@Override public boolean eval(Map<String, Object> context) { // if no user is logged in, treat as if the user does not have permission GenericValue userLogin = (GenericValue) context.get("userLogin"); if (userLogin != null) { String permission = permissionExdr.expandString(context); String action = actionExdr.expandString(context); Authorization authz = (Authorization) context.get("authz"); Security security = (Security) context.get("security"); if (UtilValidate.isNotEmpty(action)) { // Debug.logWarning("Deprecated method hasEntityPermission() was called; the action field // should no longer be used", module); // run hasEntityPermission if (security.hasEntityPermission(permission, action, userLogin)) { return true; } } else { // run hasPermission if (authz.hasPermission(userLogin.getString("userLoginId"), permission, context)) { return true; } } } return false; }
private boolean evalAuthzPermission( Authorization authz, GenericValue userLogin, Map<String, ? extends Object> context) { if (nameOrRole == null) { Debug.logWarning("Null permission name passed for evaluation", module); return false; } return authz.hasPermission(userLogin.getString("userLoginId"), nameOrRole, context); }