Examples of javax.jcr.AccessDeniedException

• javax.jcr.AccessDeniedException

            return;
        }

        // check authorization for specified workspace
        if (!session.getAccessManager().canAccess(srcWorkspace)) {
            throw new AccessDeniedException("not authorized to access " + srcWorkspace);
        }

        // copy (i.e. pull) subtree at srcAbsPath from srcWorkspace
        // to 'this' workspace at destAbsPath

               AccessControlList acl = refParent.getACL();
               AccessManager am = session.getAccessManager();

               if (!am.hasPermission(acl, PermissionType.READ, session.getUserState().getIdentity()))
               {
                  throw new AccessDeniedException("Can not delete node " + refNode.getQPath() + " ("
                     + refNode.getIdentifier() + ")" + ". It is currently the target of a REFERENCE property and "
                     + refProp.getQPath().getAsString());
               }
               throw new ReferentialIntegrityException("Can not delete node " + refNode.getQPath() + " ("
                  + refNode.getIdentifier() + ")" + ". It is currently the target of a REFERENCE property "

         if (apiRead)
         {
            if (!item.hasPermission(PermissionType.READ))
            {
               throw new AccessDeniedException("Access denied " + itemData.getQPath().getAsString() + " for "
                  + session.getUserID());
            }
            session.getActionHandler().postRead(item);
         }

         invalidated.clear();
      }
      catch (AccessDeniedException e)
      {
         remainChangesBack(cLog);
         throw new AccessDeniedException(e);
      }
      catch (InvalidItemStateException e)
      {
         remainChangesBack(cLog);
         throw new InvalidItemStateException(e);

         if (changedItem.isDeleted())
         {
            if (!accessManager.hasPermission(parent.getACL(), new String[]{PermissionType.REMOVE}, session
               .getUserState().getIdentity()))
            {
               throw new AccessDeniedException("Access denied: REMOVE "
                  + changedItem.getData().getQPath().getAsString() + " for: " + session.getUserID() + " item owner "
                  + parent.getACL().getOwner());
            }
         }
         else if (changedItem.getData().isNode())
         {
            // add node
            if (changedItem.isAdded())
            {
               if (!accessManager.hasPermission(parent.getACL(), new String[]{PermissionType.ADD_NODE}, session
                  .getUserState().getIdentity()))
               {
                  throw new AccessDeniedException("Access denied: ADD_NODE "
                     + changedItem.getData().getQPath().getAsString() + " for: " + session.getUserID() + " item owner "
                     + parent.getACL().getOwner());
               }
            }
         }
         else if (changedItem.isAdded() || changedItem.isUpdated())
         {
            // add or update property
            if (!accessManager.hasPermission(parent.getACL(), new String[]{PermissionType.SET_PROPERTY}, session
               .getUserState().getIdentity()))
            {
               throw new AccessDeniedException("Access denied: SET_PROPERTY "
                  + changedItem.getData().getQPath().getAsString() + " for: " + session.getUserID() + " item owner "
                  + parent.getACL().getOwner());
            }
         }
      } // else - parent not found, deleted in this session or from another

         if (apiRead)
         {
            if (!item.hasPermission(PermissionType.READ))
            {
               throw new AccessDeniedException("Access denied " + itemData.getQPath().getAsString() + " for "
                  + session.getUserID());
            }
            session.getActionHandler().postRead(item);
         }

         invalidated.clear();
      }
      catch (AccessDeniedException e)
      {
         remainChangesBack(cLog);
         throw new AccessDeniedException(e);
      }
      catch (InvalidItemStateException e)
      {
         remainChangesBack(cLog);
         throw new InvalidItemStateException(e);

         if (changedItem.isDeleted())
         {
            if (!accessManager.hasPermission(parent.getACL(), new String[]{PermissionType.REMOVE}, session
               .getUserState().getIdentity()))
            {
               throw new AccessDeniedException("Access denied: REMOVE "
                  + changedItem.getData().getQPath().getAsString() + " for: " + session.getUserID() + " item owner "
                  + parent.getACL().getOwner());
            }
         }
         else if (changedItem.getData().isNode())
         {
            // add node
            if (changedItem.isAdded())
            {
               if (!accessManager.hasPermission(parent.getACL(), new String[]{PermissionType.ADD_NODE}, session
                  .getUserState().getIdentity()))
               {
                  throw new AccessDeniedException("Access denied: ADD_NODE "
                     + changedItem.getData().getQPath().getAsString() + " for: " + session.getUserID() + " item owner "
                     + parent.getACL().getOwner());
               }
            }
         }
         else if (changedItem.isAdded() || changedItem.isUpdated())
         {
            // add or update property
            if (!accessManager.hasPermission(parent.getACL(), new String[]{PermissionType.SET_PROPERTY}, session
               .getUserState().getIdentity()))
            {
               throw new AccessDeniedException("Access denied: SET_PROPERTY "
                  + changedItem.getData().getQPath().getAsString() + " for: " + session.getUserID() + " item owner "
                  + parent.getACL().getOwner());
            }
         }
      } // else - parent not found, deleted in this session or from another

         if (apiRead)
         {
            if (!item.hasPermission(PermissionType.READ))
            {
               throw new AccessDeniedException("Access denied " + itemData.getQPath().getAsString() + " for "
                  + session.getUserID());
            }
            session.getActionHandler().postRead(item);
         }

         invalidated.clear();
      }
      catch (AccessDeniedException e)
      {
         remainChangesBack(cLog);
         throw new AccessDeniedException(e);
      }
      catch (InvalidItemStateException e)
      {
         remainChangesBack(cLog);
         throw new InvalidItemStateException(e);