Ticket #269: Remove GuacamolePermissionException, use GuacamoleSecurityException instead.

2025-09-06 13:17:41 +00:00 · 2013-02-22 19:58:32 -08:00
parent 2a4b82dc8e
commit 4d62cb9c92
3 changed files with 74 additions and 151 deletions
--- a/extensions/guacamole-auth-mysql/src/main/java/net/sourceforge/guacamole/net/auth/mysql/GuacamolePermissionException.java
+++ b/extensions/guacamole-auth-mysql/src/main/java/net/sourceforge/guacamole/net/auth/mysql/GuacamolePermissionException.java
@@ -1,78 +0,0 @@
 /* ***** BEGIN LICENSE BLOCK *****
 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
 *
 * The contents of this file are subject to the Mozilla Public License Version
 * 1.1 (the "License"); you may not use this file except in compliance with
 * the License. You may obtain a copy of the License at
 * http://www.mozilla.org/MPL/
 *
 * Software distributed under the License is distributed on an "AS IS" basis,
 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
 * for the specific language governing rights and limitations under the
 * License.
 *
 * The Original Code is guacamole-auth-mysql.
 *
 * The Initial Developer of the Original Code is
 * James Muehlner.
 * Portions created by the Initial Developer are Copyright (C) 2010
 * the Initial Developer. All Rights Reserved.
 *
 * Contributor(s):
 *
 * Alternatively, the contents of this file may be used under the terms of
 * either the GNU General Public License Version 2 or later (the "GPL"), or
 * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
 * in which case the provisions of the GPL or the LGPL are applicable instead
 * of those above. If you wish to allow use of your version of this file only
 * under the terms of either the GPL or the LGPL, and not to allow others to
 * use your version of this file under the terms of the MPL, indicate your
 * decision by deleting the provisions above and replace them with the notice
 * and other provisions required by the GPL or the LGPL. If you do not delete
 * the provisions above, a recipient may use your version of this file under
 * the terms of any one of the MPL, the GPL or the LGPL.
 *
 * ***** END LICENSE BLOCK ***** */
 package net.sourceforge.guacamole.net.auth.mysql;
 import net.sourceforge.guacamole.GuacamoleException;
 /**
 * Represents an error condition when a user tries to perform an action
 * that he/she does not have permission to do.
 * @author James Muehlner
 */
 public class GuacamolePermissionException extends GuacamoleException {
    /**
     * Creates a new GuacamoleException with the given message and cause.
     *
     * @param message A human readable description of the exception that
     *                occurred.
     * @param cause The cause of this exception.
     */
    public GuacamolePermissionException(String message, Throwable cause) {
        super(message, cause);
    }
    /**
     * Creates a new GuacamoleException with the given message.
     *
     * @param message A human readable description of the exception that
     *                occurred.
     */
    public GuacamolePermissionException(String message) {
        super(message);
    }
    /**
     * Creates a new GuacamoleException with the given cause.
     *
     * @param cause The cause of this exception.
     */
    public GuacamolePermissionException(Throwable cause) {
        super(cause);
    }
 }
--- a/extensions/guacamole-auth-mysql/src/main/java/net/sourceforge/guacamole/net/auth/mysql/UserDirectory.java
+++ b/extensions/guacamole-auth-mysql/src/main/java/net/sourceforge/guacamole/net/auth/mysql/UserDirectory.java
@@ -46,6 +46,7 @@ import java.util.List;
 import java.util.Map;
 import java.util.Set;
 import net.sourceforge.guacamole.GuacamoleException;
 import net.sourceforge.guacamole.GuacamoleSecurityException;
 import net.sourceforge.guacamole.net.auth.Directory;
 import net.sourceforge.guacamole.net.auth.mysql.dao.ConnectionMapper;
 import net.sourceforge.guacamole.net.auth.mysql.dao.ConnectionPermissionMapper;
@@ -288,7 +289,7 @@ public class UserDirectory implements Directory<String, net.sourceforge.guacamol
        // Verify that the user actually has permission to administrate every one of these users
        for (UserPermissionKey permissionToDelete : permissionsToDelete) {
            if (!administerableUsers.contains(permissionToDelete.getAffected_user_id()))
-                throw new GuacamolePermissionException(
+                throw new GuacamoleSecurityException(
                      "User '" + this.user.getUsername()
                    + "' does not have permission to administrate user "
                    + permissionToDelete.getAffected_user_id());
@@ -315,7 +316,7 @@ public class UserDirectory implements Directory<String, net.sourceforge.guacamol
            // Verify that the user actually has permission to administrate
            // every one of these users
            if (!administerableUsers.contains(dbAffectedUser.getUser_id()))
-                throw new GuacamolePermissionException(
+                throw new GuacamoleSecurityException(
                      "User '" + this.user.getUsername()
                    + "' does not have permission to administrate user "
                    + dbAffectedUser.getUser_id());
@@ -385,7 +386,7 @@ public class UserDirectory implements Directory<String, net.sourceforge.guacamol
        // corresponding to the permissions we are about to delete
        for (ConnectionPermissionKey connectionPermissionToDelete : connectionPermissionsToDelete) {
            if (!administerableConnections.contains(connectionPermissionToDelete.getConnection_id()))
-                throw new GuacamolePermissionException(
+                throw new GuacamoleSecurityException(
                    "User '" + this.user.getUsername() +
                    "' does not have permission to administrate connection "
                    + connectionPermissionToDelete.getConnection_id());
@@ -410,7 +411,7 @@ public class UserDirectory implements Directory<String, net.sourceforge.guacamol
            // Throw exception if permission to administer this connection
            // is not granted
            if (!administerableConnections.contains(dbConnection.getConnection_id()))
-                throw new GuacamolePermissionException(
+                throw new GuacamoleSecurityException(
                      "User '" + this.user.getUsername()
                    + "' does not have permission to administrate connection "
                    + dbConnection.getConnection_id());
--- a/extensions/guacamole-auth-mysql/src/main/java/net/sourceforge/guacamole/net/auth/mysql/utility/PermissionCheckUtility.java
+++ b/extensions/guacamole-auth-mysql/src/main/java/net/sourceforge/guacamole/net/auth/mysql/utility/PermissionCheckUtility.java
@@ -44,7 +44,7 @@ import java.util.HashSet;
 import java.util.List;
 import java.util.Map;
 import java.util.Set;
-import net.sourceforge.guacamole.net.auth.mysql.GuacamolePermissionException;
+import net.sourceforge.guacamole.GuacamoleSecurityException;
 import net.sourceforge.guacamole.net.auth.mysql.MySQLConnection;
 import net.sourceforge.guacamole.net.auth.mysql.MySQLConstants;
 import net.sourceforge.guacamole.net.auth.mysql.MySQLUser;
@@ -99,91 +99,91 @@ public class PermissionCheckUtility {
    Provider<MySQLConnection> mySQLConnectionProvider;
    /**
-     * Verifies that the user has read access to the given user. If not, throws a GuacamolePermissionException.
+     * Verifies that the user has read access to the given user. If not, throws a GuacamoleSecurityException.
     * @param userID
     * @param affectedUserID
-     * @throws GuacamolePermissionException
+     * @throws GuacamoleSecurityException
     */
-    public void verifyUserReadAccess(int userID, int affectedUserID) throws GuacamolePermissionException {
+    public void verifyUserReadAccess(int userID, int affectedUserID) throws GuacamoleSecurityException {
        if(!checkUserReadAccess(userID, affectedUserID))
-            throw new GuacamolePermissionException("User " + userID + " does not have read access to user " + affectedUserID);
+            throw new GuacamoleSecurityException("User " + userID + " does not have read access to user " + affectedUserID);
    }
    /**
-     * Verifies that the user has update access to the given user. If not, throws a GuacamolePermissionException.
+     * Verifies that the user has update access to the given user. If not, throws a GuacamoleSecurityException.
     * @param userID
     * @param affectedUserID
-     * @throws GuacamolePermissionException
+     * @throws GuacamoleSecurityException
     */
-    public void verifyUserUpdateAccess(int userID, int affectedUserID) throws GuacamolePermissionException {
+    public void verifyUserUpdateAccess(int userID, int affectedUserID) throws GuacamoleSecurityException {
        if(!checkUserUpdateAccess(userID, affectedUserID))
-            throw new GuacamolePermissionException("User " + userID + " does not have update access to user " + affectedUserID);
+            throw new GuacamoleSecurityException("User " + userID + " does not have update access to user " + affectedUserID);
    }
    /**
-     * Verifies that the user has delete access to the given user. If not, throws a GuacamolePermissionException.
+     * Verifies that the user has delete access to the given user. If not, throws a GuacamoleSecurityException.
     * @param userID
     * @param affectedUserID
-     * @throws GuacamolePermissionException
+     * @throws GuacamoleSecurityException
     */
-    public void verifyUserDeleteAccess(int userID, int affectedUserID) throws GuacamolePermissionException {
+    public void verifyUserDeleteAccess(int userID, int affectedUserID) throws GuacamoleSecurityException {
        if(!checkUserDeleteAccess(userID, affectedUserID))
-            throw new GuacamolePermissionException("User " + userID + " does not have delete access to user " + affectedUserID);
+            throw new GuacamoleSecurityException("User " + userID + " does not have delete access to user " + affectedUserID);
    }
    /**
-     * Verifies that the user has administer access to the given user. If not, throws a GuacamolePermissionException.
+     * Verifies that the user has administer access to the given user. If not, throws a GuacamoleSecurityException.
     * @param userID
     * @param affectedUserID
-     * @throws GuacamolePermissionException
+     * @throws GuacamoleSecurityException
     */
-    public void verifyUserAdministerAccess(int userID, int affectedUserID) throws GuacamolePermissionException {
+    public void verifyUserAdministerAccess(int userID, int affectedUserID) throws GuacamoleSecurityException {
        if(!checkUserAdministerAccess(userID, affectedUserID))
-            throw new GuacamolePermissionException("User " + userID + " does not have administer access to user " + affectedUserID);
+            throw new GuacamoleSecurityException("User " + userID + " does not have administer access to user " + affectedUserID);
    }
    /**
-     * Verifies that the user has read access to the given user. If not, throws a GuacamolePermissionException.
+     * Verifies that the user has read access to the given user. If not, throws a GuacamoleSecurityException.
     * @param userID
     * @param affectedUsername
-     * @throws GuacamolePermissionException
+     * @throws GuacamoleSecurityException
     */
-    public void verifyUserReadAccess(int userID, String affectedUsername) throws GuacamolePermissionException {
+    public void verifyUserReadAccess(int userID, String affectedUsername) throws GuacamoleSecurityException {
        if(!checkUserReadAccess(userID, affectedUsername))
-            throw new GuacamolePermissionException("User " + userID + " does not have read access to user '" + affectedUsername + "'");
+            throw new GuacamoleSecurityException("User " + userID + " does not have read access to user '" + affectedUsername + "'");
    }
    /**
-     * Verifies that the user has update access to the given user. If not, throws a GuacamolePermissionException.
+     * Verifies that the user has update access to the given user. If not, throws a GuacamoleSecurityException.
     * @param userID
     * @param affectedUsername
-     * @throws GuacamolePermissionException
+     * @throws GuacamoleSecurityException
     */
-    public void verifyUserUpdateAccess(int userID, String affectedUsername) throws GuacamolePermissionException {
+    public void verifyUserUpdateAccess(int userID, String affectedUsername) throws GuacamoleSecurityException {
        if(!checkUserUpdateAccess(userID, affectedUsername))
-            throw new GuacamolePermissionException("User " + userID + " does not have update access to user '" + affectedUsername + "'");
+            throw new GuacamoleSecurityException("User " + userID + " does not have update access to user '" + affectedUsername + "'");
    }
    /**
-     * Verifies that the user has delete access to the given user. If not, throws a GuacamolePermissionException.
+     * Verifies that the user has delete access to the given user. If not, throws a GuacamoleSecurityException.
     * @param userID
     * @param affectedUsername
-     * @throws GuacamolePermissionException
+     * @throws GuacamoleSecurityException
     */
-    public void verifyUserDeleteAccess(int userID, String affectedUsername) throws GuacamolePermissionException {
+    public void verifyUserDeleteAccess(int userID, String affectedUsername) throws GuacamoleSecurityException {
        if(!checkUserDeleteAccess(userID, affectedUsername))
-            throw new GuacamolePermissionException("User " + userID + " does not have delete access to user '" + affectedUsername + "'");
+            throw new GuacamoleSecurityException("User " + userID + " does not have delete access to user '" + affectedUsername + "'");
    }
    /**
-     * Verifies that the user has administer access to the given user. If not, throws a GuacamolePermissionException.
+     * Verifies that the user has administer access to the given user. If not, throws a GuacamoleSecurityException.
     * @param userID
     * @param affectedUsername
-     * @throws GuacamolePermissionException
+     * @throws GuacamoleSecurityException
     */
-    public void verifyUserAdministerAccess(int userID, String affectedUsername) throws GuacamolePermissionException {
+    public void verifyUserAdministerAccess(int userID, String affectedUsername) throws GuacamoleSecurityException {
        if(!checkUserAdministerAccess(userID, affectedUsername))
-            throw new GuacamolePermissionException("User " + userID + " does not have administer access to user '" + affectedUsername + "'");
+            throw new GuacamoleSecurityException("User " + userID + " does not have administer access to user '" + affectedUsername + "'");
    }
    /**
@@ -408,91 +408,91 @@ public class PermissionCheckUtility {
    }
    /**
-     * Verifies that the user has read access to the given connection. If not, throws a GuacamolePermissionException.
+     * Verifies that the user has read access to the given connection. If not, throws a GuacamoleSecurityException.
     * @param userID
     * @param affectedConnectionID
-     * @throws GuacamolePermissionException
+     * @throws GuacamoleSecurityException
     */
-    public void verifyConnectionReadAccess(int userID, int affectedConnectionID) throws GuacamolePermissionException {
+    public void verifyConnectionReadAccess(int userID, int affectedConnectionID) throws GuacamoleSecurityException {
        if(!checkConnectionReadAccess(userID, affectedConnectionID))
-            throw new GuacamolePermissionException("User " + userID + " does not have read access to connection " + affectedConnectionID);
+            throw new GuacamoleSecurityException("User " + userID + " does not have read access to connection " + affectedConnectionID);
    }
    /**
-     * Verifies that the user has update access to the given connection. If not, throws a GuacamolePermissionException.
+     * Verifies that the user has update access to the given connection. If not, throws a GuacamoleSecurityException.
     * @param userID
     * @param affectedConnectionID
-     * @throws GuacamolePermissionException
+     * @throws GuacamoleSecurityException
     */
-    public void verifyConnectionUpdateAccess(int userID, int affectedConnectionID) throws GuacamolePermissionException {
+    public void verifyConnectionUpdateAccess(int userID, int affectedConnectionID) throws GuacamoleSecurityException {
        if(!checkConnectionUpdateAccess(userID, affectedConnectionID))
-            throw new GuacamolePermissionException("User " + userID + " does not have update access to connection " + affectedConnectionID);
+            throw new GuacamoleSecurityException("User " + userID + " does not have update access to connection " + affectedConnectionID);
    }
    /**
-     * Verifies that the user has delete access to the given connection. If not, throws a GuacamolePermissionException.
+     * Verifies that the user has delete access to the given connection. If not, throws a GuacamoleSecurityException.
     * @param userID
     * @param affectedConnectionID
-     * @throws GuacamolePermissionException
+     * @throws GuacamoleSecurityException
     */
-    public void verifyConnectionDeleteAccess(int userID, int affectedConnectionID) throws GuacamolePermissionException {
+    public void verifyConnectionDeleteAccess(int userID, int affectedConnectionID) throws GuacamoleSecurityException {
        if(!checkConnectionDeleteAccess(userID, affectedConnectionID))
-            throw new GuacamolePermissionException("User " + userID + " does not have delete access to connection " + affectedConnectionID);
+            throw new GuacamoleSecurityException("User " + userID + " does not have delete access to connection " + affectedConnectionID);
    }
    /**
-     * Verifies that the user has administer access to the given connection. If not, throws a GuacamolePermissionException.
+     * Verifies that the user has administer access to the given connection. If not, throws a GuacamoleSecurityException.
     * @param userID
     * @param affectedConnectionID
-     * @throws GuacamolePermissionException
+     * @throws GuacamoleSecurityException
     */
-    public void verifyConnectionAdministerAccess(int userID, int affectedConnectionID) throws GuacamolePermissionException {
+    public void verifyConnectionAdministerAccess(int userID, int affectedConnectionID) throws GuacamoleSecurityException {
        if(!checkConnectionAdministerAccess(userID, affectedConnectionID))
-            throw new GuacamolePermissionException("User " + userID + " does not have administer access to connection " + affectedConnectionID);
+            throw new GuacamoleSecurityException("User " + userID + " does not have administer access to connection " + affectedConnectionID);
    }
    /**
-     * Verifies that the user has read access to the given connection. If not, throws a GuacamolePermissionException.
+     * Verifies that the user has read access to the given connection. If not, throws a GuacamoleSecurityException.
     * @param userID
     * @param affectedConnectionName
-     * @throws GuacamolePermissionException
+     * @throws GuacamoleSecurityException
     */
-    public void verifyConnectionReadAccess(int userID, String affectedConnectionName) throws GuacamolePermissionException {
+    public void verifyConnectionReadAccess(int userID, String affectedConnectionName) throws GuacamoleSecurityException {
        if(!checkConnectionReadAccess(userID, affectedConnectionName))
-            throw new GuacamolePermissionException("User " + userID + " does not have read access to connection '" + affectedConnectionName + "'");
+            throw new GuacamoleSecurityException("User " + userID + " does not have read access to connection '" + affectedConnectionName + "'");
    }
    /**
-     * Verifies that the user has update access to the given connection. If not, throws a GuacamolePermissionException.
+     * Verifies that the user has update access to the given connection. If not, throws a GuacamoleSecurityException.
     * @param userID
     * @param affectedConnectionName
-     * @throws GuacamolePermissionException
+     * @throws GuacamoleSecurityException
     */
-    public void verifyConnectionUpdateAccess(int userID, String affectedConnectionName) throws GuacamolePermissionException {
+    public void verifyConnectionUpdateAccess(int userID, String affectedConnectionName) throws GuacamoleSecurityException {
        if(!checkConnectionUpdateAccess(userID, affectedConnectionName))
-            throw new GuacamolePermissionException("User " + userID + " does not have update access to connection '" + affectedConnectionName + "'");
+            throw new GuacamoleSecurityException("User " + userID + " does not have update access to connection '" + affectedConnectionName + "'");
    }
    /**
-     * Verifies that the user has delete access to the given connection. If not, throws a GuacamolePermissionException.
+     * Verifies that the user has delete access to the given connection. If not, throws a GuacamoleSecurityException.
     * @param userID
     * @param affectedConnectionName
-     * @throws GuacamolePermissionException
+     * @throws GuacamoleSecurityException
     */
-    public void verifyConnectionDeleteAccess(int userID, String affectedConnectionName) throws GuacamolePermissionException {
+    public void verifyConnectionDeleteAccess(int userID, String affectedConnectionName) throws GuacamoleSecurityException {
        if(!checkConnectionDeleteAccess(userID, affectedConnectionName))
-            throw new GuacamolePermissionException("User " + userID + " does not have delete access to connection '" + affectedConnectionName + "'");
+            throw new GuacamoleSecurityException("User " + userID + " does not have delete access to connection '" + affectedConnectionName + "'");
    }
    /**
-     * Verifies that the user has administer access to the given connection. If not, throws a GuacamolePermissionException.
+     * Verifies that the user has administer access to the given connection. If not, throws a GuacamoleSecurityException.
     * @param userID
     * @param affectedConnectionName
-     * @throws GuacamolePermissionException
+     * @throws GuacamoleSecurityException
     */
-    public void verifyConnectionAdministerAccess(int userID, String affectedConnectionName) throws GuacamolePermissionException {
+    public void verifyConnectionAdministerAccess(int userID, String affectedConnectionName) throws GuacamoleSecurityException {
        if(!checkConnectionAdministerAccess(userID, affectedConnectionName))
-            throw new GuacamolePermissionException("User " + userID + " does not have administer access to connection '" + affectedConnectionName + "'");
+            throw new GuacamoleSecurityException("User " + userID + " does not have administer access to connection '" + affectedConnectionName + "'");
    }
    /**
@@ -716,14 +716,14 @@ public class PermissionCheckUtility {
        return connectionIDs;
    }
-    public void verifyCreateUserPermission(int userID) throws GuacamolePermissionException {
+    public void verifyCreateUserPermission(int userID) throws GuacamoleSecurityException {
        if(!checkCreateUserPermission(userID))
-            throw new GuacamolePermissionException("User " + userID + " does not have permission to create users.");
+            throw new GuacamoleSecurityException("User " + userID + " does not have permission to create users.");
    }
-    public void verifyCreateConnectionPermission(int userID) throws GuacamolePermissionException {
+    public void verifyCreateConnectionPermission(int userID) throws GuacamoleSecurityException {
        if(!checkCreateConnectionPermission(userID))
-            throw new GuacamolePermissionException("User " + userID + " does not have permission to create connections.");
+            throw new GuacamoleSecurityException("User " + userID + " does not have permission to create connections.");
    }
    /**