search

actframework / act-aaa-plugin

Use OSGL aaa library to mange Authentication/Authorization/Accounting for ActFramework Application
Apache License 2.0
6 stars 2 forks source link

act-aaa should not throw exception for permission check failed #28

Closed leeaee closed 4 years ago

leeaee commented 6 years ago

When using AAA to check permission:

    @GetAction("{id}")
    public User getProfile(@NotNull Long id) {
        User user = dao.get(id);
        notFoundIfNull(user, context.i18n(Messages.ENTITY_ID_NOT_FOUND, User.KEY, id));
        AAA.requirePermission(user, SecurityService.PERM_READ);
        return user;
    }

ACT-AAA now throw exception like:

10:47:21.761 [XNIO-1 task-2] ERROR a.h.b.c.RequestHandlerProxy - Error handling request: [GET] /api/user/2
org.osgl.aaa.NoAccessException: null
    at org.osgl.aaa.AAA.noAccess(AAA.java:1960)
    at org.osgl.aaa.AAA.requirePermission(AAA.java:866)
    at org.osgl.aaa.AAA.requirePermission(AAA.java:887)
    at org.osgl.aaa.AAA.requirePermission(AAA.java:822)
    at org.osgl.aaa.AAA.requirePermission(AAA.java:656)
    at cc.bable.probe.api.UserEndpoint.getProfile(UserEndpoint.java:37)
    at cc.bable.probe.api.UserEndpointMethodAccess.invoke(Unknown Source)
    at act.handler.builtin.controller.impl.ReflectedHandlerInvoker.invoke(ReflectedHandlerInvoker.java:814)
    at act.handler.builtin.controller.impl.ReflectedHandlerInvoker.handle(ReflectedHandlerInvoker.java:479)
    at act.handler.builtin.controller.ControllerAction.handle(ControllerAction.java:48)
    at act.handler.builtin.controller.RequestHandlerProxy._handle(RequestHandlerProxy.java:517)
    at act.handler.builtin.controller.RequestHandlerProxy.handle(RequestHandlerProxy.java:203)
    at act.app.ActionContext.proceedWithHandler(ActionContext.java:1054)
    at act.route.Router$ContextualHandler.handle(Router.java:1595)
    at act.xio.NetworkHandler$3.run(NetworkHandler.java:159)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
    at java.lang.Thread.run(Thread.java:745)

But I think AAA check permission failed can logged as warn information but not print exception trace.

greenlaw110 commented 5 years ago

Fixed in ActFramework: https://github.com/actframework/actframework/commit/50d37ba64897d75b7de230cd5514bdba00888f2a