private boolean hasAccess(Permission privilegio) { if (privilegio == null) { return true; } Collection<Privilegio> privilegioList = Arrays.asList(privilegio.value()); return privilegioList.contains(usuarioSession.getUsuario().getPrivilegio()); }
public void intercept(InterceptorStack stack, ResourceMethod method, Object resourceInstance) { if (usuarioSession.getUsuario() != null) { Permission methodPermission = method.getMethod().getAnnotation(Permission.class); Permission controllerPermission = method.getResource().getType().getAnnotation(Permission.class); if (this.hasAccess(methodPermission) && this.hasAccess(controllerPermission)) { stack.next(method, resourceInstance); } else { result.redirectTo(LoginController.class).acessoNegado(); } } else { result.redirectTo(LoginController.class).login(); } }