use of lucee.runtime.exp.SecurityException in project Lucee by lucee.
the class XMLConfigAdmin method updateAllowImplicidQueryCall.
/**
* sets if allowed implicid query call
* @param allow
* @throws SecurityException
*/
public void updateAllowImplicidQueryCall(Boolean allow) throws SecurityException {
checkWriteAccess();
boolean hasAccess = ConfigWebUtil.hasAccess(config, SecurityManager.TYPE_SETTING);
if (!hasAccess)
throw new SecurityException("no access to update scope setting");
Element scope = _getRootElement("scope");
scope.setAttribute("cascade-to-resultset", Caster.toString(allow, ""));
}
use of lucee.runtime.exp.SecurityException in project Lucee by lucee.
the class XMLConfigAdmin method updateMailServer.
/**
* insert or update a mailserver on system
* @param hostName
* @param username
* @param password
* @param port
* @param ssl
* @param tls
* @throws PageException
*/
public void updateMailServer(int id, String hostName, String username, String password, int port, boolean tls, boolean ssl, long lifeTimeSpan, long idleTimeSpan, boolean reuseConnections) throws PageException {
checkWriteAccess();
boolean hasAccess = ConfigWebUtil.hasAccess(config, SecurityManager.TYPE_MAIL);
if (!hasAccess)
throw new SecurityException("no access to update mail server settings");
Element mail = _getRootElement("mail");
if (port < 1)
port = 21;
if (hostName == null || hostName.trim().length() == 0)
throw new ExpressionException("Host (SMTP) can be a empty value");
hostName = hostName.trim();
Element[] children = XMLConfigWebFactory.getChildren(mail, "server");
boolean checkId = id > 0;
// Update
Element server = null;
String _hostName, _username;
for (int i = 0; i < children.length; i++) {
Element el = children[i];
if (checkId) {
if (i + 1 == id) {
server = el;
break;
}
} else {
_hostName = StringUtil.emptyIfNull(el.getAttribute("smtp"));
_username = StringUtil.emptyIfNull(el.getAttribute("username"));
if (_hostName.equalsIgnoreCase(hostName) && _username.equals(StringUtil.emptyIfNull(username))) {
server = el;
break;
}
}
}
// Insert
if (server == null) {
server = doc.createElement("server");
mail.appendChild(XMLCaster.toRawNode(server));
}
server.setAttribute("smtp", hostName);
server.setAttribute("username", username);
server.setAttribute("password", ConfigWebUtil.encrypt(password));
server.setAttribute("port", Caster.toString(port));
server.setAttribute("tls", Caster.toString(tls));
server.setAttribute("ssl", Caster.toString(ssl));
server.setAttribute("life", Caster.toString(lifeTimeSpan));
server.setAttribute("idle", Caster.toString(idleTimeSpan));
server.setAttribute("reuse-connection", Caster.toString(reuseConnections));
}
use of lucee.runtime.exp.SecurityException in project Lucee by lucee.
the class XMLConfigAdmin method updateClientTimeout.
/**
* updates session timeout value
* @param span
* @throws SecurityException
*/
public void updateClientTimeout(TimeSpan span) throws SecurityException {
checkWriteAccess();
boolean hasAccess = ConfigWebUtil.hasAccess(config, SecurityManager.TYPE_SETTING);
if (!hasAccess)
throw new SecurityException("no access to update scope setting");
Element scope = _getRootElement("scope");
if (span != null)
scope.setAttribute("clienttimeout", span.getDay() + "," + span.getHour() + "," + span.getMinute() + "," + span.getSecond());
else
scope.removeAttribute("clienttimeout");
// deprecated
if (scope.hasAttribute("client-max-age"))
scope.removeAttribute("client-max-age");
}
use of lucee.runtime.exp.SecurityException in project Lucee by lucee.
the class XMLConfigAdmin method updateRestList.
public void updateRestList(Boolean list) throws SecurityException {
checkWriteAccess();
// TODO ConfigWebUtil.hasAccess(config,SecurityManager.TYPE_REST);
boolean hasAccess = true;
if (!hasAccess)
throw new SecurityException("no access to update rest setting");
Element rest = _getRootElement("rest");
if (list == null) {
if (rest.hasAttribute("list"))
rest.removeAttribute("list");
} else
rest.setAttribute("list", Caster.toString(list.booleanValue()));
}
use of lucee.runtime.exp.SecurityException in project Lucee by lucee.
the class XMLConfigAdmin method updateRequestTimeout.
/**
* updates request timeout value
* @param span
* @throws SecurityException
* @throws ApplicationException
*/
public void updateRequestTimeout(TimeSpan span) throws SecurityException, ApplicationException {
checkWriteAccess();
boolean hasAccess = ConfigWebUtil.hasAccess(config, SecurityManager.TYPE_SETTING);
if (!hasAccess)
throw new SecurityException("no access to update scope setting");
Element scope = _getRootElement("scope");
Element application = _getRootElement("application");
if (span != null) {
if (span.getMillis() <= 0)
throw new ApplicationException("value must be a positive number");
application.setAttribute("requesttimeout", span.getDay() + "," + span.getHour() + "," + span.getMinute() + "," + span.getSecond());
} else
application.removeAttribute("requesttimeout");
// remove deprecated attribute
if (scope.hasAttribute("requesttimeout"))
scope.removeAttribute("requesttimeout");
}
Aggregations