Examples with PasswordDeletionFailedRuntimeException cz.metacentrum.perun.core.api.exceptions.rt.PasswordDeletionFailedRuntimeException used on opensource projects

Example 1 with PasswordDeletionFailedRuntimeException

use of cz.metacentrum.perun.core.api.exceptions.rt.PasswordDeletionFailedRuntimeException in project perun by CESNET.

the class UsersManagerBlImpl method manageAlternativePassword.

/**
	 * Calls external program which do the job with the alternative passwords.
	 *
	 * Return codes of the external program
	 * If password check fails then return 1
	 * If there is no handler for loginNamespace return 2
	 * If setting of the new password failed return 3
	 *
	 * @param sess
	 * @param operation
	 * @param loginNamespace
	 * @param password
	 * @throws InternalErrorException
	 */
protected void manageAlternativePassword(PerunSession sess, User user, String operation, String loginNamespace, String passwordId, String description, String password) throws InternalErrorException, PasswordDeletionFailedException {
    //if password id == null
    if (passwordId == null)
        passwordId = Long.toString(System.currentTimeMillis());
    //Prepare process builder
    ProcessBuilder pb = new ProcessBuilder(BeansUtils.getCoreConfig().getAlternativePasswordManagerProgram(), operation, loginNamespace, Integer.toString(user.getId()), passwordId);
    //Set password in Perun to attribute
    if (operation.equals(PASSWORD_CREATE)) {
        try {
            Attribute userAlternativePassword = getPerunBl().getAttributesManagerBl().getAttribute(sess, user, A_USER_DEF_ALT_PASSWORD_NAMESPACE + loginNamespace);
            Map<String, String> altPassValue = new LinkedHashMap<>();
            //Set not null value from altPassword attribute of this user
            if (userAlternativePassword.getValue() != null)
                altPassValue = (LinkedHashMap<String, String>) userAlternativePassword.getValue();
            //If password already exists, throw an exception
            if (altPassValue.containsKey(description))
                throw new ConsistencyErrorException("Password with this description already exists. Description: " + description);
            //set new value to attribute
            altPassValue.put(description, passwordId);
            userAlternativePassword.setValue(altPassValue);
            //set new attribute with value to perun
            getPerunBl().getAttributesManagerBl().setAttribute(sess, user, userAlternativePassword);
        } catch (WrongAttributeAssignmentException | WrongAttributeValueException | WrongReferenceAttributeValueException ex) {
            throw new InternalErrorException(ex);
        } catch (AttributeNotExistsException ex) {
            throw new ConsistencyErrorException(ex);
        }
    } else if (operation.equals(PASSWORD_DELETE)) {
        try {
            Attribute userAlternativePassword = getPerunBl().getAttributesManagerBl().getAttribute(sess, user, A_USER_DEF_ALT_PASSWORD_NAMESPACE + loginNamespace);
            Map<String, String> altPassValue = new LinkedHashMap<>();
            //Set not null value from altPassword attribute of this user
            if (userAlternativePassword.getValue() != null)
                altPassValue = (LinkedHashMap<String, String>) userAlternativePassword.getValue();
            //If password already exists, throw an exception
            if (!altPassValue.containsValue(passwordId))
                throw new PasswordDeletionFailedException("Password not found by ID.");
            //remove key with this value from map
            Set<String> keys = altPassValue.keySet();
            description = null;
            for (String key : keys) {
                String valueOfKey = altPassValue.get(key);
                if (valueOfKey.equals(passwordId)) {
                    if (description != null)
                        throw new ConsistencyErrorException("There is more than 1 password with same ID in value for user " + user);
                    description = key;
                }
            }
            if (description == null)
                throw new InternalErrorException("Password not found by ID.");
            altPassValue.remove(description);
            //set new value for altPassword attribute for this user
            userAlternativePassword.setValue(altPassValue);
            getPerunBl().getAttributesManagerBl().setAttribute(sess, user, userAlternativePassword);
        } catch (WrongAttributeAssignmentException ex) {
            throw new InternalErrorException(ex);
        } catch (AttributeNotExistsException ex) {
            throw new ConsistencyErrorException(ex);
        } catch (WrongAttributeValueException ex) {
            throw new InternalErrorException(ex);
        } catch (WrongReferenceAttributeValueException ex) {
            throw new InternalErrorException(ex);
        }
    } else {
        throw new InternalErrorException("Not supported operation " + operation);
    }
    Process process;
    try {
        process = pb.start();
    } catch (IOException e) {
        throw new InternalErrorException(e);
    }
    InputStream es = process.getErrorStream();
    //Set pasword in remote system
    if (operation.equals(PASSWORD_CREATE)) {
        OutputStream os = process.getOutputStream();
        if (password == null || password.isEmpty()) {
            throw new EmptyPasswordRuntimeException("Alternative password for " + loginNamespace + " cannot be empty.");
        }
        // Write password to the stdin of the program
        PrintWriter pw = new PrintWriter(os, true);
        pw.write(password);
        pw.close();
    }
    // If non-zero exit code is returned, then try to read error output
    try {
        if (process.waitFor() != 0) {
            if (process.exitValue() == 1) {
                //throw new PasswordDoesntMatchRuntimeException("Old password doesn't match for " + loginNamespace + ":" + userLogin + ".");
                throw new InternalErrorException("Alternative password manager returns unexpected return code: " + process.exitValue());
            } else if (process.exitValue() == 3) {
                //throw new PasswordChangeFailedRuntimeException("Password change failed for " + loginNamespace + ":" + userLogin + ".");
                throw new InternalErrorException("Alternative password manager returns unexpected return code: " + process.exitValue());
            } else if (process.exitValue() == 4) {
                throw new PasswordCreationFailedRuntimeException("Alternative password creation failed for " + user + ". Namespace: " + loginNamespace + ", description: " + description + ".");
            } else if (process.exitValue() == 5) {
                throw new PasswordDeletionFailedRuntimeException("Password deletion failed for " + user + ". Namespace: " + loginNamespace + ", passwordId: " + passwordId + ".");
            } else if (process.exitValue() == 6) {
                throw new LoginNotExistsRuntimeException("User doesn't exists in underlying system for namespace " + loginNamespace + ", user: " + user + ".");
            } else if (process.exitValue() == 7) {
                throw new InternalErrorException("Problem with creating user entry in underlying system " + loginNamespace + ", user: " + user + ".");
            } else {
                // Some other error occured
                BufferedReader inReader = new BufferedReader(new InputStreamReader(es));
                StringBuffer errorMsg = new StringBuffer();
                String line;
                try {
                    while ((line = inReader.readLine()) != null) {
                        errorMsg.append(line);
                    }
                } catch (IOException e) {
                    throw new InternalErrorException(e);
                }
                throw new InternalErrorException(errorMsg.toString());
            }
        }
    } catch (InterruptedException e) {
        throw new InternalErrorException(e);
    }
}

Example 2 with PasswordDeletionFailedRuntimeException

use of cz.metacentrum.perun.core.api.exceptions.rt.PasswordDeletionFailedRuntimeException in project perun by CESNET.

the class UsersManagerBlImpl method managePassword.

/**
	 * Calls external program which do the job with the password.
	 *
	 * Return codes of the external program
	 * If password check fails then return 1
	 * If there is no handler for loginNamespace return 2
	 * If setting of the new password failed return 3
	 *
	 * @param sess
	 * @param operation
	 * @param userLogin
	 * @param loginNamespace
	 * @param password
	 * @throws InternalErrorException
	 */
protected void managePassword(PerunSession sess, String operation, String userLogin, String loginNamespace, String password) throws InternalErrorException {
    // If new PWDMGR module exists, use-it
    PasswordManagerModule module = null;
    try {
        module = getPasswordManagerModule(sess, loginNamespace);
    } catch (Exception ex) {
    // silently skip
    }
    if (module != null) {
        if (operation.equals(PASSWORD_RESERVE)) {
            try {
                module.reservePassword(sess, userLogin, password);
                return;
            } catch (Exception ex) {
                throw new PasswordCreationFailedRuntimeException("Password creation failed for " + loginNamespace + ":" + userLogin + ".");
            }
        }
        if (operation.equals(PASSWORD_RESERVE_RANDOM)) {
            try {
                module.reserveRandomPassword(sess, userLogin);
                return;
            } catch (Exception ex) {
                throw new PasswordCreationFailedRuntimeException("Password creation failed for " + loginNamespace + ":" + userLogin + ".");
            }
        }
        if (operation.equals(PASSWORD_CHECK)) {
            try {
                module.checkPassword(sess, userLogin, password);
                return;
            } catch (Exception ex) {
                throw new PasswordDoesntMatchRuntimeException("Old password doesn't match for " + loginNamespace + ":" + userLogin + ".");
            }
        }
        if (operation.equals(PASSWORD_VALIDATE)) {
            module.validatePassword(sess, userLogin);
            return;
        }
        if (operation.equals(PASSWORD_CHANGE)) {
            try {
                module.changePassword(sess, userLogin, password);
                return;
            } catch (Exception ex) {
                throw new PasswordChangeFailedRuntimeException("Password change failed for " + loginNamespace + ":" + userLogin + ".");
            }
        }
        if (operation.equals(PASSWORD_DELETE)) {
            try {
                module.deletePassword(sess, userLogin);
                return;
            } catch (Exception ex) {
                throw new PasswordDeletionFailedRuntimeException("Password deletion failed for " + loginNamespace + ":" + userLogin + ".");
            }
        }
    }
    // use good old way
    // Check validity of original password
    ProcessBuilder pb = new ProcessBuilder(BeansUtils.getCoreConfig().getPasswordManagerProgram(), operation, loginNamespace, userLogin);
    Process process;
    try {
        process = pb.start();
    } catch (IOException e) {
        throw new InternalErrorException(e);
    }
    InputStream es = process.getErrorStream();
    if (operation.equals(PASSWORD_CHANGE) || operation.equals(PASSWORD_CHECK) || operation.equals(PASSWORD_RESERVE)) {
        OutputStream os = process.getOutputStream();
        if (password == null || password.isEmpty()) {
            throw new EmptyPasswordRuntimeException("Password for " + loginNamespace + ":" + userLogin + " cannot be empty.");
        }
        // Write password to the stdin of the program
        PrintWriter pw = new PrintWriter(os, true);
        pw.write(password);
        pw.close();
    }
    // If non-zero exit code is returned, then try to read error output
    try {
        if (process.waitFor() != 0) {
            if (process.exitValue() == 1) {
                throw new PasswordDoesntMatchRuntimeException("Old password doesn't match for " + loginNamespace + ":" + userLogin + ".");
            } else if (process.exitValue() == 3) {
                throw new PasswordChangeFailedRuntimeException("Password change failed for " + loginNamespace + ":" + userLogin + ".");
            } else if (process.exitValue() == 4) {
                throw new PasswordCreationFailedRuntimeException("Password creation failed for " + loginNamespace + ":" + userLogin + ".");
            } else if (process.exitValue() == 5) {
                throw new PasswordDeletionFailedRuntimeException("Password deletion failed for " + loginNamespace + ":" + userLogin + ".");
            } else if (process.exitValue() == 6) {
                throw new LoginNotExistsRuntimeException("User login doesn't exists in underlying system for " + loginNamespace + ":" + userLogin + ".");
            } else if (process.exitValue() == 11) {
                throw new PasswordStrengthFailedRuntimeException("Password to set doesn't match expected restrictions for " + loginNamespace + ":" + userLogin + ".");
            } else if (process.exitValue() == 12) {
                throw new PasswordOperationTimeoutRuntimeException("Operation with password exceeded expected limit for " + loginNamespace + ":" + userLogin + ".");
            } else {
                // Some other error occured
                BufferedReader inReader = new BufferedReader(new InputStreamReader(es));
                StringBuffer errorMsg = new StringBuffer();
                String line;
                try {
                    while ((line = inReader.readLine()) != null) {
                        errorMsg.append(line);
                    }
                } catch (IOException e) {
                    throw new InternalErrorException(e);
                }
                throw new InternalErrorException(errorMsg.toString());
            }
        }
    } catch (InterruptedException e) {
        throw new InternalErrorException(e);
    }
}

Example 3 with PasswordDeletionFailedRuntimeException

use of cz.metacentrum.perun.core.api.exceptions.rt.PasswordDeletionFailedRuntimeException in project perun by CESNET.

the class UsersManagerBlImpl method deletePassword.

@Override
public void deletePassword(PerunSession sess, String userLogin, String loginNamespace) throws LoginNotExistsException, PasswordDeletionFailedException, PasswordOperationTimeoutException, InvalidLoginException {
    log.info("Deleting password for {} in login-namespace {}.", userLogin, loginNamespace);
    // Delete the password
    PasswordManagerModule module = getPasswordManagerModule(sess, loginNamespace);
    try {
        module.deletePassword(sess, userLogin);
    } catch (PasswordDeletionFailedRuntimeException e) {
        throw new PasswordDeletionFailedException(e);
    } catch (LoginNotExistsRuntimeException e) {
        throw new LoginNotExistsException(e);
    } catch (PasswordOperationTimeoutRuntimeException e) {
        throw new PasswordOperationTimeoutException(e);
    } catch (InvalidLoginException e) {
        throw e;
    } catch (Exception ex) {
        // fallback for exception compatibility
        throw new PasswordDeletionFailedException("Password deletion failed for " + loginNamespace + ":" + userLogin + ".", ex);
    }
}

Example 4 with PasswordDeletionFailedRuntimeException

use of cz.metacentrum.perun.core.api.exceptions.rt.PasswordDeletionFailedRuntimeException in project perun by CESNET.

the class UsersManagerBlImpl method deletePassword.

@Override
public void deletePassword(PerunSession sess, User user, String loginNamespace) throws LoginNotExistsException, PasswordDeletionFailedException, PasswordOperationTimeoutException, InvalidLoginException {
    log.info("Deleting password for {} in login-namespace {}.", user, loginNamespace);
    // Delete the password
    PasswordManagerModule module = getPasswordManagerModule(sess, loginNamespace);
    try {
        Attribute attr = getPerunBl().getAttributesManagerBl().getAttribute(sess, user, AttributesManager.NS_USER_ATTR_DEF + ":" + AttributesManager.LOGIN_NAMESPACE + ":" + loginNamespace);
        if (attr.getValue() == null) {
            throw new LoginNotExistsException("Attribute containing login has empty value. Namespace: " + loginNamespace);
        }
        module.deletePassword(sess, attr.valueAsString());
    } catch (PasswordDeletionFailedRuntimeException e) {
        throw new PasswordDeletionFailedException(e);
    } catch (LoginNotExistsRuntimeException e) {
        throw new LoginNotExistsException(e);
    } catch (PasswordOperationTimeoutRuntimeException e) {
        throw new PasswordOperationTimeoutException(e);
    } catch (Exception ex) {
        // fallback for exception compatibility
        throw new PasswordDeletionFailedException("Password deletion failed for " + loginNamespace + ": " + user + ".", ex);
    }
}

Example 5 with PasswordDeletionFailedRuntimeException

use of cz.metacentrum.perun.core.api.exceptions.rt.PasswordDeletionFailedRuntimeException in project perun by CESNET.

the class EinfraPasswordManagerModule method deleteAlternativePassword.

@Override
public void deleteAlternativePassword(PerunSession sess, User user, String passwordId) {
    ProcessBuilder pb = new ProcessBuilder(altPasswordManagerProgram, PASSWORD_DELETE);
    // pass variables as ENV
    Map<String, String> env = pb.environment();
    env.put("PMGR_PASSWORD_ID", passwordId);
    String login = getEinfraLogin(sess, user);
    if (StringUtils.isNotBlank(login))
        env.put("PMGR_LOGIN", login);
    Process process;
    try {
        process = pb.start();
    } catch (IOException e) {
        throw new InternalErrorException(e);
    }
    handleAltPwdManagerExit(process, new PasswordDeletionFailedRuntimeException("Alternative password deletion failed for " + user + ". Namespace: " + actualLoginNamespace + ", passwordId: " + passwordId + "."));
}