List of usage examples for java.lang SecurityException SecurityException
public SecurityException(Throwable cause)
From source file:com.enonic.vertical.adminweb.UserHandlerServlet.java
public void handlerUpdate(HttpServletRequest request, HttpServletResponse response, HttpSession session, AdminService admin, ExtendedMap formItems) throws VerticalAdminException, VerticalEngineException { UserStoreKey userStoreKey = new UserStoreKey(formItems.getInt("userstorekey")); UserStoreEntity userStore = userStoreDao.findByKey(userStoreKey); User oldUser = securityService.getLoggedInAdminConsoleUser(); UserEntity user = securityService.getUser(oldUser); GroupKey enterpriseAdminGroupKey = securityService.getEnterpriseAdministratorGroup(); String uid = formItems.getString("uid_dummy"); UserSpecification userSpecification = new UserSpecification(); userSpecification.setName(uid);/*from w w w. jav a2s.c om*/ userSpecification.setUserStoreKey(userStoreKey); userSpecification.setDeletedStateNotDeleted(); UpdateUserCommand command = new UpdateUserCommand(user.getKey(), userSpecification); command.setUpdateStrategy(UpdateUserCommand.UpdateStrategy.REPLACE_NEW); command.setAllowUpdateSelf(true); command.setDisplayName(formItems.getString("display_name", "")); command.setEmail(formItems.getString("email", "")); boolean syncMembershipsOnlyIfAllowed = false; if (memberOfResolver.hasEnterpriseAdminPowers(user.getKey()) || memberOfResolver.hasUserStoreAdministratorPowers(user.getKey(), userStoreKey)) { syncMembershipsOnlyIfAllowed = true; } command.setSyncMemberships(syncMembershipsOnlyIfAllowed); command.setRemovePhoto(formItems.getBoolean("remove_photo", false)); TStringArrayList groupMemberships = new TStringArrayList(); if (formItems.containsKey("member")) { String[] groupArray; if (isArrayFormItem(formItems, "member")) { groupArray = (String[]) formItems.get("member"); } else { groupArray = new String[] { formItems.getString("member") }; } boolean isEnterpriseAdmin = false; if (user.isEnterpriseAdmin()) { isEnterpriseAdmin = true; } boolean isUserstoreAdmin = false; if (user.isUserstoreAdmin(userStore)) { isUserstoreAdmin = true; } for (String aGroupArray : groupArray) { if (isEnterpriseAdmin) { // access to all groups/users groupMemberships.add(aGroupArray); command.addMembership(new GroupKey(aGroupArray)); } else if (!isEnterpriseAdmin && isUserstoreAdmin && enterpriseAdminGroupKey.toString().equalsIgnoreCase(aGroupArray)) { throw new SecurityException("No access to enterprise administrators group"); } // else if ( !isEnterpriseAdmin && isUserstoreAdmin && !enterpriseAdminGroupKey.toString().equalsIgnoreCase( aGroupArray ) ) else if (!isEnterpriseAdmin && !enterpriseAdminGroupKey.toString().equalsIgnoreCase(aGroupArray)) { groupMemberships.add(aGroupArray); command.addMembership(new GroupKey(aGroupArray)); } } } final UserInfo userInfo = parseCustomUserFieldValues(userStoreKey, formItems, true); command.setUserInfo(userInfo); userStoreService.updateUser(command); MultiValueMap queryParams = new MultiValueMap(); queryParams.put("userstorekey", userStoreKey.toString()); if (formItems.containsKey("mode")) { queryParams.put("mode", formItems.getString("mode")); } if (formItems.containsKey("callback")) { queryParams.put("callback", formItems.getString("callback")); } if (formItems.containsKey("modeselector")) { queryParams.put("modeselector", formItems.getString("modeselector")); } if (formItems.containsKey("userstoreselector")) { queryParams.put("userstoreselector", formItems.getString("userstoreselector")); } if (formItems.containsKey("excludekey")) { queryParams.put("excludekey", formItems.getString("excludekey")); } if (admin.isUserStoreAdmin(oldUser, userStoreKey)) { queryParams.put("page", formItems.get("page")); queryParams.put("userstorekey", userStoreKey.toString()); if ("true".equals(formItems.getString("notification", ""))) { queryParams.put("op", "notification"); queryParams.put("uid", uid); } else { queryParams.put("op", "browse"); } } else { queryParams.put("page", "960"); queryParams.put("op", "page"); } redirectClientToAdminPath("adminpage", queryParams, request, response); }
From source file:com.android.server.MountService.java
/** * Validate a user-supplied password string with cryptfs *//*from ww w.j av a 2s.c o m*/ @Override public int verifyEncryptionPassword(String password) throws RemoteException { // Only the system process is permitted to validate passwords if (Binder.getCallingUid() != android.os.Process.SYSTEM_UID) { throw new SecurityException("no permission to access the crypt keeper"); } mContext.enforceCallingOrSelfPermission(Manifest.permission.CRYPT_KEEPER, "no permission to access the crypt keeper"); if (TextUtils.isEmpty(password)) { throw new IllegalArgumentException("password cannot be empty"); } waitForReady(); if (DEBUG_EVENTS) { Slog.i(TAG, "validating encryption password..."); } final NativeDaemonEvent event; try { event = mConnector.execute("cryptfs", "verifypw", new SensitiveArg(toHex(password))); Slog.i(TAG, "cryptfs verifypw => " + event.getMessage()); return Integer.parseInt(event.getMessage()); } catch (NativeDaemonConnectorException e) { // Encryption failed return e.getCode(); } }
From source file:com.android.server.MountService.java
@Override public int mkdirs(String callingPkg, String appPath) { final int userId = UserHandle.getUserId(Binder.getCallingUid()); final UserEnvironment userEnv = new UserEnvironment(userId); // Validate that reported package name belongs to caller final AppOpsManager appOps = (AppOpsManager) mContext.getSystemService(Context.APP_OPS_SERVICE); appOps.checkPackage(Binder.getCallingUid(), callingPkg); try {//from w ww .j a v a 2s . c o m appPath = new File(appPath).getCanonicalPath(); } catch (IOException e) { Slog.e(TAG, "Failed to resolve " + appPath + ": " + e); return -1; } if (!appPath.endsWith("/")) { appPath = appPath + "/"; } // Try translating the app path into a vold path, but require that it // belong to the calling package. String voldPath = maybeTranslatePathForVold(appPath, userEnv.buildExternalStorageAppDataDirs(callingPkg), userEnv.buildExternalStorageAppDataDirsForVold(callingPkg)); if (voldPath != null) { try { mConnector.execute("volume", "mkdirs", voldPath); return 0; } catch (NativeDaemonConnectorException e) { return e.getCode(); } } voldPath = maybeTranslatePathForVold(appPath, userEnv.buildExternalStorageAppObbDirs(callingPkg), userEnv.buildExternalStorageAppObbDirsForVold(callingPkg)); if (voldPath != null) { try { mConnector.execute("volume", "mkdirs", voldPath); return 0; } catch (NativeDaemonConnectorException e) { return e.getCode(); } } voldPath = maybeTranslatePathForVold(appPath, userEnv.buildExternalStorageAppMediaDirs(callingPkg), userEnv.buildExternalStorageAppMediaDirsForVold(callingPkg)); if (voldPath != null) { try { mConnector.execute("volume", "mkdirs", voldPath); return 0; } catch (NativeDaemonConnectorException e) { return e.getCode(); } } throw new SecurityException("Invalid mkdirs path: " + appPath); }