private ModelAndView createModelAndView(User user) {
ModelAndView mv = new ModelAndView("privilege");
mv.addObject("user", user);
// Create triplet list
List<PrivilegeTriplet> triplets = new ArrayList<PrivilegeTriplet>();
EnumSet<Privilege> usersprivilege = SecurityContext.getAllAssociatedPrivileges(user);
for (Privilege privilege : Privilege.values()) {
PrivilegeTriplet newTriplet = new PrivilegeTriplet();
newTriplet.setPrivilege(privilege);
if (usersprivilege.contains(privilege)) {
newTriplet.setPermitted(true);
}
newTriplet.setRole(privilege.getAssociatedRole());
triplets.add(newTriplet);
}
mv.addObject("privilegetriplets", triplets);
return mv;
}
@RequestMapping("/privilegeeditsubmit")
public ModelAndView privilegeEditSubmit(@RequestParam Map<String, String> params) {
SecurityContext.assertUserHasPrivilege(Privilege.MANAGE_USERS);
User user = getRequiredEntity(Long.parseLong(params.get("id")));
// ModelAndView mv = new ModelAndView("redirect:user", "username", user.getUserName());
ModelAndView mv = new ModelAndView("redirect:/user/" + user.getUserName());
params.remove("id");
user.getPrivileges().clear();
for (Map.Entry<String, String> entry : params.entrySet()) {
try {
user.getPrivileges().add(Privilege.valueOf(entry.getKey()));
} catch (Exception e) {
throw new IllegalArgumentException("parameters should only contains Id and privileges");
}
}
// em.merge(user); Not needed (we did not modify the user, we changed the .privilege
// collection). Save will happen with dirty checking.
return mv;
}
