Examples with RMCoreAllPermission org.ow2.proactive.permissions.RMCoreAllPermission used on opensource projects

Search in sources :

Example 1 with RMCoreAllPermission

use of org.ow2.proactive.permissions.RMCoreAllPermission in project scheduling by ow2-proactive.

the class NodeSource method acquireNode.

/**
 * Acquires the existing node with specific url. The node have to be up and running.
 *
 * @param nodeUrl the url of the node
 * @param provider
 */
public BooleanWrapper acquireNode(String nodeUrl, Client provider) {
    if (toShutdown) {
        throw new AddingNodesException("[" + name + "] node " + nodeUrl + " adding request discarded because node source is shutting down");
    }
    // checking that client has a right to change this node source
    // if the provider is the administrator of the node source it always has this permission
    provider.checkPermission(providerPermission, provider + " is not authorized to add node " + nodeUrl + " to " + name, new RMCoreAllPermission(), new NSAdminPermission());
    // lookup for a new Node
    int lookUpTimeout = PAResourceManagerProperties.RM_NODELOOKUP_TIMEOUT.getValueAsInt();
    Node nodeToAdd = null;
    try {
        logger.info("Looking up the node " + nodeUrl + " with " + lookUpTimeout + " ms timeout");
        nodeToAdd = lookupNode(nodeUrl, lookUpTimeout);
        logger.info("The node " + nodeUrl + " has been successfully looked up");
    } catch (Exception e) {
        logger.warn("Cannot look up the node " + nodeUrl + " within " + lookUpTimeout + " ms due to " + e.getMessage(), e);
        throw new AddingNodesException(e);
    }
    // node should be not null at this point...
    if (nodeToAdd == null) {
        throw new AddingNodesException("Cannot lookup node for unknown reason : " + nodeUrl);
    }
    // now checking if this node has been registered before in the node source
    if (downNodes.containsKey(nodeUrl)) {
        // it was registered but detected as down node,
        // so basically the node was restarted.
        // adding a new node and removing old one from the down list
        logger.debug("Removing existing node from down nodes list");
        BooleanWrapper result = rmcore.removeNodeFromCore(nodeUrl);
        if (result.getBooleanValue()) {
            if (logger.isDebugEnabled())
                logger.debug("[" + name + "] successfully removed node " + nodeUrl + " from the core");
            // just removing it from down nodes list
            removeNode(nodeUrl, provider);
        }
    } else if (nodes.containsKey(nodeUrl)) {
        // adding a node which exists in node source
        Node existingNode = nodes.get(nodeUrl);
        if (nodeToAdd.equals(existingNode)) {
            // don't do anything
            if (logger.isDebugEnabled())
                logger.debug("An attempt to add the same node twice " + nodeUrl + " - ignoring");
            return new BooleanWrapper(false);
        } else {
            // adding another node with the same url
            // replacing the old node by the new one
            logger.debug("Removing existing node from the RM without request propagation to the infrastructure manager");
            BooleanWrapper result = rmcore.removeNodeFromCore(nodeUrl);
            if (result.getBooleanValue()) {
                if (logger.isDebugEnabled())
                    logger.debug("[" + name + "] successfully removed node " + nodeUrl + " from the core");
                // removing it from the nodes list but don't propagate
                // the request the the infrastructure because the restarted node will be killed
                nodes.remove(nodeUrl);
            }
        }
    }
    // if any exception occurs in internalAddNode(node) do not add the node to the core
    RMDeployingNode deployingNode;
    try {
        deployingNode = internalAddNode(nodeToAdd);
    } catch (RMException e) {
        throw new AddingNodesException(e);
    }
    // we build the rmnode
    RMNode rmNode = buildRMNode(nodeToAdd, provider);
    if (deployingNode != null) {
        // inherit locking status from associated deploying node created before
        ((AbstractRMNode) rmNode).copyLockStatusFrom(deployingNode);
    }
    BooleanWrapper nodeAdded = rmcore.registerAvailableNode(rmNode);
    rmcore.internalRegisterConfiguringNode(rmNode);
    return nodeAdded;
}
Also used : RMCoreAllPermission(org.ow2.proactive.permissions.RMCoreAllPermission) NSAdminPermission(org.ow2.proactive.permissions.NSAdminPermission) BooleanWrapper(org.objectweb.proactive.core.util.wrapper.BooleanWrapper) RMNode(org.ow2.proactive.resourcemanager.rmnode.RMNode) AbstractRMNode(org.ow2.proactive.resourcemanager.rmnode.AbstractRMNode) RMNode(org.ow2.proactive.resourcemanager.rmnode.RMNode) RMDeployingNode(org.ow2.proactive.resourcemanager.rmnode.RMDeployingNode) Node(org.objectweb.proactive.core.node.Node) AbstractRMNode(org.ow2.proactive.resourcemanager.rmnode.AbstractRMNode) AddingNodesException(org.ow2.proactive.resourcemanager.exception.AddingNodesException) RMDeployingNode(org.ow2.proactive.resourcemanager.rmnode.RMDeployingNode) RMException(org.ow2.proactive.resourcemanager.exception.RMException) AddingNodesException(org.ow2.proactive.resourcemanager.exception.AddingNodesException) RMException(org.ow2.proactive.resourcemanager.exception.RMException) AbstractRMNode(org.ow2.proactive.resourcemanager.rmnode.AbstractRMNode)

Example 2 with RMCoreAllPermission

use of org.ow2.proactive.permissions.RMCoreAllPermission in project scheduling by ow2-proactive.

the class RMCore method removeNodeSource.

/**
 * {@inheritDoc}
 */
public BooleanWrapper removeNodeSource(String nodeSourceName, boolean preempt) {
    logger.info("Remove node source " + nodeSourceName + " with preempt=" + preempt + REQUESTED_BY_STRING + this.caller.getName());
    NodeSource nodeSourceToRemove;
    if (this.definedNodeSources.containsKey(nodeSourceName)) {
        nodeSourceToRemove = this.definedNodeSources.get(nodeSourceName);
    } else if (this.deployedNodeSources.containsKey(nodeSourceName)) {
        nodeSourceToRemove = this.deployedNodeSources.get(nodeSourceName);
    } else {
        throw new IllegalArgumentException("Unknown node source " + nodeSourceName);
    }
    this.caller.checkPermission(nodeSourceToRemove.getAdminPermission(), this.caller + " is not authorized to remove " + nodeSourceName, new RMCoreAllPermission(), new NSAdminPermission());
    this.shutDownNodeSourceIfDeployed(nodeSourceName, preempt);
    this.removeDefinedNodeSource(nodeSourceName, nodeSourceToRemove);
    return new BooleanWrapper(true);
}
Also used : NodeSource(org.ow2.proactive.resourcemanager.nodesource.NodeSource) RMCoreAllPermission(org.ow2.proactive.permissions.RMCoreAllPermission) NSAdminPermission(org.ow2.proactive.permissions.NSAdminPermission) BooleanWrapper(org.objectweb.proactive.core.util.wrapper.BooleanWrapper)

Example 3 with RMCoreAllPermission

use of org.ow2.proactive.permissions.RMCoreAllPermission in project scheduling by ow2-proactive.

the class RMCore method checkMethodCallPermission.

/**
 * Checks if the caller thread has permissions to call particular method name
 *
 * @return client object corresponding to the caller thread
 */
private Client checkMethodCallPermission(final String methodName, UniqueID clientId) {
    Client client = RMCore.clients.get(clientId);
    if (client == null) {
        // Check if the client id is a local body or half body
        LocalBodyStore lbs = LocalBodyStore.getInstance();
        if (lbs.getLocalBody(clientId) != null || lbs.getLocalHalfBody(clientId) != null) {
            return RMCore.localClient;
        }
        throw new NotConnectedException("Client " + clientId.shortString() + " is not connected to the resource manager");
    }
    final String fullMethodName = RMCore.class.getName() + "." + methodName;
    final MethodCallPermission methodCallPermission = new MethodCallPermission(fullMethodName);
    client.checkPermission(methodCallPermission, client + " is not authorized to call " + fullMethodName, new RMCoreAllPermission());
    return client;
}
Also used : RMCoreAllPermission(org.ow2.proactive.permissions.RMCoreAllPermission) LocalBodyStore(org.objectweb.proactive.core.body.LocalBodyStore) MethodCallPermission(org.ow2.proactive.permissions.MethodCallPermission) NotConnectedException(org.ow2.proactive.resourcemanager.exception.NotConnectedException) Client(org.ow2.proactive.resourcemanager.authentication.Client)

Example 4 with RMCoreAllPermission

use of org.ow2.proactive.permissions.RMCoreAllPermission in project scheduling by ow2-proactive.

the class RMCore method deployNodeSource.

/**
 * {@inheritDoc}
 */
@Override
public BooleanWrapper deployNodeSource(String nodeSourceName) {
    logger.info("Deploy node source " + nodeSourceName + REQUESTED_BY_STRING + this.caller.getName());
    if (!this.deployedNodeSources.containsKey(nodeSourceName)) {
        if (this.definedNodeSources.containsKey(nodeSourceName)) {
            NodeSource nodeSourceToDeploy = this.definedNodeSources.get(nodeSourceName);
            this.caller.checkPermission(nodeSourceToDeploy.getAdminPermission(), this.caller + " is not authorized to deploy " + nodeSourceName, new RMCoreAllPermission(), new NSAdminPermission());
        }
        NodeSourceDescriptor nodeSourceDescriptor = this.getDefinedNodeSourceDescriptorOrFail(nodeSourceName);
        this.updateNodeSourceDescriptorWithStatusAndPersist(nodeSourceDescriptor, NodeSourceStatus.NODES_DEPLOYED);
        deployNodeSourceOrFail(nodeSourceName, nodeSourceDescriptor);
    } else {
        logger.debug(NODE_SOURCE_STRING + nodeSourceName + " is already deployed");
    }
    return new BooleanWrapper(true);
}
Also used : NodeSource(org.ow2.proactive.resourcemanager.nodesource.NodeSource) RMCoreAllPermission(org.ow2.proactive.permissions.RMCoreAllPermission) NSAdminPermission(org.ow2.proactive.permissions.NSAdminPermission) BooleanWrapper(org.objectweb.proactive.core.util.wrapper.BooleanWrapper) NodeSourceDescriptor(org.ow2.proactive.resourcemanager.nodesource.NodeSourceDescriptor)

Example 5 with RMCoreAllPermission

use of org.ow2.proactive.permissions.RMCoreAllPermission in project scheduling by ow2-proactive.

the class RMCore method checkNodeAdminOrProviderPermission.

/**
 * Checks if the client is the node admin or provider.
 *
 * @param rmnode is a node to be checked
 * @param client is a client to be checked
 * @return true if the client is an admin or provider, SecurityException otherwise
 */
private boolean checkNodeAdminOrProviderPermission(RMNode rmnode, Client client) {
    if (client == localClient) {
        return true;
    }
    NodeSource nodeSource = rmnode.getNodeSource();
    String errorMessage = client.getName() + " is not authorized to manage node " + rmnode.getNodeURL() + " from " + rmnode.getNodeSourceName();
    // a node provider
    try {
        // checking if the caller is an administrator
        client.checkPermission(nodeSource.getAdminPermission(), errorMessage, new RMCoreAllPermission(), new NSAdminPermission());
    } catch (SecurityException ex) {
        // the caller is not an administrator, so checking if it is a node source provider
        client.checkPermission(nodeSource.getProviderPermission(), errorMessage, new RMCoreAllPermission(), new NSAdminPermission());
    }
    return true;
}
Also used : NodeSource(org.ow2.proactive.resourcemanager.nodesource.NodeSource) RMCoreAllPermission(org.ow2.proactive.permissions.RMCoreAllPermission) NSAdminPermission(org.ow2.proactive.permissions.NSAdminPermission)

Aggregations

RMCoreAllPermission (org.ow2.proactive.permissions.RMCoreAllPermission)8 NSAdminPermission (org.ow2.proactive.permissions.NSAdminPermission)7 BooleanWrapper (org.objectweb.proactive.core.util.wrapper.BooleanWrapper)5 NodeSource (org.ow2.proactive.resourcemanager.nodesource.NodeSource)5 Logger (org.apache.log4j.Logger)4 Scheduler (org.ow2.proactive.scheduler.common.Scheduler)4 NotConnectedException (org.ow2.proactive.scheduler.common.exception.NotConnectedException)4 PermissionException (org.ow2.proactive.scheduler.common.exception.PermissionException)4 NotConnectedRestException (org.ow2.proactive_grid_cloud_portal.scheduler.exception.NotConnectedRestException)4 PermissionRestException (org.ow2.proactive_grid_cloud_portal.scheduler.exception.PermissionRestException)4 RestException (org.ow2.proactive_grid_cloud_portal.scheduler.exception.RestException)3 SchedulerRestException (org.ow2.proactive_grid_cloud_portal.scheduler.exception.SchedulerRestException)3 Level (org.apache.log4j.Level)2 Node (org.objectweb.proactive.core.node.Node)2 MethodCallPermission (org.ow2.proactive.permissions.MethodCallPermission)2 RMNodeSourceEvent (org.ow2.proactive.resourcemanager.common.event.RMNodeSourceEvent)2 RMDeployingNode (org.ow2.proactive.resourcemanager.rmnode.RMDeployingNode)2 RMNode (org.ow2.proactive.resourcemanager.rmnode.RMNode)2 ImmutableSet (com.google.common.collect.ImmutableSet)1 Permission (java.security.Permission)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial