Examples with AccessDeniedException org.alfresco.jlan.server.filesys.AccessDeniedException used on opensource projects

Example 16 with AccessDeniedException

use of org.alfresco.jlan.server.filesys.AccessDeniedException in project alfresco-repository by Alfresco.

the class ContentDiskDriver2 method deleteFile2.

/**
 * Delete the specified file.
 *
 * @param session Server session
 * @param tree Tree connection
 * @param rootNode Root node
 * @param path NetworkFile
 * @exception java.io.IOException The exception description.
 * @return NodeRef of deletedFile
 */
public NodeRef deleteFile2(final SrvSession session, final TreeConnection tree, NodeRef rootNode, String path) throws IOException {
    // Get the device context
    final ContentContext ctx = (ContentContext) tree.getContext();
    if (logger.isDebugEnabled()) {
        logger.debug("deleteFile:" + path + ", session:" + session.getUniqueId());
    }
    try {
        // Check if there is a quota manager enabled, if so then we need to save the current file size
        final QuotaManager quotaMgr = ctx.getQuotaManager();
        // Get the node and delete it
        final NodeRef nodeRef = getNodeForPath(tree, path);
        if (fileFolderService.exists(nodeRef)) {
            lockKeeper.removeLock(nodeRef);
            // Get the size of the file being deleted
            final FileInfo fInfo = quotaMgr == null ? null : getFileInformation(session, tree, path);
            if (logger.isDebugEnabled()) {
                logger.debug("deleted file" + path);
            }
            fileFolderService.delete(nodeRef);
            // TODO Needs to be post-commit
            if (quotaMgr != null) {
                quotaMgr.releaseSpace(session, tree, fInfo.getFileId(), path, fInfo.getSize());
            }
            if (logger.isDebugEnabled()) {
                logger.debug("Deleted file: " + path + ", nodeRef=" + nodeRef);
            }
            // void return
            return nodeRef;
        }
    } catch (NodeLockedException ex) {
        if (logger.isDebugEnabled()) {
            logger.debug("Delete file - access denied (locked)", ex);
        }
        throw new AccessDeniedException("Unable to delete " + path);
    } catch (org.alfresco.repo.security.permissions.AccessDeniedException ex) {
        if (logger.isDebugEnabled()) {
            logger.debug("Delete file - access denied", ex);
        }
        // Convert to a filesystem access denied status
        throw new AccessDeniedException("Unable to delete " + path);
    } catch (IOException ex) {
        // Allow I/O Exceptions to pass through
        if (logger.isDebugEnabled()) {
            logger.debug("Delete file error - pass through IO Exception", ex);
        }
        throw ex;
    } catch (Exception ex) {
        if (logger.isDebugEnabled()) {
            logger.debug("Delete file error", ex);
        }
        // Convert to a general I/O exception
        IOException ioe = new IOException("Delete file " + path);
        ioe.initCause(ex);
        throw ioe;
    }
    return null;
}

Example 17 with AccessDeniedException

use of org.alfresco.jlan.server.filesys.AccessDeniedException in project alfresco-repository by Alfresco.

the class NonTransactionalRuleContentDiskDriver method renameFile.

@Override
public void renameFile(SrvSession sess, TreeConnection tree, String oldPath, String newPath) throws IOException {
    ContentContext tctx = (ContentContext) tree.getContext();
    NodeRef rootNode = tctx.getRootNode();
    if (logger.isDebugEnabled()) {
        logger.debug("renameFile oldPath:" + oldPath + ", newPath:" + newPath);
    }
    DriverState driverState = getDriverState(sess);
    // Is this a rename within the same folder or a move between folders?
    String[] paths = FileName.splitPath(oldPath);
    String oldFolder = paths[0];
    String oldFile = paths[1];
    paths = FileName.splitPath(newPath);
    String newFolder = paths[0];
    String newFile = paths[1];
    try {
        if (oldFolder.equalsIgnoreCase(newFolder)) {
            logger.debug("renameFileCommand - is a rename within the same folder");
            EvaluatorContext ctx = getEvaluatorContext(driverState, oldFolder);
            Operation o = new RenameFileOperation(oldFile, newFile, oldPath, newPath, rootNode);
            Command c = ruleEvaluator.evaluate(ctx, o);
            commandExecutor.execute(sess, tree, c);
            ruleEvaluator.notifyRename(ctx, o, c);
            releaseEvaluatorContextIfEmpty(driverState, ctx, oldFolder);
        } else {
            logger.debug("moveFileCommand - move between folders");
            Operation o = new MoveFileOperation(oldFile, newFile, oldPath, newPath, rootNode);
            /*
        		 * Note: At the moment we only have move scenarios for the destination folder - so 
        		 * we only need to evaluate against a single (destination) context/folder.   
        		 * This will require re-design as and when we need to have scenarios for the source/folder  
        		 */
            // EvaluatorContext ctx1 = getEvaluatorContext(driverState, oldFolder);
            EvaluatorContext ctx2 = getEvaluatorContext(driverState, newFolder);
            Command c = ruleEvaluator.evaluate(ctx2, o);
            commandExecutor.execute(sess, tree, c);
            releaseEvaluatorContextIfEmpty(driverState, ctx2, newFolder);
        // diskInterface.renameFile(sess, tree, oldPath, newPath);
        }
    } catch (org.alfresco.repo.security.permissions.AccessDeniedException ade) {
        throw new AccessDeniedException("Unable to rename file file " + oldPath, ade);
    }
}

Example 18 with AccessDeniedException

use of org.alfresco.jlan.server.filesys.AccessDeniedException in project alfresco-repository by Alfresco.

the class NonTransactionalRuleContentDiskDriver method closeFile.

@Override
public void closeFile(SrvSession sess, TreeConnection tree, NetworkFile param) throws IOException {
    if (logger.isDebugEnabled()) {
        logger.debug("closeFile:" + param.getFullName());
    }
    ContentContext tctx = (ContentContext) tree.getContext();
    NodeRef rootNode = tctx.getRootNode();
    DriverState driverState = getDriverState(sess);
    String[] paths = FileName.splitPath(param.getFullName());
    String folder = paths[0];
    String file = paths[1];
    try {
        EvaluatorContext ctx = getEvaluatorContext(driverState, folder);
        Operation o = new CloseFileOperation(file, param, rootNode, param.getFullName(), param.hasDeleteOnClose(), param.isForce());
        Command c = ruleEvaluator.evaluate(ctx, o);
        commandExecutor.execute(sess, tree, c);
        releaseEvaluatorContextIfEmpty(driverState, ctx, folder);
    } catch (org.alfresco.repo.security.permissions.AccessDeniedException ade) {
        throw new AccessDeniedException("Unable to close file " + param.getFullName(), ade);
    }
}

Example 19 with AccessDeniedException

use of org.alfresco.jlan.server.filesys.AccessDeniedException in project alfresco-repository by Alfresco.

the class NonTransactionalRuleContentDiskDriver method createFile.

@Override
public NetworkFile createFile(SrvSession sess, TreeConnection tree, FileOpenParams params) throws IOException {
    try {
        int attr = params.getAttributes();
        if (logger.isDebugEnabled()) {
            int sharedAccess = params.getSharedAccess();
            String strSharedAccess = SharingMode.getSharingModeAsString(sharedAccess);
            logger.debug("createFile:" + params.getPath() + ", isDirectory: " + params.isDirectory() + ", isStream: " + params.isStream() + ", readOnlyAccess: " + params.isReadOnlyAccess() + ", readWriteAccess: " + params.isReadWriteAccess() + ", writeOnlyAccess:" + params.isWriteOnlyAccess() + ", attributesOnlyAccess:" + params.isAttributesOnlyAccess() + ", sequentialAccessOnly:" + params.isSequentialAccessOnly() + ", requestBatchOpLock:" + params.requestBatchOpLock() + ", requestExclusiveOpLock:" + params.requestExclusiveOpLock() + ", isDeleteOnClose:" + params.isDeleteOnClose() + ", sharedAccess: " + strSharedAccess + ", allocationSize: " + params.getAllocationSize() + ", isHidden:" + FileAttribute.isHidden(attr) + ", isSystem:" + FileAttribute.isSystem(attr));
        }
        long creationDateTime = params.getCreationDateTime();
        if (creationDateTime != 0) {
            logger.debug("creationDateTime is set:" + new Date(creationDateTime));
        }
        ContentContext tctx = (ContentContext) tree.getContext();
        NodeRef rootNode = tctx.getRootNode();
        String[] paths = FileName.splitPath(params.getPath());
        String folder = paths[0];
        String file = paths[1];
        DriverState driverState = getDriverState(sess);
        EvaluatorContext ctx = getEvaluatorContext(driverState, folder);
        Operation o = new CreateFileOperation(file, rootNode, params.getPath(), params.getAllocationSize(), FileAttribute.isHidden(attr));
        Command c = ruleEvaluator.evaluate(ctx, o);
        Object ret = commandExecutor.execute(sess, tree, c);
        if (ret != null && ret instanceof NetworkFile) {
            return (NetworkFile) ret;
        } else {
            // Error - contact broken
            logger.error("contract broken - NetworkFile not returned. " + ret == null ? "Return value is null" : ret);
            return null;
        }
    } catch (org.alfresco.repo.security.permissions.AccessDeniedException ade) {
        throw new AccessDeniedException("Unable to create file " + params.getPath(), ade);
    }
}

Example 20 with AccessDeniedException

use of org.alfresco.jlan.server.filesys.AccessDeniedException in project alfresco-repository by Alfresco.

the class ContentDiskDriverTest method testFileInformationUpdatingByEditorUserForAlf8808.

// testDirListing
public void testFileInformationUpdatingByEditorUserForAlf8808() throws Exception {
    final Holder<org.alfresco.service.cmr.model.FileInfo> editorFolder = new Holder<org.alfresco.service.cmr.model.FileInfo>();
    final Holder<org.alfresco.service.cmr.model.FileInfo> testFile = new Holder<org.alfresco.service.cmr.model.FileInfo>();
    // Configuring test server with test server configuration and getting test tree connection for test shared device
    ServerConfiguration config = new ServerConfiguration(ContentDiskDriverTest.TEST_SERVER_NAME);
    TestServer server = new TestServer(ContentDiskDriverTest.TEST_SERVER_NAME, config);
    DiskSharedDevice device = getDiskSharedDevice();
    final TreeConnection treeConnection = server.getTreeConnection(device);
    // Getting target entity for testing - ContentDiskDriver
    final ExtendedDiskInterface deviceInterface = (ExtendedDiskInterface) treeConnection.getInterface();
    // Creating mock-session
    final SrvSession session = new TestSrvSession(13, server, ContentDiskDriverTest.TEST_PROTOTYPE_NAME, ContentDiskDriverTest.TEST_REMOTE_NAME);
    transactionService.getRetryingTransactionHelper().doInTransaction(new RetryingTransactionCallback<Void>() {

        @Override
        public Void execute() throws Throwable {
            try {
                NodeRef rootNode = repositoryHelper.getCompanyHome();
                // Creating test user to invite him as Editor for test content. This user will be created correctly (with person and authentication options)
                createUser(ContentDiskDriverTest.TEST_USER_AUTHORITY, ContentDiskDriverTest.TEST_USER_AUTHORITY, rootNode);
                // Safely creating folder for test content
                editorFolder.value = getOrCreateNode(rootNode, PermissionService.EDITOR, ContentModel.TYPE_FOLDER).getFirst();
                // Creating test content which will be editable by user created above
                testFile.value = getOrCreateNode(rootNode, "Test.txt", ContentModel.TYPE_CONTENT).getFirst();
                // Applying 'Editor' role for test user to test file
                permissionService.setPermission(testFile.value.getNodeRef(), ContentDiskDriverTest.TEST_USER_AUTHORITY, PermissionService.EDITOR, true);
                try {
                    // Creating data for target method invocation
                    final FileInfo updatedInfo = new FileInfo();
                    updatedInfo.setFileName(testFile.value.getName());
                    updatedInfo.setFileId(DefaultTypeConverter.INSTANCE.intValue(testFile.value.getProperties().get(ContentModel.PROP_NODE_DBID)));
                    // Testing ContentDiskDriver.setFileInformation() with test user authenticated who has 'Editor' role for test content.
                    // This method should fail if check on 'DELETE' permission was not moved to 'DeleteOnClose' context
                    AuthenticationUtil.runAs(new RunAsWork<Void>() {

                        @Override
                        public Void doWork() throws Exception {
                            deviceInterface.setFileInformation(session, treeConnection, testFile.value.getName(), updatedInfo);
                            return null;
                        }
                    }, ContentDiskDriverTest.TEST_USER_AUTHORITY);
                } catch (Exception e) {
                    // Informing about test failure. Expected exception is 'org.alfresco.jlan.server.filesys.AccessDeniedException'
                    if (e.getCause() instanceof AccessDeniedException) {
                        fail("For user='" + TEST_USER_AUTHORITY + "' " + e.getCause().toString());
                    } else {
                        fail("Unexpected exception was caught: " + e.toString());
                    }
                }
            } finally {
                if (authenticationService.authenticationExists(ContentDiskDriverTest.TEST_USER_AUTHORITY)) {
                    authenticationService.deleteAuthentication(ContentDiskDriverTest.TEST_USER_AUTHORITY);
                }
                if (personService.personExists(ContentDiskDriverTest.TEST_USER_AUTHORITY)) {
                    personService.deletePerson(ContentDiskDriverTest.TEST_USER_AUTHORITY);
                }
                try {
                    if (null != testFile.value) {
                        nodeService.deleteNode(testFile.value.getNodeRef());
                    }
                } catch (Exception e) {
                // Doing nothing
                }
                try {
                    if (null != editorFolder.value) {
                        nodeService.deleteNode(editorFolder.value.getNodeRef());
                    }
                } catch (Exception e) {
                // Doing nothing
                }
            }
            return null;
        }
    }, false, true);
}