Examples with AccessDeniedException org.springframework.security.access.AccessDeniedException used on opensource projects

Example 86 with AccessDeniedException

use of org.springframework.security.access.AccessDeniedException in project ontrack by nemerosa.

the class SecurityServiceIT method read_only_on_one_project.

@Test
public void read_only_on_one_project() throws Exception {
    withNoGrantViewToAll(() -> {
        // Creates two projects
        Project p1 = doCreateProject();
        Project p2 = doCreateProject();
        // Creates an account authorised to access only one project
        Account account = doCreateAccountWithProjectRole(p2, "READ_ONLY");
        return asAccount(account).call(() -> {
            // With this account, gets the list of projects
            List<Project> list = structureService.getProjectList();
            // Checks we only have one project
            assertEquals(1, list.size());
            assertEquals(p2.getName(), list.get(0).getName());
            // Access to the authorised project
            assertTrue(structureService.findProjectByName(p2.getName()).isPresent());
            assertNotNull(structureService.getProject(p2.getId()));
            // No access to the other project
            assertFalse(structureService.findProjectByName(p1.getName()).isPresent());
            try {
                structureService.getProject(p1.getId());
                fail("Project is not authorised");
            } catch (AccessDeniedException ignored) {
                assertTrue("Project cannot be found", true);
            }
            // OK
            return true;
        });
    });
}

Example 87 with AccessDeniedException

use of org.springframework.security.access.AccessDeniedException in project zhcet-web by zhcet-amu.

the class EmailUnsubscribeController method unsubscribeEmail.

@GetMapping("/profile/email/unsubscribe")
public String unsubscribeEmail(@RequestParam(required = false) Boolean unsubscribe) {
    User user = userService.getLoggedInUser().orElseThrow(() -> new AccessDeniedException("403"));
    userService.unsubscribeEmail(user, unsubscribe != null && unsubscribe);
    return "redirect:/profile/settings#account";
}

Example 88 with AccessDeniedException

use of org.springframework.security.access.AccessDeniedException in project zhcet-web by zhcet-amu.

the class ProfileController method profileSettings.

@GetMapping("/settings")
public String profileSettings(Model model) {
    User user = userService.getLoggedInUser().orElseThrow(() -> new AccessDeniedException("403"));
    model.addAttribute("user", user);
    if (!model.containsAttribute("user_details"))
        model.addAttribute("user_details", user.getDetails());
    model.addAttribute("page_title", "Profile Settings");
    model.addAttribute("page_subtitle", "Profile Settings for " + user.getName());
    model.addAttribute("page_description", "Manage Profile Details and Account");
    model.addAttribute("genders", Gender.values());
    if (user.getType().equals(UserType.STUDENT)) {
        studentService.getLoggedInStudent().ifPresent(student -> model.addAttribute("student", student));
    } else {
        facultyService.getLoggedInMember().ifPresent(facultyMember -> model.addAttribute("faculty", facultyMember));
    }
    return "user/edit_profile";
}

Example 89 with AccessDeniedException

use of org.springframework.security.access.AccessDeniedException in project fw-cloud-framework by liuweijw.

the class AccessDeniedHandler method handle.

@Override
public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException authException) throws IOException, ServletException {
    log.info("授权失败，禁止访问 {}", request.getRequestURI());
    response.setCharacterEncoding(CommonConstant.UTF8);
    response.setContentType(CommonConstant.CONTENT_TYPE);
    R<String> result = new R<String>().failure(new DeniedException(MessageConstant.COMMONS_AUTH_NOTSUPPORT));
    response.setStatus(HttpStatus.SC_FORBIDDEN);
    PrintWriter printWriter = response.getWriter();
    printWriter.append(objectMapper.writeValueAsString(result));
}

Example 90 with AccessDeniedException

use of org.springframework.security.access.AccessDeniedException in project pentaho-platform by pentaho.

the class MockUnifiedRepository method createFolder.

@Override
public RepositoryFile createFolder(final Serializable parentFolderId, final RepositoryFile file, final RepositoryFileAcl acl, final String versionMessage) {
    Validate.isTrue(file.isFolder());
    Validate.isTrue(!file.isVersioned());
    if (!hasAccess(parentFolderId, EnumSet.of(WRITE))) {
        throw new AccessDeniedException("access denied");
    }
    FileRecord parentFolder = idManager.getFileById(parentFolderId);
    RepositoryFile fileFromRepo = new RepositoryFile.Builder(file).path(parentFolder.getPath() + (parentFolder.getPath().endsWith(RepositoryFile.SEPARATOR) ? "" : RepositoryFile.SEPARATOR) + file.getName()).title(findTitle(file)).description(findDesc(file)).build();
    RepositoryFileAcl aclFromRepo = new RepositoryFileAcl.Builder(acl).build();
    FileRecord fileRecord = new FileRecord(fileFromRepo, null, aclFromRepo, new HashMap<String, Serializable>());
    idManager.register(fileRecord);
    parentFolder.addChild(fileRecord);
    return fileRecord.getFile();
}