View Javadoc
1   /**
2    * Copyright 2005-2014 The Kuali Foundation
3    *
4    * Licensed under the Educational Community License, Version 2.0 (the "License");
5    * you may not use this file except in compliance with the License.
6    * You may obtain a copy of the License at
7    *
8    * http://www.opensource.org/licenses/ecl2.php
9    *
10   * Unless required by applicable law or agreed to in writing, software
11   * distributed under the License is distributed on an "AS IS" BASIS,
12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13   * See the License for the specific language governing permissions and
14   * limitations under the License.
15   */
16  package org.kuali.rice.krad.exception;
17  
18  import org.kuali.rice.core.api.exception.KualiException;
19  import org.kuali.rice.core.api.util.RiceKeyConstants;
20  
21  import java.util.Collections;
22  import java.util.Map;
23  
24  /**
25   * Represents an exception that is thrown when a given user is not authorized to take the given action on the given
26   * target type
27   *
28   * @author Kuali Rice Team (rice.collab@kuali.org)
29   */
30  public class AuthorizationException extends KualiException {
31      private static final long serialVersionUID = -3874239711783179351L;
32  
33      protected final String userId;
34      protected final String action;
35      protected final String targetType;
36      protected final Map<String, Object> additionalDetails;
37  
38      public AuthorizationException(String userId, String action, String targetType) {
39          this(userId, action, targetType, Collections.<String, Object>emptyMap());
40      }
41  
42      /**
43       * Constructs a exception with a message from the passed in information.
44       *
45       * @param userId the userid of the user who failed authorization
46       * @param action the action the user was trying to take
47       * @param targetType what the user was trying to take action on
48       * @param additionalDetails additional details about the authorization failure to be passed in and added to the
49       * exception message (ex: permission name, qualifiers, etc.)
50       */
51      public AuthorizationException(String userId, String action, String targetType,
52              Map<String, Object> additionalDetails) {
53          this(userId, action, targetType, "user '" + userId + "' is not authorized to take action '" + action
54                  + "' on targets of type '" + targetType + "'"
55                  + (additionalDetails != null && !additionalDetails.isEmpty() ?
56                  " Additional Details : " + additionalDetails : ""), additionalDetails);
57      }
58  
59      /**
60       * Allows you to construct the exception message manually
61       */
62      public AuthorizationException(String userId, String action, String targetType, String message,
63              Map<String, Object> additionalDetails) {
64          super(message);
65  
66          this.userId = userId;
67          this.action = action;
68          this.targetType = targetType;
69          this.additionalDetails = additionalDetails;
70      }
71  
72      public String getUserId() {
73          return userId;
74      }
75  
76      public String getAction() {
77          return action;
78      }
79  
80      public String getTargetType() {
81          return targetType;
82      }
83  
84      public Map<String, Object> getAdditionalDetails() {
85          return additionalDetails;
86      }
87  
88      /**
89       * @return message key used by Struts to select the error message to be displayed
90       * @deprecated
91       */
92      @Deprecated
93      public String getErrorMessageKey() {
94          return RiceKeyConstants.AUTHORIZATION_ERROR_GENERAL;
95      }
96  }