Examples with AuthorizationException org.apache.airavata.model.error.AuthorizationException used on opensource projects

Example 1 with AuthorizationException

use of org.apache.airavata.model.error.AuthorizationException in project airavata by apache.

the class TenantProfileServiceHandler method updateGateway.

@Override
@SecurityCheck
public boolean updateGateway(AuthzToken authzToken, Gateway updatedGateway) throws TenantProfileServiceException, AuthorizationException, TException {
    try {
        // if admin password token changes then copy the admin password and store under this gateway id and then update the admin password token
        Gateway existingGateway = tenantProfileRepository.getGateway(updatedGateway.getAiravataInternalGatewayId());
        if (updatedGateway.getIdentityServerPasswordToken() != null && (existingGateway.getIdentityServerPasswordToken() == null || !existingGateway.getIdentityServerPasswordToken().equals(updatedGateway.getIdentityServerPasswordToken()))) {
            copyAdminPasswordToGateway(authzToken, updatedGateway);
        }
        if (tenantProfileRepository.update(updatedGateway) != null) {
            logger.debug("Updated gateway-profile with ID: " + updatedGateway.getGatewayId());
            // replicate tenant at end-places
            ProfileServiceUtils.getDbEventPublisher().publish(ProfileServiceUtils.getDBEventMessageContext(EntityType.TENANT, CrudType.UPDATE, updatedGateway), DBEventManagerConstants.getRoutingKey(DBEventService.DB_EVENT.toString()));
            return true;
        } else {
            return false;
        }
    } catch (Exception ex) {
        logger.error("Error updating gateway-profile, reason: " + ex.getMessage(), ex);
        TenantProfileServiceException exception = new TenantProfileServiceException();
        exception.setMessage("Error updating gateway-profile, reason: " + ex.getMessage());
        return false;
    }
}

Example 2 with AuthorizationException

use of org.apache.airavata.model.error.AuthorizationException in project airavata by apache.

the class UserProfileServiceHandler method deleteUserProfile.

@Override
@SecurityCheck
public boolean deleteUserProfile(AuthzToken authzToken, String userId, String gatewayId) throws UserProfileServiceException, AuthorizationException, TException {
    try {
        // find user-profile
        UserProfile userProfile = userProfileRepository.getUserProfileByIdAndGateWay(userId, gatewayId);
        // delete user
        boolean deleteSuccess = userProfileRepository.delete(userId);
        logger.info("Delete UserProfile with userId: " + userId + ", " + (deleteSuccess ? "Success!" : "Failed!"));
        if (deleteSuccess) {
            // delete userProfile at end-places
            ProfileServiceUtils.getDbEventPublisher().publish(ProfileServiceUtils.getDBEventMessageContext(EntityType.USER_PROFILE, CrudType.DELETE, userProfile), DBEventManagerConstants.getRoutingKey(DBEventService.DB_EVENT.toString()));
        }
        return deleteSuccess;
    } catch (Exception e) {
        logger.error("Error while deleting user profile", e);
        UserProfileServiceException exception = new UserProfileServiceException();
        exception.setMessage("Error while deleting user profile. More info : " + e.getMessage());
        throw exception;
    }
}

Example 3 with AuthorizationException

use of org.apache.airavata.model.error.AuthorizationException in project airavata by apache.

the class UserProfileServiceHandler method updateUserProfile.

@Override
@SecurityCheck
public boolean updateUserProfile(AuthzToken authzToken, UserProfile userProfile) throws UserProfileServiceException, AuthorizationException, TException {
    try {
        // After updating the user profile in the database but before committing the transaction, the
        // following will update the user profile in the IAM service also. If the update in the IAM service
        // fails then the transaction will be rolled back.
        Runnable iamUserProfileUpdater = getIAMUserProfileUpdater(authzToken, userProfile);
        if (userProfileRepository.updateUserProfile(userProfile, iamUserProfileUpdater) != null) {
            logger.info("Updated UserProfile with userId: " + userProfile.getUserId());
            // replicate userProfile at end-places
            ProfileServiceUtils.getDbEventPublisher().publish(ProfileServiceUtils.getDBEventMessageContext(EntityType.USER_PROFILE, CrudType.UPDATE, userProfile), DBEventManagerConstants.getRoutingKey(DBEventService.DB_EVENT.toString()));
            return true;
        }
        return false;
    } catch (Exception e) {
        logger.error("Error while Updating user profile", e);
        UserProfileServiceException exception = new UserProfileServiceException();
        exception.setMessage("Error while Updating user profile. More info : " + e.getMessage());
        throw exception;
    }
}

Example 4 with AuthorizationException

use of org.apache.airavata.model.error.AuthorizationException in project airavata by apache.

the class SecurityInterceptor method authorize.

private void authorize(AuthzToken authzToken, Map<String, String> metaData) throws AuthorizationException {
    try {
        boolean isAPISecured = ServerSettings.isAPISecured();
        if (isAPISecured) {
            AiravataSecurityManager securityManager = SecurityManagerFactory.getSecurityManager();
            boolean isAuthz = securityManager.isUserAuthorized(authzToken, metaData);
            if (!isAuthz) {
                throw new AuthorizationException("User is not authenticated or authorized.");
            }
        }
    } catch (AiravataSecurityException e) {
        logger.error(e.getMessage(), e);
        throw new AuthorizationException("Error in authenticating or authorizing user.");
    } catch (ApplicationSettingsException e) {
        logger.error(e.getMessage(), e);
        throw new AuthorizationException("Internal error in authenticating or authorizing user.");
    }
}

Example 5 with AuthorizationException

use of org.apache.airavata.model.error.AuthorizationException in project airavata by apache.

the class IamAdminServicesHandler method getUsersWithRole.

@Override
@SecurityCheck
public List<UserProfile> getUsersWithRole(AuthzToken authzToken, String roleName) throws IamAdminServicesException, AuthorizationException, TException {
    TenantManagementKeycloakImpl keycloakclient = new TenantManagementKeycloakImpl();
    String gatewayId = authzToken.getClaimsMap().get(Constants.GATEWAY_ID);
    try {
        PasswordCredential isRealmAdminCredentials = getTenantAdminPasswordCredential(gatewayId);
        return keycloakclient.getUsersWithRole(isRealmAdminCredentials, gatewayId, roleName);
    } catch (Exception ex) {
        String msg = "Error while retrieving users with role, reason: " + ex.getMessage();
        logger.error(msg, ex);
        throw new IamAdminServicesException(msg);
    }
}