use of cz.metacentrum.perun.core.api.exceptions.PrivilegeException in project perun by CESNET.
the class FacilitiesManagerEntry method setBan.
@Override
public BanOnFacility setBan(PerunSession sess, BanOnFacility banOnFacility) throws InternalErrorException, PrivilegeException, BanAlreadyExistsException, FacilityNotExistsException, UserNotExistsException {
Utils.checkPerunSession(sess);
Utils.notNull(banOnFacility, "banOnFacility");
User user = getPerunBl().getUsersManagerBl().getUserById(sess, banOnFacility.getUserId());
Facility facility = this.getFacilitiesManagerBl().getFacilityById(sess, banOnFacility.getFacilityId());
// Authorization
if (!AuthzResolver.isAuthorized(sess, Role.FACILITYADMIN, facility)) {
throw new PrivilegeException(sess, "setBan");
}
return getFacilitiesManagerBl().setBan(sess, banOnFacility);
}
use of cz.metacentrum.perun.core.api.exceptions.PrivilegeException in project perun by CESNET.
the class GroupsManagerEntry method deleteGroups.
public void deleteGroups(PerunSession perunSession, List<Group> groups, boolean forceDelete) throws GroupNotExistsException, InternalErrorException, PrivilegeException, GroupAlreadyRemovedException, RelationExistsException, GroupAlreadyRemovedFromResourceException, GroupOperationsException, GroupRelationDoesNotExist, GroupRelationCannotBeRemoved {
Utils.checkPerunSession(perunSession);
Utils.notNull(groups, "groups");
//Test if all groups exists and user has right to delete all of them
for (Group group : groups) {
getGroupsManagerBl().checkGroupExists(perunSession, group);
//test of privileges on group
if (!AuthzResolver.isAuthorized(perunSession, Role.VOADMIN, group) && !AuthzResolver.isAuthorized(perunSession, Role.GROUPADMIN, group)) {
throw new PrivilegeException(perunSession, "deleteGroups");
}
}
getGroupsManagerBl().deleteGroups(perunSession, groups, forceDelete);
}
use of cz.metacentrum.perun.core.api.exceptions.PrivilegeException in project perun by CESNET.
the class GroupsManagerEntry method getGroupByName.
public Group getGroupByName(PerunSession sess, Vo vo, String name) throws GroupNotExistsException, InternalErrorException, PrivilegeException, VoNotExistsException {
Utils.checkPerunSession(sess);
getPerunBl().getVosManagerBl().checkVoExists(sess, vo);
Utils.notNull(name, "name");
if (!name.matches(GroupsManager.GROUP_FULL_NAME_REGEXP)) {
throw new InternalErrorException(new IllegalArgumentException("Wrong group name, group name must matches " + GroupsManager.GROUP_FULL_NAME_REGEXP));
}
Group group = getGroupsManagerBl().getGroupByName(sess, vo, name);
// Authorization
if (!AuthzResolver.isAuthorized(sess, Role.VOADMIN, vo) && !AuthzResolver.isAuthorized(sess, Role.VOOBSERVER, vo) && !AuthzResolver.isAuthorized(sess, Role.TOPGROUPCREATOR, vo) && !AuthzResolver.isAuthorized(sess, Role.GROUPADMIN, group)) {
throw new PrivilegeException(sess, "getGroupByName");
}
return group;
}
use of cz.metacentrum.perun.core.api.exceptions.PrivilegeException in project perun by CESNET.
the class SecurityTeamsManagerEntry method updateSecurityTeam.
@Override
public SecurityTeam updateSecurityTeam(PerunSession sess, SecurityTeam securityTeam) throws InternalErrorException, PrivilegeException, SecurityTeamNotExistsException, SecurityTeamExistsException {
Utils.checkPerunSession(sess);
Utils.notNull(securityTeam, "securityTeam");
Utils.notNull(securityTeam.getName(), "securityTeam.name");
if (!AuthzResolver.isAuthorized(sess, Role.SECURITYADMIN, securityTeam)) {
throw new PrivilegeException(sess, "updateSecurityTeam");
}
if (securityTeam.getName().length() > 128) {
throw new InternalErrorException("Security Team name is too long, >128 characters");
}
if (!securityTeam.getName().matches("^[-_a-zA-z0-9.]{1,128}$")) {
throw new InternalErrorException("Wrong Security name - must matches [-_a-zA-z0-9.]+ and not be longer than 128 characters.");
}
getSecurityTeamsManagerBl().checkSecurityTeamExists(sess, securityTeam);
try {
SecurityTeam existingTeam = getSecurityTeamsManagerBl().getSecurityTeamByName(sess, securityTeam.getName());
if (existingTeam != null && existingTeam.getId() != securityTeam.getId()) {
throw new SecurityTeamExistsException("SecurityTeam with name='" + securityTeam.getName() + "' already exists.");
}
} catch (SecurityTeamNotExistsException ex) {
// OK since we are renaming security team to non-taken value
}
// don't store empty description
if (securityTeam.getDescription() != null && securityTeam.getDescription().trim().isEmpty()) {
securityTeam.setDescription(null);
}
return getSecurityTeamsManagerBl().updateSecurityTeam(sess, securityTeam);
}
use of cz.metacentrum.perun.core.api.exceptions.PrivilegeException in project perun by CESNET.
the class ServicesManagerEntry method getAllRichDestinations.
public List<RichDestination> getAllRichDestinations(PerunSession perunSession, Service service) throws PrivilegeException, InternalErrorException, ServiceNotExistsException {
Utils.checkPerunSession(perunSession);
//Authorization
if (!AuthzResolver.isAuthorized(perunSession, Role.PERUNADMIN))
throw new PrivilegeException(perunSession, "getAllRichDestinations");
getServicesManagerBl().checkServiceExists(perunSession, service);
return getPerunBl().getServicesManagerBl().getAllRichDestinations(perunSession, service);
}
Aggregations