@Override
public boolean isAuthorized(String userId, ProposalTask task) {
boolean hasPermission = true;
ProposalDevelopmentDocument doc = task.getDocument();
String proposalNbr = doc.getDevelopmentProposal().getProposalNumber();
if (proposalNbr == null) {
// We have to consider the case when we are saving the document for the first time.
String unitNumber = doc.getDevelopmentProposal().getOwnedByUnitNumber();
// If the unit number is not specified, we will let the save operation continue because it
// will fail with an error. But if the user tries to save a proposal for a wrong unit, then
// we will indicate that the user does not have permission to do that.
if (unitNumber != null) {
UnitAuthorizationService auth = KcServiceLocator.getService(UnitAuthorizationService.class);
hasPermission =
auth.hasPermission(
userId,
unitNumber,
Constants.MODULE_NAMESPACE_PROPOSAL_DEVELOPMENT,
PermissionConstants.CREATE_PROPOSAL);
}
} else {
/*
* After the initial save, the proposal can have new notes added by users with the modify proposal role.
*/
hasPermission =
hasProposalPermission(userId, doc, PermissionConstants.VIEW_PROPOSAL)
|| kraWorkflowService.hasWorkflowPermission(userId, doc);
}
return hasPermission;
}
