Package be.c4j.ee.security.exception

Examples of be.c4j.ee.security.exception.OctopusUnauthorizedException


        Method method = context.getMethod();

        Set<?> annotations = getAllAnnotations(classType, method);
        if (!hasAnnotation(annotations, PermitAll.class)) {
            if (annotations.isEmpty()) {
                throw new OctopusUnauthorizedException("No Authorization requirements available", infoProducer.getViolationInfo(context));
            }

            if (!subject.isAuthenticated() && hasAnnotation(annotations, RequiresAuthentication.class)) {
                throw new OctopusUnauthorizedException("Authentication required", infoProducer.getViolationInfo(context));
            }

            if (subject.getPrincipal() != null && hasAnnotation(annotations, RequiresGuest.class)) {
                throw new OctopusUnauthorizedException("Guest required", infoProducer.getViolationInfo(context));
            }

            if (subject.getPrincipal() == null && hasAnnotation(annotations, RequiresUser.class)) {
                throw new OctopusUnauthorizedException("User required", infoProducer.getViolationInfo(context));
            }

            // TODO Verify how this can be configured. They are the shiro ones.
            RequiresRoles roles = getAnnotation(annotations, RequiresRoles.class);

            if (roles != null) {
                subject.checkRoles(Arrays.asList(roles.value()));
            }

            RequiresPermissions permissions = getAnnotation(annotations, RequiresPermissions.class);

            if (permissions != null) {
                subject.checkPermissions(permissions.value());
            }

            if (config.getNamedPermissionCheckClass() != null) {

                Annotation namedPermissionCheck = getAnnotation(annotations, config.getNamedPermissionCheckClass());
                if (namedPermissionCheck != null) {
                    Set<SecurityViolation> securityViolations = performNamedPermissionChecks(namedPermissionCheck, context);
                    if (!securityViolations.isEmpty()) {

                        throw new OctopusUnauthorizedException(securityViolations);
                    }
                }
            }

            if (config.getNamedRoleCheckClass() != null) {

                Annotation namedRoleCheck = getAnnotation(annotations, config.getNamedRoleCheckClass());
                if (namedRoleCheck != null) {
                    Set<SecurityViolation> securityViolations = performNamedRoleChecks(namedRoleCheck, context);
                    if (!securityViolations.isEmpty()) {

                        throw new OctopusUnauthorizedException(securityViolations);
                    }
                }
            }

            CustomVoterCheck customCheck = getAnnotation(annotations, CustomVoterCheck.class);

            if (customCheck != null) {
                Set<SecurityViolation> securityViolations = performCustomChecks(customCheck, context);
                if (!securityViolations.isEmpty()) {

                    throw new OctopusUnauthorizedException(securityViolations);
                }
            }

        }
View Full Code Here

TOP

Related Classes of be.c4j.ee.security.exception.OctopusUnauthorizedException

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.