Improve error handle on security errors.

wise-webapp/src/main/java/com/wisemapping/exceptions/AccessDeniedSecurityException.java

@@ -1,33 +1,37 @@
 /*
-*    Copyright [2015] [wisemapping]
+ *    Copyright [2015] [wisemapping]
-*
+ *
-*   Licensed under WiseMapping Public License, Version 1.0 (the "License").
+ *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
-*   It is basically the Apache License, Version 2.0 (the "License") plus the
+ *   It is basically the Apache License, Version 2.0 (the "License") plus the
-*   "powered by wisemapping" text requirement on every single page;
+ *   "powered by wisemapping" text requirement on every single page;
-*   you may not use this file except in compliance with the License.
+ *   you may not use this file except in compliance with the License.
-*   You may obtain a copy of the license at
+ *   You may obtain a copy of the license at
-*
+ *
-*       http://www.wisemapping.org/license
+ *       http://www.wisemapping.org/license
-*
+ *
-*   Unless required by applicable law or agreed to in writing, software
+ *   Unless required by applicable law or agreed to in writing, software
-*   distributed under the License is distributed on an "AS IS" BASIS,
+ *   distributed under the License is distributed on an "AS IS" BASIS,
-*   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-*   See the License for the specific language governing permissions and
+ *   See the License for the specific language governing permissions and
-*   limitations under the License.
+ *   limitations under the License.
-*/
+ */
 
 package com.wisemapping.exceptions;
 
+import com.wisemapping.model.Collaborator;
+import com.wisemapping.model.User;
 import org.jetbrains.annotations.NotNull;
 
 public class AccessDeniedSecurityException
-    extends ClientException
+        extends ClientException {
-{
     public static final String MSG_KEY = "ACCESS_HAS_BEEN_REVOKED";
 
-    public AccessDeniedSecurityException(@NotNull String msg)
+    public AccessDeniedSecurityException(@NotNull String msg) {
-    {
+        super(msg, Severity.FATAL);
-        super(msg,Severity.FATAL);
+    }
+
+    public AccessDeniedSecurityException(@NotNull long mapId, Collaborator user) {
+        super("No enough permissions to access map. Id: " + mapId + ", User: " + user, Severity.FATAL);
     }
 
     @NotNull

wise-webapp/src/main/java/com/wisemapping/mail/NotifyingExceptionResolver.java

@@ -1,43 +0,0 @@
-package com.wisemapping.mail;
-
-import com.wisemapping.model.User;
-import com.wisemapping.security.Utils;
-import org.apache.log4j.Logger;
-import org.jetbrains.annotations.NotNull;
-import org.springframework.web.servlet.ModelAndView;
-import org.springframework.web.servlet.handler.SimpleMappingExceptionResolver;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.util.HashSet;
-import java.util.Set;
-
-public class NotifyingExceptionResolver extends SimpleMappingExceptionResolver {
-
-    final private Logger logger = Logger.getLogger(NotifyingExceptionResolver.class);
-    private Set<String> exclude = new HashSet<String>();
-    private NotificationService notificationService;
-
-    @Override
-    protected ModelAndView doResolveException(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) {
-        if (!exclude.contains(ex.getClass().getName())) {
-            logger.error("An Exception has occurred in the application", ex);
-            sendNotification(ex, request);
-        }
-
-        return super.doResolveException(request, response, handler, ex);
-    }
-
-    private void sendNotification(@NotNull Exception ex, @NotNull HttpServletRequest request) {
-        final User user = Utils.getUser(false);
-        notificationService.reportJavaException(ex, user, request);
-    }
-
-    public void setExclude(final Set<String> exclude) {
-        this.exclude = exclude;
-    }
-
-    public void setNotificationService(NotificationService notificationService) {
-        this.notificationService = notificationService;
-    }
-}

wise-webapp/src/main/java/com/wisemapping/rest/MindmapController.java

@@ -250,7 +250,7 @@ public class MindmapController extends BaseController {
         // Has enough permissions ?
         final User user = Utils.getUser();
         if (!mindmapService.hasPermissions(user, id, CollaborationRole.VIEWER)) {
-            throw new AccessDeniedSecurityException("No enough permissions to open map. Id:" + id);
+            throw new AccessDeniedSecurityException(id, user);
         }
 
         // Does the map exists ?

wise-webapp/src/main/java/com/wisemapping/service/LockManagerImpl.java

@@ -1,20 +1,20 @@
 /*
-*    Copyright [2015] [wisemapping]
+ *    Copyright [2015] [wisemapping]
-*
+ *
-*   Licensed under WiseMapping Public License, Version 1.0 (the "License").
+ *   Licensed under WiseMapping Public License, Version 1.0 (the "License").
-*   It is basically the Apache License, Version 2.0 (the "License") plus the
+ *   It is basically the Apache License, Version 2.0 (the "License") plus the
-*   "powered by wisemapping" text requirement on every single page;
+ *   "powered by wisemapping" text requirement on every single page;
-*   you may not use this file except in compliance with the License.
+ *   you may not use this file except in compliance with the License.
-*   You may obtain a copy of the license at
+ *   You may obtain a copy of the license at
-*
+ *
-*       http://www.wisemapping.org/license
+ *       http://www.wisemapping.org/license
-*
+ *
-*   Unless required by applicable law or agreed to in writing, software
+ *   Unless required by applicable law or agreed to in writing, software
-*   distributed under the License is distributed on an "AS IS" BASIS,
+ *   distributed under the License is distributed on an "AS IS" BASIS,
-*   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-*   See the License for the specific language governing permissions and
+ *   See the License for the specific language governing permissions and
-*   limitations under the License.
+ *   limitations under the License.
-*/
+ */
 
 package com.wisemapping.service;
 
@@ -31,20 +31,20 @@ import java.util.*;
 import java.util.concurrent.ConcurrentHashMap;
 
 /*
-* Refresh page should not lost the lock.
+ * Refresh page should not lost the lock.
-* En caso que no sea posible grabar por que se perdio el lock, usar mensaje de error para explicar el por que...
+ * En caso que no sea posible grabar por que se perdio el lock, usar mensaje de error para explicar el por que...
-* Mensaje  modal explicando que el mapa esta siendo editado, por eso no es posible edilarlo....
+ * Mensaje  modal explicando que el mapa esta siendo editado, por eso no es posible edilarlo....
-* Internacionalizacion de los mensaje ...
+ * Internacionalizacion de los mensaje ...
-* Logout limpiar las sessiones ...
+ * Logout limpiar las sessiones ...
-*
+ *
-* Casos:
+ * Casos:
-*  - Usuario pierde el lock:
+ *  - Usuario pierde el lock:
-*      - Y grabo con la misma sessions y el timestap ok.
+ *      - Y grabo con la misma sessions y el timestap ok.
-*      - Y grabo con la misma session y el timestap esta mal
+ *      - Y grabo con la misma session y el timestap esta mal
  *     - Y grabo con distinta sessions
  *     -
-*  - Usuario pierde el lock, pero intenta grabar camio
+ *  - Usuario pierde el lock, pero intenta grabar camio
-*/
+ */
 
 class LockManagerImpl implements LockManager {
     public static final int ONE_MINUTE_MILLISECONDS = 1000 * 60;
@@ -97,7 +97,7 @@ class LockManagerImpl implements LockManager {
         }
 
         if (!mindmap.hasPermissions(user, CollaborationRole.EDITOR)) {
-            throw new AccessDeniedSecurityException("Invalid lock, this should not happen");
+            throw new AccessDeniedSecurityException(mindmap.getId(), user);
         }
 
         this.unlock(mindmap.getId());
@@ -132,7 +132,7 @@ class LockManagerImpl implements LockManager {
         }
 
         if (!mindmap.hasPermissions(user, CollaborationRole.EDITOR)) {
-            throw new AccessDeniedSecurityException("Invalid lock, this should not happen");
+            throw new AccessDeniedSecurityException(mindmap.getId(), user);
         }
 
         LockInfo result = lockInfoByMapId.get(mindmap.getId());

wise-webapp/src/main/java/com/wisemapping/webmvc/MindmapController.java

@@ -176,7 +176,7 @@ public class MindmapController {
     private MindMapBean findMindmapBean(int mapId) throws MapCouldNotFoundException, AccessDeniedSecurityException {
         final User user = Utils.getUser();
         if (!mindmapService.hasPermissions(user, mapId, CollaborationRole.VIEWER)) {
-            throw new AccessDeniedSecurityException("No enough permissions to open map with id " + mapId);
+            throw new AccessDeniedSecurityException(mapId, user);
         }
 
         final Mindmap mindmap = findMindmap(mapId);

wise-webapp/src/main/webapp/WEB-INF/wisemapping-servlet.xml

@@ -22,29 +22,25 @@
         <bean id="requestInterceptor" class="com.wisemapping.filter.RequestPropertiesInterceptor"/>
     </mvc:interceptors>
 
-    <bean id="exceptionHandlerResolver"
+    <bean id="simpleMappingExceptionResolver"
-          class="com.wisemapping.mail.NotifyingExceptionResolver">
+          class="org.springframework.web.servlet.handler.SimpleMappingExceptionResolver">
         <property name="defaultStatusCode" value="500"/>
         <property name="defaultErrorView" value="unexpectedError"/>
+        <property name="warnLogCategory" value="com.wisemapping.mvc.Exceptions"/>
+
         <property name="exceptionMappings">
             <props>
-                <!-- Security exceptions are wrapped in this exceptions -->
+                <!-- Security access exceptions must not handled as unexpected errors -->
+                <prop key="com.wisemapping.exceptions.MapNonPublicException">securityError</prop>
                 <prop key="com.wisemapping.exceptions.AccessDeniedSecurityException">securityError</prop>
             </props>
         </property>
 
         <property name="statusCodes">
             <props>
-                <prop key="securityError">404</prop>
+                <prop key="securityError">403</prop>
             </props>
         </property>
-
-        <property name="exclude">
-            <set>
-                <value>java.lang.reflect.UndeclaredThrowableException</value>
-            </set>
-        </property>
-        <property name="notificationService" ref="notificationService"/>
     </bean>
 
     <bean id="viewResolver" class="org.springframework.web.servlet.view.UrlBasedViewResolver">