예제 #1
0
 @Transactional
 // @Secured("ROLE_USER")
 public void createTransaction(BankingTx tx) {
   // add due to no insert trigger in sql server
   if (SobaConfig.getDatabaseVendor().equalsIgnoreCase("SQLServer")) {
     // System.out.println ("database vendor is SQL Server");
     double balance = accountManager.updateAccountBalance(tx.getAmount(), tx.getAccountId());
     tx.setBalance(balance);
   }
   aclBankingTxDao.insert(tx);
   addPermission(tx, new PrincipalSid(getCustomerUsername(tx)), BasePermission.READ);
   addPermission(tx, new GrantedAuthoritySid("ROLE_REP"), BasePermission.ADMINISTRATION);
   addPermission(tx, new GrantedAuthoritySid("ROLE_REP"), BasePermission.DELETE);
 }
예제 #2
0
 private String getCustomerUsername(BankingTx tx) {
   String username = "";
   String authority =
       SecurityContextHolder.getContext().getAuthentication().getAuthorities().toString();
   if (authority.contains("ROLE_CUST")) {
     Object principal = SecurityContextHolder.getContext().getAuthentication().getPrincipal();
     if (principal instanceof UserDetails) {
       username = ((UserDetails) principal).getUsername();
     } else {
       username = principal.toString();
     }
   } else {
     String accountId = tx.getAccountId();
     String customerId = accountDao.getCustomerId(accountId);
     username = loginUserDao.getUsernameByCustomerId(customerId);
   }
   return username;
 }