public boolean isEditAuthorized() { Users user = ui.getUser(); boolean editAuthorized = false; if (user != null && recipe != null) { editAuthorized = recipe.getCreator().getUserName().equals(user.getUserName()) || ui.isIsAdmin(); } return editAuthorized; }
/** deletes a comment */ public void doDeleteComment() { if (ui.isIsUserAuthenticated()) { Users u = ui.getUser(); if (isEditAuthorized() || ui.isIsAdmin()) { try { recipesEJB.removeCommentFromRecipe(recipe, deleteComment); this.commentModel = new LazyCommentDataModel(recipe, recipesEJB); } catch (javax.ejb.EJBAccessException ejbae) { FacesContext.getCurrentInstance() .addMessage(null, new FacesMessage("Only registered users can post comments.")); } } } }