Package org.dspace.authorize

Examples of org.dspace.authorize.AuthorizeException


        initialise();
        boolean publicise = ConfigurationManager.getBooleanProperty("report.public");

        // Check that the reports are either public, or user is an administrator
        if (!publicise && !AuthorizeManager.isAdmin(context))
            throw new AuthorizeException();

        // Retrieve the report data to display
        File analysisFile;
        if (reportDate != null)
            analysisFile = StatisticsLoader.getAnalysisFor(reportDate);
View Full Code Here


            AuthorizeException, NonUniqueMetadataException
    {
        // Check authorisation: Only admins may create metadata schemas
        if (!AuthorizeManager.isAdmin(context))
        {
            throw new AuthorizeException(
                    "Only administrators may modify the metadata registry");
        }

        // Ensure the schema name is unique
        if (!uniqueShortName(context, name))
View Full Code Here

            AuthorizeException, NonUniqueMetadataException
    {
        // Check authorisation: Only admins may update the metadata registry
        if (!AuthorizeManager.isAdmin(context))
        {
            throw new AuthorizeException(
                    "Only administrators may modify the metadata registry");
        }

        // Ensure the schema name is unique
        if (!uniqueShortName(context, name))
View Full Code Here

    public void delete(Context context) throws SQLException, AuthorizeException
    {
        // Check authorisation: Only admins may create DC types
        if (!AuthorizeManager.isAdmin(context))
        {
            throw new AuthorizeException(
                    "Only administrators may modify the metadata registry");
        }

        log.info(LogManager.getHeader(context, "delete_metadata_schema",
                "metadata_schema_id=" + getSchemaID()));
View Full Code Here

        }

        if ((fromPage == null) || ((fromPage.indexOf(basicHost) == -1) && (validReferral == false)))
        {
            // N.B. must use old message catalog because Cocoon i18n is only available to transformed pages.
            throw new AuthorizeException(I18nUtil.getMessage("feedback.error.forbidden"));
        }

        // User email from context
        Context context = ContextUtil.obtainContext(objectModel);
        EPerson loggedin = context.getCurrentUser();
View Full Code Here

            AuthorizeException
    {
        // authorized?
        if (!AuthorizeManager.isAdmin(context))
        {
            throw new AuthorizeException(
                    "You must be an admin to create an EPerson");
        }

        // Create a table row
        TableRow row = DatabaseManager.create(context, "eperson");
View Full Code Here

            EPersonDeletionException
    {
        // authorized?
        if (!AuthorizeManager.isAdmin(myContext))
        {
            throw new AuthorizeException(
                    "You must be an admin to delete an EPerson");
        }

        // check for presence of eperson in tables that
        // have constraints on eperson_id
View Full Code Here

                            {
                                log.warn("Skipping Bundle[\""+bundles[i].getName()+"\"] because you are not authorized to read it.");
                                continue;
                            }
                            else
                                throw new AuthorizeException("Not authorized to read Bundle named \""+bundles[i].getName()+"\"");
                        }
                        Bitstream[] bitstreams = bundles[i].getBitstreams();
                        for (int k = 0; k < bitstreams.length; k++)
                        {
                            boolean auth = AuthorizeManager.authorizeActionBoolean(context,
                                    bitstreams[k], Constants.READ);
                            if (auth ||
                                (unauth != null && unauth.equalsIgnoreCase("zero")))
                            {
                                ZipEntry ze = new ZipEntry(
                                    makeBitstreamName(bitstreams[k]));
                                ze.setTime(lmTime);
                                ze.setSize(auth ? bitstreams[k].getSize() : 0);
                                zip.putNextEntry(ze);
                                if (auth)
                                Utils.copy(bitstreams[k].retrieve(), zip);
                                else
                                    log.warn("Adding zero-length file for Bitstream, SID="+String.valueOf(bitstreams[k].getSequenceID())+", not authorized for READ.");
                                zip.closeEntry();
                            }
                            else if (unauth != null &&
                                     unauth.equalsIgnoreCase("skip"))
                            {
                                log.warn("Skipping Bitstream, SID="+String.valueOf(bitstreams[k].getSequenceID())+", not authorized for READ.");
                            }
                            else
                            {
                                throw new AuthorizeException("Not authorized to read Bitstream, SID="+String.valueOf(bitstreams[k].getSequenceID()));
                            }
                        }
                    }
                }
                zip.close();
View Full Code Here

                {
                    if (unauth != null &&
                        (unauth.equalsIgnoreCase("skip")))
                        continue;
                    else
                        throw new AuthorizeException("Not authorized to read Bundle named \""+bundles[i].getName()+"\"");
                }

                Bitstream[] bitstreams = bundles[i].getBitstreams();

                // Create a fileGrp
                FileGrp fileGrp = new FileGrp();
        
                // Bundle name for USE attribute
                String bName = bundles[i].getName();
                if ((bName != null) && !bName.equals(""))
                    fileGrp.setUSE(bundleToFileGrp(bName));
        
                // watch for primary bitstream
                int primaryBitstreamID = -1;
                boolean isContentBundle = false;
                if ((bName != null) && bName.equals("ORIGINAL"))
                {
                    isContentBundle = true;
                    primaryBitstreamID = bundles[i].getPrimaryBitstreamID();
                }

                for (int bits = 0; bits < bitstreams.length; bits++)
                {
                    // Check for authorization.  Handle unauthorized
                    // bitstreams to match the logic in disseminate(),
                    // i.e. "unauth=zero" means include a 0-length bitstream,
                    // "unauth=skip" means to ignore it (and exclude from
                    // manifest).
                    boolean auth = AuthorizeManager.authorizeActionBoolean(context,
                            bitstreams[bits], Constants.READ);
                    if (!auth)
                    {
                        if (unauth != null && unauth.equalsIgnoreCase("skip"))
                            continue;
                        else if (!(unauth != null && unauth.equalsIgnoreCase("zero")))
                            throw new AuthorizeException("Not authorized to read Bitstream, SID="+String.valueOf(bitstreams[bits].getSequenceID()));
                    }

                    String sid = String.valueOf(bitstreams[bits].getSequenceID());
        
                    edu.harvard.hul.ois.mets.File file = new edu.harvard.hul.ois.mets.File();
View Full Code Here

      if (!ConfigurationManager.getBooleanProperty("xmlui.user.assumelogin", false))
        return;
     
      // Only super administrators can login as someone else.
      if (!AuthorizeManager.isAdmin(context))
        throw new AuthorizeException("Only site administrators may assume login as another user.");
       
      // Just to be double be sure, make sure the administrator
      // is the one who actualy authenticated themself.
      HttpSession session = request.getSession(false);
      Integer authenticatedID = (Integer) session.getAttribute(AUTHENTICATED_USER_ID);
      if (context.getCurrentUser().getID() != authenticatedID)
        throw new AuthorizeException("Only authenticated users whom are administrators may assume the login as another user.");
     
      // You may not assume the login of another super administrator
      if (loginAs == null)
        return;
      Group administrators = Group.find(context,1);
      if (administrators.isMember(loginAs))
        throw new AuthorizeException("You may not assume the login as another super administrator.");
     
      // Success, allow the user to login as another user.
      context.setCurrentUser(loginAs);
 
        // Set any special groups - invoke the authentication mgr.
View Full Code Here

TOP

Related Classes of org.dspace.authorize.AuthorizeException

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.