public List<Vo> getVos(PerunSession sess) throws InternalErrorException, PrivilegeException {
Utils.notNull(sess, "sess");
// Perun admin can see everything
if (AuthzResolver.isAuthorized(sess, Role.PERUNADMIN)) {
return vosManagerBl.getVos(sess);
} else {
if (sess.getPerunPrincipal().getRoles().hasRole(Role.VOADMIN)
|| sess.getPerunPrincipal().getRoles().hasRole(Role.GROUPADMIN)) {
Set<Vo> vos = new HashSet<Vo>();
// Get Vos where user is VO Admin
for (PerunBean vo :
AuthzResolver.getComplementaryObjectsForRole(sess, Role.VOADMIN, Vo.class)) {
vos.add((Vo) vo);
}
// Get Vos where user has an group admin right on some of the group
for (PerunBean group :
AuthzResolver.getComplementaryObjectsForRole(sess, Role.GROUPADMIN, Group.class)) {
try {
vos.add(vosManagerBl.getVoById(sess, ((Group) group).getVoId()));
} catch (VoNotExistsException e) {
throw new ConsistencyErrorException(
"User has group admin role for group from non-existent VO id:"
+ ((Group) group).getVoId(),
e);
}
}
return new ArrayList<Vo>(vos);
} else {
throw new PrivilegeException(sess, "getVos");
}
}
}
