public void writeTransitions(Issue issue, JsonWriter json) { json.name("transitions").beginArray(); if (userSession.isLoggedIn()) { for (Transition transition : issueService.listTransitions(issue)) { json.value(transition.key()); } } json.endArray(); }
private void writeTransitions(Issue issue, JsonWriter json) { json.name("transitions").beginArray(); if (UserSession.get().isLoggedIn()) { List<Transition> transitions = issueService.listTransitions(issue, UserSession.get()); for (Transition transition : transitions) { json.value(transition.key()); } } json.endArray(); }
private void checkTransitionPermission( String transitionKey, UserSession userSession, DefaultIssue defaultIssue) { List<Transition> outTransitions = workflow.outTransitions(defaultIssue); for (Transition transition : outTransitions) { String projectKey = defaultIssue.projectKey(); if (transition.key().equals(transitionKey) && StringUtils.isNotBlank(transition.requiredProjectPermission()) && projectKey != null) { userSession.checkComponentPermission(transition.requiredProjectPermission(), projectKey); } } }
/** * Never return null, but an empty list if the issue does not exist. No security check is done * since it should already have been done to get the issue */ public List<Transition> listTransitions(@Nullable Issue issue) { if (issue == null) { return Collections.emptyList(); } List<Transition> outTransitions = workflow.outTransitions(issue); List<Transition> allowedTransitions = new ArrayList<>(); for (Transition transition : outTransitions) { String projectUuid = issue.projectUuid(); if (userSession.isLoggedIn() && StringUtils.isBlank(transition.requiredProjectPermission()) || (projectUuid != null && userSession.hasComponentUuidPermission( transition.requiredProjectPermission(), projectUuid))) { allowedTransitions.add(transition); } } return allowedTransitions; }