Examples of org.exist.security.PermissionDeniedException

• org.exist.security.PermissionDeniedException
  Description of the Class @author Wolfgang Meier @since 24. Juni 2002

            broker = factory.getBrokerPool().get(user);
            doc = broker.getXMLResource(docURI, Lock.WRITE_LOCK);
            if (doc == null)
                {throw new EXistException("Resource " + docURI + " not found");}
            if (!doc.getPermissions().validate(user, Permission.WRITE))
                {throw new PermissionDeniedException("User is not allowed to lock resource " + docURI);}
            final SecurityManager manager = factory.getBrokerPool().getSecurityManager();
            final Account lockOwner = doc.getUserLock();
            if(lockOwner != null && (!lockOwner.equals(user)) && (!manager.hasAdminPrivileges(user)))
                {throw new PermissionDeniedException("Resource is already locked by user " +
                        lockOwner.getName());}
            transaction = transact.beginTransaction();
            doc.setUserLock(null);
            broker.storeXMLResource(transaction, doc);
            transact.commit(transaction);

            transact.commit(transaction);
            return true;
        } catch (final LockException e) {

            transact.abort(transaction);
            throw new PermissionDeniedException("Could not acquire lock on document " + docUri);

        } catch (final IOException e) {
            transact.abort(transaction);
            throw new EXistException("Get exception ["+e.getMessage()+"] on document " + docUri);

                {broker.copyCollection(transaction, collection, destination, newName);}
            transact.commit(transaction);
            return true;
        } catch (final LockException e) {
            transact.abort(transaction);
            throw new PermissionDeniedException(e.getMessage());
        } catch (final IOException e) {
            transact.abort(transaction);
            throw new EXistException(e.getMessage());
        } catch (final TriggerException e) {
            transact.abort(transaction);

                throw new EXistException("Resource " + docUri + " not found");
            }
            //TODO : register the lock within the transaction ?
            if (!doc.getPermissions().validate(user, Permission.WRITE)) {
              transact.abort(transaction);
              throw new PermissionDeniedException("User is not allowed to lock resource " + docUri);
            }

            if (!"".equals(doctypename)) {
              result = new DocumentTypeImpl(doctypename,
                  "".equals(publicid) ? null : publicid,

    }

    @Override
    public boolean shutdown(long delay) throws PermissionDeniedException {
        if (!user.hasDbaRole())
            {throw new PermissionDeniedException("not allowed to shut down" + "the database");}
        if (delay > 0) {
            final TimerTask task = new TimerTask() {
                @Override
                public void run() {
                    BrokerPool.stopAll(true);

                for (int i = 0; i < ql.length; i++) {
                    final StoredNode node = ql[i];
                    final DocumentImpl doc = (DocumentImpl)node.getOwnerDocument();
                    if (!doc.getPermissions().validate(context.getUser(), Permission.WRITE)) {
                        //transact.abort(transaction);
                        throw new PermissionDeniedException("User '" + context.getSubject().getName() + "' does not have permission to write to the document '" + doc.getDocumentURI() + "'!");
                    }
                    doc.getMetadata().setIndexListener(listener);

                    //update the document
                    parent = (NodeImpl) node.getParentNode();

       return new IntegerValue(account.getUserMask());
    }

    private void setUMask(final DBBroker broker, final Subject currentUser, final String username, final int umask) throws XPathException {
        if(!currentUser.hasDbaRole() && !currentUser.getUsername().equals(username)) {
            throw new XPathException(this, new PermissionDeniedException("You must have suitable access rights to set the users umask."));
        }

        final SecurityManager securityManager = broker.getBrokerPool().getSecurityManager();
        final Account account = securityManager.getAccount(username);

                if(permission instanceof SimpleACLPermission) {
                    //add the ace
                    final SimpleACLPermission aclPermission = ((SimpleACLPermission)permission);
                    aclPermission.addACE(access_type, target, name, mode);
                } else {
                    throw new PermissionDeniedException("ACL like permissions have not been enabled");
                }
            }
        });
        return Sequence.EMPTY_SEQUENCE;
    }

                if(permission instanceof SimpleACLPermission) {
                    //insert the ace
                    final SimpleACLPermission aclPermission = ((SimpleACLPermission)permission);
                    aclPermission.insertACE(index, access_type, target, name, mode);
                } else {
                    throw new PermissionDeniedException("ACL like permissions have not been enabled");
                }
            }
        });
        return Sequence.EMPTY_SEQUENCE;
    }

                if(permission instanceof SimpleACLPermission) {
                    //insert the ace
                    final SimpleACLPermission aclPermission = ((SimpleACLPermission)permission);
                    aclPermission.modifyACE(index, access_type, mode);
                } else {
                    throw new PermissionDeniedException("ACL like permissions have not been enabled");
                }
            }
        });
        return Sequence.EMPTY_SEQUENCE;
    }