Java Code Examples for org.springframework.extensions.webscripts.Status#STATUS_FORBIDDEN
The following examples show how to use
org.springframework.extensions.webscripts.Status#STATUS_FORBIDDEN .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: DocLinkPost.java From alfresco-remote-api with GNU Lesser General Public License v3.0 | 6 votes |
/** * Create link for sourceNodeRef in destinationNodeRef location * * @param destinationNodeRef * @param sourceNodeRef * @return */ private NodeRef createLink(NodeRef destinationNodeRef, NodeRef sourceNodeRef) { NodeRef linkNodeRef = null; try { linkNodeRef = documentLinkService.createDocumentLink(sourceNodeRef, destinationNodeRef); } catch (IllegalArgumentException ex) { throw new WebScriptException(Status.STATUS_BAD_REQUEST, "Invalid Arguments: " + ex.getMessage()); } catch (AccessDeniedException e) { throw new WebScriptException(Status.STATUS_FORBIDDEN, "You don't have permission to perform this operation"); } return linkNodeRef; }
Example 2
Source File: InvitationDelete.java From alfresco-remote-api with GNU Lesser General Public License v3.0 | 6 votes |
protected void checkAndCancelTheInvitation(final String invId, String siteShortName) { Invitation invitation = null; try { invitation = invitationService.getInvitation(invId); } catch (org.alfresco.service.cmr.invitation.InvitationExceptionNotFound ienf) { throwInvitationNotFoundException(invId, siteShortName); } if (invitation == null) { throwInvitationNotFoundException(invId, siteShortName); } // check that this invitation really belongs to the specified siteShortName if (invitation != null && invitation.getResourceName() != null && !siteShortName.equals(invitation.getResourceName())) { throw new WebScriptException(Status.STATUS_FORBIDDEN, "Unable to cancel workflow"); } invitationService.cancel(invId); }
Example 3
Source File: AbstractArchivedNodeWebScript.java From alfresco-remote-api with GNU Lesser General Public License v3.0 | 5 votes |
protected void validatePermission(NodeRef nodeRef, String currentUser) { if (!nodeArchiveService.hasFullAccess(nodeRef)) { throw new WebScriptException(Status.STATUS_FORBIDDEN, "You don't have permission to act on the node."); } }
Example 4
Source File: InviteByTicket.java From alfresco-remote-api with GNU Lesser General Public License v3.0 | 5 votes |
private Map<String, Object> execute(WebScriptRequest req, Status status) { // initialise model to pass on for template to render Map<String, Object> model = new HashMap<String, Object>(); // get inviteId and inviteTicket String inviteId = req.getServiceMatch().getTemplateVars().get("inviteId"); String inviteTicket = req.getServiceMatch().getTemplateVars().get("inviteTicket"); try { Invitation invitation = invitationService.getInvitation(inviteId); if (invitation instanceof NominatedInvitation) { NominatedInvitation theInvitation = (NominatedInvitation)invitation; String ticket = theInvitation.getTicket(); if (ticket == null || (! ticket.equals(inviteTicket))) { throw new WebScriptException(Status.STATUS_NOT_FOUND, "Ticket mismatch"); } // return the invite info model.put("invite", toInviteInfo(theInvitation)); return model; } else { // Not a nominated invitation throw new WebScriptException(Status.STATUS_FORBIDDEN, "Not a nominated invitation"); } } catch (InvitationExceptionNotFound nfe) { throw new WebScriptException(Status.STATUS_NOT_FOUND, "No invite found for given id"); } }
Example 5
Source File: DocLinksDelete.java From alfresco-remote-api with GNU Lesser General Public License v3.0 | 4 votes |
@Override protected Map<String, Object> executeImpl(WebScriptRequest req, Status status, Cache cache) { NodeRef destinationNodeRef = null; /* Parse the template vars */ Map<String, String> templateVars = req.getServiceMatch().getTemplateVars(); destinationNodeRef = parseNodeRefFromTemplateArgs(templateVars); /* Delete links */ DeleteLinksStatusReport report; try { report = documentLinkService.deleteLinksToDocument(destinationNodeRef); } catch (IllegalArgumentException ex) { throw new WebScriptException(Status.STATUS_BAD_REQUEST, "Invalid Arguments: " + ex.getMessage()); } catch (AccessDeniedException e) { throw new WebScriptException(Status.STATUS_FORBIDDEN, "You don't have permission to perform this operation"); } /* Build response */ Map<String, Object> model = new HashMap<String, Object>(); model.put("total_count", report.getTotalLinksFoundCount()); model.put("deleted_count", report.getDeletedLinksCount()); Map<String, String> errorDetails = new HashMap<String, String>(); Iterator<Entry<NodeRef, Throwable>> it = report.getErrorDetails().entrySet().iterator(); while (it.hasNext()) { Map.Entry<NodeRef, Throwable> pair = it.next(); Throwable th = pair.getValue(); errorDetails.put(pair.getKey().toString(), th.getMessage()); } model.put("error_details", errorDetails); return model; }
Example 6
Source File: InvitationDelete.java From alfresco-remote-api with GNU Lesser General Public License v3.0 | 4 votes |
@Override protected Map<String, Object> executeImpl(WebScriptRequest req, Status status, Cache cache) { Map<String, Object> model = new HashMap<String, Object>(); Map<String, String> templateVars = req.getServiceMatch().getTemplateVars(); final String siteShortName = templateVars.get("shortname"); final String invitationId = templateVars.get("invitationId"); validateParameters(siteShortName, invitationId); try { // MNT-9905 Pending Invites created by one site manager aren't visible to other site managers String currentUser = AuthenticationUtil.getRunAsUser(); if (siteShortName != null && (SiteModel.SITE_MANAGER).equals(siteService.getMembersRole(siteShortName, currentUser))) { RunAsWork<Void> runAsSystem = new RunAsWork<Void>() { @Override public Void doWork() throws Exception { checkAndCancelTheInvitation(invitationId, siteShortName); return null; } }; AuthenticationUtil.runAs(runAsSystem, AuthenticationUtil.getSystemUserName()); } else { checkAndCancelTheInvitation(invitationId, siteShortName); } } catch (InvitationExceptionForbidden fe) { throw new WebScriptException(Status.STATUS_FORBIDDEN, "Unable to cancel workflow", fe); } catch (AccessDeniedException ade) { throw new WebScriptException(Status.STATUS_FORBIDDEN, "Unable to cancel workflow", ade); } return model; }
Example 7
Source File: CustomModelUploadPost.java From alfresco-remote-api with GNU Lesser General Public License v3.0 | 4 votes |
@Override protected Map<String, Object> executeImpl(WebScriptRequest req, Status status, Cache cache) { if (!customModelService.isModelAdmin(AuthenticationUtil.getFullyAuthenticatedUser())) { throw new WebScriptException(Status.STATUS_FORBIDDEN, PermissionDeniedException.DEFAULT_MESSAGE_ID); } FormData formData = (FormData) req.parseContent(); if (formData == null || !formData.getIsMultiPart()) { throw new WebScriptException(Status.STATUS_BAD_REQUEST, "cmm.rest_api.model.import_not_multi_part_req"); } ImportResult resultData = null; boolean processed = false; for (FormData.FormField field : formData.getFields()) { if (field.getIsFile()) { final String fileName = field.getFilename(); File tempFile = createTempFile(field.getInputStream()); try (ZipFile zipFile = new ZipFile(tempFile, StandardCharsets.UTF_8)) { resultData = processUpload(zipFile, field.getFilename()); } catch (ZipException ze) { throw new WebScriptException(Status.STATUS_BAD_REQUEST, "cmm.rest_api.model.import_not_zip_format", new Object[] { fileName }); } catch (IOException io) { throw new WebScriptException(Status.STATUS_INTERNAL_SERVER_ERROR, "cmm.rest_api.model.import_process_zip_file_failure", io); } finally { // now the import is done, delete the temp file tempFile.delete(); } processed = true; break; } } if (!processed) { throw new WebScriptException(Status.STATUS_BAD_REQUEST, "cmm.rest_api.model.import_no_zip_file_uploaded"); } // If we get here, then importing the custom model didn't throw any exceptions. Map<String, Object> model = new HashMap<>(2); model.put("importedModelName", resultData.getImportedModelName()); model.put("shareExtXMLFragment", resultData.getShareExtXMLFragment()); return model; }