Examples of com.cloud.bridge.service.exception.PermissionDeniedException

Package com.cloud.bridge.service.exception

Examples of com.cloud.bridge.service.exception.PermissionDeniedException

com.cloud.bridge.service.exception.PermissionDeniedException

    S3PolicyContext context = new S3PolicyContext( PolicyActions.PutObject, destinationBucketName );
    context.setKeyName( destinationKeyName );
    context.setEvalParam( ConditionKeys.MetaData, request.getDirective().toString());
    context.setEvalParam( ConditionKeys.CopySource, "/" + request.getSourceBucketName() + "/" + request.getSourceKey());
    if (PolicyAccess.DENY == verifyPolicy( context )) 
            throw new PermissionDeniedException( "Access Denied - bucket policy DENY result" );
            
      S3GetObjectResponse originalObject = handleRequest(getRequest);   
      int resultCode = originalObject.getResultCode();
      if (200 != resultCode) {
        response.setResultCode( resultCode );

View Full Code Here

    verifyBucketName( bucketName, false );
   
    S3PolicyContext context = new S3PolicyContext( PolicyActions.CreateBucket,  bucketName );
    context.setEvalParam( ConditionKeys.Acl, cannedAccessPolicy );
    if (PolicyAccess.DENY == verifyPolicy( context )) 
            throw new PermissionDeniedException( "Access Denied - bucket policy DENY result" );
     
    if (PersistContext.acquireNamedLock("bucket.creation", LOCK_ACQUIRING_TIMEOUT_SECONDS)) 
    {
      Tuple<SHost, String> shostTuple = null;
      boolean success = false;

View Full Code Here

       case ALLOW:
          // -> bucket policy can give users permission to delete a bucket while ACLs cannot
          break;
          
       case DENY:
                throw new PermissionDeniedException( "Access Denied - bucket policy DENY result" );
          
       case DEFAULT_DENY:
       default:
          // -> does not matter what the ACLs say only the owner can delete a bucket
          String client = UserContext.current().getCanonicalUserId();
          if (!client.equals( sbucket.getOwnerCanonicalId())) {
              throw new PermissionDeniedException( "Access Denied - only the owner can delete a bucket" );
          }
          break;
       }

View Full Code Here

    switch( verifyPolicy( context ) ) {
        case ALLOW:   // overrides ACLs (?)
             return;


        case DENY:
             throw new PermissionDeniedException( "Access Denied - bucket policy DENY result" );
             
        case DEFAULT_DENY:
        default:
             accessAllowed( target, targetId, requestedPermission );
             break;

View Full Code Here

         if (hasPermission( aclDao.listGrants( target, targetId, userId ), requestedPermission )) return;


         // -> or maybe there is any principal authenticated ACL set for this <target, targetId>?
         if (hasPermission( aclDao.listGrants( target, targetId, "*" ), requestedPermission )) return;
        }
        throw new PermissionDeniedException( "Access Denied - ACLs do not give user the required permission" );
  }

View Full Code Here

  }
  
  public void verify() throws PermissionDeniedException
  {
    if (0 == conditionList.size())
            throw new PermissionDeniedException( "S3 Bucket Policy Condition Block needs at least one condition" );
  }

View Full Code Here

  }
  
  public void verify() throws PermissionDeniedException
  {
    if (0 == keys.size())
            throw new PermissionDeniedException( "S3 Bucket Policy IpAddress Condition needs at least one key-value pairs" );
  }

View Full Code Here

    // -> extract just the bucket name
    int offset = testBucketName.indexOf( "/" );
    if (-1 != offset) testBucketName = testBucketName.substring( 0, offset );
    
    if (!testBucketName.equals( bucketName )) 
      throw new PermissionDeniedException( "The S3 Bucket Policy must only refer to the single bucket: \"" + bucketName  + 
          "\", but it referres to the following resource: \"" + resourcePath + "\"" );
  }

View Full Code Here

            
    if ( restAuth.verifySignature( request.getMethod(), cloudSecretKey, signature, sigMethod )) {
         UserContext.current().initContext( cloudAccessKey, cloudSecretKey, cloudAccessKey, "REST request", null );
         return true;
    }
    else throw new PermissionDeniedException("Invalid signature");
    }

View Full Code Here

      logger.error("Put Bucket Policy failed due to " + e.getMessage(), e);  
      throw e;     
      }
      catch( ParseException e ) {
      logger.error("Put Bucket Policy failed due to " + e.getMessage(), e);  
      throw new PermissionDeniedException( e.toString());           
      }
    catch( Exception e ) {
      logger.error("Put Bucket Policy failed due to " + e.getMessage(), e);  
      response.setStatus(500);
    }

View Full Code Here

0 1 2 3 4 5 6 7

TOP

Related Classes of com.cloud.bridge.service.exception.PermissionDeniedException

com.cloud.bridge.service.controller.s3.S3BucketAction

com.cloud.bridge.service.core.s3.S3Engine

com.cloud.bridge.service.core.s3.S3PolicyArnCondition

com.cloud.bridge.service.core.s3.S3PolicyBoolCondition

com.cloud.bridge.service.core.s3.S3PolicyConditionBlock

com.cloud.bridge.service.core.s3.S3PolicyDateCondition

com.cloud.bridge.service.core.s3.S3PolicyIPAddressCondition

com.cloud.bridge.service.core.s3.S3PolicyNumericCondition

com.cloud.bridge.service.core.s3.S3PolicyStatement

com.cloud.bridge.service.core.s3.S3PolicyStringCondition

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.