Пример #1
0
  /**
   * Removes a group role's access to a specific action.
   *
   * @param action Action to remove access from.
   * @param group The group whose access we are revoking.
   * @param role The role whose access we are revoking.
   * @return boolean Whether or not the access existed and was removed.
   */
  public boolean revokeGroupRoleAccess(String action, String group, String role) {
    if (allowsSpecificGroupRole(action, group, role)) {
      SecurityAccess access = getAccess(action);
      List allows = access.getAllows();
      if (allows == null || allows.isEmpty()) {
        revokeAccess(action);
        return false;
      }

      for (int i = 0; i < allows.size(); i++) {
        BaseSecurityAllow allow = (BaseSecurityAllow) allows.get(i);
        if (allow.getGroup() != null
            && allow.getGroup().equals(group)
            && allow.getRole() != null
            && allow.getRole().equals(role)) {
          allows.remove(i);
          if (allows.isEmpty() && access.getOwnerAllows().isEmpty()) {
            revokeAccess(action);
          }

          return true;
        }
      }
    }
    return false;
  }
Пример #2
0
  /**
   * Removes a user's access to a specific action.
   *
   * @param action Action to remove access from.
   * @param role The role whose access we are revoking.
   * @return boolean Whehter or not the access existed and was removed.
   */
  public boolean revokeUserAccess(String action, String user) {
    if (allowsSpecificUser(action, user)) {
      SecurityAccess access = getAccess(action);
      List allows = access.getAllows();
      if (allows == null || allows.isEmpty()) {
        revokeAccess(action);
        return false;
      }

      for (int i = 0; i < allows.size(); i++) {
        BaseSecurityAllow allow = (BaseSecurityAllow) allows.get(i);
        if (allow.getUser() != null && allow.getUser().equals(user)) {
          allows.remove(i);
          if (allows.isEmpty() && access.getOwnerAllows().isEmpty()) {
            revokeAccess(action);
          }

          return true;
        }
      }
    }
    return false;
  }