Esempio n. 1
0
 public List<Vo> getAllVos(PerunSession perunSession)
     throws InternalErrorException, PrivilegeException {
   Utils.notNull(perunSession, "sess");
   if (!AuthzResolver.isAuthorized(perunSession, Role.VOADMIN)
       && !AuthzResolver.isAuthorized(perunSession, Role.GROUPADMIN)
       && !AuthzResolver.isAuthorized(perunSession, Role.FACILITYADMIN)) {
     throw new PrivilegeException(perunSession, "getAllVos");
   }
   return vosManagerBl.getVos(perunSession);
 }
Esempio n. 2
0
  public List<Vo> getVos(PerunSession sess) throws InternalErrorException, PrivilegeException {
    Utils.notNull(sess, "sess");

    // Perun admin can see everything
    if (AuthzResolver.isAuthorized(sess, Role.PERUNADMIN)) {
      return vosManagerBl.getVos(sess);
    } else {
      if (sess.getPerunPrincipal().getRoles().hasRole(Role.VOADMIN)
          || sess.getPerunPrincipal().getRoles().hasRole(Role.GROUPADMIN)) {

        Set<Vo> vos = new HashSet<Vo>();

        // Get Vos where user is VO Admin
        for (PerunBean vo :
            AuthzResolver.getComplementaryObjectsForRole(sess, Role.VOADMIN, Vo.class)) {
          vos.add((Vo) vo);
        }

        // Get Vos where user has an group admin right on some of the group
        for (PerunBean group :
            AuthzResolver.getComplementaryObjectsForRole(sess, Role.GROUPADMIN, Group.class)) {
          try {
            vos.add(vosManagerBl.getVoById(sess, ((Group) group).getVoId()));
          } catch (VoNotExistsException e) {
            throw new ConsistencyErrorException(
                "User has group admin role for group from non-existent VO id:"
                    + ((Group) group).getVoId(),
                e);
          }
        }

        return new ArrayList<Vo>(vos);
      } else {
        throw new PrivilegeException(sess, "getVos");
      }
    }
  }