org.springframework.security.access.AccessDeniedException.<init>()方法的使用及代码示例

x33g5p2x  于11个月前 转载在 其他  
字(11.2k)|赞(0)|评价(0)|浏览(40)

本文整理了Java中org.springframework.security.access.AccessDeniedException.<init>()方法的一些代码示例,展示了AccessDeniedException.<init>()的具体用法。这些代码示例主要来源于Github/Stackoverflow/Maven等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。AccessDeniedException.<init>()方法的具体详情如下:
包路径:org.springframework.security.access.AccessDeniedException
类名称:AccessDeniedException
方法名:<init>

AccessDeniedException.<init>介绍

[英]Constructs an AccessDeniedException with the specified message.
[中]使用指定的消息构造一个AccessDeniedException

代码示例

代码示例来源:origin: spring-projects/spring-security

public Object decide(Authentication authentication,
            Object object,
            Collection<ConfigAttribute> attributes,
            Object returnedObject) throws AccessDeniedException {
  throw new AccessDeniedException("custom AfterInvocationManager");
}

代码示例来源:origin: spring-projects/spring-security

public void decide(Authentication authentication, Object object, Collection<ConfigAttribute> configAttributes) {
  throw new AccessDeniedException("Always Denied");
}
public boolean supports(ConfigAttribute attribute) {

代码示例来源:origin: spring-projects/spring-security

@Override
public void decide(Authentication authentication, Object object, Collection<ConfigAttribute> configAttributes) throws AccessDeniedException, InsufficientAuthenticationException {
  throw new AccessDeniedException("teapot");
}

代码示例来源:origin: spring-projects/spring-security-oauth

@ExceptionHandler(HttpSessionRequiredException.class)
public ModelAndView handleHttpSessionRequiredException(HttpSessionRequiredException e, ServletWebRequest webRequest)
    throws Exception {
  logger.info("Handling Session required error: " + e.getMessage());
  return handleException(new AccessDeniedException("Could not obtain authorization request from session", e),
      webRequest);
}

代码示例来源:origin: geoserver/geoserver

public static RuntimeException unauthorizedAccess() {
  // not hide, and not filtering out a list, this
  // is an unauthorized direct resource access, complain
  Authentication user = user();
  if (user == null || user.getAuthorities().size() == 0)
    return new InsufficientAuthenticationException(
        "Operation unallowed with the current privileges");
  else return new AccessDeniedException("Operation unallowed with the current privileges");
}

代码示例来源:origin: geoserver/geoserver

public static RuntimeException unauthorizedAccess(String resourceName) {
  // not hide, and not filtering out a list, this
  // is an unauthorized direct resource access, complain
  Authentication user = user();
  if (user == null || user.getAuthorities().size() == 0)
    return new InsufficientAuthenticationException(
        "Cannot access " + resourceName + " as anonymous");
  else
    return new AccessDeniedException(
        "Cannot access " + resourceName + " with the current privileges");
}

代码示例来源:origin: spring-projects/spring-security-oauth

/**
 * Get the verification key for the token signatures. The principal has to
 * be provided only if the key is secret
 * (shared not public).
 * 
 * @param principal the currently authenticated user if there is one
 * @return the key used to verify tokens
 */
@RequestMapping(value = "/oauth/token_key", method = RequestMethod.GET)
@ResponseBody
public Map<String, String> getKey(Principal principal) {
  if ((principal == null || principal instanceof AnonymousAuthenticationToken) && !converter.isPublic()) {
    throw new AccessDeniedException("You need to authenticate to see a shared key");
  }
  Map<String, String> result = converter.getKey();
  return result;
}

代码示例来源:origin: spring-projects/spring-security

protected final void checkAllowIfAllAbstainDecisions() {
  if (!this.isAllowIfAllAbstainDecisions()) {
    throw new AccessDeniedException(messages.getMessage(
        "AbstractAccessDecisionManager.accessDenied", "Access is denied"));
  }
}

代码示例来源:origin: ctripcorp/apollo

@DeleteMapping(value = "/apps/{appId}/envs/{env}/clusters/{clusterName}/namespaces/{namespaceName}/branches/{branchName}")
public void deleteBranch(@PathVariable String appId,
             @PathVariable String env,
             @PathVariable String clusterName,
             @PathVariable String namespaceName,
             @PathVariable String branchName) {
 boolean canDelete = permissionValidator.hasReleaseNamespacePermission(appId, namespaceName, env) ||
     (permissionValidator.hasModifyNamespacePermission(appId, namespaceName, env) &&
          releaseService.loadLatestRelease(appId, Env.valueOf(env), branchName, namespaceName) == null);
 if (!canDelete) {
  throw new AccessDeniedException("Forbidden operation. "
                  + "Caused by: 1.you don't have release permission "
                  + "or 2. you don't have modification permission "
                  + "or 3. you have modification permission but branch has been released");
 }
 namespaceBranchService.deleteBranch(appId, Env.valueOf(env), clusterName, namespaceName, branchName);
}

代码示例来源:origin: org.springframework.security/spring-security-core

protected final void checkAllowIfAllAbstainDecisions() {
  if (!this.isAllowIfAllAbstainDecisions()) {
    throw new AccessDeniedException(messages.getMessage(
        "AbstractAccessDecisionManager.accessDenied", "Access is denied"));
  }
}

代码示例来源:origin: cloudfoundry/uaa

public void checkIdentityZone(IdentityZone identityZone) {
  if (IdentityZone.getUaa().equals(identityZone)) {
    throw new AccessDeniedException("Access to UAA is not allowed.");
  }
}

代码示例来源:origin: cloudfoundry/uaa

private String getCurrentUserId() {
  if (!securityContextAccessor.isUser()) {
    throw new AccessDeniedException("Approvals can only be managed by a user");
  }
  return securityContextAccessor.getUserId();
}

代码示例来源:origin: ctripcorp/apollo

@PreAuthorize(value = "@consumerPermissionValidator.hasModifyNamespacePermission(#request, #appId, #namespaceName, #env)")
@DeleteMapping(value = "/apps/{appId}/clusters/{clusterName}/namespaces/{namespaceName}/branches/{branchName}")
public void deleteBranch(@PathVariable String appId,
             @PathVariable String env,
             @PathVariable String clusterName,
             @PathVariable String namespaceName,
             @PathVariable String branchName,
             @RequestParam("operator") String operator,
             HttpServletRequest request) {
  RequestPrecondition.checkArguments(!StringUtils.isContainEmpty(operator),"operator can not be empty");
  if (userService.findByUserId(operator) == null) {
    throw new BadRequestException("operator " + operator + " not exists");
  }
  boolean canDelete = consumerPermissionValidator.hasReleaseNamespacePermission(request, appId, namespaceName, env) ||
    (consumerPermissionValidator.hasModifyNamespacePermission(request, appId, namespaceName, env) &&
      releaseService.loadLatestRelease(appId, Env.valueOf(env), branchName, namespaceName) == null);
  if (!canDelete) {
    throw new AccessDeniedException("Forbidden operation. "
      + "Caused by: 1.you don't have release permission "
      + "or 2. you don't have modification permission "
      + "or 3. you have modification permission but branch has been released");
  }
  namespaceBranchService.deleteBranch(appId, Env.valueOf(env.toUpperCase()), clusterName, namespaceName, branchName, operator);
}

代码示例来源:origin: spring-projects/spring-security

/**
   * Determines if access should be granted for a specific authentication and object
   *

   * @param authentication the Authentication to check
   * @param object the object to check
   * @return an empty Mono if authorization is granted or a Mono error if access is
   * denied
   */
  default Mono<Void> verify(Mono<Authentication> authentication, T object) {
    return check(authentication, object)
      .filter( d -> d.isGranted())
      .switchIfEmpty(Mono.defer(() -> Mono.error(new AccessDeniedException("Access Denied"))))
      .flatMap( d -> Mono.empty() );
  }
}

代码示例来源:origin: spring-projects/spring-security

@Test(expected = AccessDeniedException.class)
public void preSendDeny() throws Exception {
  when(source.getAttributes(message)).thenReturn(attrs);
  doThrow(new AccessDeniedException("")).when(accessDecisionManager).decide(
      any(Authentication.class), eq(message), eq(attrs));
  interceptor.preSend(message, channel);
}

代码示例来源:origin: spring-projects/spring-security

@SuppressWarnings("unchecked")
@Test
public void callbackIsNotInvokedWhenPermissionDenied() throws Exception {
  doThrow(new AccessDeniedException("denied")).when(adm).decide(
      any(), any(), any());
  SecurityContextHolder.getContext().setAuthentication(token);
  try {
    interceptor.invoke(joinPoint, aspectJCallback);
    fail("Expected AccessDeniedException");
  }
  catch (AccessDeniedException expected) {
  }
  verify(aspectJCallback, never()).proceedWithObject();
}

代码示例来源:origin: ctripcorp/apollo

@PutMapping(value = "/apps/{appId}/namespaces/{namespaceName}/items", consumes = {"application/json"})
public ResponseEntity<Void> update(@PathVariable String appId, @PathVariable String namespaceName,
                  @RequestBody NamespaceSyncModel model) {
 checkModel(!model.isInvalid());
 boolean hasPermission = permissionValidator.hasModifyNamespacePermission(appId, namespaceName);
 Env envNoPermission = null;
 // if uses has ModifyNamespace permission then he has permission
 if (!hasPermission) {
  // else check if user has every env's ModifyNamespace permission
  hasPermission = true;
  for (NamespaceIdentifier namespaceIdentifier : model.getSyncToNamespaces()) {
   // once user has not one of the env's ModifyNamespace permission, then break the loop
   hasPermission &= permissionValidator.hasModifyNamespacePermission(namespaceIdentifier.getAppId(), namespaceIdentifier.getNamespaceName(), namespaceIdentifier.getEnv().toString());
   if (!hasPermission) {
    envNoPermission = namespaceIdentifier.getEnv();
    break;
   }
  }
 }
 if (hasPermission) {
  configService.syncItems(model.getSyncToNamespaces(), model.getSyncItems());
  return ResponseEntity.status(HttpStatus.OK).build();
 }
 else
  throw new AccessDeniedException(String.format("您没有修改环境%s的权限", envNoPermission));
}

代码示例来源:origin: spring-projects/spring-security

@Test
public void declinesAccessUsingCreate() throws Exception {
  Object object = new TargetObject();
  final MethodInvocation mi = MethodInvocationUtils.create(object, "makeLowerCase",
      "foobar");
  MethodInvocationPrivilegeEvaluator mipe = new MethodInvocationPrivilegeEvaluator();
  mipe.setSecurityInterceptor(interceptor);
  when(mds.getAttributes(mi)).thenReturn(role);
  doThrow(new AccessDeniedException("rejected")).when(adm).decide(token, mi, role);
  assertThat(mipe.isAllowed(mi, token)).isFalse();
}

代码示例来源:origin: spring-projects/spring-security

@Test
  public void declinesAccessUsingCreateFromClass() throws Exception {
    final MethodInvocation mi = MethodInvocationUtils.createFromClass(
        new OtherTargetObject(), ITargetObject.class, "makeLowerCase",
        new Class[] { String.class }, new Object[] { "helloWorld" });

    MethodInvocationPrivilegeEvaluator mipe = new MethodInvocationPrivilegeEvaluator();
    mipe.setSecurityInterceptor(interceptor);
    when(mds.getAttributes(mi)).thenReturn(role);
    doThrow(new AccessDeniedException("rejected")).when(adm).decide(token, mi, role);

    assertThat(mipe.isAllowed(mi, token)).isFalse();
  }
}

代码示例来源:origin: ctripcorp/apollo

@PutMapping(path = "/envs/{env}/releases/{releaseId}/rollback")
 public void rollback(@PathVariable String env,
            @PathVariable long releaseId) {
  ReleaseDTO release = releaseService.findReleaseById(Env.valueOf(env), releaseId);

  if (release == null) {
   throw new NotFoundException("release not found");
  }

  if (!permissionValidator.hasReleaseNamespacePermission(release.getAppId(), release.getNamespaceName(), env)) {
   throw new AccessDeniedException("Access is denied");
  }

  releaseService.rollback(Env.valueOf(env), releaseId);

  ConfigPublishEvent event = ConfigPublishEvent.instance();
  event.withAppId(release.getAppId())
    .withCluster(release.getClusterName())
    .withNamespace(release.getNamespaceName())
    .withPreviousReleaseId(releaseId)
    .setRollbackEvent(true)
    .setEnv(Env.valueOf(env));

  publisher.publishEvent(event);
 }
}

相关文章

最新文章

更多