@Override public T internalApply(T request, ContainerRequestContext context) throws RequestValidationException { SecurityContext securityContext = context.getSecurityContext(); if (!securityRules.getOrDefault(request.getTable().getName(), (ignored -> true)).test(securityContext)) { throw new RequestValidationException(Response.Status.FORBIDDEN, "Permission Denied", "Request cannot be completed as you do not have enough permission"); } return request; } }
@Override public Response handleThrowable( Throwable e, Optional<? extends ApiRequest> request, ContainerRequestContext requestContext ) { if (e instanceof RequestValidationException) { LOG.debug(e.getMessage(), e); RequestValidationException rve = (RequestValidationException) e; return Response.status(rve.getStatus()).entity(rve.getErrorHttpMsg()).build(); } else if (e instanceof IOException) { String msg = String.format("Internal server error. IOException : %s", e.getMessage()); LOG.error(msg, e); return Response.status(INTERNAL_SERVER_ERROR).entity(msg).build(); } else { String msg = ErrorMessageFormat.REQUEST_PROCESSING_EXCEPTION.format(e.getMessage()); LOG.info(msg, e); return Response.status(Response.Status.BAD_REQUEST).entity(msg).build(); } } }
@Override public Response handleThrowable( Throwable e, Optional<? extends ApiRequest> request, ContainerRequestContext requestContext ) { if (e instanceof RequestValidationException) { LOG.debug(e.getMessage(), e); RequestValidationException rve = (RequestValidationException) e; return RequestHandlerUtils.makeErrorResponse(rve.getStatus(), rve, mappers.getMapper().writer()); } else { String msg = ErrorMessageFormat.REQUEST_PROCESSING_EXCEPTION.format(e.getMessage()); LOG.info(msg, e); return Response.status(INTERNAL_SERVER_ERROR).entity(e.getMessage()).build(); } } }
@Override public void handleThrowable( Throwable e, AsyncResponse asyncResponse, Optional<DataApiRequest> apiRequest, ContainerRequestContext containerRequestContext, ObjectWriter writer ) { if (e instanceof RequestValidationException) { LOG.debug(e.getMessage(), e); RequestValidationException rve = (RequestValidationException) e; asyncResponse.resume(RequestHandlerUtils.makeErrorResponse(rve.getStatus(), rve, writer)); } else if (e instanceof NoMatchFoundException) { LOG.info("Exception processing request", e); asyncResponse.resume(RequestHandlerUtils.makeErrorResponse(INTERNAL_SERVER_ERROR, e, writer)); } else if (e instanceof TimeoutException) { LOG.info("Exception processing request", e); asyncResponse.resume(RequestHandlerUtils.makeErrorResponse(GATEWAY_TIMEOUT, e, writer)); } else { LOG.info("Exception processing request", e); asyncResponse.resume(RequestHandlerUtils.makeErrorResponse(BAD_REQUEST, e, writer)); } } }
@Override public Response handleThrowable( Throwable e, Optional<? extends ApiRequest> request, ContainerRequestContext requestContext ) { if (e instanceof RequestValidationException) { LOG.debug(e.getMessage(), e); RequestValidationException rve = (RequestValidationException) e; return Response.status(rve.getStatus()).entity(rve.getErrorHttpMsg()).build(); } else if (e instanceof IOException) { String msg = String.format("Internal server error. IOException : %s", e.getMessage()); LOG.error(msg, e); return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(msg).build(); } else { String msg = ErrorMessageFormat.REQUEST_PROCESSING_EXCEPTION.format(e.getMessage()); LOG.info(msg, e); return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build(); } } }
/** * Verify that, given this user, that at least some of the whitelisted filters have been collected. * Failure to have any whitelisted filters indicate a user has not been authorized for values with this dimension. * * @param userPrincipal The userPrincipal being validated * @param mergedSecurityFilters The combined security filters for this request * * @throws RequestValidationException An http request exception documenting the lack of privileges */ protected void validateSecurityFilters(Principal userPrincipal, Set<ApiFilter> mergedSecurityFilters) throws RequestValidationException { if (mergedSecurityFilters.isEmpty()) { LOG.warn(DIMENSION_MISSING_MANDATORY_ROLE.logFormat(userPrincipal.getName(), dimension.getApiName())); throw new RequestValidationException( Response.Status.FORBIDDEN, unauthorizedHttpMessage, UNAUTHORIZED_USER_MESSAGE ); } }
@Override public Response handleThrowable( Throwable e, Optional<? extends ApiRequest> request, ContainerRequestContext requestContext ) { if (e instanceof RequestValidationException) { LOG.debug(e.getMessage(), e); RequestValidationException rve = (RequestValidationException) e; return Response.status(rve.getStatus()).entity(rve.getErrorHttpMsg()).build(); } else if (e instanceof JsonProcessingException) { String msg = ErrorMessageFormat.INTERNAL_SERVER_ERROR_ON_JSON_PROCESSING.format(e.getMessage()); LOG.error(msg, e); return Response.status(INTERNAL_SERVER_ERROR).entity(msg).build(); } else { String msg = ErrorMessageFormat.REQUEST_PROCESSING_EXCEPTION.format(e.getMessage()); LOG.info(msg, e); return Response.status(Response.Status.BAD_REQUEST).entity(msg).build(); } } }
throw new RequestValidationException(BAD_REQUEST, msg, msg);
@Override public Response handleThrowable( Throwable e, Optional<? extends ApiRequest> request, ContainerRequestContext requestContext ) { if (e instanceof RequestValidationException) { LOG.debug(e.getMessage(), e); RequestValidationException rve = (RequestValidationException) e; return Response.status(rve.getStatus()).entity(rve.getErrorHttpMsg()).build(); } else if (e instanceof RowLimitReachedException) { DimensionsApiRequest dimensionRequest = (DimensionsApiRequest) request.get(); String msg = String.format( "Row limit exceeded for dimension %s: %s", dimensionRequest.getDimension(), e.getMessage() ); LOG.debug(msg, e); return Response.status(INSUFFICIENT_STORAGE).entity(msg).build(); } else if (e instanceof JsonProcessingException) { String msg = ErrorMessageFormat.INTERNAL_SERVER_ERROR_ON_JSON_PROCESSING.format(e.getMessage()); LOG.error(msg, e); return Response.status(Status.INTERNAL_SERVER_ERROR).entity(msg).build(); } else { String msg = ErrorMessageFormat.REQUEST_PROCESSING_EXCEPTION.format(e.getMessage()); LOG.debug(msg, e); return Response.status(BAD_REQUEST).entity(msg).build(); } } }