protected void checkRole(String role, AuthorizationInfo info) { if (!hasRole(role, info)) { String msg = "User does not have role [" + role + "]"; throw new UnauthorizedException(msg); } }
protected void checkPermission(Permission permission, AuthorizationInfo info) { if (!isPermitted(permission, info)) { String msg = "User is not permitted [" + permission + "]"; throw new UnauthorizedException(msg); } }
/** * If !{@link #isPermitted(org.apache.shiro.subject.PrincipalCollection, Permission) isPermitted(permission)}, throws * an <code>UnauthorizedException</code> otherwise returns quietly. */ public void checkPermission(PrincipalCollection principals, Permission permission) throws AuthorizationException { assertRealmsConfigured(); if (!isPermitted(principals, permission)) { throw new UnauthorizedException("Subject does not have permission [" + permission + "]"); } }
/** * If !{@link #isPermitted(org.apache.shiro.subject.PrincipalCollection, String) isPermitted(permission)}, throws * an <code>UnauthorizedException</code> otherwise returns quietly. */ public void checkPermission(PrincipalCollection principals, String permission) throws AuthorizationException { assertRealmsConfigured(); if (!isPermitted(principals, permission)) { throw new UnauthorizedException("Subject does not have permission [" + permission + "]"); } }
/** * If !{@link #hasRole(org.apache.shiro.subject.PrincipalCollection, String) hasRole(role)}, throws * an <code>UnauthorizedException</code> otherwise returns quietly. */ public void checkRole(PrincipalCollection principals, String role) throws AuthorizationException { assertRealmsConfigured(); if (!hasRole(principals, role)) { throw new UnauthorizedException("Subject does not have role [" + role + "]"); } }
protected void checkPermission(Permission permission, AuthorizationInfo info) { if (!isPermitted(permission, info)) { String msg = "User is not permitted [" + permission + "]"; throw new UnauthorizedException(msg); } }
protected void checkRole(String role, AuthorizationInfo info) { if (!hasRole(role, info)) { String msg = "User does not have role [" + role + "]"; throw new UnauthorizedException(msg); } }
/** * If !{@link #isPermitted(org.apache.shiro.subject.PrincipalCollection, Permission) isPermitted(permission)}, throws * an <code>UnauthorizedException</code> otherwise returns quietly. */ public void checkPermission(PrincipalCollection principals, Permission permission) throws AuthorizationException { assertRealmsConfigured(); if (!isPermitted(principals, permission)) { throw new UnauthorizedException("Subject does not have permission [" + permission + "]"); } }
/** * If !{@link #isPermitted(org.apache.shiro.subject.PrincipalCollection, String) isPermitted(permission)}, throws * an <code>UnauthorizedException</code> otherwise returns quietly. */ public void checkPermission(PrincipalCollection principals, String permission) throws AuthorizationException { assertRealmsConfigured(); if (!isPermitted(principals, permission)) { throw new UnauthorizedException("Subject does not have permission [" + permission + "]"); } }
/** * If !{@link #hasRole(org.apache.shiro.subject.PrincipalCollection, String) hasRole(role)}, throws * an <code>UnauthorizedException</code> otherwise returns quietly. */ public void checkRole(PrincipalCollection principals, String role) throws AuthorizationException { assertRealmsConfigured(); if (!hasRole(principals, role)) { throw new UnauthorizedException("Subject does not have role [" + role + "]"); } }
protected void checkPermission(Permission permission, AuthorizationInfo info) { if (!isPermitted(permission, info)) { String msg = "User is not permitted [" + permission + "]"; throw new UnauthorizedException(msg); } }
public <T> T runAs(PartialProcessKey processKey, Callable<T> c) throws Exception { PrincipalCollection principals = getPrincipals(processKey); if (principals == null) { throw new UnauthorizedException("Process' principal not found"); } return runAs(principals, c); }
private static void assertAdmin() { UserPrincipal p = UserPrincipal.assertCurrent(); if (!p.isAdmin()) { throw new UnauthorizedException("Only admins can do that"); } } }
private static void assertAdmin() { UserPrincipal p = UserPrincipal.assertCurrent(); if (!p.isAdmin()) { throw new UnauthorizedException("Not authorized"); } } }
private static void assertAdmin() { UserPrincipal p = UserPrincipal.assertCurrent(); if (!p.isAdmin()) { throw new UnauthorizedException("Only admins can do that"); } }
private static void assertAdmin() { UserPrincipal p = UserPrincipal.assertCurrent(); if (!p.isAdmin()) { throw new UnauthorizedException("Only admins can do that"); } } }
/** * If !{@link #isPermitted(org.apache.shiro.subject.PrincipalCollection , Permission) isPermitted(permission)}, throws * an <code>UnauthorizedException</code> otherwise returns quietly. */ public void checkPermission(PrincipalCollection principals, Permission permission) throws AuthorizationException { assertRealmsConfigured(); if (!isPermitted(principals, permission)) { throw new UnauthorizedException("Subject does not have permission [" + permission + "]"); } }
public void assertAccess(UUID orgId, TeamRole requiredRole) { UserPrincipal p = UserPrincipal.assertCurrent(); if (p.isAdmin()) { return; } if (!teamDao.isInAnyTeam(orgId, p.getId(), TeamRole.atLeast(requiredRole))) { throw new UnauthorizedException("The current user (" + p.getUsername() + ") does not have the required role: " + requiredRole); } }
protected void assertAuthorized(DestinationAction action, String verbText) { if (!isEnabled() || isSystemBroker(action)) { return; } final Subject subject = getSubject(action.getConnectionContext()); Collection<Permission> perms = this.actionPermissionResolver.getPermissions(action); if (!subject.isPermittedAll(perms)) { String msg = createUnauthorizedMessage(subject, action, verbText); throw new UnauthorizedException(msg); } }
@Override protected void respond(AjaxRequestTarget target) { IRequestParameters params = RequestCycle.get().getRequest().getPostParameters(); Issue issue = OneDev.getInstance(IssueManager.class).load(params.getParameterValue("issue").toLong()); if (!SecurityUtils.canWriteCode(issue.getProject().getFacade())) throw new UnauthorizedException("Permission denied"); OneDev.getInstance(IssueChangeManager.class).changeMilestone(issue, null, SecurityUtils.getUser()); target.appendJavaScript(String.format("onedev.server.issueBoards.markAccepted(%d, true);", issue.getId())); }