=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/indicator/Indicator.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/indicator/Indicator.java	2013-03-07 15:02:47 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/indicator/Indicator.java	2013-03-20 07:28:44 +0000
@@ -164,12 +164,6 @@
         return name.equals( other.getName() );
     }
 
-    @Override
-    public String toString()
-    {
-        return "[" + name + "]";
-    }
-
     // -------------------------------------------------------------------------
     // Logic
     // -------------------------------------------------------------------------

=== modified file 'dhis-2/dhis-support/dhis-support-hibernate/src/main/java/org/hisp/dhis/hibernate/HibernateGenericStore.java'
--- dhis-2/dhis-support/dhis-support-hibernate/src/main/java/org/hisp/dhis/hibernate/HibernateGenericStore.java	2013-03-20 04:29:27 +0000
+++ dhis-2/dhis-support/dhis-support-hibernate/src/main/java/org/hisp/dhis/hibernate/HibernateGenericStore.java	2013-03-20 07:28:44 +0000
@@ -41,12 +41,15 @@
 import org.hisp.dhis.common.GenericNameableObjectStore;
 import org.hisp.dhis.common.IdentifiableObject;
 import org.hisp.dhis.common.SharingUtils;
+import org.hisp.dhis.hibernate.exception.CreateAccessDeniedException;
+import org.hisp.dhis.hibernate.exception.DeleteAccessDeniedException;
+import org.hisp.dhis.hibernate.exception.ReadAccessDeniedException;
+import org.hisp.dhis.hibernate.exception.UpdateAccessDeniedException;
 import org.hisp.dhis.user.CurrentUserService;
 import org.hisp.dhis.user.User;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Required;
 import org.springframework.jdbc.core.JdbcTemplate;
-import org.springframework.security.access.AccessDeniedException;
 
 import java.util.ArrayList;
 import java.util.Collection;
@@ -212,7 +215,7 @@
         if ( !isWriteAllowed( object ) )
         {
             AuditLogUtil.infoWrapper( log, currentUserService.getCurrentUsername(), object, AuditLogUtil.ACTION_CREATE_DENIED );
-            throw new AccessDeniedException( "You do not have write access to object." );
+            throw new CreateAccessDeniedException( object.toString() );
         }
 
         if ( currentUserService.getCurrentUser() != null && SharingUtils.isSupported( clazz ) )
@@ -240,7 +243,7 @@
             else
             {
                 AuditLogUtil.infoWrapper( log, currentUserService.getCurrentUsername(), object, AuditLogUtil.ACTION_CREATE_DENIED );
-                throw new AccessDeniedException( "You are not allowed to create public or private objects of this kind." );
+                throw new CreateAccessDeniedException( object.toString() );
             }
         }
 
@@ -254,7 +257,7 @@
         if ( !isUpdateAllowed( object ) )
         {
             AuditLogUtil.infoWrapper( log, currentUserService.getCurrentUsername(), object, AuditLogUtil.ACTION_UPDATE_DENIED );
-            throw new AccessDeniedException( "You do not have update access to object." );
+            throw new UpdateAccessDeniedException( object.toString() );
         }
 
         AuditLogUtil.infoWrapper( log, currentUserService.getCurrentUsername(), object, AuditLogUtil.ACTION_UPDATE );
@@ -270,7 +273,7 @@
         if ( !isReadAllowed( object ) )
         {
             AuditLogUtil.infoWrapper( log, currentUserService.getCurrentUsername(), object, AuditLogUtil.ACTION_READ_DENIED );
-            throw new AccessDeniedException( "You do not have read access to object with id " + id + "." );
+            throw new ReadAccessDeniedException( object.toString() );
         }
 
         return object;
@@ -285,7 +288,7 @@
         if ( !isReadAllowed( object ) )
         {
             AuditLogUtil.infoWrapper( log, currentUserService.getCurrentUsername(), object, AuditLogUtil.ACTION_READ_DENIED );
-            throw new AccessDeniedException( "You do not have read access to object with id " + id );
+            throw new ReadAccessDeniedException( object.toString() );
         }
 
         return object;
@@ -299,7 +302,7 @@
         if ( !isReadAllowed( object ) )
         {
             AuditLogUtil.infoWrapper( log, currentUserService.getCurrentUsername(), object, AuditLogUtil.ACTION_READ_DENIED );
-            throw new AccessDeniedException( "You do not have read access to object with uid " + uid );
+            throw new ReadAccessDeniedException( object.toString() );
         }
 
         return object;
@@ -320,7 +323,7 @@
         if ( !isReadAllowed( object ) )
         {
             AuditLogUtil.infoWrapper( log, currentUserService.getCurrentUsername(), object, AuditLogUtil.ACTION_READ_DENIED );
-            throw new AccessDeniedException( "You do not have read access to object with name " + name );
+            throw new ReadAccessDeniedException( object.toString() );
         }
 
         return object;
@@ -335,7 +338,7 @@
         if ( !isReadAllowed( object ) )
         {
             AuditLogUtil.infoWrapper( log, currentUserService.getCurrentUsername(), object, AuditLogUtil.ACTION_READ_DENIED );
-            throw new AccessDeniedException( "You do not have read access to object with shortName " + shortName );
+            throw new ReadAccessDeniedException( object.toString() );
         }
 
         return object;
@@ -349,7 +352,7 @@
         if ( !isReadAllowed( object ) )
         {
             AuditLogUtil.infoWrapper( log, currentUserService.getCurrentUsername(), object, AuditLogUtil.ACTION_READ_DENIED );
-            throw new AccessDeniedException( "You do not have read access to object with code " + code );
+            throw new ReadAccessDeniedException( object.toString() );
         }
 
         return object;
@@ -361,7 +364,7 @@
         if ( !isDeleteAllowed( object ) )
         {
             AuditLogUtil.infoWrapper( log, currentUserService.getCurrentUsername(), object, AuditLogUtil.ACTION_DELETE_DENIED );
-            throw new AccessDeniedException( "You do not have delete access to this object." );
+            throw new DeleteAccessDeniedException( object.toString() );
         }
 
         AuditLogUtil.infoWrapper( log, currentUserService.getCurrentUsername(), object, AuditLogUtil.ACTION_DELETE );

=== added directory 'dhis-2/dhis-support/dhis-support-hibernate/src/main/java/org/hisp/dhis/hibernate/exception'
=== added file 'dhis-2/dhis-support/dhis-support-hibernate/src/main/java/org/hisp/dhis/hibernate/exception/CreateAccessDeniedException.java'
--- dhis-2/dhis-support/dhis-support-hibernate/src/main/java/org/hisp/dhis/hibernate/exception/CreateAccessDeniedException.java	1970-01-01 00:00:00 +0000
+++ dhis-2/dhis-support/dhis-support-hibernate/src/main/java/org/hisp/dhis/hibernate/exception/CreateAccessDeniedException.java	2013-03-20 07:28:44 +0000
@@ -0,0 +1,41 @@
+package org.hisp.dhis.hibernate.exception;
+
+/*
+ * Copyright (c) 2004-2013, University of Oslo
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ * * Redistributions of source code must retain the above copyright notice, this
+ *   list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright notice,
+ *   this list of conditions and the following disclaimer in the documentation
+ *   and/or other materials provided with the distribution.
+ * * Neither the name of the HISP project nor the names of its contributors may
+ *   be used to endorse or promote products derived from this software without
+ *   specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
+ * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+import org.springframework.security.access.AccessDeniedException;
+
+/**
+ * @author Morten Olav Hansen <mortenoh@gmail.com>
+ */
+public class CreateAccessDeniedException extends AccessDeniedException
+{
+    public CreateAccessDeniedException( String msg )
+    {
+        super( msg );
+    }
+}

=== added file 'dhis-2/dhis-support/dhis-support-hibernate/src/main/java/org/hisp/dhis/hibernate/exception/DeleteAccessDeniedException.java'
--- dhis-2/dhis-support/dhis-support-hibernate/src/main/java/org/hisp/dhis/hibernate/exception/DeleteAccessDeniedException.java	1970-01-01 00:00:00 +0000
+++ dhis-2/dhis-support/dhis-support-hibernate/src/main/java/org/hisp/dhis/hibernate/exception/DeleteAccessDeniedException.java	2013-03-20 07:28:44 +0000
@@ -0,0 +1,41 @@
+package org.hisp.dhis.hibernate.exception;
+
+/*
+ * Copyright (c) 2004-2013, University of Oslo
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ * * Redistributions of source code must retain the above copyright notice, this
+ *   list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright notice,
+ *   this list of conditions and the following disclaimer in the documentation
+ *   and/or other materials provided with the distribution.
+ * * Neither the name of the HISP project nor the names of its contributors may
+ *   be used to endorse or promote products derived from this software without
+ *   specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
+ * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+import org.springframework.security.access.AccessDeniedException;
+
+/**
+ * @author Morten Olav Hansen <mortenoh@gmail.com>
+ */
+public class DeleteAccessDeniedException extends AccessDeniedException
+{
+    public DeleteAccessDeniedException( String msg )
+    {
+        super( msg );
+    }
+}

=== added file 'dhis-2/dhis-support/dhis-support-hibernate/src/main/java/org/hisp/dhis/hibernate/exception/ReadAccessDeniedException.java'
--- dhis-2/dhis-support/dhis-support-hibernate/src/main/java/org/hisp/dhis/hibernate/exception/ReadAccessDeniedException.java	1970-01-01 00:00:00 +0000
+++ dhis-2/dhis-support/dhis-support-hibernate/src/main/java/org/hisp/dhis/hibernate/exception/ReadAccessDeniedException.java	2013-03-20 07:28:44 +0000
@@ -0,0 +1,41 @@
+package org.hisp.dhis.hibernate.exception;
+
+/*
+ * Copyright (c) 2004-2013, University of Oslo
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ * * Redistributions of source code must retain the above copyright notice, this
+ *   list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright notice,
+ *   this list of conditions and the following disclaimer in the documentation
+ *   and/or other materials provided with the distribution.
+ * * Neither the name of the HISP project nor the names of its contributors may
+ *   be used to endorse or promote products derived from this software without
+ *   specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
+ * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+import org.springframework.security.access.AccessDeniedException;
+
+/**
+ * @author Morten Olav Hansen <mortenoh@gmail.com>
+ */
+public class ReadAccessDeniedException extends AccessDeniedException
+{
+    public ReadAccessDeniedException( String msg )
+    {
+        super( msg );
+    }
+}

=== added file 'dhis-2/dhis-support/dhis-support-hibernate/src/main/java/org/hisp/dhis/hibernate/exception/UpdateAccessDeniedException.java'
--- dhis-2/dhis-support/dhis-support-hibernate/src/main/java/org/hisp/dhis/hibernate/exception/UpdateAccessDeniedException.java	1970-01-01 00:00:00 +0000
+++ dhis-2/dhis-support/dhis-support-hibernate/src/main/java/org/hisp/dhis/hibernate/exception/UpdateAccessDeniedException.java	2013-03-20 07:28:44 +0000
@@ -0,0 +1,41 @@
+package org.hisp.dhis.hibernate.exception;
+
+/*
+ * Copyright (c) 2004-2013, University of Oslo
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ * * Redistributions of source code must retain the above copyright notice, this
+ *   list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright notice,
+ *   this list of conditions and the following disclaimer in the documentation
+ *   and/or other materials provided with the distribution.
+ * * Neither the name of the HISP project nor the names of its contributors may
+ *   be used to endorse or promote products derived from this software without
+ *   specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
+ * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+import org.springframework.security.access.AccessDeniedException;
+
+/**
+ * @author Morten Olav Hansen <mortenoh@gmail.com>
+ */
+public class UpdateAccessDeniedException extends AccessDeniedException
+{
+    public UpdateAccessDeniedException( String msg )
+    {
+        super( msg );
+    }
+}

=== removed file 'dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/accessDenied.vm'
--- dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/accessDenied.vm	2011-08-18 11:24:10 +0000
+++ dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/accessDenied.vm	1970-01-01 00:00:00 +0000
@@ -1,30 +0,0 @@
-<!DOCTYPE HTML>
-<html>
-<head>
-	<title>DHIS 2</title>
-	<style>
-	*
-	{
-		font-family: tahoma, sans-serif;
-	}
-
-	p
-	{
-		font-size: 10pt;
-	}
-	</style>
-</head>
-<body>
-
-## -------------------------------------------------------------------------- ##
-
-<h2>$i18n.getString( "access_denied" )</h2>
-
-<p>$encoder.htmlEncode( $i18n.getString( "access_denied_message" ) )</p>
-
-<p><input type="button" value="$encoder.htmlEncode( $i18n.getString( "go_back" ) )" onclick="window.history.back()"></p>
-
-## -------------------------------------------------------------------------- ##
-
-</body>
-</html>

=== added file 'dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/createAccessDenied.vm'
--- dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/createAccessDenied.vm	1970-01-01 00:00:00 +0000
+++ dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/createAccessDenied.vm	2013-03-20 07:28:44 +0000
@@ -0,0 +1,30 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+	<title>DHIS 2</title>
+	<style>
+	*
+	{
+		font-family: tahoma, sans-serif;
+	}
+
+	p
+	{
+		font-size: 10pt;
+	}
+	</style>
+</head>
+<body>
+
+## -------------------------------------------------------------------------- ##
+
+<h2>$i18n.getString( "access_denied" )</h2>
+
+<p>$encoder.htmlEncode( $i18n.getString( "create_access_denied_message" ) ) $exception.message</p>
+
+<p><input type="button" value="$encoder.htmlEncode( $i18n.getString( "go_back" ) )" onclick="window.history.back()"></p>
+
+## -------------------------------------------------------------------------- ##
+
+</body>
+</html>

=== added file 'dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/deleteAccessDenied.vm'
--- dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/deleteAccessDenied.vm	1970-01-01 00:00:00 +0000
+++ dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/deleteAccessDenied.vm	2013-03-20 07:28:44 +0000
@@ -0,0 +1,30 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+	<title>DHIS 2</title>
+	<style>
+	*
+	{
+		font-family: tahoma, sans-serif;
+	}
+
+	p
+	{
+		font-size: 10pt;
+	}
+	</style>
+</head>
+<body>
+
+## -------------------------------------------------------------------------- ##
+
+<h2>$i18n.getString( "access_denied" )</h2>
+
+<p>$encoder.htmlEncode( $i18n.getString( "delete_access_denied_message" ) ) $exception.message</p>
+
+<p><input type="button" value="$encoder.htmlEncode( $i18n.getString( "go_back" ) )" onclick="window.history.back()"></p>
+
+## -------------------------------------------------------------------------- ##
+
+</body>
+</html>

=== added file 'dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/pageAccessDenied.vm'
--- dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/pageAccessDenied.vm	1970-01-01 00:00:00 +0000
+++ dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/pageAccessDenied.vm	2013-03-20 07:28:44 +0000
@@ -0,0 +1,30 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+	<title>DHIS 2</title>
+	<style>
+	*
+	{
+		font-family: tahoma, sans-serif;
+	}
+
+	p
+	{
+		font-size: 10pt;
+	}
+	</style>
+</head>
+<body>
+
+## -------------------------------------------------------------------------- ##
+
+<h2>$i18n.getString( "access_denied" )</h2>
+
+<p>$encoder.htmlEncode( $i18n.getString( "access_denied_message" ) )</p>
+
+<p><input type="button" value="$encoder.htmlEncode( $i18n.getString( "go_back" ) )" onclick="window.history.back()"></p>
+
+## -------------------------------------------------------------------------- ##
+
+</body>
+</html>

=== added file 'dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/readAccessDenied.vm'
--- dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/readAccessDenied.vm	1970-01-01 00:00:00 +0000
+++ dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/readAccessDenied.vm	2013-03-20 07:28:44 +0000
@@ -0,0 +1,30 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+	<title>DHIS 2</title>
+	<style>
+	*
+	{
+		font-family: tahoma, sans-serif;
+	}
+
+	p
+	{
+		font-size: 10pt;
+	}
+	</style>
+</head>
+<body>
+
+## -------------------------------------------------------------------------- ##
+
+<h2>$i18n.getString( "access_denied" )</h2>
+
+<p>$encoder.htmlEncode( $i18n.getString( "read_access_denied_message" ) ) $exception.message</p>
+
+<p><input type="button" value="$encoder.htmlEncode( $i18n.getString( "go_back" ) )" onclick="window.history.back()"></p>
+
+## -------------------------------------------------------------------------- ##
+
+</body>
+</html>

=== added file 'dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/updateAccessDenied.vm'
--- dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/updateAccessDenied.vm	1970-01-01 00:00:00 +0000
+++ dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/updateAccessDenied.vm	2013-03-20 07:28:44 +0000
@@ -0,0 +1,30 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+	<title>DHIS 2</title>
+	<style>
+	*
+	{
+		font-family: tahoma, sans-serif;
+	}
+
+	p
+	{
+		font-size: 10pt;
+	}
+	</style>
+</head>
+<body>
+
+## -------------------------------------------------------------------------- ##
+
+<h2>$i18n.getString( "access_denied" )</h2>
+
+<p>$encoder.htmlEncode( $i18n.getString( "update_access_denied_message" ) ) $exception.message</p>
+
+<p><input type="button" value="$encoder.htmlEncode( $i18n.getString( "go_back" ) )" onclick="window.history.back()"></p>
+
+## -------------------------------------------------------------------------- ##
+
+</body>
+</html>

=== modified file 'dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/interceptor/ExceptionInterceptor.java'
--- dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/interceptor/ExceptionInterceptor.java	2013-03-20 04:29:27 +0000
+++ dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/interceptor/ExceptionInterceptor.java	2013-03-20 07:28:44 +0000
@@ -31,6 +31,10 @@
 import com.opensymphony.xwork2.interceptor.Interceptor;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
+import org.hisp.dhis.hibernate.exception.CreateAccessDeniedException;
+import org.hisp.dhis.hibernate.exception.DeleteAccessDeniedException;
+import org.hisp.dhis.hibernate.exception.ReadAccessDeniedException;
+import org.hisp.dhis.hibernate.exception.UpdateAccessDeniedException;
 import org.springframework.security.access.AccessDeniedException;
 import org.springframework.security.authentication.InsufficientAuthenticationException;
 
@@ -57,8 +61,14 @@
     public static final String EXCEPTION_RESULT_KEY = "onExceptionReturn";
     public static final String EXCEPTION_RESULT_DEFAULT = "exceptionDefault";
     public static final String EXCEPTION_RESULT_PLAIN_TEXT = "plainTextError";
-    public static final String EXCEPTION_RESULT_ACCESS_DENIED = "accessDenied";
-    public static final String EXCEPTION_RESULT_JSON_ACCESS_DENIED = "jsonAccessDenied";
+    public static final String EXCEPTION_RESULT_PAGE_ACCESS_DENIED = "pageAccessDenied";
+    public static final String EXCEPTION_RESULT_PAGE_JSON_ACCESS_DENIED = "jsonAccessDenied";
+
+    public static final String EXCEPTION_RESULT_CREATE_ACCESS_DENIED = "createAccessDenied";
+    public static final String EXCEPTION_RESULT_READ_ACCESS_DENIED = "readAccessDenied";
+    public static final String EXCEPTION_RESULT_UPDATE_ACCESS_DENIED = "updateAccessDenied";
+    public static final String EXCEPTION_RESULT_DELETE_ACCESS_DENIED = "deleteAccessDenied";
+
     public static final String TEMPLATE_KEY_EXCEPTION = "exception";
     public static final String TEMPLATE_KEY_SHOW_STACK_TRACE = "showStackTrace";
 
@@ -116,14 +126,34 @@
             Map<?, ?> params = actionInvocation.getProxy().getConfig().getParams();
             String exceptionResultName = (String) params.get( EXCEPTION_RESULT_KEY );
 
+            if ( e instanceof CreateAccessDeniedException )
+            {
+                return EXCEPTION_RESULT_CREATE_ACCESS_DENIED;
+            }
+
+            if ( e instanceof ReadAccessDeniedException )
+            {
+                return EXCEPTION_RESULT_READ_ACCESS_DENIED;
+            }
+
+            if ( e instanceof UpdateAccessDeniedException )
+            {
+                return EXCEPTION_RESULT_UPDATE_ACCESS_DENIED;
+            }
+
+            if ( e instanceof DeleteAccessDeniedException )
+            {
+                return EXCEPTION_RESULT_DELETE_ACCESS_DENIED;
+            }
+
             if ( e instanceof AccessDeniedException || e instanceof InsufficientAuthenticationException )
             {
                 if ( EXCEPTION_RESULT_PLAIN_TEXT.equals( exceptionResultName ) )
                 {
-                    return EXCEPTION_RESULT_JSON_ACCESS_DENIED; // Access denied as JSON
+                    return EXCEPTION_RESULT_PAGE_JSON_ACCESS_DENIED; // Access denied as JSON
                 }
 
-                return EXCEPTION_RESULT_ACCESS_DENIED; // Access denied as nice page
+                return EXCEPTION_RESULT_PAGE_ACCESS_DENIED; // Access denied as nice page
             }
 
             // -----------------------------------------------------------------

=== modified file 'dhis-2/dhis-web/dhis-web-commons/src/main/resources/dhis-web-commons.xml'
--- dhis-2/dhis-web/dhis-web-commons/src/main/resources/dhis-web-commons.xml	2013-03-20 04:29:27 +0000
+++ dhis-2/dhis-web/dhis-web-commons/src/main/resources/dhis-web-commons.xml	2013-03-20 07:28:44 +0000
@@ -94,8 +94,12 @@
 
     <global-results>
       <result name="exceptionDefault" type="velocity">/exception.vm</result>
-      <result name="accessDenied" type="velocity">/accessDenied.vm</result>
+      <result name="pageAccessDenied" type="velocity">/pageAccessDenied.vm</result>
       <result name="jsonAccessDenied" type="velocity">/dhis-web-commons/ajax/jsonAccessDenied.vm</result>
+      <result name="createAccessDenied" type="velocity">/createAccessDenied.vm</result>
+      <result name="readAccessDenied" type="velocity">/readAccessDenied.vm</result>
+      <result name="updateAccessDenied" type="velocity">/updateAccessDenied.vm</result>
+      <result name="deleteAccessDenied" type="velocity">/deleteAccessDenied.vm</result>
       <result name="plainTextError" type="plainTextErrorResult">
         <param name="parse">true</param>
         <param name="message">${exception.class.name}: ${exception.message}</param>

=== modified file 'dhis-2/dhis-web/dhis-web-commons/src/main/resources/i18n_global.properties'
--- dhis-2/dhis-web/dhis-web-commons/src/main/resources/i18n_global.properties	2013-03-19 17:09:10 +0000
+++ dhis-2/dhis-web/dhis-web-commons/src/main/resources/i18n_global.properties	2013-03-20 07:28:44 +0000
@@ -17,6 +17,10 @@
 about=About
 access_denied=Access denied
 access_denied_message=You don't have sufficient authority to view this page.
+create_access_denied_message=You don't have create access to type
+read_access_denied_message=You don't have read access to object
+update_access_denied_message=You don't have update access to object
+delete_access_denied_message=You don't have delete access to object
 go_back=Go back
 main_menu=Main menu
 maintenance=Maintenance