Search in sources :

Example 31 with AccessDeniedException

use of org.alfresco.repo.security.permissions.AccessDeniedException in project alfresco-remote-api by Alfresco.

the class Node method lookupUserInfo.

public static UserInfo lookupUserInfo(String userName, Map<String, UserInfo> mapUserInfo, PersonService personService, boolean displayNameOnly) {
    UserInfo userInfo = mapUserInfo.get(userName);
    if ((userInfo == null) && (userName != null)) {
        String sysUserName = AuthenticationUtil.getSystemUserName();
        if (userName.equals(sysUserName) || (AuthenticationUtil.isMtEnabled() && userName.startsWith(sysUserName + "@"))) {
            userInfo = new UserInfo((displayNameOnly ? null : userName), userName, "");
        } else {
            PersonService.PersonInfo pInfo = null;
            try {
                NodeRef pNodeRef = personService.getPerson(userName, false);
                if (pNodeRef != null) {
                    pInfo = personService.getPerson(pNodeRef);
                }
            } catch (NoSuchPersonException nspe) {
            // drop-through
            } catch (AccessDeniedException ade) {
            // SFS-610
            // drop-through
            }
            if (pInfo != null) {
                userInfo = new UserInfo((displayNameOnly ? null : userName), pInfo.getFirstName(), pInfo.getLastName());
            } else {
                logger.warn("Unknown person: " + userName);
                userInfo = new UserInfo((displayNameOnly ? null : userName), userName, "");
            }
        }
        mapUserInfo.put(userName, userInfo);
    }
    return userInfo;
}
Also used : NodeRef(org.alfresco.service.cmr.repository.NodeRef) AccessDeniedException(org.alfresco.repo.security.permissions.AccessDeniedException) PersonService(org.alfresco.service.cmr.security.PersonService) NoSuchPersonException(org.alfresco.service.cmr.security.NoSuchPersonException)

Example 32 with AccessDeniedException

use of org.alfresco.repo.security.permissions.AccessDeniedException in project alfresco-remote-api by Alfresco.

the class SiteFeedRetrieverWebScript method executeImpl.

/* (non-Javadoc)
     * @see org.alfresco.web.scripts.DeclarativeWebScript#executeImpl(org.alfresco.web.scripts.WebScriptRequest, org.alfresco.web.scripts.WebScriptResponse)
     */
@Override
protected Map<String, Object> executeImpl(WebScriptRequest req, Status status) {
    // retrieve requested format
    String format = req.getFormat();
    if (format == null || format.length() == 0) {
        format = getDescription().getDefaultFormat();
    }
    String extensionPath = req.getExtensionPath();
    String[] extParts = extensionPath == null ? new String[1] : extensionPath.split("/");
    String siteId = null;
    if (extParts.length == 1) {
        siteId = extParts[0];
    } else {
        throw new AlfrescoRuntimeException("Unexpected extension: " + extensionPath);
    }
    // atom     -> atomentry
    if (format.equals("atomfeed") || format.equals("atom")) {
        format = "atomentry";
    }
    Map<String, Object> model = new HashMap<String, Object>();
    try {
        List<String> feedEntries = activityService.getSiteFeedEntries(siteId);
        if (format.equals(FeedTaskProcessor.FEED_FORMAT_JSON)) {
            model.put("feedEntries", feedEntries);
            model.put("siteId", siteId);
        } else {
            List<Map<String, Object>> activityFeedModels = new ArrayList<Map<String, Object>>();
            try {
                for (String feedEntry : feedEntries) {
                    activityFeedModels.add(JSONtoFmModel.convertJSONObjectToMap(feedEntry));
                }
            } catch (JSONException je) {
                throw new AlfrescoRuntimeException("Unable to get user feed entries: " + je.getMessage());
            }
            model.put("feedEntries", activityFeedModels);
            model.put("siteId", siteId);
        }
    } catch (AccessDeniedException ade) {
        // implies that site either does not exist or is private (and current user is not admin or a member) - hence return 401 (unauthorised)
        String currentUser = AuthenticationUtil.getFullyAuthenticatedUser();
        status.setCode(Status.STATUS_UNAUTHORIZED);
        logger.warn("Unable to get site feed entries for '" + siteId + "' (site does not exist or is private) - currently logged in as '" + currentUser + "'");
        model.put("feedEntries", null);
        model.put("siteId", "");
    }
    return model;
}
Also used : AccessDeniedException(org.alfresco.repo.security.permissions.AccessDeniedException) HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) AlfrescoRuntimeException(org.alfresco.error.AlfrescoRuntimeException) JSONException(org.json.JSONException) HashMap(java.util.HashMap) Map(java.util.Map)

Example 33 with AccessDeniedException

use of org.alfresco.repo.security.permissions.AccessDeniedException in project alfresco-remote-api by Alfresco.

the class ADMRemoteStore method createDocuments.

/**
 * Creates multiple XML documents encapsulated in a single one.
 *
 * @param res       WebScriptResponse
 * @param store       String
 * @param in       XML document containing multiple document contents to write
 */
@Override
protected void createDocuments(WebScriptResponse res, String store, InputStream in) {
    try {
        DocumentBuilder documentBuilder = DocumentBuilderFactory.newInstance().newDocumentBuilder();
        Document document;
        document = documentBuilder.parse(in);
        Element docEl = document.getDocumentElement();
        Transformer transformer = ADMRemoteStore.this.transformer.get();
        for (Node n = docEl.getFirstChild(); n != null; n = n.getNextSibling()) {
            if (!(n instanceof Element)) {
                continue;
            }
            final String path = ((Element) n).getAttribute("path");
            // Turn the first element child into a document
            Document doc = documentBuilder.newDocument();
            Node child;
            for (child = n.getFirstChild(); child != null; child = child.getNextSibling()) {
                if (child instanceof Element) {
                    doc.appendChild(doc.importNode(child, true));
                    break;
                }
            }
            ByteArrayOutputStream out = new ByteArrayOutputStream(512);
            transformer.transform(new DOMSource(doc), new StreamResult(out));
            out.close();
            writeDocument(path, new ByteArrayInputStream(out.toByteArray()));
        }
    } catch (AccessDeniedException ae) {
        res.setStatus(Status.STATUS_UNAUTHORIZED);
        throw ae;
    } catch (FileExistsException feeErr) {
        res.setStatus(Status.STATUS_CONFLICT);
        throw feeErr;
    } catch (Exception e) {
        // various annoying checked SAX/IO exceptions related to XML processing can be thrown
        // none of them should occur if the XML document is well formed
        logger.error(e);
        res.setStatus(Status.STATUS_INTERNAL_SERVER_ERROR);
        throw new AlfrescoRuntimeException(e.getMessage(), e);
    }
}
Also used : DOMSource(javax.xml.transform.dom.DOMSource) AccessDeniedException(org.alfresco.repo.security.permissions.AccessDeniedException) Transformer(javax.xml.transform.Transformer) StreamResult(javax.xml.transform.stream.StreamResult) Element(org.w3c.dom.Element) Node(org.w3c.dom.Node) ByteArrayOutputStream(java.io.ByteArrayOutputStream) Document(org.w3c.dom.Document) FileNotFoundException(org.alfresco.service.cmr.model.FileNotFoundException) FileExistsException(org.alfresco.service.cmr.model.FileExistsException) AccessDeniedException(org.alfresco.repo.security.permissions.AccessDeniedException) WebScriptException(org.springframework.extensions.webscripts.WebScriptException) SocketException(java.net.SocketException) ContentIOException(org.alfresco.service.cmr.repository.ContentIOException) IOException(java.io.IOException) AlfrescoRuntimeException(org.alfresco.error.AlfrescoRuntimeException) DocumentBuilder(javax.xml.parsers.DocumentBuilder) ByteArrayInputStream(java.io.ByteArrayInputStream) AlfrescoRuntimeException(org.alfresco.error.AlfrescoRuntimeException) FileExistsException(org.alfresco.service.cmr.model.FileExistsException)

Example 34 with AccessDeniedException

use of org.alfresco.repo.security.permissions.AccessDeniedException in project alfresco-remote-api by Alfresco.

the class LinkDelete method executeImpl.

@Override
protected Map<String, Object> executeImpl(SiteInfo site, String linkName, WebScriptRequest req, JSONObject json, Status status, Cache cache) {
    Map<String, Object> model = new HashMap<String, Object>();
    // Try to find the link
    LinkInfo link = linksService.getLink(site.getShortName(), linkName);
    if (link == null) {
        String message = "No link found with that name";
        throw new WebScriptException(Status.STATUS_NOT_FOUND, message);
    }
    // Delete it
    try {
        linksService.deleteLink(link);
    } catch (AccessDeniedException e) {
        String message = "You don't have permission to delete that link";
        throw new WebScriptException(Status.STATUS_FORBIDDEN, message);
    }
    // Mark it as gone
    status.setCode(Status.STATUS_NO_CONTENT);
    return model;
}
Also used : AccessDeniedException(org.alfresco.repo.security.permissions.AccessDeniedException) WebScriptException(org.springframework.extensions.webscripts.WebScriptException) HashMap(java.util.HashMap) JSONObject(org.json.simple.JSONObject) LinkInfo(org.alfresco.service.cmr.links.LinkInfo)

Example 35 with AccessDeniedException

use of org.alfresco.repo.security.permissions.AccessDeniedException in project alfresco-remote-api by Alfresco.

the class LinkPut method executeImpl.

@Override
protected Map<String, Object> executeImpl(SiteInfo site, String linkName, WebScriptRequest req, JSONObject json, Status status, Cache cache) {
    final ResourceBundle rb = getResources();
    Map<String, Object> model = new HashMap<String, Object>();
    // Try to find the link
    LinkInfo link = linksService.getLink(site.getShortName(), linkName);
    if (link == null) {
        String message = "No link found with that name";
        status.setCode(Status.STATUS_NOT_FOUND);
        status.setMessage(message);
        model.put(PARAM_MESSAGE, rb.getString(MSG_NOT_FOUND));
        return model;
    }
    // Get the new link details from the JSON
    // Update the main properties
    link.setTitle(getOrNull(json, "title"));
    link.setDescription(getOrNull(json, "description"));
    String url = getOrNull(json, "url");
    link.setURL(url);
    // Handle internal / not internal
    if (json.containsKey("internal")) {
        link.setInternal(true);
    } else {
        link.setInternal(false);
    }
    // Do the tags
    link.getTags().clear();
    List<String> tags = getTags(json);
    if (tags != null && tags.size() > 0) {
        link.getTags().addAll(tags);
    }
    // Update the link
    try {
        link = linksService.updateLink(link);
    } catch (AccessDeniedException e) {
        String message = "You don't have permission to update that link";
        status.setCode(Status.STATUS_FORBIDDEN);
        status.setMessage(message);
        model.put(PARAM_MESSAGE, rb.getString(MSG_ACCESS_DENIED));
        return model;
    }
    // Generate an activity for the change
    addActivityEntry("updated", link, site, req, json);
    // Build the model
    model.put(PARAM_MESSAGE, "Node " + link.getNodeRef() + " updated");
    model.put("link", link);
    model.put("site", site);
    model.put("siteId", site.getShortName());
    // All done
    return model;
}
Also used : AccessDeniedException(org.alfresco.repo.security.permissions.AccessDeniedException) HashMap(java.util.HashMap) ResourceBundle(java.util.ResourceBundle) JSONObject(org.json.simple.JSONObject) LinkInfo(org.alfresco.service.cmr.links.LinkInfo)

Aggregations

AccessDeniedException (org.alfresco.repo.security.permissions.AccessDeniedException)46 NodeRef (org.alfresco.service.cmr.repository.NodeRef)30 HashMap (java.util.HashMap)17 IOException (java.io.IOException)8 AlfrescoRuntimeException (org.alfresco.error.AlfrescoRuntimeException)8 InvalidNodeRefException (org.alfresco.service.cmr.repository.InvalidNodeRefException)8 ArrayList (java.util.ArrayList)7 WebScriptException (org.springframework.extensions.webscripts.WebScriptException)7 FacesContext (javax.faces.context.FacesContext)6 FileNotFoundException (org.alfresco.service.cmr.model.FileNotFoundException)6 JSONObject (org.json.simple.JSONObject)6 Serializable (java.io.Serializable)5 EntityNotFoundException (org.alfresco.rest.framework.core.exceptions.EntityNotFoundException)5 FileExistsException (org.alfresco.service.cmr.model.FileExistsException)5 SocketException (java.net.SocketException)4 Map (java.util.Map)4 FileInfo (org.alfresco.service.cmr.model.FileInfo)4 ContentIOException (org.alfresco.service.cmr.repository.ContentIOException)4 QName (org.alfresco.service.namespace.QName)4 ResourceBundle (java.util.ResourceBundle)3