Examples of org.nemesis.forum.exception.UnauthorizedException

• org.nemesis.forum.exception.UnauthorizedException
  Thrown if a User does not have permission to access a particular method.

  public void addMember(User user) throws UnauthorizedException {
    if (permissions.get(Constants.SYSTEM_ADMIN) || permissions.get(Constants.GROUP_ADMIN)) {
      group.addMember(user);
    } else {
      throw new UnauthorizedException();
    }
  }

  public void removeMember(User user) throws UnauthorizedException {
    if (permissions.get(Constants.SYSTEM_ADMIN) || permissions.get(Constants.GROUP_ADMIN)) {
      group.removeMember(user);
    } else {
      throw new UnauthorizedException();
    }
  }

  public void setApproved(boolean approved) throws UnauthorizedException {
    if (permissions.isSystemOrForumAdmin() || permissions.get(Constants.MODERATOR)) {
      message.setApproved(approved);
    } else {
      throw new UnauthorizedException();
    }
  }

  public void setCreationDate(Date creationDate) throws UnauthorizedException {
    if (permissions.isSystemOrForumAdmin()) {
      this.message.setCreationDate(creationDate);
    } else {
      throw new UnauthorizedException();
    }
  }

  public void setModifiedDate(Date modifiedDate) throws UnauthorizedException {
    if (permissions.isSystemOrForumAdmin()) {
      this.message.setModifiedDate(modifiedDate);
    } else {
      throw new UnauthorizedException();
    }
  }

  public void setSubject(String subject) throws UnauthorizedException {
    if (permissions.isSystemOrForumAdmin() || getUser().hasPermission(Constants.USER_ADMIN)) {
      this.message.setSubject(subject);
    } else {
      throw new UnauthorizedException();
    }
  }

  public void setBody(String body) throws UnauthorizedException {
    if (permissions.isSystemOrForumAdmin() || getUser().hasPermission(Constants.USER_ADMIN)) {
      this.message.setBody(body);
    } else {
      throw new UnauthorizedException();
    }
  }

   * @throws UnauthorizedException if the username and password do not match
   *      any existing user.
   */
  public Authorization createAuthorization(String username, String password) throws UnauthorizedException {
    if (username == null || password == null) {
      throw new UnauthorizedException();
    }
    //stores all passwords in hashed form. So, hash the plain text
    //password for comparison.
    password = StringUtils.hash(password);
    int userID = 0;
    Connection con = null;
    PreparedStatement pstmt = null;
    try {
      con = DbConnectionManager.getConnection();
      pstmt = con.prepareStatement(AUTHORIZE);
      pstmt.setString(1, username);
      pstmt.setString(2, password);

      ResultSet rs = pstmt.executeQuery();
      //If the query had no results, the username and password
      //did not match a user record. Therefore, throw an exception.
      if (!rs.next()) {
        throw new UnauthorizedException();
      }
      userID = rs.getInt(1);
    } catch (SQLException sqle) {
      log.error("Exception in DbAuthorizationFactory:" , sqle);
      throw new UnauthorizedException();
    } finally {
      try {
        pstmt.close();
      } catch (Exception e) {
        log.error("pstmt close",e);

  public void setModerationType(int type)  throws UnauthorizedException{
    if (permissions.isSystemOrForumAdmin()) {
      forum.setModerationType(type);
    } else {
      throw new UnauthorizedException();
    }
  }

  public void setName(String name) throws UnauthorizedException, ForumAlreadyExistsException {
    if (permissions.isSystemOrForumAdmin()) {
      forum.setName(name);
    } else {
      throw new UnauthorizedException();
    }
  }