Examples of org.springframework.security.access.AccessDeniedException

• org.springframework.security.access.AccessDeniedException
  Thrown if an {@link org.springframework.security.core.Authentication Authentication} object does not hold arequired authority. @author Ben Alex

        Assert.notNull(this.messages, "A message source must be set");
    }

    protected final void checkAllowIfAllAbstainDecisions() {
        if (!this.isAllowIfAllAbstainDecisions()) {
            throw new AccessDeniedException(messages.getMessage("AbstractAccessDecisionManager.accessDenied",
                    "Access is denied"));
        }
    }

                break;
            }
        }

        if (deny > 0) {
            throw new AccessDeniedException(messages.getMessage("AbstractAccessDecisionManager.accessDenied",
                    "Access is denied"));
        }

        // To get this far, every AccessDecisionVoter abstained
        checkAllowIfAllAbstainDecisions();

  @Override
  public void error(com.vaadin.server.ErrorEvent event) {
    // TODO Auto-generated method stub
    // connector event
    if (event.getThrowable().getCause() instanceof AccessDeniedException) {
      AccessDeniedException accessDeniedException = (AccessDeniedException) event
          .getThrowable().getCause();
      Notification.show(accessDeniedException.getMessage(),
          Notification.Type.ERROR_MESSAGE);

      // Cleanup view. Now Vaadin ignores errors and always shows the
      // view. :-(
      // since beta10
      setContent(null);
      return;
    }

    // Error on page load. Now it doesn't work. User sees standard error
    // page.
    if (event.getThrowable() instanceof AccessDeniedException) {
      AccessDeniedException exception = (AccessDeniedException) event
          .getThrowable();

      Label label = new Label(exception.getMessage());
      label.setWidth(-1, Unit.PERCENTAGE);

      Link goToMain = new Link("Go to main", new ExternalResource("/"));

      VerticalLayout layout = new VerticalLayout();
      layout.addComponent(label);
      layout.addComponent(goToMain);
      layout.setComponentAlignment(label, Alignment.MIDDLE_CENTER);
      layout.setComponentAlignment(goToMain, Alignment.MIDDLE_CENTER);

      VerticalLayout mainLayout = new VerticalLayout();
      mainLayout.setSizeFull();
      mainLayout.addComponent(layout);
      mainLayout.setComponentAlignment(layout, Alignment.MIDDLE_CENTER);

      setContent(mainLayout);
      Notification.show(exception.getMessage(),
          Notification.Type.ERROR_MESSAGE);
      return;
    }

    DefaultErrorHandler.doDefault(event);

                if (authorities.contains(acc)) {
                    return;
                }
            }
        }
        throw new AccessDeniedException("User " + context.getAuthentication().getPrincipal() +
                                        " does not have one of the required roles to access: " +
                                        resourceDescription);
    }

        this.lastName = lastName;
        this.labs = ImmutableSet.copyOf(labs);
    }

    public static RichUser get(Principal principal) {
        if(principal == null) throw new AccessDeniedException("User is unauthorized");
        // inspired by http://stackoverflow.com/questions/8764545/best-practice-for-getting-active-users-userdetails
        return (RichUser) ((Authentication) principal).getPrincipal();
    }

    public Cluster convert(ClusterRequest clusterRequest) {
        Cluster cluster = new Cluster();
        try {
            cluster.setBlueprint(blueprintRepository.findOne(clusterRequest.getBlueprintId()));
        } catch (AccessDeniedException e) {
            throw new AccessDeniedException(String.format("Access to blueprint '%s' is denied or blueprint doesn't exist.", clusterRequest.getBlueprintId()), e);
        }
        cluster.setName(clusterRequest.getName());
        cluster.setStatus(Status.REQUESTED);
        cluster.setDescription(clusterRequest.getDescription());
        cluster.setEmailNeeded(clusterRequest.getEmailNeeded());

        stack.setNodeCount(json.getNodeCount());
        stack.setName(json.getName());
        try {
            stack.setCredential(credentialRepository.findOne(json.getCredentialId()));
        } catch (AccessDeniedException e) {
            throw new AccessDeniedException(String.format("Access to credential '%s' is denied or credential doesn't exist.", json.getCredentialId()), e);
        }
        try {
            stack.setTemplate(templateRepository.findOne(Long.valueOf(json.getTemplateId())));
        } catch (AccessDeniedException e) {
            throw new AccessDeniedException(String.format("Access to template '%s' is denied or template doesn't exist.", json.getTemplateId()), e);
        }
        stack.setStatus(Status.REQUESTED);
        return stack;
    }

    }

    @Test(expected = AccessDeniedException.class)
    public void testConvertStackJsonToEntityWhenAccessDeniedOnCredential() {
        // GIVEN
        given(credentialRepository.findOne(DUMMY_ID)).willThrow(new AccessDeniedException(ACCESS_DENIED_MSG));
        // WHEN
        underTest.convert(stackJson);
    }

    @Test(expected = AccessDeniedException.class)
    public void testConvertStackJsonToEntityWhenAccessDeniedOnTemplate() {
        // GIVEN
        given(credentialRepository.findOne(DUMMY_ID)).willReturn(awsCredential);
        given(templateRepository.findOne(DUMMY_ID)).willThrow(new AccessDeniedException(ACCESS_DENIED_MSG));
        // WHEN
        underTest.convert(stackJson);
    }

     */
    @Override
    public void ifSectionIsVisible(Section section) throws AccessDeniedException {
        List<Branch> branches = section.getBranches();
        if (getDao().getCountAvailableBranches(userService.getCurrentUser(), branches) == 0) {
            throw new AccessDeniedException("Access denied to view for section " + section.getId());
        }
    }