Examples of org.apache.shiro.authz.UnauthorizedException

• org.apache.shiro.authz.UnauthorizedException
  Thrown to indicate a requested operation or access to a requested resource is not allowed. @author Les Hazlewood @since 0.1

    }

    protected void checkPermission(Permission permission, AuthorizationInfo info) {
        if (!isPermitted(permission, info)) {
            String msg = "User is not permitted [" + permission + "]";
            throw new UnauthorizedException(msg);
        }
    }

    }

    protected void checkRole(String role, AuthorizationInfo info) {
        if (!hasRole(role, info)) {
            String msg = "User does not have role [" + role + "]";
            throw new UnauthorizedException(msg);
        }
    }

      if (v.length == 3) {
        // 进行初次验证，确保shiro中用户的权限被初始化。
        if (!firstPermitted) {
          Subject subject = SecurityUtils.getSubject();
          if (!subject.isPermitted(p)){
            throw new UnauthorizedException("数据权限验证失败！");
          }
          firstPermitted = true;
        }

        try {
          // 把内部动态查询参数常量，logical放入request
          request.setAttribute(SecurityConstants.NEST_DYNAMIC_SEARCH_LOGICAL, logical);
          boolean checkResult = (check(request, response, method, v[0], v[2]) == true) ? true : false;
          if (!checkResult) {
            throw new UnauthorizedException("数据权限验证失败！");
          }

          if (checkResult == true && logical.equals(Logical.OR)) {
            return true;
          }
        } catch (Exception e) {
          logger.error(Exceptions.getStackTraceAsString(e));
          throw new UnauthorizedException("数据权限验证失败！");
        }
      }
    }

    return true;

    @Test
    public void testUnauthorizedRedirectsToHome_exception() throws Exception
    {
        mockAuthenticated();
        this.tester.startPage(new ExceptionalPage(new UnauthorizedException()));
        assertRedirectsToHome();
    }

    @Test
    public void testUnauthorizedRedirectsToHome_annotatedChild() throws Exception
    {
        mockAuthenticated();
        doThrow(new UnauthorizedException())
            .when(this.mockSubject).checkRole("test-role");

        this.tester.startPage(AnnotatedUnauthorizedChildPage.class);
        assertRedirectsToHome();
    }

    @Test
    public void testUnauthorizedRedirectsToHome_annotated() throws Exception
    {
        mockAuthenticated();
        doThrow(new UnauthorizedException())
            .when(this.mockSubject).checkRole("test-role");

        this.tester.startPage(AnnotatedUnauthorizedPage.class);
        assertRedirectsToHome();
    }

        Collection<Permission> perms = this.actionPermissionResolver.getPermissions(action);

        if (!subject.isPermittedAll(perms)) {
            String msg = createUnauthorizedMessage(subject, action, verbText);
            throw new UnauthorizedException(msg);
        }
    }

        if (roles.length == 1) {
            if (!getSubject().hasRole(roles[0])) {
                String msg = "Calling Subject does not have required role [" + roleId + "].  " +
                        "MethodInvocation denied.";
                throw new UnauthorizedException(msg);
            }
        }
        else {
            Set<String> rolesSet = new LinkedHashSet<String>(Arrays.asList(roles));
            if (!getSubject().hasAllRoles(rolesSet)) {
                String msg = "Calling Subject does not have required roles [" + roleId + "].  " +
                        "MethodInvocation denied.";
                throw new UnauthorizedException(msg);
            }
        }
    }

            Object permission = constructor.newInstance(new Object[] { ann.target(), ann.actions() });

            if (!getSubject().isPermitted((Permission) permission)) {
                String msg = "Calling Subject does not have required permission [" + permission + "].  " +
                        "Method invocation denied.";
                throw new UnauthorizedException(msg);
            }
        }
        catch (Exception ex) {
            throw new RuntimeException(ex);
        }