use of org.nextprot.api.commons.exception.NotAuthorizedException in project nextprot-api by calipho-sib.
the class NPSecurityContext method checkUserAuthorization.
public static void checkUserAuthorization(UserResource userResource) {
String securityUserName;
Authentication a = SecurityContextHolder.getContext().getAuthentication();
if (a.getPrincipal() instanceof UserDetails) {
UserDetails currentUserDetails = (UserDetails) a.getPrincipal();
securityUserName = currentUserDetails.getUsername();
} else {
securityUserName = a.getPrincipal().toString();
}
if (securityUserName == null) {
throw new NotAuthorizedException("Security user name not set!!!");
}
if (!securityUserName.equals(userResource.getOwnerName())) {
throw new NotAuthorizedException(securityUserName + " is not authorized to access this resource");
}
}
Aggregations