Package org.projectforge.access

Examples of org.projectforge.access.AccessException

199
200
201
202
203
204
205
206
207
  private void securityChecks(final String script)
  {
    final String[] forbiddenKeyWords = { "__baseDao", "__baseObject", "System.ex"};
    for (final String forbiddenKeyWord : forbiddenKeyWords) {
      if (StringUtils.contains(script, forbiddenKeyWord) == true) {
        throw new AccessException("access.exception.violation", forbiddenKeyWord);
      }
    }
  }
View Full Code Here
354
355
356
357
358
359
360
361
362
    if (result == false && obj.isDeleted() == false) {
      Validate.notNull(user);
      result = userGroupCache.isUserMemberOfGroup(user.getId(), obj.getId());
    }
    if (throwException == true && result == false) {
      throw new AccessException(AccessType.GROUP, OperationType.SELECT);
    }
    return result;
  }
View Full Code Here
83
84
85
86
87
88
89
90
91
    if (PFUserContext.getUser() == SYSTEM_ADMIN_PSEUDO_USER) {
      // No access check for the system admin pseudo user.
      return;
    }
    if (Login.getInstance().isAdminUser(PFUserContext.getUser()) == false) {
      throw new AccessException(AccessChecker.I18N_KEY_VIOLATION_USER_NOT_MEMBER_OF, ProjectForgeGroup.ADMIN_GROUP.getKey());
    }
    accessChecker.checkRestrictedOrDemoUser();
  }
View Full Code Here
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
  protected void checkInsertAccess(final PFUserDO user, final TaskDO obj) throws AccessException
  {
    super.checkInsertAccess(user, obj);
    if (accessChecker.isUserMemberOfGroup(user, ProjectForgeGroup.FINANCE_GROUP) == false) {
      if (obj.getProtectTimesheetsUntil() != null) {
        throw new AccessException("task.error.protectTimesheetsUntilReadonly");
      }
      if (obj.isProtectionOfPrivacy() == true) {
        throw new AccessException("task.error.protectionOfPrivacyReadonly");
      }
    }
    if (hasAccessForKost2AndTimesheetBookingStatus(user, obj) == false) {
      // Non project managers are not able to manipulate the following fields:
      if (StringUtils.isNotBlank(obj.getKost2BlackWhiteList()) == true || obj.isKost2IsBlackList() == true) {
        throw new AccessException("task.error.kost2Readonly");
      }
      if (obj.getTimesheetBookingStatus() != TimesheetBookingStatus.DEFAULT) {
        throw new AccessException("task.error.timesheetBookingStatus2Readonly");
      }
    }
  }
View Full Code Here
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
      }
      if (dbObj.getProtectTimesheetsUntil() != null) {
        ts2 = dbObj.getProtectTimesheetsUntil().getTime();
      }
      if (ObjectUtils.equals(ts1, ts2) == false) {
        throw new AccessException("task.error.protectTimesheetsUntilReadonly");
      }
      if (ObjectUtils.equals(obj.isProtectionOfPrivacy(), dbObj.isProtectionOfPrivacy()) == false) {
        throw new AccessException("task.error.protectionOfPrivacyReadonly");
      }
    }
    if (hasAccessForKost2AndTimesheetBookingStatus(user, obj) == false) {
      // Non project managers are not able to manipulate the following fields:
      if (ObjectUtils.equals(obj.getKost2BlackWhiteList(), dbObj.getKost2BlackWhiteList()) == false
          || obj.isKost2IsBlackList() != dbObj.isKost2IsBlackList()) {
        throw new AccessException("task.error.kost2Readonly");
      }
      if (obj.getTimesheetBookingStatus() != dbObj.getTimesheetBookingStatus()) {
        throw new AccessException("task.error.timesheetBookingStatus2Readonly");
      }
    }
  }
View Full Code Here
285
286
287
288
289
290
291
  private void databaseNotEmpty()
  {
    final String msg = "Database seems to be not empty. Initialization of database aborted.";
    log.error(msg);
    throw new AccessException(msg);
  }
View Full Code Here
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
      if (doLog == true) {
        log.info(ex.toString() + ExceptionHelper.getFilteredStackTrace(ex, ONLY4NAMESPACE));
      }
      return securedPage.translateParams(ex.getI18nKey(), ex.getMsgParams(), ex.getParams());
    } else if (exception instanceof AccessException) {
      final AccessException ex = (AccessException) exception;
      if (doLog == true) {
        log.info(ex.toString() + ExceptionHelper.getFilteredStackTrace(ex, ONLY4NAMESPACE));
      }
      if (ex.getParams() != null) {
        return securedPage.getLocalizedMessage(ex.getI18nKey(), ex.getParams());
      } else {
        return securedPage.translateParams(ex.getI18nKey(), ex.getMessageArgs(), ex.getParams());
      }
    }
    throw new UnsupportedOperationException("For developer: Please add unknown ProjectForgeException here!", exception);
  }
View Full Code Here
227
228
229
230
231
232
233
234
235
        || accessChecker.isUserMemberOfGroup(user, ProjectForgeGroup.FINANCE_GROUP, ProjectForgeGroup.CONTROLLING_GROUP);
    if (result == false && obj.hasSystemAccess() == true) {
      result = accessChecker.areUsersInSameGroup(user, obj);
    }
    if (throwException == true && result == false) {
      throw new AccessException(user, AccessType.GROUP, OperationType.SELECT);
    }
    return result;
  }
View Full Code Here
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
      } else if (task.getTimesheetBookingStatus() == TimesheetBookingStatus.TREE_CLOSED) {
        errorMessage = "timesheet.error.taskNotBookable.treeClosedForBooking";
      }
      if (errorMessage != null) {
        if (throwException == true) {
          throw new AccessException(errorMessage, task.getTitle() + " (#" + task.getId() + ")");
        }
        return false;
      }
      node = node.getParent();
    } while (node != null);
    // 2. Has the task the booking status NO_BOOKING?
    TimesheetBookingStatus bookingStatus = taskNode.getTask().getTimesheetBookingStatus();
    node = taskNode;
    while (bookingStatus == TimesheetBookingStatus.INHERIT && node.getParent() != null) {
      node = node.getParent();
      bookingStatus = node.getTask().getTimesheetBookingStatus();
    }
    if (bookingStatus == TimesheetBookingStatus.NO_BOOKING) {
      if (throwException == true) {
        throw new AccessException("timesheet.error.taskNotBookable.taskClosedForBooking", taskNode.getTask().getTitle()
            + " (#"
            + taskNode.getId()
            + ")");
      }
      return false;
    }
    if (taskNode.hasChilds() == true) {
      // 3. Is the task not a leaf node and has this task or ancestor task the booking status ONLY_LEAFS?
      node = taskNode;
      do {
        final TaskDO task = node.getTask();
        if (task.getTimesheetBookingStatus() == TimesheetBookingStatus.ONLY_LEAFS) {
          if (throwException == true) {
            throw new AccessException("timesheet.error.taskNotBookable.onlyLeafsAllowedForBooking", taskNode.getTask().getTitle()
                + " (#"
                + taskNode.getId()
                + ")");
          }
          return false;
        }
        node = node.getParent();
      } while (node != null);
      // 4. Does any of the descendant task node has an assigned order position?
      for (final TaskNode child : taskNode.getChilds()) {
        if (taskTree.hasOrderPositions(child.getId(), true) == true) {
          if (throwException == true) {
            throw new AccessException("timesheet.error.taskNotBookable.orderPositionsFoundInSubTasks", taskNode.getTask().getTitle()
                + " (#"
                + taskNode.getId()
                + ")");
          }
          return false;
View Full Code Here
745
746
747
748
749
750
751
752
753
754
755
      }
      final DateHolder dh = new DateHolder(date);
      dh.setEndOfDay();
      if (timesheet.getStartTime().before(dh.getDate()) == true) {
        if (throwException == true) {
          throw new AccessException("timesheet.error.timesheetProtectionVioloation", node.getTask().getTitle()
              + " (#"
              + node.getTaskId()
              + ")", DateHelper.formatIsoDate(dh.getDate()));
        }
        return false;
View Full Code Here
TOP

Related Classes of org.projectforge.access.AccessException

  • org.apache.commons.lang.builder.ToStringBuilder
  • org.projectforge.address.PersonalAddressDao
  • org.projectforge.core.MessageParam
  • org.projectforge.database.InitDatabaseDao
  • org.projectforge.database.MyDatabaseUpdateDao
  • org.projectforge.fibu.AuftragRight
  • org.projectforge.plugins.crm.PersonalContactDao
  • org.projectforge.scripting.GroovyExecutor
  • org.projectforge.task.TaskDao
  • org.projectforge.task.TaskDO
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.