Пример #1
0
  public void removeDashboard(Subject subject, int dashboardId) {

    Dashboard toDelete = entityManager.find(Dashboard.class, dashboardId);

    if (!authorizationManager.hasGlobalPermission(subject, Permission.MANAGE_SETTINGS)
        && toDelete.getOwner().getId() != subject.getId()) {
      throw new PermissionException("You may only delete dashboards you own.");
    }

    entityManager.remove(toDelete);
  }
Пример #2
0
 public Dashboard storeDashboard(Subject subject, Dashboard dashboard) {
   Dashboard d = null;
   if ((d = entityManager.find(Dashboard.class, dashboard.getId())) == null) {
     dashboard.setOwner(subject);
     entityManager.persist(dashboard);
     return dashboard;
   } else {
     if (!authorizationManager.hasGlobalPermission(subject, Permission.MANAGE_SETTINGS)
         && d.getOwner().getId() != subject.getId()) {
       throw new PermissionException("You may only alter dashboards you own.");
     }
     return entityManager.merge(dashboard);
   }
 }