Examples with PrivilegeException cz.metacentrum.perun.core.api.exceptions.PrivilegeException used on opensource projects

Search in sources :

Example 51 with PrivilegeException

use of cz.metacentrum.perun.core.api.exceptions.PrivilegeException in project perun by CESNET.

the class MembersManagerEntry method getRichMemberWithAttributes.

public RichMember getRichMemberWithAttributes(PerunSession sess, Member member) throws InternalErrorException, PrivilegeException, MemberNotExistsException {
    Utils.checkPerunSession(sess);
    getPerunBl().getMembersManagerBl().checkMemberExists(sess, member);
    Vo vo = getPerunBl().getMembersManagerBl().getMemberVo(sess, member);
    // Authorization
    if (!AuthzResolver.isAuthorized(sess, Role.VOADMIN, vo) && !AuthzResolver.isAuthorized(sess, Role.VOOBSERVER, vo) && !AuthzResolver.isAuthorized(sess, Role.GROUPADMIN, vo) && !AuthzResolver.isAuthorized(sess, Role.SELF, member)) {
        throw new PrivilegeException(sess, "getRichMemberWithAttributes");
    }
    return getPerunBl().getMembersManagerBl().filterOnlyAllowedAttributes(sess, getMembersManagerBl().getRichMemberWithAttributes(sess, member));
}
Also used : PrivilegeException(cz.metacentrum.perun.core.api.exceptions.PrivilegeException) Vo(cz.metacentrum.perun.core.api.Vo)

Example 52 with PrivilegeException

use of cz.metacentrum.perun.core.api.exceptions.PrivilegeException in project perun by CESNET.

the class MembersManagerEntry method findCompleteRichMembers.

@Override
public List<RichMember> findCompleteRichMembers(PerunSession sess, List<String> attrsNames, List<String> allowedStatuses, String searchString) throws InternalErrorException, MemberNotExistsException, PrivilegeException, VoNotExistsException, AttributeNotExistsException {
    Utils.checkPerunSession(sess);
    // Authorization
    if (!AuthzResolver.isAuthorized(sess, Role.VOADMIN) && !AuthzResolver.isAuthorized(sess, Role.VOOBSERVER) && !AuthzResolver.isAuthorized(sess, Role.GROUPADMIN) && !AuthzResolver.isAuthorized(sess, Role.FACILITYADMIN)) {
        throw new PrivilegeException(sess, "findCompleteRichMembers");
    }
    List<RichMember> richMembers = getMembersManagerBl().findCompleteRichMembers(sess, attrsNames, allowedStatuses, searchString);
    Iterator<RichMember> richMemberIter = richMembers.iterator();
    while (richMemberIter.hasNext()) {
        RichMember richMember = richMemberIter.next();
        //if voadmin or voobserver or groupadmin has right to this member, its ok
        if (AuthzResolver.isAuthorized(sess, Role.VOADMIN, richMember) || AuthzResolver.isAuthorized(sess, Role.VOOBSERVER, richMember) || AuthzResolver.isAuthorized(sess, Role.GROUPADMIN, richMember))
            continue;
        //if not, then try facility admin rights
        List<Resource> membersResources = getPerunBl().getResourcesManagerBl().getAssignedResources(sess, richMember);
        boolean found = false;
        for (Resource resource : membersResources) {
            if (AuthzResolver.isAuthorized(sess, Role.FACILITYADMIN, resource)) {
                found = true;
                break;
            }
        }
        if (found)
            continue;
        richMemberIter.remove();
    }
    return getPerunBl().getMembersManagerBl().filterOnlyAllowedAttributes(sess, richMembers, false);
}
Also used : PrivilegeException(cz.metacentrum.perun.core.api.exceptions.PrivilegeException) Resource(cz.metacentrum.perun.core.api.Resource) RichMember(cz.metacentrum.perun.core.api.RichMember)

Example 53 with PrivilegeException

use of cz.metacentrum.perun.core.api.exceptions.PrivilegeException in project perun by CESNET.

the class FacilitiesManagerEntry method getBansForFacility.

public List<BanOnFacility> getBansForFacility(PerunSession sess, int facilityId) throws InternalErrorException, PrivilegeException, FacilityNotExistsException {
    Utils.checkPerunSession(sess);
    Facility facility = this.getFacilitiesManagerBl().getFacilityById(sess, facilityId);
    // Authorization
    if (!AuthzResolver.isAuthorized(sess, Role.FACILITYADMIN, facility)) {
        throw new PrivilegeException(sess, "getBansForFacility");
    }
    return getFacilitiesManagerBl().getBansForFacility(sess, facilityId);
}
Also used : PrivilegeException(cz.metacentrum.perun.core.api.exceptions.PrivilegeException) BanOnFacility(cz.metacentrum.perun.core.api.BanOnFacility) Facility(cz.metacentrum.perun.core.api.Facility) RichFacility(cz.metacentrum.perun.core.api.RichFacility)

Example 54 with PrivilegeException

use of cz.metacentrum.perun.core.api.exceptions.PrivilegeException in project perun by CESNET.

the class FacilitiesManagerEntry method getFacilityById.

public Facility getFacilityById(PerunSession sess, int id) throws InternalErrorException, FacilityNotExistsException, PrivilegeException {
    Utils.checkPerunSession(sess);
    Facility facility = getFacilitiesManagerBl().getFacilityById(sess, id);
    // Authorization
    if (!AuthzResolver.isAuthorized(sess, Role.FACILITYADMIN, facility) && !AuthzResolver.isAuthorized(sess, Role.ENGINE) && !AuthzResolver.isAuthorized(sess, Role.RPC)) {
        throw new PrivilegeException(sess, "getFacilityById");
    }
    return facility;
}
Also used : PrivilegeException(cz.metacentrum.perun.core.api.exceptions.PrivilegeException) BanOnFacility(cz.metacentrum.perun.core.api.BanOnFacility) Facility(cz.metacentrum.perun.core.api.Facility) RichFacility(cz.metacentrum.perun.core.api.RichFacility)

Example 55 with PrivilegeException

use of cz.metacentrum.perun.core.api.exceptions.PrivilegeException in project perun by CESNET.

the class FacilitiesManagerEntry method getHostsByHostname.

public List<Host> getHostsByHostname(PerunSession sess, String hostname) throws InternalErrorException, PrivilegeException {
    Utils.checkPerunSession(sess);
    Utils.notNull(hostname, "hostname");
    if (!AuthzResolver.isAuthorized(sess, Role.FACILITYADMIN)) {
        throw new PrivilegeException(sess, "getHostsByHostname");
    }
    List<Host> hostsByHostname = getFacilitiesManagerBl().getHostsByHostname(sess, hostname);
    //need to remove those hosts, which are not from facilities of this facility admin
    if (!AuthzResolver.hasRole(sess.getPerunPrincipal(), Role.PERUNADMIN) && AuthzResolver.hasRole(sess.getPerunPrincipal(), Role.FACILITYADMIN)) {
        //get all complementary facilities for this perunPrincipal
        List<Facility> authorizedFacilities = new ArrayList<>();
        List<PerunBean> complementaryObjects = AuthzResolver.getComplementaryObjectsForRole(sess, Role.FACILITYADMIN);
        for (PerunBean pb : complementaryObjects) {
            if (pb instanceof Facility)
                authorizedFacilities.add((Facility) pb);
        }
        //remove hosts which has not facility from authorized facilities
        Iterator<Host> hostIterator = hostsByHostname.iterator();
        while (hostIterator.hasNext()) {
            Host host = hostIterator.next();
            Facility fac = getPerunBl().getFacilitiesManagerBl().getFacilityForHost(sess, host);
            if (!authorizedFacilities.contains(fac))
                hostIterator.remove();
        }
    }
    return hostsByHostname;
}
Also used : PerunBean(cz.metacentrum.perun.core.api.PerunBean) PrivilegeException(cz.metacentrum.perun.core.api.exceptions.PrivilegeException) ArrayList(java.util.ArrayList) Host(cz.metacentrum.perun.core.api.Host) BanOnFacility(cz.metacentrum.perun.core.api.BanOnFacility) Facility(cz.metacentrum.perun.core.api.Facility) RichFacility(cz.metacentrum.perun.core.api.RichFacility)

Aggregations

PrivilegeException (cz.metacentrum.perun.core.api.exceptions.PrivilegeException)66 InternalErrorException (cz.metacentrum.perun.core.api.exceptions.InternalErrorException)22 Facility (cz.metacentrum.perun.core.api.Facility)18 BanOnFacility (cz.metacentrum.perun.core.api.BanOnFacility)13 Group (cz.metacentrum.perun.core.api.Group)13 RichFacility (cz.metacentrum.perun.core.api.RichFacility)13 Vo (cz.metacentrum.perun.core.api.Vo)8 RichGroup (cz.metacentrum.perun.core.api.RichGroup)7 ArrayList (java.util.ArrayList)7 User (cz.metacentrum.perun.core.api.User)6 Service (cz.metacentrum.perun.core.api.Service)5 FacilityNotExistsException (cz.metacentrum.perun.core.api.exceptions.FacilityNotExistsException)5 ServiceNotExistsException (cz.metacentrum.perun.core.api.exceptions.ServiceNotExistsException)5 Member (cz.metacentrum.perun.core.api.Member)4 RichMember (cz.metacentrum.perun.core.api.RichMember)4 IllegalArgumentException (cz.metacentrum.perun.core.api.exceptions.IllegalArgumentException)4 ExecService (cz.metacentrum.perun.taskslib.model.ExecService)4 Task (cz.metacentrum.perun.taskslib.model.Task)4 RichUser (cz.metacentrum.perun.core.api.RichUser)3 WrongAttributeAssignmentException (cz.metacentrum.perun.core.api.exceptions.WrongAttributeAssignmentException)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial