAttributeNames(perunVO.getPerunAttributeNames());
try {
attrs.addAll(perun.getAttributesManagerBl().getAttributes(ldapcManager.getPerunSession(), vo, attrNames));
} catch (PerunRuntimeException e) {
log.warn("Couldn't get attributes {} for vo {}: {}", attrNames, vo.getId(), e.getMessage());
shouldWriteExceptionLog = false;
throw new InternalErrorException(e);
}
log.debug("Got attributes {}", attrNames.toString());
try {
log.debug("Getting list of VO {} members", vo.getId());
// List<Member> members = ldapcManager.getRpcCaller().call("membersManager", "getMembers", params).readList(Member.class);
List<Member> members = perun.getMembersManager().getMembers(ldapcManager.getPerunSession(), vo, Status.VALID);
log.debug("Synchronizing {} members of VO {}", members.size(), vo.getId());
perunVO.synchronizeVo(vo, attrs, members);
} catch (PerunException e) {
log.error("Error synchronizing VO " + vo.getId(), e);
shouldWriteExceptionLog = false;
throw new InternalErrorException(e);
}
}
// search VO entries in LDAP and remove the ones not present in Perun
try {
removeOldEntries(perunVO, presentVos, log);
} catch (InternalErrorException e) {
log.error("Error removing old VO entries", e);
shouldWriteExceptionLog = false;
throw new InternalErrorException(e);
}
} catch (InternalErrorException e) {
if (shouldWriteExceptionLog) {
log.error("Error getting list of VOs", e);
}
throw new InternalErrorException(e);
}
}
use of cz.metacentrum.perun.core.api.exceptions.PerunException in project perun by CESNET.
the class RpcCallerImpl method processRpcServerException.
protected void processRpcServerException(InputStream errorStream) throws RpcException, InternalErrorException, PerunException {
JsonDeserializer errDes;
try {
errDes = new JsonDeserializer(errorStream);
} catch (IOException e) {
this.processIOException(e);
return;
}
// Error occured, read the Exception if it is in response
String errorId = errDes.readString("errorId");
if (errorId != null) {
String exceptionName = errDes.readString("name");
if (!exceptionName.equals(RpcException.class.getSimpleName())) {
String errorClass = errDes.readString("name");
String errorInfo = errDes.readString("message");
try {
Class<?> exceptionClass = Class.forName("cz.metacentrum.perun.core.api.exceptions." + errorClass);
Class<?>[] constructorParams = new Class[1];
constructorParams[0] = String.class;
Constructor<?> exceptionConstructor = exceptionClass.getConstructor(constructorParams);
Object[] arglist = new Object[1];
arglist[0] = errorInfo;
PerunException exception = (PerunException) exceptionConstructor.newInstance(arglist);
exception.setErrorId(errorId);
throw exception;
} catch (ClassNotFoundException e1) {
throw new InternalErrorException(e1);
} catch (InstantiationException e1) {
throw new InternalErrorException(e1);
} catch (IllegalAccessException e1) {
throw new InternalErrorException(e1);
} catch (IllegalArgumentException e1) {
throw new InternalErrorException(e1);
} catch (InvocationTargetException e1) {
throw new InternalErrorException(e1);
} catch (NoSuchMethodException e1) {
throw new InternalErrorException(e1);
}
} else {
// RPC Exception
String errorClass = errDes.readString("type");
String errorInfo = errDes.readString("errorInfo");
throw new RpcException(errorClass, errorInfo);
}
}
}
use of cz.metacentrum.perun.core.api.exceptions.PerunException in project perun by CESNET.
the class CabinetManagerBlImpl method setThanksAttribute.
@Override
public void setThanksAttribute(int userId) throws CabinetException {
List<ThanksForGUI> thanks = getThanksManagerBl().getRichThanksByUserId(userId);
try {
// get user
User u = perun.getUsersManager().getUserById(cabinetSession, userId);
// get attribute
AttributeDefinition attrDef = perun.getAttributesManager().getAttributeDefinition(cabinetSession, ATTR_PUBS_NAMESPACE + ":" + ATTR_PUBS_FRIENDLY_NAME);
Attribute attr = new Attribute(attrDef);
// if there are thanks to set
if (thanks != null && !thanks.isEmpty()) {
// create new values map
LinkedHashMap<String, String> map = new LinkedHashMap<String, String>();
for (ThanksForGUI t : thanks) {
Integer count = 1;
if (map.containsKey(t.getOwnerName())) {
// if contains value already, do +1
String value = map.get(t.getOwnerName());
count = Integer.parseInt(value);
count = count + 1;
}
map.put(t.getOwnerName(), count.toString());
}
attr.setValue(map);
perun.getAttributesManager().setAttribute(cabinetSession, u, attr);
} else {
// empty or null thanks - update to: remove
perun.getAttributesManager().removeAttribute(cabinetSession, u, attrDef);
}
} catch (PerunException e) {
throw new CabinetException("Failed to update " + ATTR_PUBS_NAMESPACE + ":" + ATTR_PUBS_FRIENDLY_NAME + " in Perun.", ErrorCodes.PERUN_EXCEPTION, e);
}
}
Aggregations