Search in sources :

Example 41 with PermissionException

use of com.serotonin.m2m2.vo.permission.PermissionException in project ma-core-public by infiniteautomation.

the class MangoSpringExceptionHandler method handleAccessDenied.

@ExceptionHandler({ org.springframework.security.access.AccessDeniedException.class, PermissionException.class })
public ResponseEntity<Object> handleAccessDenied(HttpServletRequest request, HttpServletResponse response, Exception ex, WebRequest req) {
    Object model;
    if (ex instanceof PermissionException) {
        PermissionException permissionException = (PermissionException) ex;
        model = new AccessDeniedException(permissionException.getTranslatableMessage(), ex);
    } else {
        model = new AccessDeniedException(ex);
    }
    return handleExceptionInternal(ex, model, new HttpHeaders(), HttpStatus.FORBIDDEN, req);
}
Also used : PermissionException(com.serotonin.m2m2.vo.permission.PermissionException) HttpHeaders(org.springframework.http.HttpHeaders) AccessDeniedException(com.infiniteautomation.mango.rest.v2.exception.AccessDeniedException) ExceptionHandler(org.springframework.web.bind.annotation.ExceptionHandler) ResponseEntityExceptionHandler(org.springframework.web.servlet.mvc.method.annotation.ResponseEntityExceptionHandler)

Example 42 with PermissionException

use of com.serotonin.m2m2.vo.permission.PermissionException in project ma-core-public by infiniteautomation.

the class MangoErrorHandler method generateAcceptableResponse.

/*
	 * (non-Javadoc)
	 * 
	 * @see
	 * org.eclipse.jetty.server.handler.ErrorHandler#generateAcceptableResponse(
	 * org.eclipse.jetty.server.Request, javax.servlet.http.HttpServletRequest,
	 * javax.servlet.http.HttpServletResponse, int, java.lang.String,
	 * java.lang.String)
	 */
@Override
protected void generateAcceptableResponse(Request baseRequest, HttpServletRequest request, HttpServletResponse response, int code, String message, String mimeType) throws IOException {
    switch(code) {
        case 404:
            if (MangoSecurityConfiguration.browserHtmlRequestMatcher().matches(request)) {
                // Forward to Not Found URI
                String uri = DefaultPagesDefinition.getNotFoundUri(request, response);
                response.sendRedirect(uri);
            } else {
                // Resource/Rest Request
                baseRequest.setHandled(true);
            }
            break;
        default:
            // Catch All unhandled Responses with errors
            Throwable th = (Throwable) request.getAttribute(RequestDispatcher.ERROR_EXCEPTION);
            // Does this require handling
            if (th != null) {
                if (th instanceof NestedServletException)
                    th = th.getCause();
                // Log it
                ExceptionUtils.logWebException(th, request, LOG);
                HttpSession sesh = baseRequest.getSession(false);
                String uri;
                // We are handling this here
                baseRequest.setHandled(true);
                // We need to do something
                if (MangoSecurityConfiguration.browserHtmlRequestMatcher().matches(request)) {
                    // Are we a PermissionException
                    if (th instanceof PermissionException) {
                        User user = Common.getHttpUser();
                        if (user == null)
                            uri = ACCESS_DENIED;
                        else
                            uri = DefaultPagesDefinition.getUnauthorizedUri(request, response, Common.getHttpUser());
                        // Put exception into request scope (perhaps of use to a view)
                        request.setAttribute(WebAttributes.ACCESS_DENIED_403, th);
                        response.sendRedirect(uri);
                    } else {
                        // Redirect to Error URI
                        if (sesh != null)
                            sesh.setAttribute(Common.SESSION_USER_EXCEPTION, th);
                        uri = DefaultPagesDefinition.getErrorUri(baseRequest, response);
                        response.sendRedirect(uri);
                    }
                } else {
                    // Resource/Rest Request
                    baseRequest.setHandled(true);
                    if (sesh != null)
                        sesh.setAttribute(Common.SESSION_USER_EXCEPTION, th.getCause());
                }
            }
            break;
    }
}
Also used : PermissionException(com.serotonin.m2m2.vo.permission.PermissionException) NestedServletException(org.springframework.web.util.NestedServletException) User(com.serotonin.m2m2.vo.User) HttpSession(javax.servlet.http.HttpSession)

Aggregations

PermissionException (com.serotonin.m2m2.vo.permission.PermissionException)42 User (com.serotonin.m2m2.vo.User)34 RestProcessResult (com.serotonin.m2m2.web.mvc.rest.v1.message.RestProcessResult)29 DataPointVO (com.serotonin.m2m2.vo.DataPointVO)28 ApiOperation (com.wordnik.swagger.annotations.ApiOperation)25 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)25 NotFoundRestException (com.infiniteautomation.mango.rest.v2.exception.NotFoundRestException)13 TranslatableMessage (com.serotonin.m2m2.i18n.TranslatableMessage)12 ValidationFailedRestException (com.infiniteautomation.mango.rest.v2.exception.ValidationFailedRestException)11 RTException (com.serotonin.m2m2.rt.RTException)11 RestValidationFailedException (com.serotonin.m2m2.web.mvc.rest.v1.exception.RestValidationFailedException)11 RestValidationResult (com.infiniteautomation.mango.rest.v2.model.RestValidationResult)10 ArrayList (java.util.ArrayList)10 List (java.util.List)9 DataPointModel (com.serotonin.m2m2.web.mvc.rest.v1.model.DataPointModel)8 AbstractDataSourceModel (com.serotonin.m2m2.web.mvc.rest.v1.model.dataSource.AbstractDataSourceModel)7 RecentPointValueTimeModel (com.serotonin.m2m2.web.mvc.rest.v1.model.pointValue.RecentPointValueTimeModel)7 URI (java.net.URI)7 HashMap (java.util.HashMap)7 AnnotatedPointValueTime (com.serotonin.m2m2.rt.dataImage.AnnotatedPointValueTime)6