/**
* Checks if the given user can create/update/delete options
*
* @param userRef
* @param option
*/
@Deprecated
private void checkOptionPermission(String userRef, Option option) {
if (option.getPollId() == null) {
throw new IllegalArgumentException(
"Poll Id must be set in the option to check permissions: " + option);
}
Long pollId = option.getPollId();
// validate poll exists
Poll poll = pollListManager.getPollById(pollId, false);
if (poll == null) {
throw new IllegalArgumentException(
"Invalid poll id (" + pollId + "), could not find poll from option: " + option);
}
// check permissions
String siteRef = "/site/" + poll.getSiteId();
if (!developerHelperService.isUserAllowedInEntityReference(
userRef, PollListManager.PERMISSION_ADD, siteRef)) {
throw new SecurityException(
"User ("
+ userRef
+ ") is not allowed to create/update/delete options in this poll ("
+ pollId
+ ")");
}
}
@Deprecated
public String createEntity(EntityReference ref, Object entity, Map<String, Object> params) {
String userReference = developerHelperService.getCurrentUserReference();
if (userReference == null) {
throw new EntityException(
"User must be logged in to create new options",
ref.getId(),
HttpServletResponse.SC_UNAUTHORIZED);
}
Option option = (Option) entity;
// check minimum settings
if (option.getPollId() == null) {
throw new IllegalArgumentException("Poll ID must be set to create an option");
}
// check minimum settings
if (option.getOptionText() == null) {
throw new IllegalArgumentException("Poll Option text must be set to create an option");
}
checkOptionPermission(userReference, option);
// set default values
option.setUUId(UUID.randomUUID().toString());
boolean saved = pollListManager.saveOption(option);
if (!saved) {
throw new IllegalStateException(
"Unable to save option (" + option + ") for user (" + userReference + "): " + ref);
}
return option.getId() + "";
}