List of usage examples for java.security AccessControlException AccessControlException
public AccessControlException(String s)
From source file:com.thinkbiganalytics.metadata.modeshape.support.JcrPropertyUtil.java
public static <E extends Enum<E>> E getEnum(Node node, String name, Class<E> enumType, E defaultValue) { try {// ww w . ja va2 s. c o m Property prop = node.getProperty(name); return Enum.valueOf(enumType, prop.getString()); } catch (PathNotFoundException e) { return defaultValue; } catch (AccessDeniedException e) { log.debug("Access denied", e); throw new AccessControlException(e.getMessage()); } catch (RepositoryException e) { throw new MetadataRepositoryException("Failed to access property: " + name, e); } }
From source file:com.thinkbiganalytics.metadata.modeshape.support.JcrUtil.java
public static Node createNode(Node parentNode, String name, String nodeType) { try {/*from w w w . j a va2s .c o m*/ return parentNode.addNode(name, nodeType); } catch (AccessDeniedException e) { log.debug("Access denied", e); throw new AccessControlException(e.getMessage()); } catch (RepositoryException e) { throw new MetadataRepositoryException("Failed to create the Node named " + name, e); } }
From source file:com.thinkbiganalytics.metadata.modeshape.common.JcrPropertiesEntity.java
/** * Merges any new properties in with the other Extra Properties *//*from w w w. j a v a 2s . co m*/ @Override public Map<String, Object> mergeProperties(Map<String, Object> props) { Map<String, Object> newProps = new HashMap<>(); Map<String, Object> origProps = getProperties(); if (origProps != null) { newProps.putAll(origProps); } if (props != null) { newProps.putAll(props); } Optional<JcrProperties> propsObj = ensurePropertiesObject(); if (propsObj.isPresent()) { for (Map.Entry<String, Object> entry : newProps.entrySet()) { try { propsObj.get().setProperty(entry.getKey(), entry.getValue()); } catch (MetadataRepositoryException e) { if (ExceptionUtils.getRootCause(e) instanceof ConstraintViolationException) { //this is ok } else { throw e; } } } } else { log.debug("Unable to set property: \"{}\" on node: {}", getNode(), this.node); throw new AccessControlException("You do not have the permission to set properties"); } return newProps; }
From source file:com.thinkbiganalytics.metadata.modeshape.support.JcrUtil.java
public static void removeNode(Node node) { try {//from w ww. j a v a 2 s . c om node.remove(); } catch (AccessDeniedException e) { log.debug("Access denied", e); throw new AccessControlException(e.getMessage()); } catch (RepositoryException e) { throw new MetadataRepositoryException("Failed to remove the node " + node, e); } }
From source file:org.apache.syncope.core.rest.controller.UserController.java
@PreAuthorize("isAuthenticated() " + "and not(hasRole(T(org.apache.syncope.common.SyncopeConstants).ANONYMOUS_ENTITLEMENT))") public UserTO updateSelf(final UserMod userMod) { UserTO userTO = binder.getAuthenticatedUserTO(); if (userTO.getId() != userMod.getId()) { throw new AccessControlException("Not allowed for user id " + userMod.getId()); }//from w ww .j a v a2 s . co m return update(userMod); }
From source file:org.netxilia.api.impl.user.AclServiceImpl.java
@Override public void checkPermission(WorkbookId workbookId, Permission permission) throws AccessControlException { if (log.isDebugEnabled()) { log.debug("Check for " + workbookId + " " + permission + " isSet:" + AclPrivilegedMode.isSet()); }//from w ww.ja va 2s . c o m if (AclPrivilegedMode.isSet()) { return; } ISheet aclSheet = null; boolean wasSet = AclPrivilegedMode.set(); try { aclSheet = getAclSheet(workbookId); User user = userService.getCurrentUser(); if (user == null) { throw new AccessControlException("No current user"); } if (user.isAdmin()) { return; } // check user if (checkPermission(workbookProcessor, aclSheet, AclObjectType.workbook, user.getLogin(), null, permission)) { return; } // TODO: check groups // check all if (checkPermission(workbookProcessor, aclSheet, AclObjectType.workbook, ANY_USER, null, permission)) { return; } throw new AccessControlException("Operation not permitted"); } catch (NotFoundException e) { // only happens if somebody deleted the sheet right before the filtering throw new AccessControlException("Cannot check permissions. Reason: " + e); } catch (NetxiliaResourceException e) { throw new AccessControlException("Cannot check permissions. Reason: " + e); } catch (NetxiliaBusinessException e) { throw new AccessControlException("Cannot check permissions. Reason: " + e); } finally { if (!wasSet) { AclPrivilegedMode.clear(); } if (log.isDebugEnabled()) { log.debug("<-- done for " + workbookId + " " + permission); } } }
From source file:com.thinkbiganalytics.metadata.modeshape.support.JcrUtil.java
public static boolean removeNode(Node parentNode, String name) { try {/*from w ww. j a v a 2 s . co m*/ if (parentNode.hasNode(name)) { parentNode.getNode(name).remove(); return true; } else { return false; } } catch (AccessDeniedException e) { log.debug("Access denied", e); throw new AccessControlException(e.getMessage()); } catch (RepositoryException e) { throw new MetadataRepositoryException("Failed to remove the Node named " + name, e); } }
From source file:org.apache.qpid.server.management.plugin.servlet.rest.AbstractServlet.java
protected void authoriseManagement(HttpServletRequest request, Subject subject) { // TODO: We should eliminate SecurityManager.setThreadSubject in favour of Subject.doAs SecurityManager.setThreadSubject(subject); // Required for accessManagement check LogActor actor = createHttpManagementActor(request); CurrentActor.set(actor);/*from ww w . j a v a2 s .c o m*/ try { try { Subject.doAs(subject, new PrivilegedExceptionAction<Void>() // Required for proper logging of Subject { @Override public Void run() throws Exception { boolean allowed = getSecurityManager().accessManagement(); if (!allowed) { throw new AccessControlException("User is not authorised for management"); } return null; } }); } catch (PrivilegedActionException e) { throw new RuntimeException("Unable to perform access check", e); } } finally { try { CurrentActor.remove(); } finally { SecurityManager.setThreadSubject(null); } } }
From source file:servlets.Analysis_servlets.java
private void add_analysis_handler(HttpServletRequest request, HttpServletResponse response) throws IOException { try {/* www . j ava 2s. c om*/ String lockedID = null; boolean ROLLBACK_NEEDED = false; DAO daoInstance = null; Analysis analysis = null; try { JsonParser parser = new JsonParser(); JsonObject requestData = (JsonObject) parser.parse(request.getReader()); String loggedUser = requestData.get("loggedUser").getAsString(); String sessionToken = requestData.get("sessionToken").getAsString(); /** * ******************************************************* * STEP 1 CHECK IF THE USER IS LOGGED CORRECTLY IN THE APP. IF * ERROR --> throws exception if not valid session, GO TO STEP * 6b ELSE --> GO TO STEP 2 * ******************************************************* */ if (!checkAccessPermissions(loggedUser, sessionToken)) { throw new AccessControlException("Your session is invalid. User or session token not allowed."); } /** * ******************************************************* * STEP 2 Get the new ID for the ANALYSIS. IF ERROR --> throws * SQL Exception, GO TO STEP 5b ELSE --> GO TO STEP 3 * ******************************************************* */ daoInstance = DAOProvider.getDAOByName("Analysis"); lockedID = daoInstance.getNextObjectID(null); /** * ******************************************************* * STEP 3 Get the ANALYSIS Object by parsing the JSON data. IF * ERROR --> throws JsonParseException, GO TO STEP 5b ELSE --> * GO TO STEP 4 * ******************************************************* */ //Get parameters analysis = Analysis.fromJSON(requestData.get("analysis_json_data")); ArrayList<Step> steps = new ArrayList<Step>(); for (Step step : analysis.getNonProcessedData()) { if (!"new_deleted".equals(step.getStatus())) { steps.add(step); } } analysis.setNonProcessedData(steps.toArray(new NonProcessedData[] {})); steps = new ArrayList<Step>(); for (Step step : analysis.getProcessedData()) { if (!"new_deleted".equals(step.getStatus())) { steps.add(step); } } analysis.setProcessedData(steps.toArray(new ProcessedData[] {})); String experimentID = requestData.get("currentExperimentID").getAsString(); //Parse the data analysis.updateAnalysisID(lockedID); analysis.setAssociated_experiment(experimentID); /** * ******************************************************* * STEP 4 Add the new ANALYSIS Object in the DATABASE. IF ERROR * --> throws SQL Exception, GO TO STEP 5b ELSE --> GO TO STEP 5 * ******************************************************* */ daoInstance.disableAutocommit(); ROLLBACK_NEEDED = true; daoInstance.insert(analysis); /** * ******************************************************* * STEP 5 COMMIT CHANGES TO DATABASE. throws SQLException IF * ERROR --> throws SQL Exception, GO TO STEP 5b ELSE --> GO TO * STEP 6 * ******************************************************* */ daoInstance.doCommit(); } catch (Exception e) { ServerErrorManager.handleException(e, Analysis_servlets.class.getName(), "add_analysis_handler", e.getMessage()); } finally { /** * ******************************************************* * STEP 5b CATCH ERROR, CLEAN CHANGES. throws SQLException * ******************************************************* */ if (ServerErrorManager.errorStatus()) { response.setStatus(400); response.getWriter().print(ServerErrorManager.getErrorResponse()); if (ROLLBACK_NEEDED) { daoInstance.doRollback(); } } else { JsonObject obj = new JsonObject(); obj.add("newID", new JsonPrimitive(lockedID)); response.getWriter().print(obj.toString()); } /** * UNLOCK THE IDS */ if (lockedID != null) { BlockedElementsManager.getBlockedElementsManager().unlockID(lockedID); } /** * ******************************************************* * STEP 6 Close connection. * ******************************************************** */ if (daoInstance != null) { daoInstance.closeConnection(); } } //CATCH IF THE ERROR OCCURRED IN ROLL BACK OR CONNECTION CLOSE } catch (Exception e) { ServerErrorManager.handleException(e, Analysis_servlets.class.getName(), "add_analysis_handler", e.getMessage()); response.setStatus(400); response.getWriter().print(ServerErrorManager.getErrorResponse()); } }
From source file:com.thinkbiganalytics.metadata.modeshape.support.JcrUtil.java
public static List<Node> getNodesOfType(Node parentNode, String nodeType) { try {// w w w. j a v a 2 s . c o m List<Node> list = new ArrayList<>(); NodeIterator itr = parentNode.getNodes(); while (itr.hasNext()) { Node node = (Node) itr.next(); if (node.isNodeType(nodeType)) { list.add(node); } } return list; } catch (AccessDeniedException e) { log.debug("Access denied", e); throw new AccessControlException(e.getMessage()); } catch (RepositoryException e) { throw new MetadataRepositoryException("Failed to create set of child nodes of type: " + nodeType, e); } }