airavata-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From machris...@apache.org
Subject [airavata] 02/02: AIRAVATA-2773 Removing EXEC permission
Date Mon, 04 Jun 2018 18:14:15 GMT
This is an automated email from the ASF dual-hosted git repository.

machristie pushed a commit to branch group-based-auth
in repository https://gitbox.apache.org/repos/asf/airavata.git

commit 5b069764b40d2d305018a5ba8ca99336ca5fd3d1
Author: Marcus Christie <machristie@apache.org>
AuthorDate: Mon Jun 4 14:07:14 2018 -0400

    AIRAVATA-2773 Removing EXEC permission
---
 .../api/server/handler/AiravataServerHandler.java  | 26 ----------------------
 .../migrator/airavata/AiravataDataMigrator.java    |  7 ------
 .../registry/SharingRegistryServerHandlerTest.java | 11 ---------
 .../group_manager_model.thrift                     |  1 -
 4 files changed, 45 deletions(-)

diff --git a/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java
b/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java
index ae84664..3ef8690 100644
--- a/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java
+++ b/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java
@@ -258,13 +258,6 @@ public class AiravataServerHandler implements Airavata.Iface {
                 permissionType.setName("WRITE");
                 permissionType.setDescription("Write permission type");
                 client.createPermissionType(permissionType);
-
-                permissionType = new PermissionType();
-                permissionType.setPermissionTypeId(domain.domainId+":EXEC");
-                permissionType.setDomainId(domain.domainId);
-                permissionType.setName("EXEC");
-                permissionType.setDescription("Execute permission type");
-                client.createPermissionType(permissionType);
             }
             sharingClientPool.returnResource(client);
         } catch (Exception ex) {
@@ -375,13 +368,6 @@ public class AiravataServerHandler implements Airavata.Iface {
             permissionType.setDescription("Write permission type");
             sharingClient.createPermissionType(permissionType);
 
-            permissionType = new PermissionType();
-            permissionType.setPermissionTypeId(domain.domainId+":EXEC");
-            permissionType.setDomainId(domain.domainId);
-            permissionType.setName("EXEC");
-            permissionType.setDescription("Execute permission type");
-            sharingClient.createPermissionType(permissionType);
-
             //Create an "everyone" group for the domain
             String groupId = "everyone@" + domain.domainId;
             UserGroup userGroup = new UserGroup();
@@ -4965,9 +4951,6 @@ public class AiravataServerHandler implements Airavata.Iface {
                 else if(userPermission.getValue().equals(ResourcePermissionType.READ))
                     sharingClient.shareEntityWithUsers(gatewayId, resourceId,
                             Arrays.asList(userPermission.getKey()), authzToken.getClaimsMap().get(Constants.GATEWAY_ID)
+ ":" + "READ", true);
-                else if(userPermission.getValue().equals(ResourcePermissionType.EXEC))
-                    sharingClient.shareEntityWithUsers(gatewayId, resourceId,
-                            Arrays.asList(userPermission.getKey()), authzToken.getClaimsMap().get(Constants.GATEWAY_ID)
+ ":" + "EXEC", true);
                 else {
                     logger.error("Invalid ResourcePermissionType : " + userPermission.getValue().toString());
                     throw new AiravataClientException(AiravataErrorType.UNSUPPORTED_OPERATION);
@@ -5004,9 +4987,6 @@ public class AiravataServerHandler implements Airavata.Iface {
                 else if(groupPermission.getValue().equals(ResourcePermissionType.READ))
                     sharingClient.shareEntityWithGroups(gatewayId, resourceId,
                             Arrays.asList(groupPermission.getKey()), authzToken.getClaimsMap().get(Constants.GATEWAY_ID)
+ ":" + "READ", true);
-                else if(groupPermission.getValue().equals(ResourcePermissionType.EXEC))
-                    sharingClient.shareEntityWithGroups(gatewayId, resourceId,
-                            Arrays.asList(groupPermission.getKey()), authzToken.getClaimsMap().get(Constants.GATEWAY_ID)
+ ":" + "EXEC", true);
                 else {
                     logger.error("Invalid ResourcePermissionType : " + groupPermission.getValue().toString());
                     throw new AiravataClientException(AiravataErrorType.UNSUPPORTED_OPERATION);
@@ -5042,9 +5022,6 @@ public class AiravataServerHandler implements Airavata.Iface {
                 else if(userPermission.getValue().equals(ResourcePermissionType.READ))
                     sharingClient.revokeEntitySharingFromUsers(gatewayId, resourceId,
                             Arrays.asList(userPermission.getKey()), authzToken.getClaimsMap().get(Constants.GATEWAY_ID)
+ ":" + "READ");
-                else if(userPermission.getValue().equals(ResourcePermissionType.EXEC))
-                    sharingClient.revokeEntitySharingFromUsers(gatewayId, resourceId,
-                            Arrays.asList(userPermission.getKey()), authzToken.getClaimsMap().get(Constants.GATEWAY_ID)
+ ":" + "EXEC");
                 else {
                     logger.error("Invalid ResourcePermissionType : " + userPermission.getValue().toString());
                     throw new AiravataClientException(AiravataErrorType.UNSUPPORTED_OPERATION);
@@ -5091,9 +5068,6 @@ public class AiravataServerHandler implements Airavata.Iface {
                 else if(groupPermission.getValue().equals(ResourcePermissionType.READ))
                     sharingClient.revokeEntitySharingFromUsers(gatewayId, resourceId,
                             Arrays.asList(groupPermission.getKey()), gatewayId + ":" + "READ");
-                else if(groupPermission.getValue().equals(ResourcePermissionType.EXEC))
-                    sharingClient.revokeEntitySharingFromUsers(gatewayId, resourceId,
-                            Arrays.asList(groupPermission.getKey()), gatewayId + ":" + "EXEC");
                 else {
                     logger.error("Invalid ResourcePermissionType : " + groupPermission.getValue().toString());
                     throw new AiravataClientException(AiravataErrorType.UNSUPPORTED_OPERATION);
diff --git a/modules/sharing-registry/sharing-data-migrator/src/main/java/org/apache/airavata/sharing/registry/migrator/airavata/AiravataDataMigrator.java
b/modules/sharing-registry/sharing-data-migrator/src/main/java/org/apache/airavata/sharing/registry/migrator/airavata/AiravataDataMigrator.java
index 95c4fdb..584581d 100644
--- a/modules/sharing-registry/sharing-data-migrator/src/main/java/org/apache/airavata/sharing/registry/migrator/airavata/AiravataDataMigrator.java
+++ b/modules/sharing-registry/sharing-data-migrator/src/main/java/org/apache/airavata/sharing/registry/migrator/airavata/AiravataDataMigrator.java
@@ -133,13 +133,6 @@ public class AiravataDataMigrator {
                 if (!sharingRegistryServerHandler.isPermissionExists(permissionType.domainId,
permissionType.permissionTypeId))
                     sharingRegistryServerHandler.createPermissionType(permissionType);
 
-                permissionType = new PermissionType();
-                permissionType.setPermissionTypeId(domain.domainId+":EXEC");
-                permissionType.setDomainId(domain.domainId);
-                permissionType.setName("EXEC");
-                permissionType.setDescription("Execute permission type");
-                if (!sharingRegistryServerHandler.isPermissionExists(permissionType.domainId,
permissionType.permissionTypeId))
-                    sharingRegistryServerHandler.createPermissionType(permissionType);
             }catch (Exception ex){
                 ex.printStackTrace();
             }
diff --git a/modules/sharing-registry/sharing-registry-server/src/test/java/org/apache/airavata/sharing/registry/SharingRegistryServerHandlerTest.java
b/modules/sharing-registry/sharing-registry-server/src/test/java/org/apache/airavata/sharing/registry/SharingRegistryServerHandlerTest.java
index f597c39..c44b02f 100644
--- a/modules/sharing-registry/sharing-registry-server/src/test/java/org/apache/airavata/sharing/registry/SharingRegistryServerHandlerTest.java
+++ b/modules/sharing-registry/sharing-registry-server/src/test/java/org/apache/airavata/sharing/registry/SharingRegistryServerHandlerTest.java
@@ -178,17 +178,6 @@ public class SharingRegistryServerHandlerTest {
         String permissionTypeId2 = sharingRegistryServerHandler.createPermissionType(permissionType2);
         Assert.assertNotNull(permissionTypeId2);
 
-        PermissionType permissionType3 = new PermissionType();
-        String permissionName3 = "EXEC";
-        permissionType3.setPermissionTypeId(domainId+":"+permissionName3);
-        permissionType3.setDomainId(domainId);
-        permissionType3.setName(permissionName3);
-        permissionType3.setDescription("EXEC description");
-        permissionType3.setCreatedTime(System.currentTimeMillis());
-        permissionType3.setUpdatedTime(System.currentTimeMillis());
-        String permissionTypeId3 = sharingRegistryServerHandler.createPermissionType(permissionType3);
-        Assert.assertNotNull(permissionTypeId3);
-
         //Creating entity types
         EntityType entityType1 = new EntityType();
         String entityType1Name = "Project";
diff --git a/thrift-interface-descriptions/data-models/user-tenant-group-models/group_manager_model.thrift
b/thrift-interface-descriptions/data-models/user-tenant-group-models/group_manager_model.thrift
index adb4285..b9c65c1 100644
--- a/thrift-interface-descriptions/data-models/user-tenant-group-models/group_manager_model.thrift
+++ b/thrift-interface-descriptions/data-models/user-tenant-group-models/group_manager_model.thrift
@@ -39,7 +39,6 @@ enum ResourcePermissionType {
     WRITE,
     READ,
     OWNER,
-    EXEC,
 }
 
 struct GroupModel{

-- 
To stop receiving notification emails like this one, please contact
machristie@apache.org.

Mime
View raw message