@RolesAllowed({"BANKADMIN", "BANKUSER"})
public Transaction getTransaction(int tranId)
throws InvalidTranException, NotAuthorizedException, NotFoundException {
String user = sctx.getCallerPrincipal().getName();
Transaction tran = em.find(Transaction.class, tranId);
if (tran == null) throw new NotFoundException();
if (user.equals(tran.getAccount().getUserId()) || sctx.isCallerInRole("BANKADMIN")) return tran;
else throw new NotAuthorizedException();
}
@RolesAllowed({"BANKADMIN", "BANKUSER"})
public int createTransaction(Transaction tran, int id)
throws InvalidTranException, NotAuthorizedException, NotFoundException {
String user = sctx.getCallerPrincipal().getName();
Account account = accountDao.getAccount(id);
tran.setAccount(account);
if (user.equals(tran.getAccount().getUserId()) || sctx.isCallerInRole("BANKADMIN"))
em.persist(tran);
return tran.getId();
}
