Search in sources :

Example 11 with OLATSecurityException

use of org.olat.core.logging.OLATSecurityException in project OpenOLAT by OpenOLAT.

the class RepositoryEntryLifeCycleChangeController method doDelete.

private void doDelete(UserRequest ureq) {
    if (!reSecurity.isEntryAdmin()) {
        throw new OLATSecurityException("Trying to delete, but not allowed: user = " + ureq.getIdentity());
    }
    List<RepositoryEntry> entryToDelete = Collections.singletonList(re);
    confirmDeleteCtrl = new ConfirmDeleteSoftlyController(ureq, getWindowControl(), entryToDelete, false);
    listenTo(confirmDeleteCtrl);
    String title = translate("del.header", re.getDisplayname());
    cmc = new CloseableModalController(getWindowControl(), "close", confirmDeleteCtrl.getInitialComponent(), true, title);
    listenTo(cmc);
    cmc.activate();
}
Also used : CloseableModalController(org.olat.core.gui.control.generic.closablewrapper.CloseableModalController) ConfirmDeleteSoftlyController(org.olat.repository.ui.author.ConfirmDeleteSoftlyController) OLATSecurityException(org.olat.core.logging.OLATSecurityException) RepositoryEntry(org.olat.repository.RepositoryEntry)

Example 12 with OLATSecurityException

use of org.olat.core.logging.OLATSecurityException in project OpenOLAT by OpenOLAT.

the class ShibbolethDispatcher method execute.

/**
 * Main method called by OpenOLATServlet.
 * This processess all shibboleth requests.
 *
 * @param req
 * @param resp
 * @param uriPrefix
 */
@Override
public void execute(HttpServletRequest req, HttpServletResponse resp) {
    if (translator == null) {
        translator = Util.createPackageTranslator(ShibbolethDispatcher.class, I18nModule.getDefaultLocale());
    }
    if (!shibbolethModule.isEnableShibbolethLogins()) {
        throw new OLATSecurityException("Got shibboleth request but shibboleth is not enabled");
    }
    String uriPrefix = DispatcherModule.getLegacyUriPrefix(req);
    Map<String, String> attributesMap = getShibbolethAttributesFromRequest(req);
    ShibbolethAttributes shibbolethAttriutes = CoreSpringFactory.getImpl(ShibbolethAttributes.class);
    shibbolethAttriutes.init(attributesMap);
    String uid = shibbolethAttriutes.getUID();
    if (uid == null) {
        handleException(new ShibbolethException(ShibbolethException.UNIQUE_ID_NOT_FOUND, "Unable to get unique identifier for subject. Make sure you are listed in the metadata.xml file and your resources your are trying to access are available and your are allowed to see them. (Resourceregistry). "), req, resp, translator);
        return;
    }
    if (!authorization(req, resp, shibbolethAttriutes)) {
        return;
    }
    UserRequest ureq = null;
    try {
        // upon creation URL is checked for
        ureq = new UserRequestImpl(uriPrefix, req, resp);
    } catch (NumberFormatException nfe) {
        // a 404 message must be shown -> e.g. robots correct their links.
        if (log.isDebug()) {
            log.debug("Bad Request " + req.getPathInfo());
        }
        DispatcherModule.sendBadRequest(req.getPathInfo(), resp);
        return;
    }
    Authentication auth = securityManager.findAuthenticationByAuthusername(uid, PROVIDER_SHIB);
    if (auth == null) {
        // no matching authentication...
        ShibbolethRegistrationController.putShibAttributes(req, shibbolethAttriutes);
        ShibbolethRegistrationController.putShibUniqueID(req, uid);
        redirectToShibbolethRegistration(resp);
        return;
    }
    if (ureq.getUserSession() != null) {
        // re-init the activity logger
        ThreadLocalUserActivityLoggerInstaller.initUserActivityLogger(req);
    }
    int loginStatus = AuthHelper.doLogin(auth.getIdentity(), ShibbolethDispatcher.PROVIDER_SHIB, ureq);
    if (loginStatus != AuthHelper.LOGIN_OK) {
        if (loginStatus == AuthHelper.LOGIN_NOTAVAILABLE) {
            DispatcherModule.redirectToServiceNotAvailable(resp);
        } else {
            // error, redirect to login screen
            DispatcherModule.redirectToDefaultDispatcher(resp);
        }
        return;
    }
    // Successful login
    Identity authenticationedIdentity = ureq.getIdentity();
    userDeletionManager.setIdentityAsActiv(authenticationedIdentity);
    shibbolethManager.syncUser(authenticationedIdentity, shibbolethAttriutes);
    ureq.getUserSession().getIdentityEnvironment().addAttributes(shibbolethModule.getAttributeTranslator().translateAttributesMap(shibbolethAttriutes.toMap()));
    MediaResource mr = ureq.getDispatchResult().getResultingMediaResource();
    if (mr instanceof RedirectMediaResource) {
        RedirectMediaResource rmr = (RedirectMediaResource) mr;
        rmr.prepare(resp);
    } else {
        // error, redirect to login screen
        DispatcherModule.redirectToDefaultDispatcher(resp);
    }
}
Also used : ShibbolethAttributes(org.olat.shibboleth.manager.ShibbolethAttributes) Authentication(org.olat.basesecurity.Authentication) OLATSecurityException(org.olat.core.logging.OLATSecurityException) RedirectMediaResource(org.olat.core.gui.media.RedirectMediaResource) MediaResource(org.olat.core.gui.media.MediaResource) RedirectMediaResource(org.olat.core.gui.media.RedirectMediaResource) Identity(org.olat.core.id.Identity) UserRequest(org.olat.core.gui.UserRequest) UserRequestImpl(org.olat.core.gui.UserRequestImpl)

Example 13 with OLATSecurityException

use of org.olat.core.logging.OLATSecurityException in project openolat by klemens.

the class ShibbolethDispatcher method execute.

/**
 * Main method called by OpenOLATServlet.
 * This processess all shibboleth requests.
 *
 * @param req
 * @param resp
 * @param uriPrefix
 */
@Override
public void execute(HttpServletRequest req, HttpServletResponse resp) {
    if (translator == null) {
        translator = Util.createPackageTranslator(ShibbolethDispatcher.class, I18nModule.getDefaultLocale());
    }
    if (!shibbolethModule.isEnableShibbolethLogins()) {
        throw new OLATSecurityException("Got shibboleth request but shibboleth is not enabled");
    }
    String uriPrefix = DispatcherModule.getLegacyUriPrefix(req);
    Map<String, String> attributesMap = getShibbolethAttributesFromRequest(req);
    ShibbolethAttributes shibbolethAttriutes = CoreSpringFactory.getImpl(ShibbolethAttributes.class);
    shibbolethAttriutes.init(attributesMap);
    String uid = shibbolethAttriutes.getUID();
    if (uid == null) {
        handleException(new ShibbolethException(ShibbolethException.UNIQUE_ID_NOT_FOUND, "Unable to get unique identifier for subject. Make sure you are listed in the metadata.xml file and your resources your are trying to access are available and your are allowed to see them. (Resourceregistry). "), req, resp, translator);
        return;
    }
    if (!authorization(req, resp, shibbolethAttriutes)) {
        return;
    }
    UserRequest ureq = null;
    try {
        // upon creation URL is checked for
        ureq = new UserRequestImpl(uriPrefix, req, resp);
    } catch (NumberFormatException nfe) {
        // a 404 message must be shown -> e.g. robots correct their links.
        if (log.isDebug()) {
            log.debug("Bad Request " + req.getPathInfo());
        }
        DispatcherModule.sendBadRequest(req.getPathInfo(), resp);
        return;
    }
    Authentication auth = securityManager.findAuthenticationByAuthusername(uid, PROVIDER_SHIB);
    if (auth == null) {
        // no matching authentication...
        ShibbolethRegistrationController.putShibAttributes(req, shibbolethAttriutes);
        ShibbolethRegistrationController.putShibUniqueID(req, uid);
        redirectToShibbolethRegistration(resp);
        return;
    }
    if (ureq.getUserSession() != null) {
        // re-init the activity logger
        ThreadLocalUserActivityLoggerInstaller.initUserActivityLogger(req);
    }
    int loginStatus = AuthHelper.doLogin(auth.getIdentity(), ShibbolethDispatcher.PROVIDER_SHIB, ureq);
    if (loginStatus != AuthHelper.LOGIN_OK) {
        if (loginStatus == AuthHelper.LOGIN_NOTAVAILABLE) {
            DispatcherModule.redirectToServiceNotAvailable(resp);
        } else {
            // error, redirect to login screen
            DispatcherModule.redirectToDefaultDispatcher(resp);
        }
        return;
    }
    // Successful login
    Identity authenticationedIdentity = ureq.getIdentity();
    userDeletionManager.setIdentityAsActiv(authenticationedIdentity);
    shibbolethManager.syncUser(authenticationedIdentity, shibbolethAttriutes);
    ureq.getUserSession().getIdentityEnvironment().addAttributes(shibbolethModule.getAttributeTranslator().translateAttributesMap(shibbolethAttriutes.toMap()));
    MediaResource mr = ureq.getDispatchResult().getResultingMediaResource();
    if (mr instanceof RedirectMediaResource) {
        RedirectMediaResource rmr = (RedirectMediaResource) mr;
        rmr.prepare(resp);
    } else {
        // error, redirect to login screen
        DispatcherModule.redirectToDefaultDispatcher(resp);
    }
}
Also used : ShibbolethAttributes(org.olat.shibboleth.manager.ShibbolethAttributes) Authentication(org.olat.basesecurity.Authentication) OLATSecurityException(org.olat.core.logging.OLATSecurityException) RedirectMediaResource(org.olat.core.gui.media.RedirectMediaResource) MediaResource(org.olat.core.gui.media.MediaResource) RedirectMediaResource(org.olat.core.gui.media.RedirectMediaResource) Identity(org.olat.core.id.Identity) UserRequest(org.olat.core.gui.UserRequest) UserRequestImpl(org.olat.core.gui.UserRequestImpl)

Example 14 with OLATSecurityException

use of org.olat.core.logging.OLATSecurityException in project openolat by klemens.

the class RepositoryEntryLifeCycleChangeController method doConfirmCloseResource.

private void doConfirmCloseResource(UserRequest ureq) {
    if (!reSecurity.isEntryAdmin()) {
        throw new OLATSecurityException("Trying to close, but not allowed: user = " + ureq.getIdentity());
    }
    List<RepositoryEntry> entryToClose = Collections.singletonList(re);
    confirmCloseCtrl = new ConfirmCloseController(ureq, getWindowControl(), entryToClose);
    listenTo(confirmCloseCtrl);
    String title = translate("read.only.header", re.getDisplayname());
    cmc = new CloseableModalController(getWindowControl(), "close", confirmCloseCtrl.getInitialComponent(), true, title);
    listenTo(cmc);
    cmc.activate();
}
Also used : CloseableModalController(org.olat.core.gui.control.generic.closablewrapper.CloseableModalController) OLATSecurityException(org.olat.core.logging.OLATSecurityException) RepositoryEntry(org.olat.repository.RepositoryEntry) ConfirmCloseController(org.olat.repository.ui.author.ConfirmCloseController)

Example 15 with OLATSecurityException

use of org.olat.core.logging.OLATSecurityException in project openolat by klemens.

the class GenericQuotaEditController method initMyContent.

private void initMyContent(UserRequest ureq) {
    QuotaManager qm = QuotaManager.getInstance();
    if (!qm.hasQuotaEditRights(ureq.getIdentity())) {
        throw new OLATSecurityException("Insufficient permissions to access QuotaController");
    }
    myContent = createVelocityContainer("edit");
    LinkFactory.createButtonSmall("qf.new", myContent, this);
    delQuotaButton = LinkFactory.createButtonSmall("qf.del", myContent, this);
    myContent.contextPut("users", qm.getDefaultQuota(QuotaConstants.IDENTIFIER_DEFAULT_USERS));
    myContent.contextPut("powerusers", qm.getDefaultQuota(QuotaConstants.IDENTIFIER_DEFAULT_POWER));
    myContent.contextPut("groups", qm.getDefaultQuota(QuotaConstants.IDENTIFIER_DEFAULT_GROUPS));
    myContent.contextPut("repository", qm.getDefaultQuota(QuotaConstants.IDENTIFIER_DEFAULT_REPO));
    myContent.contextPut("coursefolder", qm.getDefaultQuota(QuotaConstants.IDENTIFIER_DEFAULT_COURSE));
    myContent.contextPut("nodefolder", qm.getDefaultQuota(QuotaConstants.IDENTIFIER_DEFAULT_NODES));
    myContent.contextPut("feeds", qm.getDefaultQuota(QuotaConstants.IDENTIFIER_DEFAULT_FEEDS));
}
Also used : OLATSecurityException(org.olat.core.logging.OLATSecurityException) QuotaManager(org.olat.core.util.vfs.QuotaManager)

Aggregations

OLATSecurityException (org.olat.core.logging.OLATSecurityException)16 CloseableModalController (org.olat.core.gui.control.generic.closablewrapper.CloseableModalController)10 RepositoryEntry (org.olat.repository.RepositoryEntry)6 MediaResource (org.olat.core.gui.media.MediaResource)4 ConfirmDeleteSoftlyController (org.olat.repository.ui.author.ConfirmDeleteSoftlyController)4 List (java.util.List)2 Authentication (org.olat.basesecurity.Authentication)2 LayoutMain3ColsController (org.olat.core.commons.fullWebApp.LayoutMain3ColsController)2 FolderRunController (org.olat.core.commons.modules.bc.FolderRunController)2 GlossaryMainController (org.olat.core.commons.modules.glossary.GlossaryMainController)2 UserRequest (org.olat.core.gui.UserRequest)2 UserRequestImpl (org.olat.core.gui.UserRequestImpl)2 ChiefController (org.olat.core.gui.control.ChiefController)2 Controller (org.olat.core.gui.control.Controller)2 VetoableCloseController (org.olat.core.gui.control.VetoableCloseController)2 CloseableCalloutWindowController (org.olat.core.gui.control.generic.closablewrapper.CloseableCalloutWindowController)2 Activateable2 (org.olat.core.gui.control.generic.dtabs.Activateable2)2 NotFoundMediaResource (org.olat.core.gui.media.NotFoundMediaResource)2 RedirectMediaResource (org.olat.core.gui.media.RedirectMediaResource)2 Identity (org.olat.core.id.Identity)2