Examples with SecurityCheck org.apache.airavata.service.security.interceptor.SecurityCheck used on opensource projects

Example 6 with SecurityCheck

use of org.apache.airavata.service.security.interceptor.SecurityCheck in project airavata by apache.

the class AiravataServerHandler method getWorkflow.

@Override
@SecurityCheck
public WorkflowModel getWorkflow(AuthzToken authzToken, String workflowTemplateId) throws InvalidRequestException, AiravataClientException, AuthorizationException, AiravataSystemException, TException {
    RegistryService.Client regClient = registryClientPool.getResource();
    try {
        WorkflowModel result = regClient.getWorkflow(workflowTemplateId);
        registryClientPool.returnResource(regClient);
        return result;
    } catch (Exception e) {
        String msg = "Error in retrieving the workflow " + workflowTemplateId + ".";
        logger.error(msg, e);
        AiravataSystemException exception = new AiravataSystemException(AiravataErrorType.INTERNAL_ERROR);
        exception.setMessage(msg + " More info : " + e.getMessage());
        registryClientPool.returnBrokenResource(regClient);
        throw exception;
    }
}

Example 7 with SecurityCheck

use of org.apache.airavata.service.security.interceptor.SecurityCheck in project airavata by apache.

the class AiravataServerHandler method cloneApplicationInterface.

@Override
@SecurityCheck
public String cloneApplicationInterface(AuthzToken authzToken, String existingAppInterfaceID, String newApplicationName, String gatewayId) throws InvalidRequestException, AiravataClientException, AiravataSystemException, AuthorizationException, TException {
    RegistryService.Client regClient = registryClientPool.getResource();
    try {
        ApplicationInterfaceDescription existingInterface = regClient.getApplicationInterface(existingAppInterfaceID);
        if (existingInterface == null) {
            logger.error("Provided application interface does not exist.Please provide a valid application interface id...");
            throw new AiravataSystemException(AiravataErrorType.INTERNAL_ERROR);
        }
        existingInterface.setApplicationName(newApplicationName);
        existingInterface.setApplicationInterfaceId(airavata_commonsConstants.DEFAULT_ID);
        String interfaceId = regClient.registerApplicationInterface(gatewayId, existingInterface);
        logger.debug("Airavata cloned application interface : " + existingAppInterfaceID + " for gateway id : " + gatewayId);
        registryClientPool.returnResource(regClient);
        return interfaceId;
    } catch (Exception e) {
        logger.error("Error while adding application interface...", e);
        AiravataSystemException exception = new AiravataSystemException();
        exception.setAiravataErrorType(AiravataErrorType.INTERNAL_ERROR);
        exception.setMessage("Error while adding application interface. More info : " + e.getMessage());
        registryClientPool.returnBrokenResource(regClient);
        throw exception;
    }
}

Example 8 with SecurityCheck

use of org.apache.airavata.service.security.interceptor.SecurityCheck in project airavata by apache.

the class AiravataServerHandler method getProject.

/**
 * Get a Project by ID
 *
 * @param projectId
 */
@Override
@SecurityCheck
public Project getProject(AuthzToken authzToken, String projectId) throws InvalidRequestException, AiravataClientException, AiravataSystemException, ProjectNotFoundException, AuthorizationException, TException {
    RegistryService.Client regClient = registryClientPool.getResource();
    SharingRegistryService.Client sharingClient = sharingClientPool.getResource();
    try {
        Project project = regClient.getProject(projectId);
        if (authzToken.getClaimsMap().get(org.apache.airavata.common.utils.Constants.USER_NAME).equals(project.getOwner()) && authzToken.getClaimsMap().get(org.apache.airavata.common.utils.Constants.GATEWAY_ID).equals(project.getGatewayId())) {
            registryClientPool.returnResource(regClient);
            sharingClientPool.returnResource(sharingClient);
            return project;
        } else if (ServerSettings.isEnableSharing()) {
            try {
                String gatewayId = authzToken.getClaimsMap().get(Constants.GATEWAY_ID);
                String userId = authzToken.getClaimsMap().get(Constants.USER_NAME);
                if (!sharingClient.userHasAccess(gatewayId, userId + "@" + gatewayId, projectId, gatewayId + ":READ")) {
                    throw new AuthorizationException("User does not have permission to access this resource");
                }
                registryClientPool.returnResource(regClient);
                sharingClientPool.returnResource(sharingClient);
                return project;
            } catch (Exception e) {
                throw new AuthorizationException("User does not have permission to access this resource");
            }
        } else {
            registryClientPool.returnResource(regClient);
            sharingClientPool.returnResource(sharingClient);
            return null;
        }
    } catch (Exception e) {
        logger.error("Error while retrieving the project", e);
        ProjectNotFoundException exception = new ProjectNotFoundException();
        exception.setMessage("Error while retrieving the project. More info : " + e.getMessage());
        registryClientPool.returnBrokenResource(regClient);
        sharingClientPool.returnBrokenResource(sharingClient);
        throw exception;
    }
}

Example 9 with SecurityCheck

use of org.apache.airavata.service.security.interceptor.SecurityCheck in project airavata by apache.

the class AiravataServerHandler method getUserResourceProfile.

/**
 * Fetch the given User Resource Profile.
 *
 * @param userId The identifier for the requested User resource
 *
 * @param gatewayID The identifier to link a gateway for the requested User resource
 *
 * @return userResourceProfile
 * User Resource Profile Object.
 */
@Override
@SecurityCheck
public UserResourceProfile getUserResourceProfile(AuthzToken authzToken, String userId, String gatewayID) throws InvalidRequestException, AiravataClientException, AiravataSystemException, AuthorizationException, TException {
    RegistryService.Client regClient = registryClientPool.getResource();
    try {
        UserResourceProfile result = regClient.getUserResourceProfile(userId, gatewayID);
        registryClientPool.returnResource(regClient);
        return result;
    } catch (Exception e) {
        logger.error(userId, "Error while retrieving user resource profile...", e);
        AiravataSystemException exception = new AiravataSystemException();
        exception.setAiravataErrorType(AiravataErrorType.INTERNAL_ERROR);
        exception.setMessage("Error while retrieving user resource profile. More info : " + e.getMessage());
        registryClientPool.returnBrokenResource(regClient);
        throw exception;
    }
}

Example 10 with SecurityCheck

use of org.apache.airavata.service.security.interceptor.SecurityCheck in project airavata by apache.

the class AiravataServerHandler method getDataProduct.

@Override
@SecurityCheck
public DataProductModel getDataProduct(AuthzToken authzToken, String productUri) throws InvalidRequestException, AiravataClientException, AiravataSystemException, AuthorizationException, TException {
    RegistryService.Client regClient = registryClientPool.getResource();
    try {
        DataProductModel result = regClient.getDataProduct(productUri);
        registryClientPool.returnResource(regClient);
        return result;
    } catch (Exception e) {
        String msg = "Error in retreiving the data product " + productUri + ".";
        logger.error(msg, e);
        AiravataSystemException exception = new AiravataSystemException(AiravataErrorType.INTERNAL_ERROR);
        exception.setMessage(msg + " More info : " + e.getMessage());
        registryClientPool.returnBrokenResource(regClient);
        throw exception;
    }
}