Examples of org.jboss.seam.security.AuthorizationException

org.jboss.seam.security.AuthorizationException
Thrown when an authenticated user has insufficient rights to perform an operation. @author Shane Bryzak

    }


    public void init() {
        if (isManaged()) {
            if (!Identity.instance().hasPermission("User", "edit", getInstance()) ) {
                throw new AuthorizationException("You don't have permission for this operation");
            }
            if (roles == null) roles = getInstance().getRoles();
            if (oldUsername == null) oldUsername = getInstance().getUsername();


            createdWikiNodeCount = userDAO.countNodesCreatedBy(getInstance().getId());


            uploader = (Uploader)Component.getInstance(Uploader.class);


        } else {
            if (!prefs.getEnableRegistration() &&
                !Identity.instance().hasPermission("User", "isAdmin", Component.getInstance("currentUser"))) {
                throw new AuthorizationException("User registration is disabled");
            }


            if (defaultRole == null) defaultRole = (Role)Component.getInstance("newUserDefaultRole");
        }

View Full Code Here

                if (currentFile == null) {
                    throw new org.jboss.seam.framework.EntityNotFoundException(getFileId(), WikiDocument.class);
                }


                if (!Identity.instance().hasPermission("Node", "read", currentFile) ) {
                    throw new AuthorizationException("You don't have permission for this operation");
                }
            }


            initializeHistoricalFileList();
        }

View Full Code Here

        initEditor(false);
        if (isManaged()) {


            // Additional permission required besides NodeHome.remove()
            if (!Identity.instance().hasPermission("Comment", "delete", getInstance().getParent()) ) {
                throw new AuthorizationException("You don't have permission for this operation");
            }


            // Remove feed entry before removing comment
            feedDAO.removeFeedEntry(
                feedDAO.findFeeds(getInstance()),

View Full Code Here


        getLog().debug("rating comment with id: " + commentId + " as " + rating);


        // Only the owner of the document can rate comments of that document
        if ( !currentUser.getId().equals(documentHome.getInstance().getCreatedBy().getId()) ) {
            throw new AuthorizationException("You don't have permission for this operation");
        }


        // Guest can't rate
        if (currentUser.isGuest()) {
            throw new IllegalStateException("User interface bug, guests can't rate comments");

View Full Code Here

            throw new InvalidWikiRequestException("Could not find parent node with id: " + parentNodeId);
        getLog().debug("initalized with parent node: " + parentNode);


        // Check write access level of the parent node, if the user wants to create a new node
        if (!isPersistAllowed(node, parentNode))
            throw new AuthorizationException("You don't have permission for this operation");


        // Default to same access permissions as parent node
        node.setWriteAccessLevel(parentNode.getWriteAccessLevel());
        node.setReadAccessLevel(parentNode.getReadAccessLevel());
        writeAccessLevel = getAccessLevelsList().get(

View Full Code Here


    public N beforeNodeEditFound(N node) {


        // Check write access level of the node the user wants to edit
        if (!isUpdateAllowed(node, null))
            throw new AuthorizationException("You don't have permission for this operation");


        writeAccessLevel = getAccessLevelsList().get(
            accessLevelsList.indexOf(
                new Role.AccessLevel(node.getWriteAccessLevel())
            )

View Full Code Here

    }


    protected void checkPersistPermissions() {
        getLog().debug("checking persist permissions");
        if (!isPersistAllowed(getInstance(), getParentNode()))
            throw new AuthorizationException("You don't have permission for this operation");
    }

View Full Code Here

    }


    protected void checkUpdatePermissions() {
        getLog().debug("checking update permissions");
        if (!isUpdateAllowed(getInstance(), getParentNode()))
            throw new AuthorizationException("You don't have permission for this operation");
    }

View Full Code Here

    }


    protected void checkRemovePermissions() {
        getLog().debug("checking remove permissions");
        if (!isRemoveAllowed(getInstance(), getParentNode()))
            throw new AuthorizationException("You don't have permission for this operation");
    }

View Full Code Here

        return writeAccessLevel;
    }


    public void setWriteAccessLevel(Role.AccessLevel writeAccessLevel) {
        if (!Identity.instance().hasPermission("Node", "changeAccessLevel", getInstance()) ) {
            throw new AuthorizationException("You don't have permission for this operation");
        }
        this.writeAccessLevel = writeAccessLevel;
        getInstance().setWriteAccessLevel(
            writeAccessLevel != null ? writeAccessLevel.getAccessLevel() : Role.ADMINROLE_ACCESSLEVEL
        );

View Full Code Here

0 1 2

TOP

Related Classes of org.jboss.seam.security.AuthorizationException

org.drools.guvnor.server.files.FeedServletTest$MockFeedServlet

org.drools.guvnor.server.security.SecurityServiceImpl

org.jboss.seam.security.extension.SecurityExtension

org.jboss.seam.security.extension.SecurityExtension$Authorizer

org.jboss.seam.wiki.core.action.AdminHome

org.jboss.seam.wiki.core.action.CommentHome

org.jboss.seam.wiki.core.action.DocumentHistory

org.jboss.seam.wiki.core.action.NodeHome

org.jboss.seam.wiki.core.action.UserHome

org.jboss.seam.wiki.core.action.WikiIdentity

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.