Examples with IdmSecurityException eu.bcvsolutions.idm.core.security.exception.IdmSecurityException used on opensource projects

Search in sources :

Example 1 with IdmSecurityException

use of eu.bcvsolutions.idm.core.security.exception.IdmSecurityException in project CzechIdMng by bcvsolutions.

the class AbstractScriptEvaluator method evaluate.

/**
 * Evaluated given script with parameters. Check if this we have permission for evaluated this script.
 * @param scriptCode
 * @param parameters
 * @return
 * @throws ClassNotFoundException
 */
protected Object evaluate(String scriptCode, Map<String, Object> parameters) {
    IdmScript script = scriptRepository.findOneByCode(scriptCode);
    // 
    if (script == null) {
        throw new ResultCodeException(CoreResultCode.NOT_FOUND, ImmutableMap.of("script", scriptCode));
    }
    // 
    if (!canExecuteScript(script)) {
        throw new ResultCodeException(CoreResultCode.GROOVY_SCRIPT_INVALID_CATEGORY, ImmutableMap.of("scriptCategory", script.getCategory()));
    }
    // 
    List<IdmScriptAuthorityDto> scriptAuthorities = getScriptAuthorityForScript(script.getId());
    // 
    List<Class<?>> extraAllowedClasses = new ArrayList<>();
    // 
    // Add builder
    extraAllowedClasses.add(Builder.class);
    // 
    for (IdmScriptAuthorityDto scriptAuthority : scriptAuthorities) {
        if (scriptAuthority.getType() == ScriptAuthorityType.CLASS_NAME) {
            try {
                extraAllowedClasses.add(Class.forName(scriptAuthority.getClassName()));
            } catch (ClassNotFoundException e) {
                LOG.error(e.getLocalizedMessage());
                throw new ResultCodeException(CoreResultCode.BAD_VALUE, ImmutableMap.of("class", scriptAuthority.getClassName()), e);
            }
        } else {
            parameters.put(scriptAuthority.getService(), applicationContext.getBean(scriptAuthority.getService()));
        }
    }
    // 
    try {
        return groovyScriptService.evaluate(script.getScript(), parameters, extraAllowedClasses);
    } catch (SecurityException | IdmSecurityException ex) {
        LOG.error("SecurityException [{}]. Script code: [{}], name: [{}], category: [{}]", ex.getLocalizedMessage(), script.getCode(), script.getName(), script.getCategory().name());
        throw ex;
    } catch (Exception e) {
        LOG.error("Exception [{}]. Script code: [{}], name: [{}], category: [{}]", e.getLocalizedMessage(), script.getCode(), script.getName(), script.getCategory().name());
        throw e;
    }
}
Also used : IdmScript(eu.bcvsolutions.idm.core.model.entity.IdmScript) IdmScriptAuthorityDto(eu.bcvsolutions.idm.core.api.dto.IdmScriptAuthorityDto) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) ArrayList(java.util.ArrayList) IdmSecurityException(eu.bcvsolutions.idm.core.security.exception.IdmSecurityException) IdmSecurityException(eu.bcvsolutions.idm.core.security.exception.IdmSecurityException) IdmSecurityException(eu.bcvsolutions.idm.core.security.exception.IdmSecurityException) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException)

Example 2 with IdmSecurityException

use of eu.bcvsolutions.idm.core.security.exception.IdmSecurityException in project CzechIdMng by bcvsolutions.

the class DefaultGroovyScriptService method evaluate.

@Override
public Object evaluate(String script, Map<String, Object> variables, List<Class<?>> extraAllowedClasses) {
    Assert.notNull(script);
    Binding binding = new Binding(variables);
    Set<Class<?>> allowedVariableClass = resolveCustomAllowTypes(variables);
    if (extraAllowedClasses != null) {
        allowedVariableClass.addAll(extraAllowedClasses);
    }
    GroovySandboxFilter sandboxFilter = null;
    // 
    try {
        // if groovy filter exist add extraAllowedClasses, into this filter, otherwise create new
        if (!GroovyInterceptor.getApplicableInterceptors().isEmpty()) {
            // exists only one goovy filter
            sandboxFilter = (GroovySandboxFilter) GroovyInterceptor.getApplicableInterceptors().get(0);
            sandboxFilter.addCustomTypes(allowedVariableClass);
        } else {
            sandboxFilter = new GroovySandboxFilter(allowedVariableClass);
            sandboxFilter.register();
        }
        // Get script and fill it with variables
        Script scriptObj = scriptCache.getScript(script);
        // Scripts aren't thread safe
        synchronized (scriptObj) {
            scriptObj.setBinding(binding);
            return scriptObj.run();
        }
    } catch (SecurityException | IdmSecurityException ex) {
        LOG.error("SecurityException [{}]", ex.getLocalizedMessage());
        if (ex instanceof IdmSecurityException) {
            throw ex;
        }
        throw new IdmSecurityException(CoreResultCode.GROOVY_SCRIPT_SECURITY_VALIDATION, ImmutableMap.of("message", ex.getLocalizedMessage()), ex);
    } catch (Exception e) {
        LOG.error("Exception [{}]", e.getLocalizedMessage());
        if (e instanceof ResultCodeException) {
            throw e;
        }
        throw new ResultCodeException(CoreResultCode.GROOVY_SCRIPT_EXCEPTION, ImmutableMap.of("message", e.getLocalizedMessage() != null ? e.getLocalizedMessage() : e.toString()), e);
    } finally {
        // otherwise unregister all filter.
        if (sandboxFilter != null) {
            if (sandboxFilter.isCustomTypesLast()) {
                sandboxFilter.unregister();
            } else {
                sandboxFilter.removeLastCustomTypes();
            }
        }
    }
}
Also used : Binding(groovy.lang.Binding) Script(groovy.lang.Script) GroovySandboxFilter(eu.bcvsolutions.idm.core.security.domain.GroovySandboxFilter) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) IdmSecurityException(eu.bcvsolutions.idm.core.security.exception.IdmSecurityException) IdmSecurityException(eu.bcvsolutions.idm.core.security.exception.IdmSecurityException) MultipleCompilationErrorsException(org.codehaus.groovy.control.MultipleCompilationErrorsException) IdmSecurityException(eu.bcvsolutions.idm.core.security.exception.IdmSecurityException) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) CompilationFailedException(org.codehaus.groovy.control.CompilationFailedException) SyntaxException(org.codehaus.groovy.syntax.SyntaxException)

Aggregations

ResultCodeException (eu.bcvsolutions.idm.core.api.exception.ResultCodeException)2 IdmSecurityException (eu.bcvsolutions.idm.core.security.exception.IdmSecurityException)2 IdmScriptAuthorityDto (eu.bcvsolutions.idm.core.api.dto.IdmScriptAuthorityDto)1 IdmScript (eu.bcvsolutions.idm.core.model.entity.IdmScript)1 GroovySandboxFilter (eu.bcvsolutions.idm.core.security.domain.GroovySandboxFilter)1 Binding (groovy.lang.Binding)1 Script (groovy.lang.Script)1 ArrayList (java.util.ArrayList)1 CompilationFailedException (org.codehaus.groovy.control.CompilationFailedException)1 MultipleCompilationErrorsException (org.codehaus.groovy.control.MultipleCompilationErrorsException)1 SyntaxException (org.codehaus.groovy.syntax.SyntaxException)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial