From 68bc11266004b540c0bf335a96ea4013137cdf74 Mon Sep 17 00:00:00 2001 From: Andrei Isvoran Date: Thu, 8 Feb 2024 11:42:26 +0200 Subject: [PATCH] RED-6659 - Update KNECON_ADMIN rank & add error handling for acces denied --- .../controller/ControllerAdvice.java | 9 ++++++++- src/main/resources/application-clarifynd.yaml | 2 +- src/main/resources/application-documine.yaml | 2 +- src/main/resources/application-redaction.yaml | 2 +- 4 files changed, 11 insertions(+), 4 deletions(-) diff --git a/src/main/java/com/knecon/fforesight/tenantusermanagement/controller/ControllerAdvice.java b/src/main/java/com/knecon/fforesight/tenantusermanagement/controller/ControllerAdvice.java index 7a4efb1..62a23fa 100644 --- a/src/main/java/com/knecon/fforesight/tenantusermanagement/controller/ControllerAdvice.java +++ b/src/main/java/com/knecon/fforesight/tenantusermanagement/controller/ControllerAdvice.java @@ -3,6 +3,7 @@ package com.knecon.fforesight.tenantusermanagement.controller; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; +import org.springframework.security.access.AccessDeniedException; import org.springframework.web.bind.MethodArgumentNotValidException; import org.springframework.web.bind.annotation.ExceptionHandler; import org.springframework.web.bind.annotation.RestControllerAdvice; @@ -32,7 +33,6 @@ public class ControllerAdvice { return new ResponseEntity<>(new ErrorMessage(e.getMessage()), HttpStatus.FORBIDDEN); } - @ExceptionHandler(ResponseStatusException.class) public ResponseEntity handleResponseStatusException(ResponseStatusException e) { @@ -45,4 +45,11 @@ public class ControllerAdvice { return new ResponseEntity<>(new ErrorMessage(e.getMessage()), HttpStatus.BAD_REQUEST); } + @ExceptionHandler(AccessDeniedException.class) + public ResponseEntity handleAccessDeniedException(AccessDeniedException e) { + + return new ResponseEntity<>(new ErrorMessage(e.getMessage()), HttpStatus.FORBIDDEN); + } + + } diff --git a/src/main/resources/application-clarifynd.yaml b/src/main/resources/application-clarifynd.yaml index 726e6f5..0da0729 100644 --- a/src/main/resources/application-clarifynd.yaml +++ b/src/main/resources/application-clarifynd.yaml @@ -32,7 +32,7 @@ fforesight: - 'fforesight-download-file' - name: KNECON_ADMIN set-by-default: false - rank: 500 + rank: 1000 permissions: - "red-read-license" - "red-update-license" diff --git a/src/main/resources/application-documine.yaml b/src/main/resources/application-documine.yaml index 43e7b3c..0db460c 100644 --- a/src/main/resources/application-documine.yaml +++ b/src/main/resources/application-documine.yaml @@ -21,7 +21,7 @@ fforesight: roles: - name: KNECON_ADMIN set-by-default: false - rank: 500 + rank: 1000 permissions: [ "red-read-license", "red-update-license","fforesight-get-tenants", "fforesight-create-tenant", "fforesight-update-tenant", "fforesight-delete-tenant","fforesight-read-users", "fforesight-read-all-users", "fforesight-write-users","fforesight-read-smtp-configuration", "fforesight-write-smtp-configuration","red-unarchive-dossier" ] - name: RED_USER set-by-default: true diff --git a/src/main/resources/application-redaction.yaml b/src/main/resources/application-redaction.yaml index 63230b9..980b61e 100644 --- a/src/main/resources/application-redaction.yaml +++ b/src/main/resources/application-redaction.yaml @@ -47,7 +47,7 @@ fforesight: permissions: [ "red-add-update-dossier", "red-archived-dossier", "red-delete-dossier", "red-write-dossier-attributes" ] - name: KNECON_ADMIN set-by-default: false - rank: 500 + rank: 1000 permissions: ["red-read-license", "red-update-license","fforesight-get-tenants", "fforesight-create-tenant", "fforesight-update-tenant", "fforesight-delete-tenant","fforesight-read-users", "fforesight-read-all-users", "fforesight-write-users","fforesight-read-smtp-configuration", "fforesight-write-smtp-configuration","red-unarchive-dossier"] - name: RED_USER_ADMIN set-by-default: false