Examples of org.exist.security.PermissionDeniedException

org.exist.security.PermissionDeniedException
Description of the Class @author Wolfgang Meier @since 24. Juni 2002

                try {
                    broker = getDatabase().get(null);
                    final Account user = broker.getSubject();


                    if(!(account.getName().equals(user.getName()) || user.hasDbaRole()) ) {
                        throw new PermissionDeniedException("You are not allowed to delete '" +account.getName() + "' user");
                    }


                    remove_account.setRemoved(true);
                    remove_account.setCollection(broker, collectionRemovedAccounts, XmldbURI.create(UUIDGenerator.getUUID()+".xml"));

View Full Code Here

    }


    @Override
    public void assertCanModifyAccount(final Account user) throws PermissionDeniedException {
        if (user.getId() != getId() && !user.hasDbaRole()) {
            throw new PermissionDeniedException("Permission denied to modify user");
        }
    }

View Full Code Here

        
        //TODO This check should not even be here! Its up to the database to refuse access not requesting source
        
        if(!doc.getPermissions().validate(subject, mode)) {
            final String modeStr = new UnixStylePermissionAider(mode).toString();
            throw new PermissionDeniedException("Subject '" + subject.getName() + "' does not have '" + modeStr + "' access to resource '" + doc.getURI() + "'.");
        }
    }

View Full Code Here

                {throw new EXistException("Collection " + collectionUri
                        + " not found");}
            if (!replace) {
                final DocumentImpl old = collection.getDocument(broker, docUri);
                if (old != null)
                    {throw new PermissionDeniedException(
                            "Old document exists and overwrite is not allowed");}
            }
            LOG.debug("Storing binary resource to collection " + collection.getURI());
            
            /*DocumentImpl doc = */

View Full Code Here

                {throw new EXistException("Resource " + name + " not found");}
            if (doc.getResourceType() != DocumentImpl.BINARY_FILE)
                {throw new EXistException("Document " + name
                        + " is not a binary resource");}
            if(!doc.getPermissions().validate(session.getUser(), Permission.READ))
                {throw new PermissionDeniedException("Insufficient privileges to read resource");}
            final InputStream is = broker.getBinaryResource((BinaryDocument) doc);
            final long resourceSize = broker.getBinaryResourceSize((BinaryDocument) doc);
            if(resourceSize > Integer.MAX_VALUE)
                {throw new RemoteException("Resource too big to be read using this port.");}
            final byte [] data = new byte[(int)resourceSize];

View Full Code Here

                    broker.flush();
                    return;
//                    return true;
                }
                transact.abort(transaction);
                throw new PermissionDeniedException("not allowed to change permissions");
            }
            LOG.debug("changing permissions on collection " + resource);
            final Permission perm = collection.getPermissionsNoLock();
            if (perm.getOwner().equals(session.getUser())
            || manager.hasAdminPrivileges(session.getUser())) {
                perm.setMode(permissions);
                if (owner != null) {
                    perm.setOwner(owner);
                    perm.setGroup(ownerGroup);
                }
                transaction.registerLock(collection.getLock(), Lock.WRITE_LOCK);
                broker.saveCollection(transaction, collection);
                transact.commit(transaction);
                broker.flush();
                return;
            }
            transact.abort(transaction);
            throw new PermissionDeniedException("not allowed to change permissions");
        } catch (final IOException e) {
            transact.abort(transaction);
            throw new RemoteException(e.getMessage());
        } catch (final PermissionDeniedException e) {
            transact.abort(transaction);

View Full Code Here

        } catch (final IOException e) {
          transact.abort(transaction);
            throw new RemoteException(e.getMessage());            
        } catch (final LockException e) {
          transact.abort(transaction);
            throw new PermissionDeniedException(e.getMessage());
        } catch (final TriggerException e) {
          transact.abort(transaction);
            throw new RemoteException(e.getMessage());            
    } finally {
            transact.close(transaction);

View Full Code Here

            if (doc == null) {
                throw new EXistException("Resource "
                        + path + " not found");
            }
            if (!doc.getPermissions().validate(user, Permission.WRITE))
                {throw new PermissionDeniedException("User is not allowed to lock resource " + path);}
            
            final org.exist.security.SecurityManager manager = pool.getSecurityManager();
            if (!(userName.equals(user.getName()) || manager.hasAdminPrivileges(user)))
                {throw new PermissionDeniedException("User " + user.getName() + " is not allowed " +
                        "to lock the resource for user " + userName);}
            final Account lockOwner = doc.getUserLock();
            if(lockOwner != null && (!lockOwner.equals(user)) && (!manager.hasAdminPrivileges(user)))
                {throw new PermissionDeniedException("Resource is already locked by user " +
                        lockOwner.getName());}
            final Account lo = manager.getAccount(userName);
            doc.setUserLock(lo);
// TODO check XML/Binary resource
//            broker.storeDocument(transaction, doc);

View Full Code Here

            doc = broker.getXMLResource(path, Lock.WRITE_LOCK);
            if (doc == null)
                {throw new EXistException("Resource "
                        + path + " not found");}
            if (!doc.getPermissions().validate(user, Permission.WRITE))
                {throw new PermissionDeniedException("User is not allowed to lock resource " + path);}
            final org.exist.security.SecurityManager manager = pool.getSecurityManager();
            final Account lockOwner = doc.getUserLock();
            if(lockOwner != null && (!lockOwner.equals(user)) && (!manager.hasAdminPrivileges(user)))
                {throw new PermissionDeniedException("Resource is already locked by user " +
                        lockOwner.getName());}
            transaction = transact.beginTransaction();
            doc.setUserLock(null);
// TODO check XML/Binary resource
//            broker.storeDocument(transaction, doc);

View Full Code Here

            doc = broker.getXMLResource(path, Lock.READ_LOCK);
            if (doc == null)
                {throw new EXistException("Resource "
                        + path + " not found");}
            if(!doc.getPermissions().validate(user, Permission.READ))
                {throw new PermissionDeniedException("Insufficient privileges to read resource");}
            final Account u = doc.getUserLock();
            return u == null ? "" : u.getName();
        } catch (final Exception ex) {
            throw new RemoteException(ex.getMessage());
        } finally {

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of org.exist.security.PermissionDeniedException

org.exist.atom.modules.AtomFeeds

org.exist.atom.modules.AtomProtocol

org.exist.collections.Collection

org.exist.http.RESTServer

org.exist.security.internal.aider.UserAider

org.exist.security.internal.RealmImpl

org.exist.security.realm.ldap.LDAPRealm

org.exist.security.realm.oauth.OAuthRealm

org.exist.security.xacml.ExistPDP

org.exist.soap.AdminSoapBindingImpl

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.