public boolean canAddOrUpdateUser(Collection<String> userGroups) { User currentUser = currentUserService.getCurrentUser(); if (currentUser == null) { return false; } boolean canAdd = currentUser.getUserCredentials().isAuthorized(UserGroup.AUTH_USER_ADD); if (canAdd) { return true; } boolean canAddInGroup = currentUser.getUserCredentials().isAuthorized(UserGroup.AUTH_USER_ADD_IN_GROUP); if (!canAddInGroup) { return false; } boolean canManageAnyGroup = false; for (String uid : userGroups) { UserGroup userGroup = userGroupService.getUserGroup(uid); if (currentUser.canManage(userGroup)) { canManageAnyGroup = true; break; } } return canManageAnyGroup; }
public void postObject( HttpServletResponse response, HttpServletRequest request, Message message) { List<User> users = new ArrayList<User>(message.getUsers()); message.getUsers().clear(); for (OrganisationUnit ou : message.getOrganisationUnits()) { OrganisationUnit organisationUnit = organisationUnitService.getOrganisationUnit(ou.getUid()); if (organisationUnit == null) { ContextUtils.conflictResponse(response, "Organisation Unit does not exist: " + ou.getUid()); return; } message.getUsers().addAll(organisationUnit.getUsers()); } for (User u : users) { User user = userService.getUser(u.getUid()); if (user == null) { ContextUtils.conflictResponse(response, "User does not exist: " + u.getUid()); return; } message.getUsers().add(user); } for (UserGroup ug : message.getUserGroups()) { UserGroup userGroup = userGroupService.getUserGroup(ug.getUid()); if (userGroup == null) { ContextUtils.conflictResponse(response, "User Group does not exist: " + ug.getUid()); return; } message.getUsers().addAll(userGroup.getMembers()); } if (message.getUsers().isEmpty()) { ContextUtils.conflictResponse(response, "No recipients selected."); return; } String metaData = MessageService.META_USER_AGENT + request.getHeader(ContextUtils.HEADER_USER_AGENT); int id = messageService.sendMessage( message.getSubject(), message.getText(), metaData, message.getUsers()); MessageConversation conversation = messageService.getMessageConversation(id); ContextUtils.createdResponse( response, "Message conversation created", MessageConversationController.RESOURCE_PATH + "/" + conversation.getUid()); }
@Override public void deleteUser(User user) { Iterator<UserGroup> iterator = user.getGroups().iterator(); while (iterator.hasNext()) { UserGroup group = iterator.next(); group.getMembers().remove(user); userGroupService.updateUserGroup(group); } }