Search in sources :

Example 16 with FieldValidationException

use of org.summerb.validation.FieldValidationException in project summerb by skarpushin.

the class RestExceptionTranslator method determineFailureResult.

protected DtoBase determineFailureResult(Exception ex, HttpServletRequest request, HttpServletResponse response) {
    // first see if it is FVE
    FieldValidationException fve = ExceptionUtils.findExceptionOfType(ex, FieldValidationException.class);
    if (fve != null) {
        response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
        return fve.getErrorDescriptionObject();
    }
    boolean translateAuthErrors = Boolean.TRUE.equals(Boolean.valueOf(request.getHeader(X_TRANSLATE_AUTHORIZATION_ERRORS)));
    GenericServerErrorResult ret = null;
    if (translateAuthErrors) {
        ret = new GenericServerErrorResult(buildUserMessage(ex, request), new ExceptionInfo(ex));
    }
    NotAuthorizedException naex = ExceptionUtils.findExceptionOfType(ex, NotAuthorizedException.class);
    if (naex != null) {
        response.setStatus(HttpServletResponse.SC_FORBIDDEN);
        return ret != null ? ret : naex.getResult();
    }
    AuthenticationException ae = ExceptionUtils.findExceptionOfType(ex, AuthenticationException.class);
    if (ae != null) {
        // NOTE: See how we did that in AuthenticationFailureHandlerImpl...
        // Looks like we need to augment our custom RestLoginFilter so it
        // will put username to request
        response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
        return ret != null ? ret : new NotAuthorizedResult("(username not resolved)", SecurityMessageCodes.AUTH_FATAL);
    }
    AccessDeniedException ade = ExceptionUtils.findExceptionOfType(ex, AccessDeniedException.class);
    if (ade != null) {
        if (authenticationTrustResolver.isAnonymous(SecurityContextHolder.getContext().getAuthentication())) {
            response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
            return ret != null ? ret : new NotAuthorizedResult(getCurrentUser(null), SecurityMessageCodes.LOGIN_REQUIRED);
        }
        response.setStatus(HttpServletResponse.SC_FORBIDDEN);
        return ret != null ? ret : new NotAuthorizedResult(getCurrentUser(null), SecurityMessageCodes.ACCESS_DENIED);
    }
    CurrentUserNotFoundException cunfe = ExceptionUtils.findExceptionOfType(ex, CurrentUserNotFoundException.class);
    if (cunfe != null) {
        response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
        return ret != null ? ret : new NotAuthorizedResult(getCurrentUser(null), SecurityMessageCodes.LOGIN_REQUIRED);
    }
    // TBD: Do we really need to send whole stack trace to client ??? I think we
    // should do it only during development
    response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
    return new GenericServerErrorResult(buildUserMessage(ex, request), new ExceptionInfo(ex));
}
Also used : FieldValidationException(org.summerb.validation.FieldValidationException) AccessDeniedException(org.springframework.security.access.AccessDeniedException) AuthenticationException(org.springframework.security.core.AuthenticationException) NotAuthorizedResult(org.summerb.security.api.dto.NotAuthorizedResult) CurrentUserNotFoundException(org.summerb.security.api.CurrentUserNotFoundException) NotAuthorizedException(org.summerb.security.api.exceptions.NotAuthorizedException) GenericServerErrorResult(org.summerb.utils.exceptions.dto.GenericServerErrorResult) ExceptionInfo(org.summerb.utils.exceptions.dto.ExceptionInfo)

Example 17 with FieldValidationException

use of org.summerb.validation.FieldValidationException in project summerb by skarpushin.

the class EasyCrudValidationStrategyAbstract method validateForCreate.

@Override
public void validateForCreate(TDto dto) throws FieldValidationException {
    ValidationContext ctx = new ValidationContext();
    doValidateForCreate(dto, ctx);
    if (ctx.getHasErrors()) {
        throw new FieldValidationException(ctx.getErrors());
    }
}
Also used : FieldValidationException(org.summerb.validation.FieldValidationException) ValidationContext(org.summerb.validation.ValidationContext)

Example 18 with FieldValidationException

use of org.summerb.validation.FieldValidationException in project summerb by skarpushin.

the class EasyCrudValidationStrategyAbstract method validateForUpdate.

@Override
public void validateForUpdate(TDto existingVersion, TDto newVersion) throws FieldValidationException {
    ValidationContext ctx = new ValidationContext();
    doValidateForUpdate(existingVersion, newVersion, ctx);
    if (ctx.getHasErrors()) {
        throw new FieldValidationException(ctx.getErrors());
    }
}
Also used : FieldValidationException(org.summerb.validation.FieldValidationException) ValidationContext(org.summerb.validation.ValidationContext)

Example 19 with FieldValidationException

use of org.summerb.validation.FieldValidationException in project summerb by skarpushin.

the class UserServiceImpl method updateUser.

@Override
@Transactional(rollbackFor = Throwable.class)
public void updateUser(User user) throws FieldValidationException, UserNotFoundException {
    Preconditions.checkArgument(user != null, "User reference required");
    Preconditions.checkArgument(StringUtils.hasText(user.getUuid()), "User uuid must be provided");
    validateUser(user);
    boolean isUpdatedSuccessfully;
    try {
        isUpdatedSuccessfully = userDao.updateUser(user);
        eventBus.post(EntityChangedEvent.updated(user));
    } catch (DuplicateKeyException dke) {
        throw new FieldValidationException(new DuplicateUserValidationError(User.FN_EMAIL));
    } catch (Throwable t) {
        String msg = String.format("Failed to update user '%s'", user.getUuid());
        throw new UserServiceUnexpectedException(msg, t);
    }
    if (!isUpdatedSuccessfully) {
        throw new UserNotFoundException(user.getUuid());
    }
}
Also used : FieldValidationException(org.summerb.validation.FieldValidationException) UserNotFoundException(org.summerb.users.api.exceptions.UserNotFoundException) UserServiceUnexpectedException(org.summerb.users.api.exceptions.UserServiceUnexpectedException) DuplicateKeyException(org.springframework.dao.DuplicateKeyException) DuplicateUserValidationError(org.summerb.users.api.validation.DuplicateUserValidationError) Transactional(org.springframework.transaction.annotation.Transactional)

Example 20 with FieldValidationException

use of org.summerb.validation.FieldValidationException in project summerb by skarpushin.

the class AuthTokenServiceImpl method validateAndGetUser.

private User validateAndGetUser(String userEmail, String passwordPlain) throws UserNotFoundException, FieldValidationException, InvalidPasswordException {
    try {
        User user = userService.getUserByEmail(userEmail);
        boolean isPasswordValid = passwordService.isUserPasswordValid(user.getUuid(), passwordPlain);
        if (!isPasswordValid) {
            throw new InvalidPasswordException();
        }
        return user;
    } catch (Throwable t) {
        Throwables.throwIfInstanceOf(t, UserNotFoundException.class);
        Throwables.throwIfInstanceOf(t, FieldValidationException.class);
        Throwables.throwIfInstanceOf(t, InvalidPasswordException.class);
        String msg = String.format("Failed to validate user '%s' and password '%s'", userEmail, passwordPlain);
        throw new UserServiceUnexpectedException(msg, t);
    }
}
Also used : UserNotFoundException(org.summerb.users.api.exceptions.UserNotFoundException) FieldValidationException(org.summerb.validation.FieldValidationException) User(org.summerb.users.api.dto.User) UserServiceUnexpectedException(org.summerb.users.api.exceptions.UserServiceUnexpectedException) InvalidPasswordException(org.summerb.users.api.exceptions.InvalidPasswordException)

Aggregations

FieldValidationException (org.summerb.validation.FieldValidationException)27 User (org.summerb.users.api.dto.User)11 UserServiceUnexpectedException (org.summerb.users.api.exceptions.UserServiceUnexpectedException)11 Transactional (org.springframework.transaction.annotation.Transactional)9 UserNotFoundException (org.summerb.users.api.exceptions.UserNotFoundException)8 ValidationContext (org.summerb.validation.ValidationContext)4 DuplicateKeyException (org.springframework.dao.DuplicateKeyException)3 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)3 AuthToken (org.summerb.users.api.dto.AuthToken)3 InvalidPasswordException (org.summerb.users.api.exceptions.InvalidPasswordException)3 ValidationError (org.summerb.validation.ValidationError)3 ValidationErrorsVm (org.summerb.webappboilerplate.model.ValidationErrorsVm)3 AccessDeniedException (org.springframework.security.access.AccessDeniedException)2 NotAuthorizedResult (org.summerb.security.api.dto.NotAuthorizedResult)2 NotAuthorizedException (org.summerb.security.api.exceptions.NotAuthorizedException)2 DuplicateUserValidationError (org.summerb.users.api.validation.DuplicateUserValidationError)2 GenericException (org.summerb.utils.exceptions.GenericException)2 ExceptionInfo (org.summerb.utils.exceptions.dto.ExceptionInfo)2 GenericServerErrorResult (org.summerb.utils.exceptions.dto.GenericServerErrorResult)2 UserStatus (org.summerb.webappboilerplate.security.dto.UserStatus)2