/**
   * Update approval
   *
   * @param param Approval update parameters
   * @param id the URN the approval
   * @prereq none
   * @brief Update Approval
   * @return No data returned in response body
   */
  @PUT
  @Consumes({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON})
  @Produces({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON})
  @Path("/{id}")
  @CheckPermission(roles = {Role.TENANT_APPROVER})
  public ApprovalRestRep updateApproval(@PathParam("id") URI id, ApprovalUpdateParam param) {
    ApprovalRequest approval = getApprovalById(id, true);

    StorageOSUser user = getUserFromContext();
    verifyAuthorizedInTenantOrg(uri(approval.getTenant()), user);

    validateParam(param, approval);

    updateObject(approval, param);

    approvalManager.updateApproval(approval, user);

    if (approval.getOrderId() != null) {
      Order order = orderManager.getOrderById(approval.getOrderId());
      if (order != null) {
        orderManager.processOrder(order);
      }
    }

    auditOpSuccess(OperationTypeEnum.UPDATE_APPROVAL, approval.auditParameters());

    approval = approvalManager.getApprovalById(approval.getId());

    return map(approval);
  }
  /**
   * parameter: 'orderId' The id of the order to search for approvals parameter: 'approvalStatus'
   * The status for the approval. parameter: 'tenantId' The id of the tenant (if not the current
   * tenant)
   *
   * @return Return a list of matching approvals or an empty list if no match was found.
   */
  @Override
  protected SearchResults getOtherSearchResults(
      Map<String, List<String>> parameters, boolean authorized) {

    StorageOSUser user = getUserFromContext();
    String tenantId = user.getTenantId();
    if (parameters.containsKey(SearchConstants.TENANT_ID_PARAM)) {
      tenantId = parameters.get(SearchConstants.TENANT_ID_PARAM).get(0);
    }
    verifyAuthorizedInTenantOrg(uri(tenantId), user);

    if (!parameters.containsKey(SearchConstants.ORDER_ID_PARAM)
        && !parameters.containsKey(SearchConstants.APPROVAL_STATUS_PARAM)) {
      throw APIException.badRequests.invalidParameterSearchMissingParameter(
          getResourceClass().getName(),
          SearchConstants.ORDER_ID_PARAM + " or " + SearchConstants.APPROVAL_STATUS_PARAM);
    }

    if (parameters.containsKey(SearchConstants.ORDER_ID_PARAM)
        && parameters.containsKey(SearchConstants.APPROVAL_STATUS_PARAM)) {
      throw APIException.badRequests.parameterForSearchCouldNotBeCombinedWithAnyOtherParameter(
          getResourceClass().getName(),
          SearchConstants.ORDER_ID_PARAM,
          SearchConstants.APPROVAL_STATUS_PARAM);
    }

    List<ApprovalRequest> approvals = Lists.newArrayList();
    if (parameters.containsKey(SearchConstants.ORDER_ID_PARAM)) {
      String orderId = parameters.get(SearchConstants.ORDER_ID_PARAM).get(0);
      ArgValidator.checkFieldNotEmpty(orderId, SearchConstants.ORDER_ID_PARAM);
      approvals = approvalManager.findApprovalsByOrderId(uri(orderId));
    } else if (parameters.containsKey(SearchConstants.APPROVAL_STATUS_PARAM)) {
      String approvalStatus = parameters.get(SearchConstants.APPROVAL_STATUS_PARAM).get(0);
      ArgValidator.checkFieldNotEmpty(approvalStatus, SearchConstants.APPROVAL_STATUS_PARAM);
      approvals =
          approvalManager.findApprovalsByStatus(
              uri(tenantId), ApprovalStatus.valueOf(approvalStatus));
    }

    ResRepFilter<SearchResultResourceRep> resRepFilter =
        (ResRepFilter<SearchResultResourceRep>)
            getPermissionFilter(getUserFromContext(), _permissionsHelper);

    List<SearchResultResourceRep> searchResultResourceReps = Lists.newArrayList();
    for (ApprovalRequest approval : approvals) {
      RestLinkRep selfLink =
          new RestLinkRep("self", RestLinkFactory.newLink(getResourceType(), approval.getId()));
      SearchResultResourceRep searchResultResourceRep = new SearchResultResourceRep();
      searchResultResourceRep.setId(approval.getId());
      searchResultResourceRep.setLink(selfLink);
      if (authorized || resRepFilter.isAccessible(searchResultResourceRep)) {
        searchResultResourceReps.add(searchResultResourceRep);
      }
    }

    SearchResults result = new SearchResults();
    result.setResource(searchResultResourceReps);
    return result;
  }
  /**
   * Gets the list of approvals
   *
   * @param tenantId the URN of a tenant
   * @brief List Approvals
   * @return a list of approvals
   * @throws DatabaseException when a DB error occurs
   */
  @GET
  @Path("")
  @Produces({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON})
  public ApprovalList getApprovals(
      @DefaultValue("") @QueryParam(SearchConstants.TENANT_ID_PARAM) String tenantId)
      throws DatabaseException {

    StorageOSUser user = getUserFromContext();
    if (StringUtils.isBlank(tenantId)) {
      tenantId = user.getTenantId();
    }

    verifyAuthorizedInTenantOrg(uri(tenantId), getUserFromContext());

    List<ApprovalRequest> approvals = approvalManager.getApprovals(uri(tenantId));

    ApprovalList approvalList = new ApprovalList();
    for (ApprovalRequest approval : approvals) {
      NamedRelatedResourceRep approvalRestRep =
          toNamedRelatedResource(ResourceTypeEnum.APPROVAL, approval.getId(), approval.getLabel());
      approvalList.getApprovals().add(approvalRestRep);
    }

    return approvalList;
  }
 private ApprovalRequest getApprovalById(URI id, boolean checkInactive) {
   ApprovalRequest approval = approvalManager.getApprovalById(id);
   ArgValidator.checkEntity(approval, id, isIdEmbeddedInURL(id), checkInactive);
   return approval;
 }