@Override public T internalApply(T request, ContainerRequestContext context) throws RequestValidationException { SecurityContext securityContext = context.getSecurityContext(); if (!securityRules.getOrDefault(request.getTable().getName(), (ignored -> true)).test(securityContext)) { throw new RequestValidationException(Response.Status.FORBIDDEN, "Permission Denied", "Request cannot be completed as you do not have enough permission"); } return request; } }
/** * Verify that, given this user, that at least some of the whitelisted filters have been collected. * Failure to have any whitelisted filters indicate a user has not been authorized for values with this dimension. * * @param userPrincipal The userPrincipal being validated * @param mergedSecurityFilters The combined security filters for this request * * @throws RequestValidationException An http request exception documenting the lack of privileges */ protected void validateSecurityFilters(Principal userPrincipal, Set<ApiFilter> mergedSecurityFilters) throws RequestValidationException { if (mergedSecurityFilters.isEmpty()) { LOG.warn(DIMENSION_MISSING_MANDATORY_ROLE.logFormat(userPrincipal.getName(), dimension.getApiName())); throw new RequestValidationException( Response.Status.FORBIDDEN, unauthorizedHttpMessage, UNAUTHORIZED_USER_MESSAGE ); } }
throw new RequestValidationException(BAD_REQUEST, msg, msg);