Examples with AccessDeniedException org.xwiki.security.authorization.AccessDeniedException used on opensource projects

Search in sources :

Example 11 with AccessDeniedException

use of org.xwiki.security.authorization.AccessDeniedException in project xwiki-platform by xwiki.

the class WikiManagerScriptServiceTest method saveDescriptorWhenIAmLocalAdminAndChangeOwner.

@Test
public void saveDescriptorWhenIAmLocalAdminAndChangeOwner() throws Exception {
    WikiDescriptor oldDescriptor = new WikiDescriptor("wikiId", "wikiAlias");
    oldDescriptor.setOwnerId("SomeUser");
    when(wikiDescriptorManager.getById(oldDescriptor.getId())).thenReturn(oldDescriptor);
    // Changing the owner.
    WikiDescriptor descriptor = new WikiDescriptor(oldDescriptor.getId(), "wikiAlias");
    descriptor.setOwnerId("SomeOtherUserOrMyself");
    boolean result = mocker.getComponentUnderTest().saveDescriptor(descriptor);
    assertFalse(result);
    // The right has been checked
    verify(authorizationManager).hasAccess(eq(Right.ADMIN), eq(currentUserRef), eq(new WikiReference("wikiId")));
    // The descriptor has not been saved
    verify(wikiDescriptorManager, never()).saveDescriptor(descriptor);
    Exception expectedException = new AccessDeniedException(currentUserRef, new WikiReference("wikiId"));
    assertEquals(expectedException.getMessage(), mocker.getComponentUnderTest().getLastError().getMessage());
    assertEquals(expectedException.getClass(), mocker.getComponentUnderTest().getLastError().getClass());
}
Also used : AccessDeniedException(org.xwiki.security.authorization.AccessDeniedException) WikiReference(org.xwiki.model.reference.WikiReference) WikiDescriptor(org.xwiki.wiki.descriptor.WikiDescriptor) WikiManagerException(org.xwiki.wiki.manager.WikiManagerException) AccessDeniedException(org.xwiki.security.authorization.AccessDeniedException) Test(org.junit.Test)

Example 12 with AccessDeniedException

use of org.xwiki.security.authorization.AccessDeniedException in project xwiki-platform by xwiki.

the class NotificationPreferenceScriptServiceTest method saveNotificationPreferencesForCurrentWikiWithoutRight.

@Test
public void saveNotificationPreferencesForCurrentWikiWithoutRight() throws Exception {
    when(documentAccessBridge.getCurrentDocumentReference()).thenReturn(new DocumentReference("wikiA", "SpaceA", "PageA"));
    AccessDeniedException e = mock(AccessDeniedException.class);
    doThrow(e).when(authorizationManager).checkAccess(Right.ADMIN, new WikiReference("wikiA"));
    String json = "";
    Exception caughtException = null;
    try {
        mocker.getComponentUnderTest().saveNotificationPreferencesForCurrentWiki(json);
    } catch (Exception ex) {
        caughtException = ex;
    }
    assertNotNull(caughtException);
    assertEquals(e, caughtException);
}
Also used : AccessDeniedException(org.xwiki.security.authorization.AccessDeniedException) WikiReference(org.xwiki.model.reference.WikiReference) DocumentReference(org.xwiki.model.reference.DocumentReference) AccessDeniedException(org.xwiki.security.authorization.AccessDeniedException) Test(org.junit.Test)

Example 13 with AccessDeniedException

use of org.xwiki.security.authorization.AccessDeniedException in project xwiki-platform by xwiki.

the class NotificationPreferenceScriptService method setStartDate.

/**
 * Set the start date for every notification preference of the given user.
 *
 * @param userId id of the user
 * @param startDate the date before which we ignore notifications
 * @throws NotificationException if an error occurs
 */
public void setStartDate(String userId, Date startDate) throws NotificationException {
    try {
        DocumentReference user = documentReferenceResolver.resolve(userId);
        this.authorizationManager.checkAccess(Right.EDIT, user);
        notificationPreferenceManager.setStartDateForUser(user, startDate);
    } catch (AccessDeniedException e) {
        throw new NotificationException(String.format("Unable to save the start date of the notifications for the user [%s]", userId), e);
    }
}
Also used : AccessDeniedException(org.xwiki.security.authorization.AccessDeniedException) NotificationException(org.xwiki.notifications.NotificationException) DocumentReference(org.xwiki.model.reference.DocumentReference)

Example 14 with AccessDeniedException

use of org.xwiki.security.authorization.AccessDeniedException in project xwiki-platform by xwiki.

the class WikiTemplateManagerScript method setTemplate.

/**
 * Set if the specified wiki is a template or not.
 *
 * @param wikiId the ID of the wiki to specify
 * @param value whether or not the wiki is a template
 * @return true if the action succeed
 */
public boolean setTemplate(String wikiId, boolean value) {
    XWikiContext context = xcontextProvider.get();
    try {
        // Check if the current script has the programing rights
        authorizationManager.checkAccess(Right.PROGRAM, context.getDoc().getAuthorReference(), context.getDoc().getDocumentReference());
        // Get the descriptor
        WikiDescriptor descriptor = wikiDescriptorManager.getById(wikiId);
        // Get the wiki owner
        String owner = descriptor.getOwnerId();
        // Check right access
        WikiReference wikiReference = new WikiReference(descriptor.getId());
        String currentUser = entityReferenceSerializer.serialize(context.getUserReference());
        if (!currentUser.equals(owner)) {
            authorizationManager.checkAccess(Right.ADMIN, context.getUserReference(), wikiReference);
        }
        // Do the job
        wikiTemplateManager.setTemplate(wikiId, value);
        // Return success
        return true;
    } catch (WikiTemplateManagerException e) {
        error(String.format("Failed to set the template value [%s] for the wiki [%s].", value, wikiId), e);
        return false;
    } catch (AccessDeniedException e) {
        error(String.format("Access denied for [%s] to change the template value of the wiki [%s]. The user has" + " not the right to perform this operation or the script has not the programming right.", context.getUserReference(), wikiId), e);
        return false;
    } catch (WikiManagerException e) {
        error(String.format("Failed to get the descriptor of the wiki [%s].", wikiId), e);
        return false;
    }
}
Also used : AccessDeniedException(org.xwiki.security.authorization.AccessDeniedException) WikiManagerException(org.xwiki.wiki.manager.WikiManagerException) XWikiContext(com.xpn.xwiki.XWikiContext) WikiReference(org.xwiki.model.reference.WikiReference) WikiDescriptor(org.xwiki.wiki.descriptor.WikiDescriptor) WikiTemplateManagerException(org.xwiki.wiki.template.WikiTemplateManagerException)

Example 15 with AccessDeniedException

use of org.xwiki.security.authorization.AccessDeniedException in project xwiki-platform by xwiki.

the class WikiTemplateManagerScript method createWikiFromTemplate.

/**
 * Create a new wiki from the specified template.
 *
 * @param newWikiId ID of the wiki to create
 * @param newWikiAlias Default alias of the wiki to create
 * @param templateId Id of the template to use
 * @param ownerId Id of the wiki owner
 * @param failOnExist fail the creation of the wiki id if not available
 * @return true if it succeed
 */
public boolean createWikiFromTemplate(String newWikiId, String newWikiAlias, String templateId, String ownerId, boolean failOnExist) {
    try {
        XWikiContext context = xcontextProvider.get();
        // Check if the current script has the programing rights
        authorizationManager.checkAccess(Right.PROGRAM, context.getDoc().getAuthorReference(), context.getDoc().getDocumentReference());
        // Check if the user has the right
        authorizationManager.checkAccess(Right.CREATE_WIKI, context.getUserReference(), new WikiReference(context.getMainXWiki()));
        // Do the job
        wikiTemplateManager.createWikiFromTemplate(newWikiId, newWikiAlias, templateId, ownerId, failOnExist);
        return true;
    } catch (WikiTemplateManagerException e) {
        error("Failed to create the wiki from the template.", e);
    } catch (AccessDeniedException e) {
        error("Error, you or this script does not have the right to create a wiki from a template.", e);
    }
    return false;
}
Also used : AccessDeniedException(org.xwiki.security.authorization.AccessDeniedException) XWikiContext(com.xpn.xwiki.XWikiContext) WikiReference(org.xwiki.model.reference.WikiReference) WikiTemplateManagerException(org.xwiki.wiki.template.WikiTemplateManagerException)

Aggregations

AccessDeniedException (org.xwiki.security.authorization.AccessDeniedException)18 WikiReference (org.xwiki.model.reference.WikiReference)13 WikiManagerException (org.xwiki.wiki.manager.WikiManagerException)10 DocumentReference (org.xwiki.model.reference.DocumentReference)8 Test (org.junit.Test)5 WikiTemplateManagerException (org.xwiki.wiki.template.WikiTemplateManagerException)5 XWikiContext (com.xpn.xwiki.XWikiContext)4 WikiDescriptor (org.xwiki.wiki.descriptor.WikiDescriptor)4 WikiUserManagerException (org.xwiki.wiki.user.WikiUserManagerException)2 NotificationException (org.xwiki.notifications.NotificationException)1 WikiCreationException (org.xwiki.platform.wiki.creationjob.WikiCreationException)1 WikiCreationRequest (org.xwiki.platform.wiki.creationjob.WikiCreationRequest)1 AuthorizationException (org.xwiki.security.authorization.AuthorizationException)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial