001package ca.uhn.fhir.rest.server.exceptions;
002
003import org.hl7.fhir.instance.model.api.IBaseOperationOutcome;
004
005import ca.uhn.fhir.rest.api.Constants;
006import ca.uhn.fhir.util.CoverageIgnore;
007
008/*
009 * #%L
010 * HAPI FHIR - Core Library
011 * %%
012 * Copyright (C) 2014 - 2021 Smile CDR, Inc.
013 * %%
014 * Licensed under the Apache License, Version 2.0 (the "License");
015 * you may not use this file except in compliance with the License.
016 * You may obtain a copy of the License at
017 *
018 *      http://www.apache.org/licenses/LICENSE-2.0
019 *
020 * Unless required by applicable law or agreed to in writing, software
021 * distributed under the License is distributed on an "AS IS" BASIS,
022 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
023 * See the License for the specific language governing permissions and
024 * limitations under the License.
025 * #L%
026 */
027
028/**
029 * This Represents an <b>HTTP 403 Forbidden</b> response, which generally indicates one of two conditions:
030 * <ul>
031 * <li>Authentication was provided, but the authenticated user is not permitted to perform the requested operation.</li>
032 * <li>The operation is forbidden to all users. Repeating the request with authentication would serve no purpose.</li>
033 * </ul>
034 * 
035 * <p>
036 * For security failures, you should use
037 * {@link AuthenticationException} if you want to indicate that the
038 * user could not be authenticated (e.g. credential failures), also 
039 * known as an <b>authentication</b> failure. 
040 * You should use {@link ForbiddenOperationException} if you want to 
041 * indicate that the authenticated user does not have permission to
042 * perform the requested operation, also known as an <b>authorization</b>
043 * failure.
044 * </p>
045 * <p>
046 * Note that a complete list of RESTful exceptions is available in the <a href="./package-summary.html">Package
047 * Summary</a>.
048 * </p>
049 */
050@CoverageIgnore
051public class ForbiddenOperationException extends BaseServerResponseException {
052
053        public static final int STATUS_CODE = Constants.STATUS_HTTP_403_FORBIDDEN;
054        private static final long serialVersionUID = 1L;
055
056        public ForbiddenOperationException(String theMessage) {
057                super(STATUS_CODE, theMessage);
058        }
059
060        /**
061         * Constructor
062         * 
063         * @param theMessage
064         *            The message
065         * @param theOperationOutcome
066         *            The OperationOutcome resource to return to the client
067         */
068        public ForbiddenOperationException(String theMessage, IBaseOperationOutcome theOperationOutcome) {
069                super(STATUS_CODE, theMessage, theOperationOutcome);
070        }
071
072}