Пример #1
0
 @RolesAllowed({"BANKADMIN", "BANKUSER"})
 public Transaction getTransaction(int tranId)
     throws InvalidTranException, NotAuthorizedException, NotFoundException {
   String user = sctx.getCallerPrincipal().getName();
   Transaction tran = em.find(Transaction.class, tranId);
   if (tran == null) throw new NotFoundException();
   if (user.equals(tran.getAccount().getUserId()) || sctx.isCallerInRole("BANKADMIN")) return tran;
   else throw new NotAuthorizedException();
 }
Пример #2
0
 @RolesAllowed({"BANKADMIN", "BANKUSER"})
 public int createTransaction(Transaction tran, int id)
     throws InvalidTranException, NotAuthorizedException, NotFoundException {
   String user = sctx.getCallerPrincipal().getName();
   Account account = accountDao.getAccount(id);
   tran.setAccount(account);
   if (user.equals(tran.getAccount().getUserId()) || sctx.isCallerInRole("BANKADMIN"))
     em.persist(tran);
   return tran.getId();
 }