Package org.rhq.enterprise.server.authz

Examples of org.rhq.enterprise.server.authz.PermissionException

1964
1965
1966
1967
1968
1969
1970
1971
1972
        return group;
    }

    private void ensureModifyPermission(Subject subject, Resource resource) throws PermissionException {
        if (!authorizationManager.hasResourcePermission(subject, Permission.MODIFY_RESOURCE, resource.getId())) {
            throw new PermissionException("User [" + subject.getName() + "] does not have permission "
                + "to modify plugin configuration for resource [" + resource + "]");
        }
    }
View Full Code Here
1971
1972
1973
1974
1975
1976
1977
1978
1979
        }
    }

    private void ensureModifyResourcePermission(Subject subject, ResourceGroup group) throws PermissionException {
        if (!authorizationManager.hasGroupPermission(subject, Permission.MODIFY_RESOURCE, group.getId())) {
            throw new PermissionException("User [" + subject.getName() + "] does not have permission "
                + "to modify plugin configuration for members of group [" + group + "]");
        }
    }
View Full Code Here
2216
2217
2218
2219
2220
2221
2222
2223
2224
2225
2226
    @Override
    @SuppressWarnings("unchecked")
    public PageList<GroupResourceConfigurationUpdate> findGroupResourceConfigurationUpdates(Subject subject,
        int groupId, PageControl pc) {
        if (authorizationManager.hasGroupPermission(subject, Permission.CONFIGURE_READ, groupId) == false) {
            throw new PermissionException("User[name=" + subject.getName()
                + "] does not have permission to view configuration for group[id=" + groupId + "]");
        }

        pc.initDefaultOrderingField("modifiedTime", PageOrdering.DESC);
View Full Code Here
2402
2403
2404
2405
2406
2407
2408
2409
2410
2411
2412
        GroupPluginConfigurationUpdate update = getGroupPluginConfigurationById(configurationUpdateId);

        int groupId = update.getGroup().getId();

        if (!authorizationManager.canViewGroup(subject, groupId)) {
            throw new PermissionException("User [" + subject.getName()
                + "] does not have permission to view group Resource configuration for [" + update.getGroup() + "]");

        }

        return update;
View Full Code Here
2417
2418
2419
2420
2421
2422
2423
2424
2425
2426
2427
        int configurationUpdateId) {
        GroupResourceConfigurationUpdate update = getGroupResourceConfigurationById(configurationUpdateId);

        int groupId = update.getGroup().getId();
        if (authorizationManager.hasGroupPermission(subject, Permission.CONFIGURE_READ, groupId) == false) {
            throw new PermissionException("User[" + subject.getName()
                + "] does not have permission to view group resourceConfiguration[id=" + configurationUpdateId + "]");
        }

        return update;
    }
View Full Code Here
2440
2441
2442
2443
2444
2445
2446
2447
2448
2449
2450
        if (resource == null) {
            throw new NoResultException("Cannot get live configuration for unknown resource [" + resourceId + "]");
        }

        if (!authorizationManager.hasResourcePermission(subject, Permission.CONFIGURE_READ, resource.getId())) {
            throw new PermissionException("User [" + subject.getName()
                + "] does not have permission to view resource configuration for [" + resource + "]");
        }

        try {
            Agent agent = resource.getAgent();
View Full Code Here
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
        Query deleteNotificationLogsQuery = null;
        Query deleteAlertsQuery = null;

        if (context.type == EntityContext.Type.Resource) {
            if (!authorizationManager.hasResourcePermission(subject, Permission.MANAGE_ALERTS, context.resourceId)) {
                throw new PermissionException("Can not delete alerts - " + subject + " lacks "
                    + Permission.MANAGE_ALERTS + " for resource[id=" + context.resourceId + "]");
            }
            deleteConditionLogsQuery = entityManager.createNamedQuery(AlertConditionLog.QUERY_DELETE_BY_RESOURCES);
            deleteConditionLogsQuery.setParameter("resourceIds", Arrays.asList(context.resourceId));

            deleteNotificationLogsQuery = entityManager
                .createNamedQuery(AlertNotificationLog.QUERY_DELETE_BY_RESOURCES);
            deleteNotificationLogsQuery.setParameter("resourceIds", Arrays.asList(context.resourceId));

            deleteAlertsQuery = entityManager.createNamedQuery(Alert.QUERY_DELETE_BY_RESOURCES);
            deleteAlertsQuery.setParameter("resourceIds", Arrays.asList(context.resourceId));

        } else if (context.type == EntityContext.Type.ResourceGroup) {
            if (!authorizationManager.hasGroupPermission(subject, Permission.MANAGE_ALERTS, context.groupId)) {
                throw new PermissionException("Can not delete alerts - " + subject + " lacks "
                    + Permission.MANAGE_ALERTS + " for group[id=" + context.groupId + "]");
            }
            deleteConditionLogsQuery = entityManager
                .createNamedQuery(AlertConditionLog.QUERY_DELETE_BY_RESOURCE_GROUPS);
            deleteConditionLogsQuery.setParameter("groupIds", Arrays.asList(context.groupId));

            deleteNotificationLogsQuery = entityManager
                .createNamedQuery(AlertNotificationLog.QUERY_DELETE_BY_RESOURCE_GROUPS);
            deleteNotificationLogsQuery.setParameter("groupIds", Arrays.asList(context.groupId));

            deleteAlertsQuery = entityManager.createNamedQuery(Alert.QUERY_DELETE_BY_RESOURCE_GROUPS);
            deleteAlertsQuery.setParameter("groupIds", Arrays.asList(context.groupId));

        } else if (context.type == EntityContext.Type.SubsystemView) {
            if (!authorizationManager.isInventoryManager(subject)) {
                throw new PermissionException("Can not delete alerts - " + subject + " lacks "
                    + Permission.MANAGE_INVENTORY + " for global alerts history");
            }
            deleteConditionLogsQuery = entityManager.createNamedQuery(AlertConditionLog.QUERY_DELETE_ALL);
            deleteNotificationLogsQuery = entityManager.createNamedQuery(AlertNotificationLog.QUERY_DELETE_ALL);
            deleteAlertsQuery = entityManager.createNamedQuery(Alert.QUERY_DELETE_ALL);
View Full Code Here
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
    @Override
    public int acknowledgeAlertsByContext(Subject subject, EntityContext context) {
        Query query = null;
        if (context.type == EntityContext.Type.Resource) {
            if (!authorizationManager.hasResourcePermission(subject, Permission.MANAGE_ALERTS, context.resourceId)) {
                throw new PermissionException("Can not acknowledge alerts - " + subject + " lacks "
                    + Permission.MANAGE_ALERTS + " for resource[id=" + context.resourceId + "]");
            }
            query = entityManager.createNamedQuery(Alert.QUERY_ACKNOWLEDGE_BY_RESOURCES);
            query.setParameter("resourceIds", Arrays.asList(context.resourceId));

        } else if (context.type == EntityContext.Type.ResourceGroup) {
            if (!authorizationManager.hasGroupPermission(subject, Permission.MANAGE_ALERTS, context.groupId)) {
                throw new PermissionException("Can not acknowledge alerts - " + subject + " lacks "
                    + Permission.MANAGE_ALERTS + " for group[id=" + context.groupId + "]");
            }
            query = entityManager.createNamedQuery(Alert.QUERY_ACKNOWLEDGE_BY_RESOURCE_GROUPS);
            query.setParameter("groupIds", Arrays.asList(context.groupId));

        } else if (context.type == EntityContext.Type.SubsystemView) {
            if (!authorizationManager.isInventoryManager(subject)) {
                throw new PermissionException("Can not acknowledge alerts - " + subject + " lacks "
                    + Permission.MANAGE_INVENTORY + " for global alerts history");
            }
            query = entityManager.createNamedQuery(Alert.QUERY_ACKNOWLEDGE_ALL);
        } else {
            throw new IllegalArgumentException("No support for acknowledging alerts for " + context);
View Full Code Here
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
             * original authz check was valid, and we should throw the necessary PermissionException
             */

            List<Integer> validAlertIds = removeNonExistent(alertIds);
            if (validAlertIds.size() == alertIds.size()) {
                throw new PermissionException(subject + " does not have permission to delete " + canNotModifyCount
                    + " of the " + alertIds.size() + " passsed alertIds");
            } else {
                canModifyCount = checkAuthz(subject, alertIds);
                canNotModifyCount = alertIds.size() - canModifyCount;
                if (canNotModifyCount != 0) {
                    throw new PermissionException(subject + " does not have permission to delete " + canNotModifyCount
                        + " of the " + alertIds.size() + " passsed alertIds");
                }
            }

        }
View Full Code Here
79
80
81
82
83
84
85
86
87
88
89
        ResourceType resourceType = entityManager.find(ResourceType.class, ClusterKey.getResourceType(clusterKey));
        ResourceGroup resourceGroup = entityManager.find(ResourceGroup.class, clusterKey.getClusterGroupId());

        if (!authorizationManager.canViewGroup(subject, clusterKey.getClusterGroupId())) {
            throw new PermissionException("You do not have permission to view child cluster groups of the group ["
                + resourceGroup.getName() + "]");
        }

        // [BZ 817604] In unusual circumstances this clusterKey may be stale. Ensure the cluster group
        // is still a compat group before creating a backing group.
View Full Code Here
TOP

Related Classes of org.rhq.enterprise.server.authz.PermissionException

  • org.rhq.coregui.server.gwt.LdapGWTServiceImpl
  • org.rhq.coregui.server.gwt.PluginFileUploadServlet
  • org.rhq.enterprise.gui.admin.plugin.AbstractPluginConfigurationUIBean
  • org.rhq.enterprise.gui.admin.plugin.InstalledPluginsUIBean
  • org.rhq.enterprise.gui.admin.role.ChangeOwnerFormPrepareAction
  • org.rhq.enterprise.gui.admin.role.RoleAdminPortalAction
  • org.rhq.enterprise.gui.ha.ViewAgentUIBean
  • org.rhq.enterprise.gui.ha.ViewServerUIBean
  • org.rhq.enterprise.server.alert.AlertConditionManagerBean
  • org.rhq.enterprise.server.alert.AlertDefinitionManagerBean
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.