Changeset 8085 for branches/GP-MoveOperators/HeuristicLab.Services.Hive/3.3/HiveService.cs

Timestamp:

06/21/12 18:02:33 (12 years ago)

Author:

gkronber

Message:

#1847: merged trunk changes r7800:HEAD into gp move operators branch

Location:

branches/GP-MoveOperators

Files:

• . (modified) (2 props)
• HeuristicLab.Services.Hive/3.3/HiveService.cs (modified) (14 diffs)

branches/GP-MoveOperators

@@ -20 +20 @@
 bin
 protoc.exe
+_ReSharper.HeuristicLab 3.3 Tests

@@ -20 +20 @@
 bin
 protoc.exe
+_ReSharper.HeuristicLab 3.3 Tests

branches/GP-MoveOperators/HeuristicLab.Services.Hive/3.3/HiveService.cs

@@ -41 +41 @@
       get { return ServiceLocator.Instance.HiveDao; }
     }
-    private IAuthenticationManager authen {
-      get { return ServiceLocator.Instance.AuthenticationManager; }
+    private Access.IRoleVerifier authen {
+      get { return ServiceLocator.Instance.RoleVerifier; }
     }
     private IAuthorizationManager author {
@@ -53 +53 @@
       get { return ServiceLocator.Instance.EventManager; }
     }
-    private IUserManager userManager {
+    private Access.IUserManager userManager {
       get { return ServiceLocator.Instance.UserManager; }
     }
@@ -334 +334 @@
       });
     }
+
     public IEnumerable<JobPermission> GetJobPermissions(Guid jobId) {
       authen.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client);
@@ -352 +353 @@
     public void Hello(Slave slaveInfo) {
       authen.AuthenticateForAnyRole(HiveRoles.Slave);
+      if (userManager.CurrentUser.UserName != "hiveslave")
+        slaveInfo.OwnerUserId = userManager.CurrentUserId;
+
       trans.UseTransaction(() => {
         var slave = dao.GetSlave(slaveInfo.Id);
@@ -358 +362 @@
           dao.AddSlave(slaveInfo);
         } else {
-          var dbSlave = dao.GetSlave(slaveInfo.Id);
-
-          dbSlave.Name = slaveInfo.Name;
-          dbSlave.Description = slaveInfo.Description;
-
-          dbSlave.Cores = slaveInfo.Cores;
-          dbSlave.CpuArchitecture = slaveInfo.CpuArchitecture;
-          dbSlave.CpuSpeed = slaveInfo.CpuSpeed;
-          dbSlave.FreeCores = slaveInfo.FreeCores;
-          dbSlave.FreeMemory = slaveInfo.FreeMemory;
-          dbSlave.Memory = slaveInfo.Memory;
-          dbSlave.OperatingSystem = slaveInfo.OperatingSystem;
-
-          dbSlave.LastHeartbeat = DateTime.Now;
-          dbSlave.SlaveState = SlaveState.Idle;
+          slave.Name = slaveInfo.Name;
+          slave.Description = slaveInfo.Description;
+          slave.OwnerUserId = slaveInfo.OwnerUserId;
+
+          slave.Cores = slaveInfo.Cores;
+          slave.CpuArchitecture = slaveInfo.CpuArchitecture;
+          slave.CpuSpeed = slaveInfo.CpuSpeed;
+          slave.FreeCores = slaveInfo.FreeCores;
+          slave.FreeMemory = slaveInfo.FreeMemory;
+          slave.Memory = slaveInfo.Memory;
+          slave.OperatingSystem = slaveInfo.OperatingSystem;
+
+          slave.LastHeartbeat = DateTime.Now;
+          slave.SlaveState = SlaveState.Idle;
 
           // don't update those properties: dbSlave.IsAllowedToCalculate, dbSlave.ParentResourceId 
 
-          dao.UpdateSlave(dbSlave);
+          dao.UpdateSlave(slave);
         }
       });
@@ -460 +463 @@
       authen.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client, HiveRoles.Slave);
       dao.DeletePlugin(pluginId);
+    }
+    #endregion
+
+    #region ResourcePermission Methods
+    public void GrantResourcePermissions(Guid resourceId, Guid[] grantedUserIds) {
+      authen.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client);
+      trans.UseTransaction(() => {
+        Resource resource = dao.GetResource(resourceId);
+        if (resource == null) throw new FaultException<FaultReason>(new FaultReason("Could not find resource with id " + resourceId));
+        if (resource.OwnerUserId != userManager.CurrentUserId && !authen.IsInRole(HiveRoles.Administrator)) throw new FaultException<FaultReason>(new FaultReason("Not allowed to grant permission for this resource"));
+        foreach (Guid id in grantedUserIds)
+          dao.AddResourcePermission(new ResourcePermission { ResourceId = resourceId, GrantedByUserId = userManager.CurrentUserId, GrantedUserId = id });
+      });
+    }
+
+    public void RevokeResourcePermissions(Guid resourceId, Guid[] grantedUserIds) {
+      authen.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client);
+      trans.UseTransaction(() => {
+        Resource resource = dao.GetResource(resourceId);
+        if (resource == null) throw new FaultException<FaultReason>(new FaultReason("Could not find resource with id " + resourceId));
+        if (resource.OwnerUserId != userManager.CurrentUserId && !authen.IsInRole(HiveRoles.Administrator)) throw new FaultException<FaultReason>(new FaultReason("Not allowed to revoke permission for this resource"));
+        foreach (Guid id in grantedUserIds)
+          dao.DeleteResourcePermission(resourceId, id);
+      });
+    }
+
+    public IEnumerable<ResourcePermission> GetResourcePermissions(Guid resourceId) {
+      authen.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client);
+      return trans.UseTransaction(() => {
+        Resource resource = dao.GetResource(resourceId);
+        if (resource == null) throw new FaultException<FaultReason>(new FaultReason("Could not find resource with id " + resourceId));
+        return dao.GetResourcePermissions(x => x.ResourceId == resourceId);
+      });
     }
     #endregion
@@ -480 +516 @@
 
     public Guid AddSlaveGroup(SlaveGroup slaveGroup) {
-      authen.AuthenticateForAnyRole(HiveRoles.Administrator);
+      authen.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client);
       return trans.UseTransaction(() => dao.AddSlaveGroup(slaveGroup));
     }
@@ -495 +531 @@
 
     public IEnumerable<Slave> GetSlaves() {
-      authen.AuthenticateForAnyRole(HiveRoles.Administrator);
-      return dao.GetSlaves(x => true);
+      authen.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client);
+      return dao.GetSlaves(x => true).Where(x => x.OwnerUserId == null
+                                         || x.OwnerUserId == userManager.CurrentUserId
+                                         || userManager.VerifyUser(userManager.CurrentUserId, GetResourcePermissions(x.Id).Select(y => y.GrantedUserId).ToList())
+                                         || authen.IsInRole(HiveRoles.Administrator)).ToArray();
     }
 
     public IEnumerable<SlaveGroup> GetSlaveGroups() {
-      authen.AuthenticateForAnyRole(HiveRoles.Administrator);
-      return dao.GetSlaveGroups(x => true);
+      authen.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client);
+      return dao.GetSlaveGroups(x => true).Where(x => x.OwnerUserId == null
+                                              || x.OwnerUserId == userManager.CurrentUserId
+                                              || userManager.VerifyUser(userManager.CurrentUserId, GetResourcePermissions(x.Id).Select(y => y.GrantedUserId).ToList())
+                                              || authen.IsInRole(HiveRoles.Administrator)).ToArray();
     }
 
     public void UpdateSlave(Slave slave) {
-      authen.AuthenticateForAnyRole(HiveRoles.Administrator);
+      authen.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client);
       trans.UseTransaction(() => {
         dao.UpdateSlave(slave);
@@ -512 +554 @@
 
     public void UpdateSlaveGroup(SlaveGroup slaveGroup) {
-      authen.AuthenticateForAnyRole(HiveRoles.Administrator);
+      authen.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client);
       trans.UseTransaction(() => {
         dao.UpdateSlaveGroup(slaveGroup);
@@ -519 +561 @@
 
     public void DeleteSlave(Guid slaveId) {
-      authen.AuthenticateForAnyRole(HiveRoles.Administrator);
+      authen.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client);
+      author.AuthorizeForResourceAdministration(slaveId);
       trans.UseTransaction(() => {
         dao.DeleteSlave(slaveId);
@@ -526 +569 @@
 
     public void DeleteSlaveGroup(Guid slaveGroupId) {
-      authen.AuthenticateForAnyRole(HiveRoles.Administrator);
+      authen.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client);
+      author.AuthorizeForResourceAdministration(slaveGroupId);
       trans.UseTransaction(() => {
         dao.DeleteSlaveGroup(slaveGroupId);
@@ -582 +626 @@
     #region Downtime Methods
     public Guid AddDowntime(Downtime downtime) {
-      authen.AuthenticateForAnyRole(HiveRoles.Administrator);
+      authen.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client);
+      author.AuthorizeForResourceAdministration(downtime.ResourceId);
       return trans.UseTransaction(() => dao.AddDowntime(downtime));
     }
 
     public void DeleteDowntime(Guid downtimeId) {
-      authen.AuthenticateForAnyRole(HiveRoles.Administrator);
+      authen.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client);
+      // TODO: pass resource id
+      // author.AuthorizeForResource(resourceId);
       trans.UseTransaction(() => {
         dao.DeleteDowntime(downtimeId);
@@ -594 +641 @@
 
     public void UpdateDowntime(Downtime downtime) {
-      authen.AuthenticateForAnyRole(HiveRoles.Administrator);
+      authen.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client);
+      author.AuthorizeForResourceAdministration(downtime.ResourceId);
       trans.UseTransaction(() => {
         dao.UpdateDowntime(downtime);
@@ -601 +649 @@
 
     public IEnumerable<Downtime> GetDowntimesForResource(Guid resourceId) {
-      authen.AuthenticateForAnyRole(HiveRoles.Administrator);
+      authen.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client);
       return trans.UseTransaction(() => dao.GetDowntimes(x => x.ResourceId == resourceId));
     }

@@ -20 +20 @@
 bin
 protoc.exe
+_ReSharper.HeuristicLab 3.3 Tests