dhis2-devs team mailing list archive

[noreply@xxxxxxxxxxxxx]

------------------------------------------------------------
revno: 19349
committer: Morten Olav Hansen <mortenoh@xxxxxxxxx>
branch nick: dhis2
timestamp: Thu 2015-06-11 09:55:55 +0700
message:
  Convert AccessDeniedException (and sub-classes) to WebMessage, and output in CrudControllerAdvice
modified:
  dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/CrudControllerAdvice.java
  dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/utils/WebMessageUtils.java


--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk

Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription

=== modified file 'dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/CrudControllerAdvice.java'
--- dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/CrudControllerAdvice.java	2015-06-05 10:33:56 +0000
+++ dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/CrudControllerAdvice.java	2015-06-11 02:55:55 +0000
@@ -38,11 +38,13 @@
 import org.hisp.dhis.webapi.controller.exception.NotFoundException;
 import org.hisp.dhis.webapi.service.WebMessageService;
 import org.hisp.dhis.webapi.utils.ContextUtils;
+import org.hisp.dhis.webapi.utils.WebMessageUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
+import org.springframework.security.access.AccessDeniedException;
 import org.springframework.web.bind.WebDataBinder;
 import org.springframework.web.bind.annotation.ControllerAdvice;
 import org.springframework.web.bind.annotation.ExceptionHandler;
@@ -133,6 +135,12 @@
         ContextUtils.conflictResponse( response, ex.getClass().getName() ); //TODO fix message
     }
 
+    @ExceptionHandler( AccessDeniedException.class )
+    public void accessDeniedExceptionHandler( AccessDeniedException ex, HttpServletResponse response, HttpServletRequest request )
+    {
+        webMessageService.send( WebMessageUtils.forbidden( ex.getMessage() ), response, request );
+    }
+
     @ExceptionHandler( WebMessageException.class )
     public void webMessageExceptionHandler( WebMessageException ex, HttpServletResponse response, HttpServletRequest request )
     {

=== modified file 'dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/utils/WebMessageUtils.java'
--- dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/utils/WebMessageUtils.java	2015-06-08 08:39:47 +0000
+++ dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/utils/WebMessageUtils.java	2015-06-11 02:55:55 +0000
@@ -132,6 +132,16 @@
         return createWebMessage( message, devMessage, WebMessageStatus.ERROR, HttpServletResponse.SC_BAD_REQUEST );
     }
 
+    public static WebMessage forbidden( String message )
+    {
+        return createWebMessage( message, WebMessageStatus.ERROR, HttpServletResponse.SC_FORBIDDEN );
+    }
+
+    public static WebMessage forbidden( String message, String devMessage )
+    {
+        return createWebMessage( message, WebMessageStatus.ERROR, HttpServletResponse.SC_FORBIDDEN );
+    }
+
     private WebMessageUtils()
     {
     }