throw new UnauthorizedException("Authorization Required");
@Override public void enforce(EntityId entity, Principal principal, Set<Action> actions) throws Exception { if (!isSecurityAuthorizationEnabled()) { return; } Set<Action> disallowed = EnumSet.noneOf(Action.class); UnauthorizedException unauthorizedException = new UnauthorizedException(principal, entity); for (Action action : actions) { try { enforce(entity, principal, action); } catch (UnauthorizedException e) { disallowed.add(action); unauthorizedException.addSuppressed(e); } } if (!disallowed.isEmpty()) { throw new UnauthorizedException(principal, disallowed, entity, unauthorizedException); } }
"the same artifact occur simultaneously. Please try again."); } catch (UnauthorizedException e) { responder.sendString(HttpResponseStatus.FORBIDDEN, e.getMessage()); } catch (ConflictException e) { responder.sendString(HttpResponseStatus.CONFLICT, e.getMessage());
/************************************************ GET ************************************************************/ @GET @Path("metadata/{dataset}") public void getMetadata(HttpServiceRequest request, HttpServiceResponder responder, @PathParam("dataset") String dataset) { Map<MetadataScope, Metadata> metadata = null; try { metadata = getContext().getMetadata(MetadataEntity.ofDataset(getContext().getNamespace(), dataset)); } catch (Exception e) { if (e.getCause() instanceof UnauthorizedException) { responder.sendStatus(((UnauthorizedException) e.getCause()).getStatusCode()); } else if (e.getCause() instanceof UnauthenticatedException) { responder.sendStatus(((UnauthenticatedException) e.getCause()).getStatusCode()); } else if (e.getCause() instanceof BadRequestException) { responder.sendStatus(((BadRequestException) e.getCause()).getStatusCode()); } else { responder.sendStatus(HttpResponseStatus.INTERNAL_SERVER_ERROR.code()); } } responder.sendJson(HttpResponseStatus.OK.code(), metadata); }
"the same artifact occur simultaneously. Please try again."); } catch (UnauthorizedException e) { responder.sendString(HttpResponseStatus.FORBIDDEN, e.getMessage()); } catch (ConflictException e) { responder.sendString(HttpResponseStatus.CONFLICT, e.getMessage());
User auth) throws UnauthorizedException { if (auth!=null){ ... return event } else throw new UnauthorizedException("Please authenticate first."); } public Event getEvent(@Named("eventID") Long eventID, User auth) throws UnauthorizedException { if (auth != null) { ... return event; } else throw new UnauthorizedException("Please authenticate first."); }
responder.sendString(HttpResponseStatus.BAD_REQUEST, e.getMessage()); } catch (UnauthorizedException e) { responder.sendString(HttpResponseStatus.FORBIDDEN, e.getMessage()); } catch (Exception e) { LOG.error("Error while writing artifact {}-{}-{}", namespaceId, artifactName, artifactVersion, e);
@ApiMethod(name = "insertRecord", path = "insert_record", httpMethod = HttpMethod.POST) public Record insertRecord(User user, Record record) // check if google user is authenticated throws UnauthorizedException { if (user == null) { throw new UnauthorizedException("Authorization required"); } // user is authenticated... do some stuff! }
responder.sendString(HttpResponseStatus.BAD_REQUEST, e.getMessage()); } catch (UnauthorizedException e) { responder.sendString(HttpResponseStatus.FORBIDDEN, e.getMessage()); } catch (Exception e) { LOG.error("Error while writing artifact {}-{}-{}", namespaceId, artifactName, artifactVersion, e);
@ApiMethod(name = "test", path = "myApi/test", scopes = {Constants.EMAIL_SCOPE}, clientIds = {Constants.WEB_CLIENT_ID, Constants.ANDROID_CLIENT_ID, com.google.api.server.spi.Constant.API_EXPLORER_CLIENT_ID}, audiences = {Constants.ANDROID_AUDIENCE}) public User test(User user) throws UnauthorizedException { if (user == null) throw new UnauthorizedException("User not valid!"); return user; }
responder.sendString(HttpResponseStatus.CONFLICT, e.getMessage()); } catch (UnauthorizedException e) { responder.sendString(HttpResponseStatus.FORBIDDEN, e.getMessage()); } catch (InvalidArtifactException e) { responder.sendString(HttpResponseStatus.BAD_REQUEST, e.getMessage());
public void apiMethod(User user) { if (user == null) { throw new UnauthorizedException(); } ... }
responder.sendString(HttpResponseStatus.CONFLICT, e.getMessage()); } catch (UnauthorizedException e) { responder.sendString(HttpResponseStatus.FORBIDDEN, e.getMessage()); } catch (InvalidArtifactException e) { responder.sendString(HttpResponseStatus.BAD_REQUEST, e.getMessage());
public Collection<Campagne> getCampagnes(@Named("NumPortable")String NumPortable, User user) throws UnauthorizedException { if (user == null) throw new UnauthorizedException("User is Not Valid"); return CampagneCRUD.getInstance().findCampagne(NumPortable); }
public Collection<Campagne> getCampagnes(@Named("NumPortable")String NumPortable, User user) throws UnauthorizedException { if (user == null) throw new UnauthorizedException("User is Not Valid"); return CampagneCRUD.getInstance().findCampagne(NumPortable); }
public Collection<Campagne> getCampagnes(@Named("NumPortable")String NumPortable, User user) throws UnauthorizedException { if (user == null) throw new UnauthorizedException("User is Not Valid"); return CampagneCRUD.getInstance().findCampagne(NumPortable); }
@PUT @Path("{id: [A-Fa-f0-9]+}") @Consumes(MediaType.APPLICATION_JSON) public T update(@Context HttpServletRequest request, final T item, @PathParam("id") final String id) { final Post post = getPostbyId(id); if (!post.allowedToUpdate(request.getUserPrincipal()) { throw new UnauthorizedException(); } // Authorized, carry on }
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { if (handler instanceof HandlerMethod) { HandlerMethod method = (HandlerMethod)handler; if (method.getMethodAnnotation(IpRestricted.class)!=null) { if (!request.getRemoteAddr().equals("192.168.1.1")) { throw new UnauthorizedException("Ip not authorized"); } } } [....] }
/** * Checks if one entity is visible to the principal * * @param entityId entity id to be checked * @param authorizationEnforcer enforcer to make the authorization check * @param principal the principal to be checked * @throws UnauthorizedException if the principal does not have any privilege in the action set on the entity */ public static void ensureAccess(EntityId entityId, AuthorizationEnforcer authorizationEnforcer, Principal principal) throws Exception { if (authorizationEnforcer.isVisible(Collections.singleton(entityId), principal).isEmpty()) { throw new UnauthorizedException(principal, entityId); } }
@Override public void enforce(EntityId entity, Principal principal, Action action) throws Exception { if (!allowedActions.contains(action)) { throw new UnauthorizedException("Not allow to perform " + action + " " + entity + " by " + principal); } }