Example 36 with PrivilegeException
use of cz.metacentrum.perun.core.api.exceptions.PrivilegeException in project perun by CESNET.
the class MembersManagerEntry method createMember.
public Member createMember(PerunSession sess, Vo vo, String extSourceName, String extSourceType, String login, Candidate candidate, List<Group> groups) throws InternalErrorException, WrongAttributeValueException, WrongReferenceAttributeValueException, AlreadyMemberException, VoNotExistsException, PrivilegeException, ExtendMembershipException, GroupNotExistsException, GroupOperationsException {
Utils.checkPerunSession(sess);
// Authorization
if (!AuthzResolver.isAuthorized(sess, Role.VOADMIN, vo)) {
throw new PrivilegeException(sess, "createMember - from candidate");
}
// if any group is not from the vo, throw an exception
if (groups != null) {
for (Group group : groups) {
perunBl.getGroupsManagerBl().checkGroupExists(sess, group);
if (group.getVoId() != vo.getId())
throw new InternalErrorException("Group " + group + " is not from the vo " + vo + " where candidate " + candidate + " should be added.");
}
}
Utils.notNull(extSourceName, "extSourceName");
Utils.notNull(extSourceType, "extSourceType");
Utils.notNull(login, "login");
return getMembersManagerBl().createMember(sess, vo, extSourceName, extSourceType, login, candidate, groups);
}
Also used :
Group(cz.metacentrum.perun.core.api.Group)
PrivilegeException(cz.metacentrum.perun.core.api.exceptions.PrivilegeException)
InternalErrorException(cz.metacentrum.perun.core.api.exceptions.InternalErrorException)
Example 37 with PrivilegeException
use of cz.metacentrum.perun.core.api.exceptions.PrivilegeException in project perun by CESNET.
the class MembersManagerEntry method createMember.
public Member createMember(PerunSession sess, Vo vo, String extSourceName, String extSourceType, int extSourceLoa, String login, Candidate candidate, List<Group> groups) throws InternalErrorException, WrongAttributeValueException, WrongReferenceAttributeValueException, AlreadyMemberException, VoNotExistsException, PrivilegeException, ExtendMembershipException, GroupNotExistsException, GroupOperationsException {
Utils.checkPerunSession(sess);
// Authorization
if (!AuthzResolver.isAuthorized(sess, Role.VOADMIN, vo)) {
throw new PrivilegeException(sess, "createMember - from candidate");
}
// if any group is not from the vo, throw an exception
if (groups != null) {
for (Group group : groups) {
perunBl.getGroupsManagerBl().checkGroupExists(sess, group);
if (group.getVoId() != vo.getId())
throw new InternalErrorException("Group " + group + " is not from the vo " + vo + " where candidate " + candidate + " should be added.");
}
}
Utils.notNull(extSourceName, "extSourceName");
Utils.notNull(extSourceType, "extSourceType");
Utils.notNull(login, "login");
return getMembersManagerBl().createMember(sess, vo, extSourceName, extSourceType, extSourceLoa, login, candidate, groups);
}
Also used :
Group(cz.metacentrum.perun.core.api.Group)
PrivilegeException(cz.metacentrum.perun.core.api.exceptions.PrivilegeException)
InternalErrorException(cz.metacentrum.perun.core.api.exceptions.InternalErrorException)
Example 38 with PrivilegeException
use of cz.metacentrum.perun.core.api.exceptions.PrivilegeException in project perun by CESNET.
the class MembersManagerEntry method createSponsoredAccount.
public Member createSponsoredAccount(PerunSession sess, Map<String, String> params, String namespace, ExtSource extSource, String extSourcePostfix, Vo vo, int loa) throws InternalErrorException, PrivilegeException, UserNotExistsException, ExtSourceNotExistsException, UserExtSourceNotExistsException, WrongReferenceAttributeValueException, LoginNotExistsException, PasswordCreationFailedException, ExtendMembershipException, AlreadyMemberException, GroupOperationsException, PasswordStrengthFailedException, PasswordOperationTimeoutException, WrongAttributeValueException {
Utils.checkPerunSession(sess);
Utils.notNull(extSource, "extSource");
Utils.notNull(namespace, "namespace");
Utils.notNull(vo, "vo");
Utils.notNull(extSourcePostfix, "extSourcePostfix");
if (!AuthzResolver.isAuthorized(sess, Role.REGISTRAR)) {
throw new PrivilegeException(sess, "createSponsoredAccount");
}
if (params.containsKey("sponsor")) {
String sponsorLogin = params.get("sponsor");
User owner = getPerunBl().getUsersManager().getUserByExtSourceNameAndExtLogin(sess, extSource.getName(), sponsorLogin + extSourcePostfix);
return getPerunBl().getMembersManagerBl().createSponsoredAccount(sess, params, namespace, extSource, extSourcePostfix, owner, vo, loa);
} else {
throw new InternalErrorException("sponsor cannot be null");
}
}
Also used :
User(cz.metacentrum.perun.core.api.User)
PrivilegeException(cz.metacentrum.perun.core.api.exceptions.PrivilegeException)
InternalErrorException(cz.metacentrum.perun.core.api.exceptions.InternalErrorException)
Example 39 with PrivilegeException
use of cz.metacentrum.perun.core.api.exceptions.PrivilegeException in project perun by CESNET.
the class SearcherEntry method getMembersByUserAttributes.
public List<Member> getMembersByUserAttributes(PerunSession sess, Vo vo, Map<String, String> userAttributesWithSearchingValues) throws InternalErrorException, AttributeNotExistsException, PrivilegeException, WrongAttributeAssignmentException, VoNotExistsException {
// Authorization
perunBl.getVosManagerBl().checkVoExists(sess, vo);
if (!AuthzResolver.isAuthorized(sess, Role.VOADMIN, vo) && !AuthzResolver.isAuthorized(sess, Role.VOOBSERVER, vo) && !AuthzResolver.isAuthorized(sess, Role.GROUPADMIN, vo)) {
throw new PrivilegeException(sess, "getMembersByUserAttributes");
}
//If map is null or empty, return all members from vo
if (userAttributesWithSearchingValues == null || userAttributesWithSearchingValues.isEmpty()) {
return perunBl.getMembersManagerBl().getMembers(sess, vo);
}
Set<String> attrNames = userAttributesWithSearchingValues.keySet();
List<AttributeDefinition> attrDefs = new ArrayList<>();
for (String attrName : attrNames) {
if (attrName == null || attrName.isEmpty())
throw new InternalErrorException("One of attributes has empty name.");
//throw AttributeNotExistsException if this attr_name not exists in DB
AttributeDefinition attrDef = perunBl.getAttributesManagerBl().getAttributeDefinition(sess, attrName);
attrDefs.add(attrDef);
//test namespace of attribute
if (!getPerunBl().getAttributesManagerBl().isFromNamespace(sess, attrDef, AttributesManager.NS_USER_ATTR)) {
throw new WrongAttributeAssignmentException("Attribute can be only in user namespace " + attrDef);
}
}
//get all found users
List<User> users = searcherBl.getUsers(sess, userAttributesWithSearchingValues);
List<Member> members = new ArrayList<>();
for (User user : users) {
//get member for user
Member member;
try {
member = perunBl.getMembersManagerBl().getMemberByUser(sess, vo, user);
} catch (MemberNotExistsException ex) {
continue;
}
boolean isAuthorized = true;
for (AttributeDefinition attrDef : attrDefs) {
//Test if user has righ to read such attribute for specific user, if not, remove it from returning list
if (!AuthzResolver.isAuthorizedForAttribute(sess, ActionType.READ, attrDef, user, null)) {
isAuthorized = false;
break;
}
}
if (isAuthorized)
members.add(member);
}
return members;
}
Also used :
User(cz.metacentrum.perun.core.api.User)
MemberNotExistsException(cz.metacentrum.perun.core.api.exceptions.MemberNotExistsException)
WrongAttributeAssignmentException(cz.metacentrum.perun.core.api.exceptions.WrongAttributeAssignmentException)
AttributeDefinition(cz.metacentrum.perun.core.api.AttributeDefinition)
InternalErrorException(cz.metacentrum.perun.core.api.exceptions.InternalErrorException)
PrivilegeException(cz.metacentrum.perun.core.api.exceptions.PrivilegeException)
Member(cz.metacentrum.perun.core.api.Member)
Example 40 with PrivilegeException
use of cz.metacentrum.perun.core.api.exceptions.PrivilegeException in project perun by CESNET.
the class FacilitiesManagerEntry method setOwners.
public void setOwners(PerunSession sess, Facility facility, List<Owner> owners) throws InternalErrorException, PrivilegeException, FacilityNotExistsException, OwnerNotExistsException {
Utils.checkPerunSession(sess);
// Authorization
if (!AuthzResolver.isAuthorized(sess, Role.PERUNADMIN)) {
throw new PrivilegeException(sess, "setOwners");
}
getFacilitiesManagerBl().checkFacilityExists(sess, facility);
Utils.notNull(owners, "owners");
for (Owner owner : owners) {
getPerunBl().getOwnersManagerBl().checkOwnerExists(sess, owner);
}
getFacilitiesManagerBl().setOwners(sess, facility, owners);
}
Also used :
Owner(cz.metacentrum.perun.core.api.Owner)
PrivilegeException(cz.metacentrum.perun.core.api.exceptions.PrivilegeException)
Aggregations
PrivilegeException (cz.metacentrum.perun.core.api.exceptions.PrivilegeException)66
InternalErrorException (cz.metacentrum.perun.core.api.exceptions.InternalErrorException)22
Facility (cz.metacentrum.perun.core.api.Facility)18
BanOnFacility (cz.metacentrum.perun.core.api.BanOnFacility)13
Group (cz.metacentrum.perun.core.api.Group)13
RichFacility (cz.metacentrum.perun.core.api.RichFacility)13
Vo (cz.metacentrum.perun.core.api.Vo)8
RichGroup (cz.metacentrum.perun.core.api.RichGroup)7
ArrayList (java.util.ArrayList)7
User (cz.metacentrum.perun.core.api.User)6
Service (cz.metacentrum.perun.core.api.Service)5
FacilityNotExistsException (cz.metacentrum.perun.core.api.exceptions.FacilityNotExistsException)5
ServiceNotExistsException (cz.metacentrum.perun.core.api.exceptions.ServiceNotExistsException)5
Member (cz.metacentrum.perun.core.api.Member)4
RichMember (cz.metacentrum.perun.core.api.RichMember)4
IllegalArgumentException (cz.metacentrum.perun.core.api.exceptions.IllegalArgumentException)4
ExecService (cz.metacentrum.perun.taskslib.model.ExecService)4
Task (cz.metacentrum.perun.taskslib.model.Task)4
RichUser (cz.metacentrum.perun.core.api.RichUser)3
WrongAttributeAssignmentException (cz.metacentrum.perun.core.api.exceptions.WrongAttributeAssignmentException)3
