- Timestamp:
- 06/21/12 18:02:33 (12 years ago)
- Location:
- branches/GP-MoveOperators
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
branches/GP-MoveOperators
- Property svn:ignore
-
old new 20 20 bin 21 21 protoc.exe 22 _ReSharper.HeuristicLab 3.3 Tests
-
- Property svn:mergeinfo changed
- Property svn:ignore
-
branches/GP-MoveOperators/HeuristicLab.Services.Hive/3.3/HiveService.cs
r7259 r8085 41 41 get { return ServiceLocator.Instance.HiveDao; } 42 42 } 43 private IAuthenticationManager authen {44 get { return ServiceLocator.Instance. AuthenticationManager; }43 private Access.IRoleVerifier authen { 44 get { return ServiceLocator.Instance.RoleVerifier; } 45 45 } 46 46 private IAuthorizationManager author { … … 53 53 get { return ServiceLocator.Instance.EventManager; } 54 54 } 55 private IUserManager userManager {55 private Access.IUserManager userManager { 56 56 get { return ServiceLocator.Instance.UserManager; } 57 57 } … … 334 334 }); 335 335 } 336 336 337 public IEnumerable<JobPermission> GetJobPermissions(Guid jobId) { 337 338 authen.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); … … 352 353 public void Hello(Slave slaveInfo) { 353 354 authen.AuthenticateForAnyRole(HiveRoles.Slave); 355 if (userManager.CurrentUser.UserName != "hiveslave") 356 slaveInfo.OwnerUserId = userManager.CurrentUserId; 357 354 358 trans.UseTransaction(() => { 355 359 var slave = dao.GetSlave(slaveInfo.Id); … … 358 362 dao.AddSlave(slaveInfo); 359 363 } else { 360 var dbSlave = dao.GetSlave(slaveInfo.Id); 361 362 dbSlave.Name = slaveInfo.Name; 363 dbSlave.Description = slaveInfo.Description; 364 365 dbSlave.Cores = slaveInfo.Cores; 366 dbSlave.CpuArchitecture = slaveInfo.CpuArchitecture; 367 dbSlave.CpuSpeed = slaveInfo.CpuSpeed; 368 dbSlave.FreeCores = slaveInfo.FreeCores; 369 dbSlave.FreeMemory = slaveInfo.FreeMemory; 370 dbSlave.Memory = slaveInfo.Memory; 371 dbSlave.OperatingSystem = slaveInfo.OperatingSystem; 372 373 dbSlave.LastHeartbeat = DateTime.Now; 374 dbSlave.SlaveState = SlaveState.Idle; 364 slave.Name = slaveInfo.Name; 365 slave.Description = slaveInfo.Description; 366 slave.OwnerUserId = slaveInfo.OwnerUserId; 367 368 slave.Cores = slaveInfo.Cores; 369 slave.CpuArchitecture = slaveInfo.CpuArchitecture; 370 slave.CpuSpeed = slaveInfo.CpuSpeed; 371 slave.FreeCores = slaveInfo.FreeCores; 372 slave.FreeMemory = slaveInfo.FreeMemory; 373 slave.Memory = slaveInfo.Memory; 374 slave.OperatingSystem = slaveInfo.OperatingSystem; 375 376 slave.LastHeartbeat = DateTime.Now; 377 slave.SlaveState = SlaveState.Idle; 375 378 376 379 // don't update those properties: dbSlave.IsAllowedToCalculate, dbSlave.ParentResourceId 377 380 378 dao.UpdateSlave( dbSlave);381 dao.UpdateSlave(slave); 379 382 } 380 383 }); … … 460 463 authen.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client, HiveRoles.Slave); 461 464 dao.DeletePlugin(pluginId); 465 } 466 #endregion 467 468 #region ResourcePermission Methods 469 public void GrantResourcePermissions(Guid resourceId, Guid[] grantedUserIds) { 470 authen.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 471 trans.UseTransaction(() => { 472 Resource resource = dao.GetResource(resourceId); 473 if (resource == null) throw new FaultException<FaultReason>(new FaultReason("Could not find resource with id " + resourceId)); 474 if (resource.OwnerUserId != userManager.CurrentUserId && !authen.IsInRole(HiveRoles.Administrator)) throw new FaultException<FaultReason>(new FaultReason("Not allowed to grant permission for this resource")); 475 foreach (Guid id in grantedUserIds) 476 dao.AddResourcePermission(new ResourcePermission { ResourceId = resourceId, GrantedByUserId = userManager.CurrentUserId, GrantedUserId = id }); 477 }); 478 } 479 480 public void RevokeResourcePermissions(Guid resourceId, Guid[] grantedUserIds) { 481 authen.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 482 trans.UseTransaction(() => { 483 Resource resource = dao.GetResource(resourceId); 484 if (resource == null) throw new FaultException<FaultReason>(new FaultReason("Could not find resource with id " + resourceId)); 485 if (resource.OwnerUserId != userManager.CurrentUserId && !authen.IsInRole(HiveRoles.Administrator)) throw new FaultException<FaultReason>(new FaultReason("Not allowed to revoke permission for this resource")); 486 foreach (Guid id in grantedUserIds) 487 dao.DeleteResourcePermission(resourceId, id); 488 }); 489 } 490 491 public IEnumerable<ResourcePermission> GetResourcePermissions(Guid resourceId) { 492 authen.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 493 return trans.UseTransaction(() => { 494 Resource resource = dao.GetResource(resourceId); 495 if (resource == null) throw new FaultException<FaultReason>(new FaultReason("Could not find resource with id " + resourceId)); 496 return dao.GetResourcePermissions(x => x.ResourceId == resourceId); 497 }); 462 498 } 463 499 #endregion … … 480 516 481 517 public Guid AddSlaveGroup(SlaveGroup slaveGroup) { 482 authen.AuthenticateForAnyRole(HiveRoles.Administrator );518 authen.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 483 519 return trans.UseTransaction(() => dao.AddSlaveGroup(slaveGroup)); 484 520 } … … 495 531 496 532 public IEnumerable<Slave> GetSlaves() { 497 authen.AuthenticateForAnyRole(HiveRoles.Administrator); 498 return dao.GetSlaves(x => true); 533 authen.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 534 return dao.GetSlaves(x => true).Where(x => x.OwnerUserId == null 535 || x.OwnerUserId == userManager.CurrentUserId 536 || userManager.VerifyUser(userManager.CurrentUserId, GetResourcePermissions(x.Id).Select(y => y.GrantedUserId).ToList()) 537 || authen.IsInRole(HiveRoles.Administrator)).ToArray(); 499 538 } 500 539 501 540 public IEnumerable<SlaveGroup> GetSlaveGroups() { 502 authen.AuthenticateForAnyRole(HiveRoles.Administrator); 503 return dao.GetSlaveGroups(x => true); 541 authen.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 542 return dao.GetSlaveGroups(x => true).Where(x => x.OwnerUserId == null 543 || x.OwnerUserId == userManager.CurrentUserId 544 || userManager.VerifyUser(userManager.CurrentUserId, GetResourcePermissions(x.Id).Select(y => y.GrantedUserId).ToList()) 545 || authen.IsInRole(HiveRoles.Administrator)).ToArray(); 504 546 } 505 547 506 548 public void UpdateSlave(Slave slave) { 507 authen.AuthenticateForAnyRole(HiveRoles.Administrator );549 authen.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 508 550 trans.UseTransaction(() => { 509 551 dao.UpdateSlave(slave); … … 512 554 513 555 public void UpdateSlaveGroup(SlaveGroup slaveGroup) { 514 authen.AuthenticateForAnyRole(HiveRoles.Administrator );556 authen.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 515 557 trans.UseTransaction(() => { 516 558 dao.UpdateSlaveGroup(slaveGroup); … … 519 561 520 562 public void DeleteSlave(Guid slaveId) { 521 authen.AuthenticateForAnyRole(HiveRoles.Administrator); 563 authen.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 564 author.AuthorizeForResourceAdministration(slaveId); 522 565 trans.UseTransaction(() => { 523 566 dao.DeleteSlave(slaveId); … … 526 569 527 570 public void DeleteSlaveGroup(Guid slaveGroupId) { 528 authen.AuthenticateForAnyRole(HiveRoles.Administrator); 571 authen.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 572 author.AuthorizeForResourceAdministration(slaveGroupId); 529 573 trans.UseTransaction(() => { 530 574 dao.DeleteSlaveGroup(slaveGroupId); … … 582 626 #region Downtime Methods 583 627 public Guid AddDowntime(Downtime downtime) { 584 authen.AuthenticateForAnyRole(HiveRoles.Administrator); 628 authen.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 629 author.AuthorizeForResourceAdministration(downtime.ResourceId); 585 630 return trans.UseTransaction(() => dao.AddDowntime(downtime)); 586 631 } 587 632 588 633 public void DeleteDowntime(Guid downtimeId) { 589 authen.AuthenticateForAnyRole(HiveRoles.Administrator); 634 authen.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 635 // TODO: pass resource id 636 // author.AuthorizeForResource(resourceId); 590 637 trans.UseTransaction(() => { 591 638 dao.DeleteDowntime(downtimeId); … … 594 641 595 642 public void UpdateDowntime(Downtime downtime) { 596 authen.AuthenticateForAnyRole(HiveRoles.Administrator); 643 authen.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 644 author.AuthorizeForResourceAdministration(downtime.ResourceId); 597 645 trans.UseTransaction(() => { 598 646 dao.UpdateDowntime(downtime); … … 601 649 602 650 public IEnumerable<Downtime> GetDowntimesForResource(Guid resourceId) { 603 authen.AuthenticateForAnyRole(HiveRoles.Administrator );651 authen.AuthenticateForAnyRole(HiveRoles.Administrator, HiveRoles.Client); 604 652 return trans.UseTransaction(() => dao.GetDowntimes(x => x.ResourceId == resourceId)); 605 653 }
Note: See TracChangeset
for help on using the changeset viewer.