Package org.fao.geonet.exceptions

Examples of org.fao.geonet.exceptions.OperationNotAllowedEx

144
145
146
147
148
149
150
151
  public void denyAccess(ServiceContext context) throws Exception {
    if (context.getUserSession().isAuthenticated()) {
      throw new AccessDeniedException("User is not permitted to access this resource");
    } else {
      throw new OperationNotAllowedEx();
    }
  }
View Full Code Here
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
        int ownerId = context.getUserSession().getUserIdAsInt();
        Profile userProfile = context.getUserSession().getProfile();

        if (userProfile == null) {
            throw new OperationNotAllowedEx("Unauthorized user attempted to list editable metadata ");
        }

        Specifications<Metadata> spec;
        // if the user is an admin, return all metadata
        if(userProfile == Profile.Administrator) {
            spec = where(MetadataSpecs.isHarvested(false));
        } else if(userProfile == Profile.Reviewer || userProfile == Profile.UserAdmin) {
            final List<UserGroup> groups = context.getBean(UserGroupRepository.class).findAll(UserGroupSpecs.hasUserId(ownerId));
            List<Integer> groupIds = Lists.transform(groups, new Function<UserGroup, Integer>() {
                @Nullable
                @Override
                public Integer apply(@Nonnull UserGroup input) {
                    return input.getId().getGroupId();
                }
            });
            spec = where(MetadataSpecs.isHarvested(false)).and(MetadataSpecs.isOwnedByOneOfFollowingGroups(groupIds));
            // if the user is a reviewer, return all metadata of the user's groups
        } else if(userProfile == Profile.Editor) {
            spec = where(MetadataSpecs.isOwnedByUser(ownerId)).and(MetadataSpecs.isHarvested(false));
            // if the user is an editor, return metadata owned by this user
        } else {
            throw new OperationNotAllowedEx("Unauthorized user " + ownerId + " attempted to list editable metadata ");
        }

        // Sorting
        String sortBy = sortByParameter(params);
View Full Code Here
77
78
79
80
81
82
83
84
85
86
87
        if (!dataMan.existsMetadata(iLocalId)) {
            throw new IllegalArgumentException("Metadata with identifier '" + id + "' not found.");
        }

        if (!accessMan.canEdit(context, id)) {
            throw new OperationNotAllowedEx();
        }

        int iGroupOwner = Integer.parseInt(groupOwner);
        Group group = context.getBean(GroupRepository.class).findOne(iGroupOwner);
        if (group == null) {
View Full Code Here
84
85
86
87
88
89
90
91
92
93
94
      throw new UserNotFoundEx(username);
        }

    // only let registered users change their password this way 
    if ( elUser.getProfile() != Profile.RegisteredUser) {
      throw new OperationNotAllowedEx("Only users with profile RegisteredUser can change their password using this option");
        }
   
    // construct expected change key - only valid today
    String scrambledPassword = elUser.getPassword();
    Calendar cal = Calendar.getInstance();
View Full Code Here
62
63
64
65
66
67
68
69
70
71
72
    if (md == null)
      throw new IllegalArgumentException("Metadata not found --> " + id);

    if (!accessMan.canEdit(context, id))
      throw new OperationNotAllowedEx();

    //-----------------------------------------------------------------------
    //--- set metadata into the subversion repo

    dataMan.versionMetadata(context, id, md);
View Full Code Here
76
77
78
79
80
81
82
83
84
85
86
    if (metadata == null)
      throw new IllegalArgumentException("Metadata with identifier " + id + " not found.");

    if (!accessMan.canEdit(context, id))
      throw new OperationNotAllowedEx();

    //-----------------------------------------------------------------------
    //--- backup metadata in 'removed' folder

    if (metadata.getDataInfo().getType() != MetadataType.SUB_TEMPLATE && backupFile)
View Full Code Here
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
    //--- retrieve session user groups and check to see whether this user is
    //--- allowed to get this info
                List<Integer> adminList = userGroupRepository.findGroupIds(where(UserGroupSpecs.hasUserId(Integer.valueOf(myUserId)))
                        .or(UserGroupSpecs.hasUserId(Integer.valueOf(id))));
        if (adminList.isEmpty()) {
          throw new OperationNotAllowedEx("You don't have rights to do this because the user you want is not part of your group");
        }
      }

    //--- return data

      return elGroups;
    } else {
      throw new OperationNotAllowedEx("You don't have rights to do get the groups for this user");
    }

  }
View Full Code Here
TOP

Related Classes of org.fao.geonet.exceptions.OperationNotAllowedEx

  • org.fao.geonet.guiservices.metadata.GetByOwner
  • org.fao.geonet.lib.ResourceLib
  • org.fao.geonet.services.metadata.Delete
  • org.fao.geonet.services.metadata.UpdateGroupOwner
  • org.fao.geonet.services.metadata.Version
  • org.fao.geonet.services.password.Change
  • org.fao.geonet.services.user.UserGroups
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.