/**
* This method evaluates index of the role in the role enumeration.
*
* @param roles
* @return
*/
public static int getRoleSeverity(List<Role> roles) {
int res = Const.Roles.values().length;
if (roles != null && roles.size() > 0) {
Iterator<Role> itr = roles.iterator();
while (itr.hasNext()) {
Role currentRole = itr.next();
int currentLevel = Const.Roles.valueOf(currentRole.name).ordinal();
if (currentLevel < res) {
res = currentLevel;
}
}
}
return res;
}
/**
* This method validates whether user is allowed to change given role.
*
* @param role
* @param user
* @return true if user is allowed
*/
public static boolean isAllowed(Role role, User user) {
boolean res = false;
if (role != null && role.name != null && role.name.length() > 0) {
try {
int roleIndex = Const.Roles.valueOf(role.name).ordinal();
int userIndex = getRoleSeverity(user.roles);
// Logger.debug("roleIndex: " + roleIndex + ", userIndex: " + userIndex);
if (roleIndex >= userIndex) {
res = true;
}
} catch (Exception e) {
Logger.debug("New created role is allowed.");
res = true;
}
}
// Logger.debug("role allowance check: " + role + ", user: "******", res: " + res);
return res;
}
