airavata-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From machris...@apache.org
Subject [airavata] branch group-based-auth updated: AIRAVATA-2817 AIRAVATA-2781 Give Admins READ as well as WRITE
Date Thu, 07 Jun 2018 15:14:24 GMT
This is an automated email from the ASF dual-hosted git repository.

machristie pushed a commit to branch group-based-auth
in repository https://gitbox.apache.org/repos/asf/airavata.git


The following commit(s) were added to refs/heads/group-based-auth by this push:
     new f91e93c  AIRAVATA-2817 AIRAVATA-2781 Give Admins READ as well as WRITE
f91e93c is described below

commit f91e93c454d3b3ec69577773295ab10c1fb2dfb3
Author: Marcus Christie <machristie@apache.org>
AuthorDate: Thu Jun 7 11:12:59 2018 -0400

    AIRAVATA-2817 AIRAVATA-2781 Give Admins READ as well as WRITE
    
    Also removing sharing Projects with Admins groups.
---
 .../api/server/handler/AiravataServerHandler.java  | 26 +++++++++-------------
 .../migrator/airavata/AiravataDataMigrator.java    | 13 ++++-------
 2 files changed, 15 insertions(+), 24 deletions(-)

diff --git a/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java
b/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java
index 6482ca1..7f8a62a 100644
--- a/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java
+++ b/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java
@@ -849,9 +849,6 @@ public class AiravataServerHandler implements Airavata.Iface {
                     entity.setName(project.getName());
                     entity.setDescription(project.getDescription());
                     sharingClient.createEntity(entity);
-                    GatewayGroups gatewayGroups = retrieveGatewayGroups(regClient, gatewayId);
-                    sharingClient.shareEntityWithGroups(domainId, entity.getEntityId(), Arrays.asList(gatewayGroups.getAdminsGroupId()),
domainId + ":WRITE", true);
-                    sharingClient.shareEntityWithGroups(domainId, entity.getEntityId(), Arrays.asList(gatewayGroups.getReadOnlyAdminsGroupId()),
domainId + ":READ", true);
                 } catch (Exception ex) {
                     logger.error(ex.getMessage(), ex);
                     logger.error("Rolling back project creation Proj ID : " + projectId);
@@ -1348,9 +1345,7 @@ public class AiravataServerHandler implements Airavata.Iface {
                     entity.setParentEntityId(experiment.getProjectId());
 
                     sharingClient.createEntity(entity);
-                    GatewayGroups gatewayGroups = retrieveGatewayGroups(regClient, gatewayId);
-                    sharingClient.shareEntityWithGroups(domainId, entity.getEntityId(), Arrays.asList(gatewayGroups.getAdminsGroupId()),
domainId + ":WRITE", true);
-                    sharingClient.shareEntityWithGroups(domainId, entity.getEntityId(), Arrays.asList(gatewayGroups.getReadOnlyAdminsGroupId()),
domainId + ":READ", true);
+                    shareEntityWithAdminGatewayGroups(regClient, sharingClient, entity);
                 } catch (Exception ex) {
                     logger.error(ex.getMessage(), ex);
                     logger.error("Rolling back experiment creation Exp ID : " + experimentId);
@@ -2054,9 +2049,7 @@ public class AiravataServerHandler implements Airavata.Iface {
                 entity.setName(existingExperiment.getExperimentName());
                 entity.setDescription(existingExperiment.getDescription());
                 sharingClient.createEntity(entity);
-                GatewayGroups gatewayGroups = retrieveGatewayGroups(regClient, gatewayId);
-                sharingClient.shareEntityWithGroups(domainId, entity.getEntityId(), Arrays.asList(gatewayGroups.getAdminsGroupId()),
domainId + ":WRITE", true);
-                sharingClient.shareEntityWithGroups(domainId, entity.getEntityId(), Arrays.asList(gatewayGroups.getReadOnlyAdminsGroupId()),
domainId + ":READ", true);
+                shareEntityWithAdminGatewayGroups(regClient, sharingClient, entity);
             } catch (Exception ex) {
                 logger.error(ex.getMessage(), ex);
                 logger.error("rolling back experiment creation Exp ID : " + expId);
@@ -2331,9 +2324,7 @@ public class AiravataServerHandler implements Airavata.Iface {
             entity.setName(result);
             entity.setDescription(applicationDeployment.getAppDeploymentDescription());
             sharingClient.createEntity(entity);
-            GatewayGroups gatewayGroups = retrieveGatewayGroups(regClient, gatewayId);
-            sharingClient.shareEntityWithGroups(domainId, entity.getEntityId(), Arrays.asList(gatewayGroups.getAdminsGroupId()),
domainId + ":WRITE", true);
-            sharingClient.shareEntityWithGroups(domainId, entity.getEntityId(), Arrays.asList(gatewayGroups.getReadOnlyAdminsGroupId()),
domainId + ":READ", true);
+            shareEntityWithAdminGatewayGroups(regClient, sharingClient, entity);
             registryClientPool.returnResource(regClient);
             sharingClientPool.returnResource(sharingClient);
             return result;
@@ -5192,9 +5183,7 @@ public class AiravataServerHandler implements Airavata.Iface {
 
                     sharingClient.createEntity(entity);
 
-                    GatewayGroups gatewayGroups = retrieveGatewayGroups(regClient, groupResourceProfile.getGatewayId());
-                    sharingClient.shareEntityWithGroups(domainId, entity.getEntityId(), Arrays.asList(gatewayGroups.getAdminsGroupId()),
domainId + ":WRITE", true);
-                    sharingClient.shareEntityWithGroups(domainId, entity.getEntityId(), Arrays.asList(gatewayGroups.getReadOnlyAdminsGroupId()),
domainId + ":READ", true);
+                    shareEntityWithAdminGatewayGroups(regClient, sharingClient, entity);
                 } catch (Exception ex) {
                     logger.error(ex.getMessage(), ex);
                     logger.error("Rolling back group resource profile creation Group Resource
Profile ID : " + groupResourceProfileId);
@@ -5673,6 +5662,13 @@ public class AiravataServerHandler implements Airavata.Iface {
         experimentPublisher.publish(messageContext);
     }
 
+    private void shareEntityWithAdminGatewayGroups(RegistryService.Client regClient, SharingRegistryService.Client
sharingClient, Entity entity) throws TException {
+        final String domainId = entity.getDomainId();
+        GatewayGroups gatewayGroups = retrieveGatewayGroups(regClient, domainId);
+        sharingClient.shareEntityWithGroups(domainId, entity.getEntityId(), Arrays.asList(gatewayGroups.getAdminsGroupId()),
domainId + ":WRITE", true);
+        sharingClient.shareEntityWithGroups(domainId, entity.getEntityId(), Arrays.asList(gatewayGroups.getAdminsGroupId(),
gatewayGroups.getReadOnlyAdminsGroupId()), domainId + ":READ", true);
+    }
+
     private GatewayGroups retrieveGatewayGroups(RegistryService.Client regClient, String
gatewayId) throws TException {
 
         if (regClient.isGatewayGroupsExists(gatewayId)) {
diff --git a/modules/sharing-registry/sharing-data-migrator/src/main/java/org/apache/airavata/sharing/registry/migrator/airavata/AiravataDataMigrator.java
b/modules/sharing-registry/sharing-data-migrator/src/main/java/org/apache/airavata/sharing/registry/migrator/airavata/AiravataDataMigrator.java
index 2f88b7e..ed9d6ae 100644
--- a/modules/sharing-registry/sharing-data-migrator/src/main/java/org/apache/airavata/sharing/registry/migrator/airavata/AiravataDataMigrator.java
+++ b/modules/sharing-registry/sharing-data-migrator/src/main/java/org/apache/airavata/sharing/registry/migrator/airavata/AiravataDataMigrator.java
@@ -225,12 +225,6 @@ public class AiravataDataMigrator {
             }
         }
 
-        for (Entity entity : projectEntities) {
-            if (!sharingRegistryServerHandler.isEntityExists(entity.domainId, entity.entityId))
-                sharingRegistryServerHandler.createEntity(entity);
-            shareEntityWithAdminGatewayGroups(sharingRegistryServerHandler, entity, gatewayGroupsMap.get(entity.domainId),
false);
-        }
-
         //Creating experiment entries
         query = "SELECT * FROM EXPERIMENT" + gatewayWhereClause;
         statement = expCatConnection.createStatement();
@@ -320,10 +314,11 @@ public class AiravataDataMigrator {
         expCatConnection.close();
         System.out.println("Completed!");
 
+        System.exit(0);
     }
 
     private static void shareEntityWithGatewayGroups(SharingRegistryServerHandler sharingRegistryServerHandler,
Entity entity, GatewayGroups gatewayGroups, boolean cascadePermission) throws TException {
-        // Give default Gateway Users group and Read Only Admins group READ access
+        // Give default Gateway Users group READ access
         sharingRegistryServerHandler.shareEntityWithGroups(entity.domainId, entity.entityId,
                 Arrays.asList(gatewayGroups.getDefaultGatewayUsersGroupId()),
                 entity.domainId + ":" + ResourcePermissionType.READ, cascadePermission);
@@ -331,9 +326,9 @@ public class AiravataDataMigrator {
     }
 
     private static void shareEntityWithAdminGatewayGroups(SharingRegistryServerHandler sharingRegistryServerHandler,
Entity entity, GatewayGroups gatewayGroups, boolean cascadePermission) throws TException {
-        // Give default Gateway Users group and Read Only Admins group READ access
+        // Give Admins group and Read Only Admins group READ access
         sharingRegistryServerHandler.shareEntityWithGroups(entity.domainId, entity.entityId,
-                Arrays.asList(gatewayGroups.getReadOnlyAdminsGroupId()),
+                Arrays.asList(gatewayGroups.getAdminsGroupId(), gatewayGroups.getReadOnlyAdminsGroupId()),
                 entity.domainId + ":" + ResourcePermissionType.READ, cascadePermission);
         // Give Admins group WRITE access
         sharingRegistryServerHandler.shareEntityWithGroups(entity.domainId, entity.entityId,

-- 
To stop receiving notification emails like this one, please contact
machristie@apache.org.

Mime
View raw message