@Override
public void addGroup(final Group group) throws XMLDBException {
final SecurityManager manager = pool.getSecurityManager();
if (!manager.hasAdminPrivileges(user)) {
throw new XMLDBException(ErrorCodes.PERMISSION_DENIED, " you are not allowed to add role");
}
if (manager.hasGroup(group.getName())) {
throw new XMLDBException(ErrorCodes.VENDOR_ERROR, "group '" + group.getName() + "' exists");
}
try {
executeWithBroker(
new BrokerOperation<Void>() {
@Override
public Void withBroker(DBBroker broker)
throws XMLDBException, LockException, PermissionDeniedException, IOException,
EXistException, TriggerException {
manager.addGroup(group);
return null;
}
});
} catch (final Exception e) {
throw new XMLDBException(ErrorCodes.PERMISSION_DENIED, e.getMessage(), e);
}
}
@Override
public void setUserPrimaryGroup(final String username, final String groupName)
throws XMLDBException {
final SecurityManager manager = pool.getSecurityManager();
if (!manager.hasGroup(groupName)) {
throw new XMLDBException(
ErrorCodes.PERMISSION_DENIED, "Group '" + groupName + "' does not exist!");
}
if (!manager.hasAdminPrivileges(user)) {
throw new XMLDBException(ErrorCodes.PERMISSION_DENIED, "Not allowed to modify user");
}
try {
executeWithBroker(
new BrokerOperation<Void>() {
@Override
public Void withBroker(final DBBroker broker)
throws XMLDBException, LockException, PermissionDeniedException, IOException,
EXistException, TriggerException {
final Account account = manager.getAccount(username);
final Group group = manager.getGroup(groupName);
account.setPrimaryGroup(group);
manager.updateAccount(account);
return null;
}
});
} catch (final Exception e) {
throw new XMLDBException(ErrorCodes.PERMISSION_DENIED, e.getMessage(), e);
}
}
