Package org.fao.geonet.exceptions

Examples of org.fao.geonet.exceptions.OperationNotAllowedEx


  public void denyAccess(ServiceContext context) throws Exception {
    if (context.getUserSession().isAuthenticated()) {
      throw new AccessDeniedException("User is not permitted to access this resource");
    } else {
      throw new OperationNotAllowedEx();
    }
  }
View Full Code Here


        int ownerId = context.getUserSession().getUserIdAsInt();
        Profile userProfile = context.getUserSession().getProfile();

        if (userProfile == null) {
            throw new OperationNotAllowedEx("Unauthorized user attempted to list editable metadata ");
        }

        Specifications<Metadata> spec;
        // if the user is an admin, return all metadata
        if(userProfile == Profile.Administrator) {
            spec = where(MetadataSpecs.isHarvested(false));
        } else if(userProfile == Profile.Reviewer || userProfile == Profile.UserAdmin) {
            final List<UserGroup> groups = context.getBean(UserGroupRepository.class).findAll(UserGroupSpecs.hasUserId(ownerId));
            List<Integer> groupIds = Lists.transform(groups, new Function<UserGroup, Integer>() {
                @Nullable
                @Override
                public Integer apply(@Nonnull UserGroup input) {
                    return input.getId().getGroupId();
                }
            });
            spec = where(MetadataSpecs.isHarvested(false)).and(MetadataSpecs.isOwnedByOneOfFollowingGroups(groupIds));
            // if the user is a reviewer, return all metadata of the user's groups
        } else if(userProfile == Profile.Editor) {
            spec = where(MetadataSpecs.isOwnedByUser(ownerId)).and(MetadataSpecs.isHarvested(false));
            // if the user is an editor, return metadata owned by this user
        } else {
            throw new OperationNotAllowedEx("Unauthorized user " + ownerId + " attempted to list editable metadata ");
        }

        // Sorting
        String sortBy = sortByParameter(params);
View Full Code Here

        if (!dataMan.existsMetadata(iLocalId)) {
            throw new IllegalArgumentException("Metadata with identifier '" + id + "' not found.");
        }

        if (!accessMan.canEdit(context, id)) {
            throw new OperationNotAllowedEx();
        }

        int iGroupOwner = Integer.parseInt(groupOwner);
        Group group = context.getBean(GroupRepository.class).findOne(iGroupOwner);
        if (group == null) {
View Full Code Here

      throw new UserNotFoundEx(username);
        }

    // only let registered users change their password this way 
    if ( elUser.getProfile() != Profile.RegisteredUser) {
      throw new OperationNotAllowedEx("Only users with profile RegisteredUser can change their password using this option");
        }
   
    // construct expected change key - only valid today
    String scrambledPassword = elUser.getPassword();
    Calendar cal = Calendar.getInstance();
View Full Code Here

    if (md == null)
      throw new IllegalArgumentException("Metadata not found --> " + id);

    if (!accessMan.canEdit(context, id))
      throw new OperationNotAllowedEx();

    //-----------------------------------------------------------------------
    //--- set metadata into the subversion repo

    dataMan.versionMetadata(context, id, md);
View Full Code Here

    if (metadata == null)
      throw new IllegalArgumentException("Metadata with identifier " + id + " not found.");

    if (!accessMan.canEdit(context, id))
      throw new OperationNotAllowedEx();

    //-----------------------------------------------------------------------
    //--- backup metadata in 'removed' folder

    if (metadata.getDataInfo().getType() != MetadataType.SUB_TEMPLATE && backupFile)
View Full Code Here

    //--- retrieve session user groups and check to see whether this user is
    //--- allowed to get this info
                List<Integer> adminList = userGroupRepository.findGroupIds(where(UserGroupSpecs.hasUserId(Integer.valueOf(myUserId)))
                        .or(UserGroupSpecs.hasUserId(Integer.valueOf(id))));
        if (adminList.isEmpty()) {
          throw new OperationNotAllowedEx("You don't have rights to do this because the user you want is not part of your group");
        }
      }

    //--- return data

      return elGroups;
    } else {
      throw new OperationNotAllowedEx("You don't have rights to do get the groups for this user");
    }

  }
View Full Code Here

TOP

Related Classes of org.fao.geonet.exceptions.OperationNotAllowedEx

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.