Source code

001/*
002 * #%L
003 * HAPI FHIR - Core Library
004 * %%
005 * Copyright (C) 2014 - 2023 Smile CDR, Inc.
006 * %%
007 * Licensed under the Apache License, Version 2.0 (the "License");
008 * you may not use this file except in compliance with the License.
009 * You may obtain a copy of the License at
010 *
011 *      http://www.apache.org/licenses/LICENSE-2.0
012 *
013 * Unless required by applicable law or agreed to in writing, software
014 * distributed under the License is distributed on an "AS IS" BASIS,
015 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
016 * See the License for the specific language governing permissions and
017 * limitations under the License.
018 * #L%
019 */
020package ca.uhn.fhir.rest.server.exceptions;
021
022import org.hl7.fhir.instance.model.api.IBaseOperationOutcome;
023
024import ca.uhn.fhir.rest.api.Constants;
025import ca.uhn.fhir.util.CoverageIgnore;
026
027/**
028 * This Represents an <b>HTTP 403 Forbidden</b> response, which generally indicates one of two conditions:
029 * <ul>
030 * <li>Authentication was provided, but the authenticated user is not permitted to perform the requested operation.</li>
031 * <li>The operation is forbidden to all users. Repeating the request with authentication would serve no purpose.</li>
032 * </ul>
033 * 
034 * <p>
035 * For security failures, you should use
036 * {@link AuthenticationException} if you want to indicate that the
037 * user could not be authenticated (e.g. credential failures), also 
038 * known as an <b>authentication</b> failure. 
039 * You should use {@link ForbiddenOperationException} if you want to 
040 * indicate that the authenticated user does not have permission to
041 * perform the requested operation, also known as an <b>authorization</b>
042 * failure.
043 * </p>
044 * <p>
045 * Note that a complete list of RESTful exceptions is available in the <a href="./package-summary.html">Package
046 * Summary</a>.
047 * </p>
048 */
049@CoverageIgnore
050public class ForbiddenOperationException extends BaseServerResponseException {
051
052        public static final int STATUS_CODE = Constants.STATUS_HTTP_403_FORBIDDEN;
053        private static final long serialVersionUID = 1L;
054
055        public ForbiddenOperationException(String theMessage) {
056                super(STATUS_CODE, theMessage);
057        }
058
059        /**
060         * Constructor
061         * 
062         * @param theMessage
063         *            The message
064         * @param theOperationOutcome
065         *            The OperationOutcome resource to return to the client
066         */
067        public ForbiddenOperationException(String theMessage, IBaseOperationOutcome theOperationOutcome) {
068                super(STATUS_CODE, theMessage, theOperationOutcome);
069        }
070
071}