vmario/wisemapping-open-source
1
0
Fork 0
mirror of https://bitbucket.org/wisemapping/wisemapping-open-source.git synced 2024-11-21 21:57:56 +01:00
Code Issues Packages Projects Releases Wiki Activity

Improve exception handling on non permissions

Browse Source
This commit is contained in:
Paulo Gustavo Veiga 2022-03-09 17:18:14 -08:00
parent d217768b83
commit 5694697c5f
1 changed files with 10 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
wise-webapp/src/main/java/com/wisemapping/webmvc/MindmapController.java
View File

@ -19,6 +19,7 @@
package com.wisemapping.webmvc; package com.wisemapping.webmvc;
import com.wisemapping.exceptions.AccessDeniedSecurityException;
import com.wisemapping.exceptions.MapCouldNotFoundException; import com.wisemapping.exceptions.MapCouldNotFoundException;
import com.wisemapping.exceptions.MapNonPublicException; import com.wisemapping.exceptions.MapNonPublicException;
import com.wisemapping.exceptions.WiseMappingException; import com.wisemapping.exceptions.WiseMappingException;
@ -52,7 +53,8 @@ public class MindmapController {
private MindmapService mindmapService; private MindmapService mindmapService;
@RequestMapping(value = "maps/{id}/print") @RequestMapping(value = "maps/{id}/print")
public String showPrintPage(@PathVariable int id, @NotNull Model model) throws MapCouldNotFoundException { public String showPrintPage(@PathVariable int id, @NotNull Model model) throws MapCouldNotFoundException, AccessDeniedSecurityException {
final MindMapBean mindmap = findMindmapBean(id); final MindMapBean mindmap = findMindmapBean(id);
model.addAttribute("principal", Utils.getUser()); model.addAttribute("principal", Utils.getUser());
model.addAttribute("mindmap", mindmap); model.addAttribute("mindmap", mindmap);
@ -127,7 +129,7 @@ public class MindmapController {
} }
@RequestMapping(value = "maps/{id}/embed") @RequestMapping(value = "maps/{id}/embed")
public ModelAndView showEmbeddedPage(@PathVariable int id, @RequestParam(required = false) Float zoom) throws MapCouldNotFoundException, MapNonPublicException { public ModelAndView showEmbeddedPage(@PathVariable int id, @RequestParam(required = false) Float zoom) throws MapCouldNotFoundException, MapNonPublicException, AccessDeniedSecurityException {
if (!mindmapService.isMindmapPublic(id)) { if (!mindmapService.isMindmapPublic(id)) {
throw new MapNonPublicException("Map " + id + " is not public."); throw new MapNonPublicException("Map " + id + " is not public.");
} }
@ -171,7 +173,12 @@ public class MindmapController {
} }
@NotNull @NotNull
private MindMapBean findMindmapBean(int mapId) throws MapCouldNotFoundException { private MindMapBean findMindmapBean(int mapId) throws MapCouldNotFoundException, AccessDeniedSecurityException {
final User user = Utils.getUser();
if (!mindmapService.hasPermissions(user, mapId, CollaborationRole.VIEWER)) {
throw new AccessDeniedSecurityException("No enough permissions to open map with id" + mapId);
}
final Mindmap mindmap = findMindmap(mapId); final Mindmap mindmap = findMindmap(mapId);
return new MindMapBean(mindmap, Utils.getUser()); return new MindMapBean(mindmap, Utils.getUser());
} }