Examples with UnauthorisedException - uk.gov.gchq.gaffer.commonutil.exception.UnauthorisedException

Example 1 with UnauthorisedException

use of uk.gov.gchq.gaffer.commonutil.exception.UnauthorisedException in project Gaffer by gchq.

the class OperationChainLimiter method preExecute.

/**
     * Checks the {@link OperationChain}
     * is allowed to be executed by the user.
     * This is done by checking the user's auths against the auth scores getting the users maximum score limit value.
     * Then checking the operation score of all operations in the chain and comparing the total score value of the chain against a users maximum score limit.
     * If an operation cannot be executed then an {@link IllegalAccessError} is thrown.
     *
     * @param user    the user to authorise.
     * @param opChain the operation chain.
     */
@Override
public void preExecute(final OperationChain<?> opChain, final User user) {
    if (null != opChain) {
        Integer chainScore = 0;
        Integer maxAuthScore = getMaxUserAuthScore(user.getOpAuths());
        for (final Operation operation : opChain.getOperations()) {
            chainScore += authorise(operation);
            if (chainScore > maxAuthScore) {
                throw new UnauthorisedException("The maximum score limit for this user is " + maxAuthScore + ".\n" + "The requested operation chain exceeded this score limit.");
            }
        }
    }
}

Also used : UnauthorisedException(uk.gov.gchq.gaffer.commonutil.exception.UnauthorisedException) Operation(uk.gov.gchq.gaffer.operation.Operation)

Example 2 with UnauthorisedException

use of uk.gov.gchq.gaffer.commonutil.exception.UnauthorisedException in project Gaffer by gchq.

the class OperationServiceV2 method executeChunkedChain.

@SuppressFBWarnings
@Override
public Response executeChunkedChain(final OperationChain opChain) {
    // Create chunked output instance
    final Throwable[] threadException = new Throwable[1];
    final ChunkedOutput<String> output = new ChunkedOutput<>(String.class, "\r\n");
    final Context context = userFactory.createContext();
    // create thread to write chunks to the chunked output object
    Thread thread = new Thread(() -> {
        try {
            final Object result = _execute(opChain, context).getFirst();
            chunkResult(result, output);
        } catch (final Exception e) {
            throw new RuntimeException(e);
        } finally {
            CloseableUtil.close(output);
            CloseableUtil.close(opChain);
        }
    });
    // By default threads throw nothing, so set the ExceptionHandler
    thread.setUncaughtExceptionHandler((thread1, exception) -> threadException[0] = exception.getCause());
    thread.start();
    // Sleep to check exception will be caught
    try {
        Thread.sleep(1000);
    } catch (final InterruptedException e) {
        return Response.status(INTERNAL_SERVER_ERROR).entity(new Error.ErrorBuilder().status(Status.INTERNAL_SERVER_ERROR).statusCode(500).simpleMessage(e.getMessage()).build()).header(GAFFER_MEDIA_TYPE_HEADER, GAFFER_MEDIA_TYPE).build();
    }
    // If there was an UnauthorisedException thrown return 403, else return a 500
    if (null != threadException[0]) {
        if (threadException.getClass().equals(UnauthorisedException.class)) {
            return Response.status(INTERNAL_SERVER_ERROR).entity(new Error.ErrorBuilder().status(Status.FORBIDDEN).statusCode(403).simpleMessage(threadException[0].getMessage()).build()).header(GAFFER_MEDIA_TYPE_HEADER, GAFFER_MEDIA_TYPE).build();
        } else {
            return Response.status(INTERNAL_SERVER_ERROR).entity(new Error.ErrorBuilder().status(Status.INTERNAL_SERVER_ERROR).statusCode(500).simpleMessage(threadException[0].getMessage()).build()).header(GAFFER_MEDIA_TYPE_HEADER, GAFFER_MEDIA_TYPE).build();
        }
    }
    // Return ok output
    return Response.ok(output).header(GAFFER_MEDIA_TYPE_HEADER, GAFFER_MEDIA_TYPE).build();
}

Also used : Context(uk.gov.gchq.gaffer.store.Context) Error(uk.gov.gchq.gaffer.core.exception.Error) ChunkedOutput(org.glassfish.jersey.server.ChunkedOutput) IOException(java.io.IOException) UnauthorisedException(uk.gov.gchq.gaffer.commonutil.exception.UnauthorisedException) SuppressFBWarnings(edu.umd.cs.findbugs.annotations.SuppressFBWarnings)

Example 3 with UnauthorisedException

use of uk.gov.gchq.gaffer.commonutil.exception.UnauthorisedException in project Gaffer by gchq.

the class GafferExceptionMapperTest method shouldPropagateForbiddenError.

@Test
public void shouldPropagateForbiddenError() {
    // When
    GafferExceptionMapper gafferExceptionMapper = new GafferExceptionMapper();
    ResponseEntity<?> response = gafferExceptionMapper.handleUnauthorisedException(null, new UnauthorisedException("nah"));
    // Then
    assertEquals(FORBIDDEN.getStatusCode(), response.getStatusCode().value());
    assertEquals("nah", ((Error) response.getBody()).getSimpleMessage());
}

Also used : UnauthorisedException(uk.gov.gchq.gaffer.commonutil.exception.UnauthorisedException) Test(org.junit.jupiter.api.Test)

Aggregations

UnauthorisedException (uk.gov.gchq.gaffer.commonutil.exception.UnauthorisedException)3 SuppressFBWarnings (edu.umd.cs.findbugs.annotations.SuppressFBWarnings)1 IOException (java.io.IOException)1 ChunkedOutput (org.glassfish.jersey.server.ChunkedOutput)1 Test (org.junit.jupiter.api.Test)1 Error (uk.gov.gchq.gaffer.core.exception.Error)1 Operation (uk.gov.gchq.gaffer.operation.Operation)1 Context (uk.gov.gchq.gaffer.store.Context)1