hostsharing/hs.hsadmin.ng
1
0
Fork 0
Code Activity

fix authentication errors (#193)

Browse Source 
Co-authored-by: Michael Hoennig <michael@hoennig.de>
Reviewed-on: https://dev.hostsharing.net/hostsharing/hs.hsadmin.ng/pulls/193
Reviewed-by: Timotheus Pokorra <timotheus.pokorra@hostsharing.net>
This commit is contained in:
Michael Hoennig
2025-08-28 12:06:15 +02:00
parent 68e642c034
commit f1fc1203ae
4 changed files with 101 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/main/java/net/hostsharing/hsadminng/errors/RestResponseEntityExceptionHandler.java
+9
View File
@@ -16,6 +16,7 @@ import org.springframework.http.converter.HttpMessageNotReadableException;
import org.springframework.lang.Nullable;
import org.springframework.orm.jpa.JpaObjectRetrievalFailureException;
import org.springframework.orm.jpa.JpaSystemException;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.validation.FieldError;
import org.springframework.validation.method.ParameterValidationResult;
import org.springframework.web.bind.MethodArgumentNotValidException;
@@ -44,6 +45,14 @@ public class RestResponseEntityExceptionHandler
@Autowired(required = false)
private final List<RetroactiveTranslator> retroactiveTranslators;
@ExceptionHandler(AccessDeniedException.class)
protected ResponseEntity<CustomErrorResponse> handleAccessDeniedException(
final AccessDeniedException exc, final WebRequest request) {
final var fullMaybeLocalizedMessage = localizedMessage(NestedExceptionUtils.getMostSpecificCause(exc));
final var sprippedMaybeLocalizedMessage = stripTechnicalDetails(fullMaybeLocalizedMessage);
return errorResponse(request, HttpStatus.UNAUTHORIZED, sprippedMaybeLocalizedMessage);
}
@ExceptionHandler(DataIntegrityViolationException.class)
protected ResponseEntity<CustomErrorResponse> handleConflict(
final RuntimeException exc, final WebRequest request) {
src/main/java/net/hostsharing/hsadminng/ping/PingController.java
+2 -2
View File
@@ -1,8 +1,8 @@
package net.hostsharing.hsadminng.ping;
import io.micrometer.core.annotation.Timed;
import io.swagger.v3.oas.annotations.security.SecurityRequirement;
import net.hostsharing.hsadminng.config.MessageTranslator;
import net.hostsharing.hsadminng.config.NoSecurityRequirement;
import net.hostsharing.hsadminng.generated.api.v1.api.TestApi;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.ResponseEntity;
@@ -12,7 +12,7 @@ import org.springframework.web.bind.annotation.RestController;
@RestController
@PreAuthorize("isAuthenticated()")
@SecurityRequirement(name = "casTicket")
@NoSecurityRequirement
public class PingController implements TestApi {
@Autowired