@SuppressWarnings("unchecked")
@Path("/instacl/{typename}/{id}")
@POST
public void saveInstACL(
@PathParam("typename") String typename, @PathParam("id") long id, InstanceACES aces) {
FleximsDynamicEntityImpl entity = dao.loadEntity(typename, id);
if (entity == null) {
return;
}
if (permissionChecker.hasPermission(
ACLHelper.getActionByName(GrantAction.NAME),
roleContext.getRoles(),
entity.getClass().getSimpleName(),
entity)) {
throw new AuthorizedException(InstanceActionType.GRANT, entity);
}
securityEM.getTransaction().begin();
Query query = securityEM.createNamedQuery(InstanceACE.ACLQNAME);
query.setParameter("typeid", typename);
query.setParameter("instanceid", id);
List<InstanceACE> acesOld = (List<InstanceACE>) query.getResultList();
for (InstanceACE ace : aces.getAces()) {
if (ace.getId() == 0) {
securityEM.persist(ace);
} else {
for (InstanceACE oldAce : acesOld) {
if (oldAce.getId() == ace.getId()) {
securityEM.merge(ace);
acesOld.remove(oldAce);
break;
}
}
}
}
for (InstanceACE oldAce : acesOld) {
securityEM.remove(oldAce);
}
securityEM.getTransaction().commit();
}
@Path("/typeacl")
@POST
public void saveTypeACL(TypeACL typeACL) {
if (permissionChecker.hasPermission(
ACLHelper.getActionByName(GrantAction.NAME),
roleContext.getRoles(),
typeACL.getTypeid(),
null)) {
throw new AuthorizedException(InstanceActionType.GRANT, null);
}
for (RolePermission p : typeACL.getRolePermissions()) {
p.setTypeACL(typeACL);
}
for (PropertyPermission p : typeACL.getPropPermissions()) {
p.setTypeACL(typeACL);
}
securityEM.getTransaction().begin();
securityEM.merge(typeACL);
securityEM.getTransaction().commit();
ACLHelper.typeacls.put(typeACL.getTypeid(), typeACL);
}