protected List<Principal> expandGroupPrincipals(AbstractUserAuthorizor.DefaultUser user) { List<Principal> res = null; { if (user != null) { res = new ArrayList<Principal>(); List<Principal> groupPrincipals = user.getGroupPrincipals(); if (groupPrincipals != null) { // Add "User" principal, if required: { if (matchGroupPrincipal(groupPrincipals, ApplicationUserRoles.BACKEND_USER_A) || matchGroupPrincipal(groupPrincipals, ApplicationUserRoles.BACKEND_USER_B)) { Principal p = new SimplePrincipal(ApplicationUserRoles.ROLE_USER); res.add(p); } } // Add "Administrator" principal, if required: { if (matchGroupPrincipal(groupPrincipals, ApplicationUserRoles.BACKEND_ADMINISTRATOR_A) || matchGroupPrincipal( groupPrincipals, ApplicationUserRoles.BACKEND_ADMINISTRATOR_B)) { Principal p = new SimplePrincipal(ApplicationUserRoles.ROLE_ADMINISTRATOR); res.add(p); } } // Add all original principals "as is": { res.addAll(groupPrincipals); } } } } return res; }