List of usage examples for java.security AccessControlException AccessControlException
public AccessControlException(String s)
From source file:com.thinkbiganalytics.metadata.modeshape.support.JcrPropertyUtil.java
@SuppressWarnings("unchecked") public static Iterable<Property> propertiesIterable(Node node) { return () -> { try {/* www.jav a 2 s.c o m*/ return node.getProperties(); } catch (AccessDeniedException e) { log.debug("Access denied", e); throw new AccessControlException(e.getMessage()); } catch (RepositoryException e) { throw new MetadataRepositoryException("Failed to get the properties of node: " + node, e); } }; }
From source file:servlets.Samples_servlets.java
private void get_biocondition_handler(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { try {/*from w w w. j a v a 2s. co m*/ DAO dao_instance = null; BioCondition biocondition = null; try { JsonParser parser = new JsonParser(); JsonObject requestData = (JsonObject) parser.parse(request.getReader()); String loggedUser = requestData.get("loggedUser").getAsString(); String sessionToken = requestData.get("sessionToken").getAsString(); /** * ******************************************************* * STEP 1 CHECK IF THE USER IS LOGGED CORRECTLY IN THE APP. IF * ERROR --> throws exception if not valid session, GO TO STEP * 5b ELSE --> GO TO STEP 2 * ******************************************************* */ if (!checkAccessPermissions(loggedUser, sessionToken)) { throw new AccessControlException("Your session is invalid. User or session token not allowed."); } /** * ******************************************************* * STEP 2 Get ALL THE ANALYSIS Object from DB. IF ERROR --> * throws MySQL exception, GO TO STEP 3b ELSE --> GO TO STEP 3 * ******************************************************* */ dao_instance = DAOProvider.getDAOByName("BioCondition"); boolean loadRecursive = requestData.get("recursive").getAsBoolean(); ; Object[] params = { loadRecursive }; String biocondition_id = requestData.get("biocondition_id").getAsString(); biocondition = (BioCondition) dao_instance.findByID(biocondition_id, params); } catch (Exception e) { ServerErrorManager.handleException(e, Samples_servlets.class.getName(), "get_biocondition_handler", e.getMessage()); } finally { /** * ******************************************************* * STEP 4b CATCH ERROR. GO TO STEP 5 * ******************************************************* */ if (ServerErrorManager.errorStatus()) { response.setStatus(400); response.getWriter().print(ServerErrorManager.getErrorResponse()); } else { /** * ******************************************************* * STEP 4A WRITE RESPONSE ERROR. GO TO STEP 5 * ******************************************************* */ response.getWriter().print(biocondition.toJSON()); } /** * ******************************************************* * STEP 5 Close connection. * ******************************************************** */ if (dao_instance != null) { dao_instance.closeConnection(); } } //CATCH IF THE ERROR OCCURRED IN ROLL BACK OR CONNECTION CLOSE } catch (Exception e) { ServerErrorManager.handleException(e, Samples_servlets.class.getName(), "get_biocondition_handler", e.getMessage()); response.setStatus(400); response.getWriter().print(ServerErrorManager.getErrorResponse()); } }
From source file:azkaban.webapp.servlet.ProjectManagerServlet.java
private void handleJobPage(HttpServletRequest req, HttpServletResponse resp, Session session) throws ServletException { Page page = newPage(req, resp, session, "azkaban/webapp/servlet/velocity/jobpage.vm"); String projectName = getParam(req, "project"); String flowName = getParam(req, "flow"); String jobName = getParam(req, "job"); User user = session.getUser();//ww w.j a v a 2s. c o m Project project = null; Flow flow = null; try { project = projectManager.getProject(projectName); if (project == null) { page.add("errorMsg", "Project " + projectName + " not found."); page.render(); return; } if (!hasPermission(project, user, Type.READ)) { throw new AccessControlException("No permission to view project " + projectName + "."); } page.add("project", project); flow = project.getFlow(flowName); if (flow == null) { page.add("errorMsg", "Flow " + flowName + " not found."); page.render(); return; } page.add("flowid", flow.getId()); Node node = flow.getNode(jobName); if (node == null) { page.add("errorMsg", "Job " + jobName + " not found."); page.render(); return; } Props prop = projectManager.getProperties(project, node.getJobSource()); Props overrideProp = projectManager.getJobOverrideProperty(project, jobName); if (overrideProp == null) { overrideProp = new Props(); } Props comboProp = new Props(prop); for (String key : overrideProp.getKeySet()) { comboProp.put(key, overrideProp.get(key)); } page.add("jobid", node.getId()); page.add("jobtype", node.getType()); ArrayList<String> dependencies = new ArrayList<String>(); Set<Edge> inEdges = flow.getInEdges(node.getId()); if (inEdges != null) { for (Edge dependency : inEdges) { dependencies.add(dependency.getSourceId()); } } if (!dependencies.isEmpty()) { page.add("dependencies", dependencies); } ArrayList<String> dependents = new ArrayList<String>(); Set<Edge> outEdges = flow.getOutEdges(node.getId()); if (outEdges != null) { for (Edge dependent : outEdges) { dependents.add(dependent.getTargetId()); } } if (!dependents.isEmpty()) { page.add("dependents", dependents); } // Resolve property dependencies ArrayList<String> source = new ArrayList<String>(); String nodeSource = node.getPropsSource(); if (nodeSource != null) { source.add(nodeSource); FlowProps parent = flow.getFlowProps(nodeSource); while (parent.getInheritedSource() != null) { source.add(parent.getInheritedSource()); parent = flow.getFlowProps(parent.getInheritedSource()); } } if (!source.isEmpty()) { page.add("properties", source); } ArrayList<Pair<String, String>> parameters = new ArrayList<Pair<String, String>>(); // Parameter for (String key : comboProp.getKeySet()) { String value = comboProp.get(key); parameters.add(new Pair<String, String>(key, value)); } page.add("parameters", parameters); } catch (AccessControlException e) { page.add("errorMsg", e.getMessage()); } catch (ProjectManagerException e) { page.add("errorMsg", e.getMessage()); } page.render(); }
From source file:servlets.Analysis_servlets.java
private void delete_analysis_handler(HttpServletRequest request, HttpServletResponse response) throws IOException { try {/* w w w . j a va 2s . c o m*/ boolean ROLLBACK_NEEDED = false; DAO daoInstance = null; boolean removable = true; String loggedUser = null; String analysisID = null; try { /** * ******************************************************* * STEP 1 CHECK IF THE USER IS LOGGED CORRECTLY IN THE APP. IF * ERROR --> throws exception if not valid session, GO TO STEP * ELSE --> GO TO STEP 2 * ******************************************************* */ JsonParser parser = new JsonParser(); JsonObject requestData = (JsonObject) parser.parse(request.getReader()); loggedUser = requestData.get("loggedUser").getAsString(); String sessionToken = requestData.get("sessionToken").getAsString(); if (!checkAccessPermissions(loggedUser, sessionToken)) { throw new AccessControlException("Your session is invalid. User or session token not allowed."); } String loggedUserID = requestData.get("loggedUserID").getAsString(); String experimentID = requestData.get("currentExperimentID").getAsString(); analysisID = requestData.get("analysis_id").getAsString(); /** * ******************************************************* * STEP 2 Get THE ANALYSIS Object from DB. IF ERROR --> throws * MySQL exception, GO TO STEP 3b ELSE --> GO TO STEP 3 * ******************************************************* */ boolean loadRecursive = true; Object[] params = { loadRecursive }; daoInstance = DAOProvider.getDAOByName("Analysis"); Analysis analysis = (Analysis) daoInstance.findByID(analysisID, params); if (!analysis.isOwner(loggedUserID) && !loggedUserID.equals("admin")) { throw new AccessControlException( "Cannot remove selected Analysis. Current user has not privileges over this element."); } /** * ******************************************************* * STEP 3 Check if the user + the users in the remove_requests * list are the owners for all the steps. If at least one of the * steps has an user not in the list and the step is not * imported, then we add the user to the remove_requests. * Otherwise, we can remove the steps (or unlink) and the * analysis. * ******************************************************* */ Set<String> users = new HashSet<String>(Arrays.asList(analysis.getRemoveRequests())); users.add(loggedUserID); //TODO: add admin user !loggedUserID.equalsIgnoreCase("admin") for (Step step : analysis.getNonProcessedData()) { if (step.getAnalysisID().equalsIgnoreCase(analysisID)) { //If not imported step boolean isOwner = false; for (String user : users) { //Check if at least one of the users that want to remove is owner isOwner = isOwner || step.isOwner(user); } if (!isOwner) { removable = false; break; } } } if (removable) { for (Step step : analysis.getProcessedData()) { if (step.getAnalysisID().equalsIgnoreCase(analysisID)) { //If not imported step boolean isOwner = false; for (String user : users) { //Check if at least one of the users that want to remove is owner isOwner = isOwner || step.isOwner(user); } if (!isOwner) { removable = false; break; } } } } /** * ******************************************************* * STEP 4 If the analysis is removable, then we proceed to * remove the analysis (includes unlinking shared steps). * Otherwise, we update the list of remove_requests * ******************************************************* */ daoInstance = DAOProvider.getDAOByName("Analysis"); daoInstance.disableAutocommit(); ROLLBACK_NEEDED = true; if (removable) { ((Analysis_JDBCDAO) daoInstance).remove(analysis); //DELETE THE DATA DIRECTORY File file = new File( DATA_LOCATION + IMAGE_FILES_LOCATION.replaceAll("<experiment_id>", experimentID) + analysisID + "_prev.jpg"); if (file.exists()) { file.delete(); } file = new File(DATA_LOCATION + IMAGE_FILES_LOCATION.replaceAll("<experiment_id>", experimentID) + analysisID + ".png"); if (file.exists()) { file.delete(); } } else { ((Analysis_JDBCDAO) daoInstance).updateRemoveRequests(analysisID, users.toArray(new String[] {})); } /** * ******************************************************* * STEP 5 COMMIT CHANGES TO DATABASE. throws SQLException IF * ERROR --> throws SQL Exception, GO TO STEP ? ELSE --> GO TO * STEP 6 * ******************************************************* */ daoInstance.doCommit(); } catch (Exception e) { ServerErrorManager.handleException(e, Analysis_servlets.class.getName(), "remove_analysis_handler", e.getMessage()); } finally { /** * ******************************************************* * STEP 7b CATCH ERROR, CLEAN CHANGES. throws SQLException * ******************************************************* */ if (ServerErrorManager.errorStatus()) { response.setStatus(400); response.getWriter().print(ServerErrorManager.getErrorResponse()); if (ROLLBACK_NEEDED) { daoInstance.doRollback(); } } else { JsonObject obj = new JsonObject(); obj.add("success", new JsonPrimitive(true)); obj.add("removed", new JsonPrimitive(removable)); response.getWriter().print(obj.toString()); } BlockedElementsManager.getBlockedElementsManager().unlockObject(analysisID, loggedUser); /** * ******************************************************* * STEP 9 Close connection. * ******************************************************** */ if (daoInstance != null) { daoInstance.closeConnection(); } } //CATCH IF THE ERROR OCCURRED IN ROLL BACK OR CONNECTION CLOSE } catch (Exception e) { ServerErrorManager.handleException(e, Analysis_servlets.class.getName(), "remove_analysis_handler", e.getMessage()); response.setStatus(400); response.getWriter().print(ServerErrorManager.getErrorResponse()); } }
From source file:servlets.Samples_servlets.java
private void lock_biocondition_handler(HttpServletRequest request, HttpServletResponse response) throws IOException { boolean alreadyLocked = false; String locker_id = ""; try {// w ww . ja va 2 s . com /** * ******************************************************* * STEP 1 CHECK IF THE USER IS LOGGED CORRECTLY IN THE APP. IF ERROR * --> throws exception if not valid session, GO TO STEP 5b ELSE --> * GO TO STEP 2 * ******************************************************* */ JsonParser parser = new JsonParser(); JsonObject requestData = (JsonObject) parser.parse(request.getReader()); String loggedUser = requestData.get("loggedUser").getAsString(); String sessionToken = requestData.get("sessionToken").getAsString(); /** * ******************************************************* * STEP 1 CHECK IF THE USER IS LOGGED CORRECTLY IN THE APP. IF ERROR * --> throws exception if not valid session, GO TO STEP ELSE --> GO * TO STEP 2 ******************************************************* */ if (!checkAccessPermissions(loggedUser, sessionToken)) { throw new AccessControlException("Your session is invalid. User or session token not allowed."); } /** * ******************************************************* * STEP 2 GET THE OBJECT ID AND TRY TO LOCK IT. IF ERROR --> throws * exception, GO TO STEP ELSE --> GO TO STEP 3 * ******************************************************* */ String biocondition_id = requestData.get("biocondition_id").getAsString(); alreadyLocked = !BlockedElementsManager.getBlockedElementsManager().lockObject(biocondition_id, loggedUser); if (alreadyLocked) { locker_id = BlockedElementsManager.getBlockedElementsManager().getLockerID(biocondition_id); } } catch (Exception e) { ServerErrorManager.handleException(e, Samples_servlets.class.getName(), "lock_biocondition_handler", e.getMessage()); } finally { /** * ******************************************************* * STEP 4b CATCH ERROR. GO TO STEP 5 * ******************************************************* */ if (ServerErrorManager.errorStatus()) { response.setStatus(400); response.getWriter().print(ServerErrorManager.getErrorResponse()); } else { /** * ******************************************************* * STEP 3A WRITE RESPONSE . * ******************************************************* */ JsonObject obj = new JsonObject(); if (alreadyLocked) { obj.add("success", new JsonPrimitive(false)); obj.add("reason", new JsonPrimitive(BlockedElementsManager.getErrorMessage())); obj.add("user_id", new JsonPrimitive(locker_id)); } else { obj.add("success", new JsonPrimitive(true)); } response.getWriter().print(obj.toString()); } } }
From source file:org.apache.hadoop.yarn.server.resourcemanager.ClientRMService.java
@SuppressWarnings("unchecked") @Override/*ww w . ja v a2 s. c o m*/ public MoveApplicationAcrossQueuesResponse moveApplicationAcrossQueues( MoveApplicationAcrossQueuesRequest request) throws YarnException { ApplicationId applicationId = request.getApplicationId(); UserGroupInformation callerUGI; try { callerUGI = UserGroupInformation.getCurrentUser(); } catch (IOException ie) { LOG.info("Error getting UGI ", ie); RMAuditLogger.logFailure("UNKNOWN", AuditConstants.MOVE_APP_REQUEST, "UNKNOWN", "ClientRMService", "Error getting UGI", applicationId); throw RPCUtil.getRemoteException(ie); } RMApp application = this.rmContext.getRMApps().get(applicationId); if (application == null) { RMAuditLogger.logFailure(callerUGI.getUserName(), AuditConstants.MOVE_APP_REQUEST, "UNKNOWN", "ClientRMService", "Trying to move an absent application", applicationId); throw new ApplicationNotFoundException("Trying to move an absent" + " application " + applicationId); } if (!checkAccess(callerUGI, application.getUser(), ApplicationAccessType.MODIFY_APP, application)) { RMAuditLogger.logFailure(callerUGI.getShortUserName(), AuditConstants.MOVE_APP_REQUEST, "User doesn't have permissions to " + ApplicationAccessType.MODIFY_APP.toString(), "ClientRMService", AuditConstants.UNAUTHORIZED_USER, applicationId); throw RPCUtil.getRemoteException( new AccessControlException("User " + callerUGI.getShortUserName() + " cannot perform operation " + ApplicationAccessType.MODIFY_APP.name() + " on " + applicationId)); } // Moves only allowed when app is in a state that means it is tracked by // the scheduler if (EnumSet.of(RMAppState.NEW, RMAppState.NEW_SAVING, RMAppState.FAILED, RMAppState.FINAL_SAVING, RMAppState.FINISHING, RMAppState.FINISHED, RMAppState.KILLED, RMAppState.KILLING, RMAppState.FAILED) .contains(application.getState())) { String msg = "App in " + application.getState() + " state cannot be moved."; RMAuditLogger.logFailure(callerUGI.getShortUserName(), AuditConstants.MOVE_APP_REQUEST, "UNKNOWN", "ClientRMService", msg); throw new YarnException(msg); } SettableFuture<Object> future = SettableFuture.create(); this.rmContext.getDispatcher().getEventHandler() .handle(new RMAppMoveEvent(applicationId, request.getTargetQueue(), future)); try { Futures.get(future, YarnException.class); } catch (YarnException ex) { RMAuditLogger.logFailure(callerUGI.getShortUserName(), AuditConstants.MOVE_APP_REQUEST, "UNKNOWN", "ClientRMService", ex.getMessage()); throw ex; } RMAuditLogger.logSuccess(callerUGI.getShortUserName(), AuditConstants.MOVE_APP_REQUEST, "ClientRMService", applicationId); MoveApplicationAcrossQueuesResponse response = recordFactory .newRecordInstance(MoveApplicationAcrossQueuesResponse.class); return response; }
From source file:azkaban.webapp.servlet.ProjectManagerServlet.java
private void handlePropertyPage(HttpServletRequest req, HttpServletResponse resp, Session session) throws ServletException { Page page = newPage(req, resp, session, "azkaban/webapp/servlet/velocity/propertypage.vm"); String projectName = getParam(req, "project"); String flowName = getParam(req, "flow"); String jobName = getParam(req, "job"); String propSource = getParam(req, "prop"); User user = session.getUser();/*from w ww . j a va 2 s . co m*/ Project project = null; Flow flow = null; try { project = projectManager.getProject(projectName); if (project == null) { page.add("errorMsg", "Project " + projectName + " not found."); page.render(); return; } if (!hasPermission(project, user, Type.READ)) { throw new AccessControlException("No permission to view project " + projectName + "."); } page.add("project", project); flow = project.getFlow(flowName); if (flow == null) { page.add("errorMsg", "Flow " + flowName + " not found."); page.render(); return; } page.add("flowid", flow.getId()); Node node = flow.getNode(jobName); if (node == null) { page.add("errorMsg", "Job " + jobName + " not found."); page.render(); return; } Props prop = projectManager.getProperties(project, propSource); page.add("property", propSource); page.add("jobid", node.getId()); // Resolve property dependencies ArrayList<String> inheritProps = new ArrayList<String>(); FlowProps parent = flow.getFlowProps(propSource); while (parent.getInheritedSource() != null) { inheritProps.add(parent.getInheritedSource()); parent = flow.getFlowProps(parent.getInheritedSource()); } if (!inheritProps.isEmpty()) { page.add("inheritedproperties", inheritProps); } ArrayList<String> dependingProps = new ArrayList<String>(); FlowProps child = flow.getFlowProps(flow.getNode(jobName).getPropsSource()); while (!child.getSource().equals(propSource)) { dependingProps.add(child.getSource()); child = flow.getFlowProps(child.getInheritedSource()); } if (!dependingProps.isEmpty()) { page.add("dependingproperties", dependingProps); } ArrayList<Pair<String, String>> parameters = new ArrayList<Pair<String, String>>(); // Parameter for (String key : prop.getKeySet()) { String value = prop.get(key); parameters.add(new Pair<String, String>(key, value)); } page.add("parameters", parameters); } catch (AccessControlException e) { page.add("errorMsg", e.getMessage()); } catch (ProjectManagerException e) { page.add("errorMsg", e.getMessage()); } page.render(); }
From source file:servlets.Samples_servlets.java
private void unlock_biocondition_handler(HttpServletRequest request, HttpServletResponse response) throws IOException { boolean alreadyLocked = false; try {//from w ww. j a va 2 s.c o m JsonParser parser = new JsonParser(); JsonObject requestData = (JsonObject) parser.parse(request.getReader()); String loggedUser = requestData.get("loggedUser").getAsString(); String sessionToken = requestData.get("sessionToken").getAsString(); /** * ******************************************************* * STEP 1 CHECK IF THE USER IS LOGGED CORRECTLY IN THE APP. IF ERROR * --> throws exception if not valid session, GO TO STEP ELSE --> GO * TO STEP 2 ******************************************************* */ if (!checkAccessPermissions(loggedUser, sessionToken)) { throw new AccessControlException("Your session is invalid. User or session token not allowed."); } /** * ******************************************************* * STEP 2 GET THE OBJECT ID AND TRY TO LOCK IT. IF ERROR --> throws * exception, GO TO STEP ELSE --> GO TO STEP 3 * ******************************************************* */ String biocondition_id = requestData.get("biocondition_id").getAsString(); alreadyLocked = !BlockedElementsManager.getBlockedElementsManager().unlockObject(biocondition_id, loggedUser); } catch (Exception e) { ServerErrorManager.handleException(e, Samples_servlets.class.getName(), "unlock_biocondition_handler", e.getMessage()); } finally { /** * ******************************************************* * STEP 4b CATCH ERROR. GO TO STEP 5 * ******************************************************* */ if (ServerErrorManager.errorStatus()) { response.setStatus(400); response.getWriter().print(ServerErrorManager.getErrorResponse()); } else { /** * ******************************************************* * STEP 3A WRITE RESPONSE ERROR. * ******************************************************* */ JsonObject obj = new JsonObject(); if (alreadyLocked) { obj.add("success", new JsonPrimitive(false)); obj.add("reason", new JsonPrimitive(BlockedElementsManager.getErrorMessage())); } else { obj.add("success", new JsonPrimitive(true)); } response.getWriter().print(obj.toString()); } } }
From source file:azkaban.webapp.servlet.ProjectManagerServlet.java
private void handleFlowPage(HttpServletRequest req, HttpServletResponse resp, Session session) throws ServletException { Page page = newPage(req, resp, session, "azkaban/webapp/servlet/velocity/flowpage.vm"); String projectName = getParam(req, "project"); String flowName = getParam(req, "flow"); User user = session.getUser();/* w ww .jav a2 s . c o m*/ Project project = null; Flow flow = null; try { project = projectManager.getProject(projectName); if (project == null) { page.add("errorMsg", "Project " + projectName + " not found."); page.render(); return; } if (!hasPermission(project, user, Type.READ)) { throw new AccessControlException("No permission Project " + projectName + "."); } page.add("project", project); flow = project.getFlow(flowName); if (flow == null) { page.add("errorMsg", "Flow " + flowName + " not found."); } else { page.add("flowid", flow.getId()); } } catch (AccessControlException e) { page.add("errorMsg", e.getMessage()); } page.render(); }
From source file:azkaban.webapp.servlet.ProjectManagerServlet.java
private void handleProjectPage(HttpServletRequest req, HttpServletResponse resp, Session session) throws ServletException { Page page = newPage(req, resp, session, "azkaban/webapp/servlet/velocity/projectpage.vm"); String projectName = getParam(req, "project"); User user = session.getUser();/*from w w w . j a v a2 s. co m*/ Project project = null; try { project = projectManager.getProject(projectName); if (project == null) { page.add("errorMsg", "Project " + projectName + " not found."); } else { if (!hasPermission(project, user, Type.READ)) { throw new AccessControlException("No permission to view project " + projectName + "."); } page.add("project", project); page.add("admins", Utils.flattenToString(project.getUsersWithPermission(Type.ADMIN), ",")); Permission perm = this.getPermissionObject(project, user, Type.ADMIN); page.add("userpermission", perm); page.add("validatorFixPrompt", projectManager.getProps().getBoolean(ValidatorConfigs.VALIDATOR_AUTO_FIX_PROMPT_FLAG_PARAM, ValidatorConfigs.DEFAULT_VALIDATOR_AUTO_FIX_PROMPT_FLAG)); page.add("validatorFixLabel", projectManager.getProps().get(ValidatorConfigs.VALIDATOR_AUTO_FIX_PROMPT_LABEL_PARAM)); page.add("validatorFixLink", projectManager.getProps().get(ValidatorConfigs.VALIDATOR_AUTO_FIX_PROMPT_LINK_PARAM)); boolean adminPerm = perm.isPermissionSet(Type.ADMIN); if (adminPerm) { page.add("admin", true); } // Set this so we can display execute buttons only to those who have // access. if (perm.isPermissionSet(Type.EXECUTE) || adminPerm) { page.add("exec", true); } else { page.add("exec", false); } List<Flow> flows = project.getFlows(); if (!flows.isEmpty()) { Collections.sort(flows, FLOW_ID_COMPARATOR); page.add("flows", flows); } } } catch (AccessControlException e) { page.add("errorMsg", e.getMessage()); } page.render(); }