Search in sources :

Example 41 with PrivilegeException

use of cz.metacentrum.perun.core.api.exceptions.PrivilegeException in project perun by CESNET.

the class FacilitiesManagerEntry method setBan.

@Override
public BanOnFacility setBan(PerunSession sess, BanOnFacility banOnFacility) throws InternalErrorException, PrivilegeException, BanAlreadyExistsException, FacilityNotExistsException, UserNotExistsException {
    Utils.checkPerunSession(sess);
    Utils.notNull(banOnFacility, "banOnFacility");
    User user = getPerunBl().getUsersManagerBl().getUserById(sess, banOnFacility.getUserId());
    Facility facility = this.getFacilitiesManagerBl().getFacilityById(sess, banOnFacility.getFacilityId());
    // Authorization
    if (!AuthzResolver.isAuthorized(sess, Role.FACILITYADMIN, facility)) {
        throw new PrivilegeException(sess, "setBan");
    }
    return getFacilitiesManagerBl().setBan(sess, banOnFacility);
}
Also used : User(cz.metacentrum.perun.core.api.User) RichUser(cz.metacentrum.perun.core.api.RichUser) PrivilegeException(cz.metacentrum.perun.core.api.exceptions.PrivilegeException) BanOnFacility(cz.metacentrum.perun.core.api.BanOnFacility) Facility(cz.metacentrum.perun.core.api.Facility) RichFacility(cz.metacentrum.perun.core.api.RichFacility)

Example 42 with PrivilegeException

use of cz.metacentrum.perun.core.api.exceptions.PrivilegeException in project perun by CESNET.

the class GroupsManagerEntry method deleteGroups.

public void deleteGroups(PerunSession perunSession, List<Group> groups, boolean forceDelete) throws GroupNotExistsException, InternalErrorException, PrivilegeException, GroupAlreadyRemovedException, RelationExistsException, GroupAlreadyRemovedFromResourceException, GroupOperationsException, GroupRelationDoesNotExist, GroupRelationCannotBeRemoved {
    Utils.checkPerunSession(perunSession);
    Utils.notNull(groups, "groups");
    //Test if all groups exists and user has right to delete all of them
    for (Group group : groups) {
        getGroupsManagerBl().checkGroupExists(perunSession, group);
        //test of privileges on group
        if (!AuthzResolver.isAuthorized(perunSession, Role.VOADMIN, group) && !AuthzResolver.isAuthorized(perunSession, Role.GROUPADMIN, group)) {
            throw new PrivilegeException(perunSession, "deleteGroups");
        }
    }
    getGroupsManagerBl().deleteGroups(perunSession, groups, forceDelete);
}
Also used : Group(cz.metacentrum.perun.core.api.Group) RichGroup(cz.metacentrum.perun.core.api.RichGroup) PrivilegeException(cz.metacentrum.perun.core.api.exceptions.PrivilegeException)

Example 43 with PrivilegeException

use of cz.metacentrum.perun.core.api.exceptions.PrivilegeException in project perun by CESNET.

the class GroupsManagerEntry method getGroupByName.

public Group getGroupByName(PerunSession sess, Vo vo, String name) throws GroupNotExistsException, InternalErrorException, PrivilegeException, VoNotExistsException {
    Utils.checkPerunSession(sess);
    getPerunBl().getVosManagerBl().checkVoExists(sess, vo);
    Utils.notNull(name, "name");
    if (!name.matches(GroupsManager.GROUP_FULL_NAME_REGEXP)) {
        throw new InternalErrorException(new IllegalArgumentException("Wrong group name, group name must matches " + GroupsManager.GROUP_FULL_NAME_REGEXP));
    }
    Group group = getGroupsManagerBl().getGroupByName(sess, vo, name);
    // Authorization
    if (!AuthzResolver.isAuthorized(sess, Role.VOADMIN, vo) && !AuthzResolver.isAuthorized(sess, Role.VOOBSERVER, vo) && !AuthzResolver.isAuthorized(sess, Role.TOPGROUPCREATOR, vo) && !AuthzResolver.isAuthorized(sess, Role.GROUPADMIN, group)) {
        throw new PrivilegeException(sess, "getGroupByName");
    }
    return group;
}
Also used : Group(cz.metacentrum.perun.core.api.Group) RichGroup(cz.metacentrum.perun.core.api.RichGroup) PrivilegeException(cz.metacentrum.perun.core.api.exceptions.PrivilegeException) InternalErrorException(cz.metacentrum.perun.core.api.exceptions.InternalErrorException) IllegalArgumentException(cz.metacentrum.perun.core.api.exceptions.IllegalArgumentException)

Example 44 with PrivilegeException

use of cz.metacentrum.perun.core.api.exceptions.PrivilegeException in project perun by CESNET.

the class SecurityTeamsManagerEntry method updateSecurityTeam.

@Override
public SecurityTeam updateSecurityTeam(PerunSession sess, SecurityTeam securityTeam) throws InternalErrorException, PrivilegeException, SecurityTeamNotExistsException, SecurityTeamExistsException {
    Utils.checkPerunSession(sess);
    Utils.notNull(securityTeam, "securityTeam");
    Utils.notNull(securityTeam.getName(), "securityTeam.name");
    if (!AuthzResolver.isAuthorized(sess, Role.SECURITYADMIN, securityTeam)) {
        throw new PrivilegeException(sess, "updateSecurityTeam");
    }
    if (securityTeam.getName().length() > 128) {
        throw new InternalErrorException("Security Team name is too long, >128 characters");
    }
    if (!securityTeam.getName().matches("^[-_a-zA-z0-9.]{1,128}$")) {
        throw new InternalErrorException("Wrong Security name - must matches [-_a-zA-z0-9.]+ and not be longer than 128 characters.");
    }
    getSecurityTeamsManagerBl().checkSecurityTeamExists(sess, securityTeam);
    try {
        SecurityTeam existingTeam = getSecurityTeamsManagerBl().getSecurityTeamByName(sess, securityTeam.getName());
        if (existingTeam != null && existingTeam.getId() != securityTeam.getId()) {
            throw new SecurityTeamExistsException("SecurityTeam with name='" + securityTeam.getName() + "' already exists.");
        }
    } catch (SecurityTeamNotExistsException ex) {
    // OK since we are renaming security team to non-taken value
    }
    // don't store empty description
    if (securityTeam.getDescription() != null && securityTeam.getDescription().trim().isEmpty()) {
        securityTeam.setDescription(null);
    }
    return getSecurityTeamsManagerBl().updateSecurityTeam(sess, securityTeam);
}
Also used : PrivilegeException(cz.metacentrum.perun.core.api.exceptions.PrivilegeException) SecurityTeam(cz.metacentrum.perun.core.api.SecurityTeam) SecurityTeamExistsException(cz.metacentrum.perun.core.api.exceptions.SecurityTeamExistsException) InternalErrorException(cz.metacentrum.perun.core.api.exceptions.InternalErrorException) SecurityTeamNotExistsException(cz.metacentrum.perun.core.api.exceptions.SecurityTeamNotExistsException)

Example 45 with PrivilegeException

use of cz.metacentrum.perun.core.api.exceptions.PrivilegeException in project perun by CESNET.

the class ServicesManagerEntry method getAllRichDestinations.

public List<RichDestination> getAllRichDestinations(PerunSession perunSession, Service service) throws PrivilegeException, InternalErrorException, ServiceNotExistsException {
    Utils.checkPerunSession(perunSession);
    //Authorization
    if (!AuthzResolver.isAuthorized(perunSession, Role.PERUNADMIN))
        throw new PrivilegeException(perunSession, "getAllRichDestinations");
    getServicesManagerBl().checkServiceExists(perunSession, service);
    return getPerunBl().getServicesManagerBl().getAllRichDestinations(perunSession, service);
}
Also used : PrivilegeException(cz.metacentrum.perun.core.api.exceptions.PrivilegeException)

Aggregations

PrivilegeException (cz.metacentrum.perun.core.api.exceptions.PrivilegeException)66 InternalErrorException (cz.metacentrum.perun.core.api.exceptions.InternalErrorException)22 Facility (cz.metacentrum.perun.core.api.Facility)18 BanOnFacility (cz.metacentrum.perun.core.api.BanOnFacility)13 Group (cz.metacentrum.perun.core.api.Group)13 RichFacility (cz.metacentrum.perun.core.api.RichFacility)13 Vo (cz.metacentrum.perun.core.api.Vo)8 RichGroup (cz.metacentrum.perun.core.api.RichGroup)7 ArrayList (java.util.ArrayList)7 User (cz.metacentrum.perun.core.api.User)6 Service (cz.metacentrum.perun.core.api.Service)5 FacilityNotExistsException (cz.metacentrum.perun.core.api.exceptions.FacilityNotExistsException)5 ServiceNotExistsException (cz.metacentrum.perun.core.api.exceptions.ServiceNotExistsException)5 Member (cz.metacentrum.perun.core.api.Member)4 RichMember (cz.metacentrum.perun.core.api.RichMember)4 IllegalArgumentException (cz.metacentrum.perun.core.api.exceptions.IllegalArgumentException)4 ExecService (cz.metacentrum.perun.taskslib.model.ExecService)4 Task (cz.metacentrum.perun.taskslib.model.Task)4 RichUser (cz.metacentrum.perun.core.api.RichUser)3 WrongAttributeAssignmentException (cz.metacentrum.perun.core.api.exceptions.WrongAttributeAssignmentException)3