Examples with AccessDeniedException org.springframework.security.access.AccessDeniedException used on opensource projects

Example 16 with AccessDeniedException

use of org.springframework.security.access.AccessDeniedException in project spring-security-oauth by spring-projects.

the class OAuth2AccessDeniedHandlerTests method testHandleWithJson.

@Test
public void testHandleWithJson() throws Exception {
    request.addHeader("Accept", MediaType.APPLICATION_JSON_VALUE);
    handler.handle(request, response, new AccessDeniedException("Bad"));
    assertEquals(HttpServletResponse.SC_FORBIDDEN, response.getStatus());
    assertTrue(response.getContentType().contains(MediaType.APPLICATION_JSON_VALUE));
    assertEquals(null, response.getErrorMessage());
}

Example 17 with AccessDeniedException

use of org.springframework.security.access.AccessDeniedException in project spring-security-oauth by spring-projects.

the class DefaultWebResponseExceptionTranslator method translate.

@Override
public ResponseEntity<OAuth2Exception> translate(Exception e) throws Exception {
    // Try to extract a SpringSecurityException from the stacktrace
    Throwable[] causeChain = throwableAnalyzer.determineCauseChain(e);
    Exception ase = (OAuth2Exception) throwableAnalyzer.getFirstThrowableOfType(OAuth2Exception.class, causeChain);
    if (ase != null) {
        return handleOAuth2Exception((OAuth2Exception) ase);
    }
    ase = (AuthenticationException) throwableAnalyzer.getFirstThrowableOfType(AuthenticationException.class, causeChain);
    if (ase != null) {
        return handleOAuth2Exception(new UnauthorizedException(e.getMessage(), e));
    }
    ase = (AccessDeniedException) throwableAnalyzer.getFirstThrowableOfType(AccessDeniedException.class, causeChain);
    if (ase instanceof AccessDeniedException) {
        return handleOAuth2Exception(new ForbiddenException(ase.getMessage(), ase));
    }
    ase = (HttpRequestMethodNotSupportedException) throwableAnalyzer.getFirstThrowableOfType(HttpRequestMethodNotSupportedException.class, causeChain);
    if (ase instanceof HttpRequestMethodNotSupportedException) {
        return handleOAuth2Exception(new MethodNotAllowed(ase.getMessage(), ase));
    }
    return handleOAuth2Exception(new ServerErrorException(HttpStatus.INTERNAL_SERVER_ERROR.getReasonPhrase(), e));
}

Example 18 with AccessDeniedException

use of org.springframework.security.access.AccessDeniedException in project fw-cloud-framework by liuweijw.

the class AccessDeniedHandler method handle.

@Override
public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException authException) throws IOException, ServletException {
    logger.info("授权失败，禁止访问");
    response.setCharacterEncoding(CommonConstant.UTF8);
    response.setContentType(CommonConstant.CONTENT_TYPE);
    R<String> result = new R<String>().failure(new DeniedException(MessageConstant.COMMONS_AUTH_NOTSUPPORT));
    response.setStatus(HttpStatus.SC_FORBIDDEN);
    PrintWriter printWriter = response.getWriter();
    printWriter.append(objectMapper.writeValueAsString(result));
}

Example 19 with AccessDeniedException

use of org.springframework.security.access.AccessDeniedException in project apollo by ctripcorp.

the class ItemController method update.

@PutMapping(value = "/apps/{appId}/namespaces/{namespaceName}/items", consumes = { "application/json" })
public ResponseEntity<Void> update(@PathVariable String appId, @PathVariable String namespaceName, @RequestBody NamespaceSyncModel model) {
    checkModel(!model.isInvalid());
    boolean hasPermission = permissionValidator.hasModifyNamespacePermission(appId, namespaceName);
    Env envNoPermission = null;
    // if uses has ModifyNamespace permission then he has permission
    if (!hasPermission) {
        // else check if user has every env's ModifyNamespace permission
        hasPermission = true;
        for (NamespaceIdentifier namespaceIdentifier : model.getSyncToNamespaces()) {
            // once user has not one of the env's ModifyNamespace permission, then break the loop
            hasPermission &= permissionValidator.hasModifyNamespacePermission(namespaceIdentifier.getAppId(), namespaceIdentifier.getNamespaceName(), namespaceIdentifier.getEnv().toString());
            if (!hasPermission) {
                envNoPermission = namespaceIdentifier.getEnv();
                break;
            }
        }
    }
    if (hasPermission) {
        configService.syncItems(model.getSyncToNamespaces(), model.getSyncItems());
        return ResponseEntity.status(HttpStatus.OK).build();
    }
    throw new AccessDeniedException(String.format("You don't have the permission to modify environment: %s", envNoPermission));
}

Example 20 with AccessDeniedException

use of org.springframework.security.access.AccessDeniedException in project apollo by ctripcorp.

the class ReleaseController method rollback.

@PutMapping(path = "/releases/{releaseId}/rollback")
public void rollback(@PathVariable String env, @PathVariable long releaseId, @RequestParam String operator, HttpServletRequest request) {
    RequestPrecondition.checkArguments(!StringUtils.isContainEmpty(operator), "Param operator can not be empty");
    if (userService.findByUserId(operator) == null) {
        throw new BadRequestException("user(operator) not exists");
    }
    ReleaseDTO release = releaseService.findReleaseById(Env.valueOf(env), releaseId);
    if (release == null) {
        throw new BadRequestException("release not found");
    }
    if (!consumerPermissionValidator.hasReleaseNamespacePermission(request, release.getAppId(), release.getNamespaceName(), env)) {
        throw new AccessDeniedException("Forbidden operation. you don't have release permission");
    }
    this.releaseOpenApiService.rollbackRelease(env, releaseId, operator);
}