Example 21 with SecurityCheck
use of org.apache.airavata.service.security.interceptor.SecurityCheck in project airavata by apache.
the class AiravataServerHandler method getGatewayComputeResourcePreference.
/**
* Fetch a Compute Resource Preference of a registered gateway profile.
*
* @param gatewayID The identifier for the gateway profile to be requested
* @param computeResourceId Preferences related to a particular compute resource
* @return computeResourcePreference
* Returns the ComputeResourcePreference object.
*/
@Override
@SecurityCheck
public ComputeResourcePreference getGatewayComputeResourcePreference(AuthzToken authzToken, String gatewayID, String computeResourceId) throws InvalidRequestException, AiravataClientException, AiravataSystemException, AuthorizationException, TException {
RegistryService.Client regClient = registryClientPool.getResource();
try {
ComputeResourcePreference result = regClient.getGatewayComputeResourcePreference(gatewayID, computeResourceId);
registryClientPool.returnResource(regClient);
return result;
} catch (Exception e) {
logger.error(gatewayID, "Error while reading gateway compute resource preference...", e);
AiravataSystemException exception = new AiravataSystemException();
exception.setAiravataErrorType(AiravataErrorType.INTERNAL_ERROR);
exception.setMessage("Error while reading gateway compute resource preference. More info : " + e.getMessage());
registryClientPool.returnBrokenResource(regClient);
throw exception;
}
}
Also used :
UserComputeResourcePreference(org.apache.airavata.model.appcatalog.userresourceprofile.UserComputeResourcePreference)
ComputeResourcePreference(org.apache.airavata.model.appcatalog.gatewayprofile.ComputeResourcePreference)
RegistryService(org.apache.airavata.registry.api.RegistryService)
SharingRegistryService(org.apache.airavata.sharing.registry.service.cpi.SharingRegistryService)
RegistryServiceException(org.apache.airavata.registry.api.exception.RegistryServiceException)
CredentialStoreException(org.apache.airavata.credential.store.exception.CredentialStoreException)
AiravataException(org.apache.airavata.common.exception.AiravataException)
TException(org.apache.thrift.TException)
ApplicationSettingsException(org.apache.airavata.common.exception.ApplicationSettingsException)
SecurityCheck(org.apache.airavata.service.security.interceptor.SecurityCheck)
Example 22 with SecurityCheck
use of org.apache.airavata.service.security.interceptor.SecurityCheck in project airavata by apache.
the class AiravataServerHandler method setupUserComputeResourcePreferencesForSSH.
@Override
@SecurityCheck
public UserComputeResourcePreference setupUserComputeResourcePreferencesForSSH(AuthzToken authzToken, String computeResourceId, String userId, String airavataCredStoreToken) throws InvalidRequestException, AiravataClientException, AiravataSystemException, AuthorizationException, TException {
String gatewayId = authzToken.getClaimsMap().get(Constants.GATEWAY_ID);
CredentialStoreService.Client csClient = csClientPool.getResource();
SSHCredential sshCredential = null;
try {
sshCredential = csClient.getSSHCredential(airavataCredStoreToken, gatewayId);
} catch (Exception e) {
logger.error("Error occurred while retrieving SSH Credential", e);
AiravataSystemException exception = new AiravataSystemException();
exception.setAiravataErrorType(AiravataErrorType.INTERNAL_ERROR);
exception.setMessage("Error occurred while retrieving SSH Credential. More info : " + e.getMessage());
csClientPool.returnBrokenResource(csClient);
throw exception;
}
try {
UserComputeResourcePreference userComputeResourcePreference = SSHAccountManager.setupSSHAccount(gatewayId, computeResourceId, userId, sshCredential);
return userComputeResourcePreference;
} catch (Exception e) {
logger.error("Error occurred while automatically setting up SSH account for user [" + userId + "]", e);
AiravataSystemException exception = new AiravataSystemException();
exception.setAiravataErrorType(AiravataErrorType.INTERNAL_ERROR);
exception.setMessage("Error occurred while automatically setting up SSH account for user [" + userId + "]. More info : " + e.getMessage());
throw exception;
}
}
Also used :
UserComputeResourcePreference(org.apache.airavata.model.appcatalog.userresourceprofile.UserComputeResourcePreference)
CredentialStoreService(org.apache.airavata.credential.store.cpi.CredentialStoreService)
RegistryServiceException(org.apache.airavata.registry.api.exception.RegistryServiceException)
CredentialStoreException(org.apache.airavata.credential.store.exception.CredentialStoreException)
AiravataException(org.apache.airavata.common.exception.AiravataException)
TException(org.apache.thrift.TException)
ApplicationSettingsException(org.apache.airavata.common.exception.ApplicationSettingsException)
SecurityCheck(org.apache.airavata.service.security.interceptor.SecurityCheck)
Example 23 with SecurityCheck
use of org.apache.airavata.service.security.interceptor.SecurityCheck in project airavata by apache.
the class AiravataServerHandler method updateProject.
@Override
@SecurityCheck
public void updateProject(AuthzToken authzToken, String projectId, Project updatedProject) throws InvalidRequestException, AiravataClientException, AiravataSystemException, ProjectNotFoundException, AuthorizationException, TException {
RegistryService.Client regClient = registryClientPool.getResource();
SharingRegistryService.Client sharingClient = sharingClientPool.getResource();
try {
Project existingProject = regClient.getProject(projectId);
if (ServerSettings.isEnableSharing() && !authzToken.getClaimsMap().get(org.apache.airavata.common.utils.Constants.USER_NAME).equals(existingProject.getOwner()) || !authzToken.getClaimsMap().get(org.apache.airavata.common.utils.Constants.GATEWAY_ID).equals(existingProject.getGatewayId())) {
try {
String gatewayId = authzToken.getClaimsMap().get(Constants.GATEWAY_ID);
String userId = authzToken.getClaimsMap().get(Constants.USER_NAME);
if (!sharingClient.userHasAccess(gatewayId, userId + "@" + gatewayId, projectId, gatewayId + ":WRITE")) {
throw new AuthorizationException("User does not have permission to access this resource");
}
} catch (Exception e) {
throw new AuthorizationException("User does not have permission to access this resource");
}
}
if (!updatedProject.getOwner().equals(existingProject.getOwner())) {
throw new InvalidRequestException("Owner of a project cannot be changed");
}
if (!updatedProject.getGatewayId().equals(existingProject.getGatewayId())) {
throw new InvalidRequestException("Gateway ID of a project cannot be changed");
}
regClient.updateProject(projectId, updatedProject);
logger.debug("Airavata updated project with project Id : " + projectId);
registryClientPool.returnResource(regClient);
sharingClientPool.returnResource(sharingClient);
} catch (Exception e) {
logger.error("Error while updating the project", e);
AiravataSystemException exception = new AiravataSystemException();
exception.setAiravataErrorType(AiravataErrorType.INTERNAL_ERROR);
exception.setMessage("Error while updating the project. More info : " + e.getMessage());
registryClientPool.returnBrokenResource(regClient);
sharingClientPool.returnBrokenResource(sharingClient);
throw exception;
}
}
Also used :
Project(org.apache.airavata.model.workspace.Project)
SharingRegistryService(org.apache.airavata.sharing.registry.service.cpi.SharingRegistryService)
RegistryService(org.apache.airavata.registry.api.RegistryService)
SharingRegistryService(org.apache.airavata.sharing.registry.service.cpi.SharingRegistryService)
RegistryServiceException(org.apache.airavata.registry.api.exception.RegistryServiceException)
CredentialStoreException(org.apache.airavata.credential.store.exception.CredentialStoreException)
AiravataException(org.apache.airavata.common.exception.AiravataException)
TException(org.apache.thrift.TException)
ApplicationSettingsException(org.apache.airavata.common.exception.ApplicationSettingsException)
SecurityCheck(org.apache.airavata.service.security.interceptor.SecurityCheck)
Example 24 with SecurityCheck
use of org.apache.airavata.service.security.interceptor.SecurityCheck in project airavata by apache.
the class AiravataServerHandler method getParentDataProduct.
@Override
@SecurityCheck
public DataProductModel getParentDataProduct(AuthzToken authzToken, String productUri) throws InvalidRequestException, AiravataClientException, AiravataSystemException, AuthorizationException, TException {
RegistryService.Client regClient = registryClientPool.getResource();
try {
DataProductModel result = regClient.getParentDataProduct(productUri);
registryClientPool.returnResource(regClient);
return result;
} catch (Exception e) {
String msg = "Error in retreiving the parent data product for " + productUri + ".";
logger.error(msg, e);
AiravataSystemException exception = new AiravataSystemException(AiravataErrorType.INTERNAL_ERROR);
exception.setMessage(msg + " More info : " + e.getMessage());
registryClientPool.returnBrokenResource(regClient);
throw exception;
}
}
Also used :
RegistryService(org.apache.airavata.registry.api.RegistryService)
SharingRegistryService(org.apache.airavata.sharing.registry.service.cpi.SharingRegistryService)
RegistryServiceException(org.apache.airavata.registry.api.exception.RegistryServiceException)
CredentialStoreException(org.apache.airavata.credential.store.exception.CredentialStoreException)
AiravataException(org.apache.airavata.common.exception.AiravataException)
TException(org.apache.thrift.TException)
ApplicationSettingsException(org.apache.airavata.common.exception.ApplicationSettingsException)
DataProductModel(org.apache.airavata.model.data.replica.DataProductModel)
SecurityCheck(org.apache.airavata.service.security.interceptor.SecurityCheck)
Example 25 with SecurityCheck
use of org.apache.airavata.service.security.interceptor.SecurityCheck in project airavata by apache.
the class AiravataServerHandler method getGroup.
@Override
@SecurityCheck
public GroupModel getGroup(AuthzToken authzToken, String groupId) throws InvalidRequestException, AiravataClientException, AiravataSystemException, AuthorizationException, TException {
try {
SharingRegistryService.Client sharingClient = sharingClientPool.getResource();
UserGroup userGroup = sharingClient.getGroup(authzToken.getClaimsMap().get(Constants.GATEWAY_ID), groupId);
GroupModel groupModel = new GroupModel();
groupModel.setId(userGroup.getGroupId());
groupModel.setName(userGroup.getName());
groupModel.setDescription(userGroup.getDescription());
groupModel.setOwnerId(userGroup.getOwnerId());
sharingClient.getGroupMembersOfTypeUser(authzToken.getClaimsMap().get(Constants.GATEWAY_ID), groupId, 0, -1).stream().forEach(user -> groupModel.addToMembers(user.getUserId()));
return groupModel;
} catch (Exception e) {
String msg = "Error Retreiving Group. Group ID: " + groupId;
logger.error(msg, e);
AiravataSystemException exception = new AiravataSystemException(AiravataErrorType.INTERNAL_ERROR);
exception.setMessage(msg + " More info : " + e.getMessage());
throw exception;
}
}
Also used :
SharingRegistryService(org.apache.airavata.sharing.registry.service.cpi.SharingRegistryService)
GroupModel(org.apache.airavata.model.group.GroupModel)
RegistryServiceException(org.apache.airavata.registry.api.exception.RegistryServiceException)
CredentialStoreException(org.apache.airavata.credential.store.exception.CredentialStoreException)
AiravataException(org.apache.airavata.common.exception.AiravataException)
TException(org.apache.thrift.TException)
ApplicationSettingsException(org.apache.airavata.common.exception.ApplicationSettingsException)
SecurityCheck(org.apache.airavata.service.security.interceptor.SecurityCheck)
Aggregations
SecurityCheck (org.apache.airavata.service.security.interceptor.SecurityCheck)40
ApplicationSettingsException (org.apache.airavata.common.exception.ApplicationSettingsException)39
TException (org.apache.thrift.TException)38
CredentialStoreException (org.apache.airavata.credential.store.exception.CredentialStoreException)28
RegistryServiceException (org.apache.airavata.registry.api.exception.RegistryServiceException)25
AiravataException (org.apache.airavata.common.exception.AiravataException)24
SharingRegistryService (org.apache.airavata.sharing.registry.service.cpi.SharingRegistryService)23
RegistryService (org.apache.airavata.registry.api.RegistryService)22
IamAdminServicesException (org.apache.airavata.service.profile.iam.admin.services.cpi.exception.IamAdminServicesException)12
PasswordCredential (org.apache.airavata.model.credential.store.PasswordCredential)9
TenantManagementKeycloakImpl (org.apache.airavata.service.profile.iam.admin.services.core.impl.TenantManagementKeycloakImpl)9
AuthorizationException (org.apache.airavata.model.error.AuthorizationException)7
Gateway (org.apache.airavata.model.workspace.Gateway)4
Project (org.apache.airavata.model.workspace.Project)4
UserComputeResourcePreference (org.apache.airavata.model.appcatalog.userresourceprofile.UserComputeResourcePreference)3
TenantProfileServiceException (org.apache.airavata.service.profile.tenant.cpi.exception.TenantProfileServiceException)3
UserProfileServiceException (org.apache.airavata.service.profile.user.cpi.exception.UserProfileServiceException)3
CredentialStoreService (org.apache.airavata.credential.store.cpi.CredentialStoreService)2
ApplicationInterfaceDescription (org.apache.airavata.model.appcatalog.appinterface.ApplicationInterfaceDescription)2
UserStoragePreference (org.apache.airavata.model.appcatalog.userresourceprofile.UserStoragePreference)2
