private boolean hasAccess(Permission privilegio) {
if (privilegio == null) {
return true;
}
Collection<Privilegio> privilegioList = Arrays.asList(privilegio.value());
return privilegioList.contains(usuarioSession.getUsuario().getPrivilegio());
}
public void intercept(InterceptorStack stack, ResourceMethod method, Object resourceInstance) {
if (usuarioSession.getUsuario() != null) {
Permission methodPermission = method.getMethod().getAnnotation(Permission.class);
Permission controllerPermission =
method.getResource().getType().getAnnotation(Permission.class);
if (this.hasAccess(methodPermission) && this.hasAccess(controllerPermission)) {
stack.next(method, resourceInstance);
} else {
result.redirectTo(LoginController.class).acessoNegado();
}
} else {
result.redirectTo(LoginController.class).login();
}
}
