/** * resolve attribute role. * * @param ctx EvaluationContext * @param attributeIdValue whole attribute * @param resolvableAttribute resolvable part of attribute * @param tail tail after resolvable part * @return Object[] result * @throws de.escidoc.core.common.exceptions.system.WebserverSystemException * @throws de.escidoc.core.common.exceptions.application.notfound.GrantNotFoundException * @throws de.escidoc.core.common.exceptions.application.notfound.ResourceNotFoundException */ private Object[] resolveRoleAttribute( final EvaluationCtx ctx, final String attributeIdValue, final String resolvableAttribute, final String tail) throws GrantNotFoundException, WebserverSystemException, ResourceNotFoundException { final String userOrGroupId = FinderModuleHelper.retrieveSingleResourceAttribute(ctx, Constants.URI_RESOURCE_ID, true); final String grantId = FinderModuleHelper.retrieveSingleResourceAttribute(ctx, Constants.URI_SUBRESOURCE_ID, true); final String roleId; if (grantId == null || grantId.length() == 0) { // if no grantId is present // fetch grant-attribute from invocation-mapping roleId = fetchSingleResourceAttribute(ctx, resolvableAttribute + "-new"); } else { final RoleGrant grant = resolvableAttribute.matches(".*" + XmlUtility.NAME_USER_ACCOUNT + ".*") ? getUserAccountGrant(ctx, userOrGroupId, grantId) : getUserGroupGrant(ctx, grantId); assertGrant(grantId, grant); roleId = grant.getRoleId(); } final EvaluationResult result = CustomEvaluationResultBuilder.createSingleStringValueResult(roleId); return new Object[] {result, resolvableAttribute}; }