diff --git a/scm-webapp/src/main/java/sonia/scm/api/rest/AuthorizationExceptionMapper.java b/scm-webapp/src/main/java/sonia/scm/api/rest/AuthorizationExceptionMapper.java index 18070b76df..2f00639a9b 100644 --- a/scm-webapp/src/main/java/sonia/scm/api/rest/AuthorizationExceptionMapper.java +++ b/scm-webapp/src/main/java/sonia/scm/api/rest/AuthorizationExceptionMapper.java @@ -33,15 +33,19 @@ package sonia.scm.api.rest; //~--- non-JDK imports -------------------------------------------------------- +import org.apache.shiro.SecurityUtils; import org.apache.shiro.authz.AuthorizationException; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import sonia.scm.SCMContext; + +import javax.ws.rs.core.MediaType; +import javax.ws.rs.core.Response; +import javax.ws.rs.ext.ExceptionMapper; +import javax.ws.rs.ext.Provider; //~--- JDK imports ------------------------------------------------------------ -import javax.ws.rs.core.Response; -import javax.ws.rs.ext.Provider; - /** * * @author Sebastian Sdorra @@ -49,20 +53,22 @@ import javax.ws.rs.ext.Provider; */ @Provider public class AuthorizationExceptionMapper - extends StatusExceptionMapper + implements ExceptionMapper { private static final Logger LOG = LoggerFactory.getLogger(AuthorizationExceptionMapper.class); - public AuthorizationExceptionMapper() - { - super(AuthorizationException.class, Response.Status.FORBIDDEN); - } - @Override public Response toResponse(AuthorizationException exception) { LOG.info("user is missing permission: {}", exception.getMessage()); - LOG.trace("AuthorizationException:", exception); - return super.toResponse(exception); + LOG.trace(getStatus().toString(), exception); + return Response.status(getStatus()) + .entity(exception.getMessage()) + .type(MediaType.TEXT_PLAIN_TYPE) + .build(); + } + + private Response.Status getStatus() { + return SecurityUtils.getSubject().getPrincipal().equals(SCMContext.USER_ANONYMOUS) ? Response.Status.UNAUTHORIZED : Response.Status.FORBIDDEN; } }