Package com.dotmarketing.exception

Examples of com.dotmarketing.exception.DotSecurityException

532
533
534
535
536
537
538
539
540
541
542
    if (st.getStructureType() == Structure.STRUCTURE_TYPE_FORM) {
      contentlet.setHost(formHost.getIdentifier());
      Host host = APILocator.getHostAPI().find(formHost.getIdentifier(), APILocator.getUserAPI().getSystemUser(), false);
      if (!perAPI.doesUserHavePermissions(host,"PARENT:"+PermissionAPI.PERMISSION_READ+", CONTENTLETS:"+PermissionAPI.PERMISSION_WRITE+"", user)) {
        throw new DotSecurityException("User doesn't have write permissions to Contentlet");
      }
    }

    /**
     * If the moderator field is set, a work flow task is created
View Full Code Here
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
    String inode = UtilMethods.getFileName(new File(FileUtil.getRealPath(assetPath + uri)).getName());
    com.dotmarketing.portlets.files.model.File file = APILocator.getFileAPI().find(inode, APILocator.getUserAPI().getSystemUser(), false);

    if(!Config.getBooleanProperty("ENABLE_SCRIPTING", false)){
      throw new DotSecurityException("Last Mod User does not have Scripting Developer role");
    }
    User mu = APILocator.getUserAPI().loadUserById(file.getModUser(), APILocator.getUserAPI().getSystemUser(), true);
    if(!APILocator.getRoleAPI().doesUserHaveRole(mu, APILocator.getRoleAPI().loadRoleByKey("Scripting Developer"))){
      throw new DotSecurityException("Last Mod User does not have Scripting Developer role");
    }

    FileReader fr = null;
    if(!UtilMethods.isSet(realPath)){
      fr = new FileReader(FileUtil.getRealPath(assetPath + uri));
View Full Code Here
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
          authenticator.authenticateByUserId(comp.getCompanyId(), username, passwd);
        }
      }
    }catch (AuthException ae) {
      Logger.debug(this, "Username : " + username + " failed to login", ae);
      throw new DotSecurityException(ae.getMessage(),ae);
    }catch (Exception e) {
      Logger.error(this, e.getMessage(), e);
      throw new DotSecurityException(e.getMessage(),e);
    }
    UserAPI userAPI=APILocator.getUserAPI();
    if (comp.getAuthType().equals(Company.AUTH_TYPE_ID)) {
      _user = userAPI.loadUserById(username,userAPI.getSystemUser(),false);
    } else {
      _user = userAPI.loadByUserByEmail(username, userAPI.getSystemUser(), false);
    }
    if (PublicEncryptionFactory.digestString(passwd).equals(_user.getPassword())) {
      return _user;
    }else if(_user == null){
      throw new DotSecurityException("The user was returned NULL");
    }else{
      Logger.debug(this, "The user's passwords didn't match");
      throw new DotSecurityException("The user's passwords didn't match");
    }
  }
View Full Code Here
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
          //Validate if the user have the right permission before
          if(isAutoPub && !perAPI.doesUserHavePermission(fileAsset, PermissionAPI.PERMISSION_PUBLISH, user) ){
            APILocator.getContentletAPI().archive(fileAsset, APILocator.getUserAPI().getSystemUser(), false);
            APILocator.getContentletAPI().delete(fileAsset, APILocator.getUserAPI().getSystemUser(), false);
            throw new DotSecurityException("User does not have permission to publish contentlets");
              }else if(!isAutoPub && !perAPI.doesUserHavePermission(fileAsset, PermissionAPI.PERMISSION_EDIT, user)){
                APILocator.getContentletAPI().archive(fileAsset, APILocator.getUserAPI().getSystemUser(), false);
            APILocator.getContentletAPI().delete(fileAsset, APILocator.getUserAPI().getSystemUser(), false);
            throw new DotSecurityException("User does not have permission to edit contentlets");
              }
          if(isAutoPub && perAPI.doesUserHavePermission(fileAsset, PermissionAPI.PERMISSION_PUBLISH, user)) {
              APILocator.getContentletAPI().publish(fileAsset, user, false);

              Date currentDate = new Date();
View Full Code Here
30
31
32
33
34
35
36
37
    UserProxy up = upf.getUserProxy(userId);
   
    if(perAPI.doesUserHavePermission(up, PermissionAPI.PERMISSION_READ, user, respectFrontEndRoles)){
      return up;
    }else{
      throw new DotSecurityException("User doesn't have permissions to retrieve UserProxy");
    }
  }
View Full Code Here
48
49
50
51
52
53
54
55
  public UserProxy getUserProxyByLongLiveCookie(String dotCMSID, User user, boolean respectFrontEndRoles) throws DotRuntimeException, DotSecurityException, DotDataException{
    UserProxy up =  upf.getUserProxyByLongLiveCookie(dotCMSID);
    if(perAPI.doesUserHavePermission(up, PermissionAPI.PERMISSION_READ, user, respectFrontEndRoles)){
      return up;
    }else{
      throw new DotSecurityException("User doesn't have permissions to retrieve UserProxy");
    }
  }
View Full Code Here
55
56
57
58
59
60
61
62
63
  }
 
  public void saveUserProxy(UserProxy userProxy, User user, boolean respectFrontEndRoles) throws DotRuntimeException, DotDataException, DotSecurityException
  {
    if(!perAPI.doesUserHavePermission(userProxy, PermissionAPI.PERMISSION_EDIT, user, respectFrontEndRoles)){
      throw new DotSecurityException("User doesn't have permission to save the user proxy object which is trying to be saved");
    }
    upf.saveUserProxy(userProxy);
  }
View Full Code Here
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
    if(!isLegacyFilesSupported()){
      throw new DotStateException("File Assets have been disabled.");
    }

    if (!permissionAPI.doesUserHavePermission(source, PermissionAPI.PERMISSION_READ, user, respectFrontendRoles)) {
      throw new DotSecurityException("You don't have permission to read the source file.");
    }

    if (!permissionAPI.doesUserHavePermission(destination, PermissionAPI.PERMISSION_WRITE, user, respectFrontendRoles)) {
      throw new DotSecurityException("You don't have permission to write in the destination folder.");
    }

    // gets filename before extension
    String fileName = UtilMethods.getFileName(source.getFileName());
    // gets file extension
View Full Code Here
170
171
172
173
174
175
176
177
178
    File f = ffac.getWorkingFileByFileName(fileName, folder);
    if(!InodeUtils.isSet(f.getInode())){
      return null;
    }
    if (!permissionAPI.doesUserHavePermission(f, PermissionAPI.PERMISSION_READ, user, respectFrontendRoles)) {
      throw new DotSecurityException("You don't have permission to read the  file.");
    }
    return f;
  }
View Full Code Here
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
    boolean fileExists = (currentFile != null) && InodeUtils.isSet(currentFile.getInode());

    if (fileExists) {
      if (!permissionAPI.doesUserHavePermission(currentFile, PermissionAPI.PERMISSION_READ, user, respectFrontendRoles)) {
        throw new DotSecurityException("You don't have permission to read the source file.");
      }
    }

    if (!permissionAPI.doesUserHavePermission(folder, PermissionAPI.PERMISSION_WRITE, user, respectFrontendRoles)) {
      throw new DotSecurityException("You don't have permission to write in the destination folder.");
    }

    File workingFile = null;

    try {
View Full Code Here
TOP

Related Classes of com.dotmarketing.exception.DotSecurityException

  • com.dotcms.cmsmaintenance.ajax.ThreadMonitorTool
  • com.dotcms.cmsmaintenance.ajax.UserSessionAjax
  • com.dotcms.content.elasticsearch.business.ESContentletAPIImpl
  • com.dotcms.rest.ESIndexResource
  • com.dotmarketing.business.PermissionBitAPIImpl
  • com.dotmarketing.business.UserAPIImpl
  • com.dotmarketing.business.UserProxyAPIImpl
  • com.dotmarketing.business.VersionableAPIImpl
  • com.dotmarketing.cms.content.submit.util.SubmitContentUtil
  • com.dotmarketing.filters.TimeMachineFilter
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.