Search in sources :

Example 16 with AccessDeniedException

use of org.alfresco.repo.security.permissions.AccessDeniedException in project acs-community-packaging by Alfresco.

the class UISpaceSelector method getParentNodeId.

public String getParentNodeId(FacesContext context) {
    String id = null;
    if (this.navigationId != null && this.navigationId.equals(Application.getCompanyRootId(context)) == false) {
        try {
            ChildAssociationRef parentRef = getFastNodeService(context).getPrimaryParent(new NodeRef(Repository.getStoreRef(), this.navigationId));
            id = parentRef.getParentRef().getId();
        } catch (AccessDeniedException accessErr) {
        // cannot navigate to parent id will be null
        }
    }
    return id;
}
Also used : NodeRef(org.alfresco.service.cmr.repository.NodeRef) AccessDeniedException(org.alfresco.repo.security.permissions.AccessDeniedException) ChildAssociationRef(org.alfresco.service.cmr.repository.ChildAssociationRef)

Example 17 with AccessDeniedException

use of org.alfresco.repo.security.permissions.AccessDeniedException in project acs-community-packaging by Alfresco.

the class AdvancedSearchDialog method getGlobalSearchesRef.

/**
 * @return the cached reference to the global Saved Searches folder
 */
protected NodeRef getGlobalSearchesRef() {
    if (properties.getGlobalSearchesRef() == null) {
        FacesContext fc = FacesContext.getCurrentInstance();
        String xpath = Application.getRootPath(fc) + "/" + Application.getGlossaryFolderName(fc) + "/" + Application.getSavedSearchesFolderName(fc);
        List<NodeRef> results = null;
        try {
            results = getSearchService().selectNodes(getNodeService().getRootNode(Repository.getStoreRef()), xpath, null, getNamespaceService(), false);
        } catch (AccessDeniedException err) {
        // ignore and return null
        }
        if (results != null && results.size() == 1) {
            properties.setGlobalSearchesRef(results.get(0));
        }
    }
    return properties.getGlobalSearchesRef();
}
Also used : FacesContext(javax.faces.context.FacesContext) NodeRef(org.alfresco.service.cmr.repository.NodeRef) AccessDeniedException(org.alfresco.repo.security.permissions.AccessDeniedException)

Example 18 with AccessDeniedException

use of org.alfresco.repo.security.permissions.AccessDeniedException in project acs-community-packaging by Alfresco.

the class UserShortcutsBean method getShortcuts.

/**
 * @return the List of shortcut Nodes
 */
public List<Node> getShortcuts() {
    if (this.shortcuts == null) {
        List<String> shortcuts = null;
        NodeRef prefRef = null;
        UserTransaction tx = null;
        boolean rollback = false;
        try {
            FacesContext context = FacesContext.getCurrentInstance();
            tx = Repository.getUserTransaction(context);
            tx.begin();
            // get the shortcuts from the preferences for this user
            shortcuts = getShortcutList(context);
            if (shortcuts.size() != 0) {
                // each shortcut node ID is persisted as a list item in a well known property
                this.shortcuts = new ArrayList<Node>(shortcuts.size());
                for (int i = 0; i < shortcuts.size(); i++) {
                    NodeRef ref = new NodeRef(Repository.getStoreRef(), shortcuts.get(i));
                    try {
                        if (this.getNodeService().exists(ref) == true) {
                            Node node = new Node(ref);
                            // quick init properties while in the usertransaction
                            node.getProperties();
                            // save ref to the Node for rendering
                            this.shortcuts.add(node);
                        } else {
                            // we write the node list back again afterwards to correct this
                            if (logger.isDebugEnabled())
                                logger.debug("Found invalid shortcut node Id: " + ref.getId());
                        }
                    } catch (AccessDeniedException accessErr) {
                        // we write the node list back again afterwards to correct this
                        if (logger.isDebugEnabled())
                            logger.debug("Found invalid shortcut node Id: " + ref.getId());
                        rollback = true;
                    }
                }
            } else {
                this.shortcuts = new ArrayList<Node>(5);
            }
            if (rollback == false) {
                tx.commit();
            } else {
                tx.rollback();
            }
        } catch (Throwable err) {
            Utils.addErrorMessage(MessageFormat.format(Application.getMessage(FacesContext.getCurrentInstance(), Repository.ERROR_GENERIC), err.getMessage()), err);
            try {
                if (tx != null) {
                    tx.rollback();
                }
            } catch (Exception tex) {
            }
        }
        // write the valid shortcut IDs back to correct invalid node refs
        if (shortcuts != null && shortcuts.size() != this.shortcuts.size()) {
            try {
                shortcuts = new ArrayList<String>(this.shortcuts.size());
                for (int i = 0; i < this.shortcuts.size(); i++) {
                    shortcuts.add(this.shortcuts.get(i).getId());
                }
                PreferencesService.getPreferences().setValue(PREF_SHORTCUTS, (Serializable) shortcuts);
            } catch (Exception err) {
                Utils.addErrorMessage(MessageFormat.format(Application.getMessage(FacesContext.getCurrentInstance(), Repository.ERROR_GENERIC), err.getMessage()), err);
            }
        }
    }
    return this.shortcuts;
}
Also used : UserTransaction(javax.transaction.UserTransaction) FacesContext(javax.faces.context.FacesContext) AccessDeniedException(org.alfresco.repo.security.permissions.AccessDeniedException) Node(org.alfresco.web.bean.repository.Node) InvalidNodeRefException(org.alfresco.service.cmr.repository.InvalidNodeRefException) AccessDeniedException(org.alfresco.repo.security.permissions.AccessDeniedException) NodeRef(org.alfresco.service.cmr.repository.NodeRef)

Example 19 with AccessDeniedException

use of org.alfresco.repo.security.permissions.AccessDeniedException in project acs-community-packaging by Alfresco.

the class DisplayPathConverter method getAsString.

/**
 * @see javax.faces.convert.Converter#getAsString(javax.faces.context.FacesContext, javax.faces.component.UIComponent, java.lang.Object)
 */
public String getAsString(FacesContext context, UIComponent component, Object value) throws ConverterException {
    String result = "";
    if (value != null) {
        try {
            NodeService nodeService = Repository.getServiceRegistry(context).getNodeService();
            Path path = null;
            if (value instanceof NodeRef) {
                path = nodeService.getPath((NodeRef) value);
            } else if (value instanceof Path) {
                path = (Path) value;
            }
            if (path != null) {
                result = Repository.getNamePath(nodeService, path, null, "/", null);
            }
        } catch (AccessDeniedException accessErr) {
        // use default if this occurs
        } catch (InvalidNodeRefException nodeErr) {
        // use default if this occurs
        }
    }
    return result;
}
Also used : Path(org.alfresco.service.cmr.repository.Path) NodeRef(org.alfresco.service.cmr.repository.NodeRef) AccessDeniedException(org.alfresco.repo.security.permissions.AccessDeniedException) NodeService(org.alfresco.service.cmr.repository.NodeService) InvalidNodeRefException(org.alfresco.service.cmr.repository.InvalidNodeRefException)

Example 20 with AccessDeniedException

use of org.alfresco.repo.security.permissions.AccessDeniedException in project acs-community-packaging by Alfresco.

the class AuthenticationHelper method authenticate.

/**
 * Helper to authenticate the current user using session based Ticket information.
 * <p>
 * User information is looked up in the Session. If found the ticket is retrieved and validated.
 * If no User info is found or the ticket is invalid then a redirect is performed to the login page.
 *
 * @param forceGuest       True to force a Guest login attempt
 * @param allowGuest       True to allow the Guest user if no user object represent
 *
 * @return AuthenticationStatus result.
 */
public static AuthenticationStatus authenticate(ServletContext sc, HttpServletRequest req, HttpServletResponse res, boolean forceGuest, boolean allowGuest) throws IOException {
    if (logger.isDebugEnabled())
        logger.debug("Authenticating the current user using session based Ticket information.");
    // retrieve the User object
    User user = getUser(sc, req, res);
    HttpSession session = req.getSession();
    // get the login bean if we're not in the portal
    LoginBean loginBean = null;
    if (Application.inPortalServer() == false) {
        if (logger.isDebugEnabled())
            logger.debug("We're not in the portal, getting the login bean.");
        loginBean = (LoginBean) session.getAttribute(LOGIN_BEAN);
    }
    // setup the authentication context
    WebApplicationContext wc = WebApplicationContextUtils.getRequiredWebApplicationContext(sc);
    AuthenticationService auth = (AuthenticationService) wc.getBean(AUTHENTICATION_SERVICE);
    if (logger.isDebugEnabled())
        logger.debug("Force guest is: " + forceGuest);
    if (user == null || forceGuest) {
        if (logger.isDebugEnabled())
            logger.debug("The user is null.");
        // the last stored username string is cleared.
        if (session.getAttribute(AuthenticationHelper.SESSION_INVALIDATED) == null) {
            if (logger.isDebugEnabled())
                logger.debug("The session is not invalidated.");
            Cookie authCookie = getAuthCookie(req);
            if (allowGuest == true && (authCookie == null || forceGuest)) {
                if (logger.isDebugEnabled())
                    logger.debug("No previous authentication or forced Guest - attempt Guest access.");
                try {
                    auth.authenticateAsGuest();
                    // if we get here then Guest access was allowed and successful
                    setUser(sc, req, AuthenticationUtil.getGuestUserName(), auth.getCurrentTicket(), false);
                    // Set up the thread context
                    setupThread(sc, req, res, true);
                    // remove the session invalidated flag
                    session.removeAttribute(AuthenticationHelper.SESSION_INVALIDATED);
                    if (logger.isDebugEnabled())
                        logger.debug("Successfully authenticated as guest.");
                    // it is the responsibilty of the caller to handle the Guest return status
                    return AuthenticationStatus.Guest;
                } catch (AuthenticationException guestError) {
                    if (logger.isDebugEnabled())
                        logger.debug("An AuthenticationException occurred, expected if Guest access not allowed - continue to login page as usual", guestError);
                } catch (AccessDeniedException accessError) {
                    // Guest is unable to access either properties on Person
                    AuthenticationService unprotAuthService = (AuthenticationService) wc.getBean(UNPROTECTED_AUTH_SERVICE);
                    unprotAuthService.invalidateTicket(unprotAuthService.getCurrentTicket());
                    unprotAuthService.clearCurrentSecurityContext();
                    logger.warn("Unable to login as Guest: ", accessError);
                } catch (Throwable e) {
                    // Some other kind of serious failure to report
                    AuthenticationService unprotAuthService = (AuthenticationService) wc.getBean(UNPROTECTED_AUTH_SERVICE);
                    unprotAuthService.invalidateTicket(unprotAuthService.getCurrentTicket());
                    unprotAuthService.clearCurrentSecurityContext();
                    throw new AlfrescoRuntimeException("Failed to authenticate as Guest user.", e);
                }
            }
        }
        if (logger.isDebugEnabled())
            logger.debug("Session invalidated - return to login screen.");
        return AuthenticationStatus.Failure;
    } else {
        if (logger.isDebugEnabled())
            logger.debug("The user is: " + user.getUserName());
        // set last authentication username cookie value
        String loginName;
        if (loginBean != null && (loginName = loginBean.getUsernameInternal()) != null) {
            if (logger.isDebugEnabled())
                logger.debug("Set last authentication username cookie value");
            setUsernameCookie(req, res, loginName);
        }
        // Set up the thread context
        setupThread(sc, req, res, true);
        return AuthenticationStatus.Success;
    }
}
Also used : Cookie(javax.servlet.http.Cookie) AccessDeniedException(org.alfresco.repo.security.permissions.AccessDeniedException) SessionUser(org.alfresco.repo.SessionUser) User(org.alfresco.web.bean.repository.User) AuthenticationException(org.alfresco.repo.security.authentication.AuthenticationException) HttpSession(javax.servlet.http.HttpSession) LoginBean(org.alfresco.web.bean.LoginBean) AlfrescoRuntimeException(org.alfresco.error.AlfrescoRuntimeException) AuthenticationService(org.alfresco.service.cmr.security.AuthenticationService) WebApplicationContext(org.springframework.web.context.WebApplicationContext)

Aggregations

AccessDeniedException (org.alfresco.repo.security.permissions.AccessDeniedException)46 NodeRef (org.alfresco.service.cmr.repository.NodeRef)30 HashMap (java.util.HashMap)17 IOException (java.io.IOException)8 AlfrescoRuntimeException (org.alfresco.error.AlfrescoRuntimeException)8 InvalidNodeRefException (org.alfresco.service.cmr.repository.InvalidNodeRefException)8 ArrayList (java.util.ArrayList)7 WebScriptException (org.springframework.extensions.webscripts.WebScriptException)7 FacesContext (javax.faces.context.FacesContext)6 FileNotFoundException (org.alfresco.service.cmr.model.FileNotFoundException)6 JSONObject (org.json.simple.JSONObject)6 Serializable (java.io.Serializable)5 EntityNotFoundException (org.alfresco.rest.framework.core.exceptions.EntityNotFoundException)5 FileExistsException (org.alfresco.service.cmr.model.FileExistsException)5 SocketException (java.net.SocketException)4 Map (java.util.Map)4 FileInfo (org.alfresco.service.cmr.model.FileInfo)4 ContentIOException (org.alfresco.service.cmr.repository.ContentIOException)4 QName (org.alfresco.service.namespace.QName)4 ResourceBundle (java.util.ResourceBundle)3