Example usage for java.lang SecurityException SecurityException

List of usage examples for java.lang SecurityException SecurityException

Introduction

In this page you can find the example usage for java.lang SecurityException SecurityException.

Prototype

public SecurityException(Throwable cause) 

Source Link

Document

Creates a SecurityException with the specified cause and a detail message of (cause==null ?

Usage

From source file:org.sakaiproject.iclicker.logic.IClickerLogic.java

/**
 * Updates the activation of a registration for the current user
 * @param registrationId the unique id of the registration
 * @param activated the new activation level
 * @return the registration if it was updated, null if not updated
 * @throws IllegalArgumentException if the registrationId is invalid
 * @throws SecurityException is the current user cannot update the registration
 *///from w w  w.j a  v a2 s.  c  o  m
public ClickerRegistration setRegistrationActive(Long registrationId, boolean activated) {
    if (registrationId == null) {
        throw new IllegalArgumentException("registrationId cannot be null");
    }
    ClickerRegistration registration = getItemById(registrationId);
    if (registration == null) {
        throw new IllegalArgumentException("Could not find registration with id: " + registrationId);
    }
    String userId = externalLogic.getCurrentUserId();
    if (!canWriteItem(registration, userId)) {
        throw new SecurityException("User (" + userId + ") cannot update registration (" + registration + ")");
    }
    boolean current = registration.isActivated();
    if (current != activated) {
        registration.setActivated(activated);
        saveItem(registration);
        return registration;
    }
    return null;
}

From source file:com.enonic.vertical.adminweb.UserHandlerServlet.java

public void handlerCreate(HttpServletRequest request, HttpServletResponse response, HttpSession session,
        AdminService admin, ExtendedMap formItems) throws VerticalAdminException, VerticalEngineException {

    UserStoreKey userStoreKey = new UserStoreKey(formItems.getInt("userstorekey"));

    UserStoreEntity userStore = null;//from  w  w w.j  a v  a2s  . c om
    List<UserStoreEntity> userStores = securityService.getUserStores();
    for (UserStoreEntity userStoreEntity : userStores) {
        if (userStoreEntity.getKey().equals(userStoreKey)) {
            userStore = userStoreEntity;
            break;
        }
    }

    User oldUser = securityService.getLoggedInAdminConsoleUser();
    UserEntity user = securityService.getUser(oldUser);

    boolean isEnterpriseAdmin = false;
    if (user.isEnterpriseAdmin()) {
        isEnterpriseAdmin = true;
    }

    boolean isUserstoreAdmin = false;
    if (user.isUserstoreAdmin(userStore)) {
        isUserstoreAdmin = true;
    }

    GroupKey enterpriseAdminGroupKey = securityService.getEnterpriseAdministratorGroup();

    StoreNewUserCommand command = new StoreNewUserCommand();
    command.setStorer(user.getKey());
    command.setUserStoreKey(userStoreKey);

    boolean wizard = false;

    if (formItems.getString("wizard", "").equals("true")) {
        wizard = true;
        String xmlData = (String) session.getAttribute("userxml");

        XMLDocument xmlDocument = XMLDocumentFactory.create(xmlData);
        org.jdom.Document jdomDoc = xmlDocument.getAsJDOMDocument();
        org.jdom.Element userEl = jdomDoc.getRootElement();
        org.jdom.Element blockEl = userEl.getChild("block");
        org.jdom.Element uidEl = blockEl.getChild("uid");
        org.jdom.Element passwordEl = blockEl.getChild("password");
        org.jdom.Element displayNameEl = blockEl.getChild("displayName");
        org.jdom.Element emailEl = blockEl.getChild("email");

        command.setUsername(uidEl.getText());
        command.setPassword(passwordEl.getText());
        command.setDisplayName(displayNameEl.getText());
        command.setEmail(emailEl.getText());

        final ExtendedMap valuesFromXml = new ExtendedMap();
        for (org.jdom.Element userfieldEl : (List<org.jdom.Element>) blockEl.getChildren()) {

            String userfieldName = userfieldEl.getName();

            if ("photo".equals(userfieldName)) {
                // Do nothing
            } else if ("addresses".equals(userfieldName)) {
                int addressIndex = 0;
                for (org.jdom.Element addressEl : (List<org.jdom.Element>) userfieldEl.getChildren()) {
                    for (org.jdom.Element addressFieldEl : (List<org.jdom.Element>) addressEl.getChildren()) {
                        String addressFieldName = "address[" + addressIndex + "]." + addressFieldEl.getName();
                        String addressFieldValue = addressFieldEl.getText();
                        valuesFromXml.put(addressFieldName, addressFieldValue);
                    }
                    addressIndex++;
                }
            } else {
                String userfieldValue = userfieldEl.getText();
                valuesFromXml.put(userfieldName, userfieldValue);
            }
        }

        final UserInfo userInfo = parseCustomUserFieldValues(userStoreKey, valuesFromXml);

        addPhotoFromSession(session, userInfo);

        command.setUserInfo(userInfo);
    } else {
        command.setUsername(formItems.getString("uid_dummy", ""));
        command.setPassword(formItems.getString("password_dummy", ""));
        command.setDisplayName(formItems.getString("display_name", ""));
        command.setEmail(formItems.getString("email", ""));

        final UserInfo userInfo = parseCustomUserFieldValues(userStoreKey, formItems);
        command.setUserInfo(userInfo);
    }

    // Update user with group memberships
    TStringArrayList groupMemberships = new TStringArrayList();
    if (formItems.containsKey("member")) {
        String[] groupArray;
        if (isArrayFormItem(formItems, "member")) {
            groupArray = (String[]) formItems.get("member");
        } else {
            groupArray = new String[] { formItems.getString("member") };
        }

        for (String aGroupArray : groupArray) {
            if (isEnterpriseAdmin) {
                groupMemberships.add(aGroupArray);
                command.addMembership(new GroupKey(aGroupArray));
            } else if (!isEnterpriseAdmin && isUserstoreAdmin
                    && enterpriseAdminGroupKey.toString().equalsIgnoreCase(aGroupArray)) {
                throw new SecurityException("No access to enterprise administrators group");
            } else if (!isEnterpriseAdmin && isUserstoreAdmin
                    && !enterpriseAdminGroupKey.toString().equalsIgnoreCase(aGroupArray)) {
                groupMemberships.add(aGroupArray);
                command.addMembership(new GroupKey(aGroupArray));
            }
        }
    } else if (wizard) {
        String[] groupArray = (String[]) session.getAttribute("grouparray");
        if (groupArray != null) {
            for (String aGroupArray : groupArray) {
                if (isEnterpriseAdmin) {
                    // access to all groups/users
                    groupMemberships.add(aGroupArray);
                    command.addMembership(new GroupKey(aGroupArray));
                } else if (!isEnterpriseAdmin && isUserstoreAdmin
                        && enterpriseAdminGroupKey.toString().equalsIgnoreCase(aGroupArray)) {
                    throw new SecurityException("No access to enterprise administrators group");
                } else if (!isEnterpriseAdmin && isUserstoreAdmin
                        && !enterpriseAdminGroupKey.toString().equalsIgnoreCase(aGroupArray)) {
                    groupMemberships.add(aGroupArray);
                    command.addMembership(new GroupKey(aGroupArray));
                }
            }
        }
    }

    UserKey newUserKey = userStoreService.storeNewUser(command);
    UserEntity newUser = userDao.findByKey(newUserKey);

    MultiValueMap queryParams = new MultiValueMap();
    if (formItems.containsKey("mode")) {
        queryParams.put("mode", formItems.getString("mode"));
    }
    if (formItems.containsKey("callback")) {
        queryParams.put("callback", formItems.getString("callback"));
    }
    if (formItems.containsKey("modeselector")) {
        queryParams.put("modeselector", formItems.getString("modeselector"));
    }
    if (formItems.containsKey("userstoreselector")) {
        queryParams.put("userstoreselector", formItems.getString("userstoreselector"));
    }
    if (formItems.containsKey("excludekey")) {
        queryParams.put("excludekey", formItems.getString("excludekey"));
    }

    if (wizard) {
        if ("true".equals(formItems.getString("notification", ""))) {
            handlerNotification(request, response, session, admin, formItems, "sendnotification");
        } else {
            queryParams.put("page", formItems.get("page"));
            queryParams.put("op", "browse");
            queryParams.put("userstorekey", userStoreKey.toString());
            redirectClientToAdminPath("adminpage", queryParams, request, response);
        }
    } else {
        if ("true".equals(formItems.getString("notification", ""))) {
            queryParams.put("page", formItems.get("page"));
            queryParams.put("op", "notification");
            queryParams.put("userstorekey", userStoreKey.toString());
            queryParams.put("uid", newUser.getName());
            redirectClientToAdminPath("adminpage", queryParams, request, response);
        } else {
            queryParams.put("page", formItems.get("page"));
            queryParams.put("op", "browse");
            queryParams.put("userstorekey", userStoreKey.toString());
            redirectClientToAdminPath("adminpage", queryParams, request, response);
        }
    }
}

From source file:org.openanzo.combus.bayeux.BridgeConnectionManager.java

/**
 * Checks if the current user has read access to the given graph.
 * /*from  w w w. j a  v a 2 s .c o  m*/
 * @param graphUri
 *            The graph URI to check access.
 * @param opContext
 *            The operation context to use when communicating with the Anzo authorization service.
 * @return true if read access is granted, false otherwise.
 * @throws AnzoException
 */
private boolean userHasGraphReadAccess(URI graphUri, AnzoPrincipal principal, IOperationContext opContext)
        throws AnzoException {
    boolean ret = false;
    if (principal == null) {
        throw new SecurityException("No currrently logged in principal.");
    }
    Set<URI> principalRoles = principal.getRoles();

    if (principal.isSysadmin()) {
        ret = true;
    } else {
        Set<URI> roles = datasource.getAuthorizationService().getRolesForGraph(opContext, graphUri,
                Privilege.READ);
        ret = org.openanzo.rdf.utils.Collections.memberOf(roles, principalRoles);
    }
    return ret;
}

From source file:org.apache.catalina.loader.WebappClassLoader.java

/**
 * Find specified class in local repositories.
 *
 * @return the loaded class, or null if the class isn't found
 *//*ww  w.ja v  a  2s.  c  o  m*/
protected Class findClassInternal(String name) throws ClassNotFoundException {

    if (!validate(name))
        throw new ClassNotFoundException(name);

    String tempPath = name.replace('.', '/');
    String classPath = tempPath + ".class";

    ResourceEntry entry = null;

    entry = findResourceInternal(name, classPath);

    if ((entry == null) || (entry.binaryContent == null))
        throw new ClassNotFoundException(name);

    Class clazz = entry.loadedClass;
    if (clazz != null)
        return clazz;

    // Looking up the package
    String packageName = null;
    int pos = name.lastIndexOf('.');
    if (pos != -1)
        packageName = name.substring(0, pos);

    Package pkg = null;

    if (packageName != null) {

        pkg = getPackage(packageName);

        // Define the package (if null)
        if (pkg == null) {
            if (entry.manifest == null) {
                definePackage(packageName, null, null, null, null, null, null, null);
            } else {
                definePackage(packageName, entry.manifest, entry.codeBase);
            }
        }

    }

    // Create the code source object
    CodeSource codeSource = new CodeSource(entry.codeBase, entry.certificates);

    if (securityManager != null) {

        // Checking sealing
        if (pkg != null) {
            boolean sealCheck = true;
            if (pkg.isSealed()) {
                sealCheck = pkg.isSealed(entry.codeBase);
            } else {
                sealCheck = (entry.manifest == null) || !isPackageSealed(packageName, entry.manifest);
            }
            if (!sealCheck)
                throw new SecurityException(
                        "Sealing violation loading " + name + " : Package " + packageName + " is sealed.");
        }

    }

    if (entry.loadedClass == null) {
        synchronized (this) {
            if (entry.loadedClass == null) {
                clazz = defineClass(name, entry.binaryContent, 0, entry.binaryContent.length, codeSource);
                entry.loadedClass = clazz;
                entry.binaryContent = null;
                entry.source = null;
                entry.codeBase = null;
                entry.manifest = null;
                entry.certificates = null;
            } else {
                clazz = entry.loadedClass;
            }
        }
    } else {
        clazz = entry.loadedClass;
    }

    return clazz;

}

From source file:org.openanzo.combus.bayeux.BridgeConnectionManager.java

/**
 * Checks if the current user has read access to the given graph.
 * //  w w w.  j  av  a2s  .co m
 * @param graphUri
 *            The graph URI to check access.
 * @param opContext
 *            The operation context to use when communicating with the Anzo authorization service.
 * @return true if read access is granted, false otherwise.
 * @throws AnzoException
 */
private boolean userHasGraphAddAccess(URI graphUri, AnzoPrincipal principal, IOperationContext opContext)
        throws AnzoException {
    boolean ret = false;
    if (principal == null) {
        throw new SecurityException("No currrently logged in principal.");
    }
    Set<URI> principalRoles = principal.getRoles();
    if (principal.isSysadmin()) {
        ret = true;
    } else {
        Set<URI> roles = datasource.getAuthorizationService().getRolesForGraph(opContext, graphUri,
                Privilege.ADD);
        ret = org.openanzo.rdf.utils.Collections.memberOf(roles, principalRoles);
    }
    return ret;
}

From source file:net.unicon.kaltura.service.KalturaService.java

/**
 * Get the KME with a permissions check to make sure the user key matches
 * @param keid the kaltura entry id/*from w w  w  .  j a  va  2 s  .c  om*/
 * @param entryService the katura entry service
 * @return the entry
 * @throws KalturaApiException if kaltura cannot be accessed
 * @throws IllegalArgumentException if the keid cannot be found for this user
 */
private KalturaBaseEntry getKalturaEntry(String userKey, String keid, KalturaBaseEntryService entryService)
        throws KalturaApiException {
    // DO NOT CACHE THIS ONE
    KalturaBaseEntry entry = null;
    // Cannot use the KMEF because it cannot filter by id correctly -AZ
    /*
    KalturaBaseEntryFilter kmef = new KalturaBaseEntryFilter();
    kmef.partnerIdEqual = this.kalturaConfig.getPartnerId();
    kmef.userIdEqual = currentUserName;
    kmef.idEqual = keid;
    //kmef.orderBy = "title";
    KalturaMediaListResponse listResponse = mediaService.list(kmef);
    if (listResponse != null && ! listResponse.objects.isEmpty()) {
    kme = listResponse.objects.get(0); // just get the first one
    }
     */
    // have to use - mediaService.get(keid); despite it not even checking if we have access to this - AZ
    entry = entryService.get(keid);
    if (entry == null) {
        // did not find the item by keid so we die
        throw new IllegalArgumentException(
                "Cannot find kaltura item (" + keid + ") with for user (" + userKey + ")");
    }
    // also do a manual check for security, not so sure about this check though -AZ
    if (entry.partnerId != this.kalturaConfig.getPartnerId()) {
        throw new SecurityException("KME partnerId (" + entry.partnerId + ") does not match current one ("
                + this.kalturaConfig.getPartnerId() + "), cannot access this KME (" + keid + ")");
    }
    return entry;
}

From source file:com.android.server.MountService.java

private void validatePermission(String perm) {
    if (mContext.checkCallingOrSelfPermission(perm) != PackageManager.PERMISSION_GRANTED) {
        throw new SecurityException(String.format("Requires %s permission", perm));
    }/*  ww w .  j ava 2s . c  o m*/
}

From source file:com.android.server.MountService.java

private void validateUserRestriction(String restriction) {
    if (hasUserRestriction(restriction)) {
        throw new SecurityException("User has restriction " + restriction);
    }/*from ww  w .java2 s .  c  o m*/
}

From source file:org.artifactory.security.SecurityServiceImpl.java

private void assertAdmin() {
    if (!isAdmin()) {
        throw new SecurityException(
                "The attempted action is permitted to users with administrative privileges only.");
    }/*from w  w w  .  ja va 2s  .co  m*/
}

From source file:ch.puzzle.itc.mobiliar.business.deploy.boundary.DeploymentBoundary.java

/**
 * Checks if the validation failed and throws the right exception
 *
 * @param validation/*from   ww  w .  j a  v  a  2s  . c  o  m*/
 */
private void checkValidation(DeploymentOperationValidation validation, DeploymentEntity deployment)
        throws DeploymentStateException {
    if (DeploymentOperationValidation.MISSING_PERMISSION.equals(validation)) {
        throw new SecurityException("User " + permissionService.getCurrentUserName()
                + " has no permisson to change deployment " + deployment.getId());
    } else if (DeploymentOperationValidation.WRONG_STATE.equals(validation)) {
        throw new DeploymentStateException("Deployment " + deployment.getId() + " can not be changed");
    }
}