// search for policy with only one resource grant permission @Override public IAMPolicy getResourceGrantPolicy( String entityType, Long entityId, String accessType, String action) { List<IAMPolicyVO> policyList = _aclPolicyDao.listAll(); for (IAMPolicyVO policy : policyList) { List<IAMPolicyPermission> pp = listPolicyPermissions(policy.getId()); if (pp != null && pp.size() == 1) { // resource grant policy should only have one ACL permission assigned IAMPolicyPermission permit = pp.get(0); if (permit.getEntityType().equals(entityType) && permit.getScope().equals(PermissionScope.RESOURCE.toString()) && permit.getScopeId().longValue() == entityId.longValue()) { if (accessType != null && permit.getAccessType().equals(accessType)) { return policy; } else if (action != null && permit.getAction().equals(action)) { return policy; } } } } return null; }