001/* 002 * #%L 003 * HAPI FHIR - Core Library 004 * %% 005 * Copyright (C) 2014 - 2025 Smile CDR, Inc. 006 * %% 007 * Licensed under the Apache License, Version 2.0 (the "License"); 008 * you may not use this file except in compliance with the License. 009 * You may obtain a copy of the License at 010 * 011 * http://www.apache.org/licenses/LICENSE-2.0 012 * 013 * Unless required by applicable law or agreed to in writing, software 014 * distributed under the License is distributed on an "AS IS" BASIS, 015 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 016 * See the License for the specific language governing permissions and 017 * limitations under the License. 018 * #L% 019 */ 020package ca.uhn.fhir.rest.server.exceptions; 021 022import ca.uhn.fhir.rest.api.Constants; 023import ca.uhn.fhir.util.CoverageIgnore; 024import org.hl7.fhir.instance.model.api.IBaseOperationOutcome; 025 026/** 027 * This Represents an <b>HTTP 403 Forbidden</b> response, which generally indicates one of two conditions: 028 * <ul> 029 * <li>Authentication was provided, but the authenticated user is not permitted to perform the requested operation.</li> 030 * <li>The operation is forbidden to all users. Repeating the request with authentication would serve no purpose.</li> 031 * </ul> 032 * 033 * <p> 034 * For security failures, you should use 035 * {@link AuthenticationException} if you want to indicate that the 036 * user could not be authenticated (e.g. credential failures), also 037 * known as an <b>authentication</b> failure. 038 * You should use {@link ForbiddenOperationException} if you want to 039 * indicate that the authenticated user does not have permission to 040 * perform the requested operation, also known as an <b>authorization</b> 041 * failure. 042 * </p> 043 * <p> 044 * Note that a complete list of RESTful exceptions is available in the <a href="./package-summary.html">Package 045 * Summary</a>. 046 * </p> 047 */ 048@CoverageIgnore 049public class ForbiddenOperationException extends BaseServerResponseException { 050 051 public static final int STATUS_CODE = Constants.STATUS_HTTP_403_FORBIDDEN; 052 private static final long serialVersionUID = 1L; 053 054 public ForbiddenOperationException(String theMessage) { 055 super(STATUS_CODE, theMessage); 056 } 057 058 /** 059 * Constructor 060 * 061 * @param theMessage 062 * The message 063 * @param theOperationOutcome 064 * The OperationOutcome resource to return to the client 065 */ 066 public ForbiddenOperationException(String theMessage, IBaseOperationOutcome theOperationOutcome) { 067 super(STATUS_CODE, theMessage, theOperationOutcome); 068 } 069}