Examples with InvitationExceptionForbidden - org.alfresco.service.cmr.invitation.InvitationExceptionForbidden

Example 1 with InvitationExceptionForbidden

use of org.alfresco.service.cmr.invitation.InvitationExceptionForbidden in project alfresco-remote-api by Alfresco.

the class SiteMembershipRequestsImpl method approveSiteMembershipRequest.

@Override
public void approveSiteMembershipRequest(String siteId, String inviteeId, SiteMembershipApproval siteMembershipApproval) {
    SiteInfo siteInfo = sites.validateSite(siteId);
    if (siteInfo == null) {
        throw new EntityNotFoundException(siteId);
    }
    // Set the site id to the short name (to deal with case sensitivity issues with
    // using the siteId from the url)
    siteId = siteInfo.getShortName();
    // Validate invitation.
    Invitation invitation = getSiteInvitation(inviteeId, siteId);
    if (invitation == null || !(invitation instanceof ModeratedInvitation)) {
        throw new RelationshipResourceNotFoundException(siteId, inviteeId);
    }
    ModeratedInvitation moderatedInvitation = (ModeratedInvitation) invitation;
    ResourceType resourceType = moderatedInvitation.getResourceType();
    if (!resourceType.equals(ResourceType.WEB_SITE) || !SiteVisibility.MODERATED.equals(siteInfo.getVisibility())) {
        // note: security, no indication that this has a different visibility
        throw new RelationshipResourceNotFoundException(siteId, inviteeId);
    }
    try {
        invitationService.approve(invitation.getInviteId(), "");
    } catch (InvitationExceptionForbidden ex) {
        throw new PermissionDeniedException();
    }
    // approval role differs from default one.
    if (siteMembershipApproval != null && !(siteMembershipApproval.getRole() == null || siteMembershipApproval.getRole().isEmpty())) {
        String role = siteMembershipApproval.getRole();
        // Check if role chosen by moderator differs from the invite role.
        if (!moderatedInvitation.getRoleName().equals(role)) {
            String currentUserId = AuthenticationUtil.getFullyAuthenticatedUser();
            // Update invitation with new role.
            try {
                addSiteMembership(invitation.getInviteeUserName(), siteId, role, currentUserId);
            } catch (UnknownAuthorityException e) {
                logger.debug("addSiteMember:  UnknownAuthorityException " + siteId + " person " + invitation.getInviteId() + " role " + role);
                throw new InvalidArgumentException("Unknown role '" + role + "'");
            }
        }
    }
}

Also used : RelationshipResourceNotFoundException(org.alfresco.rest.framework.core.exceptions.RelationshipResourceNotFoundException) SiteInfo(org.alfresco.service.cmr.site.SiteInfo) InvalidArgumentException(org.alfresco.rest.framework.core.exceptions.InvalidArgumentException) ModeratedInvitation(org.alfresco.service.cmr.invitation.ModeratedInvitation) Invitation(org.alfresco.service.cmr.invitation.Invitation) ModeratedInvitation(org.alfresco.service.cmr.invitation.ModeratedInvitation) InvitationExceptionForbidden(org.alfresco.service.cmr.invitation.InvitationExceptionForbidden) ResourceType(org.alfresco.service.cmr.invitation.Invitation.ResourceType) PermissionDeniedException(org.alfresco.rest.framework.core.exceptions.PermissionDeniedException) EntityNotFoundException(org.alfresco.rest.framework.core.exceptions.EntityNotFoundException) UnknownAuthorityException(org.alfresco.repo.security.authority.UnknownAuthorityException)

Example 2 with InvitationExceptionForbidden

use of org.alfresco.service.cmr.invitation.InvitationExceptionForbidden in project alfresco-remote-api by Alfresco.

the class SiteMembershipRequestsImpl method rejectSiteMembershipRequest.

@Override
public void rejectSiteMembershipRequest(String siteId, String inviteeId, SiteMembershipRejection siteMembershipRejection) {
    SiteInfo siteInfo = sites.validateSite(siteId);
    if (siteInfo == null) {
        throw new EntityNotFoundException(siteId);
    }
    // set the site id to the short name (to deal with case sensitivity issues with
    // using the siteId from the url)
    siteId = siteInfo.getShortName();
    // Validate invitation.
    Invitation invitation = getSiteInvitation(inviteeId, siteId);
    if (invitation == null || !(invitation instanceof ModeratedInvitation)) {
        throw new RelationshipResourceNotFoundException(siteId, inviteeId);
    }
    ModeratedInvitation moderatedInvitation = (ModeratedInvitation) invitation;
    ResourceType resourceType = moderatedInvitation.getResourceType();
    if (!resourceType.equals(ResourceType.WEB_SITE) || !SiteVisibility.MODERATED.equals(siteInfo.getVisibility())) {
        // note: security, no indication that this has a different visibility
        throw new RelationshipResourceNotFoundException(siteId, inviteeId);
    }
    String reason = null;
    if (siteMembershipRejection != null && !(siteMembershipRejection.getComment() == null || siteMembershipRejection.getComment().isEmpty())) {
        reason = siteMembershipRejection.getComment();
    }
    try {
        invitationService.reject(invitation.getInviteId(), reason);
    } catch (InvitationExceptionForbidden ex) {
        throw new PermissionDeniedException();
    }
}

Also used : RelationshipResourceNotFoundException(org.alfresco.rest.framework.core.exceptions.RelationshipResourceNotFoundException) SiteInfo(org.alfresco.service.cmr.site.SiteInfo) ModeratedInvitation(org.alfresco.service.cmr.invitation.ModeratedInvitation) Invitation(org.alfresco.service.cmr.invitation.Invitation) ModeratedInvitation(org.alfresco.service.cmr.invitation.ModeratedInvitation) InvitationExceptionForbidden(org.alfresco.service.cmr.invitation.InvitationExceptionForbidden) ResourceType(org.alfresco.service.cmr.invitation.Invitation.ResourceType) PermissionDeniedException(org.alfresco.rest.framework.core.exceptions.PermissionDeniedException) EntityNotFoundException(org.alfresco.rest.framework.core.exceptions.EntityNotFoundException)

Example 3 with InvitationExceptionForbidden

use of org.alfresco.service.cmr.invitation.InvitationExceptionForbidden in project alfresco-remote-api by Alfresco.

the class InvitationDelete method executeImpl.

@Override
protected Map<String, Object> executeImpl(WebScriptRequest req, Status status, Cache cache) {
    Map<String, Object> model = new HashMap<String, Object>();
    Map<String, String> templateVars = req.getServiceMatch().getTemplateVars();
    final String siteShortName = templateVars.get("shortname");
    final String invitationId = templateVars.get("invitationId");
    validateParameters(siteShortName, invitationId);
    try {
        // MNT-9905 Pending Invites created by one site manager aren't visible to other site managers
        String currentUser = AuthenticationUtil.getRunAsUser();
        if (siteShortName != null && (SiteModel.SITE_MANAGER).equals(siteService.getMembersRole(siteShortName, currentUser))) {
            RunAsWork<Void> runAsSystem = new RunAsWork<Void>() {

                @Override
                public Void doWork() throws Exception {
                    checkAndCancelTheInvitation(invitationId, siteShortName);
                    return null;
                }
            };
            AuthenticationUtil.runAs(runAsSystem, AuthenticationUtil.getSystemUserName());
        } else {
            checkAndCancelTheInvitation(invitationId, siteShortName);
        }
    } catch (InvitationExceptionForbidden fe) {
        throw new WebScriptException(Status.STATUS_FORBIDDEN, "Unable to cancel workflow", fe);
    } catch (AccessDeniedException ade) {
        throw new WebScriptException(Status.STATUS_FORBIDDEN, "Unable to cancel workflow", ade);
    }
    return model;
}

Also used : AccessDeniedException(org.alfresco.repo.security.permissions.AccessDeniedException) WebScriptException(org.springframework.extensions.webscripts.WebScriptException) HashMap(java.util.HashMap) RunAsWork(org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork) InvitationExceptionForbidden(org.alfresco.service.cmr.invitation.InvitationExceptionForbidden)

Example 4 with InvitationExceptionForbidden

use of org.alfresco.service.cmr.invitation.InvitationExceptionForbidden in project alfresco-remote-api by Alfresco.

the class InviteResponse method execute.

private Map<String, Object> execute(WebScriptRequest req, Status status) {
    // initialise model to pass on for template to render
    Map<String, Object> model = new HashMap<String, Object>();
    String inviteId = req.getServiceMatch().getTemplateVars().get("inviteId");
    String inviteTicket = req.getServiceMatch().getTemplateVars().get("inviteTicket");
    // Check that the task is still open.
    // if(inviteStart)
    // process response
    String action = req.getServiceMatch().getTemplateVars().get("action");
    if (action.equals("accept")) {
        try {
            Invitation invitation = invitationService.accept(inviteId, inviteTicket);
            // add model properties for template to render
            model.put(MODEL_PROP_KEY_RESPONSE, RESPONSE_ACCEPT);
            model.put(MODEL_PROP_KEY_SITE_SHORT_NAME, invitation.getResourceName());
        } catch (InvitationExceptionForbidden fe) {
            throw new WebScriptException(Status.STATUS_FORBIDDEN, fe.toString());
        } catch (InvitationExceptionUserError fe) {
            throw new WebScriptException(Status.STATUS_CONFLICT, fe.toString());
        }
    } else if (action.equals("reject")) {
        try {
            Invitation invitation = invitationService.reject(inviteId, "Rejected");
            // add model properties for template to render
            model.put(MODEL_PROP_KEY_RESPONSE, RESPONSE_REJECT);
            model.put(MODEL_PROP_KEY_SITE_SHORT_NAME, invitation.getResourceName());
        } catch (InvitationExceptionForbidden fe) {
            throw new WebScriptException(Status.STATUS_FORBIDDEN, fe.toString());
        } catch (InvitationExceptionUserError fe) {
            throw new WebScriptException(Status.STATUS_CONFLICT, fe.toString());
        }
    } else {
        /* handle unrecognised method */
        throw new WebScriptException(Status.STATUS_BAD_REQUEST, "action " + action + " is not supported by this webscript.");
    }
    return model;
}

Also used : WebScriptException(org.springframework.extensions.webscripts.WebScriptException) HashMap(java.util.HashMap) Invitation(org.alfresco.service.cmr.invitation.Invitation) InvitationExceptionForbidden(org.alfresco.service.cmr.invitation.InvitationExceptionForbidden) InvitationExceptionUserError(org.alfresco.service.cmr.invitation.InvitationExceptionUserError)

Aggregations

InvitationExceptionForbidden (org.alfresco.service.cmr.invitation.InvitationExceptionForbidden)4 Invitation (org.alfresco.service.cmr.invitation.Invitation)3 HashMap (java.util.HashMap)2 EntityNotFoundException (org.alfresco.rest.framework.core.exceptions.EntityNotFoundException)2 PermissionDeniedException (org.alfresco.rest.framework.core.exceptions.PermissionDeniedException)2 RelationshipResourceNotFoundException (org.alfresco.rest.framework.core.exceptions.RelationshipResourceNotFoundException)2 ResourceType (org.alfresco.service.cmr.invitation.Invitation.ResourceType)2 ModeratedInvitation (org.alfresco.service.cmr.invitation.ModeratedInvitation)2 SiteInfo (org.alfresco.service.cmr.site.SiteInfo)2 WebScriptException (org.springframework.extensions.webscripts.WebScriptException)2 RunAsWork (org.alfresco.repo.security.authentication.AuthenticationUtil.RunAsWork)1 UnknownAuthorityException (org.alfresco.repo.security.authority.UnknownAuthorityException)1 AccessDeniedException (org.alfresco.repo.security.permissions.AccessDeniedException)1 InvalidArgumentException (org.alfresco.rest.framework.core.exceptions.InvalidArgumentException)1 InvitationExceptionUserError (org.alfresco.service.cmr.invitation.InvitationExceptionUserError)1