Examples with AuthorizationException com.evolveum.midpoint.util.exception.AuthorizationException used on opensource projects

Search in sources :

Example 6 with AuthorizationException

use of com.evolveum.midpoint.util.exception.AuthorizationException in project midpoint by Evolveum.

the class SchemaTransformer method applySchemasAndSecurity.

/**
	 * Validate the objects, apply security to the object definition, remove any non-visible properties (security),
	 * apply object template definitions and so on. This method is called for
	 * any object that is returned from the Model Service.  
	 */
public <O extends ObjectType> void applySchemasAndSecurity(PrismObject<O> object, GetOperationOptions rootOptions, AuthorizationPhaseType phase, Task task, OperationResult parentResult) throws SchemaException, SecurityViolationException, ConfigurationException, ObjectNotFoundException {
    OperationResult result = parentResult.createMinorSubresult(SchemaTransformer.class.getName() + ".applySchemasAndSecurity");
    validateObject(object, rootOptions, result);
    PrismObjectDefinition<O> objectDefinition = object.deepCloneDefinition(true);
    ObjectSecurityConstraints securityConstraints;
    try {
        securityConstraints = securityEnforcer.compileSecurityConstraints(object, null);
        if (LOGGER.isTraceEnabled()) {
            LOGGER.trace("Security constrains for {}:\n{}", object, securityConstraints == null ? "null" : securityConstraints.debugDump());
        }
        if (securityConstraints == null) {
            SecurityUtil.logSecurityDeny(object, "because no security constraints are defined (default deny)");
            throw new AuthorizationException("Access denied");
        }
    } catch (SecurityViolationException | SchemaException | RuntimeException e) {
        result.recordFatalError(e);
        throw e;
    }
    if (phase == null) {
        applySchemasAndSecurityPhase(object, securityConstraints, objectDefinition, rootOptions, AuthorizationPhaseType.REQUEST, task, result);
        applySchemasAndSecurityPhase(object, securityConstraints, objectDefinition, rootOptions, AuthorizationPhaseType.EXECUTION, task, result);
    } else {
        applySchemasAndSecurityPhase(object, securityConstraints, objectDefinition, rootOptions, phase, task, result);
    }
    ObjectTemplateType objectTemplateType;
    try {
        objectTemplateType = determineObjectTemplate(object, AuthorizationPhaseType.REQUEST, result);
    } catch (ConfigurationException | ObjectNotFoundException e) {
        result.recordFatalError(e);
        throw e;
    }
    applyObjectTemplateToObject(object, objectTemplateType, result);
    result.computeStatus();
    result.recordSuccessIfUnknown();
}
Also used : SchemaException(com.evolveum.midpoint.util.exception.SchemaException) SecurityViolationException(com.evolveum.midpoint.util.exception.SecurityViolationException) AuthorizationException(com.evolveum.midpoint.util.exception.AuthorizationException) OperationResult(com.evolveum.midpoint.schema.result.OperationResult) ObjectSecurityConstraints(com.evolveum.midpoint.security.api.ObjectSecurityConstraints) ConfigurationException(com.evolveum.midpoint.util.exception.ConfigurationException) ObjectTemplateType(com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectTemplateType) ObjectNotFoundException(com.evolveum.midpoint.util.exception.ObjectNotFoundException)

Aggregations

AuthorizationException (com.evolveum.midpoint.util.exception.AuthorizationException)6 OperationResult (com.evolveum.midpoint.schema.result.OperationResult)3 ObjectNotFoundException (com.evolveum.midpoint.util.exception.ObjectNotFoundException)3 SchemaException (com.evolveum.midpoint.util.exception.SchemaException)3 SecurityViolationException (com.evolveum.midpoint.util.exception.SecurityViolationException)3 ObjectSecurityConstraints (com.evolveum.midpoint.security.api.ObjectSecurityConstraints)2 ConfigurationException (com.evolveum.midpoint.util.exception.ConfigurationException)2 RestartResponseException (org.apache.wicket.RestartResponseException)2 ItemPath (com.evolveum.midpoint.prism.path.ItemPath)1 GetOperationOptions (com.evolveum.midpoint.schema.GetOperationOptions)1 CommunicationException (com.evolveum.midpoint.util.exception.CommunicationException)1 ExpressionEvaluationException (com.evolveum.midpoint.util.exception.ExpressionEvaluationException)1 ObjectAlreadyExistsException (com.evolveum.midpoint.util.exception.ObjectAlreadyExistsException)1 PolicyViolationException (com.evolveum.midpoint.util.exception.PolicyViolationException)1 SystemException (com.evolveum.midpoint.util.exception.SystemException)1 AuthorizationDecisionType (com.evolveum.midpoint.xml.ns._public.common.common_3.AuthorizationDecisionType)1 ObjectReferenceType (com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectReferenceType)1 ObjectTemplateType (com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectTemplateType)1 OrgType (com.evolveum.midpoint.xml.ns._public.common.common_3.OrgType)1 Nullable (org.jetbrains.annotations.Nullable)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial