Examples with SecurityCheck org.apache.airavata.service.security.interceptor.SecurityCheck used on opensource projects

Example 1 with SecurityCheck

use of org.apache.airavata.service.security.interceptor.SecurityCheck in project airavata by apache.

the class AiravataServerHandler method getApplicationInterface.

/**
 * Fetch a Application Interface.
 *
 * @param appInterfaceId The identifier for the requested application module
 * @return applicationInterface
 * Returns a application Interface Object.
 */
@Override
@SecurityCheck
public ApplicationInterfaceDescription getApplicationInterface(AuthzToken authzToken, String appInterfaceId) throws InvalidRequestException, AiravataClientException, AiravataSystemException, AuthorizationException, TException {
    RegistryService.Client regClient = registryClientPool.getResource();
    try {
        ApplicationInterfaceDescription result = regClient.getApplicationInterface(appInterfaceId);
        registryClientPool.returnResource(regClient);
        return result;
    } catch (Exception e) {
        logger.error(appInterfaceId, "Error while retrieving application interface...", e);
        AiravataSystemException exception = new AiravataSystemException();
        exception.setAiravataErrorType(AiravataErrorType.INTERNAL_ERROR);
        exception.setMessage("Error while retrieving application interface. More info : " + e.getMessage());
        registryClientPool.returnBrokenResource(regClient);
        throw exception;
    }
}

Example 2 with SecurityCheck

use of org.apache.airavata.service.security.interceptor.SecurityCheck in project airavata by apache.

the class AiravataServerHandler method getApplicationDeployment.

/**
 * Fetch a Application Deployment.
 *
 * @param appDeploymentId The identifier for the requested application module
 * @return applicationDeployment
 * Returns a application Deployment Object.
 */
@Override
@SecurityCheck
public ApplicationDeploymentDescription getApplicationDeployment(AuthzToken authzToken, String appDeploymentId) throws InvalidRequestException, AiravataClientException, AiravataSystemException, AuthorizationException, TException {
    RegistryService.Client regClient = registryClientPool.getResource();
    try {
        ApplicationDeploymentDescription result = regClient.getApplicationDeployment(appDeploymentId);
        registryClientPool.returnResource(regClient);
        return result;
    } catch (Exception e) {
        logger.error(appDeploymentId, "Error while retrieving application deployment...", e);
        AiravataSystemException exception = new AiravataSystemException();
        exception.setAiravataErrorType(AiravataErrorType.INTERNAL_ERROR);
        exception.setMessage("Error while retrieving application deployment. More info : " + e.getMessage());
        registryClientPool.returnBrokenResource(regClient);
        throw exception;
    }
}

Example 3 with SecurityCheck

use of org.apache.airavata.service.security.interceptor.SecurityCheck in project airavata by apache.

the class AiravataServerHandler method deleteProject.

@Override
@SecurityCheck
public boolean deleteProject(AuthzToken authzToken, String projectId) throws InvalidRequestException, AiravataClientException, AiravataSystemException, ProjectNotFoundException, AuthorizationException, TException {
    RegistryService.Client regClient = registryClientPool.getResource();
    SharingRegistryService.Client sharingClient = sharingClientPool.getResource();
    try {
        Project existingProject = regClient.getProject(projectId);
        if (ServerSettings.isEnableSharing() && !authzToken.getClaimsMap().get(org.apache.airavata.common.utils.Constants.USER_NAME).equals(existingProject.getOwner()) || !authzToken.getClaimsMap().get(org.apache.airavata.common.utils.Constants.GATEWAY_ID).equals(existingProject.getGatewayId())) {
            try {
                String gatewayId = authzToken.getClaimsMap().get(Constants.GATEWAY_ID);
                String userId = authzToken.getClaimsMap().get(Constants.USER_NAME);
                if (!sharingClient.userHasAccess(gatewayId, userId + "@" + gatewayId, projectId, gatewayId + ":WRITE")) {
                    throw new AuthorizationException("User does not have permission to access this resource");
                }
            } catch (Exception e) {
                throw new AuthorizationException("User does not have permission to access this resource");
            }
        }
        boolean ret = regClient.deleteProject(projectId);
        logger.debug("Airavata deleted project with project Id : " + projectId);
        registryClientPool.returnResource(regClient);
        sharingClientPool.returnResource(sharingClient);
        return ret;
    } catch (Exception e) {
        logger.error("Error while removing the project", e);
        ProjectNotFoundException exception = new ProjectNotFoundException();
        exception.setMessage("Error while removing the project. More info : " + e.getMessage());
        registryClientPool.returnBrokenResource(regClient);
        sharingClientPool.returnBrokenResource(sharingClient);
        throw exception;
    }
}

Example 4 with SecurityCheck

use of org.apache.airavata.service.security.interceptor.SecurityCheck in project airavata by apache.

the class AiravataServerHandler method getGatewayStoragePreference.

@Override
@SecurityCheck
public StoragePreference getGatewayStoragePreference(AuthzToken authzToken, String gatewayID, String storageId) throws InvalidRequestException, AiravataClientException, AiravataSystemException, AuthorizationException, TException {
    RegistryService.Client regClient = registryClientPool.getResource();
    try {
        StoragePreference result = regClient.getGatewayStoragePreference(gatewayID, storageId);
        registryClientPool.returnResource(regClient);
        return result;
    } catch (Exception e) {
        logger.error(gatewayID, "Error while reading gateway data storage preference...", e);
        AiravataSystemException exception = new AiravataSystemException();
        exception.setAiravataErrorType(AiravataErrorType.INTERNAL_ERROR);
        exception.setMessage("Error while reading gateway data storage preference. More info : " + e.getMessage());
        registryClientPool.returnBrokenResource(regClient);
        throw exception;
    }
}

Example 5 with SecurityCheck

use of org.apache.airavata.service.security.interceptor.SecurityCheck in project airavata by apache.

the class AiravataServerHandler method getGatewayResourceProfile.

/**
 * Fetch the given Gateway Resource Profile.
 *
 * @param gatewayID The identifier for the requested gateway resource
 * @return gatewayResourceProfile
 * Gateway Resource Profile Object.
 */
@Override
@SecurityCheck
public GatewayResourceProfile getGatewayResourceProfile(AuthzToken authzToken, String gatewayID) throws InvalidRequestException, AiravataClientException, AiravataSystemException, AuthorizationException, TException {
    RegistryService.Client regClient = registryClientPool.getResource();
    try {
        GatewayResourceProfile result = regClient.getGatewayResourceProfile(gatewayID);
        registryClientPool.returnResource(regClient);
        return result;
    } catch (Exception e) {
        logger.error(gatewayID, "Error while retrieving gateway resource profile...", e);
        AiravataSystemException exception = new AiravataSystemException();
        exception.setAiravataErrorType(AiravataErrorType.INTERNAL_ERROR);
        exception.setMessage("Error while retrieving gateway resource profile. More info : " + e.getMessage());
        registryClientPool.returnBrokenResource(regClient);
        throw exception;
    }
}