You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airavata.apache.org by ma...@apache.org on 2018/06/04 18:14:15 UTC
[airavata] 02/02: AIRAVATA-2773 Removing EXEC permission
This is an automated email from the ASF dual-hosted git repository.
machristie pushed a commit to branch group-based-auth
in repository https://gitbox.apache.org/repos/asf/airavata.git
commit 5b069764b40d2d305018a5ba8ca99336ca5fd3d1
Author: Marcus Christie <ma...@apache.org>
AuthorDate: Mon Jun 4 14:07:14 2018 -0400
AIRAVATA-2773 Removing EXEC permission
---
.../api/server/handler/AiravataServerHandler.java | 26 ----------------------
.../migrator/airavata/AiravataDataMigrator.java | 7 ------
.../registry/SharingRegistryServerHandlerTest.java | 11 ---------
.../group_manager_model.thrift | 1 -
4 files changed, 45 deletions(-)
diff --git a/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java b/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java
index ae84664..3ef8690 100644
--- a/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java
+++ b/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java
@@ -258,13 +258,6 @@ public class AiravataServerHandler implements Airavata.Iface {
permissionType.setName("WRITE");
permissionType.setDescription("Write permission type");
client.createPermissionType(permissionType);
-
- permissionType = new PermissionType();
- permissionType.setPermissionTypeId(domain.domainId+":EXEC");
- permissionType.setDomainId(domain.domainId);
- permissionType.setName("EXEC");
- permissionType.setDescription("Execute permission type");
- client.createPermissionType(permissionType);
}
sharingClientPool.returnResource(client);
} catch (Exception ex) {
@@ -375,13 +368,6 @@ public class AiravataServerHandler implements Airavata.Iface {
permissionType.setDescription("Write permission type");
sharingClient.createPermissionType(permissionType);
- permissionType = new PermissionType();
- permissionType.setPermissionTypeId(domain.domainId+":EXEC");
- permissionType.setDomainId(domain.domainId);
- permissionType.setName("EXEC");
- permissionType.setDescription("Execute permission type");
- sharingClient.createPermissionType(permissionType);
-
//Create an "everyone" group for the domain
String groupId = "everyone@" + domain.domainId;
UserGroup userGroup = new UserGroup();
@@ -4965,9 +4951,6 @@ public class AiravataServerHandler implements Airavata.Iface {
else if(userPermission.getValue().equals(ResourcePermissionType.READ))
sharingClient.shareEntityWithUsers(gatewayId, resourceId,
Arrays.asList(userPermission.getKey()), authzToken.getClaimsMap().get(Constants.GATEWAY_ID) + ":" + "READ", true);
- else if(userPermission.getValue().equals(ResourcePermissionType.EXEC))
- sharingClient.shareEntityWithUsers(gatewayId, resourceId,
- Arrays.asList(userPermission.getKey()), authzToken.getClaimsMap().get(Constants.GATEWAY_ID) + ":" + "EXEC", true);
else {
logger.error("Invalid ResourcePermissionType : " + userPermission.getValue().toString());
throw new AiravataClientException(AiravataErrorType.UNSUPPORTED_OPERATION);
@@ -5004,9 +4987,6 @@ public class AiravataServerHandler implements Airavata.Iface {
else if(groupPermission.getValue().equals(ResourcePermissionType.READ))
sharingClient.shareEntityWithGroups(gatewayId, resourceId,
Arrays.asList(groupPermission.getKey()), authzToken.getClaimsMap().get(Constants.GATEWAY_ID) + ":" + "READ", true);
- else if(groupPermission.getValue().equals(ResourcePermissionType.EXEC))
- sharingClient.shareEntityWithGroups(gatewayId, resourceId,
- Arrays.asList(groupPermission.getKey()), authzToken.getClaimsMap().get(Constants.GATEWAY_ID) + ":" + "EXEC", true);
else {
logger.error("Invalid ResourcePermissionType : " + groupPermission.getValue().toString());
throw new AiravataClientException(AiravataErrorType.UNSUPPORTED_OPERATION);
@@ -5042,9 +5022,6 @@ public class AiravataServerHandler implements Airavata.Iface {
else if(userPermission.getValue().equals(ResourcePermissionType.READ))
sharingClient.revokeEntitySharingFromUsers(gatewayId, resourceId,
Arrays.asList(userPermission.getKey()), authzToken.getClaimsMap().get(Constants.GATEWAY_ID) + ":" + "READ");
- else if(userPermission.getValue().equals(ResourcePermissionType.EXEC))
- sharingClient.revokeEntitySharingFromUsers(gatewayId, resourceId,
- Arrays.asList(userPermission.getKey()), authzToken.getClaimsMap().get(Constants.GATEWAY_ID) + ":" + "EXEC");
else {
logger.error("Invalid ResourcePermissionType : " + userPermission.getValue().toString());
throw new AiravataClientException(AiravataErrorType.UNSUPPORTED_OPERATION);
@@ -5091,9 +5068,6 @@ public class AiravataServerHandler implements Airavata.Iface {
else if(groupPermission.getValue().equals(ResourcePermissionType.READ))
sharingClient.revokeEntitySharingFromUsers(gatewayId, resourceId,
Arrays.asList(groupPermission.getKey()), gatewayId + ":" + "READ");
- else if(groupPermission.getValue().equals(ResourcePermissionType.EXEC))
- sharingClient.revokeEntitySharingFromUsers(gatewayId, resourceId,
- Arrays.asList(groupPermission.getKey()), gatewayId + ":" + "EXEC");
else {
logger.error("Invalid ResourcePermissionType : " + groupPermission.getValue().toString());
throw new AiravataClientException(AiravataErrorType.UNSUPPORTED_OPERATION);
diff --git a/modules/sharing-registry/sharing-data-migrator/src/main/java/org/apache/airavata/sharing/registry/migrator/airavata/AiravataDataMigrator.java b/modules/sharing-registry/sharing-data-migrator/src/main/java/org/apache/airavata/sharing/registry/migrator/airavata/AiravataDataMigrator.java
index 95c4fdb..584581d 100644
--- a/modules/sharing-registry/sharing-data-migrator/src/main/java/org/apache/airavata/sharing/registry/migrator/airavata/AiravataDataMigrator.java
+++ b/modules/sharing-registry/sharing-data-migrator/src/main/java/org/apache/airavata/sharing/registry/migrator/airavata/AiravataDataMigrator.java
@@ -133,13 +133,6 @@ public class AiravataDataMigrator {
if (!sharingRegistryServerHandler.isPermissionExists(permissionType.domainId, permissionType.permissionTypeId))
sharingRegistryServerHandler.createPermissionType(permissionType);
- permissionType = new PermissionType();
- permissionType.setPermissionTypeId(domain.domainId+":EXEC");
- permissionType.setDomainId(domain.domainId);
- permissionType.setName("EXEC");
- permissionType.setDescription("Execute permission type");
- if (!sharingRegistryServerHandler.isPermissionExists(permissionType.domainId, permissionType.permissionTypeId))
- sharingRegistryServerHandler.createPermissionType(permissionType);
}catch (Exception ex){
ex.printStackTrace();
}
diff --git a/modules/sharing-registry/sharing-registry-server/src/test/java/org/apache/airavata/sharing/registry/SharingRegistryServerHandlerTest.java b/modules/sharing-registry/sharing-registry-server/src/test/java/org/apache/airavata/sharing/registry/SharingRegistryServerHandlerTest.java
index f597c39..c44b02f 100644
--- a/modules/sharing-registry/sharing-registry-server/src/test/java/org/apache/airavata/sharing/registry/SharingRegistryServerHandlerTest.java
+++ b/modules/sharing-registry/sharing-registry-server/src/test/java/org/apache/airavata/sharing/registry/SharingRegistryServerHandlerTest.java
@@ -178,17 +178,6 @@ public class SharingRegistryServerHandlerTest {
String permissionTypeId2 = sharingRegistryServerHandler.createPermissionType(permissionType2);
Assert.assertNotNull(permissionTypeId2);
- PermissionType permissionType3 = new PermissionType();
- String permissionName3 = "EXEC";
- permissionType3.setPermissionTypeId(domainId+":"+permissionName3);
- permissionType3.setDomainId(domainId);
- permissionType3.setName(permissionName3);
- permissionType3.setDescription("EXEC description");
- permissionType3.setCreatedTime(System.currentTimeMillis());
- permissionType3.setUpdatedTime(System.currentTimeMillis());
- String permissionTypeId3 = sharingRegistryServerHandler.createPermissionType(permissionType3);
- Assert.assertNotNull(permissionTypeId3);
-
//Creating entity types
EntityType entityType1 = new EntityType();
String entityType1Name = "Project";
diff --git a/thrift-interface-descriptions/data-models/user-tenant-group-models/group_manager_model.thrift b/thrift-interface-descriptions/data-models/user-tenant-group-models/group_manager_model.thrift
index adb4285..b9c65c1 100644
--- a/thrift-interface-descriptions/data-models/user-tenant-group-models/group_manager_model.thrift
+++ b/thrift-interface-descriptions/data-models/user-tenant-group-models/group_manager_model.thrift
@@ -39,7 +39,6 @@ enum ResourcePermissionType {
WRITE,
READ,
OWNER,
- EXEC,
}
struct GroupModel{
--
To stop receiving notification emails like this one, please contact
machristie@apache.org.