use of org.alfresco.repo.security.permissions.AccessDeniedException in project alfresco-remote-api by Alfresco.
the class LinksPost method executeImpl.
@Override
protected Map<String, Object> executeImpl(SiteInfo site, String linkName, WebScriptRequest req, JSONObject json, Status status, Cache cache) {
final ResourceBundle rb = getResources();
Map<String, Object> model = new HashMap<String, Object>();
// Get the new link details from the JSON
String title;
String description;
String url;
boolean internal;
List<String> tags;
// Fetch the main properties
title = getOrNull(json, "title");
description = getOrNull(json, "description");
url = getOrNull(json, "url");
// Handle internal / not internal
internal = json.containsKey("internal");
// Do the tags
tags = getTags(json);
// Create the link
LinkInfo link;
try {
link = linksService.createLink(site.getShortName(), title, description, url, internal);
} catch (AccessDeniedException e) {
String message = "You don't have permission to create a link";
status.setCode(Status.STATUS_FORBIDDEN);
status.setMessage(message);
model.put(PARAM_MESSAGE, rb.getString(MSG_ACCESS_DENIED));
return model;
}
// Set the tags if required
if (tags != null && tags.size() > 0) {
link.getTags().addAll(tags);
linksService.updateLink(link);
}
// Generate an activity for the change
addActivityEntry("created", link, site, req, json);
// Build the model
// Really!
model.put(PARAM_MESSAGE, link.getSystemName());
model.put(PARAM_ITEM, renderLink(link));
model.put("node", link.getNodeRef());
model.put("link", link);
model.put("site", site);
model.put("siteId", site.getShortName());
// All done
return model;
}
use of org.alfresco.repo.security.permissions.AccessDeniedException in project alfresco-remote-api by Alfresco.
the class NodeFolderPost method executeImpl.
@Override
protected Map<String, Object> executeImpl(WebScriptRequest req, Status status, Cache cache) {
// Identify the Node they want to create a child of
SiteInfo site = null;
String container = null;
NodeRef parentNodeRef = null;
Map<String, String> templateArgs = req.getServiceMatch().getTemplateVars();
if (templateArgs.get("site") != null && templateArgs.get("container") != null) {
// Site based request
site = siteService.getSite(templateArgs.get("site"));
if (site == null) {
status.setCode(Status.STATUS_NOT_FOUND);
status.setRedirect(true);
return null;
}
// Check the container exists
container = templateArgs.get("container");
NodeRef containerNodeRef = siteService.getContainer(site.getShortName(), container);
if (containerNodeRef == null) {
status.setCode(Status.STATUS_NOT_FOUND);
status.setRedirect(true);
return null;
}
// Work out where to put it
if (templateArgs.get("path") != null) {
// Nibble our way along the / delimited path, starting from the container
parentNodeRef = containerNodeRef;
StringTokenizer st = new StringTokenizer(templateArgs.get("path"), "/");
while (st.hasMoreTokens()) {
String childName = st.nextToken();
parentNodeRef = nodeService.getChildByName(parentNodeRef, ContentModel.ASSOC_CONTAINS, childName);
if (parentNodeRef == null) {
status.setCode(Status.STATUS_NOT_FOUND);
status.setRedirect(true);
return null;
}
}
} else {
// Direct child of the container
parentNodeRef = containerNodeRef;
}
} else if (templateArgs.get("store_type") != null && templateArgs.get("store_id") != null && templateArgs.get("id") != null) {
// NodeRef based creation
parentNodeRef = new NodeRef(templateArgs.get("store_type"), templateArgs.get("store_id"), templateArgs.get("id"));
if (!nodeService.exists(parentNodeRef)) {
status.setCode(Status.STATUS_NOT_FOUND);
status.setRedirect(true);
return null;
}
} else {
throw new WebScriptException(Status.STATUS_BAD_REQUEST, "No parent details found");
}
// Process the JSON post details
JSONObject json = null;
JSONParser parser = new JSONParser();
try {
json = (JSONObject) parser.parse(req.getContent().getContent());
} catch (IOException io) {
throw new WebScriptException(Status.STATUS_BAD_REQUEST, "Invalid JSON: " + io.getMessage());
} catch (ParseException pe) {
throw new WebScriptException(Status.STATUS_BAD_REQUEST, "Invalid JSON: " + pe.getMessage());
}
// Fetch the name, title and description
String name = (String) json.get("name");
if (name == null) {
throw new WebScriptException(Status.STATUS_BAD_REQUEST, "Name is required");
}
String title = (String) json.get("title");
if (title == null) {
title = name;
}
String description = (String) json.get("description");
Map<QName, Serializable> props = new HashMap<QName, Serializable>();
props.put(ContentModel.PROP_NAME, name);
props.put(ContentModel.PROP_TITLE, title);
props.put(ContentModel.PROP_DESCRIPTION, description);
// Verify the type is allowed
QName type = ContentModel.TYPE_FOLDER;
if (json.get("type") != null) {
type = QName.createQName((String) json.get("type"), namespaceService);
if (!dictionaryService.isSubClass(type, ContentModel.TYPE_FOLDER)) {
throw new WebScriptException(Status.STATUS_BAD_REQUEST, "Specified type is not a folder");
}
}
// Have the node created
NodeRef nodeRef = null;
try {
nodeRef = nodeService.createNode(parentNodeRef, ContentModel.ASSOC_CONTAINS, QName.createQName(name), type, props).getChildRef();
} catch (AccessDeniedException e) {
throw new WebScriptException(Status.STATUS_FORBIDDEN, "You don't have permission to create the node");
}
// Report the details
Map<String, Object> model = new HashMap<String, Object>();
model.put("nodeRef", nodeRef);
model.put("site", site);
model.put("container", container);
model.put("parentNodeRef", parentNodeRef);
return model;
}
use of org.alfresco.repo.security.permissions.AccessDeniedException in project alfresco-remote-api by Alfresco.
the class StatsGet method executeImpl.
@Override
protected Map<String, Object> executeImpl(WebScriptRequest req, Status status, Cache cache) {
Map<String, Object> model = new HashMap<String, Object>(2, 1.0f);
Map<String, String> templateVars = req.getServiceMatch().getTemplateVars();
SiteInfo siteInfo = null;
String listFacets = req.getParameter("listFacets");
if (listFacets != null) {
model.put("facets", facets.keySet());
model.put("resultSize", 0);
return model;
}
if (templateVars != null && templateVars.containsKey("siteId")) {
siteInfo = siteService.getSite(templateVars.get("siteId"));
if (siteInfo == null) {
throw new AccessDeniedException("No such site: " + templateVars.get("siteId"));
}
}
String facetKey = req.getParameter("facet");
// default
if (facetKey == null)
facetKey = facets.entrySet().iterator().next().getKey();
String query;
QName propFacet = findFacet(facetKey);
Pair<LocalDate, LocalDate> startAndEnd = getStartAndEndDates(req.getParameter("startDate"), req.getParameter("endDate"));
query = buildQuery(siteInfo, facetKey, startAndEnd);
StatsParameters params = new StatsParameters(SearchService.LANGUAGE_SOLR_FTS_ALFRESCO, query, false);
// params.addSort(new SortDefinition(SortDefinition.SortType.FIELD, this.statsField, false));
params.addStatsParameter(StatsParameters.PARAM_FIELD, this.statsField);
params.addStatsParameter(StatsParameters.PARAM_FACET, StatsParameters.FACET_PREFIX + propFacet.toString());
StatsResultSet result = stats.query(params);
if (postProcessors.containsKey(facetKey)) {
StatsProcessor processor = postProcessors.get(facetKey);
result = processor.process(result);
}
model.put("result", result);
model.put("resultSize", result.getStats().size());
return model;
}
use of org.alfresco.repo.security.permissions.AccessDeniedException in project alfresco-remote-api by Alfresco.
the class TaskInstancePut method buildModel.
@Override
protected Map<String, Object> buildModel(WorkflowModelBuilder modelBuilder, WebScriptRequest req, Status status, Cache cache) {
Map<String, String> params = req.getServiceMatch().getTemplateVars();
// getting task id from request parameters
String taskId = params.get("task_instance_id");
JSONObject json = null;
try {
WorkflowTask workflowTask = workflowService.getTaskById(taskId);
String currentUser = authenticationService.getCurrentUserName();
// read request json
json = new JSONObject(new JSONTokener(req.getContent().getContent()));
// update task properties
workflowTask = workflowService.updateTask(taskId, parseTaskProperties(json, workflowTask), null, null);
// task was not found -> return 404
if (workflowTask == null) {
throw new WebScriptException(HttpServletResponse.SC_NOT_FOUND, "Failed to find workflow task with id: " + taskId);
}
// build the model for ftl
Map<String, Object> model = new HashMap<String, Object>();
model.put("workflowTask", modelBuilder.buildDetailed(workflowTask));
return model;
} catch (IOException iox) {
throw new WebScriptException(Status.STATUS_BAD_REQUEST, "Could not read content from request.", iox);
} catch (JSONException je) {
throw new WebScriptException(Status.STATUS_BAD_REQUEST, "Could not parse JSON from request.", je);
} catch (AccessDeniedException ade) {
throw new WebScriptException(HttpServletResponse.SC_UNAUTHORIZED, "Failed to update workflow task with id: " + taskId, ade);
} catch (WorkflowException we) {
throw new WebScriptException(HttpServletResponse.SC_UNAUTHORIZED, "Failed to update workflow task with id: " + taskId, we);
}
}
use of org.alfresco.repo.security.permissions.AccessDeniedException in project alfresco-remote-api by Alfresco.
the class InvitationDelete method executeImpl.
@Override
protected Map<String, Object> executeImpl(WebScriptRequest req, Status status, Cache cache) {
Map<String, Object> model = new HashMap<String, Object>();
Map<String, String> templateVars = req.getServiceMatch().getTemplateVars();
final String siteShortName = templateVars.get("shortname");
final String invitationId = templateVars.get("invitationId");
validateParameters(siteShortName, invitationId);
try {
// MNT-9905 Pending Invites created by one site manager aren't visible to other site managers
String currentUser = AuthenticationUtil.getRunAsUser();
if (siteShortName != null && (SiteModel.SITE_MANAGER).equals(siteService.getMembersRole(siteShortName, currentUser))) {
RunAsWork<Void> runAsSystem = new RunAsWork<Void>() {
@Override
public Void doWork() throws Exception {
checkAndCancelTheInvitation(invitationId, siteShortName);
return null;
}
};
AuthenticationUtil.runAs(runAsSystem, AuthenticationUtil.getSystemUserName());
} else {
checkAndCancelTheInvitation(invitationId, siteShortName);
}
} catch (InvitationExceptionForbidden fe) {
throw new WebScriptException(Status.STATUS_FORBIDDEN, "Unable to cancel workflow", fe);
} catch (AccessDeniedException ade) {
throw new WebScriptException(Status.STATUS_FORBIDDEN, "Unable to cancel workflow", ade);
}
return model;
}
Aggregations