Examples of com.porterhead.rest.user.exception.AuthorizationException

• com.porterhead.rest.user.exception.AuthorizationException
  User: porter Date: 04/04/2012 Time: 15:32

    public ExternalUser getUser(ExternalUser requestingUser, String userIdentifier) {
        Assert.notNull(requestingUser);
        Assert.notNull(userIdentifier);
        User user = ensureUserIsLoaded(userIdentifier);
        if(!requestingUser.getId().equals(user.getUuid().toString()) && !requestingUser.getRole().equalsIgnoreCase(Role.administrator.toString()))  {
           throw new AuthorizationException("User not authorized to load profile");
        }
        return new ExternalUser(user);
    }

        Assert.notNull(userId);
        User userToDelete = ensureUserIsLoaded(userId);
        if (userMakingRequest.getRole().equalsIgnoreCase(Role.administrator.toString()) && (userToDelete.hasRole(Role.anonymous) || userToDelete.hasRole(Role.authenticated))) {
            userRepository.delete(userToDelete);
        } else {
            throw new AuthorizationException("User cannot be deleted. Only users with anonymous or authenticated role can be deleted.");
        }
    }

                User user = userRepository.findByUuid(userId);
                if (user != null) {
                    externalUser = new ExternalUser(user);
                    if (!isAuthorized(user, context, hashedToken)) {
                        throw new AuthorizationException("Request rejected due to an authorization failure");
                    }
                }
            }
        }
        return externalUser;

        DateTime now = new DateTime();
        DateTime offset = new DateTime(date);
        if (!(offset.isAfter(now.minusMinutes(config.getSessionDateOffsetInMinutes())) &&
                offset.isBefore(now.plusMinutes(config.getSessionDateOffsetInMinutes())))) {
            LOG.error("Date in header is out of range: {}", requestDateString);
            throw new AuthorizationException("Date in header is out of range: " + requestDateString);
        }
    }

    private void validateNonce(String nonceValue) {
        Nonce nonce = nonceCache.getUnchecked(nonceValue);
        Duration tolerance = new Duration(nonce.timestamp, new DateTime());
        if (tolerance.isLongerThan(Duration.millis(NONCE_CHECK_TOLERANCE_IN_MILLIS))) {
            LOG.error("Nonce value was not unique: {}", nonceValue);
            throw new AuthorizationException("Nonce value is not unique");
        }
    }

        if(token == null) {
            return externalUser;
        }
        User user =  userRepository.findBySession(token);
        if(user == null) {
            throw new AuthorizationException("Session token not valid");
        }
        AuthorizationToken authorizationToken = user.getAuthorizationToken();
            if (authorizationToken.getToken().equals(token)) {
                externalUser = new ExternalUser(user);
            }

    @Path("{userId}")
    @PUT
    public Response updateUser(@Context SecurityContext sc, @PathParam("userId") String userId, UpdateUserRequest request) {
        ExternalUser userMakingRequest = (ExternalUser)sc.getUserPrincipal();
        if(!userMakingRequest.getId().equals(userId)) {
            throw new AuthorizationException("User not authorized to modify this profile");
        }
        boolean sendVerificationToken = StringUtils.hasLength(request.getEmailAddress()) &&
                !request.getEmailAddress().equals(userMakingRequest.getEmailAddress());
        ExternalUser savedUser = userService.saveUser(userId, request);
        if(sendVerificationToken) {