Changeset 17059 for stable/HeuristicLab.Services.Hive/3.3/HiveService.cs
- Timestamp:
- 07/04/19 14:28:13 (5 years ago)
- Location:
- stable
- Files:
-
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
stable
- Property svn:mergeinfo changed
-
stable/HeuristicLab.Services.Hive
- Property svn:mergeinfo changed
-
stable/HeuristicLab.Services.Hive/3.3/HiveService.cs
r15584 r17059 41 41 [HiveOperationContextBehavior] 42 42 public class HiveService : IHiveService { 43 private const string NOT_AUTHORIZED_PROJECTRESOURCE = "Selected project is not authorized to access the requested resource"; 44 private const string NOT_AUTHORIZED_USERPROJECT = "Current user is not authorized to access the requested project"; 45 private const string NOT_AUTHORIZED_PROJECTOWNER = "The set user is not authorized to own the project"; 46 private const string NO_JOB_UPDATE_POSSIBLE = "This job has already been flagged for deletion, thus, it can not be updated anymore."; 47 43 48 private static readonly DA.TaskState[] CompletedStates = { DA.TaskState.Finished, DA.TaskState.Aborted, DA.TaskState.Failed }; 44 49 … … 66 71 67 72 #region Task Methods 68 public Guid AddTask(DT.Task task, DT.TaskData taskData, IEnumerable<Guid> resourceIds) { 69 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 73 74 public Guid AddTask(DT.Task task, DT.TaskData taskData) { 75 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 76 AuthorizationManager.AuthorizeForJob(task.JobId, DT.Permission.Full); 70 77 var pm = PersistenceManager; 71 78 using (new PerformanceLogger("AddTask")) { … … 75 82 newTask.JobData = taskData.ToEntity(); 76 83 newTask.JobData.LastUpdate = DateTime.Now; 77 newTask.AssignedResources.AddRange(resourceIds.Select(78 x => new DA.AssignedResource {79 ResourceId = x80 }));81 84 newTask.State = DA.TaskState.Waiting; 82 85 return pm.UseTransaction(() => { … … 99 102 public Guid AddChildTask(Guid parentTaskId, DT.Task task, DT.TaskData taskData) { 100 103 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 101 IEnumerable<Guid> resourceIds;102 var pm = PersistenceManager;103 using (new PerformanceLogger("AddChildTask")) {104 var assignedResourceDao = pm.AssignedResourceDao;105 resourceIds = pm.UseTransaction(() => {106 return assignedResourceDao.GetByTaskId(parentTaskId)107 .Select(x => x.ResourceId)108 .ToList();109 });110 }111 104 task.ParentTaskId = parentTaskId; 112 return AddTask(task, taskData , resourceIds);105 return AddTask(task, taskData); 113 106 } 114 107 … … 338 331 return pm.UseTransaction(() => { 339 332 var jobs = jobDao.GetAll() 340 .Where(x => x.OwnerUserId == currentUserId 341 || x.JobPermissions.Count(y => y.Permission != DA.Permission.NotAllowed 342 && y.GrantedUserId == currentUserId) > 0) 333 .Where(x => x.State == DA.JobState.Online 334 && (x.OwnerUserId == currentUserId 335 || x.JobPermissions.Count(y => y.Permission != DA.Permission.NotAllowed 336 && y.GrantedUserId == currentUserId) > 0) 337 ) 343 338 .Select(x => x.ToDto()) 344 339 .ToList(); 345 var statistics = taskDao.GetAll() 346 .GroupBy(x => x.JobId) 347 .Select(x => new { 348 x.Key, 349 TotalCount = x.Count(), 350 CalculatingCount = x.Count(y => y.State == DA.TaskState.Calculating), 351 FinishedCount = x.Count(y => CompletedStates.Contains(y.State)) 352 }) 340 341 EvaluateJobs(pm, jobs); 342 return jobs; 343 }); 344 } 345 } 346 347 public IEnumerable<DT.Job> GetJobsByProjectId(Guid projectId) { 348 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 349 var pm = PersistenceManager; 350 using (new PerformanceLogger("GetJobsByProjectId")) { 351 var currentUserId = UserManager.CurrentUserId; 352 var projectDao = pm.ProjectDao; 353 var jobDao = pm.JobDao; 354 355 return pm.UseTransaction(() => { 356 // check if user is granted to administer the requested projectId 357 bool isAdmin = RoleVerifier.IsInRole(HiveRoles.Administrator); 358 List<DA.Project> administrationGrantedProjects; 359 if (isAdmin) { 360 administrationGrantedProjects = projectDao.GetAll().ToList(); 361 } else { 362 administrationGrantedProjects = projectDao 363 .GetAdministrationGrantedProjectsForUser(currentUserId) 353 364 .ToList(); 354 foreach (var job in jobs) { 355 var statistic = statistics.FirstOrDefault(x => x.Key == job.Id); 356 if (statistic != null) { 357 job.JobCount = statistic.TotalCount; 358 job.CalculatingCount = statistic.CalculatingCount; 359 job.FinishedCount = statistic.FinishedCount; 360 } 361 job.OwnerUsername = UserManager.GetUserNameById(job.OwnerUserId); 362 if (currentUserId == job.OwnerUserId) { 363 job.Permission = Permission.Full; 364 } else { 365 var jobPermission = jobPermissionDao.GetByJobAndUserId(job.Id, currentUserId); 366 job.Permission = jobPermission == null ? Permission.NotAllowed : jobPermission.Permission.ToDto(); 367 } 368 } 369 return jobs; 370 }); 371 } 372 } 373 374 public Guid AddJob(DT.Job jobDto) { 375 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 376 var pm = PersistenceManager; 365 } 366 367 if (administrationGrantedProjects.Select(x => x.ProjectId).Contains(projectId)) { 368 var jobs = jobDao.GetByProjectId(projectId) 369 .Select(x => x.ToDto()) 370 .ToList(); 371 372 EvaluateJobs(pm, jobs); 373 return jobs; 374 } else { 375 return Enumerable.Empty<DT.Job>(); 376 } 377 }); 378 } 379 } 380 381 public IEnumerable<DT.Job> GetJobsByProjectIds(IEnumerable<Guid> projectIds) { 382 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 383 var pm = PersistenceManager; 384 using (new PerformanceLogger("GetJobsByProjectIds")) { 385 var currentUserId = UserManager.CurrentUserId; 386 var projectDao = pm.ProjectDao; 387 var jobDao = pm.JobDao; 388 return pm.UseTransaction(() => { 389 // check for which of requested projectIds the user is granted to administer 390 bool isAdmin = RoleVerifier.IsInRole(HiveRoles.Administrator); 391 List<Guid> administrationGrantedProjectIds; 392 if (isAdmin) { 393 administrationGrantedProjectIds = projectDao.GetAll().Select(x => x.ProjectId).ToList(); 394 } else { 395 administrationGrantedProjectIds = projectDao 396 .GetAdministrationGrantedProjectsForUser(currentUserId) 397 .Select(x => x.ProjectId) 398 .ToList(); 399 } 400 var requestedAndGrantedProjectIds = projectIds.Intersect(administrationGrantedProjectIds); 401 402 if (requestedAndGrantedProjectIds.Any()) { 403 var jobs = jobDao.GetByProjectIds(requestedAndGrantedProjectIds) 404 .Select(x => x.ToDto()) 405 .ToList(); 406 407 EvaluateJobs(pm, jobs); 408 return jobs; 409 } else { 410 return Enumerable.Empty<DT.Job>(); 411 } 412 }); 413 } 414 } 415 416 public Guid AddJob(DT.Job jobDto, IEnumerable<Guid> resourceIds) { 417 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 418 var dateCreated = DateTime.Now; 419 var pm = PersistenceManager; 420 421 // check project availability (cf. duration) 422 CheckProjectAvailability(pm, jobDto.ProjectId, dateCreated); 423 424 // check user - project 425 AuthorizationManager.AuthorizeUserForProjectUse(UserManager.CurrentUserId, jobDto.ProjectId); 426 427 // check project - resources 428 AuthorizationManager.AuthorizeProjectForResourcesUse(jobDto.ProjectId, resourceIds); 429 377 430 using (new PerformanceLogger("AddJob")) { 378 431 var jobDao = pm.JobDao; 379 432 var userPriorityDao = pm.UserPriorityDao; 380 return pm.UseTransaction(() => { 381 jobDto.OwnerUserId = UserManager.CurrentUserId; 382 jobDto.DateCreated = DateTime.Now; 383 var job = jobDao.Save(jobDto.ToEntity()); 384 if (userPriorityDao.GetById(jobDto.OwnerUserId) == null) { 433 434 return pm.UseTransaction(() => { 435 var newJob = jobDto.ToEntity(); 436 newJob.OwnerUserId = UserManager.CurrentUserId; 437 newJob.DateCreated = dateCreated; 438 439 // add resource assignments 440 if (resourceIds != null && resourceIds.Any()) { 441 newJob.AssignedJobResources.AddRange(resourceIds.Select( 442 x => new DA.AssignedJobResource { 443 ResourceId = x 444 })); 445 } 446 447 var job = jobDao.Save(newJob); 448 if (userPriorityDao.GetById(newJob.OwnerUserId) == null) { 385 449 userPriorityDao.Save(new DA.UserPriority { 386 UserId = jobDto.OwnerUserId,387 DateEnqueued = jobDto.DateCreated450 UserId = newJob.OwnerUserId, 451 DateEnqueued = newJob.DateCreated 388 452 }); 389 453 } … … 394 458 } 395 459 396 public void UpdateJob(DT.Job jobDto ) {460 public void UpdateJob(DT.Job jobDto, IEnumerable<Guid> resourceIds) { 397 461 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 398 462 AuthorizationManager.AuthorizeForJob(jobDto.Id, DT.Permission.Full); 399 463 var pm = PersistenceManager; 464 var dateUpdated = DateTime.Now; 465 466 // check project availability 467 CheckProjectAvailability(pm, jobDto.ProjectId, dateUpdated); 468 // check user - project permission 469 AuthorizationManager.AuthorizeUserForProjectUse(UserManager.CurrentUserId, jobDto.ProjectId); 470 // check project - resources permission 471 AuthorizationManager.AuthorizeProjectForResourcesUse(jobDto.ProjectId, resourceIds); 472 400 473 using (new PerformanceLogger("UpdateJob")) { 401 474 bool exists = true; … … 406 479 exists = false; 407 480 job = new DA.Job(); 408 } 481 } else if (job.State != DA.JobState.Online) { 482 throw new InvalidOperationException(NO_JOB_UPDATE_POSSIBLE); 483 } 484 409 485 jobDto.CopyToEntity(job); 486 410 487 if (!exists) { 488 // add resource assignments 489 if (resourceIds != null && resourceIds.Any()) { 490 job.AssignedJobResources.AddRange(resourceIds.Select( 491 x => new DA.AssignedJobResource { 492 ResourceId = x 493 })); 494 } 411 495 jobDao.Save(job); 412 } 413 pm.SubmitChanges(); 414 }); 415 } 416 } 417 418 public void DeleteJob(Guid jobId) { 419 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 496 } else if (resourceIds != null) { 497 var addedJobResourceIds = resourceIds.Except(job.AssignedJobResources.Select(x => x.ResourceId)); 498 var removedJobResourceIds = job.AssignedJobResources 499 .Select(x => x.ResourceId) 500 .Except(resourceIds) 501 .ToArray(); 502 503 // remove resource assignments 504 foreach (var rid in removedJobResourceIds) { 505 var ajr = job.AssignedJobResources.Where(x => x.ResourceId == rid).SingleOrDefault(); 506 if (ajr != null) job.AssignedJobResources.Remove(ajr); 507 } 508 509 // add resource assignments 510 job.AssignedJobResources.AddRange(addedJobResourceIds.Select( 511 x => new DA.AssignedJobResource { 512 ResourceId = x 513 })); 514 } 515 pm.SubmitChanges(); 516 }); 517 } 518 } 519 520 public void UpdateJobState(Guid jobId, DT.JobState jobState) { 521 if (jobState != JobState.StatisticsPending) return; // only process requests for "StatisticsPending" 522 523 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 524 // check if user is an admin, or granted to administer a job-parenting project, or job owner 420 525 AuthorizationManager.AuthorizeForJob(jobId, DT.Permission.Full); 421 var pm = PersistenceManager; 422 using (new PerformanceLogger("DeleteJob")) { 526 527 var pm = PersistenceManager; 528 using (new PerformanceLogger("UpdateJobState")) { 529 var jobDao = pm.JobDao; 530 pm.UseTransaction(() => { 531 var job = jobDao.GetById(jobId); 532 if (job != null) { 533 534 // note: allow solely state changes from "Online" to "StatisticsPending" = deletion request by user for HiveStatisticGenerator 535 var jobStateEntity = jobState.ToEntity(); 536 if (job.State == DA.JobState.Online && jobStateEntity == DA.JobState.StatisticsPending) { 537 job.State = jobStateEntity; 538 foreach (var task in job.Tasks 539 .Where(x => x.State == DA.TaskState.Waiting 540 || x.State == DA.TaskState.Paused 541 || x.State == DA.TaskState.Offline)) { 542 task.State = DA.TaskState.Aborted; 543 } 544 pm.SubmitChanges(); 545 } 546 } 547 }); 548 } 549 } 550 551 public void UpdateJobStates(IEnumerable<Guid> jobIds, DT.JobState jobState) { 552 if (jobState != JobState.StatisticsPending) return; // only process requests for "StatisticsPending" 553 554 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 555 // check if user is an admin, or granted to administer a job-parenting project, or job owner 556 foreach (var jobId in jobIds) 557 AuthorizationManager.AuthorizeForJob(jobId, DT.Permission.Full); 558 559 var pm = PersistenceManager; 560 using (new PerformanceLogger("UpdateJobStates")) { 423 561 var jobDao = pm.JobDao; 424 pm.UseTransaction(() => { 425 // child task will be deleted by db-trigger 426 jobDao.Delete(jobId); 427 pm.SubmitChanges(); 428 }); 562 var projectDao = pm.ProjectDao; 563 pm.UseTransaction(() => { 564 foreach (var jobId in jobIds) { 565 var job = jobDao.GetById(jobId); 566 if (job != null) { 567 568 // note: allow solely state changes from "Online" to "StatisticsPending" = deletion request by user for HiveStatisticGenerator 569 var jobStateEntity = jobState.ToEntity(); 570 if (job.State == DA.JobState.Online && jobStateEntity == DA.JobState.StatisticsPending) { 571 job.State = jobStateEntity; 572 foreach (var task in job.Tasks 573 .Where(x => x.State == DA.TaskState.Waiting 574 || x.State == DA.TaskState.Paused 575 || x.State == DA.TaskState.Offline)) { 576 task.State = DA.TaskState.Aborted; 577 } 578 pm.SubmitChanges(); 579 } 580 } 581 } 582 }); 583 } 584 } 585 586 public IEnumerable<DT.AssignedJobResource> GetAssignedResourcesForJob(Guid jobId) { 587 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 588 AuthorizationManager.AuthorizeForJob(jobId, DT.Permission.Full); 589 var pm = PersistenceManager; 590 var assignedJobResourceDao = pm.AssignedJobResourceDao; 591 using (new PerformanceLogger("GetAssignedResourcesForProject")) { 592 return pm.UseTransaction(() => 593 assignedJobResourceDao.GetByJobId(jobId) 594 .Select(x => x.ToDto()) 595 .ToList() 596 ); 429 597 } 430 598 } … … 532 700 result = HeartbeatManager.ProcessHeartbeat(heartbeat); 533 701 } 534 } 535 catch (Exception ex) { 702 } catch (Exception ex) { 536 703 DA.LogFactory.GetLogger(this.GetType().Namespace).Log(string.Format("Exception processing Heartbeat: {0}", ex)); 537 704 } … … 604 771 #endregion 605 772 606 #region ResourcePermission Methods 607 public void GrantResourcePermissions(Guid resourceId, Guid[] grantedUserIds) { 608 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 609 var pm = PersistenceManager; 610 using (new PerformanceLogger("GrantResourcePermissions")) { 611 pm.UseTransaction(() => { 612 var resource = AuthorizeForResource(pm, resourceId); 613 var resourcePermissions = resource.ResourcePermissions.ToList(); 773 #region Project Methods 774 public Guid AddProject(DT.Project projectDto) { 775 if (projectDto == null || projectDto.Id != Guid.Empty) return Guid.Empty; 776 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 777 // check if current (non-admin) user is owner of one of projectDto's-parents 778 // note: non-admin users are not allowed to administer root projects (i.e. projects without parental entry) 779 bool isAdmin = RoleVerifier.IsInRole(HiveRoles.Administrator); 780 if (!isAdmin) { 781 if (projectDto != null && projectDto.ParentProjectId.HasValue) { 782 AuthorizationManager.AuthorizeForProjectAdministration(projectDto.ParentProjectId.Value, false); 783 } else { 784 throw new SecurityException(NOT_AUTHORIZED_USERPROJECT); 785 } 786 } 787 788 // check that non-admins can not be set as owner of root projects 789 if (projectDto != null && !projectDto.ParentProjectId.HasValue) { 790 var owner = UserManager.GetUserById(projectDto.OwnerUserId); 791 if (owner == null || !RoleVerifier.IsUserInRole(owner.UserName, HiveRoles.Administrator)) { 792 throw new SecurityException(NOT_AUTHORIZED_PROJECTOWNER); 793 } 794 } 795 796 var pm = PersistenceManager; 797 using (new PerformanceLogger("AddProject")) { 798 var projectDao = pm.ProjectDao; 799 800 return pm.UseTransaction(() => { 801 var project = projectDao.Save(projectDto.ToEntity()); 802 803 var parentProjects = projectDao.GetParentProjectsById(project.ProjectId).ToList(); 804 bool isParent = parentProjects.Select(x => x.OwnerUserId == UserManager.CurrentUserId).Any(); 805 806 // if user is no admin, but owner of a parent project 807 // check start/end date time boundaries of parent projects before updating child project 808 if (!isAdmin) { 809 var parentProject = parentProjects.Where(x => x.ProjectId == project.ParentProjectId).FirstOrDefault(); 810 if (parentProject != null) { 811 if (project.StartDate < parentProject.StartDate) project.StartDate = parentProject.StartDate; 812 if ((parentProject.EndDate.HasValue && project.EndDate.HasValue && project.EndDate > parentProject.EndDate) 813 || (parentProject.EndDate.HasValue && !project.EndDate.HasValue)) 814 project.EndDate = parentProject.EndDate; 815 } 816 } 817 818 819 project.ProjectPermissions.Clear(); 820 project.ProjectPermissions.Add(new DA.ProjectPermission { 821 GrantedUserId = project.OwnerUserId, 822 GrantedByUserId = UserManager.CurrentUserId 823 }); 824 825 pm.SubmitChanges(); 826 return project.ProjectId; 827 }); 828 } 829 } 830 831 public void UpdateProject(DT.Project projectDto) { 832 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 833 // check if current (non-admin) user is owner of the project or the projectDto's-parents 834 // note: non-admin users are not allowed to administer root projects (i.e. projects without parental entry) 835 bool isAdmin = RoleVerifier.IsInRole(HiveRoles.Administrator); 836 if (!isAdmin) { 837 if (projectDto != null && projectDto.ParentProjectId.HasValue) { 838 AuthorizationManager.AuthorizeForProjectAdministration(projectDto.Id, false); 839 } else { 840 throw new SecurityException(NOT_AUTHORIZED_USERPROJECT); 841 } 842 } 843 844 // check that non-admins can not be set as owner of root projects 845 if (projectDto != null && !projectDto.ParentProjectId.HasValue) { 846 var owner = UserManager.GetUserById(projectDto.OwnerUserId); 847 if (owner == null || !RoleVerifier.IsUserInRole(owner.UserName, HiveRoles.Administrator)) { 848 throw new SecurityException(NOT_AUTHORIZED_PROJECTOWNER); 849 } 850 } 851 852 var pm = PersistenceManager; 853 using (new PerformanceLogger("UpdateProject")) { 854 var projectDao = pm.ProjectDao; 855 var assignedJobResourceDao = pm.AssignedJobResourceDao; 856 pm.UseTransaction(() => { 857 var project = projectDao.GetById(projectDto.Id); 858 if (project != null) { // (1) update existent project 859 var parentProjects = projectDao.GetParentProjectsById(project.ProjectId).ToList(); 860 bool isParent = parentProjects.Select(x => x.OwnerUserId == UserManager.CurrentUserId).Any(); 861 862 var formerOwnerId = project.OwnerUserId; 863 var formerStartDate = project.StartDate; 864 var formerEndDate = project.EndDate; 865 projectDto.CopyToEntity(project); 866 867 // if user is no admin, but owner of parent project(s) 868 // check start/end date time boundaries of parent projects before updating child project 869 if (!isAdmin && isParent) { 870 var parentProject = parentProjects.Where(x => x.ProjectId == project.ParentProjectId).FirstOrDefault(); 871 if (parentProject != null) { 872 if (project.StartDate < parentProject.StartDate) project.StartDate = formerStartDate; 873 if ((parentProject.EndDate.HasValue && project.EndDate.HasValue && project.EndDate > parentProject.EndDate) 874 || (parentProject.EndDate.HasValue && !project.EndDate.HasValue)) 875 project.EndDate = formerEndDate; 876 } 877 } 878 879 // if user is admin or owner of parent project(s) 880 if (isAdmin || isParent) { 881 // if owner has changed... 882 if (formerOwnerId != projectDto.OwnerUserId) { 883 // Add permission for new owner if not already done 884 if (!project.ProjectPermissions 885 .Select(pp => pp.GrantedUserId) 886 .Contains(projectDto.OwnerUserId)) { 887 project.ProjectPermissions.Add(new DA.ProjectPermission { 888 GrantedUserId = projectDto.OwnerUserId, 889 GrantedByUserId = UserManager.CurrentUserId 890 }); 891 } 892 } 893 } else { // if user is only owner of current project, but no admin and no owner of parent project(s) 894 project.OwnerUserId = formerOwnerId; 895 project.StartDate = formerStartDate; 896 project.EndDate = formerEndDate; 897 } 898 899 } else { // (2) save new project 900 var newProject = projectDao.Save(projectDto.ToEntity()); 901 902 var parentProjects = projectDao.GetParentProjectsById(project.ProjectId).ToList(); 903 bool isParent = parentProjects.Select(x => x.OwnerUserId == UserManager.CurrentUserId).Any(); 904 905 // if user is no admin, but owner of a parent project 906 // check start/end date time boundaries of parent projects before updating child project 907 if (!isAdmin) { 908 var parentProject = parentProjects.Where(x => x.ProjectId == project.ParentProjectId).FirstOrDefault(); 909 if (parentProject != null) { 910 if (project.StartDate < parentProject.StartDate) project.StartDate = parentProject.StartDate; 911 if ((parentProject.EndDate.HasValue && project.EndDate.HasValue && project.EndDate > parentProject.EndDate) 912 || (parentProject.EndDate.HasValue && !project.EndDate.HasValue)) 913 project.EndDate = parentProject.EndDate; 914 } 915 } 916 917 newProject.ProjectPermissions.Clear(); 918 newProject.ProjectPermissions.Add(new DA.ProjectPermission { 919 GrantedUserId = projectDto.OwnerUserId, 920 GrantedByUserId = UserManager.CurrentUserId 921 }); 922 } 923 924 pm.SubmitChanges(); 925 }); 926 } 927 } 928 929 public void DeleteProject(Guid projectId) { 930 if (projectId == Guid.Empty) return; 931 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 932 // check if current (non-admin) user is owner of one of the projectDto's-parents 933 // note: non-admin users are not allowed to administer root projects (i.e. projects without parental entry) 934 if (!RoleVerifier.IsInRole(HiveRoles.Administrator)) { 935 AuthorizationManager.AuthorizeForProjectAdministration(projectId, true); 936 } 937 938 var pm = PersistenceManager; 939 using (new PerformanceLogger("DeleteProject")) { 940 var projectDao = pm.ProjectDao; 941 var jobDao = pm.JobDao; 942 var assignedJobResourceDao = pm.AssignedJobResourceDao; 943 pm.UseTransaction(() => { 944 var projectIds = new HashSet<Guid> { projectId }; 945 projectIds.Union(projectDao.GetChildProjectIdsById(projectId)); 946 947 var jobs = jobDao.GetByProjectIds(projectIds) 948 .Select(x => x.ToDto()) 949 .ToList(); 950 951 if (jobs.Count > 0) { 952 throw new InvalidOperationException("There are " + jobs.Count + " job(s) using this project and/or child-projects. It is necessary to delete them before the project."); 953 } else { 954 assignedJobResourceDao.DeleteByProjectIds(projectIds); 955 projectDao.DeleteByIds(projectIds); 956 pm.SubmitChanges(); 957 } 958 }); 959 } 960 } 961 962 // query granted project for use (i.e. to calculate on) 963 public DT.Project GetProject(Guid projectId) { 964 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 965 var pm = PersistenceManager; 966 using (new PerformanceLogger("GetProject")) { 967 var projectDao = pm.ProjectDao; 968 var currentUserId = UserManager.CurrentUserId; 969 var userAndGroupIds = new List<Guid> { currentUserId }; 970 userAndGroupIds.AddRange(UserManager.GetUserGroupIdsOfUser(currentUserId)); 971 return pm.UseTransaction(() => { 972 return projectDao.GetUsageGrantedProjectsForUser(userAndGroupIds) 973 .Where(x => x.ProjectId == projectId) 974 .Select(x => x.ToDto()) 975 .SingleOrDefault(); 976 }); 977 } 978 } 979 980 // query granted projects for use (i.e. to calculate on) 981 public IEnumerable<DT.Project> GetProjects() { 982 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 983 var pm = PersistenceManager; 984 using (new PerformanceLogger("GetProjects")) { 985 var projectDao = pm.ProjectDao; 986 var currentUserId = UserManager.CurrentUserId; 987 var userAndGroupIds = new List<Guid> { currentUserId }; 988 userAndGroupIds.AddRange(UserManager.GetUserGroupIdsOfUser(currentUserId)); 989 return pm.UseTransaction(() => { 990 var projects = projectDao.GetUsageGrantedProjectsForUser(userAndGroupIds) 991 .Select(x => x.ToDto()).ToList(); 992 var now = DateTime.Now; 993 return projects.Where(x => x.StartDate <= now && (x.EndDate == null || x.EndDate >= now)).ToList(); 994 }); 995 } 996 } 997 998 public IEnumerable<DT.Project> GetProjectsForAdministration() { 999 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 1000 bool isAdministrator = RoleVerifier.IsInRole(HiveRoles.Administrator); 1001 var pm = PersistenceManager; 1002 using (new PerformanceLogger("GetProjectsForAdministration")) { 1003 var projectDao = pm.ProjectDao; 1004 1005 return pm.UseTransaction(() => { 1006 if (isAdministrator) { 1007 return projectDao.GetAll().Select(x => x.ToDto()).ToList(); 1008 } else { 1009 var currentUserId = UserManager.CurrentUserId; 1010 return projectDao.GetAdministrationGrantedProjectsForUser(currentUserId) 1011 .Select(x => x.ToDto()).ToList(); 1012 1013 } 1014 }); 1015 } 1016 } 1017 1018 public IDictionary<Guid, HashSet<Guid>> GetProjectGenealogy() { 1019 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 1020 var pm = PersistenceManager; 1021 using (new PerformanceLogger("GetProjectGenealogy")) { 1022 var projectDao = pm.ProjectDao; 1023 var projectAncestors = new Dictionary<Guid, HashSet<Guid>>(); 1024 return pm.UseTransaction(() => { 1025 var projects = projectDao.GetAll().ToList(); 1026 projects.ForEach(p => projectAncestors.Add(p.ProjectId, new HashSet<Guid>())); 1027 foreach (var p in projects) { 1028 var parentProject = p.ParentProject; 1029 while (parentProject != null) { 1030 projectAncestors[p.ProjectId].Add(parentProject.ProjectId); 1031 parentProject = parentProject.ParentProject; 1032 } 1033 } 1034 return projectAncestors; 1035 }); 1036 } 1037 } 1038 1039 public IDictionary<Guid, string> GetProjectNames() { 1040 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 1041 var pm = PersistenceManager; 1042 using (new PerformanceLogger("GetProjectNames")) { 1043 var projectDao = pm.ProjectDao; 1044 var projectNames = new Dictionary<Guid, string>(); 1045 return pm.UseTransaction(() => { 1046 projectDao 1047 .GetAll().ToList() 1048 .ForEach(p => projectNames.Add(p.ProjectId, p.Name)); 1049 return projectNames; 1050 }); 1051 } 1052 } 1053 #endregion 1054 1055 #region ProjectPermission Methods 1056 public void SaveProjectPermissions(Guid projectId, List<Guid> grantedUserIds, bool reassign, bool cascading, bool reassignCascading) { 1057 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 1058 if (projectId == null || grantedUserIds == null) return; 1059 AuthorizationManager.AuthorizeForProjectAdministration(projectId, false); 1060 var pm = PersistenceManager; 1061 using (new PerformanceLogger("SaveProjectPermissions")) { 1062 var projectDao = pm.ProjectDao; 1063 var projectPermissionDao = pm.ProjectPermissionDao; 1064 var assignedJobResourceDao = pm.AssignedJobResourceDao; 1065 1066 pm.UseTransaction(() => { 1067 var project = projectDao.GetById(projectId); 1068 if (project == null) return; 1069 var projectPermissions = project.ProjectPermissions.Select(x => x.GrantedUserId).ToArray(); 1070 1071 // guarantee that project owner is always permitted 1072 if (!grantedUserIds.Contains(project.OwnerUserId)) { 1073 grantedUserIds.Add(project.OwnerUserId); 1074 } 1075 1076 //var addedPermissions = grantedUserIds.Except(projectPermissions); 1077 var removedPermissions = projectPermissions.Except(grantedUserIds); 1078 1079 // remove job assignments and project permissions 1080 if (reassign) { 1081 assignedJobResourceDao.DeleteByProjectId(project.ProjectId); 1082 project.ProjectPermissions.Clear(); 1083 } else { 1084 1085 var ugt = GetUserGroupTree(); 1086 var permittedGuids = new HashSet<Guid>(); // User- and Group-Guids 1087 var notpermittedGuids = new HashSet<Guid>(); 1088 1089 // remove job assignments: 1090 // (1) get all member-Guids of all still or fresh permitted user/groups 1091 foreach (var item in grantedUserIds) { 1092 permittedGuids.Add(item); 1093 if (ugt.ContainsKey(item)) { 1094 ugt[item].ToList().ForEach(x => permittedGuids.Add(x)); 1095 } 1096 } 1097 1098 // (2) get all member-Guids of users and groups in removedPermissions 1099 foreach (var item in removedPermissions) { 1100 notpermittedGuids.Add(item); 1101 if (ugt.ContainsKey(item)) { 1102 ugt[item].ToList().ForEach(x => notpermittedGuids.Add(x)); 1103 } 1104 } 1105 1106 // (3) get all Guids which are in removedPermissions but not in grantedUserIds 1107 var definitelyNotPermittedGuids = notpermittedGuids.Except(permittedGuids); 1108 1109 // (4) delete jobs of those 1110 assignedJobResourceDao.DeleteByProjectIdAndUserIds(project.ProjectId, definitelyNotPermittedGuids); 1111 1112 1113 // remove project permissions 1114 foreach (var item in project.ProjectPermissions 1115 .Where(x => removedPermissions.Contains(x.GrantedUserId)) 1116 .ToList()) { 1117 project.ProjectPermissions.Remove(item); 1118 } 1119 } 1120 pm.SubmitChanges(); 1121 1122 // add project permissions 614 1123 foreach (var id in grantedUserIds) { 615 if ( resourcePermissions.All(x => x.GrantedUserId != id)) {616 resource.ResourcePermissions.Add(new DA.ResourcePermission {1124 if (project.ProjectPermissions.All(x => x.GrantedUserId != id)) { 1125 project.ProjectPermissions.Add(new DA.ProjectPermission { 617 1126 GrantedUserId = id, 618 1127 GrantedByUserId = UserManager.CurrentUserId … … 621 1130 } 622 1131 pm.SubmitChanges(); 623 }); 624 } 625 } 626 627 public void RevokeResourcePermissions(Guid resourceId, Guid[] grantedUserIds) { 628 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 629 var pm = PersistenceManager; 630 using (new PerformanceLogger("RevokeResourcePermissions")) { 631 var resourcePermissionDao = pm.ResourcePermissionDao; 632 pm.UseTransaction(() => { 633 AuthorizeForResource(pm, resourceId); 634 resourcePermissionDao.DeleteByResourceAndGrantedUserId(resourceId, grantedUserIds); 635 pm.SubmitChanges(); 636 }); 637 } 638 } 639 640 public IEnumerable<DT.ResourcePermission> GetResourcePermissions(Guid resourceId) { 641 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 642 var pm = PersistenceManager; 643 using (new PerformanceLogger("GetResourcePermissions")) { 644 var resourcePermissionDao = pm.ResourcePermissionDao; 645 return pm.UseTransaction(() => resourcePermissionDao.GetByResourceId(resourceId) 1132 1133 if (cascading) { 1134 var childProjects = projectDao.GetChildProjectsById(projectId).ToList(); 1135 var childProjectIds = childProjects.Select(x => x.ProjectId).ToList(); 1136 1137 // remove job assignments 1138 if (reassignCascading) { 1139 assignedJobResourceDao.DeleteByProjectIds(childProjectIds); 1140 } else { 1141 assignedJobResourceDao.DeleteByProjectIdsAndUserIds(childProjectIds, removedPermissions); 1142 } 1143 1144 foreach (var p in childProjects) { 1145 var cpAssignedPermissions = p.ProjectPermissions.Select(x => x.GrantedUserId).ToList(); 1146 // guarantee that project owner is always permitted 1147 if (!cpAssignedPermissions.Contains(p.OwnerUserId)) { 1148 cpAssignedPermissions.Add(p.OwnerUserId); 1149 } 1150 var cpRemovedPermissions = cpAssignedPermissions.Where(x => x != p.OwnerUserId).Except(grantedUserIds); 1151 1152 // remove left-over job assignments (for non-reassignments) 1153 if (!reassignCascading) { 1154 assignedJobResourceDao.DeleteByProjectIdAndUserIds(p.ProjectId, cpRemovedPermissions); 1155 } 1156 1157 // remove project permissions 1158 if (reassignCascading) { 1159 p.ProjectPermissions.Clear(); 1160 } else { 1161 foreach (var item in p.ProjectPermissions 1162 .Where(x => x.GrantedUserId != p.OwnerUserId 1163 && (removedPermissions.Contains(x.GrantedUserId) || cpRemovedPermissions.Contains(x.GrantedUserId))) 1164 .ToList()) { 1165 p.ProjectPermissions.Remove(item); 1166 } 1167 } 1168 pm.SubmitChanges(); 1169 1170 // add project permissions 1171 var cpGrantedUserIds = new HashSet<Guid>(grantedUserIds); 1172 cpGrantedUserIds.Add(p.OwnerUserId); 1173 1174 foreach (var id in cpGrantedUserIds) { 1175 if (p.ProjectPermissions.All(x => x.GrantedUserId != id)) { 1176 p.ProjectPermissions.Add(new DA.ProjectPermission { 1177 GrantedUserId = id, 1178 GrantedByUserId = UserManager.CurrentUserId 1179 }); 1180 } 1181 } 1182 } 1183 } 1184 pm.SubmitChanges(); 1185 }); 1186 } 1187 } 1188 1189 //private void GrantProjectPermissions(Guid projectId, List<Guid> grantedUserIds, bool cascading) { 1190 // throw new NotImplementedException(); 1191 //} 1192 1193 //private void RevokeProjectPermissions(Guid projectId, List<Guid> grantedUserIds, bool cascading) { 1194 // RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 1195 // if (projectId == null || grantedUserIds == null || !grantedUserIds.Any()) return; 1196 // AuthorizationManager.AuthorizeForProjectAdministration(projectId, false); 1197 // var pm = PersistenceManager; 1198 // using (new PerformanceLogger("RevokeProjectPermissions")) { 1199 // var projectPermissionDao = pm.ProjectPermissionDao; 1200 // var projectDao = pm.ProjectDao; 1201 // var assignedJobResourceDao = pm.AssignedJobResourceDao; 1202 // pm.UseTransaction(() => { 1203 // if (cascading) { 1204 // var childProjectIds = projectDao.GetChildProjectIdsById(projectId).ToList(); 1205 // projectPermissionDao.DeleteByProjectIdsAndGrantedUserIds(childProjectIds, grantedUserIds); 1206 // assignedJobResourceDao.DeleteByProjectIdsAndUserIds(childProjectIds, grantedUserIds); 1207 // } 1208 // projectPermissionDao.DeleteByProjectIdAndGrantedUserIds(projectId, grantedUserIds); 1209 // assignedJobResourceDao.DeleteByProjectIdAndUserIds(projectId, grantedUserIds); 1210 // pm.SubmitChanges(); 1211 // }); 1212 // } 1213 //} 1214 1215 public IEnumerable<DT.ProjectPermission> GetProjectPermissions(Guid projectId) { 1216 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 1217 AuthorizationManager.AuthorizeForProjectAdministration(projectId, false); 1218 var pm = PersistenceManager; 1219 using (new PerformanceLogger("GetProjectPermissions")) { 1220 var projectPermissionDao = pm.ProjectPermissionDao; 1221 return pm.UseTransaction(() => projectPermissionDao.GetByProjectId(projectId) 646 1222 .Select(x => x.ToDto()) 647 1223 .ToList() … … 651 1227 #endregion 652 1228 1229 #region AssignedProjectResource Methods 1230 // basic: remove and add assignments (resourceIds) to projectId and its depending jobs 1231 // reassign: clear all assignments from project and its depending jobs, before adding new ones (resourceIds) 1232 // cascading: "basic" mode for child-projects 1233 // reassignCascading: "reassign" mode for child-projects 1234 public void SaveProjectResourceAssignments(Guid projectId, List<Guid> resourceIds, bool reassign, bool cascading, bool reassignCascading) { 1235 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 1236 if (projectId == null || resourceIds == null) return; 1237 AuthorizationManager.AuthorizeForProjectResourceAdministration(projectId, resourceIds); 1238 bool isAdmin = RoleVerifier.IsInRole(HiveRoles.Administrator); 1239 var pm = PersistenceManager; 1240 using (new PerformanceLogger("SaveProjectResourceAssignments")) { 1241 var projectDao = pm.ProjectDao; 1242 var assignedProjectResourceDao = pm.AssignedProjectResourceDao; 1243 var assignedJobResourceDao = pm.AssignedJobResourceDao; 1244 pm.UseTransaction(() => { 1245 var project = projectDao.GetById(projectId); 1246 1247 var parentProjects = projectDao.GetParentProjectsById(project.ProjectId).ToList(); 1248 bool isParent = parentProjects.Select(x => x.OwnerUserId == UserManager.CurrentUserId).Any(); 1249 1250 var assignedResources = project.AssignedProjectResources.Select(x => x.ResourceId).ToArray(); 1251 if (!isParent && !isAdmin) resourceIds = assignedResources.ToList(); 1252 var removedAssignments = assignedResources.Except(resourceIds); 1253 1254 // if user is admin or owner of parent project(s) 1255 if (isAdmin || isParent) { 1256 // remove job and project assignments 1257 if (reassign) { 1258 assignedJobResourceDao.DeleteByProjectId(project.ProjectId); 1259 project.AssignedProjectResources.Clear(); 1260 } else { 1261 assignedJobResourceDao.DeleteByProjectIdAndResourceIds(projectId, removedAssignments); 1262 foreach (var item in project.AssignedProjectResources 1263 .Where(x => removedAssignments.Contains(x.ResourceId)) 1264 .ToList()) { 1265 project.AssignedProjectResources.Remove(item); 1266 } 1267 } 1268 pm.SubmitChanges(); 1269 1270 // add project assignments 1271 foreach (var id in resourceIds) { 1272 if (project.AssignedProjectResources.All(x => x.ResourceId != id)) { 1273 project.AssignedProjectResources.Add(new DA.AssignedProjectResource { 1274 ResourceId = id 1275 }); 1276 } 1277 } 1278 pm.SubmitChanges(); 1279 } 1280 1281 // if user is admin, project owner or owner of parent projects 1282 if (cascading) { 1283 var childProjects = projectDao.GetChildProjectsById(projectId).ToList(); 1284 var childProjectIds = childProjects.Select(x => x.ProjectId).ToList(); 1285 1286 // remove job assignments 1287 if (reassignCascading) { 1288 assignedJobResourceDao.DeleteByProjectIds(childProjectIds); 1289 } else { 1290 assignedJobResourceDao.DeleteByProjectIdsAndResourceIds(childProjectIds, removedAssignments); 1291 } 1292 foreach (var p in childProjects) { 1293 var cpAssignedResources = p.AssignedProjectResources.Select(x => x.ResourceId).ToArray(); 1294 var cpRemovedAssignments = cpAssignedResources.Except(resourceIds); 1295 1296 // remove left-over job assignments (for non-reassignments) 1297 if (!reassignCascading) { 1298 assignedJobResourceDao.DeleteByProjectIdAndResourceIds(p.ProjectId, cpRemovedAssignments); 1299 } 1300 1301 // remove project assignments 1302 if (reassignCascading) { 1303 p.AssignedProjectResources.Clear(); 1304 } else { 1305 foreach (var item in p.AssignedProjectResources 1306 .Where(x => removedAssignments.Contains(x.ResourceId) || cpRemovedAssignments.Contains(x.ResourceId)) 1307 .ToList()) { 1308 p.AssignedProjectResources.Remove(item); 1309 } 1310 } 1311 pm.SubmitChanges(); 1312 1313 // add project assignments 1314 foreach (var id in resourceIds) { 1315 if (p.AssignedProjectResources.All(x => x.ResourceId != id)) { 1316 p.AssignedProjectResources.Add(new DA.AssignedProjectResource { 1317 ResourceId = id 1318 }); 1319 } 1320 } 1321 } 1322 } 1323 pm.SubmitChanges(); 1324 }); 1325 } 1326 } 1327 1328 //private void AssignProjectResources(Guid projectId, List<Guid> resourceIds, bool cascading) { 1329 // throw new NotImplementedException(); 1330 //} 1331 1332 //private void UnassignProjectResources(Guid projectId, List<Guid> resourceIds, bool cascading) { 1333 // RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 1334 // if (projectId == null || resourceIds == null || !resourceIds.Any()) return; 1335 // AuthorizationManager.AuthorizeForProjectResourceAdministration(projectId, resourceIds); 1336 // var pm = PersistenceManager; 1337 // using (new PerformanceLogger("UnassignProjectResources")) { 1338 // var assignedProjectResourceDao = pm.AssignedProjectResourceDao; 1339 // var assignedJobResourceDao = pm.AssignedJobResourceDao; 1340 // var projectDao = pm.ProjectDao; 1341 // pm.UseTransaction(() => { 1342 // if (cascading) { 1343 // var childProjectIds = projectDao.GetChildProjectIdsById(projectId).ToList(); 1344 // assignedProjectResourceDao.DeleteByProjectIdsAndResourceIds(childProjectIds, resourceIds); 1345 // assignedJobResourceDao.DeleteByProjectIdsAndResourceIds(childProjectIds, resourceIds); 1346 // } 1347 // assignedProjectResourceDao.DeleteByProjectIdAndResourceIds(projectId, resourceIds); 1348 // assignedJobResourceDao.DeleteByProjectIdAndResourceIds(projectId, resourceIds); 1349 // pm.SubmitChanges(); 1350 // }); 1351 // } 1352 //} 1353 1354 public IEnumerable<DT.AssignedProjectResource> GetAssignedResourcesForProject(Guid projectId) { 1355 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 1356 AuthorizationManager.AuthorizeUserForProjectUse(UserManager.CurrentUserId, projectId); 1357 var pm = PersistenceManager; 1358 using (new PerformanceLogger("GetAssignedResourcesForProject")) { 1359 var assignedProjectResourceDao = pm.AssignedProjectResourceDao; 1360 return pm.UseTransaction(() => assignedProjectResourceDao.GetByProjectId(projectId) 1361 .Select(x => x.ToDto()) 1362 .ToList() 1363 ); 1364 } 1365 } 1366 1367 public IEnumerable<DT.AssignedProjectResource> GetAssignedResourcesForProjectAdministration(Guid projectId) { 1368 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 1369 AuthorizationManager.AuthorizeForProjectAdministration(projectId, false); 1370 var pm = PersistenceManager; 1371 using (new PerformanceLogger("GetAssignedResourcesForProject")) { 1372 var assignedProjectResourceDao = pm.AssignedProjectResourceDao; 1373 return pm.UseTransaction(() => assignedProjectResourceDao.GetByProjectId(projectId) 1374 .Select(x => x.ToDto()) 1375 .ToList() 1376 ); 1377 } 1378 } 1379 1380 public IEnumerable<DT.AssignedProjectResource> GetAssignedResourcesForProjectsAdministration(IEnumerable<Guid> projectIds) { 1381 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 1382 foreach (var id in projectIds) 1383 AuthorizationManager.AuthorizeForProjectAdministration(id, false); 1384 1385 var pm = PersistenceManager; 1386 using (new PerformanceLogger("GetAssignedResourcesForProject")) { 1387 var assignedProjectResourceDao = pm.AssignedProjectResourceDao; 1388 var assignments = new List<DT.AssignedProjectResource>(); 1389 pm.UseTransaction(() => { 1390 foreach (var id in projectIds) { 1391 assignments.AddRange(assignedProjectResourceDao.GetByProjectId(id) 1392 .Select(x => x.ToDto())); 1393 } 1394 }); 1395 return assignments.Distinct(); 1396 } 1397 } 1398 1399 #endregion 1400 653 1401 #region Slave Methods 654 1402 public Guid AddSlave(DT.Slave slaveDto) { … … 666 1414 667 1415 public Guid AddSlaveGroup(DT.SlaveGroup slaveGroupDto) { 668 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator , HiveRoles.Client);1416 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator); 669 1417 var pm = PersistenceManager; 670 1418 using (new PerformanceLogger("AddSlaveGroup")) { … … 690 1438 } 691 1439 1440 // query granted slaves for use (i.e. to calculate on) 692 1441 public IEnumerable<DT.Slave> GetSlaves() { 693 1442 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 694 bool isAdministrator = RoleVerifier.IsInRole(HiveRoles.Administrator);695 1443 var pm = PersistenceManager; 696 1444 using (new PerformanceLogger("GetSlaves")) { 697 1445 var slaveDao = pm.SlaveDao; 698 var resourcePermissionDao = pm.ResourcePermissionDao; 1446 var projectDao = pm.ProjectDao; 1447 var assignedProjectResourceDao = pm.AssignedProjectResourceDao; 1448 1449 // collect user information 699 1450 var currentUserId = UserManager.CurrentUserId; 700 return pm.UseTransaction(() => { 701 var resourcePermissions = resourcePermissionDao.GetAll(); 702 return slaveDao.GetAll().ToList() 703 .Where(x => isAdministrator 704 || x.OwnerUserId == null 705 || x.OwnerUserId == currentUserId 706 || UserManager.VerifyUser(currentUserId, resourcePermissions 707 .Where(y => y.ResourceId == x.ResourceId) 708 .Select(z => z.GrantedUserId) 709 .ToList()) 710 ) 1451 var userAndGroupIds = new List<Guid> { currentUserId }; 1452 userAndGroupIds.AddRange(UserManager.GetUserGroupIdsOfUser(currentUserId)); 1453 1454 return pm.UseTransaction(() => { 1455 var slaves = slaveDao.GetAll() 711 1456 .Select(x => x.ToDto()) 712 1457 .ToList(); 713 }); 714 } 715 } 716 1458 var grantedProjectIds = projectDao.GetUsageGrantedProjectsForUser(userAndGroupIds) 1459 .Select(x => x.ProjectId) 1460 .ToList(); 1461 var grantedResourceIds = assignedProjectResourceDao.GetAllGrantedResourcesByProjectIds(grantedProjectIds) 1462 .Select(x => x.ResourceId) 1463 .ToList(); 1464 1465 return slaves 1466 .Where(x => grantedResourceIds.Contains(x.Id)) 1467 .ToList(); 1468 }); 1469 } 1470 } 1471 1472 // query granted slave groups for use (i.e. to calculate on) 717 1473 public IEnumerable<DT.SlaveGroup> GetSlaveGroups() { 718 1474 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 719 bool isAdministrator = RoleVerifier.IsInRole(HiveRoles.Administrator);720 1475 var pm = PersistenceManager; 721 1476 using (new PerformanceLogger("GetSlaveGroups")) { 722 1477 var slaveGroupDao = pm.SlaveGroupDao; 723 var resourcePermissionDao = pm.ResourcePermissionDao; 1478 var projectDao = pm.ProjectDao; 1479 var assignedProjectResourceDao = pm.AssignedProjectResourceDao; 1480 1481 // collect user information 724 1482 var currentUserId = UserManager.CurrentUserId; 725 return pm.UseTransaction(() => { 726 var resourcePermissions = resourcePermissionDao.GetAll(); 727 return slaveGroupDao.GetAll().ToList() 728 .Where(x => isAdministrator 729 || x.OwnerUserId == null 730 || x.OwnerUserId == currentUserId 731 || UserManager.VerifyUser(currentUserId, resourcePermissions 732 .Where(y => y.ResourceId == x.ResourceId) 733 .Select(z => z.GrantedUserId) 734 .ToList()) 735 ) 1483 var userAndGroupIds = new List<Guid> { currentUserId }; 1484 userAndGroupIds.AddRange(UserManager.GetUserGroupIdsOfUser(currentUserId)); 1485 1486 return pm.UseTransaction(() => { 1487 var slaveGroups = slaveGroupDao.GetAll() 736 1488 .Select(x => x.ToDto()) 737 1489 .ToList(); 1490 var grantedProjectIds = projectDao.GetUsageGrantedProjectsForUser(userAndGroupIds) 1491 .Select(x => x.ProjectId) 1492 .ToList(); 1493 var grantedResourceIds = assignedProjectResourceDao.GetAllGrantedResourcesByProjectIds(grantedProjectIds) 1494 .Select(x => x.ResourceId) 1495 .ToList(); 1496 1497 return slaveGroups 1498 .Where(x => grantedResourceIds.Contains(x.Id)) 1499 .ToList(); 1500 }); 1501 } 1502 } 1503 1504 // query granted slaves for resource administration 1505 public IEnumerable<DT.Slave> GetSlavesForAdministration() { 1506 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 1507 bool isAdministrator = RoleVerifier.IsInRole(HiveRoles.Administrator); 1508 var pm = PersistenceManager; 1509 using (new PerformanceLogger("GetSlavesForAdministration")) { 1510 var slaveDao = pm.SlaveDao; 1511 var currentUserId = UserManager.CurrentUserId; 1512 1513 if (isAdministrator) { 1514 return pm.UseTransaction(() => { 1515 return slaveDao.GetAll() 1516 .Select(x => x.ToDto()) 1517 .ToList(); 1518 }); 1519 } else { 1520 var slaves = slaveDao.GetAll() 1521 .Select(x => x.ToDto()) 1522 .ToList(); 1523 var projectDao = pm.ProjectDao; 1524 var assignedProjectResourceDao = pm.AssignedProjectResourceDao; 1525 var projects = projectDao.GetAdministrationGrantedProjectsForUser(currentUserId).ToList(); 1526 var resourceIds = assignedProjectResourceDao 1527 .GetAllGrantedResourcesByProjectIds(projects.Select(x => x.ProjectId).ToList()) 1528 .Select(x => x.ResourceId) 1529 .ToList(); 1530 1531 return slaves 1532 .Where(x => resourceIds.Contains(x.Id)) 1533 .ToList(); 1534 } 1535 } 1536 } 1537 1538 // query granted slave groups for resource administration 1539 public IEnumerable<DT.SlaveGroup> GetSlaveGroupsForAdministration() { 1540 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 1541 bool isAdministrator = RoleVerifier.IsInRole(HiveRoles.Administrator); 1542 var pm = PersistenceManager; 1543 using (new PerformanceLogger("GetSlaveGroupsForAdministration")) { 1544 var slaveGroupDao = pm.SlaveGroupDao; 1545 var currentUserId = UserManager.CurrentUserId; 1546 1547 if (isAdministrator) { 1548 return pm.UseTransaction(() => { 1549 return slaveGroupDao.GetAll() 1550 .Select(x => x.ToDto()) 1551 .ToList(); 1552 }); 1553 } else { 1554 var slaveGroups = slaveGroupDao.GetAll() 1555 .Select(x => x.ToDto()) 1556 .ToList(); 1557 var projectDao = pm.ProjectDao; 1558 var assignedProjectResourceDao = pm.AssignedProjectResourceDao; 1559 var projects = projectDao.GetAdministrationGrantedProjectsForUser(currentUserId).ToList(); 1560 var resourceIds = assignedProjectResourceDao 1561 .GetAllGrantedResourcesByProjectIds(projects.Select(x => x.ProjectId).ToList()) 1562 .Select(x => x.ResourceId) 1563 .ToList(); 1564 1565 return slaveGroups 1566 .Where(x => resourceIds.Contains(x.Id)) 1567 .ToList(); 1568 } 1569 } 1570 } 1571 1572 public IDictionary<Guid, HashSet<Guid>> GetResourceGenealogy() { 1573 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 1574 var pm = PersistenceManager; 1575 using (new PerformanceLogger("GetResourceGenealogy")) { 1576 var resourceDao = pm.ResourceDao; 1577 var resourceAncestors = new Dictionary<Guid, HashSet<Guid>>(); 1578 return pm.UseTransaction(() => { 1579 var resources = resourceDao.GetAll().ToList(); 1580 resources.ForEach(r => resourceAncestors.Add(r.ResourceId, new HashSet<Guid>())); 1581 1582 foreach (var r in resources) { 1583 var parentResource = r.ParentResource; 1584 while (parentResource != null) { 1585 resourceAncestors[r.ResourceId].Add(parentResource.ResourceId); 1586 parentResource = parentResource.ParentResource; 1587 } 1588 } 1589 return resourceAncestors; 1590 }); 1591 } 1592 } 1593 1594 public IDictionary<Guid, string> GetResourceNames() { 1595 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 1596 var pm = PersistenceManager; 1597 using (new PerformanceLogger("GetResourceNames")) { 1598 var resourceDao = pm.ResourceDao; 1599 var resourceNames = new Dictionary<Guid, string>(); 1600 return pm.UseTransaction(() => { 1601 resourceDao 1602 .GetAll().ToList() 1603 .ForEach(p => resourceNames.Add(p.ResourceId, p.Name)); 1604 return resourceNames; 738 1605 }); 739 1606 } … … 742 1609 public void UpdateSlave(DT.Slave slaveDto) { 743 1610 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 1611 if (slaveDto == null) return; 1612 AuthorizationManager.AuthorizeForResourceAdministration(slaveDto.Id); 744 1613 var pm = PersistenceManager; 745 1614 using (new PerformanceLogger("UpdateSlave")) { … … 759 1628 public void UpdateSlaveGroup(DT.SlaveGroup slaveGroupDto) { 760 1629 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 1630 if (slaveGroupDto == null) return; 1631 AuthorizationManager.AuthorizeForResourceAdministration(slaveGroupDto.Id); 761 1632 var pm = PersistenceManager; 762 1633 using (new PerformanceLogger("UpdateSlaveGroup")) { … … 775 1646 776 1647 public void DeleteSlave(Guid slaveId) { 1648 if (slaveId == Guid.Empty) return; 777 1649 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 778 1650 AuthorizationManager.AuthorizeForResourceAdministration(slaveId); … … 788 1660 789 1661 public void DeleteSlaveGroup(Guid slaveGroupId) { 1662 if (slaveGroupId == Guid.Empty) return; 790 1663 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 791 1664 AuthorizationManager.AuthorizeForResourceAdministration(slaveGroupId); 792 1665 var pm = PersistenceManager; 793 1666 using (new PerformanceLogger("DeleteSlaveGroup")) { 794 var slaveGroupDao = pm.SlaveGroupDao; 795 pm.UseTransaction(() => { 796 slaveGroupDao.Delete(slaveGroupId); 1667 var resourceDao = pm.ResourceDao; 1668 pm.UseTransaction(() => { 1669 var resourceIds = new HashSet<Guid> { slaveGroupId }; 1670 resourceIds.Union(resourceDao.GetChildResourceIdsById(slaveGroupId)); 1671 resourceDao.DeleteByIds(resourceIds); 797 1672 pm.SubmitChanges(); 798 1673 }); … … 946 1821 var user = ServiceLocator.Instance.UserManager.GetUserByName(username); 947 1822 return user != null ? (Guid?)user.ProviderUserKey ?? Guid.Empty : Guid.Empty; 1823 } 1824 1825 public Dictionary<Guid, HashSet<Guid>> GetUserGroupTree() { 1826 var userGroupTree = new Dictionary<Guid, HashSet<Guid>>(); 1827 var userGroupMapping = UserManager.GetUserGroupMapping(); 1828 1829 foreach (var ugm in userGroupMapping) { 1830 if (ugm.Parent == null || ugm.Child == null) continue; 1831 1832 if (!userGroupTree.ContainsKey(ugm.Parent)) { 1833 userGroupTree.Add(ugm.Parent, new HashSet<Guid>()); 1834 } 1835 userGroupTree[ugm.Parent].Add(ugm.Child); 1836 } 1837 1838 return userGroupTree; 1839 } 1840 1841 public bool CheckAccessToAdminAreaGranted() { 1842 RoleVerifier.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 1843 bool isAdministrator = RoleVerifier.IsInRole(HiveRoles.Administrator); 1844 var pm = PersistenceManager; 1845 using (new PerformanceLogger("CheckAccessToAdminAreaGranted")) { 1846 if (isAdministrator) { 1847 return true; 1848 } else { 1849 var projectDao = pm.ProjectDao; 1850 var currentUserId = UserManager.CurrentUserId; 1851 return projectDao.GetAdministrationGrantedProjectsForUser(currentUserId).Any(); 1852 } 1853 } 948 1854 } 949 1855 #endregion … … 990 1896 } 991 1897 992 private DA.Resource AuthorizeForResource(IPersistenceManager pm, Guid resourceId) { 993 var resourceDao = pm.ResourceDao; 994 var resource = resourceDao.GetById(resourceId); 995 if (resource == null) throw new SecurityException("Not authorized"); 996 if (resource.OwnerUserId != UserManager.CurrentUserId 997 && !RoleVerifier.IsInRole(HiveRoles.Administrator)) { 998 throw new SecurityException("Not authorized"); 999 } 1000 return resource; 1898 private void CheckProjectAvailability(IPersistenceManager pm, Guid projectId, DateTime date) { 1899 var projectDao = pm.ProjectDao; 1900 using (new PerformanceLogger("UpdateJob")) { 1901 var project = pm.UseTransaction(() => { 1902 return projectDao.GetById(projectId); 1903 }); 1904 if (project != null) { 1905 if (project.StartDate > date) throw new ArgumentException("Cannot add job to specified project. The start date of the project is still in the future."); 1906 else if (project.EndDate != null && project.EndDate < date) throw new ArgumentException("Cannot add job to specified project. The end date of the project is already reached."); 1907 } else { 1908 throw new ArgumentException("Cannot add job to specified project. The project seems not to be available anymore."); 1909 } 1910 } 1911 } 1912 1913 private void EvaluateJobs(IPersistenceManager pm, IEnumerable<DT.Job> jobs) { 1914 if (jobs == null || !jobs.Any()) return; 1915 1916 var currentUserId = UserManager.CurrentUserId; 1917 var taskDao = pm.TaskDao; 1918 var jobPermissionDao = pm.JobPermissionDao; 1919 1920 var statistics = taskDao.GetAll() 1921 .Where(x => jobs.Select(y => y.Id).Contains(x.JobId)) 1922 .GroupBy(x => x.JobId) 1923 .Select(x => new { 1924 x.Key, 1925 TotalCount = x.Count(), 1926 CalculatingCount = x.Count(y => y.State == DA.TaskState.Calculating), 1927 FinishedCount = x.Count(y => CompletedStates.Contains(y.State)) 1928 }) 1929 .ToList(); 1930 1931 foreach (var job in jobs) { 1932 var statistic = statistics.FirstOrDefault(x => x.Key == job.Id); 1933 if (statistic != null) { 1934 job.JobCount = statistic.TotalCount; 1935 job.CalculatingCount = statistic.CalculatingCount; 1936 job.FinishedCount = statistic.FinishedCount; 1937 } 1938 1939 job.OwnerUsername = UserManager.GetUserNameById(job.OwnerUserId); 1940 1941 if (currentUserId == job.OwnerUserId) { 1942 job.Permission = Permission.Full; 1943 } else { 1944 var jobPermission = jobPermissionDao.GetByJobAndUserId(job.Id, currentUserId); 1945 job.Permission = jobPermission == null ? Permission.NotAllowed : jobPermission.Permission.ToDto(); 1946 } 1947 } 1001 1948 } 1002 1949 #endregion
Note: See TracChangeset
for help on using the changeset viewer.