String permission )
throws AuthorizationException, UnauthorizedException
{
// TODO: also check for permission to proxy the resource when MRM-579 is implemented
AuthorizationResult authzResult = securitySystem.authorize( securitySession, permission, repositoryId );
if ( !authzResult.isAuthorized() )
{
if ( authzResult.getException() != null )
{
log.info( "Authorization Denied [ip=" + request.getRemoteAddr() + ",permission=" + permission + ",repo="
+ repositoryId + "] : " + authzResult.getException().getMessage() );
throw new UnauthorizedException( "Access denied for repository " + repositoryId );
}
throw new UnauthorizedException( "User account is locked" );
}