throw new UnauthorizedException("Authorization Required");
@ApiMethod(name = "insertRecord", path = "insert_record", httpMethod = HttpMethod.POST) public Record insertRecord(User user, Record record) // check if google user is authenticated throws UnauthorizedException { if (user == null) { throw new UnauthorizedException("Authorization required"); } // user is authenticated... do some stuff! }
User auth) throws UnauthorizedException { if (auth!=null){ ... return event } else throw new UnauthorizedException("Please authenticate first."); } public Event getEvent(@Named("eventID") Long eventID, User auth) throws UnauthorizedException { if (auth != null) { ... return event; } else throw new UnauthorizedException("Please authenticate first."); }
public Collection<Campagne> getCampagnes(@Named("NumPortable")String NumPortable, User user) throws UnauthorizedException { if (user == null) throw new UnauthorizedException("User is Not Valid"); return CampagneCRUD.getInstance().findCampagne(NumPortable); }
public Collection<Campagne> getCampagnes(@Named("NumPortable")String NumPortable, User user) throws UnauthorizedException { if (user == null) throw new UnauthorizedException("User is Not Valid"); return CampagneCRUD.getInstance().findCampagne(NumPortable); }
@ApiMethod(name = "test", path = "myApi/test", scopes = {Constants.EMAIL_SCOPE}, clientIds = {Constants.WEB_CLIENT_ID, Constants.ANDROID_CLIENT_ID, com.google.api.server.spi.Constant.API_EXPLORER_CLIENT_ID}, audiences = {Constants.ANDROID_AUDIENCE}) public User test(User user) throws UnauthorizedException { if (user == null) throw new UnauthorizedException("User not valid!"); return user; }
public void apiMethod(User user) { if (user == null) { throw new UnauthorizedException(); } ... }
public Collection<Campagne> getCampagnes(@Named("NumPortable")String NumPortable, User user) throws UnauthorizedException { if (user == null) throw new UnauthorizedException("User is Not Valid"); return CampagneCRUD.getInstance().findCampagne(NumPortable); }
@PUT @Path("{id: [A-Fa-f0-9]+}") @Consumes(MediaType.APPLICATION_JSON) public T update(@Context HttpServletRequest request, final T item, @PathParam("id") final String id) { final Post post = getPostbyId(id); if (!post.allowedToUpdate(request.getUserPrincipal()) { throw new UnauthorizedException(); } // Authorized, carry on }
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { if (handler instanceof HandlerMethod) { HandlerMethod method = (HandlerMethod)handler; if (method.getMethodAnnotation(IpRestricted.class)!=null) { if (!request.getRemoteAddr().equals("192.168.1.1")) { throw new UnauthorizedException("Ip not authorized"); } } } [....] }
/** * Checks if one entity is visible to the principal * * @param entityId entity id to be checked * @param authorizationEnforcer enforcer to make the authorization check * @param principal the principal to be checked * @throws UnauthorizedException if the principal does not have any privilege in the action set on the entity */ public static void ensureAccess(EntityId entityId, AuthorizationEnforcer authorizationEnforcer, Principal principal) throws Exception { if (authorizationEnforcer.isVisible(Collections.singleton(entityId), principal).isEmpty()) { throw new UnauthorizedException(principal, entityId); } }
@Override public void enforce(EntityId entity, Principal principal, Action action) throws Exception { if (!allowedActions.contains(action)) { throw new UnauthorizedException("Not allow to perform " + action + " " + entity + " by " + principal); } }
@Override public void enforce(EntityId entity, Principal principal, Set<Action> actions) throws Exception { if (!allowedActions.containsAll(actions)) { throw new UnauthorizedException("Not allow to perform " + actions + " " + entity + " by " + principal); } }
public Pizza bakePizza() throws UnauthorizedException{ ensurePermission("BAKE_PIZZA"); return new Pizza(); } private void ensurePermission(String permission) throws UnauthorizedException { if (!subject.isPermitted(permission)) throw new UnauthorizedException(); }
private void addProgramHistory(List<ProgramHistory> histories, List<ProgramId> programs, ProgramRunStatus programRunStatus, long start, long end, int limit) throws Exception { Set<? extends EntityId> visibleEntities = authorizationEnforcer.isVisible(new HashSet<>(programs), authenticationContext.getPrincipal()); for (ProgramHistory programHistory : store.getRuns(programs, programRunStatus, start, end, limit, x -> true)) { ProgramId programId = programHistory.getProgramId(); if (visibleEntities.contains(programId)) { histories.add(programHistory); } else { histories.add(new ProgramHistory(programId, Collections.emptyList(), new UnauthorizedException(authenticationContext.getPrincipal(), programId))); } } }
private void addProgramHistory(List<ProgramHistory> histories, List<ProgramId> programs, ProgramRunStatus programRunStatus, long start, long end, int limit) throws Exception { Set<? extends EntityId> visibleEntities = authorizationEnforcer.isVisible(new HashSet<>(programs), authenticationContext.getPrincipal()); for (ProgramHistory programHistory : store.getRuns(programs, programRunStatus, start, end, limit, x -> true)) { ProgramId programId = programHistory.getProgramId(); if (visibleEntities.contains(programId)) { histories.add(programHistory); } else { histories.add(new ProgramHistory(programId, Collections.emptyList(), new UnauthorizedException(authenticationContext.getPrincipal(), programId))); } } }
@Override public void enforce(EntityId entity, Principal principal, Action action) throws Exception { if (!isSecurityAuthorizationEnabled()) { return; } AuthorizationPrivilege authorizationPrivilege = new AuthorizationPrivilege(principal, entity, action); boolean allowed = cacheEnabled ? authPolicyCache.get(authorizationPrivilege) : doEnforce(authorizationPrivilege); if (!allowed) { throw new UnauthorizedException(principal, action, entity); } }
private void verifyResponse(HttpResponseStatus expected, HttpResponseStatus actual, String errorMsg) { if (!expected.equals(actual)) { if (actual.code() == HttpResponseStatus.FORBIDDEN.code()) { throw new UnauthorizedException(actual.reasonPhrase()); } throw new IllegalStateException(String.format("Expected %s, got %s. Error: %s", expected, actual, errorMsg)); } }
private void resetLogLevels(FullHttpRequest request, HttpResponder responder, String namespace, String appName, String appVersion, String type, String programName, @Nullable String component, String runId) throws Exception { ProgramType programType = getProgramType(type); try { Set<String> loggerNames = parseBody(request, SET_STRING_TYPE); lifecycleService.resetProgramLogLevels( new ApplicationId(namespace, appName, appVersion).program(programType, programName), loggerNames == null ? Collections.emptySet() : loggerNames, component, runId); responder.sendStatus(HttpResponseStatus.OK); } catch (JsonSyntaxException e) { throw new BadRequestException("Invalid JSON in body"); } catch (SecurityException e) { throw new UnauthorizedException("Unauthorized to reset the log levels"); } }
private void resetLogLevels(FullHttpRequest request, HttpResponder responder, String namespace, String appName, String appVersion, String type, String programName, String runId) throws Exception { ProgramType programType = getProgramType(type); try { Set<String> loggerNames = parseBody(request, SET_STRING_TYPE); lifecycleService.resetProgramLogLevels( new ApplicationId(namespace, appName, appVersion).program(programType, programName), loggerNames == null ? Collections.emptySet() : loggerNames, runId); responder.sendStatus(HttpResponseStatus.OK); } catch (JsonSyntaxException e) { throw new BadRequestException("Invalid JSON in body"); } catch (SecurityException e) { throw new UnauthorizedException("Unauthorized to reset the log levels"); } }