@Override public boolean checkAccess(User user, String commandName) throws PermissionDeniedException { if (isDisabled()) { return true; } Account account = accountService.getAccount(user.getAccountId()); if (account == null) { throw new PermissionDeniedException("The account id=" + user.getAccountId() + "for user id=" + user.getId() + "is null"); } RoleType roleType = accountService.getRoleType(account); boolean isAllowed = commandsPropertiesOverrides.contains(commandName) ? commandsPropertiesRoleBasedApisMap.get(roleType).contains(commandName) : annotationRoleBasedApisMap.get( roleType).contains(commandName); if (isAllowed) { return true; } if (commandNames.contains(commandName)) { throw new PermissionDeniedException("The API is blacklisted. Role type=" + roleType.toString() + " is not allowed to request the api: " + commandName); } else { throw new UnavailableCommandException("The API " + commandName + " does not exist or is not available for this account."); } }
private boolean commandAvailable(final InetAddress remoteAddress, final String commandName, final User user) { try { checkCommandAvailable(user, commandName, remoteAddress); } catch (final RequestLimitException ex) { s_logger.debug(ex.getMessage()); throw new ServerApiException(ApiErrorCode.API_LIMIT_EXCEED, ex.getMessage()); } catch (final UnavailableCommandException ex) { s_logger.debug(ex.getMessage()); throw new ServerApiException(ApiErrorCode.UNSUPPORTED_ACTION_ERROR, ex.getMessage()); } catch (final PermissionDeniedException ex) { final String errorMessage = "The given command '" + commandName + "' either does not exist, is not available" + " for user, or not available from ip address '" + remoteAddress + "'."; s_logger.debug(errorMessage); return false; } return true; }
throw new UnavailableCommandException("The API " + commandName + " does not exist or is not available for this account.");