public AuthorizationException(String userId, MissingAuthorization exceptionInfo) { super( "The user with id '"+userId+ "' does not have "+generateMissingAuthorizationMessage(exceptionInfo)+"."); this.userId = userId; missingAuthorizations = new ArrayList<MissingAuthorization>(); missingAuthorizations.add(exceptionInfo); this.resourceType = exceptionInfo.getResourceType(); this.permissionName = exceptionInfo.getViolatedPermissionName(); this.resourceId = exceptionInfo.getResourceId(); }
public AuthorizationException(String userId, String permissionName, String resourceType, String resourceId) { this(userId, new MissingAuthorization(permissionName, resourceType, resourceId)); }
/** * @return the type of the violated permission name if there * is only one {@link MissingAuthorization}, {@code null} otherwise * * @deprecated Use {@link #getMissingAuthorizations()} to get the violated permission name * of the {@link MissingAuthorization}(s). This method may be removed in future versions. */ @Deprecated public String getViolatedPermissionName() { if (missingAuthorizations.size() == 1) { return missingAuthorizations.get(0).getViolatedPermissionName(); } return null; }
/** * @return the id of the resource if there * is only one {@link MissingAuthorization}, {@code null} otherwise * * @deprecated Use {@link #getMissingAuthorizations()} to get the id of the resource * of the {@link MissingAuthorization}(s). This method may be removed in future versions. */ @Deprecated public String getResourceId() { if (missingAuthorizations.size() == 1) { return missingAuthorizations.get(0).getResourceId(); } return null; }
/** * @return the type of the resource if there * is only one {@link MissingAuthorization}, {@code null} otherwise * * @deprecated Use {@link #getMissingAuthorizations()} to get the type of the resource * of the {@link MissingAuthorization}(s). This method may be removed in future versions. */ @Deprecated public String getResourceType() { String resourceType = null; if (missingAuthorizations.size() == 1) { resourceType = missingAuthorizations.get(0).getResourceType(); } return resourceType; }
/** * @return the type of the violated permission name if there * is only one {@link MissingAuthorization}, {@code null} otherwise * * @deprecated Use {@link #getMissingAuthorizations()} to get the violated permission name * of the {@link MissingAuthorization}(s). This method may be removed in future versions. */ @Deprecated public String getViolatedPermissionName() { if (missingAuthorizations.size() == 1) { return missingAuthorizations.get(0).getViolatedPermissionName(); } return null; }
/** * @return the id of the resource if there * is only one {@link MissingAuthorization}, {@code null} otherwise * * @deprecated Use {@link #getMissingAuthorizations()} to get the id of the resource * of the {@link MissingAuthorization}(s). This method may be removed in future versions. */ @Deprecated public String getResourceId() { if (missingAuthorizations.size() == 1) { return missingAuthorizations.get(0).getResourceId(); } return null; }
/** * @return the type of the resource if there * is only one {@link MissingAuthorization}, {@code null} otherwise * * @deprecated Use {@link #getMissingAuthorizations()} to get the type of the resource * of the {@link MissingAuthorization}(s). This method may be removed in future versions. */ @Deprecated public String getResourceType() { String resourceType = null; if (missingAuthorizations.size() == 1) { resourceType = missingAuthorizations.get(0).getResourceType(); } return resourceType; }
public AuthorizationException(String userId, MissingAuthorization exceptionInfo) { super( "The user with id '"+userId+ "' does not have "+generateMissingAuthorizationMessage(exceptionInfo)+"."); this.userId = userId; missingAuthorizations = new ArrayList<MissingAuthorization>(); missingAuthorizations.add(exceptionInfo); this.resourceType = exceptionInfo.getResourceType(); this.permissionName = exceptionInfo.getViolatedPermissionName(); this.resourceId = exceptionInfo.getResourceId(); }
public AuthorizationException(String userId, String permissionName, String resourceType, String resourceId) { this(userId, new MissingAuthorization(permissionName, resourceType, resourceId)); }
/** * @return the type of the violated permission name if there * is only one {@link MissingAuthorization}, {@code null} otherwise * * @deprecated Use {@link #getMissingAuthorizations()} to get the violated permission name * of the {@link MissingAuthorization}(s). This method may be removed in future versions. */ @Deprecated public String getViolatedPermissionName() { if (missingAuthorizations.size() == 1) { return missingAuthorizations.get(0).getViolatedPermissionName(); } return null; }
/** * @return the id of the resource if there * is only one {@link MissingAuthorization}, {@code null} otherwise * * @deprecated Use {@link #getMissingAuthorizations()} to get the id of the resource * of the {@link MissingAuthorization}(s). This method may be removed in future versions. */ @Deprecated public String getResourceId() { if (missingAuthorizations.size() == 1) { return missingAuthorizations.get(0).getResourceId(); } return null; }
/** * @return the type of the resource if there * is only one {@link MissingAuthorization}, {@code null} otherwise * * @deprecated Use {@link #getMissingAuthorizations()} to get the type of the resource * of the {@link MissingAuthorization}(s). This method may be removed in future versions. */ @Deprecated public String getResourceType() { String resourceType = null; if (missingAuthorizations.size() == 1) { resourceType = missingAuthorizations.get(0).getResourceType(); } return resourceType; }
/** * Generated exception message for the missing authorization. * * @param exceptionInfo to use */ private static String generateMissingAuthorizationMessage(MissingAuthorization exceptionInfo) { StringBuilder builder = new StringBuilder(); String permissionName = exceptionInfo.getViolatedPermissionName(); String resourceType = exceptionInfo.getResourceType(); String resourceId = exceptionInfo.getResourceId(); builder.append("'"); builder.append(permissionName); builder.append("' permission on resource '"); builder.append((resourceId != null ? (resourceId+"' of type '") : "" )); builder.append(resourceType); builder.append("'"); return builder.toString(); } }
@GET @Path("/authorizationExceptionMultiple") public String throwAuthorizationExceptionMultiple() throws Exception { List<MissingAuthorization> missingAuthorizations = new ArrayList<MissingAuthorization>(); missingAuthorizations.add( new MissingAuthorization("somePermission1", "someResourceName1", "someResourceId1")); missingAuthorizations.add( new MissingAuthorization("somePermission2", "someResourceName2", "someResourceId2")); throw new AuthorizationException("someUser", missingAuthorizations); } }
/** * Generated exception message for the missing authorization. * * @param exceptionInfo to use */ private static String generateMissingAuthorizationMessage(MissingAuthorization exceptionInfo) { StringBuilder builder = new StringBuilder(); String permissionName = exceptionInfo.getViolatedPermissionName(); String resourceType = exceptionInfo.getResourceType(); String resourceId = exceptionInfo.getResourceId(); builder.append("'"); builder.append(permissionName); builder.append("' permission on resource '"); builder.append((resourceId != null ? (resourceId+"' of type '") : "" )); builder.append(resourceType); builder.append("'"); return builder.toString(); } }
public void checkAuthorization(List<PermissionCheck> permissionChecks) { if(isAuthCheckExecuted()) { Authentication currentAuthentication = getCurrentAuthentication(); String userId = currentAuthentication.getUserId(); boolean isAuthorized = isAuthorized(userId, currentAuthentication.getGroupIds(), permissionChecks); if (!isAuthorized) { List<MissingAuthorization> missingAuthorizations = new ArrayList<MissingAuthorization>(); for (PermissionCheck check: permissionChecks) { missingAuthorizations.add(new MissingAuthorization( check.getPermission().getName(), check.getResource().resourceName(), check.getResourceId())); } throw new AuthorizationException(userId, missingAuthorizations); } } }
public static MissingAuthorizationDto fromInfo(MissingAuthorization info) { MissingAuthorizationDto dto = new MissingAuthorizationDto(); dto.setPermissionName(info.getViolatedPermissionName()); dto.setResourceId(info.getResourceId()); dto.setResourceName(info.getResourceType()); return dto; }
public void checkAuthorization(List<PermissionCheck> permissionChecks) { if(isAuthCheckExecuted()) { Authentication currentAuthentication = getCurrentAuthentication(); String userId = currentAuthentication.getUserId(); boolean isAuthorized = isAuthorized(userId, currentAuthentication.getGroupIds(), permissionChecks); if (!isAuthorized) { List<MissingAuthorization> missingAuthorizations = new ArrayList<MissingAuthorization>(); for (PermissionCheck check: permissionChecks) { missingAuthorizations.add(new MissingAuthorization( check.getPermission().getName(), check.getResource().resourceName(), check.getResourceId())); } throw new AuthorizationException(userId, missingAuthorizations); } } }
public static MissingAuthorizationDto fromInfo(MissingAuthorization info) { MissingAuthorizationDto dto = new MissingAuthorizationDto(); dto.setPermissionName(info.getViolatedPermissionName()); dto.setResourceId(info.getResourceId()); dto.setResourceName(info.getResourceType()); return dto; }