View Javadoc
1   /*
2    * Copyright (c) MuleSoft, Inc.  All rights reserved.  http://www.mulesoft.com
3    * The software in this package is published under the terms of the CPAL v1.0
4    * license, a copy of which has been included with this distribution in the
5    * LICENSE.txt file.
6    */
7   package org.mule.api.security;
8   
9   import org.mule.RequestContext;
10  import org.mule.api.MuleEvent;
11  import org.mule.api.endpoint.ImmutableEndpoint;
12  import org.mule.config.i18n.CoreMessages;
13  import org.mule.config.i18n.Message;
14  
15  /**
16   * <code>NotPermittedException</code> is thrown if the user isn't authorized
17   * to perform an action.
18   */
19  public class NotPermittedException extends SecurityException
20  {
21      /**
22       * Serial version
23       */
24      private static final long serialVersionUID = -6664384216189042673L;
25  
26      public NotPermittedException(Message message)
27      {
28          super(message, RequestContext.getEvent());
29      }
30  
31      public NotPermittedException(Message message, Throwable cause)
32      {
33          super(message, RequestContext.getEvent(), cause);
34      }
35  
36      public NotPermittedException(Message message, MuleEvent event)
37      {
38          super(message, event);
39      }
40  
41      public NotPermittedException(Message message, MuleEvent event, Throwable cause)
42      {
43          super(message, event, cause);
44      }
45  
46      public NotPermittedException(MuleEvent event, SecurityContext context,SecurityFilter filter)
47      {
48          super(constructMessage(context, event.getEndpoint(), filter), event);
49      }
50  
51      private static Message constructMessage(SecurityContext context, 
52                                              ImmutableEndpoint endpoint,
53                                              SecurityFilter filter)
54      {
55  
56          Message m;
57          if (context == null)
58          {
59              m = CoreMessages.authSetButNoContext(filter.getClass().getName());
60          }
61          else
62          {
63              m = CoreMessages.authFailedForUser(context.getAuthentication().getPrincipal());
64          }
65          m.setNextMessage(CoreMessages.authorizationDeniedOnEndpoint(endpoint.getEndpointURI()));
66          return m;
67      }
68  }