Examples with WikiSecurityException org.apache.wiki.auth.WikiSecurityException used on opensource projects

Example 6 with WikiSecurityException

use of org.apache.wiki.auth.WikiSecurityException in project jspwiki by apache.

the class GroupManager method setGroup.

/**
 * <p>
 * Saves the {@link Group} created by a user in a wiki session. This method
 * registers the Group with the GroupManager and saves it to the back-end
 * database. If an existing Group with the same name already exists, the new
 * group will overwrite it. After saving the Group, the group database
 * changes are committed.
 * </p>
 * <p>
 * This method fires the following events:
 * </p>
 * <ul>
 * <li><strong>When creating a new Group</strong>, this method fires a
 * {@link org.apache.wiki.event.WikiSecurityEvent#GROUP_ADD} with the
 * GroupManager instance as its source and the new Group as the target.</li>
 * <li><strong>When overwriting an existing Group</strong>, this method
 * fires a new {@link org.apache.wiki.event.WikiSecurityEvent#GROUP_REMOVE}
 * with this GroupManager instance as the source, and the new Group as the
 * target. It then fires a
 * {@link org.apache.wiki.event.WikiSecurityEvent#GROUP_ADD} event with the
 * same source and target.</li>
 * </ul>
 * <p>
 * In addition, if the save or commit actions fail, this method will attempt
 * to restore the older version of the wiki group if it exists. This will
 * result in a <code>GROUP_REMOVE</code> event (for the new version of the
 * Group) followed by a <code>GROUP_ADD</code> event (to indicate
 * restoration of the old version).
 * </p>
 * <p>
 * This method will register the new Group with the GroupManager. For example,
 * {@link org.apache.wiki.auth.AuthenticationManager} attaches each
 * WikiSession as a GroupManager listener. Thus, the act of registering a
 * Group with <code>setGroup</code> means that all WikiSessions will
 * automatically receive group add/change/delete events immediately.
 * </p>
 * @param session the wiki session, which may not be <code>null</code>
 * @param group the Group, which may not be <code>null</code>
 * @throws WikiSecurityException if the Group cannot be saved by the back-end
 */
public void setGroup(WikiSession session, Group group) throws WikiSecurityException {
    // TODO: check for appropriate permissions
    // If group already exists, delete it; fire GROUP_REMOVE event
    Group oldGroup = m_groups.get(group.getPrincipal());
    if (oldGroup != null) {
        fireEvent(WikiSecurityEvent.GROUP_REMOVE, oldGroup);
        synchronized (m_groups) {
            m_groups.remove(oldGroup.getPrincipal());
        }
    }
    // Copy existing modifier info & timestamps
    if (oldGroup != null) {
        group.setCreator(oldGroup.getCreator());
        group.setCreated(oldGroup.getCreated());
        group.setModifier(oldGroup.getModifier());
        group.setLastModified(oldGroup.getLastModified());
    }
    // Add new group to cache; announce GROUP_ADD event
    synchronized (m_groups) {
        m_groups.put(group.getPrincipal(), group);
    }
    fireEvent(WikiSecurityEvent.GROUP_ADD, group);
    // MUST timestammp the create/modify fields in the Group.
    try {
        m_groupDatabase.save(group, session.getUserPrincipal());
    }// We got an exception! Roll back...
     catch (WikiSecurityException e) {
        if (oldGroup != null) {
            // Restore previous version, re-throw...
            fireEvent(WikiSecurityEvent.GROUP_REMOVE, group);
            fireEvent(WikiSecurityEvent.GROUP_ADD, oldGroup);
            synchronized (m_groups) {
                m_groups.put(oldGroup.getPrincipal(), oldGroup);
            }
            throw new WikiSecurityException(e.getMessage() + " (rolled back to previous version).", e);
        }
        // Re-throw security exception
        throw new WikiSecurityException(e.getMessage(), e);
    }
}

Example 7 with WikiSecurityException

use of org.apache.wiki.auth.WikiSecurityException in project jspwiki by apache.

the class GroupManager method checkGroupName.

/**
 * Checks if a String is blank or a restricted Group name, and if it is,
 * appends an error to the WikiSession's message list.
 * @param context the wiki context
 * @param name the Group name to test
 * @throws WikiSecurityException if <code>session</code> is
 * <code>null</code> or the Group name is illegal
 * @see Group#RESTRICTED_GROUPNAMES
 */
protected void checkGroupName(WikiContext context, String name) throws WikiSecurityException {
    // TODO: groups cannot have the same name as a user
    // Name cannot be null
    InputValidator validator = new InputValidator(MESSAGES_KEY, context);
    validator.validateNotNull(name, "Group name");
    // Name cannot be one of the restricted names either
    if (ArrayUtils.contains(Group.RESTRICTED_GROUPNAMES, name)) {
        throw new WikiSecurityException("The group name '" + name + "' is illegal. Choose another.");
    }
}

Example 8 with WikiSecurityException

use of org.apache.wiki.auth.WikiSecurityException in project jspwiki by apache.

the class GroupManager method initialize.

/**
 * Initializes the group cache by initializing the group database and
 * obtaining a list of all of the groups it stores.
 * @param engine the wiki engine
 * @param props the properties used to initialize the wiki engine
 * @see GroupDatabase#initialize(org.apache.wiki.WikiEngine,
 *      java.util.Properties)
 * @see GroupDatabase#groups()
 * @throws WikiSecurityException if GroupManager cannot be initialized
 */
public void initialize(WikiEngine engine, Properties props) throws WikiSecurityException {
    m_engine = engine;
    try {
        m_groupDatabase = getGroupDatabase();
    } catch (WikiException e) {
        throw new WikiSecurityException(e.getMessage(), e);
    }
    // Load all groups from the database into the cache
    Group[] groups = m_groupDatabase.groups();
    synchronized (m_groups) {
        for (Group group : groups) {
            // Add new group to cache; fire GROUP_ADD event
            m_groups.put(group.getPrincipal(), group);
            fireEvent(WikiSecurityEvent.GROUP_ADD, group);
        }
    }
    // Make the GroupManager listen for WikiEvents (WikiSecurityEvents for changed user profiles)
    engine.getUserManager().addWikiEventListener(this);
    // Success!
    log.info("Authorizer GroupManager initialized successfully; loaded " + groups.length + " group(s).");
}

Example 9 with WikiSecurityException

use of org.apache.wiki.auth.WikiSecurityException in project jspwiki by apache.

the class GroupManager method validateGroup.

/**
 * Validates a Group, and appends any errors to the session errors list. Any
 * validation errors are added to the wiki session's messages collection
 * (see {@link WikiSession#getMessages()}.
 * @param context the current wiki context
 * @param group the supplied Group
 */
public void validateGroup(WikiContext context, Group group) {
    InputValidator validator = new InputValidator(MESSAGES_KEY, context);
    // Name cannot be null or one of the restricted names
    try {
        checkGroupName(context, group.getName());
    } catch (WikiSecurityException e) {
    }
    // Member names must be "safe" strings
    Principal[] members = group.members();
    for (int i = 0; i < members.length; i++) {
        validator.validateNotNull(members[i].getName(), "Full name", InputValidator.ID);
    }
}

Example 10 with WikiSecurityException

use of org.apache.wiki.auth.WikiSecurityException in project jspwiki by apache.

the class GroupManager method parseGroup.

/**
 * <p>
 * Extracts group name and members from passed parameters and populates an
 * existing Group with them. The Group will either be a copy of an existing
 * Group (if one can be found), or a new, unregistered Group (if not).
 * Optionally, this method can throw a WikiSecurityException if the Group
 * does not yet exist in the GroupManager cache.
 * </p>
 * <p>
 * The <code>group</code> parameter in the HTTP request contains the Group
 * name to look up and populate. The <code>members</code> parameter
 * contains the member list. If these differ from those in the existing
 * group, the passed values override the old values.
 * </p>
 * <p>
 * This method does not commit the new Group to the GroupManager cache. To
 * do that, use {@link #setGroup(WikiSession, Group)}.
 * </p>
 * @param name the name of the group to construct
 * @param memberLine the line of text containing the group membership list
 * @param create whether this method should create a new, empty Group if one
 *            with the requested name is not found. If <code>false</code>,
 *            groups that do not exist will cause a
 *            <code>NoSuchPrincipalException</code> to be thrown
 * @return a new, populated group
 * @see org.apache.wiki.auth.authorize.Group#RESTRICTED_GROUPNAMES
 * @throws WikiSecurityException if the group name isn't allowed, or if
 * <code>create</code> is <code>false</code>
 * and the Group named <code>name</code> does not exist
 */
public Group parseGroup(String name, String memberLine, boolean create) throws WikiSecurityException {
    // If null name parameter, it's because someone's creating a new group
    if (name == null) {
        if (create) {
            name = "MyGroup";
        } else {
            throw new WikiSecurityException("Group name cannot be blank.");
        }
    } else if (ArrayUtils.contains(Group.RESTRICTED_GROUPNAMES, name)) {
        // Certain names are forbidden
        throw new WikiSecurityException("Illegal group name: " + name);
    }
    name = name.trim();
    // Normalize the member line
    if (InputValidator.isBlank(memberLine)) {
        memberLine = "";
    }
    memberLine = memberLine.trim();
    // Create or retrieve the group (may have been previously cached)
    Group group = new Group(name, m_engine.getApplicationName());
    try {
        Group existingGroup = getGroup(name);
        // If existing, clone it
        group.setCreator(existingGroup.getCreator());
        group.setCreated(existingGroup.getCreated());
        group.setModifier(existingGroup.getModifier());
        group.setLastModified(existingGroup.getLastModified());
        for (Principal existingMember : existingGroup.members()) {
            group.add(existingMember);
        }
    } catch (NoSuchPrincipalException e) {
        // It's a new group.... throw error if we don't create new ones
        if (!create) {
            throw new NoSuchPrincipalException("Group '" + name + "' does not exist.");
        }
    }
    // If passed members not empty, overwrite
    String[] members = extractMembers(memberLine);
    if (members.length > 0) {
        group.clear();
        for (String member : members) {
            group.add(new WikiPrincipal(member));
        }
    }
    return group;
}