From c04b95043d51b19705b36fccc8b5725499d8690a Mon Sep 17 00:00:00 2001 From: Chris Smalley Date: Fri, 27 Sep 2019 08:56:07 -0700 Subject: [PATCH] fix(error): Swap out AccessDeniedExceptionHandler for FiatAccessDeniedExceptionHandler (#600) --- .../front50/config/Front50WebConfig.groovy | 6 +- .../AccessDeniedExceptionHandler.java | 55 ------------------- gradle.properties | 2 +- 3 files changed, 4 insertions(+), 59 deletions(-) delete mode 100644 front50-web/src/main/groovy/com/netflix/spinnaker/front50/exceptions/AccessDeniedExceptionHandler.java diff --git a/front50-web/src/main/groovy/com/netflix/spinnaker/front50/config/Front50WebConfig.groovy b/front50-web/src/main/groovy/com/netflix/spinnaker/front50/config/Front50WebConfig.groovy index c57282eee..7f851bb23 100644 --- a/front50-web/src/main/groovy/com/netflix/spinnaker/front50/config/Front50WebConfig.groovy +++ b/front50-web/src/main/groovy/com/netflix/spinnaker/front50/config/Front50WebConfig.groovy @@ -19,8 +19,8 @@ package com.netflix.spinnaker.front50.config import com.netflix.hystrix.exception.HystrixRuntimeException import com.netflix.spectator.api.Registry import com.netflix.spinnaker.fiat.shared.EnableFiatAutoConfig +import com.netflix.spinnaker.fiat.shared.FiatAccessDeniedExceptionHandler import com.netflix.spinnaker.filters.AuthenticatedRequestFilter -import com.netflix.spinnaker.front50.exceptions.AccessDeniedExceptionHandler import com.netflix.spinnaker.front50.model.application.ApplicationDAO import com.netflix.spinnaker.front50.model.application.ApplicationPermissionDAO import com.netflix.spinnaker.front50.model.delivery.DeliveryRepository @@ -135,8 +135,8 @@ public class Front50WebConfig extends WebMvcConfigurerAdapter { } @Bean - AccessDeniedExceptionHandler accessDeniedExceptionHandler() { - return new AccessDeniedExceptionHandler() + FiatAccessDeniedExceptionHandler fiatAccessDeniedExceptionHandler() { + return new FiatAccessDeniedExceptionHandler() } @ControllerAdvice diff --git a/front50-web/src/main/groovy/com/netflix/spinnaker/front50/exceptions/AccessDeniedExceptionHandler.java b/front50-web/src/main/groovy/com/netflix/spinnaker/front50/exceptions/AccessDeniedExceptionHandler.java deleted file mode 100644 index d01266adf..000000000 --- a/front50-web/src/main/groovy/com/netflix/spinnaker/front50/exceptions/AccessDeniedExceptionHandler.java +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Copyright 2017 Netflix, Inc. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package com.netflix.spinnaker.front50.exceptions; - -import java.io.IOException; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.boot.web.servlet.error.DefaultErrorAttributes; -import org.springframework.http.HttpStatus; -import org.springframework.security.access.AccessDeniedException; -import org.springframework.web.bind.annotation.ControllerAdvice; -import org.springframework.web.bind.annotation.ExceptionHandler; - -@ControllerAdvice -public class AccessDeniedExceptionHandler { - private final Logger log = LoggerFactory.getLogger(getClass()); - - private final DefaultErrorAttributes defaultErrorAttributes = new DefaultErrorAttributes(); - - @ExceptionHandler(AccessDeniedException.class) - public void handleNotFoundException( - Exception e, HttpServletResponse response, HttpServletRequest request) throws IOException { - storeException(request, response, e); - log.error( - "Encountered exception while processing request {}:{}", - request.getMethod(), - request.getRequestURI(), - e); - - response.sendError(HttpStatus.FORBIDDEN.value(), "Access is denied"); - } - - private void storeException( - HttpServletRequest request, HttpServletResponse response, Exception ex) { - // store exception as an attribute of HttpServletRequest such that it can be referenced by - // GenericErrorController - defaultErrorAttributes.resolveException(request, response, null, ex); - } -} diff --git a/gradle.properties b/gradle.properties index 266ccf830..d76903ce6 100644 --- a/gradle.properties +++ b/gradle.properties @@ -1,6 +1,6 @@ #Mon Sep 23 22:51:13 UTC 2019 clouddriverVersion=5.3.0 -fiatVersion=1.1.0 +fiatVersion=1.5.1 enablePublishing=false spinnakerGradleVersion=7.0.1 korkVersion=6.10.0