Example 26 with SecurityException
use of lucee.runtime.exp.SecurityException in project Lucee by lucee.
the class XMLConfigAdmin method updateSessionType.
/**
* session type update
* @param type
* @throws SecurityException
*/
public void updateSessionType(String type) throws SecurityException {
checkWriteAccess();
boolean hasAccess = ConfigWebUtil.hasAccess(config, SecurityManager.TYPE_SETTING);
if (!hasAccess)
throw new SecurityException("no access to update scope setting");
type = type.toLowerCase().trim();
Element scope = _getRootElement("scope");
scope.setAttribute("session-type", type);
}
Also used :
Element(org.w3c.dom.Element)
SecurityException(lucee.runtime.exp.SecurityException)
Example 27 with SecurityException
use of lucee.runtime.exp.SecurityException in project Lucee by lucee.
the class XMLConfigAdmin method removeDebugEntry.
public void removeDebugEntry(String id) throws SecurityException {
checkWriteAccess();
boolean hasAccess = ConfigWebUtil.hasAccess(config, SecurityManager.TYPE_DEBUGGING);
if (!hasAccess)
throw new SecurityException("no access to change debugging settings");
Element debugging = _getRootElement("debugging");
Element[] children = XMLConfigWebFactory.getChildren(debugging, "debug-entry");
String _id;
if (children.length > 0) {
for (int i = 0; i < children.length; i++) {
Element el = children[i];
_id = el.getAttribute("id");
if (_id != null && _id.equalsIgnoreCase(id)) {
debugging.removeChild(children[i]);
}
}
}
}
Also used :
Element(org.w3c.dom.Element)
SecurityException(lucee.runtime.exp.SecurityException)
Example 28 with SecurityException
use of lucee.runtime.exp.SecurityException in project Lucee by lucee.
the class XMLConfigAdmin method updateGatewayEntry.
public void updateGatewayEntry(String id, ClassDefinition cd, String componentPath, String listenerCfcPath, int startupMode, Struct custom, boolean readOnly) throws PageException {
checkWriteAccess();
boolean hasAccess = ConfigWebUtil.hasAccess(config, SecurityManagerImpl.TYPE_GATEWAY);
if (!hasAccess)
throw new SecurityException("no access to update gateway entry");
_updateGatewayEntry(id, cd, componentPath, listenerCfcPath, startupMode, custom, readOnly);
}
Also used :
SecurityException(lucee.runtime.exp.SecurityException)
Example 29 with SecurityException
use of lucee.runtime.exp.SecurityException in project Lucee by lucee.
the class XMLConfigAdmin method updateSecurity.
/**
* update a security manager that match the given id
* @param id
* @param setting
* @param file
* @param fileAccess
* @param directJavaAccess
* @param mail
* @param datasource
* @param mapping
* @param customTag
* @param cfxSetting
* @param cfxUsage
* @param debugging
* @param search
* @param scheduledTasks
* @param tagExecute
* @param tagImport
* @param tagObject
* @param tagRegistry
* @throws SecurityException
* @throws ApplicationException
*/
public void updateSecurity(String id, short setting, short file, Resource[] fileAccess, short directJavaAccess, short mail, short datasource, short mapping, short remote, short customTag, short cfxSetting, short cfxUsage, short debugging, short search, short scheduledTasks, short tagExecute, short tagImport, short tagObject, short tagRegistry, short cache, short gateway, short orm, short accessRead, short accessWrite) throws SecurityException, ApplicationException {
checkWriteAccess();
if (!(config instanceof ConfigServer))
throw new SecurityException("can't change security settings from this context");
Element security = _getRootElement("security");
Element[] children = XMLConfigWebFactory.getChildren(security, "accessor");
Element accessor = null;
for (int i = 0; i < children.length; i++) {
if (id.equals(children[i].getAttribute("id"))) {
accessor = children[i];
}
}
if (accessor == null)
throw new ApplicationException("there is noc Security Manager for id [" + id + "]");
updateSecurityFileAccess(accessor, fileAccess, file);
accessor.setAttribute("setting", SecurityManagerImpl.toStringAccessValue(setting));
accessor.setAttribute("file", SecurityManagerImpl.toStringAccessValue(file));
accessor.setAttribute("direct_java_access", SecurityManagerImpl.toStringAccessValue(directJavaAccess));
accessor.setAttribute("mail", SecurityManagerImpl.toStringAccessValue(mail));
accessor.setAttribute("datasource", SecurityManagerImpl.toStringAccessValue(datasource));
accessor.setAttribute("mapping", SecurityManagerImpl.toStringAccessValue(mapping));
accessor.setAttribute("remote", SecurityManagerImpl.toStringAccessValue(remote));
accessor.setAttribute("custom_tag", SecurityManagerImpl.toStringAccessValue(customTag));
accessor.setAttribute("cfx_setting", SecurityManagerImpl.toStringAccessValue(cfxSetting));
accessor.setAttribute("cfx_usage", SecurityManagerImpl.toStringAccessValue(cfxUsage));
accessor.setAttribute("debugging", SecurityManagerImpl.toStringAccessValue(debugging));
accessor.setAttribute("search", SecurityManagerImpl.toStringAccessValue(search));
accessor.setAttribute("scheduled_task", SecurityManagerImpl.toStringAccessValue(scheduledTasks));
accessor.setAttribute("cache", SecurityManagerImpl.toStringAccessValue(cache));
accessor.setAttribute("gateway", SecurityManagerImpl.toStringAccessValue(gateway));
accessor.setAttribute("orm", SecurityManagerImpl.toStringAccessValue(orm));
accessor.setAttribute("tag_execute", SecurityManagerImpl.toStringAccessValue(tagExecute));
accessor.setAttribute("tag_import", SecurityManagerImpl.toStringAccessValue(tagImport));
accessor.setAttribute("tag_object", SecurityManagerImpl.toStringAccessValue(tagObject));
accessor.setAttribute("tag_registry", SecurityManagerImpl.toStringAccessValue(tagRegistry));
accessor.setAttribute("access_read", SecurityManagerImpl.toStringAccessRWValue(accessRead));
accessor.setAttribute("access_write", SecurityManagerImpl.toStringAccessRWValue(accessWrite));
}
Also used :
ApplicationException(lucee.runtime.exp.ApplicationException)
Element(org.w3c.dom.Element)
SecurityException(lucee.runtime.exp.SecurityException)
Example 30 with SecurityException
use of lucee.runtime.exp.SecurityException in project Lucee by lucee.
the class XMLConfigAdmin method updateCFMLWriterType.
public void updateCFMLWriterType(String writerType) throws SecurityException, ApplicationException {
checkWriteAccess();
boolean hasAccess = ConfigWebUtil.hasAccess(config, SecurityManager.TYPE_SETTING);
if (!hasAccess)
throw new SecurityException("no access to update scope setting");
Element scope = _getRootElement("setting");
writerType = writerType.trim();
// remove
if (StringUtil.isEmpty(writerType)) {
if (scope.hasAttribute("cfml-writer"))
scope.removeAttribute("cfml-writer");
return;
}
// update
if (!"white-space".equalsIgnoreCase(writerType) && !"white-space-pref".equalsIgnoreCase(writerType) && !"regular".equalsIgnoreCase(writerType))
throw new ApplicationException("invalid writer type defintion [" + writerType + "], valid types are [white-space, white-space-pref, regular]");
scope.setAttribute("cfml-writer", writerType.toLowerCase());
}
Also used :
ApplicationException(lucee.runtime.exp.ApplicationException)
Element(org.w3c.dom.Element)
SecurityException(lucee.runtime.exp.SecurityException)
Aggregations
SecurityException (lucee.runtime.exp.SecurityException)91
Element (org.w3c.dom.Element)83
ExpressionException (lucee.runtime.exp.ExpressionException)14
SecurityManager (lucee.runtime.security.SecurityManager)6
ApplicationException (lucee.runtime.exp.ApplicationException)5
IOException (java.io.IOException)4
Resource (lucee.commons.io.res.Resource)2
ClassException (lucee.commons.lang.ClassException)2
PageException (lucee.runtime.exp.PageException)2
ServiceException (coldfusion.server.ServiceException)1
UnsupportedEncodingException (java.io.UnsupportedEncodingException)1
MalformedURLException (java.net.MalformedURLException)1
UnknownHostException (java.net.UnknownHostException)1
SQLException (java.sql.SQLException)1
Entry (java.util.Map.Entry)1
lucee.aprint (lucee.aprint)1
Cache (lucee.commons.io.cache.Cache)1
FileResourceProvider (lucee.commons.io.res.type.file.FileResourceProvider)1
CacheConnection (lucee.runtime.cache.CacheConnection)1
CFXTagException (lucee.runtime.cfx.CFXTagException)1
