Examples with SecurityCheck org.apache.airavata.service.security.interceptor.SecurityCheck used on opensource projects

Example 16 with SecurityCheck

use of org.apache.airavata.service.security.interceptor.SecurityCheck in project airavata by apache.

the class IamAdminServicesHandler method registerUser.

// ToDo: Will only be secure when using SSL between PGA and Airavata
@Override
@SecurityCheck
public boolean registerUser(AuthzToken authzToken, String username, String emailAddress, String firstName, String lastName, String newPassword) throws IamAdminServicesException, AuthorizationException {
    TenantManagementKeycloakImpl keycloakclient = new TenantManagementKeycloakImpl();
    String gatewayId = authzToken.getClaimsMap().get(Constants.GATEWAY_ID);
    try {
        PasswordCredential isRealmAdminCredentials = getTenantAdminPasswordCredential(gatewayId);
        if (keycloakclient.createUser(isRealmAdminCredentials, gatewayId, username, emailAddress, firstName, lastName, newPassword))
            return true;
        else
            return false;
    } catch (TException | ApplicationSettingsException ex) {
        String msg = "Error while registering user into Identity Server, reason: " + ex.getMessage();
        logger.error(msg, ex);
        throw new IamAdminServicesException(msg);
    }
}

Example 17 with SecurityCheck

use of org.apache.airavata.service.security.interceptor.SecurityCheck in project airavata by apache.

the class TenantProfileServiceHandler method updateGateway.

@Override
@SecurityCheck
public boolean updateGateway(AuthzToken authzToken, Gateway updatedGateway) throws TenantProfileServiceException, AuthorizationException, TException {
    try {
        // if admin password token changes then copy the admin password and store under this gateway id and then update the admin password token
        Gateway existingGateway = tenantProfileRepository.getGateway(updatedGateway.getAiravataInternalGatewayId());
        if (updatedGateway.getIdentityServerPasswordToken() != null && (existingGateway.getIdentityServerPasswordToken() == null || !existingGateway.getIdentityServerPasswordToken().equals(updatedGateway.getIdentityServerPasswordToken()))) {
            copyAdminPasswordToGateway(authzToken, updatedGateway);
        }
        if (tenantProfileRepository.update(updatedGateway) != null) {
            logger.debug("Updated gateway-profile with ID: " + updatedGateway.getGatewayId());
            // replicate tenant at end-places
            ProfileServiceUtils.getDbEventPublisher().publish(ProfileServiceUtils.getDBEventMessageContext(EntityType.TENANT, CrudType.UPDATE, updatedGateway), DBEventManagerConstants.getRoutingKey(DBEventService.DB_EVENT.toString()));
            return true;
        } else {
            return false;
        }
    } catch (Exception ex) {
        logger.error("Error updating gateway-profile, reason: " + ex.getMessage(), ex);
        TenantProfileServiceException exception = new TenantProfileServiceException();
        exception.setMessage("Error updating gateway-profile, reason: " + ex.getMessage());
        return false;
    }
}

Example 18 with SecurityCheck

use of org.apache.airavata.service.security.interceptor.SecurityCheck in project airavata by apache.

the class UserProfileServiceHandler method deleteUserProfile.

@Override
@SecurityCheck
public boolean deleteUserProfile(AuthzToken authzToken, String userId, String gatewayId) throws UserProfileServiceException, AuthorizationException, TException {
    try {
        // find user-profile
        UserProfile userProfile = userProfileRepository.getUserProfileByIdAndGateWay(userId, gatewayId);
        // delete user
        boolean deleteSuccess = userProfileRepository.delete(userId);
        logger.info("Delete UserProfile with userId: " + userId + ", " + (deleteSuccess ? "Success!" : "Failed!"));
        if (deleteSuccess) {
            // delete userProfile at end-places
            ProfileServiceUtils.getDbEventPublisher().publish(ProfileServiceUtils.getDBEventMessageContext(EntityType.USER_PROFILE, CrudType.DELETE, userProfile), DBEventManagerConstants.getRoutingKey(DBEventService.DB_EVENT.toString()));
        }
        return deleteSuccess;
    } catch (Exception e) {
        logger.error("Error while deleting user profile", e);
        UserProfileServiceException exception = new UserProfileServiceException();
        exception.setMessage("Error while deleting user profile. More info : " + e.getMessage());
        throw exception;
    }
}

Example 19 with SecurityCheck

use of org.apache.airavata.service.security.interceptor.SecurityCheck in project airavata by apache.

the class UserProfileServiceHandler method updateUserProfile.

@Override
@SecurityCheck
public boolean updateUserProfile(AuthzToken authzToken, UserProfile userProfile) throws UserProfileServiceException, AuthorizationException, TException {
    try {
        // After updating the user profile in the database but before committing the transaction, the
        // following will update the user profile in the IAM service also. If the update in the IAM service
        // fails then the transaction will be rolled back.
        Runnable iamUserProfileUpdater = getIAMUserProfileUpdater(authzToken, userProfile);
        if (userProfileRepository.updateUserProfile(userProfile, iamUserProfileUpdater) != null) {
            logger.info("Updated UserProfile with userId: " + userProfile.getUserId());
            // replicate userProfile at end-places
            ProfileServiceUtils.getDbEventPublisher().publish(ProfileServiceUtils.getDBEventMessageContext(EntityType.USER_PROFILE, CrudType.UPDATE, userProfile), DBEventManagerConstants.getRoutingKey(DBEventService.DB_EVENT.toString()));
            return true;
        }
        return false;
    } catch (Exception e) {
        logger.error("Error while Updating user profile", e);
        UserProfileServiceException exception = new UserProfileServiceException();
        exception.setMessage("Error while Updating user profile. More info : " + e.getMessage());
        throw exception;
    }
}

Example 20 with SecurityCheck

use of org.apache.airavata.service.security.interceptor.SecurityCheck in project airavata by apache.

the class AiravataServerHandler method getGateway.

@Override
@SecurityCheck
public Gateway getGateway(AuthzToken authzToken, String gatewayId) throws InvalidRequestException, AiravataClientException, AiravataSystemException, AuthorizationException, TException {
    RegistryService.Client regClient = registryClientPool.getResource();
    try {
        Gateway result = regClient.getGateway(gatewayId);
        registryClientPool.returnResource(regClient);
        return result;
    } catch (Exception e) {
        logger.error("Error while getting the gateway", e);
        AiravataSystemException exception = new AiravataSystemException();
        exception.setAiravataErrorType(AiravataErrorType.INTERNAL_ERROR);
        exception.setMessage("Error while getting the gateway. More info : " + e.getMessage());
        registryClientPool.returnBrokenResource(regClient);
        throw exception;
    }
}