diff options
author | jbion <joffrey.bion@amadeus.com> | 2017-05-27 22:30:52 +0200 |
---|---|---|
committer | jbion <joffrey.bion@amadeus.com> | 2017-05-27 22:30:52 +0200 |
commit | b53d645ecf8845798ca96c5761404937f9561904 (patch) | |
tree | 09ea932189a8e4ef580b97b15da50e656f6fa43a /backend/src/main | |
parent | Backport javadoc (diff) | |
download | seven-wonders-b53d645ecf8845798ca96c5761404937f9561904.tar.gz seven-wonders-b53d645ecf8845798ca96c5761404937f9561904.tar.bz2 seven-wonders-b53d645ecf8845798ca96c5761404937f9561904.zip |
Improve forbidden subscription exception message
Diffstat (limited to 'backend/src/main')
-rw-r--r-- | backend/src/main/java/org/luxons/sevenwonders/config/TopicSubscriptionInterceptor.java | 16 |
1 files changed, 10 insertions, 6 deletions
diff --git a/backend/src/main/java/org/luxons/sevenwonders/config/TopicSubscriptionInterceptor.java b/backend/src/main/java/org/luxons/sevenwonders/config/TopicSubscriptionInterceptor.java index f8d92068..27f3bd24 100644 --- a/backend/src/main/java/org/luxons/sevenwonders/config/TopicSubscriptionInterceptor.java +++ b/backend/src/main/java/org/luxons/sevenwonders/config/TopicSubscriptionInterceptor.java @@ -1,7 +1,6 @@ package org.luxons.sevenwonders.config; -import java.security.Principal; - +import org.luxons.sevenwonders.errors.ApiMisuseException; import org.luxons.sevenwonders.validation.DestinationAccessValidator; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.messaging.Message; @@ -25,14 +24,19 @@ public class TopicSubscriptionInterceptor extends ChannelInterceptorAdapter { public Message<?> preSend(Message<?> message, MessageChannel channel) { StompHeaderAccessor headerAccessor = StompHeaderAccessor.wrap(message); if (StompCommand.SUBSCRIBE.equals(headerAccessor.getCommand())) { - Principal userPrincipal = headerAccessor.getUser(); - if (!destinationAccessValidator.hasAccess(userPrincipal.getName(), headerAccessor.getDestination())) { - throw new ForbiddenSubscriptionException(); + String username = headerAccessor.getUser().getName(); + String destination = headerAccessor.getDestination(); + if (!destinationAccessValidator.hasAccess(username, destination)) { + throw new ForbiddenSubscriptionException(username, destination); } } return message; } - private static class ForbiddenSubscriptionException extends RuntimeException { + private static class ForbiddenSubscriptionException extends ApiMisuseException { + + ForbiddenSubscriptionException(String username, String destination) { + super(String.format("Player '%s' is not allowed to access %s", username, destination)); + } } } |