Examples with SecurityException lucee.runtime.exp.SecurityException used on opensource projects

Example 16 with SecurityException

use of lucee.runtime.exp.SecurityException in project Lucee by lucee.

the class XMLConfigAdmin method updateAllowImplicidQueryCall.

/**
 * sets if allowed implicid query call
 * @param allow
 * @throws SecurityException
 */
public void updateAllowImplicidQueryCall(Boolean allow) throws SecurityException {
    checkWriteAccess();
    boolean hasAccess = ConfigWebUtil.hasAccess(config, SecurityManager.TYPE_SETTING);
    if (!hasAccess)
        throw new SecurityException("no access to update scope setting");
    Element scope = _getRootElement("scope");
    scope.setAttribute("cascade-to-resultset", Caster.toString(allow, ""));
}

Example 17 with SecurityException

use of lucee.runtime.exp.SecurityException in project Lucee by lucee.

the class XMLConfigAdmin method updateMailServer.

/**
 * insert or update a mailserver on system
 * @param hostName
 * @param username
 * @param password
 * @param port
 * @param ssl
 * @param tls
 * @throws PageException
 */
public void updateMailServer(int id, String hostName, String username, String password, int port, boolean tls, boolean ssl, long lifeTimeSpan, long idleTimeSpan, boolean reuseConnections) throws PageException {
    checkWriteAccess();
    boolean hasAccess = ConfigWebUtil.hasAccess(config, SecurityManager.TYPE_MAIL);
    if (!hasAccess)
        throw new SecurityException("no access to update mail server settings");
    Element mail = _getRootElement("mail");
    if (port < 1)
        port = 21;
    if (hostName == null || hostName.trim().length() == 0)
        throw new ExpressionException("Host (SMTP) can be a empty value");
    hostName = hostName.trim();
    Element[] children = XMLConfigWebFactory.getChildren(mail, "server");
    boolean checkId = id > 0;
    // Update
    Element server = null;
    String _hostName, _username;
    for (int i = 0; i < children.length; i++) {
        Element el = children[i];
        if (checkId) {
            if (i + 1 == id) {
                server = el;
                break;
            }
        } else {
            _hostName = StringUtil.emptyIfNull(el.getAttribute("smtp"));
            _username = StringUtil.emptyIfNull(el.getAttribute("username"));
            if (_hostName.equalsIgnoreCase(hostName) && _username.equals(StringUtil.emptyIfNull(username))) {
                server = el;
                break;
            }
        }
    }
    // Insert
    if (server == null) {
        server = doc.createElement("server");
        mail.appendChild(XMLCaster.toRawNode(server));
    }
    server.setAttribute("smtp", hostName);
    server.setAttribute("username", username);
    server.setAttribute("password", ConfigWebUtil.encrypt(password));
    server.setAttribute("port", Caster.toString(port));
    server.setAttribute("tls", Caster.toString(tls));
    server.setAttribute("ssl", Caster.toString(ssl));
    server.setAttribute("life", Caster.toString(lifeTimeSpan));
    server.setAttribute("idle", Caster.toString(idleTimeSpan));
    server.setAttribute("reuse-connection", Caster.toString(reuseConnections));
}

Example 18 with SecurityException

use of lucee.runtime.exp.SecurityException in project Lucee by lucee.

the class XMLConfigAdmin method updateClientTimeout.

/**
 * updates session timeout value
 * @param span
 * @throws SecurityException
 */
public void updateClientTimeout(TimeSpan span) throws SecurityException {
    checkWriteAccess();
    boolean hasAccess = ConfigWebUtil.hasAccess(config, SecurityManager.TYPE_SETTING);
    if (!hasAccess)
        throw new SecurityException("no access to update scope setting");
    Element scope = _getRootElement("scope");
    if (span != null)
        scope.setAttribute("clienttimeout", span.getDay() + "," + span.getHour() + "," + span.getMinute() + "," + span.getSecond());
    else
        scope.removeAttribute("clienttimeout");
    // deprecated
    if (scope.hasAttribute("client-max-age"))
        scope.removeAttribute("client-max-age");
}

Example 19 with SecurityException

use of lucee.runtime.exp.SecurityException in project Lucee by lucee.

the class XMLConfigAdmin method updateRestList.

public void updateRestList(Boolean list) throws SecurityException {
    checkWriteAccess();
    // TODO ConfigWebUtil.hasAccess(config,SecurityManager.TYPE_REST);
    boolean hasAccess = true;
    if (!hasAccess)
        throw new SecurityException("no access to update rest setting");
    Element rest = _getRootElement("rest");
    if (list == null) {
        if (rest.hasAttribute("list"))
            rest.removeAttribute("list");
    } else
        rest.setAttribute("list", Caster.toString(list.booleanValue()));
}

Example 20 with SecurityException

use of lucee.runtime.exp.SecurityException in project Lucee by lucee.

the class XMLConfigAdmin method updateRequestTimeout.

/**
 * updates request timeout value
 * @param span
 * @throws SecurityException
 * @throws ApplicationException
 */
public void updateRequestTimeout(TimeSpan span) throws SecurityException, ApplicationException {
    checkWriteAccess();
    boolean hasAccess = ConfigWebUtil.hasAccess(config, SecurityManager.TYPE_SETTING);
    if (!hasAccess)
        throw new SecurityException("no access to update scope setting");
    Element scope = _getRootElement("scope");
    Element application = _getRootElement("application");
    if (span != null) {
        if (span.getMillis() <= 0)
            throw new ApplicationException("value must be a positive number");
        application.setAttribute("requesttimeout", span.getDay() + "," + span.getHour() + "," + span.getMinute() + "," + span.getSecond());
    } else
        application.removeAttribute("requesttimeout");
    // remove deprecated attribute
    if (scope.hasAttribute("requesttimeout"))
        scope.removeAttribute("requesttimeout");
}