Examples of org.rhq.enterprise.server.authz.PermissionException

org.rhq.enterprise.server.authz.PermissionException
This exception is thrown when some operation cannot be performed because the user is not authorized to do so. @author John Mazzitelli

         */
        AlertDefinition oldAlertDefinition = entityManager.find(AlertDefinition.class, alertDefinitionId);


        if (checkPerms && checkPermission(subject, oldAlertDefinition) == false) {
            if (oldAlertDefinition.getResourceType() != null) {
                throw new PermissionException("User [" + subject.getName()
                    + "] does not have permission to modify alert templates for type ["
                    + oldAlertDefinition.getResourceType() + "]");
            } else if (oldAlertDefinition.getGroup() != null) {
                throw new PermissionException("User [" + subject.getName()
                    + "] does not have permission to modify alert definitions for group ["
                    + oldAlertDefinition.getGroup() + "]");
            } else {
                throw new PermissionException("User [" + subject.getName()
                    + "] does not have permission to modify alert definitions for resource ["
                    + oldAlertDefinition.getResource() + "]");
            }
        }

View Full Code Here

        }
    }


    public void updateResourceTags(Subject subject, int resourceId, Set<Tag> tags) {
        if (!authorizationManager.hasResourcePermission(subject, Permission.MODIFY_RESOURCE, resourceId)) {
            throw new PermissionException("You do not have permission to modify resource");
        }


        Set<Tag> definedTags = addTags(subject, tags);
        Resource resource = entityManager.find(Resource.class, resourceId);

View Full Code Here

        }
    }


    public void updateResourceGroupTags(Subject subject, int resourceGroupId, Set<Tag> tags) {
        if (!authorizationManager.hasGroupPermission(subject, Permission.MODIFY_RESOURCE, resourceGroupId)) {
            throw new PermissionException("You do not have permission to modify group");
        }


        Set<Tag> definedTags = addTags(subject, tags);
        ResourceGroup group = entityManager.find(ResourceGroup.class, resourceGroupId);

View Full Code Here

        return query;
    }


    private void verifyUserIsSuperUser(Subject subject) {
        if (!authorizationManager.isSystemSuperuser(subject)) {
            throw new PermissionException("Access denied. You must be logged in as the system super user.");
        }
    }

View Full Code Here

        }
    }


    public AvailabilityType getLatestAvailabilityType(Subject whoami, int resourceId) {
        if (!authorizationManager.canViewResource(whoami, resourceId)) {
            throw new PermissionException("User [" + whoami.getName() + "] does not have permission to view resource");
        }
        ResourceAvailability ra = getLatestAvailability(resourceId);
        return (ra != null) ? ra.getAvailabilityType() : null;
    }

View Full Code Here

        PageList<Bundle> bundles = bundleManager.findBundlesByCriteria(subject, criteria);
        Bundle bundle;
        boolean isInitialVersion = (bundles.getTotalSize() == 0);


        if (!isInitialVersion && mustBeInitialVersion) {
            throw new PermissionException("This must be the initial version of a new Bundle.");
        }


        if (isInitialVersion) {
            bundle = bundleManager.createBundle(subject, bundleName, bundleDescription, bundleType.getId(),
                initialBundleGroupIds);

View Full Code Here

        }


        if (null == bundleGroupIds || bundleGroupIds.length == 0) {
            String msg = "Subject [" + subject.getName()
                + "] requires Global CREATE_BUNDLES and VIEW_BUNDLES to create unassigned initial bundle version.";
            throw new PermissionException(msg, new BundleNotFoundException()); // set the cause to BNFE, this is helpful to some callers
        }


        for (int bundleGroupId : bundleGroupIds) {
            boolean authzPassed;
            if (hasGlobalCreateBundles) {
                authzPassed = authorizationManager.canViewBundleGroup(subject, bundleGroupId);


            } else {
                authzPassed = authorizationManager.hasBundleGroupPermission(subject,
                    Permission.CREATE_BUNDLES_IN_GROUP, bundleGroupId);
            }


            if (!authzPassed) {
                String msg = "Subject ["
                    + subject.getName()
                    + "] requires either Global.CREATE_BUNDLES + BundleGroup.VIEW_BUNDLES_IN_GROUP, or BundleGroup.CREATE_BUNDLES_IN_GROUP, to create or update a bundle in bundle group ["
                    + Arrays.toString(bundleGroupIds) + "].";
                throw new PermissionException(msg);
            }
        }
    }

View Full Code Here


        String msg = "Subject ["
            + subject.getName()
            + "] requires either Global.CREATE_BUNDLES + BundleGroup.VIEW_BUNDLES_IN_GROUP, or BundleGroup.CREATE_BUNDLES_IN_GROUP, to create or update a bundleVersion for bundle ["
            + bundleId + "].";
        throw new PermissionException(msg);
    }

View Full Code Here

        if (!canAssign) {
            String msg = "Subject ["
                + subject.getName()
                + "] requires one of Global.MANAGE_BUNDLE_GROUPS, Global.CREATE_BUNDLES, BundleGroup.CREATE_BUNDLES_IN_GROUP, or BundleGroup.ASSIGN_BUNDLES_TO_GROUP to assign a bundle to bundle group  ["
                + bundleGroupId + "].";
            throw new PermissionException(msg);
        }


        for (int bundleId : bundleIds) {
            if (bundleId <= 0) {
                throw new IllegalArgumentException("Invalid bundleId: [" + bundleId + "]");
            }


            if (!authorizationManager.canViewBundle(subject, bundleId)) {
                String msg = "Subject [" + subject.getName()
                    + "] requires either Global.VIEW_BUNDLES or BundleGroup.VIEW_BUNDLES_IN_GROUP to assign bundle ["
                    + bundleId + "] to bundle group [" + bundleGroupId + "]";
                throw new PermissionException(msg);
            }
        }
    }

View Full Code Here

        if (!canUnassign) {
            String msg = "Subject ["
                + subject.getName()
                + "] requires one of Global.MANAGE_BUNDLE_GROUPS, Global.DELETE_BUNDLES, BundleGroup.DELETE_BUNDLES_FROM_GROUP, or BundleGroup.UNASSIGN_BUNDLES_FROM_GROUP to unassign a bundle from bundle group  ["
                + bundleGroupId + "].";
            throw new PermissionException(msg);
        }


        for (int bundleId : bundleIds) {
            if (bundleId <= 0) {
                throw new IllegalArgumentException("Invalid bundleId: [" + bundleId + "]");
            }


            if (!authorizationManager.canViewBundle(subject, bundleId)) {
                String msg = "Subject [" + subject.getName()
                    + "] requires either Global.VIEW_BUNDLES or BundleGroup.VIEW_BUNDLES_IN_GROUP to unassign bundle ["
                    + bundleId + "] from bundle group [" + bundleGroupId + "]";
                throw new PermissionException(msg);
            }
        }
    }

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of org.rhq.enterprise.server.authz.PermissionException

org.rhq.coregui.server.gwt.LdapGWTServiceImpl

org.rhq.coregui.server.gwt.PluginFileUploadServlet

org.rhq.enterprise.gui.admin.plugin.AbstractPluginConfigurationUIBean

org.rhq.enterprise.gui.admin.plugin.InstalledPluginsUIBean

org.rhq.enterprise.gui.admin.role.ChangeOwnerFormPrepareAction

org.rhq.enterprise.gui.admin.role.RoleAdminPortalAction

org.rhq.enterprise.gui.ha.ViewAgentUIBean

org.rhq.enterprise.gui.ha.ViewServerUIBean

org.rhq.enterprise.server.alert.AlertConditionManagerBean

org.rhq.enterprise.server.alert.AlertDefinitionManagerBean

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.