Examples with UserException io.hops.hopsworks.exceptions.UserException used on opensource projects

Example 26 with UserException

use of io.hops.hopsworks.exceptions.UserException in project hopsworks by logicalclocks.

the class SecretsController method validateAndCreateSecret.

/**
 * Validates parameters required to create a secret and creates the secret
 *
 * @param secretId combination of userId and secretName
 * @param user
 * @param secret in plain text
 * @param visibilityType
 * @param projectIdScope
 * @return created secret object
 * @throws UserException
 */
public Secret validateAndCreateSecret(SecretId secretId, Users user, String secret, VisibilityType visibilityType, Integer projectIdScope) throws UserException {
    checkIfUserIsNull(user);
    checkIfNameIsNullOrEmpty(secretId.getName());
    if (Strings.isNullOrEmpty(secretId.getName()) || Strings.isNullOrEmpty(secret)) {
        throw new UserException(RESTCodes.UserErrorCode.SECRET_EMPTY, Level.FINE, "Secret value is either null or empty", "Secret name or value is empty or null");
    }
    try {
        Secret storedSecret = new Secret(secretId, encryptSecret(secret), DateUtils.localDateTime2Date(DateUtils.getNow()));
        storedSecret.setVisibilityType(visibilityType);
        if (visibilityType.equals(VisibilityType.PRIVATE)) {
            // When the user adds secrets without closing the UI modal
            // they might change visibility to Private but a Project from
            // the previous attempt is still selected
            storedSecret.setProjectIdScope(null);
        } else {
            if (projectIdScope == null) {
                throw new UserException(RESTCodes.UserErrorCode.SECRET_EMPTY, Level.FINE, "Secret visibility is PROJECT but there is not Project ID scope", "Project scope for shared secret " + secretId.getName() + " is null");
            }
            if (projectFacade.find(projectIdScope) == null) {
                throw new UserException(RESTCodes.UserErrorCode.SECRET_EMPTY, Level.FINE, "Could not find a project for Project ID scope " + projectIdScope);
            }
            storedSecret.setProjectIdScope(projectIdScope);
        }
        return storedSecret;
    } catch (IOException | GeneralSecurityException ex) {
        throw new UserException(RESTCodes.UserErrorCode.SECRET_ENCRYPTION_ERROR, Level.SEVERE, "Error encrypting secret", "Could not encrypt Secret " + secretId.getName(), ex);
    }
}

Example 27 with UserException

use of io.hops.hopsworks.exceptions.UserException in project hopsworks by logicalclocks.

the class SecretsController method getShared.

/**
 * Gets a decrypted shared secret depending on its Visibility. It will throw an exception
 * if the Visibility was set to PRIVATE or the caller is not member of the Project
 * the Secret is shared with.
 *
 * @param caller The user who requested the Secret
 * @param ownerUser the user owner of the secret
 * @param secretName Identifier of the Secret
 * @return The decrypted Secret
 * @throws UserException
 * @throws ServiceException
 * @throws ProjectException
 */
public SecretPlaintext getShared(Users caller, Users ownerUser, String secretName) throws UserException, ServiceException, ProjectException {
    checkIfUserIsNull(caller);
    checkIfNameIsNullOrEmpty(secretName);
    checkIfUserIsNull(ownerUser);
    Secret storedSecret = secretsFacade.findById(new SecretId(ownerUser.getUid(), secretName));
    checkIfSecretIsNull(storedSecret, secretName, ownerUser);
    if (storedSecret.getVisibilityType() == null || storedSecret.getVisibilityType().equals(VisibilityType.PRIVATE)) {
        throw new UserException(RESTCodes.UserErrorCode.ACCESS_CONTROL, Level.FINE, "Secret is Private", "User " + caller.getUsername() + " requested PRIVATE secret <" + ownerUser.getUid() + ", " + secretName + ">");
    }
    Integer projectId = storedSecret.getProjectIdScope();
    if (projectId == null) {
        throw new ServiceException(RESTCodes.ServiceErrorCode.SERVICE_GENERIC_ERROR, Level.WARNING, "Visibility's Project ID is empty", "Secret " + secretName + " visibility is PROJECT but Project ID is null");
    }
    Project project = projectFacade.find(projectId);
    if (project == null) {
        throw new ProjectException(RESTCodes.ProjectErrorCode.PROJECT_NOT_FOUND, Level.FINE, "Project with ID " + projectId + " does not exist!", "User " + caller.getUsername() + " requested shared Secret " + secretName + " but Project with ID " + projectId + "does not exist");
    }
    // Check if caller is member of the Project
    for (ProjectTeam projectTeam : project.getProjectTeamCollection()) {
        if (caller.getUid().equals(projectTeam.getUser().getUid())) {
            try {
                return decrypt(ownerUser, storedSecret);
            } catch (IOException | GeneralSecurityException ex) {
                throw new UserException(RESTCodes.UserErrorCode.SECRET_ENCRYPTION_ERROR, Level.SEVERE, "Error decrypting Secret", "Could not decrypt Secret " + secretName, ex);
            }
        }
    }
    // Check if caller is a member of some shared project
    throw new UserException(RESTCodes.UserErrorCode.ACCESS_CONTROL, Level.FINE, "Not authorized to access Secret " + secretName, "User " + caller.getUsername() + " tried to access shared Secret " + secretName + " but they are not member of Project " + project.getName());
}

Example 28 with UserException

use of io.hops.hopsworks.exceptions.UserException in project hopsworks by logicalclocks.

the class SecretsController method delete.

/**
 * Deletes a Secret associated with a user. It does NOT throw an exception if
 * the secret does not exist
 *
 * @param user The user who owns the key
 * @param secretName The name of the Secret
 * @throws UserException
 */
public void delete(Users user, String secretName) throws UserException {
    checkIfUserIsNull(user);
    checkIfNameIsNullOrEmpty(secretName);
    SecretId secretId = new SecretId(user.getUid(), secretName);
    try {
        secretsFacade.deleteSecret(secretId);
    } catch (EJBException de) {
        Throwable rootCause = getRootCause(de);
        if (rootCause instanceof SQLIntegrityConstraintViolationException) {
            throw new UserException(RESTCodes.UserErrorCode.SECRET_DELETION_FAILED, Level.FINE, "Cannot delete secret. " + "Secret is in use by a connector. Try deleting the connector first. ", rootCause.getMessage());
        } else {
            throw de;
        }
    }
}

Example 29 with UserException

use of io.hops.hopsworks.exceptions.UserException in project hopsworks by logicalclocks.

the class AuthController method validateOTP.

/**
 * Validate one time password if user is already authenticated
 * @param user
 * @param otpStr
 * @throws UserException
 */
public void validateOTP(Users user, String otpStr) throws UserException {
    int otp;
    try {
        otp = Integer.parseInt(otpStr);
    } catch (NumberFormatException e) {
        throw new UserException(RESTCodes.UserErrorCode.INVALID_OTP, Level.FINE, "OTP not an integer");
    }
    if (user == null) {
        throw new UserException(RESTCodes.UserErrorCode.USER_DOES_NOT_EXIST, Level.FINE, "User not found");
    }
    boolean valid = checkCode(user.getSecret(), otp);
    if (!valid) {
        throw new UserException(RESTCodes.UserErrorCode.INVALID_OTP, Level.FINE);
    }
}

Example 30 with UserException

use of io.hops.hopsworks.exceptions.UserException in project hopsworks by logicalclocks.

the class X509Resource method getx509.

@GET
@TransactionAttribute(TransactionAttributeType.NEVER)
@Produces(MediaType.APPLICATION_JSON)
@JWTRequired(acceptedTokens = { Audience.SERVICES, Audience.API }, allowedUserRoles = { "AGENT", "HOPS_ADMIN" })
@ApiOperation(value = "Get keystore, truststore and password of a project user", response = AccessCredentialsDTO.class)
public Response getx509(@QueryParam("username") String projectUsername, @Context SecurityContext sc) throws ProjectException, UserException, HopsSecurityException {
    try {
        String projectName = hdfsUsersController.getProjectName(projectUsername);
        String username = hdfsUsersController.getUserName(projectUsername);
        Project project = projectController.findProjectByName(projectName);
        Users user = userFacade.findByUsername(username);
        if (user == null) {
            throw new UserException(RESTCodes.UserErrorCode.USER_DOES_NOT_EXIST, Level.FINE);
        }
        try {
            AccessCredentialsDTO credentialsDTO = projectController.credentials(project.getId(), user);
            return Response.ok(credentialsDTO).build();
        } catch (DatasetException ex) {
            throw new HopsSecurityException(RESTCodes.SecurityErrorCode.CERTIFICATE_NOT_FOUND, Level.FINE);
        }
    } catch (ArrayIndexOutOfBoundsException ex) {
        throw new UserException(RESTCodes.UserErrorCode.USER_WAS_NOT_FOUND, Level.FINE, "Invalid project user format for username: " + projectUsername);
    }
}