private ModelAndView createModelAndView(User user) { ModelAndView mv = new ModelAndView("privilege"); mv.addObject("user", user); // Create triplet list List<PrivilegeTriplet> triplets = new ArrayList<PrivilegeTriplet>(); EnumSet<Privilege> usersprivilege = SecurityContext.getAllAssociatedPrivileges(user); for (Privilege privilege : Privilege.values()) { PrivilegeTriplet newTriplet = new PrivilegeTriplet(); newTriplet.setPrivilege(privilege); if (usersprivilege.contains(privilege)) { newTriplet.setPermitted(true); } newTriplet.setRole(privilege.getAssociatedRole()); triplets.add(newTriplet); } mv.addObject("privilegetriplets", triplets); return mv; }
@RequestMapping("/privilegeeditsubmit") public ModelAndView privilegeEditSubmit(@RequestParam Map<String, String> params) { SecurityContext.assertUserHasPrivilege(Privilege.MANAGE_USERS); User user = getRequiredEntity(Long.parseLong(params.get("id"))); // ModelAndView mv = new ModelAndView("redirect:user", "username", user.getUserName()); ModelAndView mv = new ModelAndView("redirect:/user/" + user.getUserName()); params.remove("id"); user.getPrivileges().clear(); for (Map.Entry<String, String> entry : params.entrySet()) { try { user.getPrivileges().add(Privilege.valueOf(entry.getKey())); } catch (Exception e) { throw new IllegalArgumentException("parameters should only contains Id and privileges"); } } // em.merge(user); Not needed (we did not modify the user, we changed the .privilege // collection). Save will happen with dirty checking. return mv; }