use of com.serotonin.m2m2.vo.permission.PermissionException in project ma-core-public by infiniteautomation.
the class MangoSpringExceptionHandler method handleAccessDenied.
@ExceptionHandler({ org.springframework.security.access.AccessDeniedException.class, PermissionException.class })
public ResponseEntity<Object> handleAccessDenied(HttpServletRequest request, HttpServletResponse response, Exception ex, WebRequest req) {
Object model;
if (ex instanceof PermissionException) {
PermissionException permissionException = (PermissionException) ex;
model = new AccessDeniedException(permissionException.getTranslatableMessage(), ex);
} else {
model = new AccessDeniedException(ex);
}
return handleExceptionInternal(ex, model, new HttpHeaders(), HttpStatus.FORBIDDEN, req);
}
use of com.serotonin.m2m2.vo.permission.PermissionException in project ma-core-public by infiniteautomation.
the class MangoErrorHandler method generateAcceptableResponse.
/*
* (non-Javadoc)
*
* @see
* org.eclipse.jetty.server.handler.ErrorHandler#generateAcceptableResponse(
* org.eclipse.jetty.server.Request, javax.servlet.http.HttpServletRequest,
* javax.servlet.http.HttpServletResponse, int, java.lang.String,
* java.lang.String)
*/
@Override
protected void generateAcceptableResponse(Request baseRequest, HttpServletRequest request, HttpServletResponse response, int code, String message, String mimeType) throws IOException {
switch(code) {
case 404:
if (MangoSecurityConfiguration.browserHtmlRequestMatcher().matches(request)) {
// Forward to Not Found URI
String uri = DefaultPagesDefinition.getNotFoundUri(request, response);
response.sendRedirect(uri);
} else {
// Resource/Rest Request
baseRequest.setHandled(true);
}
break;
default:
// Catch All unhandled Responses with errors
Throwable th = (Throwable) request.getAttribute(RequestDispatcher.ERROR_EXCEPTION);
// Does this require handling
if (th != null) {
if (th instanceof NestedServletException)
th = th.getCause();
// Log it
ExceptionUtils.logWebException(th, request, LOG);
HttpSession sesh = baseRequest.getSession(false);
String uri;
// We are handling this here
baseRequest.setHandled(true);
// We need to do something
if (MangoSecurityConfiguration.browserHtmlRequestMatcher().matches(request)) {
// Are we a PermissionException
if (th instanceof PermissionException) {
User user = Common.getHttpUser();
if (user == null)
uri = ACCESS_DENIED;
else
uri = DefaultPagesDefinition.getUnauthorizedUri(request, response, Common.getHttpUser());
// Put exception into request scope (perhaps of use to a view)
request.setAttribute(WebAttributes.ACCESS_DENIED_403, th);
response.sendRedirect(uri);
} else {
// Redirect to Error URI
if (sesh != null)
sesh.setAttribute(Common.SESSION_USER_EXCEPTION, th);
uri = DefaultPagesDefinition.getErrorUri(baseRequest, response);
response.sendRedirect(uri);
}
} else {
// Resource/Rest Request
baseRequest.setHandled(true);
if (sesh != null)
sesh.setAttribute(Common.SESSION_USER_EXCEPTION, th.getCause());
}
}
break;
}
}
Aggregations