/** Note that details is the only optional field */
 public String createEntity(EntityReference ref, Object entity, Map<String, Object> params) {
   Poll poll = (Poll) entity;
   poll.setCreationDate(new Date());
   if (poll.getId() == null) {
     poll.setId(UUID.randomUUID().toString());
   }
   if (poll.getOwner() == null) {
     poll.setOwner(developerHelperService.getCurrentUserId());
   }
   String siteId = developerHelperService.getCurrentLocationId();
   if (poll.getSiteId() == null) {
     poll.setSiteId(siteId);
   } else {
     siteId = poll.getSiteId();
   }
   String userReference = developerHelperService.getCurrentUserReference();
   String location = "/site/" + siteId;
   boolean allowed =
       developerHelperService.isUserAllowedInEntityReference(
           userReference, PollListManager.PERMISSION_ADD, location);
   if (!allowed) {
     throw new SecurityException(
         "Current user ("
             + userReference
             + ") cannot create polls in location ("
             + location
             + ")");
   }
   pollListManager.savePoll(poll);
   return poll.getPollId() + "";
 }
 @Deprecated
 public List<?> getEntities(EntityReference ref, Search search) {
   // get the pollId
   Restriction pollRes = search.getRestrictionByProperty("pollId");
   if (pollRes == null || pollRes.getSingleValue() == null) {
     throw new IllegalArgumentException(
         "Must include a non-null pollId in order to retreive a list of votes");
   }
   Long pollId = null;
   try {
     pollId = developerHelperService.convert(pollRes.getSingleValue(), Long.class);
   } catch (UnsupportedOperationException e) {
     throw new IllegalArgumentException(
         "Invalid: pollId must be a long number: " + e.getMessage(), e);
   }
   // get the poll
   Poll poll = pollListManager.getPollById(pollId);
   if (poll == null) {
     throw new IllegalArgumentException(
         "pollId (" + pollId + ") is invalid and does not match any known polls");
   } else {
     boolean allowedPublic = pollListManager.isPollPublic(poll);
     if (!allowedPublic) {
       String userReference = developerHelperService.getCurrentUserReference();
       if (userReference == null) {
         throw new EntityException(
             "User must be logged in in order to access poll data",
             ref.getId(),
             HttpServletResponse.SC_UNAUTHORIZED);
       } else {
         boolean allowedManage = false;
         boolean allowedVote = false;
         allowedManage =
             developerHelperService.isUserAllowedInEntityReference(
                 userReference, PollListManager.PERMISSION_ADD, "/site/" + poll.getSiteId());
         allowedVote =
             developerHelperService.isUserAllowedInEntityReference(
                 userReference, PollListManager.PERMISSION_VOTE, "/site/" + poll.getSiteId());
         if (!(allowedManage || allowedVote)) {
           throw new SecurityException(
               "User (" + userReference + ") not allowed to access poll data: " + ref);
         }
       }
     }
   }
   // get the options
   List<Option> options = pollListManager.getOptionsForPoll(pollId);
   return options;
 }
 /**
  * Checks if the given user can create/update/delete options
  *
  * @param userRef
  * @param option
  */
 @Deprecated
 private void checkOptionPermission(String userRef, Option option) {
   if (option.getPollId() == null) {
     throw new IllegalArgumentException(
         "Poll Id must be set in the option to check permissions: " + option);
   }
   Long pollId = option.getPollId();
   // validate poll exists
   Poll poll = pollListManager.getPollById(pollId, false);
   if (poll == null) {
     throw new IllegalArgumentException(
         "Invalid poll id (" + pollId + "), could not find poll from option: " + option);
   }
   // check permissions
   String siteRef = "/site/" + poll.getSiteId();
   if (!developerHelperService.isUserAllowedInEntityReference(
       userRef, PollListManager.PERMISSION_ADD, siteRef)) {
     throw new SecurityException(
         "User ("
             + userRef
             + ") is not allowed to create/update/delete options in this poll ("
             + pollId
             + ")");
   }
 }
 public void updateEntity(EntityReference ref, Object entity, Map<String, Object> params) {
   String id = ref.getId();
   if (id == null) {
     throw new IllegalArgumentException(
         "The reference must include an id for updates (id is currently null)");
   }
   String userReference = developerHelperService.getCurrentUserReference();
   if (userReference == null) {
     throw new SecurityException("anonymous user cannot update poll: " + ref);
   }
   Poll current = getPollById(id);
   if (current == null) {
     throw new IllegalArgumentException("No poll found to update for the given reference: " + ref);
   }
   Poll poll = (Poll) entity;
   String siteId = developerHelperService.getCurrentLocationId();
   if (poll.getSiteId() == null) {
     poll.setSiteId(siteId);
   } else {
     siteId = poll.getSiteId();
   }
   String location = "/site/" + siteId;
   // should this check a different permission?
   boolean allowed =
       developerHelperService.isUserAllowedInEntityReference(
           userReference, PollListManager.PERMISSION_ADD, location);
   if (!allowed) {
     throw new SecurityException(
         "Current user ("
             + userReference
             + ") cannot update polls in location ("
             + location
             + ")");
   }
   developerHelperService.copyBean(
       poll,
       current,
       0,
       new String[] {
         "id", "pollId", "owner", "siteId", "creationDate", "reference", "url", "properties"
       },
       true);
   pollListManager.savePoll(current);
 }
  public Object getEntity(EntityReference ref) {
    String id = ref.getId();
    if (id == null) {
      return new Poll();
    }
    Poll poll = getPollById(id);
    if (poll == null) {
      throw new IllegalArgumentException("No poll found for the given reference: " + ref);
    }
    Long pollId = poll.getPollId();
    String currentUserId = developerHelperService.getCurrentUserId();

    boolean allowedManage = false;
    if (!developerHelperService.isEntityRequestInternal(ref + "")) {
      if (!pollListManager.isPollPublic(poll)) {
        // this is not a public poll? (ie .anon role has poll.vote)
        String userReference = developerHelperService.getCurrentUserReference();
        if (userReference == null) {
          throw new EntityException(
              "User must be logged in in order to access poll data",
              ref.getId(),
              HttpServletResponse.SC_UNAUTHORIZED);
        }
        allowedManage =
            developerHelperService.isUserAllowedInEntityReference(
                userReference, PollListManager.PERMISSION_ADD, "/site/" + poll.getSiteId());
        boolean allowedVote =
            developerHelperService.isUserAllowedInEntityReference(
                userReference, PollListManager.PERMISSION_VOTE, "/site/" + poll.getSiteId());
        if (!allowedManage && !allowedVote) {
          throw new SecurityException(
              "User (" + userReference + ") not allowed to access poll data: " + ref);
        }
      }
    }

    Boolean includeVotes = requestStorage.getStoredValueAsType(Boolean.class, "includeVotes");
    if (includeVotes == null) {
      includeVotes = false;
    }
    if (includeVotes) {
      List<Vote> votes = pollVoteManager.getAllVotesForPoll(poll);
      poll.setVotes(votes);
    }
    Boolean includeOptions = requestStorage.getStoredValueAsType(Boolean.class, "includeOptions");
    if (includeOptions == null) {
      includeOptions = false;
    }
    if (includeOptions) {
      List<Option> options = pollListManager.getOptionsForPoll(poll);
      poll.setOptions(options);
    }
    // add in the indicator that this user has replied
    if (currentUserId != null) {
      Map<Long, List<Vote>> voteMap =
          pollVoteManager.getVotesForUser(currentUserId, new Long[] {pollId});
      List<Vote> l = voteMap.get(pollId);
      if (l != null) {
        poll.setCurrentUserVoted(true);
        poll.setCurrentUserVotes(l);
      } else {
        poll.setCurrentUserVoted(false);
      }
    }
    return poll;
  }