Examples with AuthorizationException org.xwiki.security.authorization.AuthorizationException used on opensource projects

Example 6 with AuthorizationException

use of org.xwiki.security.authorization.AuthorizationException in project xwiki-platform by xwiki.

the class DefaultSecurityCacheRulesInvalidatorListener method invalidateGroupMembers.

/**
 * Drop from the cache all members of a given group.
 *
 * @param group The group.
 * @param securityCache Right cache instance to invalidate.
 * @throws org.xwiki.security.authorization.AuthorizationException on error.
 */
public void invalidateGroupMembers(DocumentReference group, SecurityCache securityCache) throws AuthorizationException {
    try {
        XWikiContext xwikiContext = this.xcontextProvider.get();
        XWikiGroupService groupService = xwikiContext.getWiki().getGroupService(xwikiContext);
        String groupName = serializer.serialize(group);
        // The group members inherit the wiki from the group
        // itself, unless the wiki name is explicitly given.
        WikiReference wikiReference = group.getWikiReference();
        final int nb = 100;
        int i = 0;
        Collection<String> memberNames;
        do {
            memberNames = groupService.getAllMembersNamesForGroup(groupName, nb, i * nb, xwikiContext);
            for (String member : memberNames) {
                DocumentReference memberRef = userResolver.resolve(member, wikiReference);
                if (!memberRef.equals(group)) {
                    securityCache.remove(securityReferenceFactory.newUserReference(memberRef));
                }
            }
            i++;
        } while (memberNames.size() == nb);
    } catch (XWikiException e) {
        throw new AuthorizationException("Failed to invalidate group member.", e);
    }
}

Example 7 with AuthorizationException

use of org.xwiki.security.authorization.AuthorizationException in project xwiki-platform by xwiki.

the class DefaultSecurityCacheRulesInvalidatorListener method onEvent.

@Override
public void onEvent(Event event, Object source, Object data) {
    DocumentReference ref = getDocumentReference(source);
    readWriteLock.writeLock().lock();
    try {
        deliverUpdateEvent(ref);
        if (isGroupDocument(source)) {
            // When a group receive a new member, the update event is triggered and the above invalidate the group
            // and also all its existing members already in cache, but NOT the new member that could be currently
            // in the cache, and is not yet linked to the group. Here, we invalidate individually all members of
            // the group based on the updated group, which will only have the effect of invaliding new members.
            invalidateGroupMembers(ref, securityCache);
        }
    } catch (AuthorizationException e) {
        this.logger.error("Failed to invalidate group members on the document: {}", ref, e);
    } finally {
        readWriteLock.writeLock().unlock();
    }
}