public void writeTransitions(Issue issue, JsonWriter json) {
json.name("transitions").beginArray();
if (userSession.isLoggedIn()) {
for (Transition transition : issueService.listTransitions(issue)) {
json.value(transition.key());
}
}
json.endArray();
}
private void writeTransitions(Issue issue, JsonWriter json) {
json.name("transitions").beginArray();
if (UserSession.get().isLoggedIn()) {
List<Transition> transitions = issueService.listTransitions(issue, UserSession.get());
for (Transition transition : transitions) {
json.value(transition.key());
}
}
json.endArray();
}
private void checkTransitionPermission(
String transitionKey, UserSession userSession, DefaultIssue defaultIssue) {
List<Transition> outTransitions = workflow.outTransitions(defaultIssue);
for (Transition transition : outTransitions) {
String projectKey = defaultIssue.projectKey();
if (transition.key().equals(transitionKey)
&& StringUtils.isNotBlank(transition.requiredProjectPermission())
&& projectKey != null) {
userSession.checkComponentPermission(transition.requiredProjectPermission(), projectKey);
}
}
}
/**
* Never return null, but an empty list if the issue does not exist. No security check is done
* since it should already have been done to get the issue
*/
public List<Transition> listTransitions(@Nullable Issue issue) {
if (issue == null) {
return Collections.emptyList();
}
List<Transition> outTransitions = workflow.outTransitions(issue);
List<Transition> allowedTransitions = new ArrayList<>();
for (Transition transition : outTransitions) {
String projectUuid = issue.projectUuid();
if (userSession.isLoggedIn() && StringUtils.isBlank(transition.requiredProjectPermission())
|| (projectUuid != null
&& userSession.hasComponentUuidPermission(
transition.requiredProjectPermission(), projectUuid))) {
allowedTransitions.add(transition);
}
}
return allowedTransitions;
}