You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airavata.apache.org by ma...@apache.org on 2018/06/07 15:14:24 UTC
[airavata] branch group-based-auth updated: AIRAVATA-2817
AIRAVATA-2781 Give Admins READ as well as WRITE
This is an automated email from the ASF dual-hosted git repository.
machristie pushed a commit to branch group-based-auth
in repository https://gitbox.apache.org/repos/asf/airavata.git
The following commit(s) were added to refs/heads/group-based-auth by this push:
new f91e93c AIRAVATA-2817 AIRAVATA-2781 Give Admins READ as well as WRITE
f91e93c is described below
commit f91e93c454d3b3ec69577773295ab10c1fb2dfb3
Author: Marcus Christie <ma...@apache.org>
AuthorDate: Thu Jun 7 11:12:59 2018 -0400
AIRAVATA-2817 AIRAVATA-2781 Give Admins READ as well as WRITE
Also removing sharing Projects with Admins groups.
---
.../api/server/handler/AiravataServerHandler.java | 26 +++++++++-------------
.../migrator/airavata/AiravataDataMigrator.java | 13 ++++-------
2 files changed, 15 insertions(+), 24 deletions(-)
diff --git a/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java b/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java
index 6482ca1..7f8a62a 100644
--- a/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java
+++ b/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java
@@ -849,9 +849,6 @@ public class AiravataServerHandler implements Airavata.Iface {
entity.setName(project.getName());
entity.setDescription(project.getDescription());
sharingClient.createEntity(entity);
- GatewayGroups gatewayGroups = retrieveGatewayGroups(regClient, gatewayId);
- sharingClient.shareEntityWithGroups(domainId, entity.getEntityId(), Arrays.asList(gatewayGroups.getAdminsGroupId()), domainId + ":WRITE", true);
- sharingClient.shareEntityWithGroups(domainId, entity.getEntityId(), Arrays.asList(gatewayGroups.getReadOnlyAdminsGroupId()), domainId + ":READ", true);
} catch (Exception ex) {
logger.error(ex.getMessage(), ex);
logger.error("Rolling back project creation Proj ID : " + projectId);
@@ -1348,9 +1345,7 @@ public class AiravataServerHandler implements Airavata.Iface {
entity.setParentEntityId(experiment.getProjectId());
sharingClient.createEntity(entity);
- GatewayGroups gatewayGroups = retrieveGatewayGroups(regClient, gatewayId);
- sharingClient.shareEntityWithGroups(domainId, entity.getEntityId(), Arrays.asList(gatewayGroups.getAdminsGroupId()), domainId + ":WRITE", true);
- sharingClient.shareEntityWithGroups(domainId, entity.getEntityId(), Arrays.asList(gatewayGroups.getReadOnlyAdminsGroupId()), domainId + ":READ", true);
+ shareEntityWithAdminGatewayGroups(regClient, sharingClient, entity);
} catch (Exception ex) {
logger.error(ex.getMessage(), ex);
logger.error("Rolling back experiment creation Exp ID : " + experimentId);
@@ -2054,9 +2049,7 @@ public class AiravataServerHandler implements Airavata.Iface {
entity.setName(existingExperiment.getExperimentName());
entity.setDescription(existingExperiment.getDescription());
sharingClient.createEntity(entity);
- GatewayGroups gatewayGroups = retrieveGatewayGroups(regClient, gatewayId);
- sharingClient.shareEntityWithGroups(domainId, entity.getEntityId(), Arrays.asList(gatewayGroups.getAdminsGroupId()), domainId + ":WRITE", true);
- sharingClient.shareEntityWithGroups(domainId, entity.getEntityId(), Arrays.asList(gatewayGroups.getReadOnlyAdminsGroupId()), domainId + ":READ", true);
+ shareEntityWithAdminGatewayGroups(regClient, sharingClient, entity);
} catch (Exception ex) {
logger.error(ex.getMessage(), ex);
logger.error("rolling back experiment creation Exp ID : " + expId);
@@ -2331,9 +2324,7 @@ public class AiravataServerHandler implements Airavata.Iface {
entity.setName(result);
entity.setDescription(applicationDeployment.getAppDeploymentDescription());
sharingClient.createEntity(entity);
- GatewayGroups gatewayGroups = retrieveGatewayGroups(regClient, gatewayId);
- sharingClient.shareEntityWithGroups(domainId, entity.getEntityId(), Arrays.asList(gatewayGroups.getAdminsGroupId()), domainId + ":WRITE", true);
- sharingClient.shareEntityWithGroups(domainId, entity.getEntityId(), Arrays.asList(gatewayGroups.getReadOnlyAdminsGroupId()), domainId + ":READ", true);
+ shareEntityWithAdminGatewayGroups(regClient, sharingClient, entity);
registryClientPool.returnResource(regClient);
sharingClientPool.returnResource(sharingClient);
return result;
@@ -5192,9 +5183,7 @@ public class AiravataServerHandler implements Airavata.Iface {
sharingClient.createEntity(entity);
- GatewayGroups gatewayGroups = retrieveGatewayGroups(regClient, groupResourceProfile.getGatewayId());
- sharingClient.shareEntityWithGroups(domainId, entity.getEntityId(), Arrays.asList(gatewayGroups.getAdminsGroupId()), domainId + ":WRITE", true);
- sharingClient.shareEntityWithGroups(domainId, entity.getEntityId(), Arrays.asList(gatewayGroups.getReadOnlyAdminsGroupId()), domainId + ":READ", true);
+ shareEntityWithAdminGatewayGroups(regClient, sharingClient, entity);
} catch (Exception ex) {
logger.error(ex.getMessage(), ex);
logger.error("Rolling back group resource profile creation Group Resource Profile ID : " + groupResourceProfileId);
@@ -5673,6 +5662,13 @@ public class AiravataServerHandler implements Airavata.Iface {
experimentPublisher.publish(messageContext);
}
+ private void shareEntityWithAdminGatewayGroups(RegistryService.Client regClient, SharingRegistryService.Client sharingClient, Entity entity) throws TException {
+ final String domainId = entity.getDomainId();
+ GatewayGroups gatewayGroups = retrieveGatewayGroups(regClient, domainId);
+ sharingClient.shareEntityWithGroups(domainId, entity.getEntityId(), Arrays.asList(gatewayGroups.getAdminsGroupId()), domainId + ":WRITE", true);
+ sharingClient.shareEntityWithGroups(domainId, entity.getEntityId(), Arrays.asList(gatewayGroups.getAdminsGroupId(), gatewayGroups.getReadOnlyAdminsGroupId()), domainId + ":READ", true);
+ }
+
private GatewayGroups retrieveGatewayGroups(RegistryService.Client regClient, String gatewayId) throws TException {
if (regClient.isGatewayGroupsExists(gatewayId)) {
diff --git a/modules/sharing-registry/sharing-data-migrator/src/main/java/org/apache/airavata/sharing/registry/migrator/airavata/AiravataDataMigrator.java b/modules/sharing-registry/sharing-data-migrator/src/main/java/org/apache/airavata/sharing/registry/migrator/airavata/AiravataDataMigrator.java
index 2f88b7e..ed9d6ae 100644
--- a/modules/sharing-registry/sharing-data-migrator/src/main/java/org/apache/airavata/sharing/registry/migrator/airavata/AiravataDataMigrator.java
+++ b/modules/sharing-registry/sharing-data-migrator/src/main/java/org/apache/airavata/sharing/registry/migrator/airavata/AiravataDataMigrator.java
@@ -225,12 +225,6 @@ public class AiravataDataMigrator {
}
}
- for (Entity entity : projectEntities) {
- if (!sharingRegistryServerHandler.isEntityExists(entity.domainId, entity.entityId))
- sharingRegistryServerHandler.createEntity(entity);
- shareEntityWithAdminGatewayGroups(sharingRegistryServerHandler, entity, gatewayGroupsMap.get(entity.domainId), false);
- }
-
//Creating experiment entries
query = "SELECT * FROM EXPERIMENT" + gatewayWhereClause;
statement = expCatConnection.createStatement();
@@ -320,10 +314,11 @@ public class AiravataDataMigrator {
expCatConnection.close();
System.out.println("Completed!");
+ System.exit(0);
}
private static void shareEntityWithGatewayGroups(SharingRegistryServerHandler sharingRegistryServerHandler, Entity entity, GatewayGroups gatewayGroups, boolean cascadePermission) throws TException {
- // Give default Gateway Users group and Read Only Admins group READ access
+ // Give default Gateway Users group READ access
sharingRegistryServerHandler.shareEntityWithGroups(entity.domainId, entity.entityId,
Arrays.asList(gatewayGroups.getDefaultGatewayUsersGroupId()),
entity.domainId + ":" + ResourcePermissionType.READ, cascadePermission);
@@ -331,9 +326,9 @@ public class AiravataDataMigrator {
}
private static void shareEntityWithAdminGatewayGroups(SharingRegistryServerHandler sharingRegistryServerHandler, Entity entity, GatewayGroups gatewayGroups, boolean cascadePermission) throws TException {
- // Give default Gateway Users group and Read Only Admins group READ access
+ // Give Admins group and Read Only Admins group READ access
sharingRegistryServerHandler.shareEntityWithGroups(entity.domainId, entity.entityId,
- Arrays.asList(gatewayGroups.getReadOnlyAdminsGroupId()),
+ Arrays.asList(gatewayGroups.getAdminsGroupId(), gatewayGroups.getReadOnlyAdminsGroupId()),
entity.domainId + ":" + ResourcePermissionType.READ, cascadePermission);
// Give Admins group WRITE access
sharingRegistryServerHandler.shareEntityWithGroups(entity.domainId, entity.entityId,
--
To stop receiving notification emails like this one, please contact
machristie@apache.org.