[jira] [Commented] (AIRAVATA-2697) Update GroupResourceProfile methods in API server to use sharing API to enforce READ and WRITE rules
[ https://issues.apache.org/jira/browse/AIRAVATA-2697?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16434369#comment-16434369 ] ASF subversion and git services commented on AIRAVATA-2697: --- Commit 7d696e0f67df7773ec4db32dcb28583e66eb3882 in airavata's branch refs/heads/group-based-auth from [~marcuschristie] [ https://gitbox.apache.org/repos/asf?p=airavata.git;h=7d696e0 ] Merge pull request #181 from sachinkariyattin/group-based-auth [AIRAVATA-2697] Update GroupResourceProfile methods in API server to use sharing API to enforce READ and WRITE rules > Update GroupResourceProfile methods in API server to use sharing API to > enforce READ and WRITE rules > > > Key: AIRAVATA-2697 > URL: https://issues.apache.org/jira/browse/AIRAVATA-2697 > Project: Airavata > Issue Type: Bug >Reporter: Marcus Christie >Assignee: Sachin Kariyattin >Priority: Major > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (AIRAVATA-2697) Update GroupResourceProfile methods in API server to use sharing API to enforce READ and WRITE rules
[ https://issues.apache.org/jira/browse/AIRAVATA-2697?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16434366#comment-16434366 ] ASF GitHub Bot commented on AIRAVATA-2697: -- machristie commented on issue #181: [AIRAVATA-2697] Update GroupResourceProfile methods in API server to use sharing API to enforce READ and WRITE rules URL: https://github.com/apache/airavata/pull/181#issuecomment-380548476 +1, looks good @sachinkariyattin This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org > Update GroupResourceProfile methods in API server to use sharing API to > enforce READ and WRITE rules > > > Key: AIRAVATA-2697 > URL: https://issues.apache.org/jira/browse/AIRAVATA-2697 > Project: Airavata > Issue Type: Bug >Reporter: Marcus Christie >Assignee: Sachin Kariyattin >Priority: Major > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (AIRAVATA-2697) Update GroupResourceProfile methods in API server to use sharing API to enforce READ and WRITE rules
[ https://issues.apache.org/jira/browse/AIRAVATA-2697?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16434368#comment-16434368 ] ASF GitHub Bot commented on AIRAVATA-2697: -- machristie closed pull request #181: [AIRAVATA-2697] Update GroupResourceProfile methods in API server to use sharing API to enforce READ and WRITE rules URL: https://github.com/apache/airavata/pull/181 This is a PR merged from a forked repository. As GitHub hides the original diff on merge, it is displayed below for the sake of provenance: As this is a foreign pull request (from a fork), the diff is supplied below (as it won't show otherwise due to GitHub magic): diff --git a/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java b/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java index 99a1cb8ac9..47479dc75d 100644 --- a/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java +++ b/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java @@ -45,12 +45,7 @@ import org.apache.airavata.model.appcatalog.appdeployment.ApplicationDeploymentDescription; import org.apache.airavata.model.appcatalog.appdeployment.ApplicationModule; import org.apache.airavata.model.appcatalog.appinterface.ApplicationInterfaceDescription; -import org.apache.airavata.model.appcatalog.computeresource.CloudJobSubmission; -import org.apache.airavata.model.appcatalog.computeresource.ComputeResourceDescription; -import org.apache.airavata.model.appcatalog.computeresource.LOCALSubmission; -import org.apache.airavata.model.appcatalog.computeresource.ResourceJobManager; -import org.apache.airavata.model.appcatalog.computeresource.SSHJobSubmission; -import org.apache.airavata.model.appcatalog.computeresource.UnicoreJobSubmission; +import org.apache.airavata.model.appcatalog.computeresource.*; import org.apache.airavata.model.appcatalog.gatewayprofile.ComputeResourcePreference; import org.apache.airavata.model.appcatalog.gatewayprofile.GatewayResourceProfile; import org.apache.airavata.model.appcatalog.gatewayprofile.StoragePreference; @@ -5079,9 +5074,31 @@ else if(userPermission.getValue().equals(ResourcePermissionType.EXEC)) @SecurityCheck public void createGroupResourceProfile(AuthzToken authzToken, GroupResourceProfile groupResourceProfile) throws InvalidRequestException, AiravataClientException, AiravataSystemException, AuthorizationException, TException { RegistryService.Client regClient = registryClientPool.getResource(); +SharingRegistryService.Client sharingClient = sharingClientPool.getResource(); +String userName = authzToken.getClaimsMap().get(Constants.USER_NAME); try { -regClient.createGroupResourceProfile(groupResourceProfile); +String groupResourceProfileId = regClient.createGroupResourceProfile(groupResourceProfile); +if(ServerSettings.isEnableSharing()) { +try { +Entity entity = new Entity(); +entity.setEntityId(groupResourceProfileId); +entity.setDomainId(groupResourceProfile.getGatewayId()); +entity.setEntityTypeId(groupResourceProfile.getGatewayId() + ":" + "GROUP_RESOURCE_PROFILE"); +entity.setOwnerId(userName + "@" + groupResourceProfile.getGatewayId()); + entity.setName(groupResourceProfile.getGroupResourceProfileName()); + +sharingClient.createEntity(entity); +} catch (Exception ex) { +logger.error(ex.getMessage(), ex); +logger.error("Rolling back group resource profile creation Group Resource Profile ID : " + groupResourceProfileId); + regClient.removeGroupResourceProfile(groupResourceProfileId); +AiravataSystemException ase = new AiravataSystemException(); +ase.setMessage("Failed to create sharing registry record"); +throw ase; +} +} registryClientPool.returnResource(regClient); +sharingClientPool.returnResource(sharingClient); } catch (Exception e) { String msg = "Error creating group resource profile."; logger.error(msg, e); @@ -5096,9 +5113,23 @@ public void createGroupResourceProfile(AuthzToken authzToken, GroupResourceProfi @SecurityCheck public void updateGroupResourceProfile(AuthzToken authzToken, GroupResourceProfile groupResourceProfile) throws InvalidRequestException, AiravataClientException, AiravataSystemException, AuthorizationException, TException { RegistryService.Client regClient =
[jira] [Commented] (AIRAVATA-2697) Update GroupResourceProfile methods in API server to use sharing API to enforce READ and WRITE rules
[ https://issues.apache.org/jira/browse/AIRAVATA-2697?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16432689#comment-16432689 ] ASF GitHub Bot commented on AIRAVATA-2697: -- sachinkariyattin commented on issue #181: [AIRAVATA-2697] Update GroupResourceProfile methods in API server to use sharing API to enforce READ and WRITE rules URL: https://github.com/apache/airavata/pull/181#issuecomment-380193173 @machristie Thanks for the review. I have made the suggested changes. This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org > Update GroupResourceProfile methods in API server to use sharing API to > enforce READ and WRITE rules > > > Key: AIRAVATA-2697 > URL: https://issues.apache.org/jira/browse/AIRAVATA-2697 > Project: Airavata > Issue Type: Bug >Reporter: Marcus Christie >Assignee: Sachin Kariyattin >Priority: Major > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (AIRAVATA-2697) Update GroupResourceProfile methods in API server to use sharing API to enforce READ and WRITE rules
[ https://issues.apache.org/jira/browse/AIRAVATA-2697?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16394424#comment-16394424 ] ASF GitHub Bot commented on AIRAVATA-2697: -- sachinkariyattin opened a new pull request #181: [AIRAVATA-2697] Update GroupResourceProfile methods in API server to use sharing API to enforce READ and WRITE rules URL: https://github.com/apache/airavata/pull/181 **Changes**: - Made changes in _AiravataServerHandler.java_ to enforce READ and WRITE permissions for GroupResourceProfile API methods. This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org > Update GroupResourceProfile methods in API server to use sharing API to > enforce READ and WRITE rules > > > Key: AIRAVATA-2697 > URL: https://issues.apache.org/jira/browse/AIRAVATA-2697 > Project: Airavata > Issue Type: Bug >Reporter: Marcus Christie >Assignee: Sachin Kariyattin >Priority: Major > -- This message was sent by Atlassian JIRA (v7.6.3#76005)