Examples with PermissionDeniedException org.alfresco.rest.framework.core.exceptions.PermissionDeniedException used on opensource projects

Example 21 with PermissionDeniedException

use of org.alfresco.rest.framework.core.exceptions.PermissionDeniedException in project alfresco-remote-api by Alfresco.

the class QuickShareLinksImpl method delete.

/**
 * Delete the shared link.
 * <p>
 * Once deleted, the shared link will no longer exist hence get/download will no longer work (ie. return 404).
 * If the link is later re-created then a new unique shared id will be generated.
 * <p>
 * Requires authenticated access.
 *
 * @param sharedId String id of the quick share
 */
public void delete(String sharedId, Parameters parameters) {
    checkEnabled();
    checkValidShareId(sharedId);
    try {
        NodeRef nodeRef = quickShareService.getTenantNodeRefFromSharedId(sharedId).getSecond();
        String sharedByUserId = (String) nodeService.getProperty(nodeRef, QuickShareModel.PROP_QSHARE_SHAREDBY);
        if (!quickShareService.canDeleteSharedLink(nodeRef, sharedByUserId)) {
            throw new PermissionDeniedException("Can't perform unshare action: " + sharedId);
        }
        quickShareService.unshareContent(sharedId);
    } catch (InvalidSharedIdException ex) {
        logger.warn("Unable to find: " + sharedId);
        throw new EntityNotFoundException(sharedId);
    } catch (InvalidNodeRefException inre) {
        logger.warn("Unable to find: " + sharedId + " [" + inre.getNodeRef() + "]");
        throw new EntityNotFoundException(sharedId);
    }
}

Example 22 with PermissionDeniedException

use of org.alfresco.rest.framework.core.exceptions.PermissionDeniedException in project alfresco-remote-api by Alfresco.

the class SiteMembershipRequestsImpl method rejectSiteMembershipRequest.

@Override
public void rejectSiteMembershipRequest(String siteId, String inviteeId, SiteMembershipRejection siteMembershipRejection) {
    SiteInfo siteInfo = sites.validateSite(siteId);
    if (siteInfo == null) {
        throw new EntityNotFoundException(siteId);
    }
    // set the site id to the short name (to deal with case sensitivity issues with
    // using the siteId from the url)
    siteId = siteInfo.getShortName();
    // Validate invitation.
    Invitation invitation = getSiteInvitation(inviteeId, siteId);
    if (invitation == null || !(invitation instanceof ModeratedInvitation)) {
        throw new RelationshipResourceNotFoundException(siteId, inviteeId);
    }
    ModeratedInvitation moderatedInvitation = (ModeratedInvitation) invitation;
    ResourceType resourceType = moderatedInvitation.getResourceType();
    if (!resourceType.equals(ResourceType.WEB_SITE) || !SiteVisibility.MODERATED.equals(siteInfo.getVisibility())) {
        // note: security, no indication that this has a different visibility
        throw new RelationshipResourceNotFoundException(siteId, inviteeId);
    }
    String reason = null;
    if (siteMembershipRejection != null && !(siteMembershipRejection.getComment() == null || siteMembershipRejection.getComment().isEmpty())) {
        reason = siteMembershipRejection.getComment();
    }
    try {
        invitationService.reject(invitation.getInviteId(), reason);
    } catch (InvitationExceptionForbidden ex) {
        throw new PermissionDeniedException();
    }
}

Example 23 with PermissionDeniedException

use of org.alfresco.rest.framework.core.exceptions.PermissionDeniedException in project alfresco-remote-api by Alfresco.

the class NodeVersionsRelation method delete.

@Override
@WebApiDescription(title = "Delete version")
public void delete(String nodeId, String versionId, Parameters parameters) {
    Version v = findVersion(nodeId, versionId);
    // live (aka versioned) nodeRef
    NodeRef nodeRef = v.getVersionedNodeRef();
    if (sr.getPermissionService().hasPermission(nodeRef, PermissionService.DELETE) != AccessStatus.ALLOWED) {
        throw new PermissionDeniedException("Cannot delete version");
    }
    versionService.deleteVersion(nodeRef, v);
    Map<QName, Serializable> props = sr.getNodeService().getProperties(nodeRef);
    if (props.get(ContentModel.PROP_VERSION_LABEL) == null) {
        // note: alternatively, the client can remove the "cm:versionable" aspect (if permissions allow) to clear the version history and disable versioning
        throw new IntegrityException("Cannot delete last version (did you mean to disable versioning instead ?) [" + nodeId + "," + versionId + "]", null);
    /*
            if (props.get(ContentModel.PROP_VERSION_TYPE) != null)
            {
                // minor fix up to versionable aspect - ie. remove versionType
                behaviourFilter.disableBehaviour(nodeRef, ContentModel.ASPECT_VERSIONABLE);
                behaviourFilter.disableBehaviour(nodeRef, ContentModel.ASPECT_AUDITABLE);
                try
                {
                    sr.getNodeService().removeProperty(nodeRef, ContentModel.PROP_VERSION_TYPE);
                }
                finally
                {
                    behaviourFilter.enableBehaviour(nodeRef, ContentModel.ASPECT_AUDITABLE);
                    behaviourFilter.enableBehaviour(nodeRef, ContentModel.ASPECT_VERSIONABLE);
                }
            }
            */
    }
}

Example 24 with PermissionDeniedException

use of org.alfresco.rest.framework.core.exceptions.PermissionDeniedException in project alfresco-remote-api by Alfresco.

the class AuthenticationsImpl method createTicket.

@Override
public LoginTicketResponse createTicket(LoginTicket loginRequest, Parameters parameters) {
    validateLoginRequest(loginRequest);
    try {
        // get ticket
        authenticationService.authenticate(loginRequest.getUserId(), loginRequest.getPassword().toCharArray());
        LoginTicketResponse response = new LoginTicketResponse();
        response.setUserId(loginRequest.getUserId());
        response.setId(authenticationService.getCurrentTicket());
        return response;
    } catch (AuthenticationException e) {
        throw new PermissionDeniedException("Login failed");
    } finally {
        AuthenticationUtil.clearCurrentSecurityContext();
    }
}

Example 25 with PermissionDeniedException

use of org.alfresco.rest.framework.core.exceptions.PermissionDeniedException in project alfresco-remote-api by Alfresco.

the class DeploymentsImpl method getDeployment.

@Override
public Deployment getDeployment(String deploymentId) {
    // Only admin-user is allowed to get deployments
    if (!authorityService.isAdminAuthority(AuthenticationUtil.getRunAsUser())) {
        throw new PermissionDeniedException();
    }
    RepositoryService repositoryService = activitiProcessEngine.getRepositoryService();
    DeploymentQuery query = repositoryService.createDeploymentQuery().deploymentId(deploymentId);
    if (tenantService.isEnabled() && deployWorkflowsInTenant) {
        query.processDefinitionKeyLike("@" + TenantUtil.getCurrentDomain() + "@%");
    }
    org.activiti.engine.repository.Deployment deployment = null;
    try {
        deployment = query.singleResult();
    } catch (ActivitiException e) {
        // The next exception will cause a response status 400: Bad request
        throw new InvalidArgumentException("Invalid deployment id: " + deploymentId);
    }
    if (deployment == null) {
        // The next exception will cause a response status 404: Not found
        throw new EntityNotFoundException(deploymentId);
    }
    Deployment deploymentRest = new Deployment(deployment);
    return deploymentRest;
}