Example usage for java.lang SecurityException SecurityException

List of usage examples for java.lang SecurityException SecurityException

Introduction

In this page you can find the example usage for java.lang SecurityException SecurityException.

Prototype

public SecurityException(Throwable cause) 

Source Link

Document

Creates a SecurityException with the specified cause and a detail message of (cause==null ?

Usage

From source file:org.sakaiproject.iclicker.logic.IClickerLogic.java

/**
 * Remove an item//from   w w w . j  a v a2 s  .c o m
 * NOTE: only admins can fully remove a registration
 * @param item the ClickerRegistration to remove
 * @throws SecurityException if the user not allowed to remove the registration
 */
public void removeItem(ClickerRegistration item) {
    log.debug("In removeItem with item:" + item);
    // check if current user can remove this item
    if (externalLogic.isUserAdmin(externalLogic.getCurrentUserId())) {
        dao.delete(item);
        log.info("Removing clicker registration: " + item);
    } else {
        throw new SecurityException("Current user cannot remove registration " + item
                + " because they do not have permission, only admins can remove");
    }
}

From source file:de.juwimm.cms.remote.UserServiceSpringImpl.java

/**
 * Sets the given task as viewed, if the user has the required permissions
 * therefor.//  w w  w . j  ava2s. co  m
 * 
 * @param taskId
 *            The TaskId, from which task the Status should be changed to
 *            Constants.TASK_STATUS_VIEWED
 * 
 * @see de.juwimm.cms.remote.UserServiceSpring#setTaskViewed(java.lang.Integer)
 */
@Override
protected void handleSetTaskViewed(Integer taskId) throws Exception {
    try {
        UserHbm user = null;
        TaskHbm task = null;
        user = super.getUserHbmDao().load(AuthenticationHelper.getUserName());
        task = super.getTaskHbmDao().load(taskId);
        if (task != null) {
            if (!!getUserHbmDao().isInRole(user, UserRights.SITE_ROOT, user.getActiveSite())
                    && !user.equals(task.getReceiver()) && !user.equals(task.getSender())
                    && !!getUserHbmDao().isInRole(user, task.getReceiverRole(), user.getActiveSite())) {
                throw new SecurityException("User is not responsible to change this Task. RECEIVER:"
                        + task.getReceiver() + " SENDER:" + task.getSender() + " RECEIVERROLE:"
                        + task.getReceiverRole() + " THIS USER:" + user.getUserId());
            }
            task.setStatus(Constants.TASK_STATUS_VIEWED);
        }
    } catch (Exception e) {
        throw new UserException(e.getMessage());
    }
}

From source file:com.evolveum.midpoint.testing.conntest.AbstractLdapTest.java

protected LdapNetworkConnection ldapConnect(String bindDn, String bindPassword) throws LdapException {
    LOGGER.trace("LDAP connect to {}:{} as {}", getLdapServerHost(), getLdapServerPort(), bindDn);
    LdapConnectionConfig config = new LdapConnectionConfig();
    config.setLdapHost(getLdapServerHost());
    config.setLdapPort(getLdapServerPort());

    if (useSsl()) {
        config.setUseSsl(true);//  ww  w .ja va  2 s . co  m
        TrustManager trustManager = new X509TrustManager() {
            public void checkClientTrusted(X509Certificate[] chain, String authType)
                    throws CertificateException {

            }

            public void checkServerTrusted(X509Certificate[] chain, String authType)
                    throws CertificateException {
            }

            public X509Certificate[] getAcceptedIssuers() {
                return new X509Certificate[0];
            }
        };
        config.setTrustManagers(trustManager);
    }

    config.setBinaryAttributeDetector(binaryAttributeDetector);

    LdapNetworkConnection connection = new LdapNetworkConnection(config);
    boolean connected = connection.connect();
    if (!connected) {
        AssertJUnit.fail("Cannot connect to LDAP server " + getLdapServerHost() + ":" + getLdapServerPort());
    }
    LOGGER.trace("LDAP connected to {}:{}, executing bind as {}", getLdapServerHost(), getLdapServerPort(),
            bindDn);
    BindRequest bindRequest = new BindRequestImpl();
    bindRequest.setDn(new Dn(bindDn));
    bindRequest.setCredentials(bindPassword);
    bindRequest.setSimple(true);
    BindResponse bindResponse = connection.bind(bindRequest);
    if (bindResponse.getLdapResult().getResultCode() != ResultCodeEnum.SUCCESS) {
        throw new SecurityException(
                "Bind as " + bindDn + " failed: " + bindResponse.getLdapResult().getDiagnosticMessage() + " ("
                        + bindResponse.getLdapResult().getResultCode() + ")");
    }
    LOGGER.trace("LDAP connected to {}:{}, bound as {}", getLdapServerHost(), getLdapServerPort(), bindDn);
    return connection;
}

From source file:com.thebuzzmedia.exiftool.ExifToolNew3.java

@Override
public <T> void addImageMetadata(File image, Map<T, Object> values) throws IOException {
    // public void addImageMetadata(File image, Map<Tag, Object> values)
    // throws IOException {

    if (image == null) {
        throw new IllegalArgumentException("image cannot be null and must be a valid stream of image data.");
    }/*from www.j  av a 2s  . c  o m*/
    if (values == null || values.isEmpty()) {
        throw new IllegalArgumentException(
                "values cannot be null and must contain 1 or more tag to value mappings");
    }

    if (!image.canWrite()) {
        throw new SecurityException("Unable to write the given image [" + image.getAbsolutePath()
                + "], ensure that the image exists at the given path and that the executing Java process has permissions to write to it.");
    }

    LOG.info("Adding Tags {} to {}", values, image.getAbsolutePath());

    // start process
    long startTime = System.currentTimeMillis();

    execute(null, image, values);

    // Print out how long the call to external ExifToolNew3 process took.
    if (LOG.isDebugEnabled()) {
        LOG.debug(String.format("Image Meta Processed in %d ms [added %d tags]",
                (System.currentTimeMillis() - startTime), values.size()));
    }
}

From source file:org.sakaiproject.iclicker.logic.IClickerLogic.java

/**
 * Save (Create or Update) an item (uses the current site)
 * @param item the ClickerRegistration to create or update
 * @throws IllegalArgumentException if the item is null OR the owner id is not a valid user
 * @throws SecurityException if the user cannot save the registration for lack of perms
 * @throws ClickerIdInvalidException if the clicker ID is invalid for some reason,
 * the exception will indicate the type of validation failure
 *//* w w  w.  j  a va2  s  .co m*/
public void saveItem(ClickerRegistration item) {
    log.debug("In saveItem with item:" + item);
    if (item == null) {
        throw new IllegalArgumentException("item cannot be null");
    }
    String clickerId = StringUtils.trimToNull(item.getClickerId());
    if (item.isActivated() || clickerId == null) {
        // only validate when activating or clearly invalid
        clickerId = validateClickerId(item.getClickerId());
    }
    item.setClickerId(clickerId);
    // set the owner to current if not set
    if (item.getOwnerId() == null) {
        item.setOwnerId(externalLogic.getCurrentUserId());
    } else {
        // check for valid user id
        User u = externalLogic.getUser(item.getOwnerId());
        if (u == null) {
            throw new IllegalArgumentException(
                    "user id (" + item.getOwnerId() + ") is invalid (cannot match to user)");
        }
    }
    Date now = new Date();
    if (item.getDateCreated() == null) {
        item.setDateCreated(now);
    }
    item.setDateModified(now);
    // save item if new OR check if the current user can update the existing item
    if ((item.getId() == null) || canWriteItem(item, externalLogic.getCurrentUserId())) {
        dao.save(item);
        log.info("Saving clicker registration: " + item);
    } else {
        throw new SecurityException(
                "Current user cannot update item " + item.getId() + " because they do not have permission");
    }
}

From source file:de.juwimm.cms.remote.UserServiceSpringImpl.java

/**
 * Updates a User.<br>/*w  w w  . j  a va 2 s  .co m*/
 * For security reasons, only the following fields are updated:
 * <ul>
 * <li>FirstName</li>
 * <li>LastName</li>
 * <li>EMail</li>
 * <li>ConfigXML (only if parameter is not null and not empty)</li>
 * </ul>
 * <b>SECURITY INFORMATION:</b> Available only to: <i>changeUser,
 * siteRoot</i>
 * 
 * @param userValue
 *            UserValue Object representing the user
 * 
 * @see de.juwimm.cms.remote.UserServiceSpring#updateUser(de.juwimm.cms.authorization.vo.UserValue)
 */
@Override
protected void handleUpdateUser(UserValue userValue) throws Exception {
    try {
        UserHbm user = null;
        user = super.getUserHbmDao().load(userValue.getUserName());
        if (user != null) {
            if (this.hasRightsForChangeUser(user)) {
                user.setFirstName(userValue.getFirstName());
                user.setLastName(userValue.getLastName());
                user.setEmail(userValue.getEmail());
                if (userValue.getConfigXML() != null && !userValue.getConfigXML().equals("")) {
                    user.setConfigXML(userValue.getConfigXML());
                }
                this.authCache.flushAuthCache();
            } else {
                throw new SecurityException("Not enough permissions to change the user:"
                        + userValue.getUserName() + " with credential:" + AuthenticationHelper.getUserName());
            }
        }
    } catch (Exception e) {
        throw new UserException(e.getMessage());
    }
}

From source file:org.sakaiproject.iclicker.logic.IClickerLogic.java

/**
 * Creates a new clicker remote registration in the system,
 * will push the registration to national as well
 * //from w w w  . j  a v  a 2 s.co m
 * @param clickerId the clicker remote ID
 * @param ownerId the owner of this registration
 * @return the registration
 * @throws ClickerIdInvalidException if the clicker ID is invalid for some reason,
 * the exception will indicate the type of validation failure
 * @throws ClickerRegisteredException if the clickerId is already registered
 * @throws IllegalArgumentException if the owner id is not a valid user
 * @throws SecurityException if the user cannot save the registration for lacks of perms
 */
public ClickerRegistration createRegistration(String clickerId, String ownerId) {
    clickerId = validateClickerId(clickerId);
    String currentUserId = externalLogic.getCurrentUserId();
    if (currentUserId == null) {
        throw new SecurityException("user must be logged in");
    }
    String userId = ownerId;
    if (ownerId == null || "".equals(ownerId)) {
        userId = currentUserId;
    }
    ClickerRegistration registration = getItemByClickerId(clickerId, userId);
    // NOTE: we probably want to check the national system here to see if this is already registered
    if (registration != null) {
        if (registration.getOwnerId().equals(currentUserId)) {
            // reactivate the clicker if needed
            if (!registration.isActivated()) {
                registration.setActivated(true);
                saveItem(registration);
            }
        } else {
            throw new ClickerRegisteredException(userId, registration.getClickerId(),
                    registration.getOwnerId());
            //throw new IllegalStateException("Registration exists with clickerId ("+clickerId+") for the current user ("+userId+")");
        }
    } else {
        registration = new ClickerRegistration(clickerId, userId);
        saveItem(registration);
        //syncClickerRegistrationWithNational(registration);
    }
    return registration;
}

From source file:de.juwimm.cms.remote.UserServiceSpringImpl.java

/**
 * Adds a User to a specific Group. <b>SECURITY INFORMATION:</b> Available
 * only to: <i>changeUser, siteRoot</i>
 * /*w w  w  .j ava  2s . com*/
 * @param groupValue
 *            The Group
 * @param userName
 *            The Use
 * 
 * @see de.juwimm.cms.remote.UserServiceSpring#addUserToGroup(de.juwimm.cms.authorization.vo.GroupValue,
 *      java.lang.String)
 */
@Override
protected void handleAddUserToGroup(GroupValue groupValue, String userName) throws Exception {
    try {
        UserHbm user = null;
        user = super.getUserHbmDao().load(userName);
        if (user != null) {
            if (this.hasRightsForChangeUser(user)) {
                GroupHbm group = super.getGroupHbmDao().load(groupValue.getGroupId());
                getUserHbmDao().addGroup(group, AuthenticationHelper.getUserName(), userName);
                this.authCache.flushAuthCache();
            } else {
                throw new SecurityException("Not enough permissions to change the user:" + userName
                        + " with credential:" + AuthenticationHelper.getUserName());
            }
        }
    } catch (Exception e) {
        throw new UserException(e.getMessage());
    }
}

From source file:org.codice.ddf.catalog.ui.metacard.MetacardApplication.java

/**
 * Caution should be used with this, as it elevates the permissions to the System user.
 *
 * @param func What to execute as the System
 * @param <T> Generic return type of func
 * @return result of the callable func//w w w.j  a va  2  s .co  m
 */
private <T> T executeAsSystem(Callable<T> func) {
    Subject systemSubject = SECURITY.runAsAdmin(SECURITY::getSystemSubject);
    if (systemSubject == null) {
        throw new SecurityException("Could not get systemSubject to version metacards.");
    }
    return systemSubject.execute(func);
}

From source file:de.juwimm.cms.remote.UserServiceSpringImpl.java

/**
 * Removes a User from a specific Group. <b>SECURITY INFORMATION:</b>
 * Available only to: <i>changeUser, siteRoot</i>
 * /*w w  w .  jav a  2  s. c om*/
 * @param gv
 *            The Group
 * @param userName
 *            The User
 * 
 * @see de.juwimm.cms.remote.UserServiceSpring#removeUserFromGroup(de.juwimm.cms.authorization.vo.GroupValue,
 *      java.lang.String)
 */
@Override
protected void handleRemoveUserFromGroup(GroupValue gv, String userName) throws Exception {
    try {
        UserHbm user = null;
        user = super.getUserHbmDao().load(userName);
        if (user != null) {
            if (this.hasRightsForChangeUser(user)) {
                GroupHbm gl = super.getGroupHbmDao().load(gv.getGroupId());
                user.dropGroup(gl);
                this.authCache.flushAuthCache();
            } else {
                throw new SecurityException("Not enough permissions to change the user:" + userName
                        + " with credential:" + AuthenticationHelper.getUserName());
            }
        }
    } catch (Exception e) {
        throw new UserException(e.getMessage());
    }
}