Example 1 with NotAuthorizedException
use of org.nextprot.api.commons.exception.NotAuthorizedException in project nextprot-api by calipho-sib.
the class NPSecurityContext method checkUserAuthorization.
public static void checkUserAuthorization(UserResource userResource) {
String securityUserName;
Authentication a = SecurityContextHolder.getContext().getAuthentication();
if (a.getPrincipal() instanceof UserDetails) {
UserDetails currentUserDetails = (UserDetails) a.getPrincipal();
securityUserName = currentUserDetails.getUsername();
} else {
securityUserName = a.getPrincipal().toString();
}
if (securityUserName == null) {
throw new NotAuthorizedException("Security user name not set!!!");
}
if (!securityUserName.equals(userResource.getOwnerName())) {
throw new NotAuthorizedException(securityUserName + " is not authorized to access this resource");
}
}
Also used :
UserDetails(org.springframework.security.core.userdetails.UserDetails)
Auth0UserDetails(com.auth0.spring.security.auth0.Auth0UserDetails)
Authentication(org.springframework.security.core.Authentication)
NotAuthorizedException(org.nextprot.api.commons.exception.NotAuthorizedException)
Aggregations
Auth0UserDetails (com.auth0.spring.security.auth0.Auth0UserDetails)1
NotAuthorizedException (org.nextprot.api.commons.exception.NotAuthorizedException)1
Authentication (org.springframework.security.core.Authentication)1
UserDetails (org.springframework.security.core.userdetails.UserDetails)1
