private List<AccountGroup.UUID> getAdministrateServerGroups(ReviewDb db, ProjectConfig cfg) { List<PermissionRule> rules = cfg.getAccessSection(AccessSection.GLOBAL_CAPABILITIES) .getPermission(GlobalCapability.ADMINISTRATE_SERVER) .getRules(); List<AccountGroup.UUID> groups = Lists.newArrayListWithExpectedSize(rules.size()); for (PermissionRule rule : rules) { if (rule.getAction() == Action.ALLOW) { groups.add(rule.getGroup().getUUID()); } } if (groups.isEmpty()) { throw new IllegalStateException("no administrator group found"); } return groups; }