@Override
public boolean eval(Map<String, Object> context) {
// if no user is logged in, treat as if the user does not have permission
GenericValue userLogin = (GenericValue) context.get("userLogin");
if (userLogin != null) {
String permission = permissionExdr.expandString(context);
String action = actionExdr.expandString(context);
Authorization authz = (Authorization) context.get("authz");
Security security = (Security) context.get("security");
if (UtilValidate.isNotEmpty(action)) {
// Debug.logWarning("Deprecated method hasEntityPermission() was called; the action field
// should no longer be used", module);
// run hasEntityPermission
if (security.hasEntityPermission(permission, action, userLogin)) {
return true;
}
} else {
// run hasPermission
if (authz.hasPermission(userLogin.getString("userLoginId"), permission, context)) {
return true;
}
}
}
return false;
}
private boolean evalAuthzPermission(
Authorization authz, GenericValue userLogin, Map<String, ? extends Object> context) {
if (nameOrRole == null) {
Debug.logWarning("Null permission name passed for evaluation", module);
return false;
}
return authz.hasPermission(userLogin.getString("userLoginId"), nameOrRole, context);
}
