Example #1
0
 private AccessControlException checkWritePrincipalPermission(
     PlatypusPrincipal aPrincipal, String aEntityId, Set<String> writeRoles) {
   if (writeRoles != null && !writeRoles.isEmpty()) {
     if (aPrincipal == null || !aPrincipal.hasAnyRole(writeRoles)) {
       return new AccessControlException(
           String.format(
               "Access denied for write (entity: %s) for '%s'.",
               aEntityId != null ? aEntityId : "",
               aPrincipal != null ? aPrincipal.getName() : null),
           aPrincipal instanceof AnonymousPlatypusPrincipal ? new AuthPermission("*") : null);
     }
   }
   return null;
 }
Example #2
0
 /**
  * Checks module roles.
  *
  * @param anAllowedRoles
  * @param aSubjectName
  * @throws AccessControlException
  */
 public static void checkPrincipalPermission(Set<String> anAllowedRoles, String aSubjectName)
     throws AccessControlException {
   if (anAllowedRoles != null && !anAllowedRoles.isEmpty()) {
     try {
       PlatypusPrincipal principal = (PlatypusPrincipal) Scripts.getContext().getPrincipal();
       if (principal == null || !principal.hasAnyRole(anAllowedRoles)) {
         throw new AccessControlException(
             String.format(
                 "Access denied to %s for '%s'.", // NOI18N
                 aSubjectName, principal != null ? principal.getName() : null),
             principal instanceof AnonymousPlatypusPrincipal ? new AuthPermission("*") : null);
       }
     } catch (Exception ex) {
       if (ex instanceof AccessControlException) {
         throw ex;
       } else {
         throw new AccessControlException(ex.getMessage());
       }
     }
   }
 }