Examples with UnauthorizedException - org.sagebionetworks.bridge.exceptions.UnauthorizedException

Example 1 with UnauthorizedException

use of org.sagebionetworks.bridge.exceptions.UnauthorizedException in project BridgeServer2 by Sage-Bionetworks.

the class DynamoAppDao method deactivateApp.

@Override
public void deactivateApp(String appId) {
    checkNotNull(appId);
    if (appWhitelist.contains(appId)) {
        throw new UnauthorizedException(appId + " is protected by whitelist.");
    }
    App app = getApp(appId);
    app.setActive(false);
    updateApp(app);
}

Also used : App(org.sagebionetworks.bridge.models.apps.App) UnauthorizedException(org.sagebionetworks.bridge.exceptions.UnauthorizedException)

Example 2 with UnauthorizedException

use of org.sagebionetworks.bridge.exceptions.UnauthorizedException in project BridgeServer2 by Sage-Bionetworks.

the class EnrollmentServiceTest method unenroll_notAuthorizedAsAdmin.

@Test(expectedExceptions = UnauthorizedException.class)
public void unenroll_notAuthorizedAsAdmin() {
    RequestContext.set(new RequestContext.Builder().withCallerUserId("adminUser").withCallerRoles(ImmutableSet.of(DEVELOPER)).build());
    Account account = Account.create();
    account.setId(TEST_USER_ID);
    doThrow(new UnauthorizedException()).when(mockAccountService).editAccount(any(), any());
    Enrollment enrollment = Enrollment.create(TEST_APP_ID, TEST_STUDY_ID, TEST_USER_ID);
    service.unenroll(enrollment);
}

Also used : Account(org.sagebionetworks.bridge.models.accounts.Account) UnauthorizedException(org.sagebionetworks.bridge.exceptions.UnauthorizedException) Enrollment(org.sagebionetworks.bridge.models.studies.Enrollment) Test(org.testng.annotations.Test)

Example 3 with UnauthorizedException

use of org.sagebionetworks.bridge.exceptions.UnauthorizedException in project BridgeServer2 by Sage-Bionetworks.

the class EnrollmentServiceTest method enroll_notAuthorizedAsAdmin.

@Test(expectedExceptions = UnauthorizedException.class)
public void enroll_notAuthorizedAsAdmin() {
    RequestContext.set(new RequestContext.Builder().withCallerUserId("adminUser").withCallerRoles(ImmutableSet.of(DEVELOPER)).build());
    Account account = Account.create();
    account.setId(TEST_USER_ID);
    doThrow(new UnauthorizedException()).when(mockAccountService).editAccount(any(), any());
    Enrollment enrollment = Enrollment.create(TEST_APP_ID, TEST_STUDY_ID, TEST_USER_ID);
    service.enroll(enrollment);
}

Example 4 with UnauthorizedException

use of org.sagebionetworks.bridge.exceptions.UnauthorizedException in project BridgeServer2 by Sage-Bionetworks.

the class StudyValidatorTest method scheduleGuidScheduleUnauthorized.

@Test
public void scheduleGuidScheduleUnauthorized() {
    study = createStudy();
    study.setScheduleGuid(SCHEDULE_GUID);
    when(mockScheduleService.getScheduleForStudy(TEST_APP_ID, study)).thenThrow(new UnauthorizedException());
    assertValidatorMessage(validator, study, SCHEDULE_GUID_FIELD, SCHEDULE_GUID_OWNER_ERROR_MSG);
}

Also used : UnauthorizedException(org.sagebionetworks.bridge.exceptions.UnauthorizedException) Test(org.testng.annotations.Test)

Example 5 with UnauthorizedException

use of org.sagebionetworks.bridge.exceptions.UnauthorizedException in project BridgeServer2 by Sage-Bionetworks.

the class AppController method getAppMemberships.

@GetMapping(path = { "/v1/apps/memberships", "/v3/studies/memberships" }, produces = { APPLICATION_JSON_UTF8_VALUE })
public String getAppMemberships() throws Exception {
    UserSession session = getAuthenticatedSession();
    if (session.getParticipant().getRoles().isEmpty()) {
        throw new UnauthorizedException(APP_ACCESS_EXCEPTION_MSG);
    }
    Stream<App> stream = null;
    if (!session.isSynapseAuthenticated()) {
        // If they have not signed in via Synapse, they cannot switch apps, so don't return any
        stream = ImmutableList.<App>of().stream();
    } else if (session.isInRole(SUPERADMIN)) {
        // Superadmins can see all apps and can switch between all apps.
        stream = appService.getApps().stream().filter(s -> s.isActive());
    } else {
        // Otherwise, apps are linked by Synapse user ID.
        List<String> appIds = accountService.getAppIdsForUser(session.getParticipant().getSynapseUserId());
        stream = appIds.stream().map(id -> appService.getApp(id)).filter(s -> s.isActive() && appIds.contains(s.getIdentifier()));
    }
    List<App> apps = stream.sorted(APP_COMPARATOR).collect(toList());
    return APP_LIST_WRITER.writeValueAsString(new ResourceList<App>(apps, true));
}

Also used : App(org.sagebionetworks.bridge.models.apps.App) PathVariable(org.springframework.web.bind.annotation.PathVariable) Arrays(java.util.Arrays) RequestParam(org.springframework.web.bind.annotation.RequestParam) BadRequestException(org.sagebionetworks.bridge.exceptions.BadRequestException) AppEmailType(org.sagebionetworks.bridge.services.AppEmailType) Autowired(org.springframework.beans.factory.annotation.Autowired) StringUtils(org.apache.commons.lang3.StringUtils) ResourceList(org.sagebionetworks.bridge.models.ResourceList) UserSession(org.sagebionetworks.bridge.models.accounts.UserSession) APP_LIST_WRITER(org.sagebionetworks.bridge.models.apps.App.APP_LIST_WRITER) CmsPublicKey(org.sagebionetworks.bridge.models.CmsPublicKey) DeleteMapping(org.springframework.web.bind.annotation.DeleteMapping) PostMapping(org.springframework.web.bind.annotation.PostMapping) UploadCertificateService(org.sagebionetworks.bridge.services.UploadCertificateService) StatusMessage(org.sagebionetworks.bridge.models.StatusMessage) Set(java.util.Set) APPLICATION_JSON_UTF8_VALUE(org.springframework.http.MediaType.APPLICATION_JSON_UTF8_VALUE) RestController(org.springframework.web.bind.annotation.RestController) ADMIN(org.sagebionetworks.bridge.Roles.ADMIN) BridgeConfigFactory(org.sagebionetworks.bridge.config.BridgeConfigFactory) List(java.util.List) Stream(java.util.stream.Stream) ForwardCursorPagedResourceList(org.sagebionetworks.bridge.models.ForwardCursorPagedResourceList) BridgeUtils(org.sagebionetworks.bridge.BridgeUtils) UploadView(org.sagebionetworks.bridge.models.upload.UploadView) DEVELOPER(org.sagebionetworks.bridge.Roles.DEVELOPER) SynapseException(org.sagebionetworks.client.exceptions.SynapseException) EmailVerificationService(org.sagebionetworks.bridge.services.EmailVerificationService) CrossOrigin(org.springframework.web.bind.annotation.CrossOrigin) BridgeObjectMapper(org.sagebionetworks.bridge.json.BridgeObjectMapper) HashSet(java.util.HashSet) ImmutableList(com.google.common.collect.ImmutableList) App(org.sagebionetworks.bridge.models.apps.App) GetMapping(org.springframework.web.bind.annotation.GetMapping) EmailVerificationStatusHolder(org.sagebionetworks.bridge.models.apps.EmailVerificationStatusHolder) WORKER(org.sagebionetworks.bridge.Roles.WORKER) ResponseStatus(org.springframework.web.bind.annotation.ResponseStatus) APP_ACCESS_EXCEPTION_MSG(org.sagebionetworks.bridge.BridgeConstants.APP_ACCESS_EXCEPTION_MSG) SUPERADMIN(org.sagebionetworks.bridge.Roles.SUPERADMIN) DateTime(org.joda.time.DateTime) UnauthorizedException(org.sagebionetworks.bridge.exceptions.UnauthorizedException) EmailVerificationStatus(org.sagebionetworks.bridge.services.EmailVerificationStatus) HttpStatus(org.springframework.http.HttpStatus) AppAndUsers(org.sagebionetworks.bridge.models.apps.AppAndUsers) Collectors.toList(java.util.stream.Collectors.toList) UploadService(org.sagebionetworks.bridge.services.UploadService) VersionHolder(org.sagebionetworks.bridge.models.VersionHolder) Comparator(java.util.Comparator) SynapseProjectIdTeamIdHolder(org.sagebionetworks.bridge.models.apps.SynapseProjectIdTeamIdHolder) Collections(java.util.Collections) UserSession(org.sagebionetworks.bridge.models.accounts.UserSession) UnauthorizedException(org.sagebionetworks.bridge.exceptions.UnauthorizedException) ResourceList(org.sagebionetworks.bridge.models.ResourceList) List(java.util.List) ForwardCursorPagedResourceList(org.sagebionetworks.bridge.models.ForwardCursorPagedResourceList) ImmutableList(com.google.common.collect.ImmutableList) Collectors.toList(java.util.stream.Collectors.toList) GetMapping(org.springframework.web.bind.annotation.GetMapping)

Aggregations

UnauthorizedException (org.sagebionetworks.bridge.exceptions.UnauthorizedException)61 UserSession (org.sagebionetworks.bridge.models.accounts.UserSession)37 Test (org.testng.annotations.Test)16 App (org.sagebionetworks.bridge.models.apps.App)14 PostMapping (org.springframework.web.bind.annotation.PostMapping)14 GetMapping (org.springframework.web.bind.annotation.GetMapping)13 Account (org.sagebionetworks.bridge.models.accounts.Account)12 EntityNotFoundException (org.sagebionetworks.bridge.exceptions.EntityNotFoundException)8 DeleteMapping (org.springframework.web.bind.annotation.DeleteMapping)7 StatusMessage (org.sagebionetworks.bridge.models.StatusMessage)6 ResponseStatus (org.springframework.web.bind.annotation.ResponseStatus)6 BadRequestException (org.sagebionetworks.bridge.exceptions.BadRequestException)4 StudyParticipant (org.sagebionetworks.bridge.models.accounts.StudyParticipant)4 Assessment (org.sagebionetworks.bridge.models.assessments.Assessment)4 Enrollment (org.sagebionetworks.bridge.models.studies.Enrollment)4 DateTime (org.joda.time.DateTime)3 CriteriaContext (org.sagebionetworks.bridge.models.CriteriaContext)3 AccountId (org.sagebionetworks.bridge.models.accounts.AccountId)3 SignIn (org.sagebionetworks.bridge.models.accounts.SignIn)3 AssessmentResource (org.sagebionetworks.bridge.models.assessments.AssessmentResource)3